Commit Graph

4969 Commits (d6566aa818e1f96ac4604af5d0c51a99f1a704d2)

Author SHA1 Message Date
sinn3r f26447e021 Correct my own weird grammar 2011-12-04 14:50:53 -06:00
sinn3r e07868d613 Catch possible exception if WTSGetActiveConsoleSessionId isn't available on the target machine 2011-12-04 14:48:45 -06:00
chao-mu e52ebd602f Encorporating patch submitted by Boris Lukashev to fix issue 6012 (Post module enable rdp broken and fixed (here)). Fix was to have the module include Msf::Post::Windows::WindowsServices, make service_change_startup available 2011-12-04 15:26:43 -05:00
sinn3r 3cd2caca1a Fix #6052 2011-12-04 13:49:13 -06:00
sinn3r 89ed25978d Add feature #6048 2011-12-04 13:44:21 -06:00
Steve Tornio f63a616739 add osvdb ref 2011-12-04 07:48:48 -06:00
sinn3r 950b4a54a0 Fix bug #6050 2011-12-03 22:00:48 -06:00
sinn3r 2720572a37 Add IPSwitch Whatsup Gold TFTP directory traversal module 2011-12-03 18:46:34 -06:00
HD Moore 27974c4c27 Merge branch 'master' of github.com:rapid7/metasploit-framework into fastlib
Conflicts:
	modules/auxiliary/scanner/http/axis_login.rb
	modules/exploits/multi/http/axis2_deployer.rb
	modules/post/multi/gather/thunderbird_creds.rb
	modules/post/windows/gather/credentials/imvu.rb
	msfopcode
2011-12-03 14:07:09 -06:00
Steve Tornio b75799d18d =add osvdb ref 2011-12-02 16:50:42 -06:00
Steve Tornio 83f12c6fe0 =add osvdb ref 2011-12-02 16:46:01 -06:00
sinn3r c8634390b7 Add CCMPlayer m3u exploit (Feature #6029) 2011-12-02 16:27:59 -06:00
sinn3r 30e3607ec0 The SUCCESS message may not be constant across foreign language verions according to jduck, chaning back to the old way 2011-12-02 15:11:27 -06:00
sinn3r f4b755c319 Add License comment (author already put 'MSF_LICENSE' in there). Also drop rank, because it doesn't cover so many targets 2011-12-02 15:00:39 -06:00
sinn3r cd2bb027bf Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-12-02 14:54:53 -06:00
sinn3r 895a509bd3 Add Avid Media Composer 5.5 (Feature #6035) 2011-12-02 14:53:26 -06:00
Steve Tornio 2bb97791f7 Update OSVDF refs for servu module.
* Added osvdb ref to servu module.
* Fixed rhino entry in osvdb, removed comment from module.

Squashed commit of the following:

commit 80ce65253f51e07a0bcb8900402a1b3d59eaeaa1
Author: Steve Tornio <swtornio@gmail.com>
Date:   Fri Dec 2 07:44:28 2011 -0600

    add osvdb ref

commit 558f20d84dd705b57b7f807a5ea3815e17b6f9f5
Author: Steve Tornio <swtornio@gmail.com>
Date:   Wed Nov 30 08:15:20 2011 -0600

    fixed in osvdb

[Closes #39]
2011-12-02 13:21:41 -05:00
HD Moore dbe7e6aecf Remove a leftover debugging statement 2011-12-02 00:06:04 -06:00
sinn3r 2d320b1828 Fix bug: table being saved while empty 2011-12-01 22:47:42 -06:00
sinn3r 608a5586b2 Actually, don't really have a good reason for that exception handling anymore. I think. 2011-12-01 22:47:42 -06:00
sinn3r 0eb3b5a49b Fix undefined method 'cmd_exec' bug. Thx Boris. 2011-12-01 22:47:42 -06:00
sinn3r 19fae182da Add Thunderbird credential collector (Feature #6014) 2011-12-01 22:47:42 -06:00
James Lee a91926716d don't dup the last part of the key, fixes #6036 2011-12-01 15:24:58 -07:00
HD Moore 9f99cfc757 Convert the h323 module to MSF_LICENSE (backport from Pro) 2011-12-01 16:01:01 -06:00
HD Moore 3e5e9a910e Add h323 scanner 2011-12-01 16:01:01 -06:00
sinn3r d0db88d35d Make key_base an instance var so other functions can access it. Bug #6036 2011-12-01 14:41:44 -06:00
David Maloney 57f12cb2d8 Merge branch 'servu_sploit' 2011-12-01 11:21:32 -08:00
sinn3r 93a419c76b Having nothing on the webpage may probably confuse some novice users. But I do like stealth. 2011-12-01 03:02:35 -06:00
sinn3r 8399ce6e41 Fix bug #6031 2011-11-30 15:22:52 -06:00
David Maloney 40ab37fa10 Merge branch 'iss5979' 2011-11-30 12:16:33 -08:00
David Maloney 2858cae296 Some quick corrections to tidy things up 2011-11-29 19:57:08 -08:00
David Maloney be88f483a3 More Accurate Vulnerability Check 2011-11-29 18:38:00 -08:00
David Maloney 0dda948265 New Exploit for the Serv-U FTP Buffer overflow
from CVE 2004-2111
2011-11-29 17:34:01 -08:00
sinn3r f26f6da74b Add CVE-2011-3544 (feature #6023) Java Rhino exploit 2011-11-29 18:05:20 -06:00
Rob Fuller e439aba779 switched %USERPROFILE% to %APPDATA% to make the code a bit more universal 2011-11-29 20:08:44 +00:00
sinn3r 897731f3a5 Check creds (feature #6025). Also bringing the 'Inbox' regex back 2011-11-29 11:01:39 -06:00
sinn3r 6f5d64f6de Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-29 03:31:15 -06:00
sinn3r 34a933d499 Feature #5610 2011-11-29 03:30:49 -06:00
Tod Beardsley f503bd9488 Fixes #5749 by converting to unix-style linefeeds and forcing jtr modules to read files as binary, and updating msftidy to allow for r+b as a ghetto append. 2011-11-28 17:52:34 -06:00
Rob Fuller c411c216c0 Solved most of msftidy issues with the /modules directory 2011-11-28 17:10:29 -06:00
sinn3r 3a84c31326 Using a better regex for a successful login. Thanks Borys. 2011-11-28 14:29:42 -06:00
sinn3r bc541c118d Apply patch #6020 2011-11-28 14:16:24 -06:00
sinn3r 5165865560 Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-28 14:07:19 -06:00
sinn3r 59ab0c3a18 Fix bug #6021, Thanks Borys 2011-11-28 14:06:56 -06:00
Tod Beardsley 44a47f9913 Fixing up OWA bruteforce module to conform with the usual print_status
messages.
2011-11-28 13:31:54 -06:00
sinn3r a578db7f56 Apply fix for #6019 2011-11-28 01:12:18 -06:00
sinn3r ebfe269698 Apply patch for #5824 2011-11-26 16:52:12 -06:00
sinn3r 5e08c93ac9 Apply patch #5580 2011-11-26 15:32:43 -06:00
sinn3r b7950a752e Add feature #4929 (MS09-053) 2011-11-26 13:30:35 -06:00
sinn3r 82a5da866a Fix bug: table being saved while empty 2011-11-25 00:54:17 -06:00
sinn3r ec3c37d963 Actually, don't really have a good reason for that exception handling anymore. I think. 2011-11-25 00:41:28 -06:00
sinn3r 3e7c821119 Fix undefined method 'cmd_exec' bug. Thx Boris. 2011-11-25 00:34:33 -06:00
sinn3r 7571466014 Add Thunderbird credential collector (Feature #6014) 2011-11-24 19:39:34 -06:00
David Maloney 900232fb60 HTTP login scanners need to set duplicate_ok to true
or different web applications on the same server
may wipe eachother's creds out.
2011-11-23 23:05:51 -06:00
David Maloney 53b3e96af4 Added a check to the Axis login scanner to ensure
that the supplied url is valid.
Need this because we don't currently have a way to fingerprint
for Axis2 so we are relying on Tomcat fingerpinting.
2011-11-23 23:05:51 -06:00
sinn3r 3954030963 Apply patch #6004 2011-11-23 23:05:51 -06:00
David Maloney d1c44160dd Fix to the axis2 Deployer exploit to add Default Target 2011-11-23 23:05:51 -06:00
David Maloney d3887d20e5 Consolidation of the Axis2 Deployer Exploits
Fixes #5276
2011-11-23 23:05:51 -06:00
David Maloney c61d02686a HTTP login scanners need to set duplicate_ok to true
or different web applications on the same server
may wipe eachother's creds out.
2011-11-22 13:04:10 -08:00
David Maloney 9d7f7b1f0e Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-22 11:53:14 -08:00
David Maloney 9e40fac8b1 Added a check to the Axis login scanner to ensure
that the supplied url is valid.
Need this because we don't currently have a way to fingerprint
for Axis2 so we are relying on Tomcat fingerpinting.
2011-11-22 11:52:06 -08:00
sinn3r 8b729b59f8 Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-22 13:08:08 -06:00
sinn3r 25f4b45bd1 Apply patch #6004 2011-11-22 13:07:46 -06:00
David Maloney 4a22df4014 Fix to the axis2 Deployer exploit to add Default Target 2011-11-22 10:27:38 -08:00
David Maloney 30d1451159 Consolidation of the Axis2 Deployer Exploits
Fixes #5276
2011-11-22 08:47:53 -08:00
David Maloney 4ef7c373e9 Fix to typo in the tables being pushed. 2011-11-22 00:06:58 -06:00
David Maloney f81567fb6f Fix to typo in the tables being pushed. 2011-11-21 15:49:57 -08:00
sinn3r e11ca43c37 Add feature #5680 2011-11-21 12:39:45 -06:00
sinn3r 76846aa578 Add MS10-038 (CVE-2010-0822) exploit 2011-11-21 11:36:47 -06:00
sinn3r 28a079f308 Add credit to the appropriate researcher 2011-11-20 02:32:45 -06:00
sinn3r 95d639ccf7 Change target index and names. Also retested on XP all the way to Win 7, IE 6 to IE8. 2011-11-20 01:44:52 -06:00
sinn3r 980cd4c888 Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-19 20:41:29 -06:00
sinn3r 9c2fab0921 Add CVE-2010-0356 (Viscom Movie Player Pro) by tecr0c 2011-11-19 20:40:04 -06:00
James Lee 67120d4263 msftidy on aux modules, see #5749 2011-11-20 13:12:07 +11:00
James Lee f35b6c5269 msftidy on post modules for spaces at EOL 2011-11-20 12:53:25 +11:00
sinn3r a4cadf0d53 remove the extra comment that's not used 2011-11-19 12:48:39 -06:00
sinn3r 30f13984ea Add wireshark console.lua exploit (CVE-2011-3360) 2011-11-18 21:24:48 -06:00
David Maloney ff22246119 Attempt to fix #5979 2011-11-18 12:53:35 -08:00
Tod Beardsley eca1253439 updating sudo 2011-11-18 10:17:43 -06:00
Tod Beardsley 356e0e6fb5 Moving sudo from linux to multi, because it is. 2011-11-18 10:16:57 -06:00
Tod Beardsley fa77909c67 whitespace fix 2011-11-18 08:51:07 -06:00
Tod Beardsley 55367fad4f Merge pull request #25 from rapid7/post_module_sudo
Post module sudo
2011-11-18 06:30:40 -08:00
David Maloney 11c1f0983f Fixes #5993 2011-11-17 18:05:36 -08:00
David Maloney 77cba9de7c Merge branch 'cbdfix'
Conflicts:
	modules/post/windows/gather/credentials/imvu.rb
	modules/post/windows/gather/forensics/duqu_check.rb
	modules/post/windows/recon/computer_browser_discovery.rb
2011-11-17 14:55:20 -08:00
Tod Beardsley d8b77564ef Tidying up, fixing csh echo behavior 2011-11-17 16:29:02 -06:00
David Maloney 3bfe7e9b98 fix to comptuer browser discovery to output properly and sotre as loot
added additional option to save detected hosts in the db.
2011-11-17 14:17:28 -08:00
Tod Beardsley 9878517f80 Cleanup and light refactoring, deal with slowpoke linux telnet cmd_exec() 2011-11-17 13:19:13 -06:00
Tod Beardsley 84fb5b441a Cleaning up some names and descs 2011-11-17 07:47:26 -06:00
David Maloney 4c90b68b4f Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-16 19:10:53 -08:00
David Maloney eae171b216 Addresses issue #5984 2011-11-16 19:07:56 -08:00
Tod Beardsley 93a133d5de Always try both export and setenv. Fixups to allow for correct reading from echoy nix shells. Fixes is_root? to not treat an empty string as 0 2011-11-16 16:48:19 -06:00
sinn3r fea42dbdee Add feature #5872 2011-11-16 12:26:54 -06:00
Tod Beardsley 725431dbdb Simpler method for setenv vs export. Tested on csh, ksh, zsh, sh, bash 2011-11-15 19:31:15 -06:00
Tod Beardsley d969006268 Adding zsh 2011-11-15 19:10:25 -06:00
Tod Beardsley 5cdab2ef41 Less repetitive error messages 2011-11-15 18:17:25 -06:00
Tod Beardsley 26659d8b17 Adding a sudo post module for easier automation 2011-11-15 17:38:45 -06:00
David Maloney d8347a1245 Fixes to post modules that store creds as loot.
All post modules that store creds as loot now store in
a CSV format with User and then Password always as the
first two columns.
2011-11-15 14:13:51 -08:00
David Maloney f6b0ffd630 Cleanup of the stack traces in the pidgin and filezilla client cred modules 2011-11-15 12:19:15 -08:00
David Maloney 8d47883af0 Moving the wlan directory up a level. It makes more sense in it's own area
instead of under gather.
2011-11-15 08:29:13 -08:00
David Maloney c8142043e9 Fixes to credential handling to downcase usernames whenever they are not case sensitive.
Also report_auth_info now checks to see if a non-case sensitive version of the cred
may already exist.
2011-11-14 22:50:52 -08:00
Tod Beardsley 96d2209ca2 Minor fixups for trace report_note patch 2011-11-14 10:40:11 -06:00
andurin 5d5c9464cc Do some report_note while TRACE detection 2011-11-14 12:10:53 +01:00
sinn3r 2536cf0308 Add feature #5779 2011-11-14 01:49:26 -06:00
andurin 5856112797 Quickfix: missing require in post/windows/escalate/getsystem.rb
Resolves:
[-] WARNING! The following modules could not be loaded!
[-]     contrib/metasploit-framework/modules/post/windows/escalate/getsystem.rb: NameError uninitialized constant Msf::Post::Windows
2011-11-13 14:25:31 +01:00
Andurin 71599f5ef9 Fix sqlmap aux to work with actual sqlmap.py
Commit relates to IssueID #5807
2011-11-13 09:18:33 +01:00
HD Moore 4f177acf88 Merge pull request #9 from swtornio/master
Add osvdb ref
2011-11-12 11:35:24 -08:00
sinn3r e4ebb890d8 Apply patch for bug #5963 2011-11-12 13:17:26 -06:00
sinn3r 41d746a07a Add Support Incident Tracker (Feature #5964) by Juan 2011-11-12 12:36:21 -06:00
Steve Tornio a0c9297500 add osvdb ref 2011-11-12 06:01:41 -06:00
sinn3r 170c4f5451 Fix author email format 2011-11-12 01:53:25 -06:00
sinn3r b8b8732d85 Correct disclosure date 2011-11-12 01:12:28 -06:00
sinn3r ed5bae6441 oops, I don't need that extra comment 2011-11-12 01:04:00 -06:00
sinn3r 84c5268ab4 Add Aviosoft DTV exploit 2011-11-12 01:02:40 -06:00
HD Moore 2ec21858c6 Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-11 16:20:27 -06:00
HD Moore 65fc693c66 Add a getsystem post module for automation 2011-11-11 16:19:49 -06:00
sinn3r 62fdbd549c no need to register VERBOSE, because it's already a standard option in all modules. Thanks egyp7 for the reminder. 2011-11-11 15:37:47 -06:00
sinn3r 2d940e2c91 Apply patch #5952 2011-11-11 14:58:17 -06:00
Tod Beardsley 2f6c9d6d08 Removing a hated semi-colon, noting that the rescue does nothing 2011-11-11 13:59:14 -06:00
sinn3r e1cea699a7 yo, format police is in town for some law and order around here 2011-11-11 11:39:13 -06:00
sinn3r 35f84f5e42 yo, ruby 1.8 fix 2011-11-11 11:38:28 -06:00
sinn3r fdef66f2bf yo, ruby 1.8 fix 2011-11-11 11:38:08 -06:00
sinn3r 6f050d624f Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-11 11:24:55 -06:00
sinn3r e972234629 yo, owa bruteforce utility in the house (Feature #4725) 2011-11-11 11:23:35 -06:00
Tod Beardsley 184eee0e64 Merge branch 'duqu' 2011-11-11 10:22:12 -06:00
Tod Beardsley e03b6d27d2 Adding a colon to Request keyword mostly just to test local changes 2011-11-11 10:20:52 -06:00
Marcus J. Carey ef1a86e839 adding email address 2011-11-11 09:44:18 -06:00
David Maloney 6ae8bbb6ce Fixes #5832 2011-11-10 21:57:24 -08:00
Marcus J. Carey 5a75a67830 cleaning up tabs and rename variables for clarity 2011-11-10 23:26:19 -06:00
David Maloney c30d98093f Merge branch 'iss5426' 2011-11-10 20:39:48 -08:00
David Maloney c984ea41d1 Quick fix to cred sourcing to eliminate spaces in the source type 2011-11-10 20:39:13 -08:00
HD Moore 17150b7e0b Merge pull request #5 from aushack/master
Added BID ref for amlibweb module.
2011-11-10 18:22:00 -08:00
HD Moore 43fa2c3d1b Add a gitignore and delete the broken file_autopwn code. Fixes #4964 2011-11-10 20:11:53 -06:00
Patrick Webster f54b622ad3 Added BID ref for amlibweb module. 2011-11-11 12:04:40 +11:00
sinn3r 7191542503 Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-10 18:09:55 -06:00
sinn3r 457b7cb6d1 sinn3r: *knock, knock* Whitespace: who's there? sinn3r:Me, I kill you 2011-11-10 18:08:28 -06:00
wchen-r7 0675def3d4 Whitespace, I kill you. 2011-11-10 18:00:50 -06:00
Marcus J. Carey e140361ffd change keys to array instead of comma delimited string 2011-11-10 16:11:11 -06:00
wchen-r7 3a328e1a1c Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-10 16:09:35 -06:00
wchen-r7 b761c6a9cc Add feature #5933 2011-11-10 16:09:03 -06:00
HD Moore d75e4aead3 Cosmetic changes 2011-11-10 15:45:02 -06:00
Marcus J. Carey 7348a71c24 adding duqu_check.rb 2011-11-10 15:20:48 -06:00
Steve Tornio 0c36915dae add osvdb ref 2011-11-10 13:24:26 -06:00
wchen-r7 453082678f Add CVE-2010-1871 (Feature #5922) 2011-11-10 10:21:17 -06:00
wchen-r7 a9ebfbd604 Add feature #5912 2011-11-10 03:13:57 -06:00
wchen-r7 3ff1449995 Do report_note() 2011-11-10 02:16:25 -06:00
wchen-r7 c569ec4a33 Don't really need a revision # in source 2011-11-09 22:10:52 -06:00
Wei Chen 32bb3af298 Add feature #5946 2011-11-09 21:49:34 -06:00
Matt Buck 16f45fc894 Add empty directories from svn repo. 2011-11-09 18:41:40 -06:00
Wei Chen 9ff5eabb4b Fix #4915
git-svn-id: file:///home/svn/framework3/trunk@14201 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-09 08:51:47 +00:00
David Maloney a88f954640 More Cred Sourcing
git-svn-id: file:///home/svn/framework3/trunk@14197 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-09 01:49:57 +00:00
Matt Weeks fdf13e5e0e Fixes #5927
git-svn-id: file:///home/svn/framework3/trunk@14196 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 21:45:17 +00:00
David Maloney aa4f6c1cae More cred sourcing fixes
git-svn-id: file:///home/svn/framework3/trunk@14193 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 18:45:47 +00:00
David Maloney cdbe7bc587 Multiple fixes to cred reporting on this module
git-svn-id: file:///home/svn/framework3/trunk@14192 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 17:25:39 +00:00
Wei Chen 16fc275853 whitespace cleanup
git-svn-id: file:///home/svn/framework3/trunk@14191 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 16:09:31 +00:00
Carlos Perez 3ac11b7d44 Whitespace clean up
git-svn-id: file:///home/svn/framework3/trunk@14190 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 15:48:04 +00:00
Carlos Perez 4490bb4683 handle better certain options that may use = sign
git-svn-id: file:///home/svn/framework3/trunk@14189 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 15:14:00 +00:00
Wei Chen c4fa5b4674 Fix #5937. Vista is currently taken down because it's not stable enough.
git-svn-id: file:///home/svn/framework3/trunk@14188 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 09:35:18 +00:00
David Maloney 2d80d1e144 Fixes Cred Sourcing in report_auth_info() for post modules.
git-svn-id: file:///home/svn/framework3/trunk@14187 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 03:34:49 +00:00
Carlos Perez 28c2408fdd handle better certain options that may use = sign
git-svn-id: file:///home/svn/framework3/trunk@14186 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 03:22:54 +00:00
Patrick Webster 77a3edbb4f Added squiz_matrix_user_enum aux module.
git-svn-id: file:///home/svn/framework3/trunk@14185 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 03:14:39 +00:00
Wei Chen ad94bae78f Fix bug #5923
git-svn-id: file:///home/svn/framework3/trunk@14182 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 17:52:02 +00:00
Wei Chen 7ffcf62a2e Add #5364
git-svn-id: file:///home/svn/framework3/trunk@14181 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 17:34:42 +00:00
Wei Chen 12378b45d6 Fix #5502
git-svn-id: file:///home/svn/framework3/trunk@14180 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 07:44:02 +00:00
Wei Chen 0b981b0db0 Add OSVDB reference
git-svn-id: file:///home/svn/framework3/trunk@14179 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 02:01:42 +00:00
Wei Chen e767214411 Fix: whitespaces, svn propset, author e-mail format
git-svn-id: file:///home/svn/framework3/trunk@14175 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 22:02:26 +00:00
Wei Chen b1d38a44a4 Clenaup
git-svn-id: file:///home/svn/framework3/trunk@14174 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 21:23:21 +00:00
Wei Chen 49dddf1396 Yeah, don't really need the bottom comment anymore
git-svn-id: file:///home/svn/framework3/trunk@14172 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 20:16:34 +00:00
Wei Chen 43a22d3fa0 Add Office 2007 SP2 target, thanks Juan
git-svn-id: file:///home/svn/framework3/trunk@14171 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 17:33:29 +00:00
Wei Chen 70a64bf4db Fix indent level and whitespace
git-svn-id: file:///home/svn/framework3/trunk@14170 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-05 23:18:30 +00:00
Wei Chen 1a2f60f4c0 Add MS11-021 (#5917)
git-svn-id: file:///home/svn/framework3/trunk@14169 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-05 23:05:42 +00:00
Matt Weeks e4d540e031 Seplling
git-svn-id: file:///home/svn/framework3/trunk@14166 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-05 15:43:28 +00:00
HD Moore f6cc9eade7 Replace my crufty old ASN.1 parser with OpenSSL::ASN1
git-svn-id: file:///home/svn/framework3/trunk@14165 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-05 05:12:28 +00:00
Wei Chen 1272736b72 indent level fix
git-svn-id: file:///home/svn/framework3/trunk@14162 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 21:04:54 +00:00
David Maloney a0aebe98bb Adds the community submitted ePO database password post module
Did some minor code cleanup and replaced the hostname resolution with mubix's railgun
code to make the victim do the resolution. This should be more reliable.
Fixes #5210


git-svn-id: file:///home/svn/framework3/trunk@14160 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 20:15:14 +00:00
David Maloney 69193f9fe4 Some quick fixes to enum_cred_store
Fixes #5218


git-svn-id: file:///home/svn/framework3/trunk@14159 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 19:28:53 +00:00
David Maloney 07a41924a6 Added mubix's enum_termserv post module.
Fixes #5914


git-svn-id: file:///home/svn/framework3/trunk@14158 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 18:47:22 +00:00
James Lee 155c3ff9ac whitespace
git-svn-id: file:///home/svn/framework3/trunk@14157 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 17:17:10 +00:00
Steve Tornio 7a07e069da add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@14156 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 14:15:00 +00:00
Wei Chen 3d6f631780 Upgrade mini_stream as a remote module. Account for all variables that affect the offset to EIP. Also digital1 = Ron.
git-svn-id: file:///home/svn/framework3/trunk@14155 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 08:20:43 +00:00
Wei Chen 057725450c svn propset. fix author email format
git-svn-id: file:///home/svn/framework3/trunk@14154 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 08:16:36 +00:00
Carlos Perez f23389390b better handling of hosts with no USB History
git-svn-id: file:///home/svn/framework3/trunk@14153 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-03 22:59:39 +00:00
Carlos Perez 86a7807b97 Added a couple more checks for the names of the post modules provided
git-svn-id: file:///home/svn/framework3/trunk@14152 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-03 22:40:29 +00:00
Carlos Perez 1c5d44c40a Fix variable declaration
git-svn-id: file:///home/svn/framework3/trunk@14151 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-03 22:28:08 +00:00
David Maloney 585a7cc4a2 Adding the HTTP Trace scanner from CG
Fixes #3390


git-svn-id: file:///home/svn/framework3/trunk@14150 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-03 20:09:11 +00:00
HD Moore c7f0568769 Fix next vs return issue
git-svn-id: file:///home/svn/framework3/trunk@14149 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-03 18:34:30 +00:00
David Maloney 7091fc1eea Adding mubix's post modules
Fixes #5916
Fixes #5913
Fixes #5915


git-svn-id: file:///home/svn/framework3/trunk@14148 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-03 03:00:51 +00:00
Mario Ceballos f25dc59371 spelling.
git-svn-id: file:///home/svn/framework3/trunk@14146 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-02 21:56:38 +00:00
Mario Ceballos 2b00ace437 spelling.
git-svn-id: file:///home/svn/framework3/trunk@14145 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-02 21:47:27 +00:00
Wei Chen 3722a5c3c1 Add LifeSize room command injection (feature #5333)
git-svn-id: file:///home/svn/framework3/trunk@14143 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-02 19:40:05 +00:00
David Maloney 131ffe4ab2 Fixed inconsistencies in how data was being passed to report_auth_info(). The command dispatcher and filezilla
server cred module both used the accessor :ptype but report_auth_info looks for :type. 

While ptype is what the db field is called, almsot everything else references :type so it is better
for consistency to keep everything at :type.

Fixes #5906



git-svn-id: file:///home/svn/framework3/trunk@14141 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-02 02:47:28 +00:00
David Maloney 4ab4a2cec7 fixes issues with with imvu, forgot the require statement.
git-svn-id: file:///home/svn/framework3/trunk@14140 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-01 21:50:06 +00:00
Wei Chen ae9e8b7821 Syntax fix for ruby 1.8
git-svn-id: file:///home/svn/framework3/trunk@14139 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-01 21:48:24 +00:00
Wei Chen d5cee2dedf Apply patch #5411 to allow user-specified path
git-svn-id: file:///home/svn/framework3/trunk@14137 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-01 17:57:11 +00:00
Wei Chen b809f00979 Add NJStar MiniSMTP bof (Feature #5901)
git-svn-id: file:///home/svn/framework3/trunk@14135 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-01 08:19:55 +00:00
Wei Chen 8750c3aac5 Add feature #4849 (Redis module)
git-svn-id: file:///home/svn/framework3/trunk@14133 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 21:47:15 +00:00
Mario Ceballos 0890cca02a much needed patch worked like a champ in my enviroment.
git-svn-id: file:///home/svn/framework3/trunk@14132 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 20:37:30 +00:00
Mario Ceballos d55dc551b6 syntax issue
git-svn-id: file:///home/svn/framework3/trunk@14131 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 20:22:02 +00:00
Wei Chen 1b9a6bb20f Fix :host key
git-svn-id: file:///home/svn/framework3/trunk@14130 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 19:50:22 +00:00
Wei Chen 10dd6ff38e Fix "TypeError can't convert String into Hash" when using report_note()
git-svn-id: file:///home/svn/framework3/trunk@14129 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 19:48:20 +00:00
Tod Beardsley e1ffdfdb18 Fixes #3199, jduck caught the funky behavior of seek and ruby's "ab" and "wb" file mode. See also http://pastie.org/2789573
git-svn-id: file:///home/svn/framework3/trunk@14128 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 19:06:09 +00:00
Wei Chen e14668ece9 Add ColdFusion version scanner - feature #4079
git-svn-id: file:///home/svn/framework3/trunk@14127 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 18:18:11 +00:00
Wei Chen fb56e23197 Apply fix for bug #5516 to correct a possible false positive on Apache Tomcat
(yup, tomcats are tricky like that)


git-svn-id: file:///home/svn/framework3/trunk@14124 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 16:39:03 +00:00
Wei Chen f64893d305 Consistent naming
git-svn-id: file:///home/svn/framework3/trunk@14122 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-30 08:20:18 +00:00
David Maloney f365050c6f Keeping the style police happy =)
git-svn-id: file:///home/svn/framework3/trunk@14119 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-29 19:54:32 +00:00
David Maloney 47ea0d7b96 Added WlanAPI Post modules. These will probably get an upgrade in the future pending some Railgun improvements Chao-mu is working on.
Fixes #5598


git-svn-id: file:///home/svn/framework3/trunk@14118 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-29 19:32:45 +00:00
HD Moore 55e6672e6b Revert a well-intentioned but design-violating change
git-svn-id: file:///home/svn/framework3/trunk@14116 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-29 18:40:49 +00:00
Wei Chen 27c41e41f7 spaces/tabs cleanup
git-svn-id: file:///home/svn/framework3/trunk@14115 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-29 17:41:38 +00:00
David Maloney 47cb10c70b Added John the Ripper Linux module
Fixes #5513


git-svn-id: file:///home/svn/framework3/trunk@14114 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-29 17:27:21 +00:00
David Maloney 391f39d6a3 Fixes #5165
git-svn-id: file:///home/svn/framework3/trunk@14111 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-29 00:33:16 +00:00
David Maloney 292a1d087b Fixes #4288
git-svn-id: file:///home/svn/framework3/trunk@14110 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-29 00:23:02 +00:00
Carlos Perez 86128d3373 Removed whitespaces
git-svn-id: file:///home/svn/framework3/trunk@14106 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-28 23:06:52 +00:00
Tod Beardsley 45d8c91929 Fixes #3199. Note that hex notation (0x41) is okay for OptInt. Ruby integers can be 0x41, 0101, 0b01000001, which are all 65, so dropped that chunk and clarified the option instead of forcing a string and a conversion.
git-svn-id: file:///home/svn/framework3/trunk@14102 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-28 20:58:46 +00:00
David Maloney b15f878b2f Forgot to close out the registry hives when done. fixed now
git-svn-id: file:///home/svn/framework3/trunk@14100 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-28 18:00:10 +00:00
David Maloney 8be10d4abe Added the IVMU password collector post module submitted in #5582
git-svn-id: file:///home/svn/framework3/trunk@14099 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-28 17:50:16 +00:00
Carlos Perez de22020e6f Typos and undefined variable
git-svn-id: file:///home/svn/framework3/trunk@14097 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-28 14:46:49 +00:00
Tod Beardsley 467df77a50 Fixes #5170. Enforces a max width, avoids negative widths. Thanks Oliver!
Related to r13769



git-svn-id: file:///home/svn/framework3/trunk@14093 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-27 22:07:41 +00:00
Wei Chen 63a926a6ee Do a report_host() on OS default name. Request #5865
git-svn-id: file:///home/svn/framework3/trunk@14090 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-27 04:50:01 +00:00
Wei Chen 3eff1cfaa5 This exploit does not work at all, and could not be fixed in time. See #5854
git-svn-id: file:///home/svn/framework3/trunk@14088 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-27 01:47:48 +00:00
Carlos Perez ef808f20e8 Post module for enumerating on a host that is part of the domain domain members in its local groups, impersonation tokens of domain accounts and processes that run under domain accounts and on all cases checks if those domain accounts are part of the Domain Admins group
git-svn-id: file:///home/svn/framework3/trunk@14087 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-27 00:54:54 +00:00
Wei Chen c0cca836c1 Ok, last svn propset, I swear
git-svn-id: file:///home/svn/framework3/trunk@14086 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 23:41:24 +00:00
Wei Chen baf9a816d5 damn it, I missed one
git-svn-id: file:///home/svn/framework3/trunk@14085 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 23:40:32 +00:00
Wei Chen 7db499e71e The svn propset police joins the party
git-svn-id: file:///home/svn/framework3/trunk@14084 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 23:38:18 +00:00
Wei Chen 5d8c3e956e Watch out, the style police is in da house
git-svn-id: file:///home/svn/framework3/trunk@14083 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 23:31:12 +00:00
David Maloney 6ba153c9f5 Fix to a typo, thanks Jabra
git-svn-id: file:///home/svn/framework3/trunk@14082 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:44:17 +00:00
David Maloney abf37d7caf Added John the Ripper Unshadow module. See #5437
git-svn-id: file:///home/svn/framework3/trunk@14081 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:40:38 +00:00
David Maloney 1f8e455eaa Added Postgres MD5 Hashcrack module. See #5423
git-svn-id: file:///home/svn/framework3/trunk@14080 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:34:33 +00:00
David Maloney 23e50bf2b4 Added Oracle John the Ripper Module. See #5406
git-svn-id: file:///home/svn/framework3/trunk@14079 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:33:44 +00:00
David Maloney afec4fd928 Added MySQL John the Ripper module. See #5408
git-svn-id: file:///home/svn/framework3/trunk@14078 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:33:12 +00:00
David Maloney 5c565d12fc Added the MS SQL John the Ripper Module see #5407
git-svn-id: file:///home/svn/framework3/trunk@14077 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:32:08 +00:00
Mario Ceballos 7b099bbaef remove Rex::Text.pattern_create()
git-svn-id: file:///home/svn/framework3/trunk@14076 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:16:26 +00:00
Wei Chen ded364c8ef Feature #5621
git-svn-id: file:///home/svn/framework3/trunk@14075 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 21:25:46 +00:00
Wei Chen dd72e1ce9d Longer timeout. #5851
git-svn-id: file:///home/svn/framework3/trunk@14074 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 19:35:03 +00:00
Wei Chen 0dff3f3e52 Add #5682 (phpscheduleit module). Thx Juan.
git-svn-id: file:///home/svn/framework3/trunk@14073 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 18:06:12 +00:00
Wei Chen d98ab06464 This fixes the nil problem with arg. See bug #5848
git-svn-id: file:///home/svn/framework3/trunk@14070 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 20:48:17 +00:00
David Rude 086af94b5d Adds Foxit PDF Reader Exploit CVE-2009-0837
git-svn-id: file:///home/svn/framework3/trunk@14069 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 20:15:12 +00:00
Will Vandevanter a0d8a08851 java meterpreter should be used when the target is set to automatic
git-svn-id: file:///home/svn/framework3/trunk@14068 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 20:02:09 +00:00
Wei Chen ab4f9d65c7 Add PATH option. Feature #5412
git-svn-id: file:///home/svn/framework3/trunk@14067 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 18:32:02 +00:00
Wei Chen 82e1b87a21 #5541
git-svn-id: file:///home/svn/framework3/trunk@14064 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 16:43:58 +00:00
Wei Chen 2b46420b36 check nil
git-svn-id: file:///home/svn/framework3/trunk@14062 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 16:19:55 +00:00
Wei Chen 7ba5a8ec4e Module is busted when it loads, restoring to the original method. Mixin should not be loaded into an exploit
git-svn-id: file:///home/svn/framework3/trunk@14061 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 16:04:33 +00:00
Wei Chen 9cb54e37c5 Handle payloads better, also add a cleanup routine specifically for php/exec
git-svn-id: file:///home/svn/framework3/trunk@14060 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 05:25:39 +00:00
Wei Chen 2da07d4963 Fix bug #5834 (uri being nil in print_good)
git-svn-id: file:///home/svn/framework3/trunk@14057 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 00:40:03 +00:00
Wei Chen 3da8bb8b69 Add feature #5820 by mr_me and tecr0c
git-svn-id: file:///home/svn/framework3/trunk@14055 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 23:22:32 +00:00
Mario Ceballos b098257154 fixes a syntax error.
git-svn-id: file:///home/svn/framework3/trunk@14053 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 22:43:27 +00:00
Tod Beardsley a5ef33305f Fixes #5609, thanks David!
git-svn-id: file:///home/svn/framework3/trunk@14052 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 21:57:42 +00:00
Joshua Drake 32cde1d45a don't use the pattern creator
git-svn-id: file:///home/svn/framework3/trunk@14050 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 19:43:54 +00:00
Wei Chen fa2355a766 Damn comma
git-svn-id: file:///home/svn/framework3/trunk@14048 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 16:42:07 +00:00
Wei Chen 68286561f5 Add #5742
git-svn-id: file:///home/svn/framework3/trunk@14047 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 16:38:02 +00:00
Wei Chen 587f0fb4d6 This picasa module steals passwords, therefore should go to the credentials section
git-svn-id: file:///home/svn/framework3/trunk@14045 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 05:09:47 +00:00
Wei Chen c0d362bd83 Fix tabs, and the correct the bottom comment
git-svn-id: file:///home/svn/framework3/trunk@14041 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 01:39:11 +00:00
Wei Chen a8d62ae01a Add feature #5592 (Cytel Studio)
git-svn-id: file:///home/svn/framework3/trunk@14040 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 01:37:32 +00:00
Carlos Perez ef5d3e1d02 Added more messages for the different stages in case a problems happens to better pinpoint it.
git-svn-id: file:///home/svn/framework3/trunk@14039 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 01:12:38 +00:00
Carlos Perez f2e4278307 Fixed problems when running in x64 with a x64 payload
git-svn-id: file:///home/svn/framework3/trunk@14038 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 23:47:54 +00:00
Wei Chen 70c4061c64 These are the "myca" modules by Nick Freeman. Feature #5503
git-svn-id: file:///home/svn/framework3/trunk@14037 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 17:17:32 +00:00
Joshua Drake 7bfa29ace4 clean up exploit HTML print_status
git-svn-id: file:///home/svn/framework3/trunk@14036 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 14:21:57 +00:00
Joshua Drake 62c8c6ea9f big msftidy pass, ping me if there are issues
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 11:56:13 +00:00
Wei Chen 14cf0deb29 Add feature #5398
git-svn-id: file:///home/svn/framework3/trunk@14032 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-22 22:20:55 +00:00
Wei Chen 17f518897f Moved from auxiliary/scanner/sap
git-svn-id: file:///home/svn/framework3/trunk@14030 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-22 21:33:53 +00:00
Wei Chen 1e7c197d8e git-svn-id: file:///home/svn/framework3/trunk@14029 4d416f70-5f16-0410-b530-b9f4589650da 2011-10-22 21:32:36 +00:00
Wei Chen a62a236ad0 Add feature #5541
git-svn-id: file:///home/svn/framework3/trunk@14027 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-22 20:03:25 +00:00
Wei Chen 2a3f430c8e SAP ICM URLscan module (Feature #5620) by Chris
git-svn-id: file:///home/svn/framework3/trunk@14026 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-22 08:41:54 +00:00
Joshua Drake 4481354b83 typo
git-svn-id: file:///home/svn/framework3/trunk@14023 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-22 03:04:02 +00:00
Steve Tornio 27cba3d7ec add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@14020 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-21 11:50:59 +00:00
Wei Chen 06aa776a77 Bleh, fix BID reference
git-svn-id: file:///home/svn/framework3/trunk@14016 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-20 17:40:21 +00:00
Wei Chen e5f7bfceaf Add HP Power Manager module by ipax, thx!
git-svn-id: file:///home/svn/framework3/trunk@14015 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-20 17:29:48 +00:00
Wei Chen 389be65dff Attempt number 2 to fix #5579
git-svn-id: file:///home/svn/framework3/trunk@14014 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-20 16:29:15 +00:00
Wei Chen dd2623dba9 For bug #5579
git-svn-id: file:///home/svn/framework3/trunk@14012 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-20 01:07:08 +00:00
Carlos Perez ad1824ebec Multi post module execution against a selected session using macro/rc file
git-svn-id: file:///home/svn/framework3/trunk@14011 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-19 22:13:14 +00:00
Carlos Perez 75a1b18690 Persistence Meterpreter script re-wrote and optimized in to post module
git-svn-id: file:///home/svn/framework3/trunk@14010 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-19 22:09:29 +00:00
Carlos Perez d3a7e13b50 Fixed reporting of found hosts
git-svn-id: file:///home/svn/framework3/trunk@14009 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-19 22:08:56 +00:00
Carlos Perez 9329203eb9 Added payload selection and architecture check of payload for Windows Service PE output
git-svn-id: file:///home/svn/framework3/trunk@14008 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-19 22:08:23 +00:00
David Rude 091b9779e2 Add commas
git-svn-id: file:///home/svn/framework3/trunk@14007 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-19 20:41:09 +00:00
David Rude 521aec205b Return on error
git-svn-id: file:///home/svn/framework3/trunk@14006 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-19 19:55:04 +00:00
Carlos Perez 88dbc6adee Accidental assignment
git-svn-id: file:///home/svn/framework3/trunk@14005 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-19 13:04:40 +00:00
Steve Tornio 1f698e09c9 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@14004 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-19 11:19:59 +00:00
Carlos Perez f56f620222 Multi platform DNS Enumeration post modules, tested on OS X, Linux, Solaris and Windows
git-svn-id: file:///home/svn/framework3/trunk@14003 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 23:34:00 +00:00
Carlos Perez ee9be2d51e Multi platform post module for creating reverse tcp shells using scripting environments found on the target system, tested on Linux, OS X and Solaris
git-svn-id: file:///home/svn/framework3/trunk@14001 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 23:31:04 +00:00
Carlos Perez a5dc422f9a Windows Credential Store enumeration and decryption module by Kx499
git-svn-id: file:///home/svn/framework3/trunk@14000 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 23:25:28 +00:00
Joshua Drake ac916baac5 Fixes #5581: Stop hardcoding MIPS reverse shell IP/port
git-svn-id: file:///home/svn/framework3/trunk@13999 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 22:50:12 +00:00
David Rude 4209431355 Follow a consistent naming convention
git-svn-id: file:///home/svn/framework3/trunk@13996 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 20:42:59 +00:00
Wei Chen 973227933b Add CVE-2011-1290 as an aux module
git-svn-id: file:///home/svn/framework3/trunk@13994 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 16:30:28 +00:00
Wei Chen 0f1ba8dcf1 Change user agent check
git-svn-id: file:///home/svn/framework3/trunk@13993 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 15:48:03 +00:00
HD Moore 63d3fe2e9c Cosmetic
git-svn-id: file:///home/svn/framework3/trunk@13992 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 09:57:12 +00:00
HD Moore 5916a4afe3 Cosmetic
git-svn-id: file:///home/svn/framework3/trunk@13991 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 09:56:33 +00:00
HD Moore f2469fc23f Drop phpi to normal ranking, it eats too much time
git-svn-id: file:///home/svn/framework3/trunk@13990 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 09:10:45 +00:00
HD Moore e4290e40c4 Fix the check to not report empty user/pass
git-svn-id: file:///home/svn/framework3/trunk@13989 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 09:10:00 +00:00
Wei Chen 8e4f4a2672 Add CVE-2011-1774 (Safari libxslt arbitrary file creation)
git-svn-id: file:///home/svn/framework3/trunk@13987 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 07:39:50 +00:00
Wei Chen 0a661ec227 Add CVE-2011-3305 (#5673)
git-svn-id: file:///home/svn/framework3/trunk@13985 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 04:40:21 +00:00
Wei Chen fbbec1fa92 This exploit falls between NormalRanking to GoodRanking. I'll class it as Normal for now.
git-svn-id: file:///home/svn/framework3/trunk@13984 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 03:48:10 +00:00
Wei Chen 975cc52bac Fix spelling errors
git-svn-id: file:///home/svn/framework3/trunk@13983 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 00:54:05 +00:00
Wei Chen 6e3b36e142 path could be nil but only checked using empty?. Defaulting value to ''
git-svn-id: file:///home/svn/framework3/trunk@13979 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 16:35:53 +00:00
Wei Chen d204f4027b Catch nil first before do .empty?
git-svn-id: file:///home/svn/framework3/trunk@13978 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 15:59:57 +00:00
Wei Chen 87ec1c390e We caught a problem with the module timing out (execution expired), this is an attempt to handle that more gracefully.
git-svn-id: file:///home/svn/framework3/trunk@13977 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 15:38:09 +00:00
Wei Chen 7dbf2e3fcd Apply fix by David, thx!
git-svn-id: file:///home/svn/framework3/trunk@13975 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 15:08:39 +00:00
Wei Chen 0304702b14 Mention where the getpc code is from, request by corelanc0d3r
git-svn-id: file:///home/svn/framework3/trunk@13974 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 14:56:44 +00:00
Jonathan Cran bbfbb38a5f wording fix.
git-svn-id: file:///home/svn/framework3/trunk@13973 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 08:56:07 +00:00
David Rude 8e88a3eaba fix gsub error in foreach dir api usage
git-svn-id: file:///home/svn/framework3/trunk@13972 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 05:54:20 +00:00
Tod Beardsley c336d063da Mostly file format (unix linefeeds) and File.open() calls using binary. Fixed ranking for mozilla_nstreerange and disclosure and BID # for tugzip.
git-svn-id: file:///home/svn/framework3/trunk@13971 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 04:20:53 +00:00
Wei Chen 7ef8c16e75 Fix NoMethodERror undefined method 'each' for '[path]':String error.
paths might be a string instead of an array, because the function that does unix-based enumeration returns a string


git-svn-id: file:///home/svn/framework3/trunk@13970 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 04:15:58 +00:00
Wei Chen 0af43246a4 Fix bug #5688. Some distros might have a different location for command uname
git-svn-id: file:///home/svn/framework3/trunk@13969 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 03:55:05 +00:00