3e8bbb6c9e
Add documentation for SMB_COM_CLOSE handling
2015-03-02 10:36:13 -06:00
227cf4500d
define constants for tree connect access rights
2015-02-28 18:38:45 -06:00
eb3aedf4a7
Define constants for WordCount in responses
2015-02-28 18:15:14 -06:00
5f8c14c958
Fix check for TrueClass, plus other small changes
2015-02-28 14:11:15 -06:00
6f4259f2de
Revert #4859 , temporary solution for unbreaking client
...
This reverts commit 7ab86be72a49ae173057
2015-02-28 14:07:26 -06:00
eb7ac02d1a
Normalize handlers names
2015-02-28 12:14:58 -06:00
1d602d38c9
Refactor SessionSetupAndx handler
2015-02-28 12:10:48 -06:00
b27c9b9efc
Land #4838 , reverse_http{,s} listening service fix
2015-02-27 21:02:58 -06:00
ac81318e7a
Revert #4823 , changes for ruby style guide
...
This reverts commit 885469ca52fd73445d9b#4823 for why.
2015-02-27 17:28:00 -06:00
e5e13108ed
Refactor close handling
2015-02-26 23:50:10 -06:00
5418cdad11
Refactor negotiate handling
2015-02-26 23:49:07 -06:00
5ed1f8d44f
Make opts optional
2015-02-26 23:39:17 -06:00
882f0bdc0e
Refactor read_andx request handling
2015-02-26 23:35:12 -06:00
5b770f9f7a
Refactor nt_create_andx requests
2015-02-26 23:31:09 -06:00
70033576fe
Refactor query information level
2015-02-26 23:22:57 -06:00
49ae173057
Land #4844 : the final tweaks to @wv-r7's PJL extensions
2015-02-26 17:39:49 -06:00
1454ad79d8
Land #4844 : @wv-r7 extends the PJL repetoire
2015-02-26 17:29:28 -06:00
d544da22b5
Always send answer
2015-02-26 16:47:05 -06:00
45be95747f
Refactor Find Information Levels
2015-02-26 16:46:34 -06:00
89a033c194
Delete unnecessary paddings due to miscalculations
2015-02-26 15:54:00 -06:00
095431c323
fix note search conditions
...
note search conditions needed to know about
vuln_id or else vuln notes would get overwritten
MSP-12183
2015-02-26 15:48:04 -06:00
260c603ffb
Fix msfconsole -L
...
s/rb-readline/rb-readline-r7/
Should have been in #4816 (#4128 ).
2015-02-26 15:14:38 -06:00
387c966550
Fix unnecessary paddings
2015-02-26 15:00:53 -06:00
a72d49678a
only match by CVE refs
...
the other refs can be non-specific and refer
to multiple distinct vulns, resulting in
incorrect refs being attached to a vuln leading to
a snowball effect with more and more vulns being
misidentified.
MSP-12183
2015-02-26 14:57:16 -06:00
500e4707ab
Use smb_error
2015-02-26 14:35:52 -06:00
3aa68c30b0
=> not => !
2015-02-26 21:31:01 +01:00
a427e417a3
-consomation +consumption
2015-02-26 21:23:09 +01:00
0a51ca12a5
Download all of every file implicitly
2015-02-26 14:10:53 -06:00
d0ca1b2dc6
Delete a thing I added for no reason
2015-02-26 14:06:10 -06:00
5996256ccc
Fix formatting
2015-02-26 14:05:50 -06:00
c73ffea1b9
Do minor cleanup
2015-02-26 12:50:45 -06:00
8351920d1e
don't match based on URL refs
...
multiple vulns may be listed for
the same URL making matches based on
these refs entirely unreliable
MSP-12183
2015-02-26 11:40:15 -06:00
b1e6de2eeb
Add todo
2015-02-26 11:39:17 -06:00
26bfebf1bb
Add dummy wildcard handling
2015-02-26 11:39:05 -06:00
d0ab9206b9
Do minor cleanup
2015-02-26 10:58:36 -06:00
970f0c94b2
Create CREATE_ANDX constants
2015-02-26 10:44:07 -06:00
ab1bb0e50d
bugfixes to https://github.com/jvazquez-r7/metasploit-framework/tree/review_3074_clean_server
...
to provide consistent support for various exploits and OS SMB Commands.
Reintroduces smb_cmd_trans_query_path_info_network for use with the Struts2 JSP injection vulnerability.
Reintroduces smb_cmd_trans_query_file_info_basic for common use with rundll32.
Corrects some issues with filename formatting and pattern matching for file requests (can still be improved).
2015-02-26 16:10:34 +00:00
ed9213eb4c
Add fsquery check to fs{download,delete} methods
2015-02-25 17:37:20 -06:00
ea5b6f66d4
Add UEL to fsdownload method
2015-02-25 17:35:34 -06:00
5d3c7f3b4a
Add fsquery method
2015-02-25 17:18:23 -06:00
1f981dd336
Add FSQUERY constant
2015-02-25 17:00:27 -06:00
993c75ec77
Update Offset counts with constants
2015-02-25 16:25:16 -06:00
ee18cf592b
Calculate ParamCount and DataCount
2015-02-25 16:00:26 -06:00
91f0713056
Add fsdelete method
2015-02-25 15:41:40 -06:00
a096a17e21
Add FSDELETE constant
2015-02-25 15:39:51 -06:00
80d8491d09
Add fsdownload method
2015-02-25 15:00:31 -06:00
e8c2c3687d
Replace "pathname" with "path"
...
This always bothered me, since I usually say "path."
2015-02-25 15:00:18 -06:00
02ea7a0282
Add FSDOWNLOAD constant
2015-02-25 15:00:11 -06:00
df50aa0f06
Use constants for DataCount and DataCountTotal
2015-02-25 14:11:38 -06:00
f35e03b21b
Use constants
2015-02-25 13:44:56 -06:00
f21959a8a2
Add constants for session setup actions
2015-02-25 13:31:57 -06:00
e967cfbfb3
Create Access rights constants
2015-02-25 13:22:16 -06:00
1caffbea2d
Add constants for Negotiation Capabilities
2015-02-25 12:50:33 -06:00
50d50d5353
Define constants for SMB Flags
2015-02-25 12:28:25 -06:00
e5d9bb0a47
Update from master
2015-02-25 11:37:13 -06:00
ec9be4531b
Add SMB_CREATE_ANDX_RES_PKT template
2015-02-25 11:33:08 -06:00
50f8731980
Parse SMB_CMD_CREATE requests
2015-02-25 11:09:14 -06:00
0ad3473ebb
Implement case-insensitive datastore.delete
2015-02-24 20:47:00 -06:00
d10385cfed
Add template for SMB_TREE_CONN_ANDX_RES_PKT
2015-02-24 19:27:25 -06:00
1f1d95bb37
Delete one more extra comment
2015-02-24 18:27:39 -06:00
aeb7f05158
Delete extra comment
2015-02-24 18:27:21 -06:00
642765aeb5
Delete comments
2015-02-24 18:27:02 -06:00
bb36899699
Do templates names consistent
2015-02-24 18:26:46 -06:00
744e338ddc
Do cleanup
2015-02-24 18:15:55 -06:00
ec53e27249
Do better handling of TRAN2_QUERY_FILE_INFORMATION requests
2015-02-24 17:20:41 -06:00
d29e9fc20b
Parse TRAN2_FIND_FIRST2 commands
2015-02-24 17:02:49 -06:00
231a2f3110
Fix handlers
2015-02-24 16:03:13 -06:00
e4a58a2ec5
import notes attached to vulns
...
add the ability to import notes that
are attached to vulns instead of hosts
MSP-12183
2015-02-24 13:36:57 -06:00
389bcbd343
refactor note import into sep method
...
we will now be importing notes from multiple
place within the XML document. the importing
of notes has been refactored into a seperate
method to be easily reused in this fashion
MSP-12183
2015-02-24 12:18:32 -06:00
2389185376
export notes associated to a vuln
...
in addition to ntoes asscoiated directly
to a host, the XML export will now
export notes that are tied to a vuln
MSP-12183
2015-02-24 12:17:44 -06:00
c5d36ec24d
remove unused handler methods
...
already defined in the base class
2015-02-24 11:23:08 -06:00
ca7aabe9bc
handle SMB_QUERY_FILE_NETWORK_OPEN_INFO
2015-02-24 11:13:18 -06:00
3bed2d5136
fix for properly stopping the reverse_http/https handler
...
The issue seems to be at the root of #4669 is that reverse_http
registers an HTTP service but never releases its reference to it. If
we stop it directly, there may be a session already connected to it that
we kill, so we can't do that. Instead, track if we got a connection or
not, and conditionally release our reference based on whether the
connection succeeded.
This should fix #4669
2015-02-24 11:06:50 -06:00
5f0aeda0be
Land #4835 , new hex format for msfvenom
2015-02-24 10:56:47 -06:00
31d1ba7100
Simplify debug to inspect smb_cmd_trans_query_file_info_network
2015-02-24 10:54:45 -06:00
1d2fc989bd
remove newline
2015-02-24 17:35:53 +01:00
c3c9b233dd
Land #4834 , a few more duplicate hash key fixes
2015-02-24 10:32:55 -06:00
906c4a9024
use + instead of <<
2015-02-24 17:18:41 +01:00
12a99ecee5
Land #4796 , Handle incompatible payload architecture in BES
2015-02-24 10:02:25 -06:00
5880702552
added new hex format
2015-02-24 16:05:02 +01:00
7b32b8b58c
Land #4810 , support for job renaming in msfconsole
2015-02-24 08:51:06 -06:00
ab4a416958
comment out duplicate keys that can only be used for reference
...
ruby is ignoring all but the second instances, and 2.2 still throws a
warning
2015-02-24 08:50:02 -06:00
5eec07d4d1
Fix duplicate hash key "jpeg"
...
In lib/rex/proto/http/server.rb.
2015-02-24 05:19:42 -06:00
285c138f80
Add tab completion for rename_job
2015-02-24 04:25:36 -06:00
500b6229be
Clean up whitespace
2015-02-24 04:13:59 -06:00
e9b6a023de
Fix a typo
2015-02-23 21:45:02 -06:00
d0d124eb19
Mimic original handling
2015-02-23 20:42:49 -06:00
32046f9c47
smb_cmd_trans_query_path_info_standard
2015-02-23 19:57:16 -06:00
8c5ff858d0
Land #4812 , hp_sys_mgmt_login configurable URIs
2015-02-23 19:04:14 -06:00
ea483f14a1
Try to fix logic for query information levels
2015-02-23 17:17:33 -06:00
3fca26a5de
Add support for SMB_COM_TRANSACTION2 data blocks and params
2015-02-23 16:37:39 -06:00
623d319ca7
Fix offsets
2015-02-23 14:43:06 -06:00
2653ff9d58
Try to simplify request query and find request handling
2015-02-23 14:06:23 -06:00
97ccf7e23f
Fixes SSL support for http_login (variable shadowing)
2015-02-23 14:00:29 -06:00
36711e801c
Fix comment
2015-02-23 13:09:23 -06:00
99483f88f1
Fix, hopefully, dispatching
2015-02-23 13:08:45 -06:00
87176b9b37
Redo TRANS2_QUERY_PATH_INFORMATION dispatching
2015-02-23 12:52:50 -06:00
a06d07d6da
Clean smb_cmd_trans2_query_file_information dispatching
2015-02-23 12:03:08 -06:00
c39d6e152e
Land #4819 , Normalize HTTP LoginScanner modules
2015-02-23 11:43:42 -06:00
abe5ea42cb
Clean smb_cmd_trans
2015-02-23 11:34:19 -06:00
3d7381b62a
Handle TRANS2 commands
2015-02-23 11:33:49 -06:00
fe00cadd18
Delete require
2015-02-23 11:15:55 -06:00
1dba961698
delete SubCommand namespace
2015-02-23 11:15:14 -06:00
7d9f661d78
Fix includes
2015-02-23 11:14:45 -06:00
439507d359
Move trans2 files
2015-02-23 11:13:08 -06:00
885469ca52
Land #4823 , Meet the modern ruby style guide
2015-02-23 01:03:08 -06:00
e5e3474af4
Handle ICMP "protocol not available" errors as connection errors
2015-02-22 16:36:53 -06:00
251c284458
modernizes some of the rpc code
2015-02-22 15:37:55 -06:00
29ac27f357
Lands #4813 , replaces print_* with exceptions
2015-02-22 14:14:16 -06:00
c60e2584bf
Comment typo
2015-02-22 02:51:18 -06:00
888c718f40
Fix two typos
2015-02-22 02:45:50 -06:00
8e8a366889
Pass Http::Client parameters into LoginScanner::Http (see #4803 )
2015-02-22 02:26:15 -06:00
c820431879
Land #4770 , Wordpress Ultimate CSV Importer user extract module
2015-02-22 08:52:45 +01:00
d8132f86ff
ajust buffer size
2015-02-22 08:51:16 +01:00
2b9ab901cb
Land #4811 , creds -d documentation
2015-02-21 20:59:52 -06:00
9f826f4caa
Land #4809 , s/WtfError/ElfParseyError/
2015-02-21 20:52:58 -06:00
b39e2bea8e
Land #4806 , EXE::Custom case-sensitivity fix
2015-02-21 20:49:53 -06:00
f900d9cf26
Handle whitespace as per blank?
...
!~ /\S/ as per the original implementation of blank? also works.
2015-02-21 20:36:16 -06:00
708340ec5a
Tidy up various bits of code
2015-02-21 12:53:33 +00:00
80aef690a0
Do first commands refactoring
2015-02-21 01:48:47 -06:00
52b41ab4f8
Do first Share refactoring
2015-02-21 01:00:46 -06:00
bf2be7964b
Fix #4592 , print_* methods used in LoginScanner modules
...
Fix #4592
2015-02-20 22:46:21 -06:00
40c237f507
Fix #3982 , allow URIs to be user configurable
...
Fix #3982
2015-02-20 21:54:03 -06:00
b8cb93d712
Fix #3790 , document the creds -d feature
...
Fix #3790
2015-02-20 21:38:26 -06:00
b5f8ae85cf
Fix #3827 , Add support to rename a job
...
Fix #3827
2015-02-20 21:13:45 -06:00
85871ab822
Fix #4382 , Make errors more meaningful
...
Fix #4382
2015-02-20 20:09:58 -06:00
7e1e0f8196
Add plugin upload functionality
2015-02-21 01:20:20 +00:00
df903120e3
Reorganize trans2_find_first2 requests
2015-02-20 18:28:49 -06:00
52a0e6dd1c
Mark a couple of handlers for later review
2015-02-20 16:28:04 -06:00
0d53dc1d13
use a buffer to avoid memory use on victims machine
...
use a buffer to avoid memory use on victims machine
use attacker memory to store files
avoid bugs on large files
2015-02-20 20:02:09 +01:00
dc4898765f
Fix EXE::Custom
2015-02-20 16:59:18 +00:00
a91d19e0e7
Add template for SMB_QUERY_FILE_STANDARD_INFO
2015-02-20 10:58:15 -06:00
21978a1bfe
Add template for SMB_QUERY_FILE_BASIC_INFO
2015-02-20 10:40:45 -06:00
cf63e09188
Add templates for SMB_FIND_FILE_FULL_DIRECTORY_INFO_HDR and SMB_FIND_FILE_NAMES_INFO_HDR
2015-02-20 09:17:51 -06:00
fe75a31a59
NTFS parser optimisation
...
NTFS Parser does not gather automaticaly non resident attribute
that were not necessary
Railgun is called 17 times instead of 32 on an examples on ntds.dit
2015-02-20 13:11:53 +01:00
f2405a5dc0
Create SMB_FIND_FILE_BOTH_DIRECTORY_INFO_HDR_LENGTH constant
2015-02-20 00:35:26 -06:00
571dffa317
Create template for SMB_FIND_FILE_BOTH_DIRECTORY_INFO
2015-02-20 00:22:33 -06:00
94ad64546c
Create TRANS2_PARAMETERS template
2015-02-19 23:16:52 -06:00
b24b94ddd3
Do first cleanup of find_first2 handlers
2015-02-19 19:08:56 -06:00
74c43f5527
Delete more unused local variables
2015-02-19 14:39:55 -06:00
1d5a977280
Delete a lot of verbose prints
2015-02-19 14:37:16 -06:00
0940ceae75
Delete unused local variables
2015-02-19 14:26:46 -06:00
c38c3519d8
Delete more unused code
2015-02-19 14:24:18 -06:00
7487f9611b
Do some extra prints
2015-02-19 14:11:27 -06:00
d9b9de8e89
Delete unused code
2015-02-19 13:16:24 -06:00
5510000bf1
Use constant for FLAGS2
2015-02-19 13:02:50 -06:00
392137292e
Old delete register prototype comment
2015-02-19 13:00:12 -06:00
39ceb5b90f
Update smb_error on Exploit::Remote::SMB::Server
2015-02-19 12:10:28 -06:00
4781ac4b39
the http service needs to keep running to handle meterpreter loading
...
revert a8f44ca68f
2015-02-19 09:38:48 -06:00
b85324435e
Don't waste instance variables
2015-02-18 16:42:52 -06:00
jvazquez-r7
sinn3r
William Vu
Brent Cook
David Maloney
Bazin Danil
Matthew Hall
Christian Mehlmauer
HD Moore
Joshua Smith
BAZIN-HSC
rastating
Meatballs