infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
24,171 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

4266 Commits (dd7bceee56b23a71d376ebfd0c1dc00a557dca16)

Author SHA1 Message Date
Thanat0s dd7bceee56 fix threaded issues 2014-04-12 17:43:39 +02:00
Thanat0s d493c48cc6 add thottling,notes insert and output to dns_rev_lookup 2014-04-12 16:36:18 +02:00
Tom Sellers 634a03a852 Update to openssl_heartbleed to deal with SMTP RFC 
Added CR character in order to have the commands match SMTP RFC 5321 2.3.8 for line termination. Some SMTP services, such as the Symantec Mail Gateway, require strict compliance or the connection will be dropped with the response  '550 esmtp: protocol deviation'

Reference:
   http://www.symantec.com/business/support/index?page=content&id=TECH96829
   http://tools.ietf.org/html/rfc5321#section-2.3.8
 2014-04-14 13:27:33 -05:00
David Maloney c537aebf0f
Land #3228, JtR colon Seperation 2014-04-14 11:19:16 -05:00
Christian Mehlmauer f115a7f6e1
Fix intendation 2014-04-10 02:52:05 +02:00
gigstorm f1443c039e Updated hash value to SSLv3 
Tested and working on server that has SSLv3 only enabled
 2014-04-11 14:01:28 -07:00
gigstorm 6ab3478c7e Update to include SSL Version 3 protocol 
SSL Version 3 will also respond to this and a server configured to respond to SSL version 3 but not TLS will show false negative without this option (proven).  May need to update cipher suites to include this option.
 2014-04-11 12:41:17 -07:00
Sebastiano Di Paola a63f020a68 Fixing coding style 2014-04-11 19:39:57 +02:00
Sebastiano Di Paola 4acacb005d Fixed a bug...referring to wrong variable after filtering with regexp 2014-04-11 19:33:23 +02:00
Sebastiano Di Paola 83fe1cec65 Cleaned up Array.join call 2014-04-11 19:24:32 +02:00
Sebastiano Di Paola 55ec969bd9 Renamed FILTER -> DUMPFILTER, more intuitive and coherent 2014-04-11 19:07:57 +02:00
Sebastiano Di Paola 8268009b36 Renamed PATTERN_FILTER -> FILTER 2014-04-11 19:03:25 +02:00
Sebastiano Di Paola c378fe95c1 Added missing space in comment 2014-04-11 19:01:01 +02:00
Sebastiano Di Paola f8f710547c Fixed call to String.match with regexp pattern 2014-04-11 18:59:59 +02:00
Sebastiano Di Paola 638cb41a3f Remove Spaces at EOL, fixed if test on pattern variable 2014-04-11 18:58:05 +02:00
Sebastiano Di Paola 34fa4e29d9 Restored FTP option 2014-04-11 18:16:19 +02:00
Sebastiano Di Paola eb0e35bf25 Fixed store on file option 2014-04-11 18:07:14 +02:00
Sebastiano Di Paola c4029ea582 - Rubbish that was left dangling here around 2014-04-11 17:20:54 +02:00
Sebastiano Di Paola 1808fe470a fixed conflicts, used OptRegexp for pattern 2014-04-11 17:16:06 +02:00
Sebastiano Di Paola 4315ad2987 Fixed conflict and used OptRegexp type for pattern 2014-04-11 17:15:39 +02:00
jvazquez-r7 813e0eab89
Land #3233, @wvu-r7's improvements fort heartbleed modules 2014-04-11 09:33:57 -05:00
jvazquez-r7 e2ec53272e Fix also negative numbers 2014-04-11 09:33:27 -05:00
jvazquez-r7 fb5881d8e2
Land #2324, @sensepost and @Firefart's sftp support for heartbleed 2014-04-11 08:47:22 -05:00
jvazquez-r7 2134d676b4 Use verbose by default 2014-04-11 07:58:56 -05:00
William Vu 6675464c20
Fix a few things in the Heartbleed modules 2014-04-10 16:06:40 -05:00
Sebastiano Di Paola 9adf629ee7 Added feature to dump to file leaked memory 2014-04-10 22:51:07 +02:00
James Lee f54654a326
More refactor on jtr_linux 
Reducing complexity in `run` makes modules easier to read
 2014-04-09 19:26:34 -05:00
James Lee 7f900c2628
Micro optimizations for jtr_linux 2014-04-09 19:26:23 -05:00
James Lee 46038d58b7
Refactor jtr_linux copy pasta 
Move it to a nifty method
 2014-04-09 19:26:11 -05:00
Christian Mehlmauer 4fc272c0e9
Fix merge error 2014-04-10 00:53:14 +02:00
jvazquez-r7 f398924280
Land @Firefart's new fix for the jabber case 2014-04-09 17:52:53 -05:00
Christian Mehlmauer 98816c3a01
Added @sensepost FTP implemenation 2014-04-10 00:48:09 +02:00
singe ccfcf2cedb Added FTP STARTTLS support to heartbleed scanner. 2014-04-10 00:45:59 +02:00
jvazquez-r7 c0e682b518
Land #3225, @wvu-r7's and @hmoore-r7's improvements for openssl_heartbeat_client_memory 2014-04-09 17:39:04 -05:00
jvazquez-r7 ccdc5bd281 Switch to get since @wvu-r7 also tested successfully with get 2014-04-09 17:30:00 -05:00
William Vu b905aece38 Fix job not backgrounding 2014-04-09 17:03:57 -05:00
HD Moore ed247498b6 Make TLS negotiation optional 2014-04-09 17:03:38 -05:00
sinn3r 2de210f1c3
Land #3216 - Update @Meatballs1 and @FireFart in authors.rb 2014-04-09 16:38:10 -05:00
William Vu f56f34fb69
Land #3212, @hmoore-r7's client-side Heartbleed 2014-04-09 15:42:36 -05:00
Christian Mehlmauer a86a8fed05
Changed heartbleed jabber implementation to match openssl s_client 
see here for example implementation:
https://github.com/openssl/openssl/blob/master/apps/s_client.c#L1719
 2014-04-09 22:20:32 +02:00
William Vu 2f9a400efa
vprint_status the other message message 2014-04-09 15:11:02 -05:00
William Vu 84ce72367b
Make the output less verbose 2014-04-09 14:57:51 -05:00
Christian Mehlmauer 856ad7e83d
heartbleed - Better output on wrong jabber domain and add. nil? check 2014-04-09 21:53:17 +02:00
Jeff Jarmoc 7a424784f8 Change default TLS Version to 1.0 
Canonical testing shows this to be more widely supported, and yielding far more vulnerable hosts.  Changing default to reflect that.

Experience of others in #metasploit seems similar.
 2014-04-09 13:45:00 -05:00
Christian Mehlmauer fec089d88d
Land #3219, openssl_heartbleed XMPP fix from @natronkeltner 2014-04-09 20:42:55 +02:00
Christian Mehlmauer e2b50d3709
fix openssl_heardbleed 
-) XMPP Domain now configurable
-) Missing get_once to initiate the TLS connection
 2014-04-09 20:39:33 +02:00
jvazquez-r7 5696e52fac Fix jabber to field 2014-04-09 13:48:45 -05:00
jvazquez-r7 28a471e446
Land #3221, @Firefart's fix for pop3 starttls 2014-04-09 13:31:45 -05:00
jvazquez-r7 bea810b5d6 Add jabber fix from @natronkeltner 2014-04-09 13:11:45 -05:00
jvazquez-r7 157fb5a905 Make title more searchable 2014-04-09 12:08:35 -05:00