Joshua Drake
d96a6a1f8f
add exploit module for cve-2009-2261 - first consumer of zip library!
...
git-svn-id: file:///home/svn/framework3/trunk@8440 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-10 17:28:25 +00:00
Joshua Drake
2c100083bf
add a zip implementation, Rex::Zip, see lib/rex/zip/samples for more info
...
git-svn-id: file:///home/svn/framework3/trunk@8439 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-10 17:27:40 +00:00
Tod Beardsley
a241e0f949
Reworking module_ports to be more immediately useful to include its output in other ruby scripts.
...
git-svn-id: file:///home/svn/framework3/trunk@8438 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 23:39:27 +00:00
Tod Beardsley
2aa8ca08d5
Including auxiliary modules along with exploit modules for port counting.
...
git-svn-id: file:///home/svn/framework3/trunk@8437 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 23:20:15 +00:00
natron
f93a8e878e
Auxiliary failed: NoMethodError undefined method `each' for "GET ([^ ?]+) HTTP":String
...
git-svn-id: file:///home/svn/framework3/trunk@8436 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 22:36:37 +00:00
Tod Beardsley
65c5eae59e
Calling it postgres instead of postgresql for overall consistency.
...
git-svn-id: file:///home/svn/framework3/trunk@8435 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 20:44:23 +00:00
James Lee
e2d70519d7
add the ability to check for a prompt before sending user/pass; now works with cisco, aix, solaris, linux, and windows telnetds
...
git-svn-id: file:///home/svn/framework3/trunk@8434 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 19:07:02 +00:00
Stephen Fewer
23901c83ea
...and the bins.
...
git-svn-id: file:///home/svn/framework3/trunk@8433 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 16:48:13 +00:00
Stephen Fewer
a03b7c3feb
Commit the modified auxiliary modules to include a CHOST option so the relevant modules can avail of the new UDP pivoting.
...
git-svn-id: file:///home/svn/framework3/trunk@8432 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 16:47:38 +00:00
Stephen Fewer
6335fde3e1
Commit the Ruby side for the UDP socket pivoting. Change the TCP client channel so the respective StreamAbstraction is responsible for monitoring its own rsock.
...
git-svn-id: file:///home/svn/framework3/trunk@8431 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 16:45:46 +00:00
Stephen Fewer
e732ef6872
Commit the Meterpreter C side for the UDP socket pivoting. (+1 bug fix for the TCP client socket notify event function)
...
git-svn-id: file:///home/svn/framework3/trunk@8430 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 16:43:33 +00:00
HD Moore
a92f5f207b
Handle null user lists
...
git-svn-id: file:///home/svn/framework3/trunk@8429 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 16:43:26 +00:00
HD Moore
11e8710a60
Catch OpenDomain failures
...
git-svn-id: file:///home/svn/framework3/trunk@8428 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 16:34:49 +00:00
Joshua Drake
48a159006a
Regenerate the payload with the specified AIX level, cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@8427 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 04:15:47 +00:00
Joshua Drake
e7f7ac20ea
extended brute range, minor cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@8426 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 04:15:15 +00:00
HD Moore
55aaf69b4b
Avoid a warning
...
git-svn-id: file:///home/svn/framework3/trunk@8425 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 04:12:34 +00:00
HD Moore
af978cbbdc
Regenerate the payload with the specified AIX level
...
git-svn-id: file:///home/svn/framework3/trunk@8424 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 03:59:20 +00:00
et
36c61ff5ed
Fix typo
...
git-svn-id: file:///home/svn/framework3/trunk@8423 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 01:10:29 +00:00
Joshua Drake
7bf3de2a3d
randomize filler
...
git-svn-id: file:///home/svn/framework3/trunk@8422 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 00:43:56 +00:00
Joshua Drake
40579ce936
it works! don't forget to "set AIX <version>"
...
git-svn-id: file:///home/svn/framework3/trunk@8421 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 00:41:49 +00:00
Joshua Drake
4a39cc13f6
oops, wrong syscall number for listen
...
git-svn-id: file:///home/svn/framework3/trunk@8420 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 00:05:15 +00:00
HD Moore
eaa930b9ce
Sample wordlists
...
git-svn-id: file:///home/svn/framework3/trunk@8419 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 23:00:02 +00:00
Joshua Drake
17bd4b8b7d
fixed aix payloads to REALLY do variable substitution
...
git-svn-id: file:///home/svn/framework3/trunk@8418 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 22:41:36 +00:00
Tod Beardsley
c763052c57
See #816 . This came up while learning how to perform various postgre tasks via Metasploit.
...
This module in particular reads a text file on the remote machine, copies it to a temporary table, and then selects the table.
Looks like this:
http://pastie.org/private/uoxgaw7ibjpvuepolr1fuw
git-svn-id: file:///home/svn/framework3/trunk@8417 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 22:34:09 +00:00
HD Moore
ba34abc232
Fix unpack("H*") vs unpack("H*")[0]
...
git-svn-id: file:///home/svn/framework3/trunk@8416 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 21:37:07 +00:00
HD Moore
885e396c4d
Fix close/shutdown issue
...
git-svn-id: file:///home/svn/framework3/trunk@8415 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 20:44:59 +00:00
Tod Beardsley
2860d57e01
Cosmetic change to print_status messages to be consistent with Postgres
...
git-svn-id: file:///home/svn/framework3/trunk@8414 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 20:12:35 +00:00
HD Moore
c6c1cda153
Try to delete the file (doesn't always work)
...
git-svn-id: file:///home/svn/framework3/trunk@8413 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 19:12:59 +00:00
HD Moore
bc62eaf99b
Adds a module to exploit insecure IIS configurations (PUT)
...
git-svn-id: file:///home/svn/framework3/trunk@8412 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 19:04:19 +00:00
Tod Beardsley
d374c16662
Fixed up reporting for DB2 and tested; also added other default usernames for db2.
...
git-svn-id: file:///home/svn/framework3/trunk@8411 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 18:54:50 +00:00
Steve Tornio
f3ad1c0a15
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8410 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 18:53:21 +00:00
James Lee
894664ef72
add a plugin to create new routes through previously-unknown subnets
...
git-svn-id: file:///home/svn/framework3/trunk@8409 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 18:21:13 +00:00
Tod Beardsley
0b6c44b2cb
Adding reporting to postgres_login. Logging version info more verbosely for authenticated login, since it's way useful.
...
git-svn-id: file:///home/svn/framework3/trunk@8408 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 17:35:58 +00:00
Tod Beardsley
67bb7a1926
Cleaning up print_status messages for Postgres SQL module and Postgres library.
...
git-svn-id: file:///home/svn/framework3/trunk@8407 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 16:43:44 +00:00
HD Moore
79c68e3784
Fix the description
...
git-svn-id: file:///home/svn/framework3/trunk@8406 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 13:53:50 +00:00
HD Moore
c28f15d02c
Quote the share name
...
git-svn-id: file:///home/svn/framework3/trunk@8405 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 13:36:35 +00:00
Joshua Drake
5e95c3c2ef
add metasm_shell to tools dir
...
git-svn-id: file:///home/svn/framework3/trunk@8404 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 01:43:24 +00:00
Joshua Drake
79d2ecc227
don't slice a nil buffer
...
git-svn-id: file:///home/svn/framework3/trunk@8403 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 01:42:11 +00:00
Joshua Drake
f04ae6f20d
minor cleanups -- getting closer
...
git-svn-id: file:///home/svn/framework3/trunk@8402 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 01:03:46 +00:00
HD Moore
c8af3431b6
Typo
...
git-svn-id: file:///home/svn/framework3/trunk@8401 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 01:02:46 +00:00
HD Moore
5f76353e8e
Woops, add the missing support files
...
git-svn-id: file:///home/svn/framework3/trunk@8400 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 00:59:29 +00:00
HD Moore
7870638481
Expose the SunRPC socket; we need to overhaul the SunRPC code sometime
...
git-svn-id: file:///home/svn/framework3/trunk@8399 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 00:52:58 +00:00
Joshua Drake
8b63d506f7
initial commit of aix cmsd exploit (not fully working yet)
...
git-svn-id: file:///home/svn/framework3/trunk@8398 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 00:44:54 +00:00
Joshua Drake
d68efa61d2
initial commit of aix cmsd exploit (not fully working yet)
...
git-svn-id: file:///home/svn/framework3/trunk@8397 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 00:44:37 +00:00
Joshua Drake
9f174795d4
add exploit module for vermillion ftpd memory corruption
...
git-svn-id: file:///home/svn/framework3/trunk@8396 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 00:39:48 +00:00
Joshua Drake
a772bc2c85
minor cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@8395 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-07 21:42:12 +00:00
Joshua Drake
7d9d169a1a
exploit/sunrpc: return nil on error
...
git-svn-id: file:///home/svn/framework3/trunk@8394 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-07 03:51:14 +00:00
James Lee
c6c1afe543
open sessions when a telnet login succeeds; needs testing on more telnetd's
...
git-svn-id: file:///home/svn/framework3/trunk@8393 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-07 01:24:41 +00:00
James Lee
3b0b2731fd
fix telnet scanner
...
git-svn-id: file:///home/svn/framework3/trunk@8392 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-07 00:14:29 +00:00
HD Moore
bd91871763
Correct credit for the advisory
...
git-svn-id: file:///home/svn/framework3/trunk@8391 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-06 23:22:28 +00:00