Commit Graph

5628 Commits (d96a6a1f8ffd4f0f0a0ca809b2677f0c56ab5ab5)

Author SHA1 Message Date
Joshua Drake d96a6a1f8f add exploit module for cve-2009-2261 - first consumer of zip library!
git-svn-id: file:///home/svn/framework3/trunk@8440 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-10 17:28:25 +00:00
Joshua Drake 2c100083bf add a zip implementation, Rex::Zip, see lib/rex/zip/samples for more info
git-svn-id: file:///home/svn/framework3/trunk@8439 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-10 17:27:40 +00:00
Tod Beardsley a241e0f949 Reworking module_ports to be more immediately useful to include its output in other ruby scripts.
git-svn-id: file:///home/svn/framework3/trunk@8438 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 23:39:27 +00:00
Tod Beardsley 2aa8ca08d5 Including auxiliary modules along with exploit modules for port counting.
git-svn-id: file:///home/svn/framework3/trunk@8437 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 23:20:15 +00:00
natron f93a8e878e Auxiliary failed: NoMethodError undefined method `each' for "GET ([^ ?]+) HTTP":String
git-svn-id: file:///home/svn/framework3/trunk@8436 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 22:36:37 +00:00
Tod Beardsley 65c5eae59e Calling it postgres instead of postgresql for overall consistency.
git-svn-id: file:///home/svn/framework3/trunk@8435 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 20:44:23 +00:00
James Lee e2d70519d7 add the ability to check for a prompt before sending user/pass; now works with cisco, aix, solaris, linux, and windows telnetds
git-svn-id: file:///home/svn/framework3/trunk@8434 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 19:07:02 +00:00
Stephen Fewer 23901c83ea ...and the bins.
git-svn-id: file:///home/svn/framework3/trunk@8433 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 16:48:13 +00:00
Stephen Fewer a03b7c3feb Commit the modified auxiliary modules to include a CHOST option so the relevant modules can avail of the new UDP pivoting.
git-svn-id: file:///home/svn/framework3/trunk@8432 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 16:47:38 +00:00
Stephen Fewer 6335fde3e1 Commit the Ruby side for the UDP socket pivoting. Change the TCP client channel so the respective StreamAbstraction is responsible for monitoring its own rsock.
git-svn-id: file:///home/svn/framework3/trunk@8431 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 16:45:46 +00:00
Stephen Fewer e732ef6872 Commit the Meterpreter C side for the UDP socket pivoting. (+1 bug fix for the TCP client socket notify event function)
git-svn-id: file:///home/svn/framework3/trunk@8430 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 16:43:33 +00:00
HD Moore a92f5f207b Handle null user lists
git-svn-id: file:///home/svn/framework3/trunk@8429 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 16:43:26 +00:00
HD Moore 11e8710a60 Catch OpenDomain failures
git-svn-id: file:///home/svn/framework3/trunk@8428 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 16:34:49 +00:00
Joshua Drake 48a159006a Regenerate the payload with the specified AIX level, cleanups
git-svn-id: file:///home/svn/framework3/trunk@8427 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 04:15:47 +00:00
Joshua Drake e7f7ac20ea extended brute range, minor cleanups
git-svn-id: file:///home/svn/framework3/trunk@8426 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 04:15:15 +00:00
HD Moore 55aaf69b4b Avoid a warning
git-svn-id: file:///home/svn/framework3/trunk@8425 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 04:12:34 +00:00
HD Moore af978cbbdc Regenerate the payload with the specified AIX level
git-svn-id: file:///home/svn/framework3/trunk@8424 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 03:59:20 +00:00
et 36c61ff5ed Fix typo
git-svn-id: file:///home/svn/framework3/trunk@8423 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 01:10:29 +00:00
Joshua Drake 7bf3de2a3d randomize filler
git-svn-id: file:///home/svn/framework3/trunk@8422 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 00:43:56 +00:00
Joshua Drake 40579ce936 it works! don't forget to "set AIX <version>"
git-svn-id: file:///home/svn/framework3/trunk@8421 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 00:41:49 +00:00
Joshua Drake 4a39cc13f6 oops, wrong syscall number for listen
git-svn-id: file:///home/svn/framework3/trunk@8420 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 00:05:15 +00:00
HD Moore eaa930b9ce Sample wordlists
git-svn-id: file:///home/svn/framework3/trunk@8419 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 23:00:02 +00:00
Joshua Drake 17bd4b8b7d fixed aix payloads to REALLY do variable substitution
git-svn-id: file:///home/svn/framework3/trunk@8418 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 22:41:36 +00:00
Tod Beardsley c763052c57 See #816. This came up while learning how to perform various postgre tasks via Metasploit.
This module in particular reads a text file on the remote machine, copies it to a temporary table, and then selects the table.

Looks like this:

http://pastie.org/private/uoxgaw7ibjpvuepolr1fuw



git-svn-id: file:///home/svn/framework3/trunk@8417 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 22:34:09 +00:00
HD Moore ba34abc232 Fix unpack("H*") vs unpack("H*")[0]
git-svn-id: file:///home/svn/framework3/trunk@8416 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 21:37:07 +00:00
HD Moore 885e396c4d Fix close/shutdown issue
git-svn-id: file:///home/svn/framework3/trunk@8415 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 20:44:59 +00:00
Tod Beardsley 2860d57e01 Cosmetic change to print_status messages to be consistent with Postgres
git-svn-id: file:///home/svn/framework3/trunk@8414 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 20:12:35 +00:00
HD Moore c6c1cda153 Try to delete the file (doesn't always work)
git-svn-id: file:///home/svn/framework3/trunk@8413 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 19:12:59 +00:00
HD Moore bc62eaf99b Adds a module to exploit insecure IIS configurations (PUT)
git-svn-id: file:///home/svn/framework3/trunk@8412 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 19:04:19 +00:00
Tod Beardsley d374c16662 Fixed up reporting for DB2 and tested; also added other default usernames for db2.
git-svn-id: file:///home/svn/framework3/trunk@8411 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 18:54:50 +00:00
Steve Tornio f3ad1c0a15 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8410 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 18:53:21 +00:00
James Lee 894664ef72 add a plugin to create new routes through previously-unknown subnets
git-svn-id: file:///home/svn/framework3/trunk@8409 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 18:21:13 +00:00
Tod Beardsley 0b6c44b2cb Adding reporting to postgres_login. Logging version info more verbosely for authenticated login, since it's way useful.
git-svn-id: file:///home/svn/framework3/trunk@8408 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 17:35:58 +00:00
Tod Beardsley 67bb7a1926 Cleaning up print_status messages for Postgres SQL module and Postgres library.
git-svn-id: file:///home/svn/framework3/trunk@8407 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 16:43:44 +00:00
HD Moore 79c68e3784 Fix the description
git-svn-id: file:///home/svn/framework3/trunk@8406 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 13:53:50 +00:00
HD Moore c28f15d02c Quote the share name
git-svn-id: file:///home/svn/framework3/trunk@8405 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 13:36:35 +00:00
Joshua Drake 5e95c3c2ef add metasm_shell to tools dir
git-svn-id: file:///home/svn/framework3/trunk@8404 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 01:43:24 +00:00
Joshua Drake 79d2ecc227 don't slice a nil buffer
git-svn-id: file:///home/svn/framework3/trunk@8403 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 01:42:11 +00:00
Joshua Drake f04ae6f20d minor cleanups -- getting closer
git-svn-id: file:///home/svn/framework3/trunk@8402 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 01:03:46 +00:00
HD Moore c8af3431b6 Typo
git-svn-id: file:///home/svn/framework3/trunk@8401 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 01:02:46 +00:00
HD Moore 5f76353e8e Woops, add the missing support files
git-svn-id: file:///home/svn/framework3/trunk@8400 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 00:59:29 +00:00
HD Moore 7870638481 Expose the SunRPC socket; we need to overhaul the SunRPC code sometime
git-svn-id: file:///home/svn/framework3/trunk@8399 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 00:52:58 +00:00
Joshua Drake 8b63d506f7 initial commit of aix cmsd exploit (not fully working yet)
git-svn-id: file:///home/svn/framework3/trunk@8398 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 00:44:54 +00:00
Joshua Drake d68efa61d2 initial commit of aix cmsd exploit (not fully working yet)
git-svn-id: file:///home/svn/framework3/trunk@8397 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 00:44:37 +00:00
Joshua Drake 9f174795d4 add exploit module for vermillion ftpd memory corruption
git-svn-id: file:///home/svn/framework3/trunk@8396 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 00:39:48 +00:00
Joshua Drake a772bc2c85 minor cleanups
git-svn-id: file:///home/svn/framework3/trunk@8395 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-07 21:42:12 +00:00
Joshua Drake 7d9d169a1a exploit/sunrpc: return nil on error
git-svn-id: file:///home/svn/framework3/trunk@8394 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-07 03:51:14 +00:00
James Lee c6c1afe543 open sessions when a telnet login succeeds; needs testing on more telnetd's
git-svn-id: file:///home/svn/framework3/trunk@8393 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-07 01:24:41 +00:00
James Lee 3b0b2731fd fix telnet scanner
git-svn-id: file:///home/svn/framework3/trunk@8392 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-07 00:14:29 +00:00
HD Moore bd91871763 Correct credit for the advisory
git-svn-id: file:///home/svn/framework3/trunk@8391 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-06 23:22:28 +00:00