Joshua Drake
d8818fc268
execute xp_cmdshell from master explicitly
...
git-svn-id: file:///home/svn/framework3/trunk@8720 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 23:55:04 +00:00
Tod Beardsley
a5e187bd69
Add the ability to slow down brute force sessions.
...
git-svn-id: file:///home/svn/framework3/trunk@8719 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 23:29:26 +00:00
Joshua Drake
d370ab62c6
don't wait for shell.run to finish
...
git-svn-id: file:///home/svn/framework3/trunk@8718 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 22:33:16 +00:00
Joshua Drake
8a2382ed1a
don't wait for shell.run to finish
...
git-svn-id: file:///home/svn/framework3/trunk@8717 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 22:32:46 +00:00
Joshua Drake
1629bf7bf0
move http_send_cmd into cmdweb test exploit
...
git-svn-id: file:///home/svn/framework3/trunk@8716 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 21:00:58 +00:00
Joshua Drake
0ed5fc1af1
change VERBOSE option from OptString to OptBool
...
git-svn-id: file:///home/svn/framework3/trunk@8715 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 20:59:49 +00:00
Stephen Fewer
a44358df67
Simple fix for #1013 and the migration permission error message.
...
git-svn-id: file:///home/svn/framework3/trunk@8714 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 19:31:36 +00:00
Joshua Drake
0900314a15
redirect requests without subdirectories
...
git-svn-id: file:///home/svn/framework3/trunk@8713 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 18:28:05 +00:00
Joshua Drake
4bd857b53e
add exploit module for cve-2008-3558
...
git-svn-id: file:///home/svn/framework3/trunk@8712 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 17:41:26 +00:00
James Lee
bf2a64b3ac
use new argument list for get_host
...
git-svn-id: file:///home/svn/framework3/trunk@8711 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:59:55 +00:00
James Lee
c2612548c5
fix get_host, was breaking browser_autopwn, see #976
...
git-svn-id: file:///home/svn/framework3/trunk@8710 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:58:47 +00:00
James Lee
602395ead0
don't set the language if we don't have one
...
git-svn-id: file:///home/svn/framework3/trunk@8709 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:38:52 +00:00
James Lee
4f08e6fd25
treat the database as write-only and use the (improved) target cache, fixes 986
...
git-svn-id: file:///home/svn/framework3/trunk@8708 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:37:58 +00:00
James Lee
f40a9a5c4b
new ie fingerprint
...
git-svn-id: file:///home/svn/framework3/trunk@8707 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:17:10 +00:00
James Lee
37159d6b41
move this up so all database drivers have a bigger pool, see #976
...
git-svn-id: file:///home/svn/framework3/trunk@8706 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:10:20 +00:00
Joshua Drake
e8f22a7136
add exploit module for cve-2008-3878
...
git-svn-id: file:///home/svn/framework3/trunk@8705 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 06:19:37 +00:00
James Lee
dea2ba3420
try a little harder not to break things by making sure there's a space in front of comments before removing them
...
git-svn-id: file:///home/svn/framework3/trunk@8704 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 03:20:52 +00:00
Joshua Drake
5aebed8fe7
add exploit module for cve-2008-5002
...
git-svn-id: file:///home/svn/framework3/trunk@8703 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 21:17:31 +00:00
James Lee
506fdb63ff
remove comments after obfuscating strings so things like ' http://example.com ' in a string doesn't get mangled. will still have problems with a string like that and no string obfu
...
git-svn-id: file:///home/svn/framework3/trunk@8702 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 20:51:29 +00:00
James Lee
b70b17b42a
don't use undefined variables.
...
git-svn-id: file:///home/svn/framework3/trunk@8701 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 19:51:05 +00:00
James Lee
7392de4d3d
don't use undefined variables.
...
git-svn-id: file:///home/svn/framework3/trunk@8700 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 19:50:22 +00:00
James Lee
7d348c3593
honor the SSL option in HttpServer, fixes #1001
...
git-svn-id: file:///home/svn/framework3/trunk@8699 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 18:47:04 +00:00
Joshua Drake
fb5906385d
add exploit module for cve-2009-1534
...
git-svn-id: file:///home/svn/framework3/trunk@8698 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 18:12:37 +00:00
Joshua Drake
9148068acc
pass unlink_now flag to close for Tempfile instances
...
git-svn-id: file:///home/svn/framework3/trunk@8697 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 04:58:12 +00:00
Joshua Drake
d86575701d
added CVE, KB references
...
git-svn-id: file:///home/svn/framework3/trunk@8696 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 03:20:58 +00:00
James Lee
467a7a5f3e
merge mubix's patch to allow importing a simple list of ip addresses from a file, closes #999
...
git-svn-id: file:///home/svn/framework3/trunk@8695 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 00:34:16 +00:00
James Lee
c07b47b30b
explicitly rescue timeouts since they inherit from ::Interrupt on ruby 1.8
...
git-svn-id: file:///home/svn/framework3/trunk@8694 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 23:08:05 +00:00
Tod Beardsley
7d3ac25586
Adds Citrix-ICA to the UDP sweep discovery module.
...
git-svn-id: file:///home/svn/framework3/trunk@8693 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 18:48:28 +00:00
Joshua Drake
7a37934a01
process autorun scripts for telnet_login and ssh_login
...
1. create session.process_autoruns in Msf::Sessions::CommandShell
2. call process_autoruns from within the handler on_session code
4. set user_input and user_output in sessions base set_from_exploit method
5. remove on_session from Msf::Sessions::CommandShellOptions
6. include CommandShellOptions into telnet_login and ssh_login
7. call sess.process_autoruns from telnet_login and ssh_login
8. celebrate (while crossing fingers of course)!
git-svn-id: file:///home/svn/framework3/trunk@8692 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 18:07:50 +00:00
Tod Beardsley
09a669875c
Bumping the minimum version of MySQL to try back to 4.1.20, no problems seen
...
on that build.
git-svn-id: file:///home/svn/framework3/trunk@8691 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 16:52:22 +00:00
James Lee
15b13d2472
make string obfuscation produce correct code more often (should be 100% now, but no guarantees). stops doing hex-encoding (more hassle than it's worth) and adds random split/concats (jduck's idea)
...
git-svn-id: file:///home/svn/framework3/trunk@8690 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 14:36:09 +00:00
James Lee
76745eed81
bump the connection pool up to 30 for sqlite; see #976 . Not closing the bug, since I don't know how this will work in the long term
...
git-svn-id: file:///home/svn/framework3/trunk@8689 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 14:27:36 +00:00
Steve Tornio
074b4ada44
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8688 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 12:23:17 +00:00
James Lee
b16a08c4cd
whitespace
...
git-svn-id: file:///home/svn/framework3/trunk@8687 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 11:10:23 +00:00
Joshua Drake
4b59410507
rename module per ms bulletin
...
git-svn-id: file:///home/svn/framework3/trunk@8686 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 07:50:25 +00:00
Joshua Drake
d0153225a0
add exploit module for cve-2009-1612
...
git-svn-id: file:///home/svn/framework3/trunk@8685 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 02:26:55 +00:00
Joshua Drake
e7a9391a76
minor tweaks, no functional changes
...
git-svn-id: file:///home/svn/framework3/trunk@8684 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 02:26:08 +00:00
Carlos Perez
5f0e0916f3
Improved Pidging Meterpreter Script by Ryan Hayward
...
git-svn-id: file:///home/svn/framework3/trunk@8683 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 01:54:14 +00:00
Joshua Drake
cc9113397c
add exploit for IE Windows Help vulnerability
...
git-svn-id: file:///home/svn/framework3/trunk@8682 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 23:14:20 +00:00
Tod Beardsley
453451a26d
Check the version number of the remote MySQL server before attempting
...
to log in. Sadly, the library we're using right now doesn't know
how to correctly negotiate 4.x and 3.x versions of MySQL. Until that
gets resolved (by writing a new library for these old versions),
this will at least prevent false positives/negatives from getting
reported.
git-svn-id: file:///home/svn/framework3/trunk@8681 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 22:56:00 +00:00
Tod Beardsley
e2af2f9ab9
Again.
...
git-svn-id: file:///home/svn/framework3/trunk@8680 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 20:20:37 +00:00
Tod Beardsley
e1a02d602d
Fixing up the tomcat login scanner.
...
git-svn-id: file:///home/svn/framework3/trunk@8679 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 20:20:20 +00:00
Joshua Drake
e80df81350
correct the CVE reference
...
git-svn-id: file:///home/svn/framework3/trunk@8678 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 19:47:13 +00:00
Joshua Drake
cc891bce80
whitespace cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@8677 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 15:13:04 +00:00
HD Moore
ac517fafea
Remove the db dependency from Meterpreter scripts
...
git-svn-id: file:///home/svn/framework3/trunk@8676 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-28 19:29:43 +00:00
Tod Beardsley
341f4a258d
Removing net-ssh's ability to write to your known_hosts file. Some day, make this an optional behavior, but for now, turn that rudeness off.
...
git-svn-id: file:///home/svn/framework3/trunk@8675 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-26 22:45:58 +00:00
James Lee
3b59bc7cfc
use the same option names for user/pass
...
git-svn-id: file:///home/svn/framework3/trunk@8674 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-26 22:14:58 +00:00
HD Moore
e4ec13eec2
Store the path in the path
...
git-svn-id: file:///home/svn/framework3/trunk@8673 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-26 22:13:20 +00:00
James Lee
cded6cc59d
log all output from sessions when reading from rpc
...
git-svn-id: file:///home/svn/framework3/trunk@8672 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-26 21:55:30 +00:00
HD Moore
df415fd636
Fix workspace.loots
...
git-svn-id: file:///home/svn/framework3/trunk@8671 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-26 21:48:16 +00:00