Commit Graph

29177 Commits (d0fcbf2cdbd822dbb08c31576af86a2ca3a1dd45)

Author SHA1 Message Date
Peter Marszalik 705bd42b41 tab to space change - line 296 2014-11-22 14:48:44 -06:00
sinn3r b34ddbdfff
Land #4247 - Auto-generated SSL certs now match "snakeoil" defaults 2014-11-22 13:36:06 -06:00
HD Moore ba9c763f7e Auto-generated SSL certs now match "snakeoil" defaults
This change emulates the auto-generated snakeoil certificate from Ubuntu 14.04. The main changes including moving to 2048-bit RSA, SHA256, a single name CN for subject/issuer, and the removal of most certificate extensions.
2014-11-21 18:25:04 -06:00
jvazquez-r7 3ac1f7d4fb
Land #4242, @Meatballs1 fix for sap_service_discovery report_note
* I cannot reproduce @Meatballs1 issue
* But I noticed report_note should :update with :unique_data
* Fixed the :update
2014-11-21 10:16:08 -06:00
jvazquez-r7 e30ee9fee2 Update with :unique_data 2014-11-21 10:14:39 -06:00
jvazquez-r7 90ae9a3ff8
Land #4173, @wchen-r7's fix for SMB find_first
* Fixes #4119, SMB find_first("\\*") does not return accurate results
* It missed initialization of sid
2014-11-21 09:51:57 -06:00
sinn3r f2add929d7
Land #4239 - Support SSL intermediate certs 2014-11-21 02:09:40 -06:00
HD Moore 85de75cd5d
Adds a smtp ntlm domain scanner, lands #4241 2014-11-20 22:18:26 -06:00
rwhitcroft 3ddf848abf Merge pull request #1 from hmoore-r7/smtp_ntlm_domain
Module cleanup, error handling, and reporting
2014-11-20 20:43:25 -05:00
HD Moore 99a23ada5c Module cleanup, error handling, and reporting 2014-11-20 16:18:20 -06:00
HD Moore 2f6c4a9ba4 Slight tweak to description/author email formatting 2014-11-20 14:53:52 -06:00
HD Moore 2f92a83092 Change to example.com as the default domain 2014-11-20 14:53:36 -06:00
Meatballs ee15179441
Fix service discovery errors 2014-11-20 18:22:33 +00:00
Meatballs f2b80f4ef1
Merge remote-tracking branch 'upstream/master' 2014-11-20 18:18:00 +00:00
Rich Whitcroft 8306d739e3 add scanner module to extract domain from NTLM challenge 2014-11-20 11:02:21 -05:00
HD Moore d530046164 Bugfix. Chrome is a liar (chain certs properly) 2014-11-19 16:08:03 -06:00
HD Moore 0d091f1c03 Support SSL intermediate certs, closes #4238
Note that this does not apply to reverse_tcp meterpreter clients yet, as
they do not allow certificates to be supplied. I abstracted out the SSL
certificate generation and parsing methods so that we can address this
next.
2014-11-19 15:56:49 -06:00
HD Moore abc0640b7b
Fix placeholder, lands #4237 2014-11-19 14:26:10 -06:00
Mark Schloesser 9e9954e831 fix placeholder to show the firmware version I used 2014-11-19 21:23:39 +01:00
Tod Beardsley 6daa8b48a3
Land #4235, Hikvision exploit 2014-11-19 14:18:54 -06:00
Mark Schloesser a718e6f83e add exploit for r7-2014-18 / CVE-2014-4880 2014-11-19 21:07:02 +01:00
Tod Beardsley 6a58774dd6
Land #4234, crediting @jduck 2014-11-19 12:43:04 -06:00
Jon Hart a91a5f3c4b
Land #4067, @fozavci's IN:SRV support for fakedns 2014-11-19 08:38:00 -08:00
Jon Hart 684975a315 Use correct target address for fake As 2014-11-19 08:28:56 -08:00
Jon Hart 3777e78a85 Sanitize creation of target host. Return minimal for SRV 2014-11-19 08:28:56 -08:00
Jon Hart 52e004d8ab Use less conflicting name for SRV record port 2014-11-19 08:28:56 -08:00
Jon Hart ee90e4353b Add more consistent logging for fakedns types that support fake vs bypass 2014-11-19 08:28:55 -08:00
Jon Hart 0910275fac Don't artificially insert additional records when BYPASS 2014-11-19 08:28:55 -08:00
Fatih Ozavci a38cb3ee53 @jhart-r7 commits are accepted and conflicts fixed. 2014-11-19 08:28:55 -08:00
Fatih Ozavci ab7f6866f5 FAKE and BYPASS actions are implemented for SRV queries 2014-11-19 08:28:55 -08:00
Fatih Ozavci f403d27fbd Author update for the fakedns module 2014-11-19 08:28:55 -08:00
Fatih Ozavci 47f7d8c4be IN:SRV expansion for Fake DNS server 2014-11-19 08:28:55 -08:00
Joe Vennix a9cb6e0d2f
Add jduck as an author on samsung_knox_smdm_url 2014-11-19 10:18:08 -06:00
Jon Hart 31b366dedb
Land #4061, @fozavci's CDP testing module 2014-11-19 08:17:41 -08:00
Jon Hart 895bdd9c6f Remove unused options 2014-11-19 08:09:52 -08:00
Jon Hart 134046975e Remove report mixin which was not used 2014-11-19 08:09:52 -08:00
Jon Hart 4c112e71c1 Remove errant whitespace, unnecessary to_s 2014-11-19 08:09:52 -08:00
Jon Hart f54fc3da87 More CDP cleanup. Loop, cleaner packet construction, style 2014-11-19 08:09:52 -08:00
Jon Hart 0dac2de3fd Use PacketFu::EthHeader.mac2str for MAC formatting 2014-11-19 08:09:52 -08:00
Jon Hart 2d484a3e1a Remove sniffing capabilities from cdp -- use wireshark/tcpdump instead 2014-11-19 08:09:52 -08:00
Jon Hart 39d691086e First round of basic Ruby style cleanup in cdp 2014-11-19 08:09:52 -08:00
Fatih Ozavci 7e93d890ab Viproy is removed from names
Author section is fixed
2014-11-19 08:09:52 -08:00
Fatih Ozavci d78d57eaf4 Viproy VoIP Pen-Test Kit - Cisco CDP Testing Module 2014-11-19 08:09:52 -08:00
William Vu e66c9be66d
Land #4232, rm CHANGELOG.md from orbit 2014-11-19 08:17:40 -06:00
Peter Marszalik 900aa9cd6b powerdump.ps1 bug - corrupt hash fix
Fixed the bug where the hashes are not being extracted correctly when LM is disabled and history is enabled. 

Rather than relying on length, LM and NT headers are checked. Four bytes at 0xa0 show if LM exists and four bytes at 0xac show if NT exists. Details on this known issue can be found in the following whitepaper from blackhat:
https://media.blackhat.com/bh-us-12/Briefings/Reynolds/BH_US_12_Reynods_Stamp_Out_Hash_WP.pdf
2014-11-18 23:10:57 -06:00
jvazquez-r7 1f2313d87e
Land #4054, @jhart-r7's SunRPC lib and module cleanup 2014-11-18 17:01:01 -06:00
jvazquez-r7 fb4b6543e2 Handle other rex exceptions 2014-11-18 15:57:41 -06:00
jvazquez-r7 a0f92ce26e Update module with review 2014-11-18 15:43:53 -06:00
Tod Beardsley 5e54532dda
Drop the CHANGELOG.md
Just use `git shortlog` instead if you're really interested in the
changes from your arbitrary point in history.
2014-11-18 14:55:12 -06:00
jvazquez-r7 dff6af0747 Restore timeout 2014-11-18 12:17:10 -08:00