062f661991
Fix bug #6161 - Must explicitly convert e to e.to_s
2011-12-24 15:11:26 -06:00
8a705c9223
Fix bug #6158 - session.db_record might return nil but wasn't checked
2011-12-24 15:06:43 -06:00
dcb66307be
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-12-24 14:58:40 -06:00
2e2e28afb8
Fix bug #6160 - undefined method '[] for nil:NilClass' due to an invalid path
2011-12-24 14:57:46 -06:00
06077a37f8
Fixes typo, variable name is paths not path.
2011-12-24 14:39:08 -06:00
4215ef3ae1
add osvdb ref
2011-12-24 06:54:39 -06:00
3fe076bcd6
Check nil before using .empty?
2011-12-23 17:42:58 -06:00
69570dada6
Add CVE-2008-2161 OpenTFTP SP 1.4 Buffer Overflow by steponequit
2011-12-23 16:28:36 -06:00
84c6739921
added initial opentftp 1.4 windows exploit
2011-12-23 11:27:11 -06:00
41697440c7
Add Oracle Job Scheduler Command Execution (CreateProcessA) - Feature #6079
2011-12-23 01:22:39 -06:00
ce6b1d6b8c
Improve:
...
- Use 'Actions' to configure which OWA version to try
- Fix a bug where the USER_AS_PASS option might overwrite PASSWORD (and not restoring it) even though a password is already set.
- Increase timeout to 25
- Update description
2011-12-22 16:26:02 -06:00
b5b24a1fbf
Add a check. I decided not to try to login in the check function in order to remain non-malicious.
...
However, this decision doesn't represent how modules should write their own check.
2011-12-22 13:16:54 -06:00
262fe75e0a
Add CVE-2011-4642 - Splunk Remote Code Execution (Feature #6129 )
2011-12-22 13:04:37 -06:00
a03f5e32f8
Merge branch 'master' of github_r7:rapid7/metasploit-framework
2011-12-22 11:11:29 -06:00
2f55f08ebe
Actually describe the module in the title/description
2011-12-22 11:10:24 -06:00
5e1efdcd73
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-12-22 10:49:53 -05:00
30141f3008
Fix typo in the oracle enum aux module
...
The password grace time query was not checking the right value,
spotted by user bNull in the IRC channel.
2011-12-22 10:47:57 -05:00
743a0546f1
Don't blow up if the user doesn't set a filename
...
Can't actually require FILENAME or REMOTE_FILENAME because I don't know
if you're going to upload or download. However, there shouldn't be a
stacktrace when you just try to go with neither.
2011-12-21 16:26:29 -06:00
2db697cd7a
Fixup on checkpoint firewall module
...
get() should get get_once() (intent is to get 4 bytes,
not timeout after 4 seconds), no need to escape equals
signs in regexes, no need to newline the unexpected
responses.
2011-12-21 11:21:46 -06:00
c6297458e6
Adding ref/disclosure date to checkpoint module
...
Talked with patrick, this all looks correct now.
2011-12-21 10:59:02 -06:00
1128c3ec6b
Checkpoint error msg should use res.inspect
...
Otherwise your terminal will go all wonky.
2011-12-20 15:46:31 -06:00
a58ddcae1b
Adds reporting to Patrick's Checkpoint module
...
Also refers to port 264/TCP as the SecuRemote service instead of the
Topology service (I believe this is correct)
Reporting is initially conservative -- if we don't get something for
fw_hostname, then don't bother reporting at all; assume we're
mis-identifying the target.
2011-12-20 15:44:05 -06:00
baaa1f6c82
Add US-Cert references to all these SCADA modules. The refers are based on this list:
...
http://www.scadahacker.com/resources/msf-scada.html
2011-12-20 14:07:29 -06:00
d439390aa2
Fix typo
2011-12-20 12:19:34 -06:00
c2d59f0307
Fix issue #6133
2011-12-20 11:32:33 -06:00
c83c3d5128
TFTP forgot to commit my rename.
...
Fixes #5291 for real.
2011-12-20 10:45:29 -06:00
1a396ba955
Merge pull request #70 from rapid7/tftp_client
...
Tftp client
2011-12-20 08:42:42 -08:00
11a27a1e61
Renaming TFTP transfer util.
...
See #5291 . Just renaming the file.
2011-12-20 10:06:44 -06:00
24d53efa7c
Final touches on TFTP client
...
See #5291 . Adds an option to mess with the block size in case someone
wants to write a fuzzer or exploit that leverages that. Adds a cleanup
method to the module (pretty much required, it turns out). Looking
nearly final, just need to rename the module and I think we're good to
push to master.
2011-12-20 10:03:04 -06:00
0200b6367a
Add OKI Scanner (Feature #6125 )
2011-12-20 03:09:09 -06:00
677cb4b152
Handle empty data sends sanely for TFTP.
...
Don't just hang forever -- let the user know they just send empty data.
TFTP servers don't like this of course.
2011-12-19 21:56:03 -06:00
2b3e3725ac
TFTP adding comment docs, ability to send w/out a file.
...
Commenting the tricksy parts a little better for general usage.
Adding the ability to set FILEDATA instead of FILENAME, in case
only short bits of data are desired and the user doesn't want
to go to the trouble of creating a source file to upload.
2011-12-19 18:15:19 -06:00
431ef826c9
TFTP client now uses constants, preserves trailing spaces/nulls in data
...
See #5291 , just rediscovered the bug on this.
2011-12-19 16:33:25 -06:00
5eaf2e7535
Adding download and loot functionality.
...
Still need to deal with the use case of not passing a block; blocks
should not be required, it should be okay to invoke and just wait for
the complete attribute to be true. You'll miss out on error messages but
eh, maybe those should be return values.
2011-12-19 15:50:50 -06:00
aecde6fea4
Updating TFTP client. Now with grown-up thread handling.
...
No longer blocks on successful connections.
2011-12-19 12:14:40 -06:00
902d7f5ea7
Adding more to TFTP. Still need a read tho
...
Adds error checking and some helpful messaging in the event of an error.
In the event of a failed transfer the module exits immediately, but in
success, I'm still hanging around for several seconds after. Not a deal
breaker but can be annoying.
Also, need to implement a read as well as a write and store it as loot,
to be actually useful for most TFTP checking.
2011-12-18 21:05:27 -06:00
23aadd04f7
Fixing merge conflict cruft
...
Dangit teach me to merge quickly. TFTP module now loads again.
2011-12-18 13:28:52 -06:00
b58097a2a7
Remove junk() because it's never used
2011-12-17 01:28:07 -06:00
1201d7fbf2
Merge branch 'tftp_client' of github_r7:rapid7/metasploit-framework into tftp_client
...
Conflicts:
modules/auxiliary/admin/tftp/tftp_upload_file.rb
2011-12-16 22:41:22 -06:00
0b8914021c
Switch to vprint_status, also add skeletal cleanup def.
2011-12-16 21:06:10 -06:00
50fa10679b
First draft of a TFTP client.
...
Could use some actual error checking and also needs to expose
more options.
2011-12-16 18:41:55 -06:00
a6867ef128
First draft of a TFTP client.
...
Could use some actual error checking and also needs to expose
more options.
2011-12-16 18:39:09 -06:00
fae80f8d49
typo
2011-12-16 11:10:46 -06:00
205637892b
Added checkpoint_hostname aux module.
2011-12-16 10:54:34 -06:00
e0c4afbf9e
Merge pull request #60 from darkoperator/master
...
Typo in the file opening option
2011-12-16 08:44:22 -08:00
208b93ce74
Merge pull request #58 from swtornio/master
...
add osvdb refs
2011-12-16 08:44:02 -08:00
3c08836f51
Typo on the file opening mode
2011-12-16 01:13:06 -04:00
bb2ea62de8
Add CVE-2008-0926: Novell eDirectory eMBox Unauthenticated Access (Feature #2729 )
2011-12-15 23:09:26 -06:00
e991094bd2
Fix host info for report_auth_info(). Change print_status vs print_line order
2011-12-15 13:05:03 -06:00
2648e533a2
nil bug fix
2011-12-15 12:58:21 -06:00
829d96ffbe
Add Windows Gather RazorSQL cred collector (Feature #6117 )
2011-12-15 11:15:44 -06:00
1712f2aa22
add osvdb ref
2011-12-14 07:23:11 -06:00
85caabbf5d
add osvdb ref
2011-12-14 07:19:34 -06:00
8dc85f1cc5
Fix up some nascent typos
2011-12-14 00:30:31 -06:00
866e2b6bf3
Additional IPv6 payload support
2011-12-14 00:27:38 -06:00
86b3409d47
Actually return
2011-12-13 20:01:13 -06:00
cb456337a0
Handle invalid http responses better, see #6113
2011-12-13 19:54:10 -06:00
fea4bfb85c
Repair dead milw0rm link to exploit-db
2011-12-13 16:13:53 -06:00
c1a4c4e584
Repair dead milw0rm link to exploit-db
2011-12-13 16:13:34 -06:00
acef9de711
Repair dead milw0rm link to exploit-db
2011-12-13 16:13:15 -06:00
e7ab48693c
Repair dead milw0rm link to exploit-db
2011-12-13 16:12:57 -06:00
94b736c76c
Repair dead milw0rm link to exploit-db
2011-12-13 16:12:38 -06:00
97b74101fb
Repair dead milw0rm link to exploit-db
2011-12-13 16:12:11 -06:00
7b2a1dc791
Repair dead milw0rm link to exploit-db
2011-12-13 16:11:33 -06:00
a5189917da
Add CVE-2005-4832: Oracle Database Server DBMS_CDC_SUBSCRIBE SUBSCRIPTION_NAME SQL Injection (Feature #6094 )
2011-12-13 15:44:39 -06:00
d246bfa4da
Credit Luigi Auriemma for the original discovery/poc, not Celil
2011-12-13 15:20:26 -06:00
d87d8d5799
Add CVE-2011-4453 (PmWiki Remote code exeuction - Feature #6103 )
2011-12-13 11:45:24 -06:00
a9e4474eda
Add missing require, fix load error on invalid constant
2011-12-12 23:24:03 -06:00
cd0679ab5d
Increase timeout for cmd_exec()
2011-12-12 21:15:28 -06:00
6e8fdf1ce1
Apply patch #6081
2011-12-12 19:51:02 -06:00
a8fad72fce
Merge branch 'msftidy_fixup'
...
Merging a local msftidy cleanup branch, adding a new optional msftidy
test to check for 1.8 compat and cleaning up some whitespace /
file.open()'s.
2011-12-12 17:55:21 -06:00
f402b8598b
Whitespace and File.open binary mode cleanups.
...
Fixes some recent modules: dns_fuzzer, shodan_search,
avidphoneticindexer, and win_privs.
2011-12-12 17:31:28 -06:00
32c8301c19
Add feature #6082 (Traq 2.3 Auth bypass remote code execution)
2011-12-12 15:45:19 -06:00
bacdbb90d7
ugh, stack overflow != stack buffer overflow. Also, metadata format fix.
2011-12-12 15:23:32 -06:00
5af5137241
Add CoDeSys SCADA bof module ( #6083 )
2011-12-12 15:21:15 -06:00
5ba5bbf077
Apply feature #6074
2011-12-12 12:03:34 -06:00
4e95eb5d34
Update description (Feature #6080 )
2011-12-12 11:33:17 -06:00
b4f58ef8fd
Trailing commas kill 1.8. dangit.
...
Fixed dns_fuzzer to knock that off.
2011-12-12 10:26:53 -06:00
4736cb1cbe
Merge pull request #48 from swtornio/master
...
add osvdb ref
2011-12-11 20:37:43 -08:00
17cc89ebad
Add IPv6 specific HTTP(S) handlers and payloads (simplifies
...
options/usage)
2011-12-11 13:26:48 -06:00
2d3064c1ec
Default the scope ID to 0, explicitly
2011-12-10 13:46:16 -06:00
1ae12e3a23
Remove the default target, since module doesn't fingerprint the service
...
pack, this can only end in tears.
2011-12-10 13:31:05 -06:00
a9db05e53b
Fix regular expression
2011-12-10 13:24:58 -06:00
cd4d7d3c47
Handle IPv6 properly (host header parsing)
2011-12-10 13:24:58 -06:00
25685c4c74
add osvdb ref
2011-12-10 08:07:21 -06:00
b521602d82
add osvdb ref
2011-12-10 07:49:50 -06:00
8ccb68c9df
Adding an add_socket() to dhcp and rftp as lauched with a survice
...
when succesful.
Closing the related pull reuquest for this one.
2011-12-10 03:39:25 -06:00
e52436e7ad
Drop the incorrect Id keyword from h323_version
2011-12-09 14:29:55 -06:00
e043fb52c2
Incrase timeout
2011-12-08 11:21:03 -06:00
d6d9ac17d2
use store_loot() instead of store_local()
2011-12-08 11:10:31 -06:00
c366e652b9
Revert "Using store_local() to store stuff for dir traversal bugs feels much better than store_loot()"
...
This reverts commit d37daa4934
2011-12-08 10:11:09 -06:00
d37daa4934
Using store_local() to store stuff for dir traversal bugs feels much better than store_loot()
2011-12-07 19:08:24 -06:00
aa5c0c46b6
Fix indent level
2011-12-07 18:44:49 -06:00
feab7f5077
Add CVE-2011-4350
2011-12-07 18:42:52 -06:00
b7ccbcd6b5
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-12-07 12:23:23 -06:00
84682b3615
Apply patch #6072
2011-12-07 12:22:58 -06:00
b8767d5f57
Fix typo on 1.8.7
2011-12-07 10:45:23 -06:00
5afba20c21
Merge pull request #43 from jduck/master
...
Clear up how to use native payloads for tomcat_mgr_deploy
2011-12-06 23:01:53 -08:00
1694e22e74
Merge pull request #42 from chao-mu/master
...
Fix for issue #6012 ; post/windows/manage/enable_rdp broken
2011-12-06 23:01:20 -08:00
0e2101e4c1
Correct author name
2011-12-07 00:24:16 -06:00
fd1935b3de
show is_admin
2011-12-07 00:23:06 -06:00
edec6b98ee
Add feature #6067 Family Connections CMS 2.7.1 exploit
2011-12-07 00:00:56 -06:00
8fdfd9f97b
Additional verbosity on WLAN error message
...
to explain that the modules will error if the
Wireless Zero Configuration Service is turned off.
2011-12-06 20:42:11 -05:00
459eafd96d
Fix to WLAN mdoules for when wLAN not installed on target
...
The modules did not close out properly when WLAN was determined not to be
installed on the host. This fix corrects that.
fixes #6070
2011-12-06 20:22:47 -05:00
92c1065508
Add CVE-2004-1626 (Ability FTP Server). OSCP l337-fu :-)
2011-12-06 18:52:42 -06:00
f1950c2fe1
Adding back bitstruct (current upstream) and dns_fuzzer module
...
Fixes #3289 .
This commit adds back the bit-struct library because in the end,
it is useful for some modules, especially pello's. It's small
and it has a nice license, so why not. After all, it /is/
useful for quicky application headers. Eventually, should
be replaced by StructFu, but that requires some doc work
on my part to get that transition in place.
This also adds pello's DNS fuzzer module which makes use of
BitStruct to create sometimes malformed-on-purpose DNS headers.
Tested against 3 different DNS servers, caused one to reboot,
so I'd say it works.
2011-12-06 17:03:36 -06:00
0bbbcd549d
Add port information, and allow search in data
2011-12-05 22:22:36 -06:00
84af4647db
Merge branch 'issue_1083_oracle'
2011-12-05 17:39:46 -06:00
4da2c32734
Minor update to xdb_side_brute, see #1083
...
Adds a typo fix and adds an explicit VERBOSE option.
2011-12-05 15:11:09 -06:00
dbd00efefe
Merge branch '4.3-schema'
2011-12-05 15:04:35 -06:00
37516134f0
FILTER shouldn't be case-sensitive
2011-12-05 13:19:04 -06:00
97087d88fa
Mark portscan modules as v6 incompatible
2011-12-05 13:07:36 -06:00
cf28713f9a
Mark specific modules as incompatible due to use of quad-dot code
2011-12-05 13:07:36 -06:00
fd2eb200fb
Add Shodan Search Module (Feature #5451 )
2011-12-05 12:50:21 -06:00
ac7edc268a
Add some more clear documentation for selecting payloads for this module.
2011-12-05 00:35:11 -06:00
e524215b55
WTH, the date format is wrong
2011-12-04 15:23:31 -06:00
679ef457d8
Correct spelling, thx bannedit
2011-12-04 14:59:54 -06:00
f26447e021
Correct my own weird grammar
2011-12-04 14:50:53 -06:00
e07868d613
Catch possible exception if WTSGetActiveConsoleSessionId isn't available on the target machine
2011-12-04 14:48:45 -06:00
e52ebd602f
Encorporating patch submitted by Boris Lukashev to fix issue 6012 (Post module enable rdp broken and fixed (here)). Fix was to have the module include Msf::Post::Windows::WindowsServices, make service_change_startup available
2011-12-04 15:26:43 -05:00
3cd2caca1a
Fix #6052
2011-12-04 13:49:13 -06:00
89ed25978d
Add feature #6048
2011-12-04 13:44:21 -06:00
f63a616739
add osvdb ref
2011-12-04 07:48:48 -06:00
950b4a54a0
Fix bug #6050
2011-12-03 22:00:48 -06:00
2720572a37
Add IPSwitch Whatsup Gold TFTP directory traversal module
2011-12-03 18:46:34 -06:00
27974c4c27
Merge branch 'master' of github.com:rapid7/metasploit-framework into fastlib
...
Conflicts:
modules/auxiliary/scanner/http/axis_login.rb
modules/exploits/multi/http/axis2_deployer.rb
modules/post/multi/gather/thunderbird_creds.rb
modules/post/windows/gather/credentials/imvu.rb
msfopcode
2011-12-03 14:07:09 -06:00
b75799d18d
=add osvdb ref
2011-12-02 16:50:42 -06:00
83f12c6fe0
=add osvdb ref
2011-12-02 16:46:01 -06:00
c8634390b7
Add CCMPlayer m3u exploit (Feature #6029 )
2011-12-02 16:27:59 -06:00
30e3607ec0
The SUCCESS message may not be constant across foreign language verions according to jduck, chaning back to the old way
2011-12-02 15:11:27 -06:00
f4b755c319
Add License comment (author already put 'MSF_LICENSE' in there). Also drop rank, because it doesn't cover so many targets
2011-12-02 15:00:39 -06:00
cd2bb027bf
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-12-02 14:54:53 -06:00
895a509bd3
Add Avid Media Composer 5.5 (Feature #6035 )
2011-12-02 14:53:26 -06:00
2bb97791f7
Update OSVDF refs for servu module.
...
* Added osvdb ref to servu module.
* Fixed rhino entry in osvdb, removed comment from module.
Squashed commit of the following:
commit 80ce65253f51e07a0bcb8900402a1b3d59eaeaa1
Author: Steve Tornio <swtornio@gmail.com>
Date: Fri Dec 2 07:44:28 2011 -0600
add osvdb ref
commit 558f20d84dd705b57b7f807a5ea3815e17b6f9f5
Author: Steve Tornio <swtornio@gmail.com>
Date: Wed Nov 30 08:15:20 2011 -0600
fixed in osvdb
[Closes #39 ]
2011-12-02 13:21:41 -05:00
dbe7e6aecf
Remove a leftover debugging statement
2011-12-02 00:06:04 -06:00
2d320b1828
Fix bug: table being saved while empty
2011-12-01 22:47:42 -06:00
608a5586b2
Actually, don't really have a good reason for that exception handling anymore. I think.
2011-12-01 22:47:42 -06:00
0eb3b5a49b
Fix undefined method 'cmd_exec' bug. Thx Boris.
2011-12-01 22:47:42 -06:00
19fae182da
Add Thunderbird credential collector (Feature #6014 )
2011-12-01 22:47:42 -06:00
a91926716d
don't dup the last part of the key, fixes #6036
2011-12-01 15:24:58 -07:00
9f99cfc757
Convert the h323 module to MSF_LICENSE (backport from Pro)
2011-12-01 16:01:01 -06:00
3e5e9a910e
Add h323 scanner
2011-12-01 16:01:01 -06:00
d0db88d35d
Make key_base an instance var so other functions can access it. Bug #6036
2011-12-01 14:41:44 -06:00
57f12cb2d8
Merge branch 'servu_sploit'
2011-12-01 11:21:32 -08:00
93a419c76b
Having nothing on the webpage may probably confuse some novice users. But I do like stealth.
2011-12-01 03:02:35 -06:00
8399ce6e41
Fix bug #6031
2011-11-30 15:22:52 -06:00
40ab37fa10
Merge branch 'iss5979'
2011-11-30 12:16:33 -08:00
2858cae296
Some quick corrections to tidy things up
2011-11-29 19:57:08 -08:00
be88f483a3
More Accurate Vulnerability Check
2011-11-29 18:38:00 -08:00
0dda948265
New Exploit for the Serv-U FTP Buffer overflow
...
from CVE 2004-2111
2011-11-29 17:34:01 -08:00
f26f6da74b
Add CVE-2011-3544 (feature #6023 ) Java Rhino exploit
2011-11-29 18:05:20 -06:00
e439aba779
switched %USERPROFILE% to %APPDATA% to make the code a bit more universal
2011-11-29 20:08:44 +00:00
897731f3a5
Check creds (feature #6025 ). Also bringing the 'Inbox' regex back
2011-11-29 11:01:39 -06:00
6f5d64f6de
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-29 03:31:15 -06:00
34a933d499
Feature #5610
2011-11-29 03:30:49 -06:00
f503bd9488
Fixes #5749 by converting to unix-style linefeeds and forcing jtr modules to read files as binary, and updating msftidy to allow for r+b as a ghetto append.
2011-11-28 17:52:34 -06:00
c411c216c0
Solved most of msftidy issues with the /modules directory
2011-11-28 17:10:29 -06:00
3a84c31326
Using a better regex for a successful login. Thanks Borys.
2011-11-28 14:29:42 -06:00
bc541c118d
Apply patch #6020
2011-11-28 14:16:24 -06:00
5165865560
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-28 14:07:19 -06:00
59ab0c3a18
Fix bug #6021 , Thanks Borys
2011-11-28 14:06:56 -06:00
44a47f9913
Fixing up OWA bruteforce module to conform with the usual print_status
...
messages.
2011-11-28 13:31:54 -06:00
a578db7f56
Apply fix for #6019
2011-11-28 01:12:18 -06:00
ebfe269698
Apply patch for #5824
2011-11-26 16:52:12 -06:00
5e08c93ac9
Apply patch #5580
2011-11-26 15:32:43 -06:00
b7950a752e
Add feature #4929 (MS09-053)
2011-11-26 13:30:35 -06:00
82a5da866a
Fix bug: table being saved while empty
2011-11-25 00:54:17 -06:00
ec3c37d963
Actually, don't really have a good reason for that exception handling anymore. I think.
2011-11-25 00:41:28 -06:00
3e7c821119
Fix undefined method 'cmd_exec' bug. Thx Boris.
2011-11-25 00:34:33 -06:00
7571466014
Add Thunderbird credential collector (Feature #6014 )
2011-11-24 19:39:34 -06:00
900232fb60
HTTP login scanners need to set duplicate_ok to true
...
or different web applications on the same server
may wipe eachother's creds out.
2011-11-23 23:05:51 -06:00
53b3e96af4
Added a check to the Axis login scanner to ensure
...
that the supplied url is valid.
Need this because we don't currently have a way to fingerprint
for Axis2 so we are relying on Tomcat fingerpinting.
2011-11-23 23:05:51 -06:00
3954030963
Apply patch #6004
2011-11-23 23:05:51 -06:00
d1c44160dd
Fix to the axis2 Deployer exploit to add Default Target
2011-11-23 23:05:51 -06:00
d3887d20e5
Consolidation of the Axis2 Deployer Exploits
...
Fixes #5276
2011-11-23 23:05:51 -06:00
c61d02686a
HTTP login scanners need to set duplicate_ok to true
...
or different web applications on the same server
may wipe eachother's creds out.
2011-11-22 13:04:10 -08:00
9d7f7b1f0e
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-22 11:53:14 -08:00
9e40fac8b1
Added a check to the Axis login scanner to ensure
...
that the supplied url is valid.
Need this because we don't currently have a way to fingerprint
for Axis2 so we are relying on Tomcat fingerpinting.
2011-11-22 11:52:06 -08:00
8b729b59f8
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-22 13:08:08 -06:00
25f4b45bd1
Apply patch #6004
2011-11-22 13:07:46 -06:00
4a22df4014
Fix to the axis2 Deployer exploit to add Default Target
2011-11-22 10:27:38 -08:00
30d1451159
Consolidation of the Axis2 Deployer Exploits
...
Fixes #5276
2011-11-22 08:47:53 -08:00
4ef7c373e9
Fix to typo in the tables being pushed.
2011-11-22 00:06:58 -06:00
f81567fb6f
Fix to typo in the tables being pushed.
2011-11-21 15:49:57 -08:00
e11ca43c37
Add feature #5680
2011-11-21 12:39:45 -06:00
76846aa578
Add MS10-038 (CVE-2010-0822) exploit
2011-11-21 11:36:47 -06:00
28a079f308
Add credit to the appropriate researcher
2011-11-20 02:32:45 -06:00
95d639ccf7
Change target index and names. Also retested on XP all the way to Win 7, IE 6 to IE8.
2011-11-20 01:44:52 -06:00
980cd4c888
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-19 20:41:29 -06:00
9c2fab0921
Add CVE-2010-0356 (Viscom Movie Player Pro) by tecr0c
2011-11-19 20:40:04 -06:00
67120d4263
msftidy on aux modules, see #5749
2011-11-20 13:12:07 +11:00
f35b6c5269
msftidy on post modules for spaces at EOL
2011-11-20 12:53:25 +11:00
a4cadf0d53
remove the extra comment that's not used
2011-11-19 12:48:39 -06:00
30f13984ea
Add wireshark console.lua exploit (CVE-2011-3360)
2011-11-18 21:24:48 -06:00
ff22246119
Attempt to fix #5979
2011-11-18 12:53:35 -08:00
eca1253439
updating sudo
2011-11-18 10:17:43 -06:00
356e0e6fb5
Moving sudo from linux to multi, because it is.
2011-11-18 10:16:57 -06:00
fa77909c67
whitespace fix
2011-11-18 08:51:07 -06:00
55367fad4f
Merge pull request #25 from rapid7/post_module_sudo
...
Post module sudo
2011-11-18 06:30:40 -08:00
11c1f0983f
Fixes #5993
2011-11-17 18:05:36 -08:00
77cba9de7c
Merge branch 'cbdfix'
...
Conflicts:
modules/post/windows/gather/credentials/imvu.rb
modules/post/windows/gather/forensics/duqu_check.rb
modules/post/windows/recon/computer_browser_discovery.rb
2011-11-17 14:55:20 -08:00
d8b77564ef
Tidying up, fixing csh echo behavior
2011-11-17 16:29:02 -06:00
3bfe7e9b98
fix to comptuer browser discovery to output properly and sotre as loot
...
added additional option to save detected hosts in the db.
2011-11-17 14:17:28 -08:00
9878517f80
Cleanup and light refactoring, deal with slowpoke linux telnet cmd_exec()
2011-11-17 13:19:13 -06:00
84fb5b441a
Cleaning up some names and descs
2011-11-17 07:47:26 -06:00
4c90b68b4f
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-16 19:10:53 -08:00
eae171b216
Addresses issue #5984
2011-11-16 19:07:56 -08:00
93a133d5de
Always try both export and setenv. Fixups to allow for correct reading from echoy nix shells. Fixes is_root? to not treat an empty string as 0
2011-11-16 16:48:19 -06:00
fea42dbdee
Add feature #5872
2011-11-16 12:26:54 -06:00
725431dbdb
Simpler method for setenv vs export. Tested on csh, ksh, zsh, sh, bash
2011-11-15 19:31:15 -06:00
d969006268
Adding zsh
2011-11-15 19:10:25 -06:00
5cdab2ef41
Less repetitive error messages
2011-11-15 18:17:25 -06:00
26659d8b17
Adding a sudo post module for easier automation
2011-11-15 17:38:45 -06:00
d8347a1245
Fixes to post modules that store creds as loot.
...
All post modules that store creds as loot now store in
a CSV format with User and then Password always as the
first two columns.
2011-11-15 14:13:51 -08:00
f6b0ffd630
Cleanup of the stack traces in the pidgin and filezilla client cred modules
2011-11-15 12:19:15 -08:00
8d47883af0
Moving the wlan directory up a level. It makes more sense in it's own area
...
instead of under gather.
2011-11-15 08:29:13 -08:00
c8142043e9
Fixes to credential handling to downcase usernames whenever they are not case sensitive.
...
Also report_auth_info now checks to see if a non-case sensitive version of the cred
may already exist.
2011-11-14 22:50:52 -08:00
96d2209ca2
Minor fixups for trace report_note patch
2011-11-14 10:40:11 -06:00
5d5c9464cc
Do some report_note while TRACE detection
2011-11-14 12:10:53 +01:00
2536cf0308
Add feature #5779
2011-11-14 01:49:26 -06:00
5856112797
Quickfix: missing require in post/windows/escalate/getsystem.rb
...
Resolves:
[-] WARNING! The following modules could not be loaded!
[-] contrib/metasploit-framework/modules/post/windows/escalate/getsystem.rb: NameError uninitialized constant Msf::Post::Windows
2011-11-13 14:25:31 +01:00
71599f5ef9
Fix sqlmap aux to work with actual sqlmap.py
...
Commit relates to IssueID #5807
2011-11-13 09:18:33 +01:00
4f177acf88
Merge pull request #9 from swtornio/master
...
Add osvdb ref
2011-11-12 11:35:24 -08:00
e4ebb890d8
Apply patch for bug #5963
2011-11-12 13:17:26 -06:00
41d746a07a
Add Support Incident Tracker (Feature #5964 ) by Juan
2011-11-12 12:36:21 -06:00
a0c9297500
add osvdb ref
2011-11-12 06:01:41 -06:00
170c4f5451
Fix author email format
2011-11-12 01:53:25 -06:00
b8b8732d85
Correct disclosure date
2011-11-12 01:12:28 -06:00
ed5bae6441
oops, I don't need that extra comment
2011-11-12 01:04:00 -06:00
84c5268ab4
Add Aviosoft DTV exploit
2011-11-12 01:02:40 -06:00
2ec21858c6
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-11 16:20:27 -06:00
65fc693c66
Add a getsystem post module for automation
2011-11-11 16:19:49 -06:00
62fdbd549c
no need to register VERBOSE, because it's already a standard option in all modules. Thanks egyp7 for the reminder.
2011-11-11 15:37:47 -06:00
2d940e2c91
Apply patch #5952
2011-11-11 14:58:17 -06:00
2f6c9d6d08
Removing a hated semi-colon, noting that the rescue does nothing
2011-11-11 13:59:14 -06:00
e1cea699a7
yo, format police is in town for some law and order around here
2011-11-11 11:39:13 -06:00
35f84f5e42
yo, ruby 1.8 fix
2011-11-11 11:38:28 -06:00
fdef66f2bf
yo, ruby 1.8 fix
2011-11-11 11:38:08 -06:00
6f050d624f
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-11 11:24:55 -06:00
e972234629
yo, owa bruteforce utility in the house (Feature #4725 )
2011-11-11 11:23:35 -06:00
184eee0e64
Merge branch 'duqu'
2011-11-11 10:22:12 -06:00
e03b6d27d2
Adding a colon to Request keyword mostly just to test local changes
2011-11-11 10:20:52 -06:00
ef1a86e839
adding email address
2011-11-11 09:44:18 -06:00
6ae8bbb6ce
Fixes #5832
2011-11-10 21:57:24 -08:00
5a75a67830
cleaning up tabs and rename variables for clarity
2011-11-10 23:26:19 -06:00
c30d98093f
Merge branch 'iss5426'
2011-11-10 20:39:48 -08:00
c984ea41d1
Quick fix to cred sourcing to eliminate spaces in the source type
2011-11-10 20:39:13 -08:00
17150b7e0b
Merge pull request #5 from aushack/master
...
Added BID ref for amlibweb module.
2011-11-10 18:22:00 -08:00
43fa2c3d1b
Add a gitignore and delete the broken file_autopwn code. Fixes #4964
2011-11-10 20:11:53 -06:00
f54b622ad3
Added BID ref for amlibweb module.
2011-11-11 12:04:40 +11:00
7191542503
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-10 18:09:55 -06:00
457b7cb6d1
sinn3r: *knock, knock* Whitespace: who's there? sinn3r:Me, I kill you
2011-11-10 18:08:28 -06:00
0675def3d4
Whitespace, I kill you.
2011-11-10 18:00:50 -06:00
e140361ffd
change keys to array instead of comma delimited string
2011-11-10 16:11:11 -06:00
3a328e1a1c
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-10 16:09:35 -06:00
b761c6a9cc
Add feature #5933
2011-11-10 16:09:03 -06:00
d75e4aead3
Cosmetic changes
2011-11-10 15:45:02 -06:00
7348a71c24
adding duqu_check.rb
2011-11-10 15:20:48 -06:00
0c36915dae
add osvdb ref
2011-11-10 13:24:26 -06:00
453082678f
Add CVE-2010-1871 (Feature #5922 )
2011-11-10 10:21:17 -06:00
a9ebfbd604
Add feature #5912
2011-11-10 03:13:57 -06:00
3ff1449995
Do report_note()
2011-11-10 02:16:25 -06:00
c569ec4a33
Don't really need a revision # in source
2011-11-09 22:10:52 -06:00
32bb3af298
Add feature #5946
2011-11-09 21:49:34 -06:00
16f45fc894
Add empty directories from svn repo.
2011-11-09 18:41:40 -06:00
9ff5eabb4b
Fix #4915
...
git-svn-id: file:///home/svn/framework3/trunk@14201 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-09 08:51:47 +00:00
a88f954640
More Cred Sourcing
...
git-svn-id: file:///home/svn/framework3/trunk@14197 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-09 01:49:57 +00:00
fdf13e5e0e
Fixes #5927
...
git-svn-id: file:///home/svn/framework3/trunk@14196 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 21:45:17 +00:00
aa4f6c1cae
More cred sourcing fixes
...
git-svn-id: file:///home/svn/framework3/trunk@14193 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 18:45:47 +00:00
cdbe7bc587
Multiple fixes to cred reporting on this module
...
git-svn-id: file:///home/svn/framework3/trunk@14192 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 17:25:39 +00:00
16fc275853
whitespace cleanup
...
git-svn-id: file:///home/svn/framework3/trunk@14191 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 16:09:31 +00:00
3ac11b7d44
Whitespace clean up
...
git-svn-id: file:///home/svn/framework3/trunk@14190 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 15:48:04 +00:00
4490bb4683
handle better certain options that may use = sign
...
git-svn-id: file:///home/svn/framework3/trunk@14189 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 15:14:00 +00:00
c4fa5b4674
Fix #5937 . Vista is currently taken down because it's not stable enough.
...
git-svn-id: file:///home/svn/framework3/trunk@14188 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 09:35:18 +00:00
2d80d1e144
Fixes Cred Sourcing in report_auth_info() for post modules.
...
git-svn-id: file:///home/svn/framework3/trunk@14187 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 03:34:49 +00:00
28c2408fdd
handle better certain options that may use = sign
...
git-svn-id: file:///home/svn/framework3/trunk@14186 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 03:22:54 +00:00
77a3edbb4f
Added squiz_matrix_user_enum aux module.
...
git-svn-id: file:///home/svn/framework3/trunk@14185 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 03:14:39 +00:00
ad94bae78f
Fix bug #5923
...
git-svn-id: file:///home/svn/framework3/trunk@14182 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 17:52:02 +00:00
7ffcf62a2e
Add #5364
...
git-svn-id: file:///home/svn/framework3/trunk@14181 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 17:34:42 +00:00
12378b45d6
Fix #5502
...
git-svn-id: file:///home/svn/framework3/trunk@14180 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 07:44:02 +00:00
0b981b0db0
Add OSVDB reference
...
git-svn-id: file:///home/svn/framework3/trunk@14179 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 02:01:42 +00:00
e767214411
Fix: whitespaces, svn propset, author e-mail format
...
git-svn-id: file:///home/svn/framework3/trunk@14175 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 22:02:26 +00:00
b1d38a44a4
Clenaup
...
git-svn-id: file:///home/svn/framework3/trunk@14174 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 21:23:21 +00:00
49dddf1396
Yeah, don't really need the bottom comment anymore
...
git-svn-id: file:///home/svn/framework3/trunk@14172 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 20:16:34 +00:00
43a22d3fa0
Add Office 2007 SP2 target, thanks Juan
...
git-svn-id: file:///home/svn/framework3/trunk@14171 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 17:33:29 +00:00
70a64bf4db
Fix indent level and whitespace
...
git-svn-id: file:///home/svn/framework3/trunk@14170 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-05 23:18:30 +00:00
1a2f60f4c0
Add MS11-021 ( #5917 )
...
git-svn-id: file:///home/svn/framework3/trunk@14169 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-05 23:05:42 +00:00
e4d540e031
Seplling
...
git-svn-id: file:///home/svn/framework3/trunk@14166 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-05 15:43:28 +00:00
f6cc9eade7
Replace my crufty old ASN.1 parser with OpenSSL::ASN1
...
git-svn-id: file:///home/svn/framework3/trunk@14165 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-05 05:12:28 +00:00
1272736b72
indent level fix
...
git-svn-id: file:///home/svn/framework3/trunk@14162 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 21:04:54 +00:00
a0aebe98bb
Adds the community submitted ePO database password post module
...
Did some minor code cleanup and replaced the hostname resolution with mubix's railgun
code to make the victim do the resolution. This should be more reliable.
Fixes #5210
git-svn-id: file:///home/svn/framework3/trunk@14160 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 20:15:14 +00:00
69193f9fe4
Some quick fixes to enum_cred_store
...
Fixes #5218
git-svn-id: file:///home/svn/framework3/trunk@14159 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 19:28:53 +00:00
07a41924a6
Added mubix's enum_termserv post module.
...
Fixes #5914
git-svn-id: file:///home/svn/framework3/trunk@14158 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 18:47:22 +00:00
155c3ff9ac
whitespace
...
git-svn-id: file:///home/svn/framework3/trunk@14157 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 17:17:10 +00:00
7a07e069da
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@14156 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 14:15:00 +00:00
3d6f631780
Upgrade mini_stream as a remote module. Account for all variables that affect the offset to EIP. Also digital1 = Ron.
...
git-svn-id: file:///home/svn/framework3/trunk@14155 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 08:20:43 +00:00
057725450c
svn propset. fix author email format
...
git-svn-id: file:///home/svn/framework3/trunk@14154 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 08:16:36 +00:00
f23389390b
better handling of hosts with no USB History
...
git-svn-id: file:///home/svn/framework3/trunk@14153 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-03 22:59:39 +00:00
86a7807b97
Added a couple more checks for the names of the post modules provided
...
git-svn-id: file:///home/svn/framework3/trunk@14152 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-03 22:40:29 +00:00
1c5d44c40a
Fix variable declaration
...
git-svn-id: file:///home/svn/framework3/trunk@14151 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-03 22:28:08 +00:00
585a7cc4a2
Adding the HTTP Trace scanner from CG
...
Fixes #3390
git-svn-id: file:///home/svn/framework3/trunk@14150 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-03 20:09:11 +00:00
c7f0568769
Fix next vs return issue
...
git-svn-id: file:///home/svn/framework3/trunk@14149 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-03 18:34:30 +00:00
7091fc1eea
Adding mubix's post modules
...
Fixes #5916
Fixes #5913
Fixes #5915
git-svn-id: file:///home/svn/framework3/trunk@14148 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-03 03:00:51 +00:00
f25dc59371
spelling.
...
git-svn-id: file:///home/svn/framework3/trunk@14146 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-02 21:56:38 +00:00
2b00ace437
spelling.
...
git-svn-id: file:///home/svn/framework3/trunk@14145 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-02 21:47:27 +00:00
3722a5c3c1
Add LifeSize room command injection (feature #5333 )
...
git-svn-id: file:///home/svn/framework3/trunk@14143 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-02 19:40:05 +00:00
131ffe4ab2
Fixed inconsistencies in how data was being passed to report_auth_info(). The command dispatcher and filezilla
...
server cred module both used the accessor :ptype but report_auth_info looks for :type.
While ptype is what the db field is called, almsot everything else references :type so it is better
for consistency to keep everything at :type.
Fixes #5906
git-svn-id: file:///home/svn/framework3/trunk@14141 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-02 02:47:28 +00:00
4ab4a2cec7
fixes issues with with imvu, forgot the require statement.
...
git-svn-id: file:///home/svn/framework3/trunk@14140 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-01 21:50:06 +00:00
ae9e8b7821
Syntax fix for ruby 1.8
...
git-svn-id: file:///home/svn/framework3/trunk@14139 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-01 21:48:24 +00:00
d5cee2dedf
Apply patch #5411 to allow user-specified path
...
git-svn-id: file:///home/svn/framework3/trunk@14137 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-01 17:57:11 +00:00
b809f00979
Add NJStar MiniSMTP bof (Feature #5901 )
...
git-svn-id: file:///home/svn/framework3/trunk@14135 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-01 08:19:55 +00:00
8750c3aac5
Add feature #4849 (Redis module)
...
git-svn-id: file:///home/svn/framework3/trunk@14133 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 21:47:15 +00:00
0890cca02a
much needed patch worked like a champ in my enviroment.
...
git-svn-id: file:///home/svn/framework3/trunk@14132 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 20:37:30 +00:00
d55dc551b6
syntax issue
...
git-svn-id: file:///home/svn/framework3/trunk@14131 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 20:22:02 +00:00
1b9a6bb20f
Fix :host key
...
git-svn-id: file:///home/svn/framework3/trunk@14130 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 19:50:22 +00:00
10dd6ff38e
Fix "TypeError can't convert String into Hash" when using report_note()
...
git-svn-id: file:///home/svn/framework3/trunk@14129 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 19:48:20 +00:00
e1ffdfdb18
Fixes #3199 , jduck caught the funky behavior of seek and ruby's "ab" and "wb" file mode. See also http://pastie.org/2789573
...
git-svn-id: file:///home/svn/framework3/trunk@14128 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 19:06:09 +00:00
e14668ece9
Add ColdFusion version scanner - feature #4079
...
git-svn-id: file:///home/svn/framework3/trunk@14127 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 18:18:11 +00:00
fb56e23197
Apply fix for bug #5516 to correct a possible false positive on Apache Tomcat
...
(yup, tomcats are tricky like that)
git-svn-id: file:///home/svn/framework3/trunk@14124 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 16:39:03 +00:00
f64893d305
Consistent naming
...
git-svn-id: file:///home/svn/framework3/trunk@14122 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-30 08:20:18 +00:00
f365050c6f
Keeping the style police happy =)
...
git-svn-id: file:///home/svn/framework3/trunk@14119 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-29 19:54:32 +00:00
47ea0d7b96
Added WlanAPI Post modules. These will probably get an upgrade in the future pending some Railgun improvements Chao-mu is working on.
...
Fixes #5598
git-svn-id: file:///home/svn/framework3/trunk@14118 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-29 19:32:45 +00:00
55e6672e6b
Revert a well-intentioned but design-violating change
...
git-svn-id: file:///home/svn/framework3/trunk@14116 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-29 18:40:49 +00:00
27c41e41f7
spaces/tabs cleanup
...
git-svn-id: file:///home/svn/framework3/trunk@14115 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-29 17:41:38 +00:00
47cb10c70b
Added John the Ripper Linux module
...
Fixes #5513
git-svn-id: file:///home/svn/framework3/trunk@14114 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-29 17:27:21 +00:00
391f39d6a3
Fixes #5165
...
git-svn-id: file:///home/svn/framework3/trunk@14111 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-29 00:33:16 +00:00
292a1d087b
Fixes #4288
...
git-svn-id: file:///home/svn/framework3/trunk@14110 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-29 00:23:02 +00:00
86128d3373
Removed whitespaces
...
git-svn-id: file:///home/svn/framework3/trunk@14106 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-28 23:06:52 +00:00
45d8c91929
Fixes #3199 . Note that hex notation (0x41) is okay for OptInt. Ruby integers can be 0x41, 0101, 0b01000001, which are all 65, so dropped that chunk and clarified the option instead of forcing a string and a conversion.
...
git-svn-id: file:///home/svn/framework3/trunk@14102 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-28 20:58:46 +00:00
b15f878b2f
Forgot to close out the registry hives when done. fixed now
...
git-svn-id: file:///home/svn/framework3/trunk@14100 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-28 18:00:10 +00:00
8be10d4abe
Added the IVMU password collector post module submitted in #5582
...
git-svn-id: file:///home/svn/framework3/trunk@14099 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-28 17:50:16 +00:00
de22020e6f
Typos and undefined variable
...
git-svn-id: file:///home/svn/framework3/trunk@14097 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-28 14:46:49 +00:00
467df77a50
Fixes #5170 . Enforces a max width, avoids negative widths. Thanks Oliver!
...
Related to r13769
git-svn-id: file:///home/svn/framework3/trunk@14093 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-27 22:07:41 +00:00
63a926a6ee
Do a report_host() on OS default name. Request #5865
...
git-svn-id: file:///home/svn/framework3/trunk@14090 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-27 04:50:01 +00:00
3eff1cfaa5
This exploit does not work at all, and could not be fixed in time. See #5854
...
git-svn-id: file:///home/svn/framework3/trunk@14088 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-27 01:47:48 +00:00
ef808f20e8
Post module for enumerating on a host that is part of the domain domain members in its local groups, impersonation tokens of domain accounts and processes that run under domain accounts and on all cases checks if those domain accounts are part of the Domain Admins group
...
git-svn-id: file:///home/svn/framework3/trunk@14087 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-27 00:54:54 +00:00
c0cca836c1
Ok, last svn propset, I swear
...
git-svn-id: file:///home/svn/framework3/trunk@14086 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 23:41:24 +00:00
baf9a816d5
damn it, I missed one
...
git-svn-id: file:///home/svn/framework3/trunk@14085 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 23:40:32 +00:00
7db499e71e
The svn propset police joins the party
...
git-svn-id: file:///home/svn/framework3/trunk@14084 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 23:38:18 +00:00
5d8c3e956e
Watch out, the style police is in da house
...
git-svn-id: file:///home/svn/framework3/trunk@14083 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 23:31:12 +00:00
6ba153c9f5
Fix to a typo, thanks Jabra
...
git-svn-id: file:///home/svn/framework3/trunk@14082 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:44:17 +00:00
abf37d7caf
Added John the Ripper Unshadow module. See #5437
...
git-svn-id: file:///home/svn/framework3/trunk@14081 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:40:38 +00:00
1f8e455eaa
Added Postgres MD5 Hashcrack module. See #5423
...
git-svn-id: file:///home/svn/framework3/trunk@14080 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:34:33 +00:00
23e50bf2b4
Added Oracle John the Ripper Module. See #5406
...
git-svn-id: file:///home/svn/framework3/trunk@14079 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:33:44 +00:00
afec4fd928
Added MySQL John the Ripper module. See #5408
...
git-svn-id: file:///home/svn/framework3/trunk@14078 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:33:12 +00:00
5c565d12fc
Added the MS SQL John the Ripper Module see #5407
...
git-svn-id: file:///home/svn/framework3/trunk@14077 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:32:08 +00:00
7b099bbaef
remove Rex::Text.pattern_create()
...
git-svn-id: file:///home/svn/framework3/trunk@14076 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:16:26 +00:00
ded364c8ef
Feature #5621
...
git-svn-id: file:///home/svn/framework3/trunk@14075 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 21:25:46 +00:00
dd72e1ce9d
Longer timeout. #5851
...
git-svn-id: file:///home/svn/framework3/trunk@14074 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 19:35:03 +00:00
0dff3f3e52
Add #5682 (phpscheduleit module). Thx Juan.
...
git-svn-id: file:///home/svn/framework3/trunk@14073 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 18:06:12 +00:00
sinn3r
Tod Beardsley
Steve Tornio
steponequit
Tod Beardsley
David Maloney
Patrick Webster
sinn3r
Carlos Perez
HD Moore
HD Moore
Joshua J. Drake
chao-mu
James Lee
Rob Fuller
andurin
Marcus J. Carey
Wei Chen
Matt Buck
Matt Weeks
James Lee
Mario Ceballos