Commit Graph

2350 Commits (b5fd3463d70e01c6154551033312bbfd11ff96da)

Author SHA1 Message Date
j0hn__f 7d20f14525 exec SQL from file 2012-06-26 12:40:34 +01:00
j0hn__f 83260c9c89 module to exe SQL queries from a file 2012-06-26 12:15:30 +01:00
sinn3r 063a2119a3 Merge branch 'iis_auth_bypass' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-iis_auth_bypass 2012-06-25 15:51:33 -05:00
sinn3r f93658b37a Minor name change 2012-06-25 15:51:02 -05:00
sinn3r 637edc21ce Add CVE-2010-2731 2012-06-25 15:48:36 -05:00
Robin Francois 60ce966fd2 Adding LLMNR spoofing auxiliary module 2012-06-25 09:58:28 +02:00
HD Moore f7dca272b6 IE 10/Win8 detection support 2012-06-25 00:36:49 -05:00
HD Moore 1989f0ab46 IE 10/Win8 detection support 2012-06-25 00:36:04 -05:00
HD Moore 348a0b8f6e Merge branch 'master' into feature/vuln-info 2012-06-24 23:00:13 -05:00
HD Moore c28d47dc70 Take into account an integer-normalized datastore 2012-06-24 23:00:02 -05:00
HD Moore e31a09203d Take into account an integer-normalized datastore 2012-06-24 22:59:14 -05:00
sinn3r 05eaac9085 Fix possible param duplicates 2012-06-24 19:05:42 -05:00
James Lee 3e974415d9 Give some verbose feedback if connection failed 2012-06-23 00:58:27 -06:00
Tod Beardsley 302ab963d1 Adding ref for intersil module 2012-06-20 15:05:56 -05:00
HD Moore f7ecc98923 Merge branch 'master' into feature/vuln-info 2012-06-20 13:34:53 -05:00
James Lee 7c417fa977 Add a select command for the various SQL modules 2012-06-18 23:59:57 -06:00
HD Moore 073205a875 Merge branch 'master' into feature/vuln-info 2012-06-18 20:21:36 -05:00
sinn3r 4a537675b5 Merge branch 'sempervictus-dns_enum_over_tcp' 2012-06-18 18:38:21 -05:00
sinn3r c0bf362084 Fix the fix for enum_dns 2012-06-18 18:37:56 -05:00
HD Moore e7688e1dba Merge branch 'master' into feature/vuln-info 2012-06-18 18:15:20 -05:00
Rob Fuller 77022d10da Added a bit of verbosity to SMB capture module to enhance logging and post exploitation 2012-06-18 15:55:40 -03:00
RageLtMan c68476cce2 Add DNS/TCP to enum_dns 2012-06-18 10:47:03 -04:00
RageLtMan 909614569a Revert "Banner encoding fix when running against dd-wrt on ruby 1.9.3"
This reverts commit 89d5af7ab2fe1ce31cd70561893d94bb73f3762c.

Telnet banner parsing restored
2012-06-18 10:44:06 -04:00
HD Moore dd476f8c5d Merge branch 'master' into feature/vuln-info 2012-06-18 01:32:49 -05:00
HD Moore c388cba421 Fix up modules calling report_vuln() to use new syntax 2012-06-17 23:39:20 -05:00
sinn3r 5e3cf86794 Merge branch 'intersil_dos' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-intersil_dos 2012-06-17 18:22:22 -05:00
Thomas Grainger 78876b74dd Maintain scanner module standard 2012-06-17 20:09:01 +02:00
Thomas Grainger 74cbca5809 Print out successful mysql connection URI 2012-06-17 13:19:53 +02:00
sinn3r e72303a922 Add Intersil HTTP Basic auth pass reset (originally #453)
The modified version of pull request #453. This addresses a couple
of things including:
* Change the description to better explain what the vulnerability is.
  The advisory focuses the problem as an auth bypass, not DoS,
  although it can end up dosing the server.
* The title and filename are changed as a result of matching that
  advisory's description.
* Use 'TARGETURI' option instead of 'URI'.
* The reset attempt needs to check if the directory actually has
  401 in place, otherwise this may result a false-positive.
* The last HTTP request needs to check a possible nil return value.
* More verbose outputs.
2012-06-16 21:14:57 -05:00
Tod Beardsley 7bb3679fef Errors are different from mere failures (enum_dns)
This makes a clear distinction between errors and failures when
performing zone transfers, and logs accordingly.

[See #483]
2012-06-15 18:11:25 -05:00
HD Moore 5006db7550 The cert module now defaults SSL to true (didnt make sense) 2012-06-15 10:55:53 -05:00
Tod Beardsley 5a49ac50f1 Shorten option description on enum_dns 2012-06-15 10:33:49 -05:00
James Lee ef84ce68e4 Fixes a module that used Wmap stuff without including it
[FIXRM #6983]
2012-06-13 15:58:54 -06:00
Tod Beardsley a579709bac Cleaning up Modbus scanner 2012-06-13 14:00:07 -05:00
Tod Beardsley 3c73133a44 Fixing up mysql module text 2012-06-13 13:59:58 -05:00
Tod Beardsley ca8769d725 Whitespace on mysql module. 2012-06-13 13:59:38 -05:00
HD Moore 26e72b4061 Enforce a timeout in the ssh handshake (avoid hangs in some cases) 2012-06-12 15:20:25 -05:00
HD Moore 5922ec1f7a Permissions 2012-06-12 15:20:25 -05:00
Steve Tornio efbaff8b37 add osvdb ref 2012-06-11 22:47:30 -05:00
HD Moore 59f591ac46 Adds jcran's MySQL bruteforce and dump module for CVE-2012-2122 2012-06-11 01:42:06 -05:00
Tod Beardsley 34be642f84 msftidy found EOL spaces on new modules 2012-06-06 10:42:10 -05:00
sinn3r 698e2eab68 Fix nil res when vprints 2012-06-06 09:53:19 -05:00
sinn3r 72cdd67cd0 Remove function cleanup()
There is no point of having this function, because there's nothing
in it.
2012-06-06 00:54:04 -05:00
sinn3r 462a91b005 Massive whitespace destruction
Remove tabs at the end of the line
2012-06-06 00:44:38 -05:00
sinn3r 3f0431cf51 Massive whitespace destruction
Remove whitespace found at the end of the line
2012-06-06 00:36:17 -05:00
sinn3r c30af98b53 Massive whitespace destruction
Remove all the lines that have nothing but whitespace
2012-06-06 00:22:36 -05:00
sinn3r 37846c0de2 Handle get_once return value correctly 2012-06-05 15:40:49 -05:00
sinn3r b6f591718a Change recv to get_once 2012-06-05 15:40:20 -05:00
sinn3r bc91135808 Correct description 2012-06-05 15:32:41 -05:00
sinn3r 19e187e88e Correct the description 2012-06-05 15:08:43 -05:00
sinn3r 28511cf666 Title change, use get_once instead of recv. Add a reference. 2012-06-05 15:06:05 -05:00
sinn3r 1c99119ecd Remove the version key, and correct spacing 2012-06-05 13:53:11 -05:00
sinn3r 8f5759ac13 Move these SCADA modules to SCADA folder 2012-06-05 13:50:53 -05:00
sinn3r 215e0e48a0 Fix Modbus version scanner's format 2012-06-05 11:47:44 -05:00
sinn3r 50243a9679 Add Metasploit license disclaimer since it has a MSF_LICENSE 2012-06-05 11:36:45 -05:00
sinn3r 30ceb98d87 Merge branch 'modbus-auxil' of https://github.com/esmnemon/metasploit-framework into esmnemon-modbus-auxil 2012-06-05 11:35:10 -05:00
sinn3r b282901b08 Correct emails for aux and exploit modules 2012-06-04 21:58:01 -05:00
sinn3r d9c39d3798 Fix the rest of nil res from get_once 2012-06-04 17:26:15 -05:00
sinn3r 0fcc53b0a2 Handle nil for get_once 2012-06-04 15:31:10 -05:00
sinn3r a071d2805e Fix the rest of possible nil res bugs I've found 2012-06-04 14:56:27 -05:00
sinn3r 01803c4a33 Fix possible nil res. Bug #6939. Part 1. 2012-06-04 13:11:47 -05:00
Steve Tornio 0759c3b75c Adding swtornio's OSVDB ref
Watch the trailing commas, that wangs up Ruby 1.8.7 and prior.

Squashed commit of the following:

commit c00363993a726cd0c87fbaee769c44f680feff72
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon Jun 4 09:33:18 2012 -0500

    Removing trailing comma

commit 594cae0cab60ba0493a6c50a001cd6885f05522b
Author: Steve Tornio <swtornio@gmail.com>
Date:   Mon Jun 4 09:10:36 2012 -0500

    add osvdb ref
2012-06-04 09:34:28 -05:00
Christian Mehlmauer 3752c10ccf Adding FireFart's RPORT(80) cleanup
This was tested by creating a resource script to load every changed
module and displaying the options, like so:

````
use auxiliary/admin/2wire/xslt_password_reset
show options
use auxiliary/admin/http/contentkeeper_fileaccess
show options
````

...etc. This was run in both the master branch and FireFart's branch
while spooling out the results of msfconsole, then diffing those
results. All modules loaded successfully, and there were no changes to
the option sets, so it looks like a successful fix.

Thanks FireFart!

Squashed commit of the following:

commit 7c1eea53fe3743f59402e445cf34fab84cf5a4b7
Author: Christian Mehlmauer <FireFart@gmail.com>
Date:   Fri May 25 22:09:42 2012 +0200

    Cleanup Opt::RPORT(80) since it is already registered by Msf::Exploit::Remote::HttpClient
2012-06-02 09:53:19 -05:00
Christian Mehlmauer 6ae17db7d3 Adding FireFart's hashcollision DoS module
Have some minor edits below, looks like it all works now though.

Squashed commit of the following:

commit b7befd4889f12105f36794b1caca316d1691b335
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Jun 1 14:31:32 2012 -0500

    Removing ord in favor of unpack.

    Also renaming a 'character' variable to 'c' rather than 'i' which is
    easy to mistake for an Integer counter variable.

commit e80f6a5622df2136bc3557b2385822ba077e6469
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Jun 1 14:24:41 2012 -0500

    Cleaning up print msgs

commit 5fd65ed54cb47834dc646fdca8f047fca4b74953
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Jun 1 14:19:10 2012 -0500

    Clean up hashcollision_dos description

    Caps, mostly. One sentence I still don't get but it's not really a show
    stopper.

commit bec0ee43dc9078d34a328eb416970cdc446e6430
Author: Christian Mehlmauer <FireFart@gmail.com>
Date:   Thu May 24 19:11:32 2012 +0200

    Removed RPORT, ruby 1.8 safe, no case insensitive check, error handling

commit 20793f0dfd9103c4d7067a71e81212b48318d183
Author: Christian Mehlmauer <FireFart@gmail.com>
Date:   Tue May 22 23:11:53 2012 +0200

    Hashcollision Script (again)
2012-06-01 14:51:11 -05:00
David Maloney 92dafd4d17 Bringin in new version of pcanywhere_login 2012-06-01 11:15:12 -05:00
David Maloney 933949a6b0 trying to work around wierd git issue 2012-06-01 11:13:28 -05:00
David Maloney 28bf017ca9 Fix nil responses 2012-05-31 23:12:17 -05:00
HD Moore 2ad17299e2 Handle cisco devices better with ssh logins 2012-05-31 14:59:24 -05:00
David Maloney e93a6ddf83 Adds thelightcosine's pcanywhere module
Adds PCAnywhere bruteforce capabilities

Squashed commit of the following:

commit 5354fd849f0c009c534d7ce18369382dd56de550
Author: David Maloney <DMaloney@rapid7.com>
Date:   Thu May 31 14:35:23 2012 -0500

    Add explicit pack to encrypted header

commit 7911dd309a94df2729c8247c3817cf5de6b99aad
Author: David Maloney <DMaloney@rapid7.com>
Date:   Thu May 31 13:11:19 2012 -0500

    adds pcanywhere_login module
2012-05-31 14:46:26 -05:00
sinn3r 4d94eeb79d Merge pull request #430 from wchen-r7/s40_traversal
Add s40 dir traversal vuln
2012-05-31 02:46:53 -07:00
sinn3r a19583624e Add s40 dir traversal vuln
I can't believe I stayed up all night, and this is all I could find.
2012-05-31 04:43:57 -05:00
David Maloney 1d63cd6f6b Revert " Sets the passive flag on the JtR modules"
This reverts commit e70ccddc9a.
2012-05-29 21:28:23 -05:00
David Maloney 9e7acf3a57 left debug statement in module 2012-05-29 20:23:56 -05:00
David Maloney e70ccddc9a Sets the passive flag on the JtR modules 2012-05-29 17:16:07 -05:00
esmnemon c00222b4c2 Added one modbus-scanner and one modbus-client aux-module SCADA 2012-05-29 20:34:33 +02:00
sinn3r 86ba759c07 Oops, I left one more anonymous out. 2012-05-26 15:30:20 -05:00
sinn3r c606896122 Multiple fixes and improvements:
* Make session ID configurable based on feature #6894's suggestion.
* Fix a potential bug when res is nil.
* Use print_error() to make the error message more readable.
2012-05-24 02:16:29 -05:00
James Lee 22601180f3 Save the pilfered file as loot 2012-05-23 18:07:13 -06:00
David Maloney df85e4f586 Remove trailing comma 2012-05-21 16:28:02 -05:00
David Maloney 17943c7a48 Makes it so we don't ever use local config files for Net::SSH
Also makes sure that the :config =>false option keeps
Net:SSH from meddling with knowns_hosts too
2012-05-21 16:09:08 -05:00
David Maloney c386e1ce31 Add an option to the schemadump modules to not display output to the
screen
2012-05-21 16:09:07 -05:00
RageLtMan 77f95df1e9 Banner encoding fix when running against dd-wrt on ruby 1.9.3 2012-05-21 14:50:57 -05:00
Tod Beardsley 4772c1258e Removing hashcollision_dos module due to license violation
The description text is a copy-paste of
http://www.ocert.org/advisories/ocert-2011-003.html , which has a
specific creative commons liscence prohibiting derivative works.

Since I have no idea what else in this module is a license violating,
I'm pulling it completely. I suspect a lot, though -- there are weird
all-caps methods in the module that look like copy-pastes as well.

Next time, please contribute original work, or at least work that is not
encumbered by restrictive licensing.
2012-05-21 11:28:58 -05:00
Tod Beardsley eea20e773b Capitalization fixups on hashcollision_dos 2012-05-21 11:06:18 -05:00
jlee-r7 fe7928c18d Merge pull request #390 from jlee-r7/consolidate-250-254-375
Consolidate #250, #254, #375
2012-05-16 17:07:33 -07:00
Tod Beardsley 336a00bc54 Fixing CVE reference 2012-05-16 14:34:04 -05:00
Tod Beardsley 7a78c99c5e Adding credit to original PoC guy for RuggedCom
Just added and commented. It'd be nice to have a real spot for this kind
of credit, because it comes up a lot and it's hard to parse out in a
machine way who 'wrote' the module and who came up with the exploit.
2012-05-16 13:47:15 -05:00
HD Moore 4943b4c694 Bug fix from mubix (ruby 1.8 syntax) 2012-05-15 23:05:22 -05:00
sinn3r 8428d16db3 Format correction 2012-05-15 19:21:16 -05:00
sinn3r 3cd66402b7 Merge branch 'master' of https://github.com/FireFart/metasploit-framework into FireFart-master 2012-05-15 18:35:48 -05:00
James Lee 42719ab34b Squashed commit of the following:
commit 6a3ad1d887df9d277e4878de94f8700ed8e404f9
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 16:22:49 2012 -0600

    Add register_command calls for md5 and sha1

commit dbd52c5a1edfe1818a580d4d46aac0a9ca038e9c
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 16:22:09 2012 -0600

    Read the file instead of downloading it

commit 55b84ad8e2a8532b3f8520ccb1162169b8e9c056
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 15:27:11 2012 -0600

    Re-compile linux meterp to support the loadlib api

commit d112e84e490aa30aa9533fb0bdb33a9713ce01a5
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 14:50:25 2012 -0600

    Re-compile java meterp to support the loadlib api

commit c137187b346b708487245a849b95343223e4e7b0
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 14:44:10 2012 -0600

    Don't try to get interfaces if this session doesn't implement it

commit 88bba1e6c360c5725c4174623f56bcb6d8b54228
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 14:38:17 2012 -0600

    Remove debugging load

commit 02954cbf93e2a13da967780cb703103b3f83ecf4
Merge: d9ef256 88b35a3
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 9 12:06:53 2012 -0600

    Merge branch 'rapid7' into feature/4905

    Conflicts:
    	data/meterpreter/ext_server_stdapi.php
    	modules/exploits/windows/browser/adobe_flashplayer_flash10o.rb

commit d9ef2569b88ae8bce67f13316f6eff76311fd846
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 2 18:06:06 2012 -0600

    PHP doesn't support rev2self

commit bf13ea0ff25541da07b8c099218e5ad7ea6ae8ba
Author: James Lee <egypt@metasploit.com>
Date:   Tue May 1 18:21:59 2012 -0600

    Add php support for returning new extension commands

commit 7e35f2d671d3797fc3fab12e54015387f44b0b33
Author: James Lee <egypt@metasploit.com>
Date:   Tue May 1 16:03:26 2012 -0600

    Reset CVE-2012-0507 back to master

    Purges commits unrelated to this branch.

commit 86a77b3cd017e1e3a3f23d9fba3b9ed173761f80
Author: James Lee <egypt@metasploit.com>
Date:   Tue May 1 15:59:35 2012 -0600

    Revert "Make building the jar for cve-2012-0507 a bit easier"

    This reverts commit 27ef76522ad10436ec785728445ed2cc0657f85f.

    Conflicts:

    	external/source/exploits/CVE-2012-0507/Makefile
    	external/source/exploits/CVE-2012-0507/src/msf/x/PayloadX.java

commit 8c259fb779f736be16fe972215ddff1dd32fd0f3
Merge: fe2c273 1c03c2b
Author: James Lee <egypt@metasploit.com>
Date:   Tue May 1 15:35:44 2012 -0600

    Merge branch 'rapid7' into feature/4905

    Conflicts:
    	data/meterpreter/ext_server_stdapi.jar
    	data/meterpreter/meterpreter.jar
    	external/source/meterpreter/java/src/meterpreter/com/metasploit/meterpreter/Meterpreter.java
    	modules/auxiliary/server/browser_autopwn.rb

commit fe2c273a6d840c67040d6c9e337f908204337e18
Merge: 8caff47 4e955e5
Author: James Lee <egypt@metasploit.com>
Date:   Fri Apr 6 10:19:53 2012 -0600

    Merge branch 'rapid7' into feature/4905

commit 8caff47d97469f1a5459c04461fd1098487ea514
Author: James Lee <egypt@metasploit.com>
Date:   Thu Apr 5 17:51:18 2012 -0600

    Fix requires to find the test library

commit 51c33574cee3c47f0b2900c388d3d1213dd0a90d
Author: James Lee <egypt@metasploit.com>
Date:   Thu Apr 5 17:48:35 2012 -0600

    Fix a load order problem with solaris post mods

commit 81b658362e5e6bdd215d18b53d14429d163aff72
Merge: adad2cf 6ef4257
Author: James Lee <egypt@metasploit.com>
Date:   Thu Apr 5 15:43:19 2012 -0600

    Merge branch 'master' into feature/4905

commit 6ef42579471c6fde4bba71d0d4ce2c6c3e836180
Merge: 70ab8c0 5852455
Author: James Lee <egypt@metasploit.com>
Date:   Thu Apr 5 15:16:56 2012 -0600

    Merge branch 'rapid7'

    Conflicts:
    	lib/rex/exploitation/javascriptosdetect.rb

commit adad2cf04c501c2a787e5475b62abd31871c06a0
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 20:20:21 2012 -0600

    Deal with null data/jar

    Not sure why "" turns into null sometimes, but it was breaking shells;
    this fixes it.

commit 4f8a437b490e2b2774f9efd23b4891eaf007cf16
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 18:10:59 2012 -0600

    Prev commit moved these to src/a

commit 27ef76522ad10436ec785728445ed2cc0657f85f
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 18:08:32 2012 -0600

    Make building the jar for cve-2012-0507 a bit easier

    Mostly stolen from cve-2008-5353

commit db3dbad0a5ff20b05758be073c3502138ff095c2
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 14:52:23 2012 -0600

    Fix incorrect option name

commit 776976af31795bdf1b405e208a2d4b78a6b6c2cf
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 28 15:36:20 2012 -0600

    Add bap support to java_rhino

commit a611ab16e06bd324d6616d0bd69f2c09d671bca0
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 28 15:35:16 2012 -0600

    Put next_exploit on the window object so it's always in scope

    Solves some issues with Chrome not running more than one exploit

commit 5114d35de7c2f234ac7fe4288b344d4f2bb9731f
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 27 14:31:53 2012 -0600

    Pull common stuff up out of the body

commit 748309465a029593e2fe2fd445149745367513f4
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 27 11:04:03 2012 -0600

    Fix indentation level

commit 954d485e3b8ffea9a7451bd495c1956a098e0eda
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 27 11:02:42 2012 -0600

    Abstract out copy-pasted methods

    Need to do the same thing for OSX, but it's a different implementation.

commit cba8d7c911fb184f6358948022fd4a0e010878d0
Author: James Lee <egypt@metasploit.com>
Date:   Fri Mar 23 18:04:50 2012 -0600

    Linux doesn't implement (drop|steal)_token

commit 1cfda3a7b045c08ecfae1ad688e0124e76bd0c8f
Author: James Lee <egypt@metasploit.com>
Date:   Fri Mar 23 17:57:37 2012 -0600

    Add availability checks for net, sys, ui, and webcam

commit 4bdf39a8bf4b5aab293fc47cb8282d0346db0811
Author: James Lee <egypt@metasploit.com>
Date:   Fri Mar 23 16:45:59 2012 -0600

    add requirement checking for fs and core commands

commit 42e35971c9f7348b57293b2b94a42dd0260ac7e4
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 21 17:20:59 2012 -0600

    Add a to_octal method that converts e.g. "A" to \0101

commit c3b9415a0a9e2b55b1effbaf2396e11f88301aaa
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 21 17:20:07 2012 -0600

    Don't use "echo -n"

    It's not portable

commit b0f3ceccfaedbeaf67fbbe76f1a0a9aec7b44548
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 20 17:01:10 2012 -0600

    Return a list of new commands after core_loadlib, java version

    Thanks mihi for the patch and the awesome responsiveness!

commit d65303e1b6458bd4b95138dc0d61e5354c4e8d3a
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 20 13:21:06 2012 -0600

    Make sure we have a response before doing stuff with it

commit 721001ead474a17d1a16de543f78b548879f5e7e
Author: James Lee <egypt@metasploit.com>
Date:   Mon Mar 19 21:25:31 2012 -0600

    Add missing rmdir and mkdir protocol commands to PHP

    Now passes all the stdapi tests that it can
    	[*] Session type is meterpreter and platform is php/php
    	[+] should return a user id
    	[+] should return a sysinfo Hash
    	[-] FAILED: should return network interfaces
    	[-] Exception: Rex::Post::Meterpreter::RequestError : stdapi_net_config_get_interfaces: Operation failed: 1
    	[-] FAILED: should have an interface that matches session_host
    	[-] Exception: Rex::Post::Meterpreter::RequestError : stdapi_net_config_get_interfaces: Operation failed: 1
    	[-] FAILED: should return network routes
    	[-] Exception: Rex::Post::Meterpreter::RequestError : stdapi_net_config_get_routes: Operation failed: 1
    	[+] should return the proper directory separator
    	[+] should return the current working directory
    	[+] should list files in the current directory
    	[+] should stat a directory
    	[+] should create and remove a dir
    	[+] should change directories
    	[+] should create and remove files
    	[+] should upload a file
    	[-] Passed: 10; Failed: 3

commit 024e99167a025f4678a707e1ee809a1524007d4d
Author: James Lee <egypt@metasploit.com>
Date:   Mon Mar 19 15:26:00 2012 -0600

    Use a proper TLV type instead of a generic one

commit 1836d915cbe0bfd2f536a667e74d8d6a6ccee72a
Author: James Lee <egypt@metasploit.com>
Date:   Mon Mar 19 15:24:25 2012 -0600

    Fix a counting error that caused segfaults (Linux)

commit 1e419d3fc392e435ae0af703561ce10bd5a45eb0
Author: James Lee <egypt@metasploit.com>
Date:   Mon Mar 19 15:06:02 2012 -0600

    Return a list of new commands after core_loadlib

    Gets Windows back in sync with Linux

commit 3d3959f720de68e2f36ebfabe8196e01f98fe904
Author: James Lee <egypt@metasploit.com>
Date:   Mon Mar 19 14:50:55 2012 -0600

    Refactor extensionList -> extension_commands

    It's not the same as extension_list.

commit a7acb638af803732fc5f3975e0c0632f427e0deb
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Sun Mar 18 00:07:27 2012 -0500

    Massive whitespace cleanup

commit ef8b9fd5cea7db43860a5b88d7397ba84393ecd5
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Sat Mar 17 16:00:20 2012 -0500

    Add back enum_protections with some new changes

commit d778eec36953bb9bf4985e967ad2c119a1acd79b
Author: ohdae <bindshell@live.com>
Date:   Sat Mar 17 13:28:31 2012 -0400

    Added fix for enum_protections

commit 64611819d43bf13ab2d68f4353513c39e5a64fe0
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Sat Mar 17 03:14:26 2012 -0500

    A bunch of fixes

commit bb1a0205d73e75a61a8fbf5ff6440dd09f9780f9
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Sat Mar 17 00:28:05 2012 -0500

    The comments in get_chatlogs need an update

commit 666477e42a734f3120dcc4282b01b5ab5819384a
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Sat Mar 17 00:25:41 2012 -0500

    Correct license format

commit 3c8eecbcd7b952abaca0b1ce14dca41e1d4cabb7
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Sat Mar 17 00:22:03 2012 -0500

    Add enum_adium.rb post module

commit d290cf4fef1309df9a1af748e7c6c259a6788576
Author: ohdae <bindshell@live.com>
Date:   Fri Mar 16 16:54:36 2012 -0300

    Changed store_note to store_loot. Fixed local/remote file retrieval

commit ccb830b594ea0f0a8ce7c29b24f2f137ecfd5c4c
Author: James Lee <egypt@metasploit.com>
Date:   Fri Mar 16 11:29:07 2012 -0600

    Fall back to MIB method if we can't get netmasks

    Misses IPv6 addresses, but at least doesn't break everything.

    [Fixes #6525]

commit a9a30232dd5fcc0854c10b4d58df8511a23f3091
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Fri Mar 16 11:49:31 2012 -0500

    This module is not ready, yanked.

commit 6bb34f7fd0785d31902f1edc938a6b05b91a1495
Author: Gregory Man <man.gregory@gmail.com>
Date:   Fri Mar 16 18:09:08 2012 +0200

    sockso_traversal 1.8 compatibility fix

commit e76965ce565a8ae634dc0d3c743542f1a6d977d7
Author: ohdae <bindshell@live.com>
Date:   Fri Mar 16 09:17:35 2012 -0400

    fix

commit 61ce7b587de54363f7071bc19df5a29eb29e9aa7
Author: ohdae <bindshell@live.com>
Date:   Fri Mar 16 09:14:48 2012 -0400

    saves each config to loot instead of notes

commit f4713974fa82d8b13017cb0817b5fd36696194d9
Author: James Lee <egypt@metasploit.com>
Date:   Fri Mar 16 03:46:10 2012 -0600

    Check for a 0 prefix length

    If the OnLinkPrefixLength is 0, something is wrong, try the value in the
    prefix linked list.  Appears to fix v4 addresses on XP but not 2k3.

    [See #6525]

commit cde7fcc012e04880f2faa28226a1fc5834a2e3d5
Author: James Lee <egypt@metasploit.com>
Date:   Fri Mar 16 01:46:41 2012 -0600

    Return network prefixes when available

    Solves #6525 on Vista+.  Win2k still works using the old MIB method
    (which doesn't support ipv6).  Win2k3 and XP are still busted for
    unknown reasons.

commit 98bd9a7bd09149f524ebbe1501ec916bf99b078d
Author: ohdae <bindshell@live.com>
Date:   Thu Mar 15 22:59:42 2012 -0400

    Enumerate important and interesting configuration files

commit 9336df2ac28ee2df10a0e66e7006df3d23493492
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Thu Mar 15 19:06:48 2012 -0500

    More Virtualisation SSL fixes

commit f24c378281ee6c85f687d4823f09ef5848812daf
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Thu Mar 15 18:15:29 2012 -0500

    Default SSL to true for esx_fingerprint module

commit d6e14c42120df0fd16b79709ac5723d0e2818810
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Thu Mar 15 15:56:24 2012 -0500

    Fix typo

commit b24dcfe43e625740ec8a1465f33be02f7ec40162
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Thu Mar 15 15:55:54 2012 -0500

    Add sockso dir traversal

commit 033052c1e075fcf43e9c17e5ee4a5006247cb375
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 15 14:31:25 2012 -0600

    Fix syntax error in 1.8, thanks Jun Koi for the patch

commit 4529efaeaa22e52c9c7c1528c68efb60af8af729
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Thu Mar 15 14:27:40 2012 -0500

    enum_protections is now find_apps

commit 49e823802bd8f2cb1940545e74db04f3788352d1
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Thu Mar 15 14:22:23 2012 -0500

    File rename, as well as design and cosmetic changes

commit ccf6b011145cf9db444f7e2d3fb3ec61738e88cb
Author: ohdae <bindshell@live.com>
Date:   Thu Mar 15 15:29:52 2012 -0300

    added report_note, removed store_loot function, cleaned up info/author

commit 27d571932e51afbac0c0fcd95c52f038786a9a28
Author: ohdae <bindshell@live.com>
Date:   Thu Mar 15 12:18:29 2012 -0300

    fixed output newline issue

commit 5a828e35d1629dc68825fe7d9322d1316888f8d7
Author: ohdae <bindshell@live.com>
Date:   Thu Mar 15 01:05:35 2012 -0300

    fixed save line

commit 805c2ee9871c076a8c0ac62b028a7942af70b6a5
Author: ohdae <bindshell@live.com>
Date:   Thu Mar 15 01:02:07 2012 -0300

    removed unneeded comments

commit 5861e1512f2949c0d7848d9ebed8241277462085
Author: ohdae <bindshell@live.com>
Date:   Thu Mar 15 01:00:55 2012 -0300

    fixed output issue

commit 593a3648111f1db1f56a410250539261c2a7cd9f
Author: ohdae <bindshell@live.com>
Date:   Wed Mar 14 18:26:53 2012 -0300

    removed unneeded dependency

commit 05053e6e74b0ac99bbd4005c40ecc3b1196fd13f
Author: ohdae <bindshell@live.com>
Date:   Wed Mar 14 13:30:16 2012 -0400

    locates installed 3rd part av, fws, etc

commit 5bf512d0e9d2b412c4107228db178a7078111443
Author: sinn3r <msfsinn3r@gmail.com>
Date:   Wed Mar 14 16:50:54 2012 -0500

    Add OSVDB-79863 NetDecision Directory Traversal

commit 18715d0367f4ef01b5998d732043cbe224e1787e
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 14 23:03:01 2012 -0600

    Store the retrieved commands on the session

commit b752cb8b31fd8dcd221fb6caa483f6202bf5a4fd
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 14 22:45:16 2012 -0600

    Retrieve the list of new commands

    The client side doesn't do anything with them yet

commit 69ce8ef42d4089a0b26644bd4d6bebf57c4cfd50
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 14 22:41:16 2012 -0600

    Return a list of the new commands in response to core_loadlib

    Linux

commit 354c754aa4cce63ffebb4567f3bbfd621ffef46c
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 14 15:13:45 2012 -0600

    Whitespace at EOL

commit 4afcb4cb9da1921ede29b03b149433cc65d680da
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 14 14:30:09 2012 -0600

    Create instance methods that return extensions

    Before this change, meterpreter sessions would not #respond_to? their
    extensions despite having a pseudo-accessor for them:
    ```
    >> client.respond_to? :sys
    => false
    >> client.sys
    => #<Rex::Post::Meterpreter::ObjectAliases:0x0000000e263488 @aliases={"config"=>#<Rex::Post::Meterpreter::Extensions::Stdapi::Sys::Config:0x0000000e268dc8 @client=#<Session:meterpreter 192.168.99.1:55882 (192.168.99.1) "uid=1000, gid=1000, euid=1000, egid=1000, suid=1000, sgid=1000 @ wpad">>, "process"=>#<Class:0x0000000e268d20>, "registry"=>#<Class:0x0000000e266da0>, "eventlog"=>#<Class:0x0000000e2654e8>, "power"=>#<Class:0x0000000e263c30>}>

    ```

    After:
    ```
    >> client.respond_to? :sys
    => true
    ```

commit 70ab8c018f67d15929b6f41322540837ab7b37c5
Merge: a8a3938 5f2bace
Author: James Lee <egypt@metasploit.com>
Date:   Tue Apr 3 11:46:25 2012 -0600

    Merge branch 'master' into bap-refactor

    Conflicts:
    	external/source/exploits/CVE-2012-0507/Help.java
    	external/source/exploits/CVE-2012-0507/Makefile
    	external/source/exploits/CVE-2012-0507/msf/x/Help.java
    	external/source/exploits/CVE-2012-0507/src/a/Exploit.java
    	external/source/exploits/CVE-2012-0507/src/a/Help.java

commit a8a393891588a8b5c18e3c2173f1cd9c2480b2d0
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 20:20:21 2012 -0600

    Deal with null data/jar

    Not sure why "" turns into null sometimes, but it was breaking shells;
    this fixes it.

commit 5e5eb39d3ccb62a9fc006be8241cfb97723caa06
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 18:10:59 2012 -0600

    Prev commit moved these to src/a

commit 5074eadbea426fc4f83d6d165a01e640ef42b4de
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 18:08:32 2012 -0600

    Make building the jar for cve-2012-0507 a bit easier

    Mostly stolen from cve-2008-5353

commit bdb3fbe7fd19aa76b4069edca5a78c53fec668c0
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 14:52:23 2012 -0600

    Fix incorrect option name

commit 78824ef60084510d3befe0ded6eed314d55eeb12
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 13:24:33 2012 -0600

    Add the detected browser version to the DOM

    Doing it this way lets modules grab the info a bit more easily.

commit 9813ccb8d6b14e0e728b8a13bacf59dd31b9c4b9
Merge: 0faa3f6 b5fc8e4
Author: James Lee <egypt@metasploit.com>
Date:   Thu Mar 29 13:19:05 2012 -0600

    Merge branch 'master' into bap-refactor

commit 0faa3f65240c3a2b3ab0e72f4aeb2e9f50ed54ee
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 28 15:36:20 2012 -0600

    Add bap support to java_rhino

commit 66ca27f994e3b11c9c8adae85642820768158860
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 28 15:35:16 2012 -0600

    Put next_exploit on the window object so it's always in scope

    Solves some issues with Chrome not running more than one exploit

commit 7fc2ca1a0690c7a973307772aed42ab3514e1761
Merge: 325d306 e48c47e
Author: James Lee <egypt@metasploit.com>
Date:   Wed Mar 28 15:10:54 2012 -0600

    Merge branch 'master' into bap-refactor

commit 325d3060599bc79674e93dd5f55a4e60061e9bdb
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 27 14:31:53 2012 -0600

    Pull common stuff up out of the body

commit 4f2b3260bf7f14f4d763625792adb0c3cfd1ed7c
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 27 11:04:03 2012 -0600

    Fix indentation level

commit 9b905c53b4d46beb86da8168a1c2c5b2da340f6d
Author: James Lee <egypt@metasploit.com>
Date:   Tue Mar 27 11:02:42 2012 -0600

    Abstract out copy-pasted methods

    Need to do the same thing for OSX, but it's a different implementation.
2012-05-15 17:00:02 -06:00
Christian Mehlmauer 19e32c210a Added more references 2012-05-15 23:59:30 +02:00
Christian Mehlmauer 46e58f8618 Ruby naming style 2012-05-15 23:53:33 +02:00
Christian Mehlmauer 5f0075e24f Revert API change 2012-05-15 23:28:51 +02:00
Tod Beardsley 82885cc6e5 Fixing author tags
Ensuring a space between name and email.
2012-05-15 15:45:07 -05:00
James Lee bc6ec537f9 Fix a ruby 1.8 compat error
Can't have commas at the end of argument lists.
2012-05-15 11:53:49 -06:00
Christian Mehlmauer b298597218 Switched to Http Library, Code formatting issues 2012-05-15 19:43:28 +02:00
Tod Beardsley 4ee24f7e42 Adding Justin's CCTV module. 2012-05-15 08:03:39 -05:00
sinn3r 8b06835109 Make changes to proper API usage, whitespace, and extra characters. 2012-05-15 01:26:42 -05:00
sinn3r 3c683fcf99 Merge branch 'pyoor' of https://github.com/pyoor/metasploit-framework into pyoor-pyoor 2012-05-15 01:20:01 -05:00
pyoor a8b534ddec Cisco Secure ACS Module - Updated error handling 2012-05-14 20:03:26 -04:00
pyoor 2e49e56126 Made suggested changes 2012-05-14 19:50:34 -04:00
sinn3r 84269f399b Correct EDB reference 2012-05-14 15:10:21 -05:00
sinn3r f4a446a6c1 Add module CVE-2011-4404 2012-05-14 15:08:43 -05:00
pyoor 6b6dc60b25 Cisco Secure ACS Auth Bypass Module 2012-05-13 16:16:18 -04:00
Christian Mehlmauer dc10fac885 Ported my Hashcollision Script to Ruby 2012-05-13 20:59:42 +02:00
sinn3r 79a590ccf7 Merge pull request #380 from wchen-r7/bmerinofe-telnet_ruggedcom
Modified version of pull request #379 - RuggedCom Telnet Password Generator by bmerinofe
2012-05-13 11:13:27 -07:00
sinn3r 15fbb1e86c This the modified version of pull request #379. Changes include:
* Add more references
* Update description
* MSF license disclaimer
* Remove the to() function. Instead it's in run_host()
* Put 'info' in the :proof key
* Remove ::Exception handling, so we can see the original that's also logged in framework.log
2012-05-13 04:09:17 -05:00
Tod Beardsley bc1c9a7fe4 Prepend all messages with victim host:port
Redefining print_status locally to handle this. Seems like an easy way
to do this kind of thing for a particular module.

[Closes #272]
2012-05-11 17:48:54 -05:00
Tod Beardsley ab655677b4 Fixed typo, converted to OptEnum for fakedns targetaction 2012-05-11 17:12:31 -05:00
Jose Selvi af71cdafe2 Update modules/auxiliary/server/fakedns.rb 2012-05-11 17:01:14 -05:00
Jose Selvi 1d6b2eb3fe Added TARGETACTION options and wildcard support 2012-05-11 17:01:13 -05:00
Tod Beardsley aa3930fcb9 Typo on fixed tftp module 2012-05-10 21:42:33 -05:00
Tod Beardsley 36c805c5ff Move the context setting to the module
Apparently you can't hit the framework object before running the module
any more. Bummer.

[Fixes #6843]
2012-05-10 21:21:32 -05:00
James Lee 536fa39ae8 Keep the client and the server on tracked tcp sessions 2012-05-08 16:38:12 -06:00
Alexandre Maloteaux 452cead1e9 Merge psnuffle ntlmv2 support from Alex Malateaux
Testing this with smbclient requires setting "client ntlmv2 auth = yes"
in /etc/samba/smb.conf

Squashed commit of the following:

commit 7acc32f5f00914fed355a080ca237543448f80ca
Author: Alexandre Maloteaux <a.maloteaux@gmail.com>
Date:   Thu Apr 12 01:52:49 2012 +0100

    psnuffle : move protocol filtering in load function

commit 9c9ae9711c760b4f072271b7e5993f9bf8366671
Author: Alexandre Maloteaux <a.maloteaux@gmail.com>
Date:   Thu Apr 12 01:50:48 2012 +0100

    psnuffle : add hash exctratiopn from smbv2 session

[Closes #327]
2012-05-08 13:41:42 -06:00
Tod Beardsley 86500aad47 Author is always singular. 2012-05-08 08:47:52 -05:00
sinn3r 91a8ff2766 Use print_good when SQL injection is found 2012-05-08 01:30:13 -05:00
sinn3r fa9d23d839 When a blind SQL injection, it's a good thing (for the attacker), so we should use print_good 2012-05-08 01:26:39 -05:00
sinn3r 9c3d2355b1 Allow this module to be more verbose for future debugging 2012-05-04 15:47:30 -05:00
sinn3r f48d36ca31 Output changes. #6511 2012-05-04 15:11:54 -05:00
sinn3r 457ca44f27 Fix #6511 2012-05-04 14:33:49 -05:00
sinn3r babababeb1 1. Fix enum_dns: .txt is not (or no longer a method)
2. Patch snmp_enum: bug #6500
2012-05-04 13:23:27 -05:00
sinn3r 8b3b952ccd Fix bug #6761 - false negative when OWA brings the user to the Options page insetad of inbox 2012-05-04 12:30:43 -05:00
HD Moore 5151a4c530 Cosmetic 2012-05-03 00:33:09 -05:00
HD Moore 99d7b2601c Cosmetic 2012-05-03 00:31:50 -05:00
Tod Beardsley 43d730d564 Squashed commit of minor cosmetic fixes:
commit eed15ea9ecc88683c8d922fe155d4777a7ce1286
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed May 2 21:55:56 2012 -0500

    Whitespace at EOL. Dangit.

commit 8159b27728d1a4fd0ad94ff56c4b4f2b995646f8
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed May 2 16:38:01 2012 -0500

    Disambiguating 'WebCalendar'
2012-05-02 21:57:41 -05:00
James Lee 1c03c2b157 Fix indentation 2012-05-01 15:21:42 -06:00
James Lee 194c0906c2 Fix a stack trace when SMBUser is nil 2012-05-01 15:21:42 -06:00
James Lee 6ab66dc59e Fix a stack trace when the SMBUser isn't set
For some reason an invalid user/pass don't seem to trigger
STATUS_ACCESS_DENIED responses, but an empty user does.
2012-05-01 15:21:42 -06:00
Alexandre Maloteaux d68d832c9d Squashed commit of the following:
commit a0b50c394962fc90afc8d6232e1875588ed7ecb3
Author: Alexandre Maloteaux <a.maloteaux@gmail.com>
Date:   Fri Apr 20 01:45:06 2012 +0100

    enumshare: add srvsvc netshareenum request for compatibility with win 7 / 2008r2

[Closes #346]
2012-05-01 15:21:42 -06:00
David Maloney 348da8e5a6 Fixes an issue with mysql probes not timing out properly. 2012-04-30 12:22:49 -05:00
HD Moore e12c29a5dc Fix up the check so it doesn't throw a marshal exception 2012-04-29 18:40:01 -05:00
HD Moore ffd91793b9 Make RMI easier to correlate, add a vulnerability check to the scanner module 2012-04-29 18:11:28 -05:00
HD Moore 4c2e1c2859 Small updates to the rmi modules 2012-04-27 00:07:00 -05:00
sinn3r d985ba5e5d Clean up whitespace 2012-04-26 02:36:29 -05:00
sinn3r 91763dd063 Fix 1.8 compatibility 2012-04-25 15:54:42 -05:00
sinn3r cc76438a75 Merge branch 'jlee-r7-http-print-standardization' 2012-04-25 15:38:46 -05:00
sinn3r f77efbf89e Change the rest of print_* 2012-04-25 14:24:17 -05:00
HD Moore 2a5a80a485 Rename and updates 2012-04-25 12:09:23 -05:00
HD Moore 03117ffa95 Add a version scanner for RMI 2012-04-25 11:24:28 -05:00
sinn3r c27195b189 Merge pull request #347 from wchen-r7/wol
Add wake-on-lan module
2012-04-24 11:50:05 -07:00
HD Moore a1f9d2c27a Bump up the wait_timeout (works with the recent AR patch) and fix a typo in the http_version commit 2012-04-23 02:44:56 -05:00
HD Moore 59ecc8584d Force http_version to always make a new request, even if the information is in the DB 2012-04-23 02:39:02 -05:00
HD Moore 1d2581ebf4 Cosmetic 2012-04-21 14:51:20 -05:00
sinn3r b0a76a1aa1 Add wake-on-lan module 2012-04-21 03:29:49 -05:00
sinn3r b955569b10 Update the use of get2() in order to support ruby 1.9.3 2012-04-20 01:37:24 -05:00
sinn3r 45997b8dd4 Fix typos 2012-04-19 10:54:05 -05:00
Tod Beardsley ce3d98bc88 vcms_login.rb description 2012-04-19 07:44:28 -05:00
sinn3r 5fde6b759f Add VCMS brute-force module 2012-04-19 02:25:03 -05:00
James Lee 1f577b24b2 Merge branch 'rapid7' into http-print-standardization 2012-04-18 08:51:42 -06:00
James Lee a2dc890cfa Don't puke if the connection came from localhost 2012-04-17 19:49:42 -06:00
James Lee f9b2fe89b2 Merge branch 'rapid7' into http-print-standardization
Conflicts:
	modules/exploits/windows/browser/apple_quicktime_marshaled_punk.rb
	modules/exploits/windows/browser/apple_quicktime_rtsp.rb
	modules/exploits/windows/browser/apple_quicktime_smil_debug.rb
2012-04-17 19:15:06 -06:00
James Lee afe28523f3 Puts testAXO() on window so we can access it from anywhere
Also uses the new :method property which allows an array syntax.  See
ie_createobject for a usage example.
2012-04-17 18:54:26 -06:00
Tod Beardsley 4bcbdc54c9 Cutting over rails3 to master.
This switches the Metasploit Framework to a Rails 3 backend. If you run
into new problems (especially around Active Record or your postgresql
gem) you should try first updating your Ruby installation to 1.9.3 and
use a more recent 'pg' gem.

If that fails, we'd love to see your bug report (just drop all the
detail you can into an issue on GitHub). In the meantime, you can
checkout the rails2 branch, which was branched from master immediately
before this cutover.

Squashed commit of the following:

commit 5802ec851580341c6717dfea529027c12678d35f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 23:30:12 2012 -0500

    Enable MSF_BUNDLE_GEMS mode by default (set to N/F/0 to disable)

commit 8102f98dce9eb0c73c4374e40dce09af7b51d060
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 23:30:03 2012 -0500

    Add a method to expand win32 file paths

commit bda6479d154cf75572dd5de8b66bfde661a55de9
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:53:44 2012 -0500

    Fix 1.8.x compatibility

commit 101ce4eb17bfdf755ef8c0a5198174668b6cd6fd
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:40:59 2012 -0500

    Use verbose instead of stringio

commit 5db467ffb593488285576d183b1662093e454b3e
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:30:06 2012 -0500

    Hide the iconv warning, were stuck with it due to EBCDIC support

commit 63b9cb20eb6a61daf4effb4c8d2761c16ff0c4e0
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:29:58 2012 -0500

    Dont use GEM_HOME by default

commit ca49271c22c314a4465fff934334df18c704cbc0
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:23:34 2012 -0500

    Move Gemfile to root (there be dragons, lets find them) and catch failed bundler loads

commit 34af04076a068e9f60c5526045ddbba5fca359fd
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 18:18:29 2012 -0500

    Fallback to bundler when not running inside of a installer env

commit ed1066a4f3f12fae7d4afc03eb1ab70ffe2f9cf3
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 16:26:55 2012 -0500

    Remove a mess of gems that were not actually required

commit 21290a73926809e9049a59359449168f740d13d2
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 15:59:10 2012 -0500

    Hack around a gem() call that is well-intentioned but an obstacle in this case

commit 8e414a8bfab9641c81088d22f73033be5b37a700
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Apr 15 15:06:08 2012 -0500

    Ruby, come on. Ducktype this. Please.

    Use interpolated strings to get the to_s behavior you don't get with
    just plussing.

commit 0fa92c58750f8f84edbecfaab72cd2da5062743f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 15:05:42 2012 -0500

    Add new eventmachine/thin gems

commit 819d5e7d45e0a16741d3852df3ed110b4d7abc44
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 15:01:18 2012 -0500

    Purge (reimport in a second)

commit ea6f3f6c434537ca15b6c6674e31081e27ce7f86
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 14:54:42 2012 -0500

    Cleanup uncessary .so files (ext vs lib)

commit d219330a3cc563e9da9f01fade016c9ed8cda21c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 14:53:02 2012 -0500

    PG gems built against the older installation environment

commit d6e590cfa331ae7b25313ff1471c6148a6b36f3b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 14:06:35 2012 -0500

    Rename to include the version

commit a893de222b97ce1222a55324f1811b0262aae2d0
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 13:56:47 2012 -0500

    Detect older installation environments and load the arch-lib directories into the search path

commit 6444bba0a421921e2ebe2df2323277a586f9736f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 13:49:25 2012 -0500

    Merge in windows gems

commit 95efbcfde220917bc7ee08e6083d7b383240d185
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Apr 15 13:49:33 2012 -0500

    Report_vuln shouldn't use :include in finder

    find_or_create_by doesn't take :include as a param.

commit c5f99eb87f0874ef7d32fa42828841c9a714b787
Author: David Maloney <DMaloney@rapid7.com>
Date:   Sun Apr 15 12:44:09 2012 -0500

    One more msised Mdm namespace issue

commit 2184e2bbc3dd9b0993e8f21d2811a65a0c694d68
Author: David Maloney <DMaloney@rapid7.com>
Date:   Sun Apr 15 12:33:41 2012 -0500

    Fixes some mroe Mdm namespace confusion
    Fixes #6626

commit 10cee17f391f398bb2be3409137ff7348c7a66ee
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 03:40:44 2012 -0500

    Add robots gem (required by webscan)

commit 327e674c83850101364c9cca8f8d16da1de3dfb5
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 03:39:05 2012 -0500

    Fix missing error checks

commit a5a24641866e47e611d7636a3f19ba3b3ed10ac5
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 01:15:37 2012 -0500

    Reorder requires and add a method for injecting a new migration path

commit 250a5fa5ae8cb05807af022aa4168907772c15f8
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 00:56:09 2012 -0500

    Remove missing constant (use string) and add gemcache cleaner

commit 37ad6063fce0a41dddedb857fa49aa2c4834a508
Merge: d47ee82 4be0361
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Apr 15 00:40:16 2012 -0500

    Merge branch 'master-clone' into rails3-clone

commit d47ee82ad7e66de53dd3d3a65649cc37299a2479
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 00:30:03 2012 -0500

    cleanup leftovers from gems

commit 6d883b5aa8a3a7ddbcde5bfd4521d57c5b30d3c2
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sun Apr 15 00:25:47 2012 -0500

    MDM update with purged DBSave module

commit 71e4f2d81f6da221b76150562a16c730888f5925
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 23:19:37 2012 -0500

    Add new mdm

commit 651cd5adac8211d65e0c8079371d8264e549533a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 23:19:13 2012 -0500

    Update mdm

commit 0191a8bd0acec30ddb2a9e9c291111a12378537f
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 22:30:40 2012 -0500

    This fixes numerous cases of missed Mdm:: prefixes on db objects

commit a2a9bb3f2148622c135663dead80b3367b6f7695
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 18:30:18 2012 -0500

    Add eventmachine

commit 301ddeb12b906ed3c508613ca894347bedc3b499
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 18:18:12 2012 -0500

    A nicer error for folks who need to upgrade pg

commit fa6bde1e67b12e2d3d9978f59bbc98e0c1a1a707
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 17:54:55 2012 -0500

    Remove bundler requirements

commit 2e3ab9ed211303f1116e602b9a450141b71e56a4
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 17:35:38 2012 -0500

    Pull in eventmachine with actual .so's this time

commit 901fb33ff6b754ce2c2cfd51e3b0b669f6ec600b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 17:19:12 2012 -0500

    Update deps, still need to add eventmachine

commit 6b0e17068e8caa0601f3ef81e8dbdb672758fcbe
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 13:07:06 2012 -0500

    Handle older installer environments and only allow binary gems when the
    environment specifically asks for it

commit b98eb7873a6342834840424699caa414a5cb172a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 04:05:13 2012 -0500

    Bump version to -testing

commit 6ac508c4ba3fdc278aaf8cfe2c58d01de3395431
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:25:09 2012 -0500

    Remove msf3 subdir

commit a27dac5067635a95b4cbb773df1985f2a2dc2c5a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:24:39 2012 -0500

    Remove the old busted external

commit 5fb5a0fc642b6c301934c319db854cc3145427a1
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:03:10 2012 -0500

    Add the gemcache loader

commit 09e2d89dfd09b9ac0c123fcc4e19816c86725627
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Apr 14 02:02:23 2012 -0500

    Purge gemfile/bundler configure in exchange for new gemcache setup

commit 3cc0264e1cfb027b515d7f24b95a74b023bd905c
Author: Tod Beardsley <todb@metasploit.com>
Date:   Thu Apr 12 14:11:45 2012 -0500

    Mode change on modicon_ladder.apx

commit c18b3d56efd639e461137acdc76b4b283fe978d4
Author: HD Moore <hd_moore@rapid7.com>
Date:   Thu Apr 12 01:38:56 2012 -0500

    The go faster button

commit ca2a67d51d6d4c7c3ca2e745f8b018279aef668a
Merge: 674ee09 b8129f9
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon Apr 9 15:50:33 2012 -0500

    Merge branch 'master-clone' into rails3-clone

    Picking up Packetfu upstream changes, all pretty minor

commit 674ee097ab8a6bc9608bf377479ccd0b87e7302b
Merge: e9513e5 a26e844
Author: Tod Beardsley <todb@metasploit.com>
Date:   Mon Apr 9 13:57:26 2012 -0500

    Merge branch 'master-clone' into rails3-clone

    Conflicts:
    	lib/msf/core/handler/reverse_http.rb
    	lib/msf/core/handler/reverse_https.rb
    	modules/auxiliary/scanner/discovery/udp_probe.rb
    	modules/auxiliary/scanner/discovery/udp_sweep.rb

    Resolved conflicts with the reverse_http handlers and the udp probe /
    scanners byt favoring the more recent changes (which happened to be the
    intent anyway). The reverse_http and reverse_https changes were mine so
    I know what the intent was, and @dmaloney-r7 changed udp_probe and
    udp_sweep to use pcAnywhere_stat instead of merely pcAnywhere, so the
    intent is clear there as well.

commit e9513e54f984fdb100c13b44a1724246779ccb76
Author: David Maloney <dmaloney@melodie.gateway.2wire.net>
Date:   Fri Apr 6 18:21:46 2012 -0500

    Some fixes to how services get reported to prevent issues with the web interface

commit adeb44e9aaf1a329a0e587d2b26e678398730422
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Mon Apr 2 15:39:46 2012 -0500

    Some corrections to pcAnywhere discovery modules to distinguish between the two services

commit b13900176484fea8f5217a2ef925ae2ad9b7af47
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Mar 31 12:03:21 2012 -0500

    Enable additional migration-path parameters, use a temporary directory to bring the database online

commit 526b4c56883f461417f71269404faef38639917c
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Wed Mar 28 23:24:56 2012 -0500

    A bunch of Mdsm fixes for .kind_of? calls, to make sure we ponit to the right place

commit 2cf3143370af808637d164ce59400605300f922c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Mar 26 16:22:09 2012 -0500

    Check for ruby 2.0 as well as 1.9 for encoding override

commit 4d0f51b76d89f00f7acbce6b1f00dc6e4c4545ee
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Mar 26 15:36:04 2012 -0500

    Remove debug statement

commit f5d2335e7745aa1a354f4d6c8fc9d0b3876c472a
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Mar 26 15:01:55 2012 -0500

    Be explicit about the Mdm namespace

commit bc8be225606d6ea38dd2a85ab4310c1c181a94ee
Author: hdm <hdm@hypo.(none)>
Date:   Mon Mar 26 11:49:51 2012 -0500

    Precalculate some uri strings in case the 1000-round generation fails

commit 4254f419723349ffb93e4aebdaeabbd7d66bf8c0
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Sat Mar 24 14:03:44 2012 -0500

    Removed some non-namespaced calls to Host

commit c8190e1bb8ad365fb0d7a1c4a9173e6c739be85c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Mar 20 00:37:00 2012 -0500

    Purge the rvmrc, this is causing major headaches

commit 76df18588917b7150a3bedf2569710a80bab51f8
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Mar 20 00:31:52 2012 -0500

    Switch .rvmrc to the shipping 1.9.3 version

commit 7124971d0032b268f4ddf89aca125f15e284f345
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Mon Mar 12 16:56:40 2012 -0500

    Adds mixin for looking up Mime Types by extension

commit b7ca8353164c43db6bacb2f3f16afa1269f66e43
Merge: a0b0c75 6b9a219
Author: Matt Buck <techpeace@gmail.com>
Date:   Tue Mar 6 19:38:53 2012 -0600

    Merge from develop.

commit a0b0c7528d2b8fabb76b2246a15004bc89239cf0
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Mar 6 11:08:59 2012 -0600

    Somehow migration file is new?

commit 84d2b3cb1ad6290413c3ea3222ddf9932270b105
Author: David Maloney <David_Maloney@rapid7.com>
Date:   Wed Feb 29 16:38:55 2012 -0600

    Added ability to specify headers to redirects in http server

commit e50d27cda83872c616722adb03dc1a6a5e685405
Author: HD Moore <hd_moore@rapid7.com>
Date:   Sat Feb 4 04:44:50 2012 -0600

    Tweak the event dispatcher to enable customer events without a category
    and trigger http request events from the main exploit mixin.
    Experimental

commit 0e4fd2040df49df2e6cb0e8d2c6240a03d108033
Author: Matt Buck <Matthew_Buck@rapid7.com>
Date:   Thu Feb 2 22:09:05 2012 -0600

    Change Msm -> Mdm in migrations. This is what was preventing migrations from finishing on first boot.

commit c94a2961d04eee84adfd42bb01ed7a3e3846b83a
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Wed Feb 1 12:48:48 2012 -0600

    Changed Gemfile to use new gem name

commit 245c2063f06b4fddbfc607d243796669ef236136
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Wed Feb 1 12:47:42 2012 -0600

    Did find/replace for final namespace of Mdm

commit 6ed9bf8430b555dcbe62daeddb2f33bd400ab5bc
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 24 10:47:44 2012 -0600

    Fix a bunch of namespace issues

commit 2fe08d9e4226c27e78d07a00178c58f528cbc72e
Author: Matt Buck <Matthew_Buck@rapid7.com>
Date:   Fri Jan 20 14:37:37 2012 -0600

    Update Msm contstants in migrations for initial DB builds.

commit 4cc6b8fb0440c6258bf70de77a9153468fea4ea5
Author: Matt Buck <Matthew_Buck@rapid7.com>
Date:   Fri Jan 20 14:37:25 2012 -0600

    Update Gemfile.lock.

commit 1cc655b678f0a054a9a783da119237fe3f67faa4
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Thu Jan 19 11:48:29 2012 -0600

    Errant Workspaces needed namespace

commit 607a78285582c530a68985add33ccf4d899c467a
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 17 15:44:02 2012 -0600

    Refactored all models to use the new namespace

    * Every model using DBManager::* namespace is now Msm namespace
    * Almost all of this in msf/base/core
    * Some in modules

commit a690cd959b3560fa2284975ca7ecca10c228fb05
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 17 13:41:44 2012 -0600

    Move bundler setup

commit dae115cc8f7619ca7a827123079cb67fb4d9354b
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Mon Jan 9 15:51:07 2012 -0600

    Moved ActiveSupport dep to gem

commit d32f8edb6e7f82079b775ffbc2b9a405d1f32b3b
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Mon Jan 9 14:40:05 2012 -0600

    Removed model require file

commit d0c74cff8c44771e566ec63b03eda10d03b25c42
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 3 16:06:10 2012 -0600

    Update some more finds

commit 4eb79ea6b58b74c309ab1f1bb0bd35fe9041de46
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date:   Tue Jan 3 14:21:15 2012 -0600

    Yet another dumb commit

commit a75febcb593d52fdfe930306b4275829759d81d1
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Thu Dec 29 19:20:51 2011 -0600

    Fixing deletion

commit dc139ff2fdfc4e7cdee3901dfb863e70913d6b92
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Wed Dec 7 17:06:45 2011 -0600

    Fixed erroneous commit

commit 531c1e611cf4d23aeb9c48350dabf7630d662d25
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Mon Nov 21 16:11:35 2011 -0600

    Remove AR patch stuff; attempting to debug non-connection between MSF and Pro

commit 458611224189c7aa27e500aabd373d85dc2dc5c0
Author: Trevor Rosen <trevor@catapult-creative.com>
Date:   Fri Nov 18 16:17:27 2011 -0600

    Drop ActiveRecord/ActiveSupport in preparation for upgrade
2012-04-15 23:35:38 -05:00
James Lee d0eb383655 Un-standardize printing in browser modules
This is now handled by the HttpServer mixin
2012-04-11 00:26:25 -06:00
James Lee 090566610a Make sure @shares is initialized
Fixes a stack trace when the target isn't Windows
2012-04-10 15:00:47 -06:00
HD Moore a9d733f9fe Fix pack order 2012-04-09 21:21:42 -05:00
HD Moore 2c473e3cdd Fix up koyo login 2012-04-09 15:07:47 -05:00
sinn3r a26e844ce5 Merge pull request #318 from wchen-r7/dolibarr_login
Add an aux module to brute force Dolibarr's login interface
2012-04-09 09:20:48 -07:00
sinn3r bef12478fc Merge branch 'bap-refactor' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-bap-refactor 2012-04-09 09:58:22 -05:00
James Lee b38933328f Send exploits that are not assocated with any browser to all of them 2012-04-09 01:53:57 -06:00
sinn3r 9cec9639c7 Add an aux module to brute force Dolibarr's login interface 2012-04-08 18:16:38 -05:00
James Lee f520af036f Move next_exploit() onto window object so it's accessible everywhere
I swear I committed this before, not sure what happened.
2012-04-08 17:11:15 -06:00
Tod Beardsley dfe2bbc958 Use rport for modicon_password recovery, not 21. 2012-04-07 13:03:43 -05:00
Tod Beardsley 461352f24f Don't need to require net/ftp anymore
Nothing actually used it anyway.
2012-04-06 10:35:28 -05:00
Tod Beardsley 9c8e6ac9da Ruby 1.8 compat for the SCADA modules.
But really, you should be using Ruby 1.9 by now.
2012-04-05 17:05:03 -05:00
Tod Beardsley 14d9953634 Adding DigitalBond SCADA modules 2012-04-05 12:35:48 -05:00
James Lee 40ab362e1c Store host details in the target cache
This allows us to maintain a connection between the client and the
operating system/host where it's running.

Also fixes a counting problem for modules actually started.
2012-04-05 01:33:07 -06:00
James Lee 0ddfa79a34 Move javascriptosdetect out to its own file
Allows editors to easily highlight correctly which makes editing a
little nicer. Also makes it easier to debug because line numbers are
only off by the length of the custom_js argument.
2012-04-04 17:07:17 -06:00
James Lee 6ad0f41479 Add the client to output 2012-04-03 18:27:16 -06:00
James Lee 893430894e Tell the user how many sploits we've picked 2012-04-03 18:22:56 -06:00
Tod Beardsley 9cf896ffa1 Pre-release fixups on titles and grammar
Fixing squid_pivot_scanning and enum_xchat
2012-04-02 11:24:49 -05:00
Tod Beardsley 7b0ee58d9f Fixing bug spotted by troulouliou in ipv6_neighbor
Just check for nilness, not the :symbol.
2012-04-02 10:02:59 -05:00
Tod Beardsley 220ad7875f Merge pull request #285 from wvandevanter-r7/squid_pivot_scanning
Squid pivot scanning
2012-03-29 05:02:05 -07:00
Willis Vandevanter f5e05461f6 changed the false positive check IP to a user set variable 2012-03-28 22:18:56 -04:00
Willis Vandevanter 0fcab521d2 fixed print_bad 2012-03-28 02:32:03 -04:00
Tod Beardsley fb9163caf9 Merge pull request #278 from wchen-r7/manageengine_deviceexpert
Add OSVDB-80262 ManageEngine DeviceExpert
2012-03-26 14:42:36 -07:00
Tod Beardsley d95d60670e Fix up desc again on enum_dns 2012-03-26 16:20:00 -05:00
Tod Beardsley 14b45f9fb1 More fixes to enum_dns.rb
* Should use 'and', not & (bitwise AND)
  * Made capitalization sane for Anglophones. See: http://owl.english.purdue.edu/owl/resource/592/1/
2012-03-26 16:14:04 -05:00
Tod Beardsley dc6f76eb20 Style fixes for enum_dns.rb
* Use a dotted.notation for note types
  * Changed title to something more descriptive
  * Expanded description
  * Other trivial changes
2012-03-26 16:08:39 -05:00
sinn3r 79d74b8768 ADD OSVDB-80262 2012-03-26 12:58:18 -05:00
sinn3r 19fc8d9883 Add OSVDB-80262 2012-03-26 12:42:24 -05:00
Tod Beardsley 507dd423ce Rogue period, DELETED. 2012-03-26 10:54:26 -05:00
Jonathan Cran 135cf7ba04 remove trailing comma, thanks troulouliou 2012-03-23 17:00:04 -05:00
Tod Beardsley 47493af103 Merge pull request #259 from todb-r7/edb-2
Convert Exploit-DB references to first-tier "EDB-12345" references
2012-03-23 12:09:07 -07:00
sinn3r 6f0f9041c8 Merge pull request #267 from wchen-r7/hp_data_protector_win_cmd
Add HP Data Protector aux module for executing commands on Windows
2012-03-23 11:06:52 -07:00
sinn3r 10733f6a1c Update description 2012-03-23 13:05:40 -05:00
sinn3r 41bc8ded3d Add HP Data Protector aux module for executing commands on Windows 2012-03-23 07:57:13 -05:00
Patrick Webster 3dc0e97998 Updating description and refs to Patrick's module
There was some weirdness with the commit log on this module but it
should all be kosher now.

[Closes #260]
2012-03-22 10:30:25 -05:00
Tod Beardsley 2f3bbdc00c Sed replacement of exploit-db links with EDB refs
This is the result of:

find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/\([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
Tod Beardsley 8f17cc3f5c MS12-020 not MS12-002 2012-03-21 13:58:18 -05:00
Tod Beardsley b09d91d1c7 Removing enum_bing_url
Moving this over to unstable until the described http request problem
gets resolved.
2012-03-21 09:33:31 -05:00
sinn3r 056985625d damn comma 2012-03-21 04:06:54 -05:00
sinn3r ed542e2b6c Change dns_enum to enum_dns for naming style consistency 2012-03-20 14:11:04 -05:00
sinn3r b8b5c79957 No need for net/http 2012-03-20 14:09:40 -05:00
sinn3r 777e221232 Add Bing URL enumerator by Royce (Feature #6499) 2012-03-20 14:07:42 -05:00
Tod Beardsley bff860c62d s/brute force/bruteforce
This is the preferred spelling in Metasploit, at least, according to
grep consensus:

./metasploit-framework$ grep -ri "brute force" . | wc -l
111
./metasploit-framework$ grep -ri "bruteforce" .  | wc -l
183
2012-03-19 16:14:00 -05:00
Tod Beardsley 4391c24d2f Trivial touchups on RDP DoS module.
Dropping a line about what it can't do, adding freenode comment.
2012-03-19 14:27:27 -05:00
sinn3r 3a851ef2c2 Fix typo 2012-03-19 13:20:59 -05:00
sinn3r 3d72d52625 Add reporting to MS12-020 2012-03-19 13:18:51 -05:00
sinn3r fa4504e1f6 Let's make this clear, it's just a DoS 2012-03-19 13:00:29 -05:00
sinn3r 13f16daca7 Actually, that date is way off. Corrected. 2012-03-19 12:58:52 -05:00
sinn3r d8be328b89 Ported Daniel/Alex/jduck's MS12-020 PoC as a Metasploit module 2012-03-19 12:53:34 -05:00
sinn3r aeb691bbee Massive whitespace cleanup 2012-03-18 00:07:27 -05:00
sinn3r 7c77fe20cc Some variables don't need to be in a double-quote. 2012-03-17 20:37:42 -05:00
Gregory Man ba6928cbf1 sockso_traversal 1.8 compatibility fix 2012-03-16 18:12:09 +02:00
David Maloney 6011da7db8 More Virtualisation SSL fixes 2012-03-15 19:06:48 -05:00
David Maloney e4778c2ba4 Default SSL to true for esx_fingerprint module 2012-03-15 18:15:29 -05:00
sinn3r 46dbaf8283 Fix typos and output 2012-03-15 16:10:05 -05:00
sinn3r 81b3eaa482 Fix typo 2012-03-15 15:56:24 -05:00
sinn3r db4538389c Add sockso dir traversal 2012-03-15 15:55:54 -05:00
James Lee 74e40763d6 Fix syntax error in 1.8, thanks Jun Koi for the patch 2012-03-15 14:32:16 -06:00
sinn3r d5f83be2d0 Cosmetic changes 2012-03-15 11:21:41 -05:00
Gregory Man 9928b102b5 Added rails_mass_assignment module. 2012-03-15 16:56:38 +02:00
sinn3r 65bde7ec99 Add OSVDB-79863 NetDecision Directory Traversal 2012-03-14 16:50:54 -05:00
Tod Beardsley 81248f35c4 Changing H.323 constant for H323_STATUS_FACILITY
However, it's not actually being used in the module anywhere, so this
change appears cosmetic more than anything right now. However, I'm
inclined to believe Ricky's suggestions when it comes to H.323.

Corroborated by this 2003 post to the Ethereal mailing list:

http://www.ethereal.com/lists/ethereal-users/200311/msg00001.html

[See #6521]
2012-03-13 12:26:03 -05:00
Gregory Man b0ba10f79c Added afp_login module. 2012-03-13 10:01:42 +02:00
Gregory Man 5b13b7d1d9 Extracted common AFP functionality to mixin 2012-03-13 09:56:03 +02:00
Tod Beardsley ba2bf194fd Fixes descriptions on new modules.
Fixing up grammar and removing some editorial verbiage.
2012-03-07 09:17:22 -06:00
James Lee 2b9acb61ad Clean up some incosistent verbosity
Modules should use `vprint_*` instead of `print... if
datastore["VERBOSE"]` or similar constructs
2012-03-06 12:01:20 -07:00
sinn3r 003fa3e22c Apply patch for #6495 2012-03-06 11:43:28 -06:00
Willis Vandevanter 461a59e28d modified description and lowered the number of required requests 2012-03-06 00:48:54 -05:00
Willis Vandevanter 0f17bbdfdd squid pivot scanning module 2012-03-06 00:30:30 -05:00
James Lee 3a33434867 Fix a couple of typos that throw off module authors 2012-03-05 13:28:46 -07:00
sinn3r afd1af6377 Merge branch 'apf-info' of https://github.com/gregory-m/metasploit-framework into gregory-m-apf-info 2012-03-05 11:18:23 -06:00
sinn3r 1005de0523 Port should not contain a non-numeric value or even empty when assigned to :port 2012-03-05 11:10:16 -06:00
Gregory Man 6726f07dbc afp_server_info fixes and improvements
1.9 compatibility, timeouts, reporting
2012-03-05 14:57:59 +02:00
Gregory Man d9f0453ee9 Added auxiliary/scanner/afp/afp_server_info module 2012-03-02 21:58:40 +02:00
Tod Beardsley 7447052b38 Convert WMAP constant name to the new format. 2012-03-02 10:18:32 -06:00
Tod Beardsley 302853f5a4 Unpolluting SVN Revision keyword
Sometimes Revision keywords get expanded, too. Fix those.
2012-03-02 10:18:32 -06:00
Tod Beardsley 3626d48db2 Un-polluting SVN Id keyword
Sometimes the SVN Id keyword sneaks back into the github repo already
expanded.
2012-03-02 10:18:32 -06:00
Efrain Torres 36a3341acd Fix body cero. 2012-03-02 10:18:32 -06:00
Efrain Torres 6fba0698e5 Adding another detection method for blind sqli 2012-03-02 10:18:32 -06:00
Efrain Torres 02f6e3fcb2 Improving report on blind sqli module 2012-03-02 10:18:32 -06:00
Efrain Torres 126a6133cd Improving blind sql inj. detection 2012-03-02 10:18:32 -06:00
Efrain Torres b608aeeeb7 Migrating modules to use report_web_vulns and minor fixes 2012-03-02 10:18:32 -06:00
Efrain Torres 1a09a49f69 Starting getting rid of report_note to use report_web_vuln on all http aux modules 2012-03-02 10:18:32 -06:00
Efrain Torres 2ce7dc9331 One more module. 2012-03-02 10:18:32 -06:00
Efrain Torres 9c6fec3c33 First step on module cleaning. 2012-03-02 10:18:32 -06:00
Efrain Torres eaecdb487c Fix sname in report_ calls to check the use of ssl and report http or
https
2012-03-02 10:18:31 -06:00
Efrain Torres 6d80aa0a44 Renaming duh. 2012-03-02 10:18:31 -06:00
Efrain Torres 3cb65e24a1 Fix blind sqli module description and bug with http_method 2012-03-02 10:18:31 -06:00
Efrain Torres 6938b91d07 Execute tests agains a specific path and bug fix in blind sqli module 2012-03-02 10:18:31 -06:00
Efrain Torres a2e5a4d9d5 New wmap version 1.5. Plugin and mixin changes. Modules edited to adjust to naming convention 2012-03-02 10:18:31 -06:00
sinn3r e9df9d6c2c Increase default depth 2012-02-29 16:24:18 -06:00
Tod Beardsley 4369f73c7a Msftidy fixes on new modules
Dropped a cryptic year reference from jducks' java module, found a
spurious space in thelightcosine's telnet module.
2012-02-29 10:42:43 -06:00
sinn3r 6321ff7cb4 Change output message 2012-02-29 01:36:38 -06:00
sinn3r bc8480715f Add references to metadata. Do report_auth_info() when a credential is found. Plus other minor changes. 2012-02-29 01:32:21 -06:00
HD Moore 4c39cfd98a Small tweak to the format of the type 2012-02-28 23:52:48 -06:00
Gregory Man bf07a6a027 Added auxiliary/scanner/mongodb/mongodb_login module
MongoDB login utility + brute force attack
2012-02-28 16:06:30 +02:00
David Maloney a6b10862bd Adds a lantronix telnet discovery module 2012-02-23 17:22:32 -06:00
HD Moore 8d212849dc Fix typos that result in stack traces when matching the response codes 2012-02-22 16:04:24 -06:00
HD Moore 3fecda95be Fix 1.8 compatibility issue 2012-02-22 02:05:44 -06:00
James Lee 464cf7f65f Normalize service names
Downcases lots and standardizes a few.  Notably, modules that reported a
service name of "TNS" are now "oracle".  Modules that report http
now check for SSL and report https instead.

[Fixes #6437]
2012-02-21 22:59:20 -07:00
James Lee 02d6089893 Fix a stack trace when an unexpected response from the server
Caused by a typo
2012-02-21 18:57:27 -07:00
HD Moore acb4446e45 Fix #6407 by treating redirects as successful authentication 2012-02-21 16:02:21 -06:00
HD Moore bce1c08623 Update modules/auxiliary/server/capture/http_javascript_keylogger.rb 2012-02-21 04:46:56 -06:00
HD Moore 7c1d48d6aa Merge in MJC's javascript keylogger 2012-02-21 04:25:15 -06:00
HD Moore ceb4888772 Fix up the boilerplate comment to use a better url 2012-02-20 19:40:50 -06:00
HD Moore af56807668 Cleanup the titles of many exploit modules 2012-02-20 19:25:55 -06:00
James Lee 89e0842b1e Add vim_soap to the mixins list.
Fixes an issue where a different module load order would result in one
of the vmware modules failing to load be cause vim_soap hadn't been
required yet. Thanks d0rm0us3 for having a weird system and spotting
stuff like this.
2012-02-20 13:17:45 -07:00
sinn3r a8d56afda6 Use store_loot() to save data to local disk 2012-02-20 01:30:11 -06:00
Matt Buck fccb338e29 Merge branch 'master' of github-r7:rapid7/metasploit-framework 2012-02-19 23:01:14 -06:00
Matt Buck e0a75c1b2c Merge branch 'release/4.2-stable'
Conflicts:
	lib/msf/core/model/host.rb
2012-02-19 22:57:22 -06:00
sinn3r ea698864bd Add aux module to disclose IIS internal IP (Feature #6405) 2012-02-19 22:44:30 -06:00
sinn3r 95fa97cbd7 This module should be using store_loot() to save downloaded data 2012-02-19 20:48:00 -06:00
sinn3r 6037a2fc7a Correct type and name for store_loot 2012-02-19 20:20:44 -06:00
HD Moore f92ddb2475 Revert "Cleanup to the module output for vmware_http_login.rb"
This reverts commit 08d91aebdb.
2012-02-19 18:55:49 -06:00
HD Moore a25475fac0 Revert "Add a new vmauthd_version scanner (also pulls in the SSL cert if"
This reverts commit c4ea27d32b.
2012-02-19 18:53:03 -06:00
HD Moore d761265b93 Revert "Cosmetic cleanup to the module output for vmauthd_login"
This reverts commit 87e7bf4934.
2012-02-19 18:52:39 -06:00
HD Moore 648686002b Cosmetic cleanup of the vmware_http_login module 2012-02-19 18:51:16 -06:00
HD Moore 2521bd7b59 Add a new vmauthd_version scanner (also pulls in the SSL cert if
available)
2012-02-19 18:34:35 -06:00
HD Moore 00d2497a42 Cosmetic cleanup to the module output for vmauthd_login 2012-02-19 18:32:36 -06:00
HD Moore c4ea27d32b Add a new vmauthd_version scanner (also pulls in the SSL cert if
available)
2012-02-19 18:28:06 -06:00
HD Moore 87e7bf4934 Cosmetic cleanup to the module output for vmauthd_login 2012-02-19 18:16:54 -06:00
HD Moore 08d91aebdb Cleanup to the module output for vmware_http_login.rb 2012-02-19 18:16:05 -06:00
sinn3r 825ea01f79 Correct report_web_vuln 2012-02-19 16:37:42 -06:00
sinn3r 199e9c518b Add Generic HTTP Directory Traversal Utility (Feature #6338) 2012-02-19 00:30:18 -06:00
David Maloney 6ced540e0b Merge branch 'vmware-api' into vmware-stable 2012-02-18 18:38:20 -06:00
David Maloney 36dc0fee50 Better dynamic soap generation for all the vmware stuff 2012-02-18 18:29:46 -06:00
sinn3r ebd5438984 Add POST to method 2012-02-17 22:36:33 -06:00
sinn3r bb5e4a1600 Modules don't need to register VERBOSE, because it's already there 2012-02-17 21:07:44 -06:00
sinn3r 79ce43e3fe This condition should never trigger, because OptEnum should automatically take care of it 2012-02-17 19:16:07 -06:00
sinn3r e23f17cac2 Again, validate using OptEnum 2012-02-17 19:14:38 -06:00
sinn3r d58b8c7b69 Use OptEnum to validate enumeration method 2012-02-17 19:12:47 -06:00
sinn3r 3390bdf312 Validate METHOD with OptEnum 2012-02-17 18:54:53 -06:00
sinn3r 974aea3521 Validate 'METHOD' using OptEnum 2012-02-17 18:46:56 -06:00
sinn3r 36bc31d677 Damn, the indent level is nuts in this thing 2012-02-17 18:43:47 -06:00
sinn3r ec58b4669e This module only handles GET, so that's the only option we'll allow 2012-02-17 18:20:16 -06:00
sinn3r 9e17b09632 This module is only meant to handle GET and PUT, so let's be strict on that 2012-02-17 18:17:28 -06:00
sinn3r 7ae58bfd9d Make sure the HTTP method is always upper-case to make Apache happy 2012-02-17 18:15:23 -06:00
David Maloney ddb43774c9 Some metadata fixes 2012-02-17 12:21:38 -06:00
sinn3r ae57a8d9fd Make sure the HTTP method is always uppercase so we don't get a 501 2012-02-17 03:34:39 -06:00
David Maloney a0dac593bc Merge branch 'vmware-api' of github.com:rapid7/metasploit-framework into vmware-api 2012-02-16 02:22:31 -06:00
David Maloney e9b2e060d6 Permissions scanner for vmware
Fixed the way loot was getting stored to set a propper type
2012-02-16 02:19:33 -06:00
David Maloney 8d7ddab2af Some minor bug fixes
Added vm_tag module for 'flag planting'
2012-02-16 00:45:48 -06:00
David Maloney c5ae56a147 Adding User Enumeration Scanner for vmware 2012-02-15 22:55:11 -06:00
Tod Beardsley 95f54413d8 Create a stable branch of vmware-api
Just to pick up the soap library and the esx_fingerprint stuff.
2012-02-15 21:25:56 -06:00
Tod Beardsley bf9ed96155 Fixes up esx_fingerprint and the host model to ID vmware correctly
Uses the proper host.normalize_os methods to fix up the normalization of
ESX servers.
2012-02-15 20:31:51 -06:00
David Maloney a2778ea297 minor fixes to multi-session terminate 2012-02-15 16:50:12 -06:00
David Maloney 082b4acca8 Changed terminate session module to handle multiple sessions per run 2012-02-15 16:47:02 -06:00
David Maloney c9cf47bd4c Add Terminate Session module and some extra goodness to enum sessions 2012-02-15 16:39:13 -06:00
David Maloney 67ba39cc3e Adds a scanner to pull active login sessions off servers 2012-02-15 02:27:25 -06:00
David Maloney e0f11992af Gah screwed up that commit, accidentally chunked out the rescues. 2012-02-15 02:12:06 -06:00
David Maloney 6b539036c9 Fix fingerprinting in the vmware_http_login module 2012-02-15 01:54:34 -06:00
David Maloney e67e9ab34f Adds a power off vm aux module 2012-02-14 20:52:45 -06:00
David Maloney a256a6fb0b Adds a power on vm module 2012-02-14 20:44:11 -06:00
David Maloney bbca09458f Workaround for report_host/service issue
See #6370
2012-02-14 11:19:38 -06:00
David Maloney 03884ddb46 Fix to title from copy pasted init section. 2012-02-14 10:36:15 -06:00
Tod Beardsley ad0594ee5f Cleanup and add debug for fingerprint_vmware 2012-02-13 19:07:26 -06:00
Tod Beardsley 8c1581567c Cleanup on the vmware fingerprinting.
Add in some new OS constants and seperate out the fingerprinting
function from the connection function in order to avoid having errors
swallowed by a rescue.
2012-02-13 16:40:44 -06:00
Tod Beardsley 727cde00c6 Taking David's version of vmware_http_login over mine 2012-02-13 14:54:47 -06:00
sinn3r d036da627a Clear lots of whitespace 2012-02-13 14:13:43 -06:00
David Maloney 31f001ed54 Improved vmware enumerate vm modules
now with screenshots!
2012-02-13 12:07:28 -06:00
David Maloney 8c305e1a28 VMWare Web service finerprinting and OS detection.
VMWare Screenshot stealer
Improvemenets to the mixin
fix to check method for the login scanner
2012-02-13 12:05:32 -06:00
sinn3r a758462a32 Remove some whitespace 2012-02-13 11:01:26 -06:00
bperry-r7 abb1548d9a Fix extraneous print_status 2012-02-11 20:09:43 -06:00
David Maloney 676a0c53a0 Working Screenshot capability! 2012-02-11 03:51:18 -06:00
sinn3r fe69a27bf1 Fix indent level and type 2012-02-10 03:22:51 -06:00
sinn3r 4b47a9e66f Be gone, whitespace. 2012-02-10 03:16:37 -06:00
sinn3r 52e7743b41 Merge branch 'ipv6_logging' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-ipv6_logging 2012-02-10 03:13:18 -06:00
HD Moore 29b99aa7b4 Fix up titles/add boundary check for reporting external host 2012-02-08 12:23:46 -06:00
m-1-k-3 705c436ede added more multicast addresses from wikipedia 2012-02-07 11:45:20 +01:00
David Maloney e8aa624a16 Added todb's validator over to this working branch 2012-02-06 10:15:05 -06:00
Tod Beardsley 8ad9beef75 Removing javascript_keylogger from master. 2012-02-06 09:37:16 -06:00
m-1-k-3 91820ad1c3 logging to notes 2012-02-06 08:56:35 +01:00
sinn3r b2ae8a24dc Fix go cow art (tabs are bad to align chars) 2012-02-05 02:20:31 -06:00
sinn3r 0dd3ad0efb Remove naughty trailing commas 2012-02-05 02:03:49 -06:00
sinn3r 26f89f65bd Fix the bug that causes store_loot() to run twice. Also, other minor format changes. 2012-02-05 02:00:03 -06:00
sinn3r c2d1f64472 Merge branch 'master' of https://github.com/threatagent/metasploit-framework 2012-02-05 01:44:53 -06:00
sinn3r db1e400dff Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-02-05 01:27:21 -06:00
David Maloney df401f4c94 more fixes to backend stuff, plus updated vmware http login module to use
the correct mixin method now.
2012-02-03 15:44:41 -06:00
Tod Beardsley af506240cf http_fingerprint reports service info
Service info once again is reported when http_fingerprint is run against
a target, along with http status codes.
2012-02-03 12:15:11 -06:00
Tod Beardsley 786d75493c Fix up VMWware webscan to not false positive
Checks to see if a target is actually vmware based on the provided
cookie, using the http_fingerprint() function from HttpClient.

[Fixes #6340]
2012-02-02 22:19:57 -06:00
Marcus J. Carey c06b0f7e72 cleaning up an editor glitch. 2012-02-02 17:59:51 -06:00
Marcus J. Carey 1a278c55b5 a bit more cleanup 2012-02-02 16:19:21 -06:00
Marcus J. Carey 45b58bea06 got rid of bmp generation 2012-02-02 16:07:27 -06:00
Marcus J. Carey e96eceb145 Editing Javascript keylogger 2012-02-02 15:01:22 -06:00
Marcus J. Carey 7b3262958d Merge branch 'master' of github.com:threatagent/metasploit-framework
Conflicts:
	modules/auxiliary/server/capture/javascript_keylogger.rb
2012-02-02 14:58:23 -06:00
Marcus J. Carey 59a44f75ec Updated Javascript Keylogger 2012-02-02 14:42:13 -06:00
Marcus J. Carey f45528ec68 Update modules/auxiliary/server/capture/javascript_keylogger.rb 2012-02-02 10:33:33 -06:00
Marcus J. Carey 3bfb8b3c9d Adding Javascript Keylogger 2012-02-02 10:30:55 -06:00
Marcus J. Carey e70f9151e5 Merge remote-tracking branch 'upstream/master' 2012-02-02 07:13:03 -06:00
David Maloney 3f48e626a2 Adding a bunch of new VIM API auxiliary stuff
Work in progress.
2012-02-01 12:05:20 -06:00
Tod Beardsley e371f0f64c MSFTidy commits
Whitespace fixes, grammar fixes, and breaking up a multiline SOAP
request.

Squashed commit of the following:

commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:58:53 2012 -0600

    Break up the multiline SOAP thing

commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:48:16 2012 -0600

    More whitespace and indent

commit 12c42aa1efdbf633773096418172e60277162e22
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:39:36 2012 -0600

    Whitespace fixes

commit 32d57444132fef3306ba2bc42743bfa063e498df
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:35:37 2012 -0600

    Grammar fixes for new modules.
2012-02-01 10:59:58 -06:00
HD Moore 0b8987f2af Merge results initialization fix 2012-01-31 01:29:44 -06:00
sinn3r 1dec4c0c45 These modules should use vprint_xxx() instead of print_xxx() ... if datastore['VERBOSE'] 2012-01-30 13:08:35 -06:00
sinn3r a0ac4125cd Add aux module CMS400 default pass scanner (feature #6301) 2012-01-30 10:40:59 -06:00
sinn3r ce7f93f5d9 Merge pull request #138 from claudijd/master
Added Sequence Filters and MSF Exploit Capture to BNAT Scan
2012-01-29 22:07:25 -08:00