Commit Graph

1447 Commits (b0029967084b72771f5f50fe2e2d81742fd6d35d)

Author SHA1 Message Date
James Lee 02d6089893 Fix a stack trace when an unexpected response from the server
Caused by a typo
2012-02-21 18:57:27 -07:00
HD Moore acb4446e45 Fix #6407 by treating redirects as successful authentication 2012-02-21 16:02:21 -06:00
HD Moore ceb4888772 Fix up the boilerplate comment to use a better url 2012-02-20 19:40:50 -06:00
James Lee 89e0842b1e Add vim_soap to the mixins list.
Fixes an issue where a different module load order would result in one
of the vmware modules failing to load be cause vim_soap hadn't been
required yet. Thanks d0rm0us3 for having a weird system and spotting
stuff like this.
2012-02-20 13:17:45 -07:00
Matt Buck fccb338e29 Merge branch 'master' of github-r7:rapid7/metasploit-framework 2012-02-19 23:01:14 -06:00
Matt Buck e0a75c1b2c Merge branch 'release/4.2-stable'
Conflicts:
	lib/msf/core/model/host.rb
2012-02-19 22:57:22 -06:00
sinn3r ea698864bd Add aux module to disclose IIS internal IP (Feature #6405) 2012-02-19 22:44:30 -06:00
sinn3r 95fa97cbd7 This module should be using store_loot() to save downloaded data 2012-02-19 20:48:00 -06:00
sinn3r 6037a2fc7a Correct type and name for store_loot 2012-02-19 20:20:44 -06:00
HD Moore f92ddb2475 Revert "Cleanup to the module output for vmware_http_login.rb"
This reverts commit 08d91aebdb.
2012-02-19 18:55:49 -06:00
HD Moore a25475fac0 Revert "Add a new vmauthd_version scanner (also pulls in the SSL cert if"
This reverts commit c4ea27d32b.
2012-02-19 18:53:03 -06:00
HD Moore d761265b93 Revert "Cosmetic cleanup to the module output for vmauthd_login"
This reverts commit 87e7bf4934.
2012-02-19 18:52:39 -06:00
HD Moore 648686002b Cosmetic cleanup of the vmware_http_login module 2012-02-19 18:51:16 -06:00
HD Moore 2521bd7b59 Add a new vmauthd_version scanner (also pulls in the SSL cert if
available)
2012-02-19 18:34:35 -06:00
HD Moore 00d2497a42 Cosmetic cleanup to the module output for vmauthd_login 2012-02-19 18:32:36 -06:00
HD Moore c4ea27d32b Add a new vmauthd_version scanner (also pulls in the SSL cert if
available)
2012-02-19 18:28:06 -06:00
HD Moore 87e7bf4934 Cosmetic cleanup to the module output for vmauthd_login 2012-02-19 18:16:54 -06:00
HD Moore 08d91aebdb Cleanup to the module output for vmware_http_login.rb 2012-02-19 18:16:05 -06:00
sinn3r 825ea01f79 Correct report_web_vuln 2012-02-19 16:37:42 -06:00
sinn3r 199e9c518b Add Generic HTTP Directory Traversal Utility (Feature #6338) 2012-02-19 00:30:18 -06:00
David Maloney 6ced540e0b Merge branch 'vmware-api' into vmware-stable 2012-02-18 18:38:20 -06:00
sinn3r ebd5438984 Add POST to method 2012-02-17 22:36:33 -06:00
sinn3r bb5e4a1600 Modules don't need to register VERBOSE, because it's already there 2012-02-17 21:07:44 -06:00
sinn3r 79ce43e3fe This condition should never trigger, because OptEnum should automatically take care of it 2012-02-17 19:16:07 -06:00
sinn3r e23f17cac2 Again, validate using OptEnum 2012-02-17 19:14:38 -06:00
sinn3r d58b8c7b69 Use OptEnum to validate enumeration method 2012-02-17 19:12:47 -06:00
sinn3r 3390bdf312 Validate METHOD with OptEnum 2012-02-17 18:54:53 -06:00
sinn3r ec58b4669e This module only handles GET, so that's the only option we'll allow 2012-02-17 18:20:16 -06:00
sinn3r 9e17b09632 This module is only meant to handle GET and PUT, so let's be strict on that 2012-02-17 18:17:28 -06:00
sinn3r 7ae58bfd9d Make sure the HTTP method is always upper-case to make Apache happy 2012-02-17 18:15:23 -06:00
David Maloney ddb43774c9 Some metadata fixes 2012-02-17 12:21:38 -06:00
sinn3r ae57a8d9fd Make sure the HTTP method is always uppercase so we don't get a 501 2012-02-17 03:34:39 -06:00
David Maloney a0dac593bc Merge branch 'vmware-api' of github.com:rapid7/metasploit-framework into vmware-api 2012-02-16 02:22:31 -06:00
David Maloney e9b2e060d6 Permissions scanner for vmware
Fixed the way loot was getting stored to set a propper type
2012-02-16 02:19:33 -06:00
David Maloney c5ae56a147 Adding User Enumeration Scanner for vmware 2012-02-15 22:55:11 -06:00
Tod Beardsley 95f54413d8 Create a stable branch of vmware-api
Just to pick up the soap library and the esx_fingerprint stuff.
2012-02-15 21:25:56 -06:00
Tod Beardsley bf9ed96155 Fixes up esx_fingerprint and the host model to ID vmware correctly
Uses the proper host.normalize_os methods to fix up the normalization of
ESX servers.
2012-02-15 20:31:51 -06:00
David Maloney c9cf47bd4c Add Terminate Session module and some extra goodness to enum sessions 2012-02-15 16:39:13 -06:00
David Maloney 67ba39cc3e Adds a scanner to pull active login sessions off servers 2012-02-15 02:27:25 -06:00
David Maloney e0f11992af Gah screwed up that commit, accidentally chunked out the rescues. 2012-02-15 02:12:06 -06:00
David Maloney 6b539036c9 Fix fingerprinting in the vmware_http_login module 2012-02-15 01:54:34 -06:00
David Maloney bbca09458f Workaround for report_host/service issue
See #6370
2012-02-14 11:19:38 -06:00
David Maloney 03884ddb46 Fix to title from copy pasted init section. 2012-02-14 10:36:15 -06:00
Tod Beardsley ad0594ee5f Cleanup and add debug for fingerprint_vmware 2012-02-13 19:07:26 -06:00
Tod Beardsley 8c1581567c Cleanup on the vmware fingerprinting.
Add in some new OS constants and seperate out the fingerprinting
function from the connection function in order to avoid having errors
swallowed by a rescue.
2012-02-13 16:40:44 -06:00
Tod Beardsley 727cde00c6 Taking David's version of vmware_http_login over mine 2012-02-13 14:54:47 -06:00
sinn3r d036da627a Clear lots of whitespace 2012-02-13 14:13:43 -06:00
David Maloney 31f001ed54 Improved vmware enumerate vm modules
now with screenshots!
2012-02-13 12:07:28 -06:00
David Maloney 8c305e1a28 VMWare Web service finerprinting and OS detection.
VMWare Screenshot stealer
Improvemenets to the mixin
fix to check method for the login scanner
2012-02-13 12:05:32 -06:00
sinn3r a758462a32 Remove some whitespace 2012-02-13 11:01:26 -06:00
bperry-r7 abb1548d9a Fix extraneous print_status 2012-02-11 20:09:43 -06:00
David Maloney 676a0c53a0 Working Screenshot capability! 2012-02-11 03:51:18 -06:00
sinn3r fe69a27bf1 Fix indent level and type 2012-02-10 03:22:51 -06:00
sinn3r 4b47a9e66f Be gone, whitespace. 2012-02-10 03:16:37 -06:00
sinn3r 52e7743b41 Merge branch 'ipv6_logging' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-ipv6_logging 2012-02-10 03:13:18 -06:00
HD Moore 29b99aa7b4 Fix up titles/add boundary check for reporting external host 2012-02-08 12:23:46 -06:00
m-1-k-3 705c436ede added more multicast addresses from wikipedia 2012-02-07 11:45:20 +01:00
David Maloney e8aa624a16 Added todb's validator over to this working branch 2012-02-06 10:15:05 -06:00
m-1-k-3 91820ad1c3 logging to notes 2012-02-06 08:56:35 +01:00
David Maloney df401f4c94 more fixes to backend stuff, plus updated vmware http login module to use
the correct mixin method now.
2012-02-03 15:44:41 -06:00
Tod Beardsley af506240cf http_fingerprint reports service info
Service info once again is reported when http_fingerprint is run against
a target, along with http status codes.
2012-02-03 12:15:11 -06:00
Tod Beardsley 786d75493c Fix up VMWware webscan to not false positive
Checks to see if a target is actually vmware based on the provided
cookie, using the http_fingerprint() function from HttpClient.

[Fixes #6340]
2012-02-02 22:19:57 -06:00
David Maloney 3f48e626a2 Adding a bunch of new VIM API auxiliary stuff
Work in progress.
2012-02-01 12:05:20 -06:00
Tod Beardsley e371f0f64c MSFTidy commits
Whitespace fixes, grammar fixes, and breaking up a multiline SOAP
request.

Squashed commit of the following:

commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:58:53 2012 -0600

    Break up the multiline SOAP thing

commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:48:16 2012 -0600

    More whitespace and indent

commit 12c42aa1efdbf633773096418172e60277162e22
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:39:36 2012 -0600

    Whitespace fixes

commit 32d57444132fef3306ba2bc42743bfa063e498df
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:35:37 2012 -0600

    Grammar fixes for new modules.
2012-02-01 10:59:58 -06:00
HD Moore 0b8987f2af Merge results initialization fix 2012-01-31 01:29:44 -06:00
sinn3r 1dec4c0c45 These modules should use vprint_xxx() instead of print_xxx() ... if datastore['VERBOSE'] 2012-01-30 13:08:35 -06:00
sinn3r a0ac4125cd Add aux module CMS400 default pass scanner (feature #6301) 2012-01-30 10:40:59 -06:00
HD Moore dda3453ac7 Correct a typo 2012-01-28 23:33:26 -06:00
HD Moore 774862508e Handle another common error type 2012-01-28 23:31:20 -06:00
Jonathan Cran 54ffb01080 This module should use the default list of tomcat users 2012-01-28 18:13:34 -06:00
David Maloney ca7aa21202 Removed schema features from database hashdump modules
now that there are dedicated schemadump modules.
2012-01-28 16:55:39 -06:00
HD Moore 5a095e8ef5 Fixes for PCA modules 2012-01-28 14:35:07 -06:00
HD Moore c63c7393e3 Print status output 2012-01-28 13:52:38 -06:00
HD Moore f3eb78199b Add TCP-based PCA probe 2012-01-28 13:52:38 -06:00
HD Moore 2d7852ddef Merge PCA scans into udp_sweep/udp_probe 2012-01-28 13:05:24 -06:00
David Maloney 4cd38c5555 Adds login scanner module for VMware Server and ESX 2012-01-27 16:23:56 -06:00
HD Moore a2d20e25d3 Fix a regression in the workspace inclusion code (only affected
non-DB-connected instances). Add a PCA UDP scanner
2012-01-27 12:36:13 -06:00
Tod Beardsley fe22090a12 Correct e-mail format 2012-01-26 13:04:38 -06:00
David Maloney d0d964d8ab Adds an error message if the module couldn't conenct to the target.
Fixes #6278
2012-01-26 10:56:07 -06:00
Tod Beardsley f6a6963726 Msftidy run over the recent changed+added modules 2012-01-24 15:52:41 -06:00
Jon Hart 7ec5f98480 Adding jhart's natpimp libary and modules.
Made some minor corrections -- dropped the #vim splats, switched to msf
constants for service open etc, namely.

[See #106]
2012-01-24 10:32:30 -06:00
James Lee 455bcda6e8 Print the port so we know which http service 2012-01-23 10:17:32 -07:00
David Maloney 34491970b3 Adds a new VMWare Authentication Daemon login scanner module. 2012-01-22 15:39:53 -06:00
David Maloney bcb19ab0a3 Fixes an issue with smb_login not properly dealing with abritrary guest access
on Samba.
2012-01-22 01:35:36 -06:00
David Maloney 06b1bffcea Addresses an issue with udp sweep module that recorded services
from non-specified hosts when they respond to broadcast probes.
2012-01-20 15:34:15 -06:00
HD Moore bb035bfec2 Fix up API option names so they can be set globally 2012-01-18 15:05:39 -06:00
Tod Beardsley ad6f8257e1 MSFTidy fixes. 2012-01-18 15:01:32 -06:00
sinn3r 7d9ba6f5e9 Fix bug #6256: uninitialized class variable error 2012-01-17 17:58:53 -06:00
Jon Hart 6a057560fa Improvements to auxiiliary/scanner/http/soap_xml to:
* Detect additional SOAP faults to reduce false positives
* More obviously support SSL
* Report http/https
* Make it obvious when a SOAP endpoint falls over mid-scan
* Add a few more nouns/verbs
* Add an optional SLEEP to play nice with old/slow SOAP endpoints

https://dev.metasploit.com/redmine/issues/6249
2012-01-16 12:27:17 -08:00
Tod Beardsley 4ac6c0c3ee A great big pile of fixes to the ssh scanners
Not sure how this managed to fall out of master -- some of these fixes
are five days old, and should certianly have been merged in prior to
just now.
2012-01-13 13:49:21 -06:00
Tod Beardsley d52df50a77 Drop a spurious print_error line from smtp_version 2012-01-13 11:46:56 -06:00
David Maloney 6234d13f7c Added Schema Dump Module for Postgres 2012-01-12 15:20:46 -05:00
David Maloney 52be1c3a7a Add schemadump module for MySql 2012-01-11 12:16:22 -08:00
David Maloney 13069990eb Added module for dumping schema information from Microsoft SQL Server
and storing it as loot and notes.
2012-01-10 15:32:09 -08:00
Tod Beardsley 7e25f9a6cc Death to unicode
Apologies to the authors whose names I am now intentionally misspelling.
Maybe in another 10 years, we can guarantee that all terminals and
machine parsers are okay with unicode suddenly popping up in strings.

Also adds a check in msftidy for stray unicode.
2012-01-10 14:54:55 -06:00
David Maloney ed0dbad243 Fix to MSSQL Ping that returns ALL known isntances onstead of jsut the first one.
Fixes #6066
2012-01-10 12:32:47 -08:00
sinn3r b76767669c Update Nenad's author name and e-mail 2012-01-09 20:14:47 -06:00
Tod Beardsley eeb3a442de whitespace correctly smtp_version.rb 2012-01-09 14:11:10 -06:00
Tod Beardsley 15990efd85 Removing useless (?) begin/rescue from smtp_version
Let the scanner mixin handle the exceptions.
2012-01-09 14:11:10 -06:00
David Maloney e12d5588c6 Set data on webdav scanner notes to include webdav path.
'Enabled' in the data field was useless since the note existing
already tells you webdav is enabled.
The path that webdav was running on wasn't kept anywhere though.
2012-01-09 08:33:45 -08:00
Tod Beardsley a1668f2b23 Adds SSHKey gem and some other ssh goodies
Pubkeys are now stored as loot, and the Cred model has new and exciting
ways to discover which pubkeys match which privkeys.

Squashed commit of the following:

commit 036d2eb61500da7e161f50d348a44fbf615f6e17
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 22:23:32 2012 -0600

    Updates ssh credentials to easily find common keys

    Instead of making the modules do all the work of cross-checking keys,
    this introduces a few new methods to the Cred model to make this more
    universal.

    Also includes the long-overdue workspace() method for credentials.

    So far, nothing actually implements it, but it's nice that it's there
    now.

commit c28430a721fc6272e48329bed902dd5853b4a75a
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 20:10:40 2012 -0600

    Adding back cross-checking for privkeys.

    Needs to test to see if anything depends on order, but should
    be okay to mark up the privkey proof with this as well.

commit dd3563995d4d3c015173e730eebacf471c671b4f
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 16:49:56 2012 -0600

    Add SSHKey gem, convert PEM pubkeys to SSH pubkeys

commit 11fc363ebda7bda2c3ad6d940299bf4cbafac6fd
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 13:51:55 2012 -0600

    Store pubkeys as loot for reuse.

    Yanked cross checking for now, will drop back in before pushing.

commit aad12b31a897db2952999f7be0161df1f59b6000
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 02:10:12 2012 -0600

    Fixes up a couple typos in ssh_identify_pubkeys

commit 48937728a92b9ae52d0b93cdcd20bb83f15f8803
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sat Jan 7 17:18:33 2012 -0600

    Updates to ssh_identify_pubkeys and friends

    Switches reporting to cred-based rather than note-based, accurately deal
    with DSA keys, adds disable_agent option to other ssh modules, and
    reports successful ssh_login attempts pubkey fingerprints as well.

    This last thing Leads to some double accounting of creds, so I'm not
    super-thrilled, but it sure makes searching for ssh_pubkey types a lot
    easier.... maybe a better solution is to just have a special method for
    the cred model, though.
2012-01-08 22:28:37 -06:00
HD Moore b12baccc49 Quick update, added a research option 2012-01-07 01:13:23 -06:00
sinn3r 6d401b48d1 Fix typo 2012-01-07 00:02:51 -06:00
sinn3r b7e29191f5 Add Drupal 'Views' module username enumeration (Feature #6194) 2012-01-06 23:51:32 -06:00
David Maloney 40a1d8bcc8 Fixed issue with a missing nil check in ftp_login 2012-01-06 20:51:58 -08:00
David Maloney 8e017fd4db Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-01-06 20:30:25 -08:00
David Maloney bf425a6744 Fixed bug that prevented telnet sessions from opening with good creds 2012-01-06 16:59:08 -08:00
sinn3r 6ceb2f04a3 Add CVE-2011-2474 Sybase EAServer directory traversal vulnerability 2012-01-06 14:24:49 -06:00
HD Moore 7b26e33e19 Initial version 2012-01-06 00:53:50 -06:00
David Maloney ba86e8a04f Added PROPFIND support to http_login
This allows http_login to test against WebDAV.
Also added XAMPP default usernames and passwords to default wordlists
2012-01-05 12:10:53 -08:00
sinn3r b202c29153 Correct e-mail format 2011-12-29 11:27:10 -06:00
David Maloney 9e1e87508f Fix to boundary validation for when no db is present
Fixes #6171
2011-12-28 08:47:22 -08:00
HD Moore 2ad5c56d48 Typo in comment 2011-12-27 19:11:09 -06:00
HD Moore 617f3250cf Handle patched systems accurately (requires actually triggering the bug) 2011-12-27 19:04:34 -06:00
HD Moore f8e3119215 Add references 2011-12-27 17:50:06 -06:00
David Maloney 9b995bc0a5 Adds boundary validation to the framework
enforces boudnary checking on netbios probes
2011-12-27 11:33:52 -08:00
sinn3r ce6b1d6b8c Improve:
- Use 'Actions' to configure which OWA version to try
- Fix a bug where the USER_AS_PASS option might overwrite PASSWORD (and not restoring it) even though a password is already set.
- Increase timeout to 25
- Update description
2011-12-22 16:26:02 -06:00
Tod Beardsley 2f55f08ebe Actually describe the module in the title/description 2011-12-22 11:10:24 -06:00
sinn3r d439390aa2 Fix typo 2011-12-20 12:19:34 -06:00
sinn3r c2d59f0307 Fix issue #6133 2011-12-20 11:32:33 -06:00
sinn3r 0200b6367a Add OKI Scanner (Feature #6125) 2011-12-20 03:09:09 -06:00
HD Moore 4736cb1cbe Merge pull request #48 from swtornio/master
add osvdb ref
2011-12-11 20:37:43 -08:00
HD Moore a9db05e53b Fix regular expression 2011-12-10 13:24:58 -06:00
Steve Tornio 25685c4c74 add osvdb ref 2011-12-10 08:07:21 -06:00
Tod Beardsley e52436e7ad Drop the incorrect Id keyword from h323_version 2011-12-09 14:29:55 -06:00
sinn3r d6d9ac17d2 use store_loot() instead of store_local() 2011-12-08 11:10:31 -06:00
sinn3r c366e652b9 Revert "Using store_local() to store stuff for dir traversal bugs feels much better than store_loot()"
This reverts commit d37daa4934.
2011-12-08 10:11:09 -06:00
sinn3r d37daa4934 Using store_local() to store stuff for dir traversal bugs feels much better than store_loot() 2011-12-07 19:08:24 -06:00
sinn3r aa5c0c46b6 Fix indent level 2011-12-07 18:44:49 -06:00
sinn3r feab7f5077 Add CVE-2011-4350 2011-12-07 18:42:52 -06:00
sinn3r b7ccbcd6b5 Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-12-07 12:23:23 -06:00
sinn3r 84682b3615 Apply patch #6072 2011-12-07 12:22:58 -06:00
HD Moore b8767d5f57 Fix typo on 1.8.7 2011-12-07 10:45:23 -06:00
Tod Beardsley 84af4647db Merge branch 'issue_1083_oracle' 2011-12-05 17:39:46 -06:00
Tod Beardsley 4da2c32734 Minor update to xdb_side_brute, see #1083
Adds a typo fix and adds an explicit VERBOSE option.
2011-12-05 15:11:09 -06:00
HD Moore 97087d88fa Mark portscan modules as v6 incompatible 2011-12-05 13:07:36 -06:00
HD Moore cf28713f9a Mark specific modules as incompatible due to use of quad-dot code 2011-12-05 13:07:36 -06:00
sinn3r 3cd2caca1a Fix #6052 2011-12-04 13:49:13 -06:00
Steve Tornio f63a616739 add osvdb ref 2011-12-04 07:48:48 -06:00
sinn3r 2720572a37 Add IPSwitch Whatsup Gold TFTP directory traversal module 2011-12-03 18:46:34 -06:00
HD Moore dbe7e6aecf Remove a leftover debugging statement 2011-12-02 00:06:04 -06:00
HD Moore 9f99cfc757 Convert the h323 module to MSF_LICENSE (backport from Pro) 2011-12-01 16:01:01 -06:00
HD Moore 3e5e9a910e Add h323 scanner 2011-12-01 16:01:01 -06:00
David Maloney 40ab37fa10 Merge branch 'iss5979' 2011-11-30 12:16:33 -08:00
sinn3r 897731f3a5 Check creds (feature #6025). Also bringing the 'Inbox' regex back 2011-11-29 11:01:39 -06:00
Rob Fuller c411c216c0 Solved most of msftidy issues with the /modules directory 2011-11-28 17:10:29 -06:00
sinn3r 3a84c31326 Using a better regex for a successful login. Thanks Borys. 2011-11-28 14:29:42 -06:00
sinn3r bc541c118d Apply patch #6020 2011-11-28 14:16:24 -06:00
sinn3r 5165865560 Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-28 14:07:19 -06:00
sinn3r 59ab0c3a18 Fix bug #6021, Thanks Borys 2011-11-28 14:06:56 -06:00
Tod Beardsley 44a47f9913 Fixing up OWA bruteforce module to conform with the usual print_status
messages.
2011-11-28 13:31:54 -06:00
sinn3r a578db7f56 Apply fix for #6019 2011-11-28 01:12:18 -06:00
sinn3r ebfe269698 Apply patch for #5824 2011-11-26 16:52:12 -06:00
sinn3r 5e08c93ac9 Apply patch #5580 2011-11-26 15:32:43 -06:00
David Maloney c61d02686a HTTP login scanners need to set duplicate_ok to true
or different web applications on the same server
may wipe eachother's creds out.
2011-11-22 13:04:10 -08:00
David Maloney 9d7f7b1f0e Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-22 11:53:14 -08:00
David Maloney 9e40fac8b1 Added a check to the Axis login scanner to ensure
that the supplied url is valid.
Need this because we don't currently have a way to fingerprint
for Axis2 so we are relying on Tomcat fingerpinting.
2011-11-22 11:52:06 -08:00
sinn3r 25f4b45bd1 Apply patch #6004 2011-11-22 13:07:46 -06:00
David Maloney f81567fb6f Fix to typo in the tables being pushed. 2011-11-21 15:49:57 -08:00
James Lee 67120d4263 msftidy on aux modules, see #5749 2011-11-20 13:12:07 +11:00
David Maloney ff22246119 Attempt to fix #5979 2011-11-18 12:53:35 -08:00
David Maloney c8142043e9 Fixes to credential handling to downcase usernames whenever they are not case sensitive.
Also report_auth_info now checks to see if a non-case sensitive version of the cred
may already exist.
2011-11-14 22:50:52 -08:00
Tod Beardsley 96d2209ca2 Minor fixups for trace report_note patch 2011-11-14 10:40:11 -06:00
andurin 5d5c9464cc Do some report_note while TRACE detection 2011-11-14 12:10:53 +01:00
Andurin 71599f5ef9 Fix sqlmap aux to work with actual sqlmap.py
Commit relates to IssueID #5807
2011-11-13 09:18:33 +01:00
sinn3r e4ebb890d8 Apply patch for bug #5963 2011-11-12 13:17:26 -06:00
sinn3r 62fdbd549c no need to register VERBOSE, because it's already a standard option in all modules. Thanks egyp7 for the reminder. 2011-11-11 15:37:47 -06:00
sinn3r 2d940e2c91 Apply patch #5952 2011-11-11 14:58:17 -06:00
sinn3r 35f84f5e42 yo, ruby 1.8 fix 2011-11-11 11:38:28 -06:00
sinn3r e972234629 yo, owa bruteforce utility in the house (Feature #4725) 2011-11-11 11:23:35 -06:00
David Maloney c984ea41d1 Quick fix to cred sourcing to eliminate spaces in the source type 2011-11-10 20:39:13 -08:00
Wei Chen 9ff5eabb4b Fix #4915
git-svn-id: file:///home/svn/framework3/trunk@14201 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-09 08:51:47 +00:00
David Maloney a88f954640 More Cred Sourcing
git-svn-id: file:///home/svn/framework3/trunk@14197 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-09 01:49:57 +00:00
David Maloney aa4f6c1cae More cred sourcing fixes
git-svn-id: file:///home/svn/framework3/trunk@14193 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 18:45:47 +00:00
David Maloney cdbe7bc587 Multiple fixes to cred reporting on this module
git-svn-id: file:///home/svn/framework3/trunk@14192 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 17:25:39 +00:00
Wei Chen 16fc275853 whitespace cleanup
git-svn-id: file:///home/svn/framework3/trunk@14191 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 16:09:31 +00:00
Patrick Webster 77a3edbb4f Added squiz_matrix_user_enum aux module.
git-svn-id: file:///home/svn/framework3/trunk@14185 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 03:14:39 +00:00
Wei Chen ad94bae78f Fix bug #5923
git-svn-id: file:///home/svn/framework3/trunk@14182 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 17:52:02 +00:00
Wei Chen 12378b45d6 Fix #5502
git-svn-id: file:///home/svn/framework3/trunk@14180 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 07:44:02 +00:00
HD Moore f6cc9eade7 Replace my crufty old ASN.1 parser with OpenSSL::ASN1
git-svn-id: file:///home/svn/framework3/trunk@14165 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-05 05:12:28 +00:00
David Maloney 585a7cc4a2 Adding the HTTP Trace scanner from CG
Fixes #3390


git-svn-id: file:///home/svn/framework3/trunk@14150 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-03 20:09:11 +00:00
Wei Chen ae9e8b7821 Syntax fix for ruby 1.8
git-svn-id: file:///home/svn/framework3/trunk@14139 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-01 21:48:24 +00:00
Wei Chen d5cee2dedf Apply patch #5411 to allow user-specified path
git-svn-id: file:///home/svn/framework3/trunk@14137 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-01 17:57:11 +00:00
Wei Chen 8750c3aac5 Add feature #4849 (Redis module)
git-svn-id: file:///home/svn/framework3/trunk@14133 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 21:47:15 +00:00
Mario Ceballos d55dc551b6 syntax issue
git-svn-id: file:///home/svn/framework3/trunk@14131 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 20:22:02 +00:00
Wei Chen e14668ece9 Add ColdFusion version scanner - feature #4079
git-svn-id: file:///home/svn/framework3/trunk@14127 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 18:18:11 +00:00
Wei Chen fb56e23197 Apply fix for bug #5516 to correct a possible false positive on Apache Tomcat
(yup, tomcats are tricky like that)


git-svn-id: file:///home/svn/framework3/trunk@14124 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 16:39:03 +00:00
HD Moore 55e6672e6b Revert a well-intentioned but design-violating change
git-svn-id: file:///home/svn/framework3/trunk@14116 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-29 18:40:49 +00:00
Tod Beardsley 467df77a50 Fixes #5170. Enforces a max width, avoids negative widths. Thanks Oliver!
Related to r13769



git-svn-id: file:///home/svn/framework3/trunk@14093 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-27 22:07:41 +00:00
Wei Chen 63a926a6ee Do a report_host() on OS default name. Request #5865
git-svn-id: file:///home/svn/framework3/trunk@14090 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-27 04:50:01 +00:00
Wei Chen dd72e1ce9d Longer timeout. #5851
git-svn-id: file:///home/svn/framework3/trunk@14074 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 19:35:03 +00:00
Wei Chen ab4f9d65c7 Add PATH option. Feature #5412
git-svn-id: file:///home/svn/framework3/trunk@14067 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 18:32:02 +00:00
Joshua Drake 62c8c6ea9f big msftidy pass, ping me if there are issues
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 11:56:13 +00:00
Wei Chen 14cf0deb29 Add feature #5398
git-svn-id: file:///home/svn/framework3/trunk@14032 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-22 22:20:55 +00:00
Wei Chen 1e7c197d8e git-svn-id: file:///home/svn/framework3/trunk@14029 4d416f70-5f16-0410-b530-b9f4589650da 2011-10-22 21:32:36 +00:00
Wei Chen a62a236ad0 Add feature #5541
git-svn-id: file:///home/svn/framework3/trunk@14027 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-22 20:03:25 +00:00
Wei Chen 2a3f430c8e SAP ICM URLscan module (Feature #5620) by Chris
git-svn-id: file:///home/svn/framework3/trunk@14026 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-22 08:41:54 +00:00
Wei Chen 389be65dff Attempt number 2 to fix #5579
git-svn-id: file:///home/svn/framework3/trunk@14014 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-20 16:29:15 +00:00
Wei Chen dd2623dba9 For bug #5579
git-svn-id: file:///home/svn/framework3/trunk@14012 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-20 01:07:08 +00:00
Steve Tornio 1f698e09c9 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@14004 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-19 11:19:59 +00:00
Wei Chen 0a661ec227 Add CVE-2011-3305 (#5673)
git-svn-id: file:///home/svn/framework3/trunk@13985 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 04:40:21 +00:00
Wei Chen 975cc52bac Fix spelling errors
git-svn-id: file:///home/svn/framework3/trunk@13983 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 00:54:05 +00:00
Tod Beardsley 30ac88694f More msftidy fixes. Now I'm going to get a little more surgical to get this to move faster.
git-svn-id: file:///home/svn/framework3/trunk@13963 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 02:58:53 +00:00
Tod Beardsley e9461c766e Msftidy run against a bunch of whitespace violations, a few line too longs.
git-svn-id: file:///home/svn/framework3/trunk@13962 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 02:42:01 +00:00
Tod Beardsley ea2c9d1a46 Adding missing Id and Rev SVN keywords.
git-svn-id: file:///home/svn/framework3/trunk@13961 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 01:27:28 +00:00
HD Moore cf8524b1b4 Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types
git-svn-id: file:///home/svn/framework3/trunk@13949 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 09:53:53 +00:00
Carlos Perez 7ae1bbbb3f typo
git-svn-id: file:///home/svn/framework3/trunk@13904 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 01:49:36 +00:00
Carlos Perez a0c34d1c73 Sets a session platform when using ssh_login
git-svn-id: file:///home/svn/framework3/trunk@13903 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 01:48:42 +00:00
HD Moore cce4aafd9b Tweak the snmp_login code to actually only poll response packets every 10 sent and break out of infinite loop in the case of a target going crazy and continuously replying
git-svn-id: file:///home/svn/framework3/trunk@13891 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 20:14:58 +00:00
Chao Mu 53b807abee Adding the "this file is part of" comment to the top of the module and proper comment formatting
git-svn-id: file:///home/svn/framework3/trunk@13886 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 00:36:55 +00:00
Chao Mu df56110dd9 Fixing $Id so that it is prefaced by a comment.
git-svn-id: file:///home/svn/framework3/trunk@13885 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 00:32:14 +00:00
Chao Mu 667c00161d Remembering to Propset and include $Id: $ this time. Also, switching from BSD_LICENSE to MSF_LICENSE.
git-svn-id: file:///home/svn/framework3/trunk@13884 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 00:30:25 +00:00
HD Moore 558894e100 Test cases don't live in the module directory
git-svn-id: file:///home/svn/framework3/trunk@13871 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 15:51:22 +00:00
Chao Mu 9414747945 jruby was barfing on super(a, b, c,), so I changed the syntax and wrote a very simple unit test for rewrite_proxy_bypass.
git-svn-id: file:///home/svn/framework3/trunk@13870 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 13:52:39 +00:00
Chao Mu dcb6de2b58 Fixes #5667 this module scans for reverse proxy servers that exhibit a misconfiguration like the one detailed in www.contextis.com/research/blog/reverseproxybypass/. By default it requests a URI of @... and checks for a 502
git-svn-id: file:///home/svn/framework3/trunk@13864 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 22:34:50 +00:00
Tod Beardsley 568bde7aa4 Fixes #5404
See #5350
See #5246
See #5241
See #5173

Adds password hash dumping as loot for Postgres, MSSQL, MySQL, and several Oracle flavors of RDBMS. Thanks TheLightCosine!



git-svn-id: file:///home/svn/framework3/trunk@13854 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 17:05:01 +00:00
Wei Chen 612cdc8c73 No need to check if version is 'unknown' if nothing else (other than default) is assigned to it
git-svn-id: file:///home/svn/framework3/trunk@13799 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-27 19:12:31 +00:00
Wei Chen 8d1763484d Fix metadata format
git-svn-id: file:///home/svn/framework3/trunk@13792 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-26 03:21:37 +00:00
Wei Chen 5d4b562e62 Add GlassFish BruteForce auxiliary module by Josh (See #5515)
git-svn-id: file:///home/svn/framework3/trunk@13790 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-25 19:24:53 +00:00
Tod Beardsley d437c99919 Fixing what looks like a versioning mismatch for the XMAS scan (readreply vs probereply methods).
git-svn-id: file:///home/svn/framework3/trunk@13786 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-24 13:39:42 +00:00
James Lee 2cb5dbdb10 fix a silly output bug, thanks mezzendo for noticing
git-svn-id: file:///home/svn/framework3/trunk@13785 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-23 22:28:11 +00:00
James Lee cdead3da54 whitespace cleanup and fix some ArgumentErrors when a field is wide, fixes #5518, thanks Joshua Taylor
git-svn-id: file:///home/svn/framework3/trunk@13783 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-23 17:51:11 +00:00
amaloteaux 2d0d48a820 remove an Argument Error, Negative Number bug faced at Brucon
git-svn-id: file:///home/svn/framework3/trunk@13769 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-21 14:52:52 +00:00
James Lee 7163710bcf fix a typo and some whitespace, fixes #5480. Thanks Kurt!
git-svn-id: file:///home/svn/framework3/trunk@13764 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-20 17:17:20 +00:00
Wei Chen f9d74b0701 Printing res code for DELETE should be optional. It's not like we can always trust it anyway.
git-svn-id: file:///home/svn/framework3/trunk@13763 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-20 00:41:42 +00:00
Joshua Drake 7c74954461 remove silly comma
git-svn-id: file:///home/svn/framework3/trunk@13762 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 23:06:35 +00:00
Wei Chen 7f80ba939a Apparently I can't speaks engrish
git-svn-id: file:///home/svn/framework3/trunk@13760 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 21:18:48 +00:00
Wei Chen ec530955ce Checking response codes is a terrible way for HTTP modules. #5470.
git-svn-id: file:///home/svn/framework3/trunk@13759 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 20:36:09 +00:00
Jonathan Cran a1675bfbc6 replaced by http_put
git-svn-id: file:///home/svn/framework3/trunk@13758 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 20:14:26 +00:00
Jonathan Cran 8b1fd95f66 Add a module to check HTTP PUT / DELETE file access. Thanks CG! Resolves 5089.
git-svn-id: file:///home/svn/framework3/trunk@13755 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 01:18:23 +00:00
et 3dffd09875 Generic HTML data scraper
git-svn-id: file:///home/svn/framework3/trunk@13736 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-16 02:36:32 +00:00
HD Moore 85eb581c16 Quick fix to match service changes
git-svn-id: file:///home/svn/framework3/trunk@13726 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-13 06:48:07 +00:00
Joshua Drake f8eb9e5dd4 extraneous space typo
git-svn-id: file:///home/svn/framework3/trunk@13722 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-12 19:21:21 +00:00
Matt Weeks acae5dcdc8 Killing puts.
Die, puts, die!!



git-svn-id: file:///home/svn/framework3/trunk@13715 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-11 02:42:39 +00:00
James Lee e31acef6e9 whitespace cleanup
git-svn-id: file:///home/svn/framework3/trunk@13702 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-07 15:30:08 +00:00
Wei Chen 91c5a15eb4 Actually, this is the right fix for bug #5363
git-svn-id: file:///home/svn/framework3/trunk@13685 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-03 02:20:22 +00:00
Wei Chen 14d2a45c5b This fix is to make sure BLANK_PASSWORDS functions properly. See bug #5363.
git-svn-id: file:///home/svn/framework3/trunk@13684 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-03 02:09:00 +00:00
amaloteaux c8bb6a5fda mke this module more automatic and reliable
git-svn-id: file:///home/svn/framework3/trunk@13632 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-25 00:11:20 +00:00
David Rude 41f4677dae Convert the table to CSV
git-svn-id: file:///home/svn/framework3/trunk@13568 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 17:48:42 +00:00
Wei Chen 83dd71c905 Add MySQL hashdump auxiliary module
git-svn-id: file:///home/svn/framework3/trunk@13567 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 16:28:31 +00:00
Wei Chen 278cb5d46e Fix indents, spaces, and stuff
git-svn-id: file:///home/svn/framework3/trunk@13564 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 15:21:11 +00:00
Wei Chen dd56f976f4 Fix indents
git-svn-id: file:///home/svn/framework3/trunk@13563 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 15:12:55 +00:00
David Rude 1823f20a50 Add apache_userdir_enum aux module
git-svn-id: file:///home/svn/framework3/trunk@13562 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 05:56:55 +00:00
David Rude b39503343e Add pop3_login aux module
git-svn-id: file:///home/svn/framework3/trunk@13561 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 05:51:59 +00:00
James Lee b6f845ee91 UserAgent is already an advanced option, and that's already the default
git-svn-id: file:///home/svn/framework3/trunk@13511 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 17:30:30 +00:00
James Lee 4ba46cb565 get_once returns nil if the timeout hits, don't break in that case
git-svn-id: file:///home/svn/framework3/trunk@13510 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 17:28:18 +00:00
James Lee 825a2747c1 remove unnecessary dup, unused var
git-svn-id: file:///home/svn/framework3/trunk@13509 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 17:27:09 +00:00
Carlos Perez f8d50b7705 Applied and tested patch from Thomas Ring in bug 5206
git-svn-id: file:///home/svn/framework3/trunk@13490 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-04 22:55:06 +00:00
HD Moore 842bfdebe8 Lets just leave this here (insurance against my laptop melting down between now and tomorrow morning). Nothing to see here, move along ;)
git-svn-id: file:///home/svn/framework3/trunk@13483 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-03 22:58:55 +00:00
HD Moore f3e4c860a7 Slow down a little bit to prevent packet loss
git-svn-id: file:///home/svn/framework3/trunk@13468 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-02 00:47:51 +00:00
James Lee 021fa0d8cb missed a line in the conversion to packetfu, see #5038
git-svn-id: file:///home/svn/framework3/trunk@13442 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-31 04:41:17 +00:00
HD Moore a5e63c2ca9 Grab the instance from the query vs the ping (via TheLightCosine)
git-svn-id: file:///home/svn/framework3/trunk@13435 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-30 21:20:57 +00:00
HD Moore c216219573 Add mssql_ping back in
git-svn-id: file:///home/svn/framework3/trunk@13434 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-30 21:11:53 +00:00
HD Moore e916e06b6e Closes #5142 by merging (with some small changes)
git-svn-id: file:///home/svn/framework3/trunk@13433 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-30 21:07:22 +00:00
Tod Beardsley 486241cc99 SSH scanners shouldn't die just because they're on Windows and they try to talk to reserved addresses.
git-svn-id: file:///home/svn/framework3/trunk@13407 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-29 15:51:11 +00:00
James Lee d50577066f remove some silliness of registering UserAgent as an option since it's already an advanced option for HttpClient, make the default obvious
git-svn-id: file:///home/svn/framework3/trunk@13394 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-28 22:57:47 +00:00
Tod Beardsley df52bfaa4f Ensure that we check for pcaprub before doing much anything else for those modules that actually require it. In some cases, that means moving open_pcap() up to be the first method call, in others, insert check_pcaprub_loaded first. Also removes a few cases of redundant checking (the Capture mixin does all this already anyway).
git-svn-id: file:///home/svn/framework3/trunk@13381 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 20:21:47 +00:00
Jonathan Cran 78849b2837 check that pcaprub is loaded up front, before checking configuration options
git-svn-id: file:///home/svn/framework3/trunk@13376 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 18:53:59 +00:00
Tod Beardsley b22ca615c7 Fixes #5038, missed a couple mentions of Racket. Excised now for sure.
git-svn-id: file:///home/svn/framework3/trunk@13371 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 17:44:36 +00:00
Tod Beardsley c54e18d757 Fixes #5038. Removes all instances of Racket objects, as far as I can tell. If I missed any through my mighty grep -ril racket . statement, please reopen!
git-svn-id: file:///home/svn/framework3/trunk@13342 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-26 01:29:21 +00:00
Wei Chen 067f9bf053 Fix URL reference
git-svn-id: file:///home/svn/framework3/trunk@13329 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-24 19:36:37 +00:00
Steve Tornio b930b2622f add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@13271 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-21 01:20:22 +00:00
David Rude 88125b53b8 remove stray puts
git-svn-id: file:///home/svn/framework3/trunk@13268 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-20 17:11:04 +00:00
David Rude b96bf9754e more logic fixes
git-svn-id: file:///home/svn/framework3/trunk@13240 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 21:19:34 +00:00
David Rude a934004a2b Fix the loop
git-svn-id: file:///home/svn/framework3/trunk@13239 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 21:12:44 +00:00
David Rude bea802ea60 Fix the RPORT default
git-svn-id: file:///home/svn/framework3/trunk@13238 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 20:59:13 +00:00
David Rude 1fda05f128 Added SIPDroid extension enumeration module - thanks nibu
git-svn-id: file:///home/svn/framework3/trunk@13237 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 20:42:02 +00:00
Joshua Drake 486ca773e4 unpack the bytes so that we can do proper math on them
git-svn-id: file:///home/svn/framework3/trunk@13226 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 17:33:02 +00:00
James Lee c412a836ed add VERBOSE option to all modules and vprint_* methods to use it
git-svn-id: file:///home/svn/framework3/trunk@13183 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-15 15:33:35 +00:00
James Lee 39c20b2935 cosmetic
git-svn-id: file:///home/svn/framework3/trunk@13174 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-14 20:27:25 +00:00
Tod Beardsley b9c5835b5e Touching up the ssh key login module to be smarter about duplicate user names, not be so chatty in its messaging to the console, deal with whitespace, and avoid storing duplicate keys when we don't need to.
git-svn-id: file:///home/svn/framework3/trunk@13162 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-13 20:51:18 +00:00
Tod Beardsley dc84ee6aab More fixups for ssh_login_pubkey and special handlers for long strings of keys.
git-svn-id: file:///home/svn/framework3/trunk@13156 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-12 20:58:25 +00:00
David Rude ac61cd0427 Changed from web.archive.org to classic-web.archive.org
git-svn-id: file:///home/svn/framework3/trunk@13018 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-24 14:43:59 +00:00
Tod Beardsley 824022fde3 Adds a more universal print_error message for :abort in auth_brute.rb
git-svn-id: file:///home/svn/framework3/trunk@13005 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-22 20:53:51 +00:00
HD Moore e223931a46 Commit a bug fix from Yori Kvitchko
git-svn-id: file:///home/svn/framework3/trunk@12994 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-21 03:56:47 +00:00
Tod Beardsley 04e2eb43ef Removing the load() line from ssh_login, just wanted it for dev.
git-svn-id: file:///home/svn/framework3/trunk@12980 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-20 19:23:00 +00:00
Tod Beardsley 6827495d17 Adds a # of passwords per username limiter to authbrute.
git-svn-id: file:///home/svn/framework3/trunk@12970 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-18 04:14:06 +00:00
Tod Beardsley db1619d035 Rejiggers the max credentials limiter a little, and adds a max time limiter per service.
git-svn-id: file:///home/svn/framework3/trunk@12967 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-17 22:40:25 +00:00
Tod Beardsley ab37580056 Refactored the AuthBrute mixin some to make the each_user_pass function a little cleaner and easier to maintain.
And maintain it I shall! Added in a standardized print_brute method to normalize the AuthBrute output to always include host, port, proto, and number of guesses over number remaining.

Also adds support for a MaxGuessesPerService datastore option for AuthBrute modules.

Currently, only ssh_login supports the new stuff, but now it's just a conversion matter. Will get to that in a bit.




git-svn-id: file:///home/svn/framework3/trunk@12958 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-16 22:08:45 +00:00
Tod Beardsley 78703400c4 Sourcing the ineffective bruteforce error message on smb_login.
git-svn-id: file:///home/svn/framework3/trunk@12953 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-16 14:56:07 +00:00
HD Moore d11e1f3294 Make all keywords consistent for modules.
git-svn-id: file:///home/svn/framework3/trunk@12936 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-13 03:38:31 +00:00
Jonathan Cran 68d8a68a36 apply mubix's patch, fixes #4640
git-svn-id: file:///home/svn/framework3/trunk@12857 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-05 07:11:22 +00:00
HD Moore 911583930b Add the missing note type
git-svn-id: file:///home/svn/framework3/trunk@12840 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-03 00:49:45 +00:00
amaloteaux b1bb7116ed arp_sweep : automatically detect SHOST and SMAC and do not request localhost
git-svn-id: file:///home/svn/framework3/trunk@12823 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-02 21:31:36 +00:00
HD Moore f20adabf8c Fixes #4626 by checking for an out of bounds value before using the type as an array index
git-svn-id: file:///home/svn/framework3/trunk@12809 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-01 23:47:16 +00:00
Wei Chen d54f632ea0 Add print_status() as requested by author
git-svn-id: file:///home/svn/framework3/trunk@12726 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 23:50:05 +00:00
Wei Chen eb72982751 Fixed a typo for variable res
git-svn-id: file:///home/svn/framework3/trunk@12725 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 23:46:16 +00:00
Wei Chen 869a6dbbe5 Added Rosewill RXS-3211 IP Camera Password Retriever
git-svn-id: file:///home/svn/framework3/trunk@12724 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 22:06:51 +00:00
Tod Beardsley 81e1b41840 Fixes #4578. If the user has Nokogiri of a reasonable version installed, use that to parse Nmap-created XML documents. Otherwise, fall back to the existing REXML parser.
git-svn-id: file:///home/svn/framework3/trunk@12702 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-24 19:40:50 +00:00
James Lee f7178bf4de somehow typo'd this between testing and commit... fixes #4510
git-svn-id: file:///home/svn/framework3/trunk@12642 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-17 04:46:52 +00:00
James Lee 158e196e20 don't bail when we get a '550 user unknown' error, try harder for domain checks. fixes #4031, thanks Lonnie Benavides for the patch
git-svn-id: file:///home/svn/framework3/trunk@12641 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-16 23:45:28 +00:00
Tod Beardsley 056cde292f Deprecate the exploited_host table. Vulns that indicate a successful exploit without opening a session should set the :exploited_at timestamp.
git-svn-id: file:///home/svn/framework3/trunk@12623 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-15 22:19:00 +00:00
Joshua Drake 28ae2316a4 Fixes #4390, such a bute
git-svn-id: file:///home/svn/framework3/trunk@12578 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-10 20:52:59 +00:00
Tod Beardsley 98831c3285 Clean up an SNMP rescue clause that makes Windows Ruby builds sad.
git-svn-id: file:///home/svn/framework3/trunk@12530 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-03 07:51:09 +00:00
HD Moore 23c355ba2c Just use :mac not :host_mac
git-svn-id: file:///home/svn/framework3/trunk@12517 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-03 03:03:38 +00:00
HD Moore 9f53aa15a5 Catch other error types from SNMP
git-svn-id: file:///home/svn/framework3/trunk@12504 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-02 05:38:13 +00:00
HD Moore 77328e7327 Fix report calls, thanks Minga!
git-svn-id: file:///home/svn/framework3/trunk@12457 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-27 19:39:28 +00:00
Wei Chen e39739231d Added CVE reference
git-svn-id: file:///home/svn/framework3/trunk@12431 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-25 05:37:41 +00:00
Tod Beardsley 3829d2606b Removing the un-used USER_AS_PASS option for ssh_login_pubkey.
git-svn-id: file:///home/svn/framework3/trunk@12411 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-22 21:05:27 +00:00
Tod Beardsley ea6b1bb626 Fixes #4190 by reseting self.ssh_socket after the connection is established.
git-svn-id: file:///home/svn/framework3/trunk@12402 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-22 15:32:00 +00:00
Tod Beardsley 794dfc502f Avoid trying duplicate SNMP community strings against the same host.
git-svn-id: file:///home/svn/framework3/trunk@12396 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 19:25:50 +00:00
Tod Beardsley 8b5d004997 Adding an nmap version checker so NSE modules can tell if it's okay to run or not.
git-svn-id: file:///home/svn/framework3/trunk@12357 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-18 19:52:13 +00:00
amaloteaux d9e68141e0 arp sweep: correct a bug on the timeout to better detect the latest reply
git-svn-id: file:///home/svn/framework3/trunk@12316 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-14 16:29:56 +00:00
Tod Beardsley e07147142f See #3781. smb_login implements the special keyword of <BLANK> (but also needs to be nil safe, which this fixes)
git-svn-id: file:///home/svn/framework3/trunk@12257 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-06 21:26:46 +00:00
Tod Beardsley 30fb75c676 In smb_login, work around an odd error where you get an InvalidPacket for ACCESS_DENIED rather than a login failure.
git-svn-id: file:///home/svn/framework3/trunk@12256 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-06 21:15:08 +00:00
Tod Beardsley b91c81a182 Fixes #4074 -- corrects the affected regexes.
git-svn-id: file:///home/svn/framework3/trunk@12238 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-04 22:19:59 +00:00
HD Moore 86fac4ef95 This module does not meet standards for inclusion:
1) GPLv3 license is not compatible with BSD
2) Hardcoded path to a Windows file system for the shoretel users listing
3) The shortel users file was not included (it would live in data/)
4) Name should be _login not _brute for consistency
5) Incorrect use of the reporting APIs




git-svn-id: file:///home/svn/framework3/trunk@12221 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-02 16:11:59 +00:00
Carlos Perez 8c96711c6c shroretel user login brute force module by Keith Lee
git-svn-id: file:///home/svn/framework3/trunk@12219 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-02 14:13:15 +00:00
James Lee 792bb4da7a allow a user-supplied URI instead of hardcoded "/manager/html", fixes #4038, thanks mubix!
git-svn-id: file:///home/svn/framework3/trunk@12178 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-29 05:42:33 +00:00
Tod Beardsley 64c3c86e1f Adding carnal0wnage's iSQL*Plus SID and login brute forcers.
git-svn-id: file:///home/svn/framework3/trunk@12163 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-28 01:20:51 +00:00
Tod Beardsley 8d8696eb8c Fixes #4026, the HTTP options scanner now reports its vulnerability in the normal way.
git-svn-id: file:///home/svn/framework3/trunk@12133 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-25 17:03:16 +00:00
amaloteaux ec5e61966d oops revert the unwanted early commit on mssql
git-svn-id: file:///home/svn/framework3/trunk@12114 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 20:53:57 +00:00
amaloteaux 46cf938475 fix typo
git-svn-id: file:///home/svn/framework3/trunk@12112 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 20:47:49 +00:00
David Rude c9e4aa11df Fixed the report note to not use the proper data format
git-svn-id: file:///home/svn/framework3/trunk@12108 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 18:15:40 +00:00
HD Moore fff99db43d Fix the report_note not to clash with smb_enumusers format
git-svn-id: file:///home/svn/framework3/trunk@12107 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 18:14:05 +00:00
David Rude 2ea46486a4 fixed report_note
git-svn-id: file:///home/svn/framework3/trunk@12104 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 16:16:29 +00:00
David Rude 3a0c71f98b Added Xerox Workcenter aux module for enumerating users
git-svn-id: file:///home/svn/framework3/trunk@12102 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 16:13:37 +00:00
Tod Beardsley 46dfafa81f Fixes #3987. Don't raise on the attr set, raise when the command actually wants to get run.
git-svn-id: file:///home/svn/framework3/trunk@12063 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-21 20:52:08 +00:00
Tod Beardsley 42dd4fa717 Allow for duplicates for vnc_login since there's no username.
git-svn-id: file:///home/svn/framework3/trunk@12037 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-20 18:10:49 +00:00
Tod Beardsley f2057f54a8 De-dup'ed get_link_filter() in the crawler module. Added some comment
docs on crawler_process_page(). Nothing exciting.



git-svn-id: file:///home/svn/framework3/trunk@12010 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-17 21:21:21 +00:00
Carlos Perez 6a1acd6a54 small typo
git-svn-id: file:///home/svn/framework3/trunk@12002 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 23:27:13 +00:00
Joshua Drake 5bfd574029 fix parse error
git-svn-id: file:///home/svn/framework3/trunk@11996 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 22:07:45 +00:00
David Rude c5ce597483 removing coldfusion until some general code fixes can be applied
git-svn-id: file:///home/svn/framework3/trunk@11995 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 21:41:47 +00:00
Tod Beardsley d289aa8733 Another touchup on author credit for oracle-brute NSE script integration.
git-svn-id: file:///home/svn/framework3/trunk@11994 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 21:05:09 +00:00
Tod Beardsley c6a9a6efd7 Am I really updating for a misplaced comment? Why yes I am!
git-svn-id: file:///home/svn/framework3/trunk@11979 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 02:45:29 +00:00
Tod Beardsley 424eb1f192 Adding a reference to NSE as well.
git-svn-id: file:///home/svn/framework3/trunk@11976 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 02:26:20 +00:00
Tod Beardsley 9b431c0c8d Adding Patrik Karlsson as an author for the nmap nse script
git-svn-id: file:///home/svn/framework3/trunk@11975 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 02:19:57 +00:00
Tod Beardsley ecb89c785b Actually use the API for appending command line arguments for nmap.
git-svn-id: file:///home/svn/framework3/trunk@11970 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-15 21:59:35 +00:00
Tod Beardsley 5e715c22db Final touchup on Oracle login scanner -- adds a pile of defaults from the existing CSV wordlist.
git-svn-id: file:///home/svn/framework3/trunk@11967 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-15 21:16:18 +00:00
Tod Beardsley 292f357f7a Moving requires from oracle_login to nmap. Duh.
git-svn-id: file:///home/svn/framework3/trunk@11966 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-15 20:46:03 +00:00
James Lee 7d12151ec6 add support for http digest authentication. fixes #2504, thanks oliver kleinecke for the patch!
git-svn-id: file:///home/svn/framework3/trunk@11961 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-14 22:37:16 +00:00
Tod Beardsley 6e0e23f5ba Fixups on the Oracle/Nmap stuff. Adding back in the Scanner module, since it has some handy process mgmt functions.
git-svn-id: file:///home/svn/framework3/trunk@11960 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-14 22:13:57 +00:00
Tod Beardsley f568b3e0d8 Normalize the print_status banners for sid_brute
git-svn-id: file:///home/svn/framework3/trunk@11959 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-14 18:25:34 +00:00
Tod Beardsley 70127c09fb Fixes #3939 by setting the racket bits correctly.
git-svn-id: file:///home/svn/framework3/trunk@11958 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-14 15:58:17 +00:00
Tod Beardsley 03f227817e blarg lost a commit in there.
git-svn-id: file:///home/svn/framework3/trunk@11957 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-14 14:41:46 +00:00
Tod Beardsley b8b175fd5c See #3941. Don't report the same thing a billion times.
git-svn-id: file:///home/svn/framework3/trunk@11956 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-14 14:34:19 +00:00
Tod Beardsley b68396351a See #3941. This is a first attempt at supporting driving nmap via a metasploit module. It's a somewhat hefty checkin that includes the Nmap auxiliary mixin as well as an oracle login bruteforce module that uses it.
This definitely needs to be tested on Win32 before it can be called f i x e d, due to the differences between the nmap binaries and the way files are created and used.

Also, the oracle_login scanner could use another once-over for error handling -- don't rely on that yet.

Once this all works the way I expect, I'll document the procedure more thoroghly so people can take advantage.



git-svn-id: file:///home/svn/framework3/trunk@11948 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-13 22:52:50 +00:00
HD Moore 293a6f2ef4 Remove unused RHOST option and fix call to .id in ICMP
git-svn-id: file:///home/svn/framework3/trunk@11943 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-13 04:20:19 +00:00
HD Moore 09b3ecff33 Move the module to the correct location
git-svn-id: file:///home/svn/framework3/trunk@11942 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-12 16:38:51 +00:00
David Rude 00c756ee27 Added patches from Chris John Riley for SAP aux scanner modules
git-svn-id: file:///home/svn/framework3/trunk@11933 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-11 16:50:18 +00:00
Tod Beardsley 8771b871da Whitespace cleanup on sid_brute.rb, remove redundant target_host def.
git-svn-id: file:///home/svn/framework3/trunk@11924 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-10 16:55:08 +00:00
Tod Beardsley e2af0510f6 wanged up the revision splat.
git-svn-id: file:///home/svn/framework3/trunk@11921 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-09 22:16:20 +00:00
Tod Beardsley 676fc22249 Fixes #3927. Adds another oracle SID bruteforcer, but it functions more like a scanner than auxiliary/admin/oracle/side_brute.rb does.
git-svn-id: file:///home/svn/framework3/trunk@11920 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-09 22:15:15 +00:00
HD Moore 5299bbb8db Add ip/port prefixes to the jboss scanner
git-svn-id: file:///home/svn/framework3/trunk@11896 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-08 21:12:14 +00:00
amaloteaux 5f6995e8d3 enable ntlmv2 and signing for smb client stack (pth implementation is coming), fixes #11678 and #152
git-svn-id: file:///home/svn/framework3/trunk@11893 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-07 19:57:53 +00:00
Mario Ceballos 94d21dde8e fix a load error
git-svn-id: file:///home/svn/framework3/trunk@11865 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-02 21:54:03 +00:00
Mario Ceballos 5e60545446 fix a load error
git-svn-id: file:///home/svn/framework3/trunk@11864 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-02 21:35:31 +00:00
David Rude 2a90817b80 Fixes more style and API usage issues
git-svn-id: file:///home/svn/framework3/trunk@11863 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-02 18:46:00 +00:00
David Rude 37e9ad1ed4 Added SAP Management Console auxiliary scanner modules
git-svn-id: file:///home/svn/framework3/trunk@11858 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-02 10:18:31 +00:00
Tod Beardsley 57966c66d8 This allows for blank usernames in the normal case, as well as a domain/<blank> sort of construct for smb logins.
git-svn-id: file:///home/svn/framework3/trunk@11820 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-24 20:42:14 +00:00
Tod Beardsley 5f70c705c1 Committing the Kippo ssh honeypot detection as seen at AHA!.
git-svn-id: file:///home/svn/framework3/trunk@11817 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-24 13:57:26 +00:00
James Lee aea8192c7f apply patch from Spencer McIntyre for newer Lotus versions with a different cookie name, thanks\!
git-svn-id: file:///home/svn/framework3/trunk@11812 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-23 21:47:52 +00:00
Joshua Drake 8ef05017b8 style compliance fixes, naughty naughty
git-svn-id: file:///home/svn/framework3/trunk@11796 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-22 20:49:44 +00:00
et dd05954b34 Fix wmap to test parameters, error inj. module as example
git-svn-id: file:///home/svn/framework3/trunk@11790 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-22 04:27:40 +00:00
HD Moore 070f48e16a Work around some weirdness between report_website and report_host not accepting hostnames as :host by forcing :host to be the address
git-svn-id: file:///home/svn/framework3/trunk@11723 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-08 17:32:37 +00:00
et baab86fc52 WMAP 1.0 and first pass on some modules
git-svn-id: file:///home/svn/framework3/trunk@11709 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-04 05:57:26 +00:00
Tod Beardsley 3f1ceea349 Fixes #3655. Subbed out all the :proto's that were really :snames for all the note reporting. This was getting caught anyway in most cases, but it's better to have the modules themselves actually be correct for future copy-pasters.
git-svn-id: file:///home/svn/framework3/trunk@11707 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-04 01:54:32 +00:00
James Lee 16fad17453 snmp_enum improvements from Kashif Iftikhar, fixes #3654
git-svn-id: file:///home/svn/framework3/trunk@11706 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-04 01:26:23 +00:00
Jonathan Cran 5b5e7028ad quick mod from daniel clemens to show the ip with the url
git-svn-id: file:///home/svn/framework3/trunk@11699 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-02 19:04:54 +00:00
Tod Beardsley 671659841b On second thought, modules should not just make up a vuln name for reporting. They should just report as their own module name. Makes it easier to refer to them that way and this is how normal exploits report.
git-svn-id: file:///home/svn/framework3/trunk@11698 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-02 18:39:48 +00:00
Tod Beardsley e31f35e3ae Fixes #3643. These modules now report_vuln() correctly.
git-svn-id: file:///home/svn/framework3/trunk@11697 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-02 17:42:23 +00:00
Tod Beardsley 99b1703416 Trailing comma on cisco_ios_auth_bypass
git-svn-id: file:///home/svn/framework3/trunk@11696 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-02 17:07:31 +00:00
Tod Beardsley cec851a5ed Fixing cisco_ios_auth_bypass.rb to not try to include its own references on vuln_report. Just trust the given module references.
git-svn-id: file:///home/svn/framework3/trunk@11695 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-02 17:06:40 +00:00
Joshua Drake 89a731b789 Prevent trying to call .map on nil
git-svn-id: file:///home/svn/framework3/trunk@11654 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-27 16:39:19 +00:00
Joshua Drake c9d3d60b23 Rework external command invocation
git-svn-id: file:///home/svn/framework3/trunk@11644 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-26 01:28:27 +00:00
natron 1be3448959 svn propset
git-svn-id: file:///home/svn/framework3/trunk@11633 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-24 22:21:08 +00:00
natron bb4343bf63 Add new domain user enumeration aux mod. Still needs an update to include db reporting.
git-svn-id: file:///home/svn/framework3/trunk@11632 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-24 22:14:57 +00:00
Joshua Drake 80eb7bad52 Fixes #3257, Adds two mod_negotiation scanner modules from DiabloHorn
git-svn-id: file:///home/svn/framework3/trunk@11619 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-21 22:26:33 +00:00
Joshua Drake b9836dcf50 fix success detection read loop
git-svn-id: file:///home/svn/framework3/trunk@11535 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-10 19:40:39 +00:00
Joshua Drake 287f4c87fe style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@11516 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-08 01:13:26 +00:00
HD Moore 74bf5199f1 Patches from goony, fixes #3438
git-svn-id: file:///home/svn/framework3/trunk@11497 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-06 21:35:57 +00:00
Joshua Drake 4ae8b8b14a add snmp_set scanner from Matteo Cantoni (Fixes #3437), remove executable property from enums
git-svn-id: file:///home/svn/framework3/trunk@11494 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-06 21:23:22 +00:00
Tod Beardsley 24388f3a38 Adding a CVE reference for weak/blank/guessable passwords.
git-svn-id: file:///home/svn/framework3/trunk@11465 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-04 15:30:17 +00:00
HD Moore bec8a95b02 Merges pello's Cisco uploader module, merges changes back into the TFTP server class. Fixes #3429
git-svn-id: file:///home/svn/framework3/trunk@11454 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-30 16:37:58 +00:00
HD Moore b7a05f03b0 Remove duplicate line
git-svn-id: file:///home/svn/framework3/trunk@11449 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-29 20:12:14 +00:00
Joshua Drake 885545a94e add http:bl scanner from mubix, fixes #3346
git-svn-id: file:///home/svn/framework3/trunk@11429 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-28 18:33:45 +00:00
HD Moore d202a5abf2 Add missing mixin
git-svn-id: file:///home/svn/framework3/trunk@11423 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-27 18:10:41 +00:00
HD Moore 30affd4b2c This commit adds a new set of discovery modules from wuntee and some useful utility methods for working with link-local addresses
git-svn-id: file:///home/svn/framework3/trunk@11417 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-27 16:43:53 +00:00
HD Moore 2f97c61f86 Add the uber SNMP enumeration module from Matteo Cantoni
git-svn-id: file:///home/svn/framework3/trunk@11412 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-25 06:31:38 +00:00
HD Moore 5875fdb701 Two new SNMP community enumeration tools for Windows by tebo (local account list and SMB shares). Addition of a Meterpreter script for snagging the SNMP community from the registry
git-svn-id: file:///home/svn/framework3/trunk@11410 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-25 06:08:34 +00:00
HD Moore b7eec06041 Deregister username-specific options since they aren't supported anyways, a suggestion from tebo
git-svn-id: file:///home/svn/framework3/trunk@11409 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-25 06:02:35 +00:00
HD Moore 8a4f6de5c4 Correct state processing in the additional address discovery code.
git-svn-id: file:///home/svn/framework3/trunk@11385 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-21 02:22:56 +00:00
HD Moore 3f7809ca5a Patch to fix vuln reporting by swtornio
git-svn-id: file:///home/svn/framework3/trunk@11375 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-18 18:55:36 +00:00
HD Moore 55b21d4aaf Fixes to enable password parsing and rw/ro detection in snmp brute force
git-svn-id: file:///home/svn/framework3/trunk@11336 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-14 20:51:17 +00:00
HD Moore cff22d7a56 Consistency change to make snmp act like other login modules
git-svn-id: file:///home/svn/framework3/trunk@11303 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-12 07:27:35 +00:00
HD Moore 58565cd53f Rename community to snmp_login and include the brute force mixin
git-svn-id: file:///home/svn/framework3/trunk@11302 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-12 07:09:43 +00:00
HD Moore 4e4eb14887 This adds a TFTP version of #3345 (Pello's snmp config downloader). Still more work to do for the generic module
git-svn-id: file:///home/svn/framework3/trunk@11300 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-11 23:36:37 +00:00
HD Moore fb7a06b218 Correct typo, find coffee
git-svn-id: file:///home/svn/framework3/trunk@11296 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-11 20:03:35 +00:00
HD Moore 909eeefc8f Change of plan, keep this as a single module
git-svn-id: file:///home/svn/framework3/trunk@11295 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-11 19:54:47 +00:00
HD Moore 37ffccde08 Rename this module for clarity
git-svn-id: file:///home/svn/framework3/trunk@11294 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-11 19:27:26 +00:00
HD Moore 8162d100fd Add keywords
git-svn-id: file:///home/svn/framework3/trunk@11288 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-11 07:49:22 +00:00
HD Moore e3f909cef9 Fixes for chunked http reply processing, additional cisco configuration support, and a scanner module for unprotected cisco device managers.
git-svn-id: file:///home/svn/framework3/trunk@11287 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-11 07:37:09 +00:00
HD Moore 26aca9d6ba Swap some module locations, add loot and cred reporting
git-svn-id: file:///home/svn/framework3/trunk@11271 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-10 05:47:33 +00:00
Tod Beardsley e18548387c Ensure that UDP services are set to "open" in case they already had a "closed" record.
git-svn-id: file:///home/svn/framework3/trunk@11270 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-10 01:13:44 +00:00
HD Moore b3b2bf6675 Stop testing users if the device doesn't support it
git-svn-id: file:///home/svn/framework3/trunk@11269 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-10 00:58:55 +00:00
Tod Beardsley 493db14006 Adds a "duplicate_ok" option to report_auth_info to allow for multiple passwords on the same username. Never came up before I took a look at SNMP.
Also normalizes the print_status messages to be explicit about which module is reporting (important when you're running several at once).



git-svn-id: file:///home/svn/framework3/trunk@11267 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-09 21:23:39 +00:00
Joshua Drake 1da08b0bdc abort if retries count exceeded
git-svn-id: file:///home/svn/framework3/trunk@11263 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-08 23:57:14 +00:00
HD Moore ac0222f73d Ignore empty string replies
git-svn-id: file:///home/svn/framework3/trunk@11262 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-08 23:52:53 +00:00
HD Moore 1fe9af1b2f A little rewording
git-svn-id: file:///home/svn/framework3/trunk@11261 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-08 23:22:04 +00:00
Joshua Drake b88f18c7e5 add one to the delay for todb
git-svn-id: file:///home/svn/framework3/trunk@11260 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-08 23:13:08 +00:00
Joshua Drake f788425865 add retry for vnc4server
git-svn-id: file:///home/svn/framework3/trunk@11259 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-08 23:07:10 +00:00
Tod Beardsley 0b1e3e12ea Adds autofilter ports to vnc_login.
git-svn-id: file:///home/svn/framework3/trunk@11257 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-08 22:13:51 +00:00
HD Moore 9d5ac80cb5 Fix to work with IIS 7
git-svn-id: file:///home/svn/framework3/trunk@11254 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-08 16:22:04 +00:00
HD Moore 2a22713804 Fix up match
git-svn-id: file:///home/svn/framework3/trunk@11252 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-08 15:29:45 +00:00
James Lee e673187895 don't do ErrorCode detection if the user specified one explicitly, fixes #3293
git-svn-id: file:///home/svn/framework3/trunk@11239 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-07 00:59:28 +00:00
Joshua Drake 45813f9d9f reset status after first connect, improve success message when a password works
git-svn-id: file:///home/svn/framework3/trunk@11217 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-03 21:36:11 +00:00
Joshua Drake c7dc070f5c skip users with too long names (as reported by the server)
git-svn-id: file:///home/svn/framework3/trunk@11216 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-03 21:22:39 +00:00
Joshua Drake b3325fc133 unforgivable typo
git-svn-id: file:///home/svn/framework3/trunk@11207 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-02 18:08:39 +00:00
Joshua Drake 382f902c24 add retry on connection refused
git-svn-id: file:///home/svn/framework3/trunk@11206 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-02 18:06:51 +00:00
Tod Beardsley 0204cedca6 Makes the print_status displays more consistent between smb_login and psexec by moving some of the domain display functions up into exploit/smb proper.
git-svn-id: file:///home/svn/framework3/trunk@11204 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-02 17:29:26 +00:00
Joshua Drake 26a9fe6fc7 add some missing CVE references
git-svn-id: file:///home/svn/framework3/trunk@11180 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-30 20:19:18 +00:00
Joshua Drake 225bf0738e improve handling of return from connect_from_privileged_port, rework rlogin fromuser merging
git-svn-id: file:///home/svn/framework3/trunk@11171 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-30 02:00:58 +00:00
Joshua Drake c45314bf4e use usernames from the USERPASS_FILE
git-svn-id: file:///home/svn/framework3/trunk@11149 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-25 07:52:20 +00:00
Joshua Drake 4c26dfbfd8 lol? skip on error?!
git-svn-id: file:///home/svn/framework3/trunk@11147 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-25 07:38:12 +00:00
Joshua Drake 5b6a08e35c somewhat fix handling of USERPASS_FILE
git-svn-id: file:///home/svn/framework3/trunk@11146 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-25 07:32:00 +00:00
Joshua Drake 7fe5261674 switch to IANA short names
git-svn-id: file:///home/svn/framework3/trunk@11145 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-25 07:14:40 +00:00
Joshua Drake c50fd9466f ignore usernames, we dont use them
git-svn-id: file:///home/svn/framework3/trunk@11144 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-25 06:09:57 +00:00
Joshua Drake 14432f7087 better error for failures w/fromuser only
git-svn-id: file:///home/svn/framework3/trunk@11143 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-25 06:08:02 +00:00
Joshua Drake 2e8728a637 add custom passwords+fromusers combined bruting, some fixes
git-svn-id: file:///home/svn/framework3/trunk@11140 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-25 06:01:43 +00:00
Joshua Drake dfe3aff6bd add custom bruting using FROMUSER/FROMUSER_FILE, report errors better
git-svn-id: file:///home/svn/framework3/trunk@11139 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-25 06:00:50 +00:00
Joshua Drake f9ecc83245 remove rservices mixing, its not used
git-svn-id: file:///home/svn/framework3/trunk@11138 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-25 05:59:48 +00:00
Joshua Drake 07703eca66 try harder, report errors better
git-svn-id: file:///home/svn/framework3/trunk@11135 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-25 01:28:52 +00:00
Joshua Drake 1a771d5192 retry up to 5 times with exponential back off
git-svn-id: file:///home/svn/framework3/trunk@11132 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 20:58:42 +00:00
Joshua Drake 8f55c83ed0 clean up some oracle titles
git-svn-id: file:///home/svn/framework3/trunk@11128 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 19:43:49 +00:00
Joshua Drake e9faf75503 fix some more titles with periods
git-svn-id: file:///home/svn/framework3/trunk@11127 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 19:35:38 +00:00
Joshua Drake f68fc02f9c include capture mixin for modules that use it
git-svn-id: file:///home/svn/framework3/trunk@11126 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 19:25:18 +00:00
Joshua Drake 0d5c85b67a Improve Oracle module Name fields
git-svn-id: file:///home/svn/framework3/trunk@11122 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 06:10:13 +00:00
Joshua Drake b55633af60 update enum_delicious, fixes #3230
git-svn-id: file:///home/svn/framework3/trunk@11107 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-23 01:26:59 +00:00
Joshua Drake 9c668b8daf Super-duper rservices commit -
1. Added rsh, rlogin, and rexec auth brute scanners
2. Login negotation moved into new Msf::Auxiliary::Login mixin
3. Centralized session registration for auth brute scanners
4. Telnet and SSH auth brute scanners updated to use new mixins
5. Previously committed rservices mixin (r11093)



git-svn-id: file:///home/svn/framework3/trunk@11106 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-23 01:23:24 +00:00
Jonathan Cran e295408327 typo!
git-svn-id: file:///home/svn/framework3/trunk@11103 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 22:43:34 +00:00
Tod Beardsley 53f6416dad Makes SMB login console output more readable for default "." domain brute forcing -- masks the domain-part for the username, drops it from the machine name unless it's something more interesting.
git-svn-id: file:///home/svn/framework3/trunk@11095 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 16:16:40 +00:00
Tod Beardsley 80853f0e10 Make the MySQL aux scanner a little more helpful in the event of a missing target.
git-svn-id: file:///home/svn/framework3/trunk@11094 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 14:12:35 +00:00
Joshua Drake dbcb6d0dc4 use max instead of .sort.last
git-svn-id: file:///home/svn/framework3/trunk@11073 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 18:34:10 +00:00
Joshua Drake f4d2af3e73 fix typo
git-svn-id: file:///home/svn/framework3/trunk@11052 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-16 20:17:25 +00:00
Joshua Drake 25611afb6c add sap businessobject modules from jabra, woot!
git-svn-id: file:///home/svn/framework3/trunk@11046 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-15 05:12:48 +00:00
Joshua Drake 32c26f18f3 style compliance fixes, set test exploits to manual rank, fix s/ranking/rank/ in some exploits
git-svn-id: file:///home/svn/framework3/trunk@11039 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-14 19:03:24 +00:00
Joshua Drake 77bc5cf6cd Big VNC update:
* Created Rex::Proto::RFB
 * Updated vnc_none_auth scanner to use Rex::Proto::RFB::Client
 * Added vnc_login (refactored from carstein)
 * Created an initial vnc_passwords.txt file
 * Removed cipher/des.rb - incompatible license
 * Updated getvncpw script to use new Rex::Proto::RFB::Cipher.decrypt




git-svn-id: file:///home/svn/framework3/trunk@11033 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-14 03:37:45 +00:00
HD Moore dc5116f9df Move the crawler mixin to an auxiliary
git-svn-id: file:///home/svn/framework3/trunk@11026 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-13 06:55:19 +00:00
HD Moore f457ccb8f7 Add the crawler mixin and a sample form extractor crawler
git-svn-id: file:///home/svn/framework3/trunk@11025 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-13 06:40:56 +00:00
HD Moore a12d9f8dbf This patch adds detailed thread tracking across the metasploit framework, along with a new console command (threads) to manage these. This level of tracking is required to accurately monitor background tasks, assist with debugging, and kill orphaned threads.
git-svn-id: file:///home/svn/framework3/trunk@11003 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-12 06:19:49 +00:00
Joshua Drake 3992eb7ef8 Mass RE-update: fix all framework URL references
git-svn-id: file:///home/svn/framework3/trunk@10998 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:43:22 +00:00
Joshua Drake 9fc6f2f3a3 Mass update: fix all framework URL references
git-svn-id: file:///home/svn/framework3/trunk@10996 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:25:13 +00:00
Joshua Drake a758dfe37d style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@10988 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 18:20:52 +00:00
Tod Beardsley a34096c845 For smb_login, preserve_domains is now default to true. I think it's less surprising that way.
git-svn-id: file:///home/svn/framework3/trunk@10982 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 14:03:02 +00:00
Tod Beardsley 9aa7db5bad More domain love for smb_login.
git-svn-id: file:///home/svn/framework3/trunk@10979 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 04:12:17 +00:00
Tod Beardsley 996cc49408 Be more accomodating for SMB domains when bruteforcing SMB hosts.
git-svn-id: file:///home/svn/framework3/trunk@10977 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 02:07:31 +00:00
Tod Beardsley 9e8a567dd3 See #3146. Don't try string ops on $1 and $2 -- drop these into a more clearly labeled temp variable first, and handle them safely.
Also, I don't think the match newline regex directive helps much. Also, print a more meaningful status message in the event of a lack of a Server: line fignerprint.

Thanks for the bug report!



git-svn-id: file:///home/svn/framework3/trunk@10962 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-09 18:48:07 +00:00
HD Moore 7a2e25fd28 Fixes #3146 by unbreaking this code
git-svn-id: file:///home/svn/framework3/trunk@10961 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-09 17:48:41 +00:00
Tod Beardsley 13b15c9a2c An incremental advance for this mighty UPnP probe module.
git-svn-id: file:///home/svn/framework3/trunk@10959 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-09 15:19:28 +00:00
Tod Beardsley fa962647f9 Adds an auxiliary module to probe the local gateway via UPnP. Kinda neat.
git-svn-id: file:///home/svn/framework3/trunk@10957 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-09 06:24:32 +00:00