infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
24,792 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

24792 Commits (dcc4d25f15e9df6b59f09f4aa0983b94778d5c1f)

Author SHA1 Message Date
David Maloney 526bb4989a
more explicit requires 
LoginScanner module brings in all the deps
while the individual classes require
the module then to get their deps.
 2014-04-22 10:28:01 -05:00
David Maloney 645eef51b7
Rename CredDetail to Credential 
it was felt this was better naming
for the class. Refactored all occurence
 2014-04-22 10:25:36 -05:00
Rick Farina (Zero_Chaos) f35314b9f0 adjust Msf::Util::EXE for newer file output 
Newer releases of File have a much different output when given a jar
file. Adjust regex per egyp7's suggestion to close bug 8792 on redmine.

Failure/Error: verify_bin_fingerprint(format_hash, bin)
expected: /zip/i
got: "/dev/stdin: Java archive data (JAR)\n" (using =~)

Tested and confirmed working with file 5.17 on Gentoo Linux.
 2014-04-22 02:21:09 -05:00
David Maloney 7d05de935e Merge branch 'staging/electro_release' into feature/ssh_login_scanner 2014-04-21 19:26:49 -05:00
David Maloney f079d3f3a9
move requires into module 
move all the requires into the LoginScanner
module area to clean up requires
 2014-04-21 19:14:50 -05:00
David Maloney 9c6528f13f
use the CredDetail class 
now that we have the new CredDetail
class, use it instead of hashes
 2014-04-21 18:58:23 -05:00
David Maloney 1a6ef8dced
allow for balnk passwords 
have to alter validation slightly
to allow for blank passwords
 2014-04-21 18:57:28 -05:00
David Maloney fd1777a79f
add CredDetail class 
rather than passing dumb hashes around
added a CredDetail class that comes
with it's own conditional validations
 2014-04-21 18:26:38 -05:00
David Maloney de2bb7d66c
dd tests for #scan! 
the scan! method is mostly done
and has unit tests
 2014-04-21 17:59:50 -05:00
Wiesław Kielas fbe392a896 Add PostgreSQL TLS support to the Heartbleed scanner 2014-04-21 23:27:40 +02:00
David Maloney 2e11f80a98
refactor to use Result class 
we now use a Result class to handle
all result codes from the login attempt
 2014-04-21 15:35:16 -05:00
David Maloney d313047532
add loginscanner result class 
add a result class to have more
tightly defined return values from
the loginscanner classes
 2014-04-21 15:11:56 -05:00
William Vu 284b474591
Land #3286, release fixes 2014-04-21 14:03:00 -05:00
Tod Beardsley e514ff3607
Description and print_status fixes for release 
@cdoughty-r7, I choose you! Or @wvu-r7.
 2014-04-21 14:00:03 -05:00
Ken Smith 66b1c79da9 Update rop chain for versions 6.2 and 6.1 2014-04-21 13:27:14 -04:00
JoseMi e25ca64641 It's solved the crash when double-click on the pcap file 2014-04-21 17:49:40 +01:00
David Maloney aa1d1be786
do not create sessions with scanner 
the session creation behaviour is
currently inextricably linked to module
behaviour. We will have our scanner class
only return success status. The calling module
will be responsible for opening sessions afterwards.
 2014-04-21 11:38:48 -05:00
David Maloney 7571fe1f68
fix host validation 
host validation was buggy, fixed it
 2014-04-21 11:34:40 -05:00
Christian Mehlmauer b864c4619d
msftidy - added info messages 
this commit adds info messages to msftidy to show some info,
but stil exit with status 0 if there are not errors.
 2014-04-21 18:04:14 +02:00
OJ d8a00603b2
Land #8 - Fix style and yardoc from @jlee-r7 2014-04-21 19:29:09 +10:00
James Lee 49bd86f077
Clean up yardocs and a few style issues 2014-04-21 03:12:23 -05:00
William Vu 1faf069130
Land #3284, deprecated module cleanup 2014-04-20 23:10:55 -05:00
James Lee ee413ac385
Remove previously deprecated modules 2014-04-20 22:15:44 -05:00
Christian Mehlmauer fc803ae277
Changed msftidy check 
send_request_raw does not support vars_get so change
the message to switch to send_request_cgi.
See #3272 for more info
 2014-04-20 22:41:32 +02:00
Tom Sellers 2fd004b69e New module: Multiplatform Wireless LAN Geolocation 
This is a new POST module that allows Windows, Linux, and OSX targets to be geolocated using Google services if the target has an active and functional wireless adapter.
 2014-04-19 17:31:48 -05:00
JoseMi 3861541204 Add more rand_text_alpha functions 2014-04-19 18:37:58 +01:00
JoseMi 7bc546e69a Add rand_text_alpha function 2014-04-19 17:45:28 +01:00
David Maloney 9a15a2be04
basic login attempt functionality 
groundowkr now layed for trying
authentication attempts on the
SSH LoginScanner, with test coverage
 2014-04-18 20:08:28 -05:00
David Maloney 85349ccec4
SSH connection exception handling 
added in the exception handling
around the Net::SSH conenction
in attempt_login
 2014-04-18 18:13:05 -05:00
Brandon Turner 97ef53a1d1
Add upper bound for active-* gems 
We do not yet support ActiveRecord and ActiveSupport 4.x, so ensure our
Gemfile declares this.
 2014-04-18 16:45:07 -05:00
Brandon Turner fda6ed39f2
Land #3278, use renamed bcrypt gem instead of bcrypt-ruby 2014-04-18 16:33:51 -05:00
David Maloney 17b4d4a416
Add more attributes and validations 
Added some more attributes neccesary
for the actual running of the login scan
as well as accompanying validations and
specs
 2014-04-18 16:23:35 -05:00
Tod Beardsley af19efbd71
Use the new bcrypt gem, not bcrypt-ruby 
See the change upstream at:

273946f2ba

Reported by @ZeroChaos
 2014-04-18 15:02:42 -05:00
kenkeiras b8e0187647 Use OptPath for file path options 2014-04-18 21:56:17 +02:00
kenkeiras fb0af8a799 Remove unnecesary ssh_socket variable 2014-04-18 21:50:54 +02:00
kenkeiras c875bdadf5 Change THRESHOLD into a datastore option 2014-04-18 21:18:48 +02:00
kenkeiras 8a3329c891 Password made pseudo-random instead of a bunnch of A's 2014-04-18 21:10:34 +02:00
kenkeiras 47ff820a83 Remove unnecesary 'RHOST' deregister 2014-04-18 21:06:46 +02:00
kenkeiras cc2d4f9ed7 Remove unnecesary @good_credentials 2014-04-18 21:03:22 +02:00
JoseMi feea4c1fa6 ROP chain changed 2014-04-18 19:05:53 +01:00
William Vu 7d801e3acc
Land #3200, goodbye LORCON modules :( 2014-04-18 12:32:22 -05:00
David Maloney 613612eecb
Merge branch 'master' into feature/ssh_login_scanner 2014-04-18 11:16:18 -05:00
sinn3r 32293dfdab
Land #3277 - Be very clear about Redmine's existence 2014-04-18 10:31:16 -05:00
Tod Beardsley fe86886c29
Be very clear about Redmine's existence. 2014-04-18 10:01:54 -05:00
jvazquez-r7 c4d4af031c
Land #3276, @todb-r7's "make msftidy happy"'s fix 2014-04-18 09:54:52 -05:00
jvazquez-r7 5083143971
Land #3238, @Zinterax's timeout addition in openssl_heartbleed 2014-04-18 09:28:04 -05:00
Tod Beardsley 2a729c84f6
Fix disclosure date 2014-04-18 09:27:41 -05:00
jvazquez-r7 8a011ec9f6
Land #3197, @0x3fcoma's module for CVE-2013-5795 and CVE-2013-5880 2014-04-18 08:58:54 -05:00
jvazquez-r7 f3299e3ced Do minor code cleanup 2014-04-18 08:58:11 -05:00
Zinterax c68b7aa18f Merge pull request #1 from jvazquez-r7/review_3238 
Clean timeout handling code
 2014-04-18 09:50:33 -04:00