Commit Graph

88 Commits (da88e5822a2c8687b8b5a3a244339f2e9bd576d7)

Author SHA1 Message Date
Tod Beardsley 23d058067a
Redo the boilerplate / splat
[SeeRM #8496]
2013-10-15 13:51:57 -05:00
Tab Assassin 41e4375e43 Retab modules 2013-08-30 16:28:54 -05:00
Christian Mehlmauer 95948b9d7c msftidy: remove $Revision$ 2013-01-03 00:58:09 +01:00
Christian Mehlmauer ca890369b1 msftidy: remove $Id$ 2013-01-03 00:54:48 +01:00
HD Moore f72f334124 Fix an odd issue with search due to use of the builtin Proxies option 2012-08-12 23:22:38 -05:00
RageLtMan 33c74c97e2 Add Opt::Proxies and opthash[:proxies] to ssh mods 2012-08-12 16:23:22 -04:00
RageLtMan c9690033c7 This commit allows ssh_login to use socks proxies. Net::SSH::Transport::Session could take a :proxy option,
but it expects a factory object not a string, when setting :proxy => datastore['Proxies'] user got:
"Auxiliary failed: NoMethodError private method `open' called for \"socks4:localhost:1080\":String."
VALID_OPTIONS in ssh.rb now takes :proxies option which is passed to the Rex socket in
Net::SSH::Transport::Session.new.

Testing: block all outgoing to SSH server, try to connect with a proxy. Try with :proxy option,
then merge this pull request and try again.
2012-08-12 16:01:52 -04:00
HD Moore f5533c5298 Enforce a timeout in the ssh handshake (avoid hangs in some cases) 2012-06-12 15:19:01 -05:00
sinn3r 3f0431cf51 Massive whitespace destruction
Remove whitespace found at the end of the line
2012-06-06 00:36:17 -05:00
sinn3r c30af98b53 Massive whitespace destruction
Remove all the lines that have nothing but whitespace
2012-06-06 00:22:36 -05:00
HD Moore 2ad17299e2 Handle cisco devices better with ssh logins 2012-05-31 14:59:24 -05:00
David Maloney 9e7acf3a57 left debug statement in module 2012-05-29 20:23:56 -05:00
David Maloney df85e4f586 Remove trailing comma 2012-05-21 16:28:02 -05:00
David Maloney 17943c7a48 Makes it so we don't ever use local config files for Net::SSH
Also makes sure that the :config =>false option keeps
Net:SSH from meddling with knowns_hosts too
2012-05-21 16:09:08 -05:00
sinn3r aeb691bbee Massive whitespace cleanup 2012-03-18 00:07:27 -05:00
James Lee 464cf7f65f Normalize service names
Downcases lots and standardizes a few.  Notably, modules that reported a
service name of "TNS" are now "oracle".  Modules that report http
now check for SSL and report https instead.

[Fixes #6437]
2012-02-21 22:59:20 -07:00
HD Moore ceb4888772 Fix up the boilerplate comment to use a better url 2012-02-20 19:40:50 -06:00
Tod Beardsley 4ac6c0c3ee A great big pile of fixes to the ssh scanners
Not sure how this managed to fall out of master -- some of these fixes
are five days old, and should certianly have been merged in prior to
just now.
2012-01-13 13:49:21 -06:00
Tod Beardsley a1668f2b23 Adds SSHKey gem and some other ssh goodies
Pubkeys are now stored as loot, and the Cred model has new and exciting
ways to discover which pubkeys match which privkeys.

Squashed commit of the following:

commit 036d2eb61500da7e161f50d348a44fbf615f6e17
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 22:23:32 2012 -0600

    Updates ssh credentials to easily find common keys

    Instead of making the modules do all the work of cross-checking keys,
    this introduces a few new methods to the Cred model to make this more
    universal.

    Also includes the long-overdue workspace() method for credentials.

    So far, nothing actually implements it, but it's nice that it's there
    now.

commit c28430a721fc6272e48329bed902dd5853b4a75a
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 20:10:40 2012 -0600

    Adding back cross-checking for privkeys.

    Needs to test to see if anything depends on order, but should
    be okay to mark up the privkey proof with this as well.

commit dd3563995d4d3c015173e730eebacf471c671b4f
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 16:49:56 2012 -0600

    Add SSHKey gem, convert PEM pubkeys to SSH pubkeys

commit 11fc363ebda7bda2c3ad6d940299bf4cbafac6fd
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 13:51:55 2012 -0600

    Store pubkeys as loot for reuse.

    Yanked cross checking for now, will drop back in before pushing.

commit aad12b31a897db2952999f7be0161df1f59b6000
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 02:10:12 2012 -0600

    Fixes up a couple typos in ssh_identify_pubkeys

commit 48937728a92b9ae52d0b93cdcd20bb83f15f8803
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sat Jan 7 17:18:33 2012 -0600

    Updates to ssh_identify_pubkeys and friends

    Switches reporting to cred-based rather than note-based, accurately deal
    with DSA keys, adds disable_agent option to other ssh modules, and
    reports successful ssh_login attempts pubkey fingerprints as well.

    This last thing Leads to some double accounting of creds, so I'm not
    super-thrilled, but it sure makes searching for ssh_pubkey types a lot
    easier.... maybe a better solution is to just have a special method for
    the cred model, though.
2012-01-08 22:28:37 -06:00
HD Moore b12baccc49 Quick update, added a research option 2012-01-07 01:13:23 -06:00
HD Moore 7b26e33e19 Initial version 2012-01-06 00:53:50 -06:00
James Lee 67120d4263 msftidy on aux modules, see #5749 2011-11-20 13:12:07 +11:00
David Maloney c984ea41d1 Quick fix to cred sourcing to eliminate spaces in the source type 2011-11-10 20:39:13 -08:00
David Maloney a88f954640 More Cred Sourcing
git-svn-id: file:///home/svn/framework3/trunk@14197 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-09 01:49:57 +00:00
Tod Beardsley e9461c766e Msftidy run against a bunch of whitespace violations, a few line too longs.
git-svn-id: file:///home/svn/framework3/trunk@13962 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 02:42:01 +00:00
Carlos Perez 7ae1bbbb3f typo
git-svn-id: file:///home/svn/framework3/trunk@13904 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 01:49:36 +00:00
Carlos Perez a0c34d1c73 Sets a session platform when using ssh_login
git-svn-id: file:///home/svn/framework3/trunk@13903 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 01:48:42 +00:00
Tod Beardsley 486241cc99 SSH scanners shouldn't die just because they're on Windows and they try to talk to reserved addresses.
git-svn-id: file:///home/svn/framework3/trunk@13407 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-29 15:51:11 +00:00
James Lee 39c20b2935 cosmetic
git-svn-id: file:///home/svn/framework3/trunk@13174 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-14 20:27:25 +00:00
Tod Beardsley b9c5835b5e Touching up the ssh key login module to be smarter about duplicate user names, not be so chatty in its messaging to the console, deal with whitespace, and avoid storing duplicate keys when we don't need to.
git-svn-id: file:///home/svn/framework3/trunk@13162 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-13 20:51:18 +00:00
Tod Beardsley dc84ee6aab More fixups for ssh_login_pubkey and special handlers for long strings of keys.
git-svn-id: file:///home/svn/framework3/trunk@13156 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-12 20:58:25 +00:00
Tod Beardsley 04e2eb43ef Removing the load() line from ssh_login, just wanted it for dev.
git-svn-id: file:///home/svn/framework3/trunk@12980 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-20 19:23:00 +00:00
Tod Beardsley 6827495d17 Adds a # of passwords per username limiter to authbrute.
git-svn-id: file:///home/svn/framework3/trunk@12970 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-18 04:14:06 +00:00
Tod Beardsley db1619d035 Rejiggers the max credentials limiter a little, and adds a max time limiter per service.
git-svn-id: file:///home/svn/framework3/trunk@12967 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-17 22:40:25 +00:00
Tod Beardsley ab37580056 Refactored the AuthBrute mixin some to make the each_user_pass function a little cleaner and easier to maintain.
And maintain it I shall! Added in a standardized print_brute method to normalize the AuthBrute output to always include host, port, proto, and number of guesses over number remaining.

Also adds support for a MaxGuessesPerService datastore option for AuthBrute modules.

Currently, only ssh_login supports the new stuff, but now it's just a conversion matter. Will get to that in a bit.




git-svn-id: file:///home/svn/framework3/trunk@12958 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-16 22:08:45 +00:00
Joshua Drake 28ae2316a4 Fixes #4390, such a bute
git-svn-id: file:///home/svn/framework3/trunk@12578 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-10 20:52:59 +00:00
Tod Beardsley 3829d2606b Removing the un-used USER_AS_PASS option for ssh_login_pubkey.
git-svn-id: file:///home/svn/framework3/trunk@12411 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-22 21:05:27 +00:00
Tod Beardsley ea6b1bb626 Fixes #4190 by reseting self.ssh_socket after the connection is established.
git-svn-id: file:///home/svn/framework3/trunk@12402 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-22 15:32:00 +00:00
Tod Beardsley b91c81a182 Fixes #4074 -- corrects the affected regexes.
git-svn-id: file:///home/svn/framework3/trunk@12238 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-04 22:19:59 +00:00
Tod Beardsley 5f70c705c1 Committing the Kippo ssh honeypot detection as seen at AHA!.
git-svn-id: file:///home/svn/framework3/trunk@11817 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-24 13:57:26 +00:00
Tod Beardsley 24388f3a38 Adding a CVE reference for weak/blank/guessable passwords.
git-svn-id: file:///home/svn/framework3/trunk@11465 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-04 15:30:17 +00:00
Joshua Drake 9c668b8daf Super-duper rservices commit -
1. Added rsh, rlogin, and rexec auth brute scanners
2. Login negotation moved into new Msf::Auxiliary::Login mixin
3. Centralized session registration for auth brute scanners
4. Telnet and SSH auth brute scanners updated to use new mixins
5. Previously committed rservices mixin (r11093)



git-svn-id: file:///home/svn/framework3/trunk@11106 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-23 01:23:24 +00:00
Jonathan Cran e295408327 typo!
git-svn-id: file:///home/svn/framework3/trunk@11103 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 22:43:34 +00:00
Joshua Drake 04858c69fc style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@10758 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-19 22:54:19 +00:00
Tod Beardsley c2938323cc Pretty much the same deal as r10592, but for SSH, which sometimes has similiar RST problems.
git-svn-id: file:///home/svn/framework3/trunk@10593 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 02:11:06 +00:00
HD Moore e939379b1b Fix missing end, use explicit Timeout class
git-svn-id: file:///home/svn/framework3/trunk@10366 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-18 04:15:32 +00:00
Tod Beardsley b023d89469 Wrap SSH and Telnet version checkers in a timeout, or else they sometimes hang forever.
git-svn-id: file:///home/svn/framework3/trunk@10365 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-18 03:00:19 +00:00
Tod Beardsley 6d6a547b34 Fixes #2412. Adds a creds table, modifies the db_report_auth API, adds the db_creds and db_add_cred commands.
git-svn-id: file:///home/svn/framework3/trunk@10034 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-18 00:58:20 +00:00
Joshua Drake f6033b9bd6 change some print_status to print_error, rename a few msft modules using msb convention
git-svn-id: file:///home/svn/framework3/trunk@9929 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-25 21:37:54 +00:00
Joshua Drake 0882838491 ensure binary mode when opening files, whitespace fixes
git-svn-id: file:///home/svn/framework3/trunk@9653 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 23:33:07 +00:00