infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
38,581 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

7135 Commits (db85f2599844f8e7e94c6b3152e729b843d9627d)

Author SHA1 Message Date
Brent Cook 44990e9721 Revert "change Metasploit4 class names" 
This reverts commit 3da9535e22.
 2016-03-07 13:19:48 -06:00
Brent Cook aa5b201427 Revert "revert ssl_login_pubkey for now" 
This reverts commit 7d773b65b6.
 2016-03-07 13:19:33 -06:00
Christian Mehlmauer 7d773b65b6
revert ssl_login_pubkey for now 2016-03-07 14:44:23 +01:00
Christian Mehlmauer 3da9535e22
change Metasploit4 class names 2016-03-07 09:57:22 +01:00
Christian Mehlmauer 666ae14259
change Metasploit3 class names 2016-03-07 09:56:58 +01:00
Brent Cook bb36cd016e Fix #6643, Pcap.lookupaddrs does not exist 2016-03-06 22:15:39 -06:00
Brent Cook eea8fa86dc unify the SSLVersion fields between modules and mixins 
Also actually handle the 'Auto' option that we had in the crawler and remove
hardcoded defaults in modules that do not need them.
 2016-03-06 22:06:27 -06:00
Brent Cook 66c697d2e4
Land #6602, update author info for dahua_dvr_auth_bypass 2016-03-06 15:13:01 -06:00
Brent Cook 4711191def remove non-specific URL 2016-03-06 15:12:25 -06:00
Brent Cook c7c0e12bb3 remove various module hacks for the datastore defaults not preserving types 2016-03-05 23:11:39 -06:00
Fakhri Zulkifli b1e9f44ca2 IPv6 Neighbor Advertisement Enhancement 
http://seclists.org/nmap-dev/2011/q2/79

1. Shorten router advertisement payload lifetime.
2. Randomize address prefix.
3. Prevent from getting into default router list.
 2016-03-06 03:23:37 +08:00
William Vu c5a9d59455
Land #6612, one final missing change 2016-02-29 15:08:42 -06:00
William Vu cb0493e5bb Recreate Msf::Exploit::Remote::Fortinet 
To match the path, even though it's kinda lame including it just for the
monkeypatch.
 2016-02-29 15:04:02 -06:00
Brent Cook 8c2ce9687a
Land #6620, fix typo in jtr_linux 2016-02-29 14:58:58 -06:00
William Vu a6a37b3089
Land #6612, missing commits included 2016-02-29 14:06:21 -06:00
wchen-r7 f5ad1286d2 Fix #6615, fix typo "format" 
Fix #6615
 2016-02-29 12:44:25 -06:00
William Vu 300fdc87bb Move Fortinet backdoor to module and library 2016-02-29 12:06:33 -06:00
wchen-r7 2950996cb8
Land #6612, Add aux module for Fortinet backdoor 2016-02-29 12:02:49 -06:00
William Vu 53d703355f Move Fortinet backdoor to module and library 2016-02-29 11:57:42 -06:00
wchen-r7 53ff3051e1
Land #6531, NETGEAR ProSafe Network Management System 300 auth'd File Download 2016-02-26 10:53:16 -06:00
wchen-r7 bc050410a6 Allow max traversal depth as an option, and report cred 2016-02-26 10:52:30 -06:00
wchen-r7 051506694f
Land #6574, add Linknat Vos Manager Traversal aux module 2016-02-25 22:02:56 -06:00
wchen-r7 d14ec657e2
Land #6564, Add Apache Karaf Command Execution Module 2016-02-25 14:47:40 -06:00
wchen-r7 1d2ec7a239 Rescue OpenSSL::Cipher::CipherError 
Our current net/ssh library is out of date, so we need to rescue
OpenSSL::Cipher::CipherError.
 2016-02-25 14:46:53 -06:00
wchen-r7 2e268a25da
Land #6596, Apache Karaf Login Utility 2016-02-25 14:39:51 -06:00
wchen-r7 aa7c3f01a8 Update name and description 2016-02-25 14:39:19 -06:00
wchen-r7 7e25c7b87b Handle OpenSSL::Cipher::CipherError 
Our current net/ssh is petty outdated, so it is possible not being
able to connect to certain SSH servers.
 2016-02-25 14:35:37 -06:00
William Vu 7d20e26a35 Move to aux/scanner/ssh 2016-02-25 11:22:50 -06:00
William Vu f52f44cde0 Remove session_setup, since we're not in a shell 
A real shell. A real human bean.
 2016-02-25 11:21:45 -06:00
nixawk 6ef4026698 get_ptr - save_note(ip, 'get_ptr', records) 2016-02-25 21:43:13 +08:00
nixawk dfff94a243 save ip/domain relationships 2016-02-25 21:14:40 +08:00
Tyler Bennett ff3a554b4d added an unless to wrap around the print and report_creds func for nas module to only execute if ftpuser and ftppass is non-blank 2016-02-24 13:53:30 -05:00
Tyler Bennett 16d7b2e6ff cleaned up unless code for nas module and setup ftpuser and ftppass to only if non blank 2016-02-23 17:37:47 -05:00
dmohanty-r7 6aa6280eff
Try USERNAME before DEFAULTCRED 2016-02-23 13:44:44 -06:00
Tyler Bennett 4eabe43273 fixed issues with capturing regex 2016-02-23 12:27:07 -05:00
Tyler Bennett c191e5b8e1 corrected authors file and cleaned up debug statements 2016-02-23 11:41:12 -05:00
Jon Hart c79eab2c7f
Land #6241, @talos-arch3y's aux module for Dahua DVR CVE-2013-6117 2016-02-23 08:20:54 -08:00
nixawk f0da8e9adf bing_search - ConnectionTimeout 2016-02-23 18:56:34 +08:00
Pedro Ribeiro 5710c85a9e Style changes 2016-02-23 15:15:57 +07:00
dmohanty-r7 07ac13326e
Allow user to try other login credentials 2016-02-22 17:47:32 -06:00
dmohanty-r7 c0180b23fa
Update description 2016-02-19 13:39:13 -06:00
dmohanty-r7 33aaeb4ac9
Update authors 2016-02-19 11:53:17 -06:00
Vex Woo 91822f2861 Merge pull request #12 from jhart-r7/pr/fixup-6187 
More fixup for #6187 (auxiliary/gather/enum_dns)
 2016-02-19 19:12:17 +08:00
Jon Hart 1f5285bca7
Better handling of AXFR if ns records won't resolve on target NS 2016-02-18 22:15:06 -08:00
nixawk 0e185a34bf get_ns / notes nameservers 2016-02-19 14:03:05 +08:00
Jon Hart 42c64b51bb
Remove all report_host instances in enum_dns 
the forced resolution of names won't fly
 2016-02-18 21:41:51 -08:00
Jon Hart 65a3cc2921
Remove duplicated SIP SRV record lookup 2016-02-18 21:41:09 -08:00
nixawk da3c382869 add function domain2ip 2016-02-19 12:35:31 +08:00
nixawk 4ef5cf420c rename the module 2016-02-19 11:18:55 +08:00
nixawk a87c503ae4 merge bing/yahoo subdomains search 2016-02-19 11:17:08 +08:00
wchen-r7 a82ce40c40 Update ibm_tsm_dos name 
For some reason I actually modified the name, but I didn't mean
to.
 2016-02-18 16:07:46 -06:00
James Lee adb175136e Fix extra whitespace and unused vars in call 2016-02-18 15:18:29 -06:00
nixawk 9afe5517f7 return unless domains -> return if domains.empty? 2016-02-18 10:26:45 +08:00
nixawk 15f6992aec add yahoo_search_domain(domain) / yahoo_search_ip(ip) 2016-02-18 00:03:28 +08:00
nixawk 29185271a7 report domains/ips to (notes / hosts) 2016-02-17 11:41:59 +08:00
Brent Cook 3d1861b3f4 Land #6526, integrate {peer} string into logging by default 2016-02-15 15:19:26 -06:00
nixawk 2428d5127c add Yahoo Search Engine Subdomains Collector 2016-02-16 03:11:38 +08:00
nixawk 7ca0255ea1 Module should not be marked executable 2016-02-15 12:57:43 +08:00
nixawk f35230b908 add Linknat Vos Manager Traversal 2016-02-15 12:39:40 +08:00
Nicholas Starke 3416a24dda Adding vprint_status for loot path 
Adding a vprint_status to show users the loot
path as per a comment on the pull request.
 2016-02-14 11:19:20 -06:00
Spencer McIntyre c9c4f49aca Add get_file method and parse the server response 2016-02-13 17:20:37 -05:00
wchen-r7 b2765a296f
Land #6547, IBM Tivoli Storage Manager Fastback Denial of Service 2016-02-11 22:05:21 -06:00
wchen-r7 3121093898 Update metadata, plus other minor changes 2016-02-11 22:04:05 -06:00
Nicholas Starke cdaa2a8c43 Adding Apache Karaf Command Execution Module 
This module establishes an SSH session using default
credentials and then executes a user defined operating system
command.  This is part of GitHub Issue #4358.
 2016-02-10 16:48:08 -06:00
William Webb c874699b82 removed ranking 2016-02-10 11:45:09 -06:00
William Webb 4c6cb03548 more build errors 2016-02-10 11:40:21 -06:00
William Webb 72f5a33804 addressed CI errors 2016-02-10 11:34:05 -06:00
William Webb 51604fa24a made necessary inheritance changes 2016-02-10 10:59:11 -06:00
William Vu 5f0add2a8b
Land #6541, typo fix for cisco_ssl_vpn 2016-02-09 17:13:24 -06:00
William Vu 240cbb91be s/resp/res/ 2016-02-09 17:12:09 -06:00
William Webb eadbb6b582 moved module to modules/auxiliary/dos/misc 2016-02-09 11:44:01 -06:00
alexandrinetorrents c0a8b01c2b Addition of multiple read/write to auxiliary/scanner/scada/modbusclient.rb 2016-02-08 13:13:51 +01:00
wchen-r7 cd7046f233 Change method name "method" to "http_method" for http_traversal.rb 
We accidentally override "#method", which is bad.
 2016-02-07 23:15:46 -06:00
Brendan Coles 40633ea7cd Check filepath length 2016-02-08 01:11:18 +00:00
Brendan Coles df825913b8 Use default timeout 2016-02-07 07:11:47 +00:00
Brendan Coles e0e67f5507 Remove unnecessary check for FILEPATH 2016-02-07 02:05:15 +00:00
wchen-r7 2171c344e5 Fix #6539, correct a typo in report_cred 
Fix #6539
 2016-02-06 13:23:21 -06:00
Jon Hart 55c8d23e1f
Handle refused connections during axfr 2016-02-04 09:23:49 -08:00
Jon Hart 52d81f7e93
More/better status printing for big query types 2016-02-04 09:18:26 -08:00
Jon Hart c025458d22
More consistent record type printing 2016-02-04 09:12:36 -08:00
Jon Hart c630f791c3
Remove loot storage from enum_dns. Loot is appropriate for this use case 2016-02-04 09:10:08 -08:00
Jon Hart 4408742930
Fix storage of SRV record notes 2016-02-04 09:08:21 -08:00
Pedro Ribeiro b64294abc9 Create file for CERT VU 777024 (auth download) 2016-02-04 07:57:48 +08:00
Jon Hart cd86db2734
Update ssh_identify_pubkeys to support symbolic path names 2016-02-03 14:21:54 -08:00
Jon Hart 53d4e31844
Allow OptPath to valid symbolic paths that need expansion 2016-02-03 14:12:03 -08:00
Jon Hart 49beca4e40
Fix ssh_identify_pubkeys to accept keyfiles with authorized commands 
Previously, something like this would fail:

command="/some/script.sh" ssh-rsa adsfadfa root@whatever

This format is valid authorized_keys and should work here too.  It does
now.
 2016-02-03 13:50:17 -08:00
Jon Hart dbcef2c755
Deregister unused options 2016-02-03 13:20:30 -08:00
Jon Hart ef75845d01
Better fetching/saving of SRV records 2016-02-03 13:07:20 -08:00
James Lee 47c0a3b4a7
Get some stragglers that had a different format 2016-02-01 16:21:10 -06:00
James Lee 8094eb631b
Do the same for aux modules 2016-02-01 16:06:34 -06:00
wchen-r7 f5ee6ce2f3 Better service reporting for snmp_login 
Report the snmp string and update the module title & description
to better clarify what the module really does.
 2016-02-01 12:24:19 -06:00
Brent Cook cd56470759
Land #6493, move SSL to the default options, other fixes 2016-01-29 11:09:51 -06:00
Jon Hart 1749932bb4
Cleanup loot saving output 2016-01-28 14:16:47 -08:00
Jon Hart 6646785902
Don't enumerate other possible domains via TLD expansion by default 2016-01-28 14:09:09 -08:00
Jon Hart 86e7cd92c0
Minor style nit on printed NS records 2016-01-28 14:08:20 -08:00
Tod Beardsley 8af751be41
Land #6470, Telisca IPS Lock (and Unlock) 2016-01-27 16:41:25 -06:00
Tod Beardsley 86c025de25
Title and description fixes for #6470 2016-01-27 16:40:06 -06:00
Brent Cook 115c63e4ba karaf default credential scanner PoC 2016-01-27 03:27:48 -05:00
wchen-r7 6187354392
Land #6226, Add Wordpress XML-RPC system.multicall Credential BF 2016-01-23 00:12:46 -06:00
wchen-r7 064af0d670 Remove unwanted comment 2016-01-23 00:11:58 -06:00
KINGSABRI ad3eed525b Handing newer version of WP, fallback CHUNKSIE to 1 2016-01-23 08:06:27 +03:00
wchen-r7 53e9bd7f51 This line does nothing 2016-01-22 18:55:45 -06:00
wchen-r7 0f9cf812b7 Bring wordpress_xmlrpc_login back, make wordpress_multicall as new 2016-01-22 18:54:20 -06:00
wchen-r7 91db2597c7 normalize URIs 2016-01-22 11:27:26 -06:00
wchen-r7 b02c762b93 Grab zeroSteiner's module/jenkins-cmd branch 2016-01-22 10:17:32 -06:00
Christian Mehlmauer 484d57614a
remove re-registered ssl options 2016-01-22 09:54:52 +01:00
wchen-r7 216986f7af Do API documentation, rspec, and other small changes 2016-01-21 17:22:14 -06:00
KINGSABRI a8feb8cad5 make passwords faster for reading huge wordlest files 2016-01-21 03:32:50 +03:00
KINGSABRI 4cb19c75a6 Enhance the module and add version check 2016-01-21 03:19:31 +03:00
wchen-r7 fcaef76215 Do a version check 
This attack is not suitable for newer versions due to the
mitigation in place.
 2016-01-20 17:14:44 -06:00
nixawk ad107a2d1c Show - No Auth Required - Just Once 2016-01-19 08:29:33 +08:00
nixawk 0b78406d29 clear Metasploit::Framework::LoginScanner::REDIS.new 2016-01-16 13:12:04 +08:00
nixawk b2983e1ee7 replace #{rhost}: #{rport} with #{peer} 2016-01-16 13:05:35 +08:00
nixawk 2abaca3f6b include Msf::Auxiliary::Redis / Remove default RPORT option 2016-01-16 12:58:02 +08:00
nixawk 643ebfed7e format print_status output for get_srv/get_tld 2016-01-16 11:21:16 +08:00
kfr-ma 3d04f405b4 Update telisca_ips_lock_control.rb 
commit the changes mad by sinn3r and replace headers on lock and unlock
 2016-01-15 15:05:24 +00:00
wchen-r7 477dc64e1e Rename module 2016-01-14 19:45:00 -06:00
wchen-r7 eb6cff77bc Update the code to today's standards 
Mainly making sure it is following the Ruby style guide, and
avoid unrecommended coding practices.
 2016-01-14 19:38:59 -06:00
kfr-ma 46f06516ad Update /telisca_ips_lock_abuse 
cleaning the code
 2016-01-14 11:13:10 +00:00
Karim Reda Fakhir d5dd5d55a6 modified: modules/auxiliary/scanner/voice/telisca_ips_lock_abuse.rb 
modified:   modules/auxiliary/voip/telisca_ips_lock_abuse.rb
 2016-01-14 11:06:26 +00:00
Fakhir Karim Reda aae86d8bc0 new file: modules/auxiliary/scanner/voice/telisca_ips_lock_abuse.rb 2016-01-14 00:12:55 +00:00
Fakhir Karim Reda c18253d313 deleted: modules/auxiliary/scanner/http/symantec_brightmail_ldapcreds.rb 2016-01-14 00:03:25 +00:00
Fakhir Karim Reda 60ef1eae90 adding modules/auxiliary/voip/telisca_ips_lock_abuse.rb 2016-01-14 00:00:04 +00:00
Fakhir Karim Reda 25eb311518 readding modules/auxiliary/voip/telisca_ips_lock_abuse.rb 2016-01-13 23:53:02 +00:00
Fakhir Karim Reda 1e37ff9701 Merge branch 'master' of github:kfr-ma/metasploit-framework into test_telisca_ipslock 
merge
 2016-01-13 23:20:50 +00:00
Fakhir Karim Reda 01b8302db1 delte modules/auxiliary/scanner/voice/telisca_ips_lock_abuse.rb 2016-01-13 23:19:35 +00:00
Fakhir Karim Reda 1b9563b82a rm modules/auxiliary/voip/telisca_ips_lock_abuse 2016-01-13 23:09:35 +00:00
Fakhir Karim Reda c68d2a8e0a replace telisca_ips_lock_abuse.rb 2016-01-13 22:59:18 +00:00
Fakhir Karim Reda 457e569f3b replacing telisca-ips-lock 2016-01-13 22:50:58 +00:00
Karim Reda Fakhir 8b03b719e8 Adding auxialiary modules : 
+ symantec_brightmail_ldapcreds.rb
+ telisca_ips_lock_abuse.rb
 2016-01-13 15:19:07 +00:00
nixawk e491502023 handle exception - ResolverArgumentError 2016-01-12 00:48:02 +08:00
Jonathan Harms 5266860cec Squashed more commits back into 1 2016-01-07 17:53:49 -06:00
Tyler Bennett c245e64239 added peer to each print statement and rex table 2016-01-06 13:22:30 -05:00
wchen-r7 6e65d1d871
Land #6411, chinese caidao asp/aspx/php backdoor bruteforce 2016-01-06 12:03:17 -06:00
nixawk 408b8fa4fd handle exception - (get_tld - ArgumentError / get_mx - SocketError) 2016-01-07 00:54:03 +08:00
nixawk eecd75262c handle exception - (get_tld - ArgumentError / get_mx - SocketError) 2016-01-07 00:25:28 +08:00
nixawk 71acff5733 output scan results (set VERBOSE false) 2016-01-06 23:55:48 +08:00
nixawk a54a7aeb02 redis only need password for authentication 2016-01-06 17:05:49 +08:00
wchen-r7 bdda8650a2 Do not support username, because the backdoor doesn't use one 2016-01-06 02:02:11 -06:00
Jon Hart d626d7f0c9
Land #6416, @all3g's rewrite/improvements to redis_server 2016-01-05 19:02:26 -08:00
Jon Hart 90ea88e5ba
Make command used configurable 2016-01-05 16:23:10 -08:00
Jon Hart 3ccdd12ecb
Put peer first in all prints 2016-01-05 16:09:50 -08:00
Jon Hart 1d997234cb
Remove unnecessary degistering of RHOST 2016-01-05 16:08:18 -08:00
Tyler Bennett aa2922e6c3 added in verbose mode for ddns and fixed report_email_creds issue 2016-01-05 14:54:48 -05:00
nixawk 8a76bbafff Add peer to vprint_error 2016-01-06 01:51:23 +08:00
Jon Hart eef154420b This is a scanner, so vprint things that occur frequently 2016-01-05 09:06:36 -08:00
Jon Hart 63324bd77d Rescue correct exceptions 2016-01-05 09:05:32 -08:00
Jon Hart 1b48556456 Use cleaner hash syntax 2016-01-05 09:05:32 -08:00
nixawk 9714923824 ensure disconnect / remove self.class from register_options 2016-01-06 00:54:54 +08:00
William Vu 6cb9ad0d72
Land #6435, unaligned def/end fix 2016-01-05 09:59:25 -06:00