Commit Graph

317 Commits (d3045814a20b01f9baf97fe573d8077c84793e91)

Author SHA1 Message Date
zeknox 9f18c57fce added period to description and changed tester to user 2013-12-12 22:11:02 -06:00
zeknox dba0e9bf77 msftidy done 2013-12-12 20:30:46 -06:00
zeknox 554cd41403 added dns_cache_scraper and useful wordlists 2013-12-12 20:18:18 -06:00
Tod Beardsley e737b136cc
Minor grammar/caps fixup for release 2013-12-09 14:01:27 -06:00
sinn3r 92412279ae Account for failed cred gathering attempts
Sometimes the SQL error doesn't contain the info we need.
2013-12-09 02:11:46 -06:00
jvazquez-r7 f2f8c08c8e Use blank? method 2013-12-05 16:36:44 -06:00
jvazquez-r7 a380d9b4f2 Add aux module for CVE-2013-3522 2013-12-05 15:58:05 -06:00
joev 0612f340f1 Commas are good. 2013-11-13 14:38:50 -06:00
joev ad5f82d211 Add missing refs to aux/gather/android_htmlfileprovider. 2013-11-13 14:36:18 -06:00
William Vu f5d1d8eace chmod -x .rb files without #! in modules and lib
It wasn't just cmdstager_printf.rb. :/
2013-10-30 19:51:25 -05:00
sinn3r 032da9be10
Land #2426 - make use of Msf::Config.data_directory 2013-10-21 13:07:33 -05:00
Tod Beardsley ba2c52c5de
Fixed up some more weird splat formatting. 2013-10-16 16:25:48 -05:00
Tod Beardsley 5d86ab4ab8
Catch mis-formatted bracket comments. 2013-10-15 14:52:12 -05:00
Tod Beardsley ed0b84b7f7
Another round of re-splatting. 2013-10-15 14:14:15 -05:00
Tod Beardsley c83262f4bd
Resplat another common boilerplate. 2013-10-15 14:07:48 -05:00
Tod Beardsley 23d058067a
Redo the boilerplate / splat
[SeeRM #8496]
2013-10-15 13:51:57 -05:00
Meatballs 9ca9b4ab29
Merge branch 'master' into data_dir
Conflicts:
	lib/msf/core/auxiliary/jtr.rb
2013-10-10 19:55:26 +01:00
sinn3r c10f0253bc Land #2472 - Clean up the way Apple Safari UXSS aux module does data collection 2013-10-07 15:47:28 -05:00
Tod Beardsley 293927aff0
msftidy fix for coldfusion exploit 2013-10-07 12:22:48 -05:00
joev 47e7a2de83 Kill stray debugger statement. 2013-10-06 19:32:22 -05:00
joev c2a81907ba Clean up the way Apple Safari UXSS aux module does data collection.
[FIXRM #7918]
2013-10-06 19:28:16 -05:00
jvazquez-r7 1fe0c50df0 Ignore unexpected answers 2013-10-02 20:41:02 -05:00
Meatballs c460f943f7
Merge branch 'master' into data_dir
Conflicts:
	modules/exploits/windows/local/always_install_elevated.rb
	plugins/sounds.rb
	scripts/meterpreter/powerdump.rb
	scripts/shell/spawn_meterpreter.rb
2013-10-02 20:17:11 +01:00
Meatballs 7ba846ca24 Find and replace 2013-09-26 20:34:48 +01:00
FireFart 84ec2cbf11 remove peer methods since it is already defined in Msf::Exploit::Remote::HttpClient 2013-09-25 23:42:44 +02:00
Tod Beardsley b4b7cecaf4 Various minor desc fixes, also killed some tabs. 2013-09-16 15:50:00 -05:00
jvazquez-r7 2741983158 Update description 2013-09-13 18:31:11 -05:00
jvazquez-r7 40aeaf445b Add auxiliary module for HP SNAC Auth Bypass 2013-09-13 18:29:57 -05:00
Tab Assassin 41e4375e43 Retab modules 2013-08-30 16:28:54 -05:00
jvazquez-r7 b9360b9de6 Land #2286, @wchen-r7's patch for undefined method errors 2013-08-26 20:46:05 -05:00
sinn3r 6b8feaff8c Type conversion 2013-08-26 13:56:11 -05:00
sinn3r 50e7d8015a Validate datastore option "YEAR"
The YEAR option is a numeric value, so should be OptInt in order to
go through validation.

[FixRM #8345]
[FixRM #8344]
2013-08-21 01:38:16 -05:00
sinn3r 8806e76e4d Fix undefined method error
[FixRM #8343]
2013-08-21 00:44:10 -05:00
sinn3r 86d6bce8c4 [FixRM #8312] - Fix file handle leaks
Fix file handle leaks for [SeeRM #8312]
2013-08-18 20:31:13 -05:00
HD Moore 6c1ba9c9c9 Switch to Failure vs Exploit::Failure 2013-08-15 14:14:46 -05:00
Tod Beardsley 164153f1e6 Minor updates to titles and descriptions 2013-07-22 13:04:54 -05:00
sinn3r 4a3dc2e365 Print all the creds! All your base belong to me.
After a short discussion with Tod, we think it's best to print the
creds by default.  If some dude runs Metasploit in a public place,
dumps passwords, and gets shoulder surfed, well, sucks for them :-p
2013-07-09 19:56:44 -05:00
sinn3r d3433a017b Print hash too 2013-07-09 16:39:24 -05:00
jvazquez-r7 234624793c Add module for CVE-2013-1814 2013-07-09 14:03:35 -05:00
sinn3r 0ecffea66f Updates fingerprint() for CF10 2013-05-28 14:42:11 -05:00
ringt 54eeb8f000 Adding new version...old version does not work in windows, doesnt fingerprint, and a few other minor things 2013-05-21 13:13:21 -05:00
jvazquez-r7 f04ca17bb9 Fix default action 2013-05-13 11:56:02 -05:00
jvazquez-r7 5b64379553 Add Coldfusion 9 target, OSVDB ref and review 2013-05-13 11:55:11 -05:00
sinn3r 60299c2adb Add EDB-25305 - That ColdFusion 10 sub0 0day stuff
This is just an aux module that extract passwords from
password.properties. Yes, this can leverage a shell too, but
obviously that's best implemented in #1737, or as a new exploit.
We'll see.
2013-05-12 21:23:53 -05:00
HD Moore 63b0eace32 Add a missing require 2013-05-04 22:39:57 -05:00
Tod Beardsley 4227c23133 Add a reference for Safari module 2013-04-29 14:07:55 -05:00
Joe Vennix 431cba8f36 Update print_status labels. 2013-04-29 11:13:53 -05:00
Joe Vennix c2a1d296a2 Rename DOWNLOAD_URI -> DOWNLOAD_PATH.
Conflicts:
	modules/auxiliary/gather/apple_safari_webarchive_uxss.rb
2013-04-29 11:11:06 -05:00
Joe Vennix 55e0ec3187 Add support for DOWNLOAD_URI option.
* Fixes some comments that were no longer accurate.

Conflicts:
	modules/auxiliary/gather/apple_safari_webarchive_uxss.rb
2013-04-29 11:10:19 -05:00
Tod Beardsley c27245e092 Touch descriptions for module and options 2013-04-26 13:05:16 -05:00
Joe Vennix b4606ba60a Remove unnecessary puts call. 2013-04-26 12:55:02 -05:00
Tod Beardsley ca6d6fbc84 msftidy for whitespace 2013-04-26 12:44:11 -05:00
Tod Beardsley 16769a9260 Fixing path normalization 2013-04-26 12:40:24 -05:00
Joe Vennix 2fa16f4d36 Rewrite relative script URLs to be absolute.
* Adds rescue clauses around URI parsing/pulling
* Actually use the URI_PATH datastore option.
2013-04-26 11:25:20 -05:00
Joe Vennix 993356c73e Add safari webarchive uxss to framework as an aux module. 2013-04-25 11:14:16 -05:00
Tod Beardsley e377e30873 unscrewing syntax error 2013-03-20 15:04:31 -05:00
Tod Beardsley fd20eba35e Expanding the title and desc for external_ip
Also allowing the capitalization on "via" to be small.
2013-03-20 14:42:12 -05:00
jvazquez-r7 2684e6103c use of send_request_cgi 2013-03-11 20:36:47 +01:00
jvazquez-r7 9c89599737 cleanup before merge external_ip 2013-03-11 20:35:25 +01:00
jvazquez-r7 546e24a9c6 Merge branch 'external_ip_discovery' of https://github.com/sempervictus/metasploit-framework into sempervictus-external_ip_discovery 2013-03-11 20:35:07 +01:00
James Lee 2160718250 Fix file header comment
[See #1555]
2013-03-07 17:53:19 -06:00
RageLtMan 25f3f935c4 Apply Egypt's cleanup
Remove revision, raise the exception itself, remove scanner mixin,
datastore['RHOST'] unstead of RHOSTS, and useles agent var removed.
2013-03-07 18:34:12 -05:00
RageLtMan dfe3a4f394 msftidy and module placement per todb 2013-03-06 17:36:01 -05:00
David Maloney 4212c36566 Fix up basic auth madness 2013-03-01 11:59:02 -06:00
David Maloney c290bc565e Merge branch 'master' into feature/http/authv2 2013-02-28 14:33:44 -06:00
sinn3r cae1939914 Kinda too long 2013-02-25 13:44:11 -06:00
Matt Andreko 2c0a916c83 Made the password optional 2013-02-23 17:14:30 -05:00
Matt Andreko b221711ecd Added basic error handling 2013-02-23 10:24:04 -05:00
Matt Andreko 67c2c3da20 Code Review Feedback
Fixed the USER/PASS that I missed in last review
Converted from Scanner module to Gather
2013-02-23 10:09:23 -05:00
David Maloney 0ae489b37b last of revert-merge snaffu 2013-02-19 23:16:46 -06:00
jvazquez-r7 829cf0f076 name changed to dns_srv_enum 2013-02-15 16:20:55 +01:00
jvazquez-r7 d1ba860409 changing filename for dns_srv 2013-02-15 16:20:33 +01:00
jvazquez-r7 374faf9b02 cleanup for dns_srv 2013-02-15 16:19:48 +01:00
jvazquez-r7 9d4bd763a6 Merge branch 'darkoperator-dnsenum2dnssrv' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-dnsenum2dnssrv 2013-02-15 16:19:31 +01:00
jvazquez-r7 38f5fbced3 cleanup for dns_reverse_lookup 2013-02-15 12:56:01 +01:00
jvazquez-r7 f1e3dab45f Merge branch 'darkoperator-dnsenum2dnsreverselookup' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-dnsenum2dnsreverselookup 2013-02-15 12:55:39 +01:00
jvazquez-r7 6aed858f80 cleanup for dns_bruteforce 2013-02-15 12:37:46 +01:00
jvazquez-r7 1be003a4d0 Merge branch 'darkoperator-dnsenum2dnsbruteforce' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-dnsenum2dnsbruteforce 2013-02-15 12:37:27 +01:00
jvazquez-r7 57e1d1baa5 cleanup for dns_info 2013-02-15 12:03:08 +01:00
Carlos Perez bcd59aa8fa Typo word module does not go in the name. 2013-02-14 21:56:24 -04:00
Carlos Perez 1d64de6c11 Typo word module does not go in the name. 2013-02-14 21:55:38 -04:00
Carlos Perez 7f7b4e5a97 more changes to description and name 2013-02-14 21:49:57 -04:00
Carlos Perez faf970cf1f more changes to description and name 2013-02-14 21:47:43 -04:00
Carlos Perez 1b8610042a more changes to description and name 2013-02-14 21:46:21 -04:00
Carlos Perez 0b9d4d976f more changes to description and name 2013-02-14 21:44:31 -04:00
Carlos Perez 23320a5dde Fix spelling problems 2013-02-14 15:48:11 -04:00
Carlos Perez a7d4f5ff4a Fix spelling problems 2013-02-14 15:46:36 -04:00
Carlos Perez 7f97ff271f Fix spelling problems 2013-02-14 15:44:32 -04:00
Carlos Perez 1872b137f5 Fix spelling problems 2013-02-14 15:41:17 -04:00
Carlos Perez e8ccfae048 Fix spelling problems 2013-02-14 15:38:17 -04:00
Carlos Perez 6c85e5242e change wildcard message to print_warning 2013-02-11 12:04:30 -04:00
Carlos Perez 431641fec9 added check for retry options 2013-02-11 12:02:15 -04:00
Carlos Perez fd6f00f641 added report note for wildcard 2013-02-11 11:37:20 -04:00
Carlos Perez 5f10704697 applied fixes 2013-02-11 11:31:13 -04:00
Carlos Perez 55efe01bf7 Applied fixes 2013-02-11 11:23:06 -04:00
Carlos Perez fd15436a96 Added new line to end of file. 2013-02-08 20:52:49 -04:00
Carlos Perez 78f81843f6 Added new line to end of file. 2013-02-08 20:51:37 -04:00
Carlos Perez eda3fc0715 Added new line to end of file. 2013-02-08 20:50:23 -04:00
Carlos Perez 166b59b61a Added new line to end of file. 2013-02-08 20:48:57 -04:00
Carlos Perez ac8194ed07 Split of DNS SRV Record Enumeration from enum_dns 2013-02-08 10:09:34 -04:00
Carlos Perez 256ab7f737 Split of DNS Reverse Lookup from enum_dns 2013-02-08 09:50:21 -04:00
Carlos Perez 906585798d Split of DNS General Info from enum_dns 2013-02-08 09:49:19 -04:00
Carlos Perez 2186db5295 Split of DNS Name Brutforce from enum_dns 2013-02-08 09:48:32 -04:00
sinn3r 39cdb89831 Oh don't be so sensitive about it.
Fixnum vs String
2013-01-31 15:04:13 -06:00
sinn3r c174e6a208 Correctly use normalize_uri()
normalize_uri() should be used when you're joining URIs.  Because if
you're merging URIs after it's normalized, you could get double
slashes again.
2013-01-30 23:23:41 -06:00
sinn3r 690ef85ac1 Fix trailing slash problem
These modules require the target URI to be a directory path. So
if you remove the trailing slash, the web server might return a
301 or 404 instead of 200.

Related to: [SeeRM: #7727]
2013-01-28 13:19:31 -06:00
jvazquez-r7 702638a6a3 final cleanup 2013-01-14 17:36:24 +01:00
Christian Mehlmauer b11fd48b05 implemented juans feedback 2013-01-14 17:06:52 +01:00
Christian Mehlmauer 8b85f7d977 fix msftidy 2013-01-14 14:55:53 +01:00
Christian Mehlmauer 0acbcfd964 fix url path 2013-01-14 14:39:50 +01:00
Christian Mehlmauer c17ee70e66 Use target_uri for the wordpress url 2013-01-14 14:34:34 +01:00
Christian Mehlmauer 0c95938b1d Added a request to force db caching 2013-01-13 20:12:37 +01:00
Christian Mehlmauer 27f100d37c fix email 2013-01-12 14:24:29 +01:00
Christian Mehlmauer d36c966931 spaces 2013-01-12 14:22:38 +01:00
Christian Mehlmauer 93b5980210 fix 2013-01-12 14:13:54 +01:00
Christian Mehlmauer 0b8094eb5d w3_total_cache 2013-01-12 14:09:59 +01:00
sinn3r ef6eec949c Move impersonate_ssl
To 'gather', because it grabs stuff, not scans.
2013-01-11 17:22:27 -06:00
Christian Mehlmauer e4a6669927 msftidy: remove $Revision$ 2013-01-03 01:05:45 +01:00
Christian Mehlmauer 95948b9d7c msftidy: remove $Revision$ 2013-01-03 00:58:09 +01:00
Christian Mehlmauer ca890369b1 msftidy: remove $Id$ 2013-01-03 00:54:48 +01:00
sinn3r b0e4931de8 When 'credentials' is empty, it is empty....... 2012-11-29 10:22:20 -06:00
sinn3r b3a473aec0 Forgot to remove this option 2012-11-28 18:48:33 -06:00
sinn3r 0415d31c61 Update description 2012-11-28 16:07:21 -06:00
sinn3r 52c2437d5a Add OSVDB-83199 as a cred collecting aux module
From #1102
2012-11-28 15:56:13 -06:00
Michael Schierl e9f7873afc Version cleanup
Remove all values that are neither 0 nor $Revision$.
2012-10-22 20:57:02 +02:00
Cristiano Maruti 8fce975593 Aux module raise an error because Report module is not included in the source 2012-09-05 10:38:36 +02:00
Tod Beardsley c7de73e7bf Clean up SVN metadata 2012-09-04 19:36:10 -05:00
Tod Beardsley 7b8ab53661 Use :unique_data option for dns.enum reporting
Otherwise, you will only report the last thing that comes through on
that host for the dns.enum note type.
2012-09-04 19:32:29 -05:00
Daniel Miller 6db09ba20c Key notes on nameserver IP, not discovered IP 2012-08-16 21:31:23 -05:00
Daniel Miller 7005216d1f Fix axfr support for auxiliary/gather/enum_dns
AXFR support in net-dns is broken. This fixes it, and makes the
requisite modifications to enum_dns module. Basic problem is that AXFR
responses consist of a chain of DNS replies, not a single reply with
multiple answers. Previously, only the first of these replies, the SOA
record, was returned. Also added some exception handling to avoid
problems like #483.
2012-08-16 20:40:24 -05:00
Daniel Miller 0311caf4df Alternate means of looking up NS IP
Sometimes a nameserver won't have an A record for its own name. Check
for this and fall back to using the system resolver via
Rex::Socket.gethostbyname. Example:

    $ dig +short zonetransfer.me NS
    ns12.zoneedit.com.
    ns16.zoneedit.com.
    $ dig +short @ns12.zoneedit.com ns12.zoneedit.com A
    $ dig +short @ns16.zoneedit.com ns12.zoneedit.com A
    $ dig +short @ns16.zoneedit.com ns16.zoneedit.com A
    $

Also removed an extra A lookup that was unnecessary.
2012-08-16 11:48:37 -05:00
sinn3r c0bf362084 Fix the fix for enum_dns 2012-06-18 18:37:56 -05:00
RageLtMan c68476cce2 Add DNS/TCP to enum_dns 2012-06-18 10:47:03 -04:00
Tod Beardsley 7bb3679fef Errors are different from mere failures (enum_dns)
This makes a clear distinction between errors and failures when
performing zone transfers, and logs accordingly.

[See #483]
2012-06-15 18:11:25 -05:00
Tod Beardsley 5a49ac50f1 Shorten option description on enum_dns 2012-06-15 10:33:49 -05:00
sinn3r 3f0431cf51 Massive whitespace destruction
Remove whitespace found at the end of the line
2012-06-06 00:36:17 -05:00
sinn3r c30af98b53 Massive whitespace destruction
Remove all the lines that have nothing but whitespace
2012-06-06 00:22:36 -05:00
sinn3r 0fcc53b0a2 Handle nil for get_once 2012-06-04 15:31:10 -05:00
sinn3r babababeb1 1. Fix enum_dns: .txt is not (or no longer a method)
2. Patch snmp_enum: bug #6500
2012-05-04 13:23:27 -05:00
sinn3r cc76438a75 Merge branch 'jlee-r7-http-print-standardization' 2012-04-25 15:38:46 -05:00
sinn3r f77efbf89e Change the rest of print_* 2012-04-25 14:24:17 -05:00
sinn3r b955569b10 Update the use of get2() in order to support ruby 1.9.3 2012-04-20 01:37:24 -05:00
Tod Beardsley 7f0fb84743 Fix up desc again on enum_dns 2012-03-28 14:33:23 -06:00
Tod Beardsley a6ab0304d6 More fixes to enum_dns.rb
* Should use 'and', not & (bitwise AND)
  * Made capitalization sane for Anglophones. See: http://owl.english.purdue.edu/owl/resource/592/1/
2012-03-28 14:33:23 -06:00
Tod Beardsley 27af32d382 Style fixes for enum_dns.rb
* Use a dotted.notation for note types
  * Changed title to something more descriptive
  * Expanded description
  * Other trivial changes
2012-03-28 14:33:23 -06:00
Patrick Webster 3dc0e97998 Updating description and refs to Patrick's module
There was some weirdness with the commit log on this module but it
should all be kosher now.

[Closes #260]
2012-03-22 10:30:25 -05:00
Tod Beardsley b09d91d1c7 Removing enum_bing_url
Moving this over to unstable until the described http request problem
gets resolved.
2012-03-21 09:33:31 -05:00
sinn3r 056985625d damn comma 2012-03-21 04:06:54 -05:00
sinn3r ed542e2b6c Change dns_enum to enum_dns for naming style consistency 2012-03-20 14:11:04 -05:00
sinn3r b8b5c79957 No need for net/http 2012-03-20 14:09:40 -05:00