Commit Graph

8396 Commits (dfd9dd70e6c6929c3af247bdc3f7a0f685e7cdbf)

Author SHA1 Message Date
Joshua Drake db28497900 add an extra check for JAVA_HOME
git-svn-id: file:///home/svn/framework3/trunk@11118 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 01:11:17 +00:00
Tod Beardsley fb79d97bca Allow for things external to a scanner module to come in an kill all the threads with the mod.seppuko!() method.
git-svn-id: file:///home/svn/framework3/trunk@11117 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 00:08:39 +00:00
James Lee 7581ce0153 try the payload's arch/platform if we don't have an associated exploit
git-svn-id: file:///home/svn/framework3/trunk@11116 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-23 20:37:32 +00:00
James Lee b3b43bbb8b fix a bug in arch detection when an EncodedPayload's pinst is an EncodedPayload instead of a Payload
git-svn-id: file:///home/svn/framework3/trunk@11115 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-23 20:34:27 +00:00
Joshua Drake cf25de6658 fix argument error due to bad override
git-svn-id: file:///home/svn/framework3/trunk@11114 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-23 18:12:08 +00:00
HD Moore fc5fcaea57 Handle unlicensed nexpose instances better
git-svn-id: file:///home/svn/framework3/trunk@11109 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-23 05:03:58 +00:00
James Lee 23a6874954 add support for browsers other than firefox, starting with sensible-browser to try to use the system default. fixes #3059, thanks Larry Wert for the patch
git-svn-id: file:///home/svn/framework3/trunk@11108 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-23 04:42:59 +00:00
Joshua Drake b55633af60 update enum_delicious, fixes #3230
git-svn-id: file:///home/svn/framework3/trunk@11107 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-23 01:26:59 +00:00
Joshua Drake 9c668b8daf Super-duper rservices commit -
1. Added rsh, rlogin, and rexec auth brute scanners
2. Login negotation moved into new Msf::Auxiliary::Login mixin
3. Centralized session registration for auth brute scanners
4. Telnet and SSH auth brute scanners updated to use new mixins
5. Previously committed rservices mixin (r11093)



git-svn-id: file:///home/svn/framework3/trunk@11106 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-23 01:23:24 +00:00
James Lee 90182c01f5 update documentation for executable dropper, thanks mihi
git-svn-id: file:///home/svn/framework3/trunk@11105 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-23 00:58:17 +00:00
James Lee 85a4eb703c remove examples. if a user wants examples, they can build them.
git-svn-id: file:///home/svn/framework3/trunk@11104 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-23 00:56:54 +00:00
Jonathan Cran e295408327 typo!
git-svn-id: file:///home/svn/framework3/trunk@11103 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 22:43:34 +00:00
James Lee 52389d28f4 make windows the default target
git-svn-id: file:///home/svn/framework3/trunk@11102 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 20:54:25 +00:00
James Lee 7a3770f87b don't use java_basicservice_impl in browser autopwn because it doesn't work in an iframe against IE and causes popups in other browsers
git-svn-id: file:///home/svn/framework3/trunk@11101 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 20:44:16 +00:00
HD Moore 04f9aec2d8 Pass framework into the TcpReverseDoubleSessionChannel class
git-svn-id: file:///home/svn/framework3/trunk@11100 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 19:18:24 +00:00
James Lee 669ef3b86e clarify targets
git-svn-id: file:///home/svn/framework3/trunk@11099 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 17:53:49 +00:00
James Lee 9df192497b make sure we're not turning nil into [nil], since it breaks the arch detection
git-svn-id: file:///home/svn/framework3/trunk@11098 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 17:48:35 +00:00
James Lee 1a07889c53 revert r11058, unnecessary because of the check near the bottom of the file
git-svn-id: file:///home/svn/framework3/trunk@11097 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 17:46:06 +00:00
Joshua Drake 75873aedb4 add exploit for foxit reader title stack bof
git-svn-id: file:///home/svn/framework3/trunk@11096 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 17:43:42 +00:00
Tod Beardsley 53f6416dad Makes SMB login console output more readable for default "." domain brute forcing -- masks the domain-part for the username, drops it from the machine name unless it's something more interesting.
git-svn-id: file:///home/svn/framework3/trunk@11095 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 16:16:40 +00:00
Tod Beardsley 80853f0e10 Make the MySQL aux scanner a little more helpful in the event of a missing target.
git-svn-id: file:///home/svn/framework3/trunk@11094 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 14:12:35 +00:00
Joshua Drake 14e147c931 add the rservices mixin
git-svn-id: file:///home/svn/framework3/trunk@11093 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 13:18:02 +00:00
Joshua Drake b495ca8aab add a mixin for pdf gen, see #2841
git-svn-id: file:///home/svn/framework3/trunk@11092 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 12:21:49 +00:00
Joshua Drake 3bd3ea5724 carlos, plz use the ./tools/msftidy.rb script, see #3198
git-svn-id: file:///home/svn/framework3/trunk@11091 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 09:11:25 +00:00
HD Moore 57f3008de5 Work with Ruby 1.8
git-svn-id: file:///home/svn/framework3/trunk@11090 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 05:25:13 +00:00
Joshua Drake db0a7978e6 update comments
git-svn-id: file:///home/svn/framework3/trunk@11089 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 02:39:53 +00:00
Joshua Drake 5092a8063c exclude wow64
git-svn-id: file:///home/svn/framework3/trunk@11088 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 02:35:50 +00:00
Matt Weeks 2e72926638 Add audio (microphone) recording support to stdapi.
git-svn-id: file:///home/svn/framework3/trunk@11087 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 00:32:39 +00:00
Matt Weeks e7bc3268c1 Set keywords.
git-svn-id: file:///home/svn/framework3/trunk@11086 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 00:27:29 +00:00
Matt Weeks 3c1af11268 Update header
git-svn-id: file:///home/svn/framework3/trunk@11085 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 00:23:56 +00:00
James Lee d608db778c we're not sending an applet, just a jar, clarify the output
git-svn-id: file:///home/svn/framework3/trunk@11084 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-21 19:58:04 +00:00
Joshua Drake 4be4c763c8 show cmd if -c is used, add quotes on cmdline
git-svn-id: file:///home/svn/framework3/trunk@11083 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-21 16:21:24 +00:00
Joshua Drake 66d0012200 error on platform mismatch separately
git-svn-id: file:///home/svn/framework3/trunk@11082 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-21 10:14:31 +00:00
Joshua Drake 0c4ea7908b pre-set winver
git-svn-id: file:///home/svn/framework3/trunk@11081 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-21 09:39:25 +00:00
Joshua Drake 03978e72b2 oops, raise not return
git-svn-id: file:///home/svn/framework3/trunk@11080 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-21 09:36:37 +00:00
Joshua Drake cb3b06f7ad add exploit for windows task scheduler 2.0
git-svn-id: file:///home/svn/framework3/trunk@11079 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-21 02:52:52 +00:00
James Lee 6f7af42667 add an exploit for cve-2010-3563, thanks Matthias Kaiser
git-svn-id: file:///home/svn/framework3/trunk@11078 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 23:02:35 +00:00
Joshua Drake 4c93eb974f this fixes #3602, incompatabilities TBD
git-svn-id: file:///home/svn/framework3/trunk@11077 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 22:36:38 +00:00
Joshua Drake 51fd4fb550 this fixes #3602, incompatabilities TBD
git-svn-id: file:///home/svn/framework3/trunk@11076 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 22:32:29 +00:00
Joshua Drake b5c5e21b24 this fixes #3602, incompatabilities TBD
git-svn-id: file:///home/svn/framework3/trunk@11075 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 22:28:35 +00:00
Steve Tornio eab8c24b8b add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@11074 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 20:43:56 +00:00
Joshua Drake dbcb6d0dc4 use max instead of .sort.last
git-svn-id: file:///home/svn/framework3/trunk@11073 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 18:34:10 +00:00
Joshua Drake 3b6edefe44 fix up auto targeting to not assign to "target"
git-svn-id: file:///home/svn/framework3/trunk@11072 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 18:33:34 +00:00
Joshua Drake fe9710b836 add a rand: special case for OptAddress options
git-svn-id: file:///home/svn/framework3/trunk@11071 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 18:31:14 +00:00
Joshua Drake b42a04a7aa add cakephp exploit from tdz
git-svn-id: file:///home/svn/framework3/trunk@11070 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 18:30:07 +00:00
James Lee 1c5481dcfb add a method for getting the full uri from an HttpServer to complement get_resource
git-svn-id: file:///home/svn/framework3/trunk@11069 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 18:15:20 +00:00
Steve Tornio 8f3b64e15c add cve and osvdb refs
git-svn-id: file:///home/svn/framework3/trunk@11068 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 14:17:35 +00:00
Mario Ceballos df9a0cfea8 added exploit module realwin_10.rb
git-svn-id: file:///home/svn/framework3/trunk@11067 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-18 23:45:40 +00:00
Tod Beardsley c05ff818dd Incrementally more useful survey of mixins already in use in Metasploit.
Current results, for fun:

<pre>
Msf::Exploit::Remote::Tcp                    | 268
Msf::Auxiliary::Report                       | 238
Msf::Exploit::Remote::TcpServer              | 183
Msf::Exploit::Remote::HttpServer             | 147
Msf::Exploit::Remote::HttpServer::HTML       | 141
Msf::Exploit::Seh                            | 109
Msf::Exploit::Remote::HttpClient             | 95
Msf::Exploit::FILEFORMAT                     | 70
Msf::Exploit::EXE                            | 40
Msf::Exploit::Remote::Udp                    | 33
Msf::Exploit::Remote::DCERPC                 | 32
Msf::Exploit::Remote::DCERPC_EPM             | 32
Msf::Exploit::Remote::DCERPC_LSA             | 32
Msf::Exploit::Remote::DCERPC_MGMT            | 32
Msf::Exploit::Remote::SMB                    | 31
Msf::Exploit::Remote::Ftp                    | 27
Msf::Exploit::Egghunter                      | 21
Msf::Exploit::Brute                          | 20
Msf::Exploit::Remote::BrowserAutopwn         | 16
Msf::Exploit::Remote::Imap                   | 13
Msf::Exploit::Remote::FtpServer              | 12
Msf::Exploit::BruteTargets                   | 7
Msf::Exploit::Remote::SunRPC                 | 6
Msf::Exploit::Remote::SMTPDeliver            | 6
Msf::Exploit::Remote::MSSQL                  | 5
Msf::Exploit::KernelMode                     | 5
Msf::Exploit::Remote::MSSQL_COMMANDS         | 5
Msf::Exploit::FormatString                   | 4
Msf::Exploit::CmdStager                      | 4
Msf::Exploit::Lorcon2                        | 4
Msf::Exploit::Remote::HttpServer::PHPInclude | 3
Msf::Exploit::CmdStagerVBS                   | 3
Msf::Exploit::Remote::TNS                    | 3
Msf::Exploit::Remote::Smtp                   | 2
Msf::Exploit::Remote::Dialup                 | 2
Msf::Exploit::Java                           | 2
Msf::Exploit::Remote::NDMP                   | 2
Msf::Exploit::Remote::Arkeia                 | 2
Msf::Exploit::PDF_Parse                      | 1
Msf::Exploit::CmdStagerTFTP                  | 1
Msf::Exploit::Omelet                         | 1
Msf::Exploit::TFTPServer                     | 1
Msf::Exploit::RIFF                           | 1
Msf::Exploit::Remote::SMB::Authenticated     | 1
Msf::Exploit::Capture                        | 1
Msf::Exploit::Remote::SMBServer              | 1

</pre>


git-svn-id: file:///home/svn/framework3/trunk@11064 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-18 16:40:33 +00:00
Mario Ceballos 1729f8f075 removed extra stuff.
git-svn-id: file:///home/svn/framework3/trunk@11063 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-18 12:31:55 +00:00