Commit Graph

100 Commits (de2bf0181c4c2b150e8911460a803c7ae0ef8d01)

Author SHA1 Message Date
William Vu d301752a88 Fix whitespace 2015-02-25 13:16:03 -06:00
RageLtMan 2e58a3d1dd Update credential reporting mechanism
Replace :report_auth_info deprecated method with hooks into the
Metasploit Credential based system.
2015-02-22 02:49:54 -05:00
RageLtMan 8ace041a23 TCP option for Lantronix Telnet Password Recovery
This commit adds a CHECK_TCP option to the Lantronix password
disclosure module. If set to true, a TCP port will be used to
check for the disclosure instead of the default UDP configuration.
2015-02-21 20:22:18 -05:00
HD Moore b1726fd609 Missing comma 2015-02-07 11:56:22 -06:00
HD Moore 8d982e3286 Pass the framework/module down into LoginScanner 2015-02-07 11:50:30 -06:00
Tod Beardsley b533f74024
Add a bruteforce_speed option to all LoginScanners 2014-12-11 11:06:32 -06:00
Tod Beardsley 09617f990b Implement BRUTEFORCE_SPEED respect (telnet)
This implements just for telnet, but assuming this strategy is kosher,
it's not too painful to add for the rest of the LoginScanner using the
old defaults used by `AuthBrute`.

See #3904, @dmaloney-r7 or @jlee-r7
2014-12-09 15:40:43 -06:00
James Lee 46acf08e2d Merge remote-tracking branch 'upstream/master' into bug/msp-11497/loginscanner-tcp-evasions 2014-10-22 09:09:34 -05:00
James Lee e76ee294a1
Restore tcp evasions to telnet 2014-10-21 09:44:55 -05:00
URI Assassin 35d3bbf74d
Fix up comment splats with the correct URI
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
sinn3r 9500038695 Fix #3995 - Make negative messages less verbose
As an user testing against a large network, I only want to see
good news, not bad news.
2014-10-11 11:11:09 -05:00
David Maloney 00ec47fb83
call new prepend cred methods
add method calls o all the lgoinscanner modules
so that they call the prepend_db_* methods as approrpiate
these methods automatically check to see if DB_ALL_CREDS was
selected
2014-09-04 12:32:35 -05:00
David Maloney 4821851ae4
telnet and ssh next 2014-08-01 14:47:08 -05:00
Trevor Rosen bebf11c969
Resolves some Login::Status migration issues
MSP-10730
2014-07-16 21:52:08 -05:00
Samuel Huckins a5d88fd2ab
Space in arg list, because I don't hate feedom. 2014-06-12 10:29:14 -05:00
David Maloney c074ebda7b
refactor telnet_login 2014-06-11 17:46:42 -05:00
Tod Beardsley c83262f4bd
Resplat another common boilerplate. 2013-10-15 14:07:48 -05:00
Tod Beardsley 23d058067a
Redo the boilerplate / splat
[SeeRM #8496]
2013-10-15 13:51:57 -05:00
Tab Assassin abb52a086c Retab changes for PR #2316 2013-09-05 13:33:59 -05:00
Tab Assassin 8665de0261 Merge for retab 2013-09-05 13:33:49 -05:00
jvazquez-r7 560d384633 Do first modification to Auxiliary::Login and Auxiliary::AuthBrute 2013-08-31 23:38:04 -05:00
Tab Assassin 41e4375e43 Retab modules 2013-08-30 16:28:54 -05:00
Christian Mehlmauer 95948b9d7c msftidy: remove $Revision$ 2013-01-03 00:58:09 +01:00
Christian Mehlmauer ca890369b1 msftidy: remove $Id$ 2013-01-03 00:54:48 +01:00
sinn3r d2885d9045 Correct US Cert references 2012-12-13 14:19:53 -06:00
sinn3r 6b033fb1a8 Only store the password when there's one 2012-11-14 01:25:32 -06:00
jgor 212179b95e change behavior to explicitly note when password is not set (or enhanced password supercedes it) as opposed to an empty string password 2012-11-13 23:49:45 -06:00
jgor 721cf41f47 fix nil class error on non-lantronix hosts 2012-11-13 23:46:59 -06:00
Michael Schierl 910644400d References EDB cleanup
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
sinn3r 0675a6171b Cosmetic changes 2012-10-17 17:30:16 -05:00
jvazquez-r7 3bd84e255f minor cleanup 2012-10-17 22:06:47 +02:00
jgor 9af727388f deleted superfluous code and comments 2012-10-17 14:27:00 -05:00
jgor 79da6c7186 added Lantronix telnet password recovery module 2012-10-14 12:46:52 -05:00
David Maloney f75ff8987c updated all my authour refs to use an alias 2012-09-19 21:46:14 -05:00
sinn3r 9d97dc8327 Add Metasploit blogs as references, because they're useful. 2012-09-03 15:57:27 -05:00
HD Moore 073205a875 Merge branch 'master' into feature/vuln-info 2012-06-18 20:21:36 -05:00
RageLtMan 909614569a Revert "Banner encoding fix when running against dd-wrt on ruby 1.9.3"
This reverts commit 89d5af7ab2fe1ce31cd70561893d94bb73f3762c.

Telnet banner parsing restored
2012-06-18 10:44:06 -04:00
HD Moore c388cba421 Fix up modules calling report_vuln() to use new syntax 2012-06-17 23:39:20 -05:00
RageLtMan 77f95df1e9 Banner encoding fix when running against dd-wrt on ruby 1.9.3 2012-05-21 14:50:57 -05:00
Tod Beardsley 7a78c99c5e Adding credit to original PoC guy for RuggedCom
Just added and commented. It'd be nice to have a real spot for this kind
of credit, because it comes up a lot and it's hard to parse out in a
machine way who 'wrote' the module and who came up with the exploit.
2012-05-16 13:47:15 -05:00
sinn3r 79a590ccf7 Merge pull request #380 from wchen-r7/bmerinofe-telnet_ruggedcom
Modified version of pull request #379 - RuggedCom Telnet Password Generator by bmerinofe
2012-05-13 11:13:27 -07:00
sinn3r 15fbb1e86c This the modified version of pull request #379. Changes include:
* Add more references
* Update description
* MSF license disclaimer
* Remove the to() function. Instead it's in run_host()
* Put 'info' in the :proof key
* Remove ::Exception handling, so we can see the original that's also logged in framework.log
2012-05-13 04:09:17 -05:00
HD Moore 1d2581ebf4 Cosmetic 2012-04-21 14:51:20 -05:00
Tod Beardsley 2f3bbdc00c Sed replacement of exploit-db links with EDB refs
This is the result of:

find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/\([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
sinn3r aeb691bbee Massive whitespace cleanup 2012-03-18 00:07:27 -05:00
Tod Beardsley 4369f73c7a Msftidy fixes on new modules
Dropped a cryptic year reference from jducks' java module, found a
spurious space in thelightcosine's telnet module.
2012-02-29 10:42:43 -06:00
David Maloney a6b10862bd Adds a lantronix telnet discovery module 2012-02-23 17:22:32 -06:00
HD Moore ceb4888772 Fix up the boilerplate comment to use a better url 2012-02-20 19:40:50 -06:00
sinn3r a758462a32 Remove some whitespace 2012-02-13 11:01:26 -06:00
David Maloney bf425a6744 Fixed bug that prevented telnet sessions from opening with good creds 2012-01-06 16:59:08 -08:00