infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
24,963 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

7738 Commits (e629fdb47dd30e86aaf4036f645a2b53b98b49cc)

Author SHA1 Message Date
James Lee 552899ef13
Add a couple more specs for CredentialCollection 
Also fixes some typos in docs
 2014-06-06 12:12:32 -05:00
James Lee b1136752be
Add Credential#== to facilitate specs 2014-06-05 11:37:48 -05:00
James Lee 8b6e188ba8
Add support for realm in CredentialCollection 
MSP-9988
 2014-06-04 17:03:52 -05:00
James Lee b1ff6b95b5
Better docs 2014-06-04 14:44:53 -05:00
James Lee 41644970bf
Add a CredentialCollection 
Also moves Metasploit::Framework::LoginScanner::Credential to
Metasploit::Framework::Credential
 2014-06-04 13:01:09 -05:00
David Maloney 28bf29980e
Merge branch 'master' into staging/electro-release 2014-06-04 10:21:08 -05:00
Trevor Rosen ad15e6fe17 Merge pull request #35 from rapid7/feature/MSP-9678/pop3-login-scanner 
Feature/msp 9678/pop3 login scanner

MSP-9678 #land
 2014-06-03 12:11:17 -05:00
Lance Sanchez edc9f94d41
fixing issues raised in code review 
MSP-9678
 2014-06-03 11:15:26 -05:00
Tod Beardsley d0d389598a
Land #3086, Android Java Meterpreter updates 
w00t.
 2014-06-02 17:28:38 -05:00
Lance Sanchez 15fffb1668
Adding in some tests 
cleaning up the regex a bit

MSP-9678
 2014-06-02 13:50:30 -05:00
David Maloney 34004908bb
Merge branch 'master' into staging/electro-release 
Conflicts:
	.ruby-version
 2014-06-02 11:10:33 -05:00
William Vu bba741897e
Land #3413, improved FileDropper cleanup message 2014-06-02 11:05:48 -05:00
Lance Sanchez f2a2975bc1 Merge branch 'staging/electro-release' into feature/MSP-9678/pop3-login-scanner 2014-06-02 10:56:54 -05:00
Christian Mehlmauer 428df19739
Changed message 2014-06-02 17:28:09 +02:00
Meatballs 58ee2ccd6e
Land #3390, Fix have_powershell 2014-06-01 10:43:35 +01:00
Christian Mehlmauer 03b4a29662
Clarify filedropper error message 2014-05-31 22:17:32 +02:00
Trevor Rosen dee4acdb2a Merge pull request #27 from rapid7/feature/MSP-9725/windows_hashdump 
Windows Hashdump post module refactor

MSP-9725 #land
 2014-05-30 14:04:31 -05:00
Trevor Rosen 8bcd763039 Merge pull request #26 from rapid7/feature/MSP-9685/telnet_login_scanner 
Feature/msp 9685/telnet login scanner

MSP-9685 #land
 2014-05-30 13:40:18 -05:00
David Maloney 782c8bd172
Merge branch 'staging/electro-release' into feature/MSP-9725/windows_hashdump 2014-05-30 13:28:35 -05:00
David Maloney ba525c7b78
use metasploit-credential creation methods 2014-05-30 13:07:11 -05:00
David Maloney 98a23881ee
remove cred creation methods 
removed cred creation methods from framework
and include them from the metasploit-credential gem instead
 2014-05-30 11:28:53 -05:00
David Maloney e3c4745879
Windows Hashdump post module refactor 
refactor the Hashdump post module for window
to use the new cred creation methods.
Also some extra methods to do db safe checks
for record ids that we need
 2014-05-29 13:20:32 -05:00
dmaloney-r7 e669324366 Merge pull request #25 from rapid7/feature/MSP-9673/axis2-login-scanner 
Add axis2 login scanner
 2014-05-29 11:22:22 -05:00
David Maloney 2c6f89a58d
add sane default for connection timeout 2014-05-29 11:12:59 -05:00
David Maloney eb04a3774a
fixes for telnet wierdness 
had to work around the way the old
Auxiliary::Login mixin worked. Scanner
now works properly
 2014-05-29 10:43:00 -05:00
Tom Sellers aa85cb8195 Update powershell.rb 2014-05-29 05:46:32 -05:00
James Lee 572e4f2bdf
Fix dumb missing options and add spec 2014-05-28 16:32:38 -05:00
David Maloney 1bc2140fa6
Telnet LoginScanner basics 
basic Telnet LoginScanner with shell
specs. Need to test functionality
and write additional specs
 2014-05-28 14:47:58 -05:00
David Maloney 747395e383
create telnet clinet mixin 
copy paste existing stuff repurposed for use
in a real class instead of a metasploit module
 2014-05-28 13:53:50 -05:00
Lance Sanchez 07a61ae696
adding in changes from before my vacation.. 
MSP-9678
 2014-05-28 13:18:28 -05:00
David Maloney ca4c942ceb Merge branch 'staging/electro-release' into feature/MSP-9640/cred_creation 2014-05-28 09:40:44 -05:00
David Maloney 967b0d49b1
Merge branch 'master' into staging/electro-release 
Conflicts:
	Gemfile
	Gemfile.lock
 2014-05-28 09:39:56 -05:00
David Maloney deabd1c3b0
tidy the YARD 
some more cleanup, in the YARD
docs this time.
 2014-05-28 09:30:45 -05:00
James Lee 3ac2182984
First stab at axis2 login scanner 2014-05-27 23:53:04 -05:00
Tom Sellers ae1b7e564b Update powershell.rb 2014-05-27 05:18:00 -05:00
William Vu 704e4d78ca
Fix typo in client_request.rb comment 2014-05-26 23:55:48 -05:00
William Vu 0133e861f8
Fix typo 2014-05-26 23:55:20 -05:00
William Vu 352e14c21a
Land #3391, all vars_get msftidy warning fixes 2014-05-26 23:41:46 -05:00
Meatballs 1914e0abd3
Land 3393, Add session and framework vars to irb 2014-05-26 18:50:20 +01:00
jvazquez-r7 994891e9c5
Land #3383, @wchen-r7's [FixRM #8804] Fix / URIPATH for BrowserExploitServer 2014-05-25 19:51:30 -05:00
Spencer McIntyre 77e70d8bbe Add 2 more variables for meterpreter irb 2014-05-25 16:28:40 -04:00
Christian Mehlmauer da0a9f66ea
Resolved all msftidy vars_get warnings 2014-05-25 19:29:39 +02:00
Tom Sellers 42a17cc085 Update powershell.rb 
To be clear, the shell that was tested with was 'windows/shell_reverse_tcp' delivered via 'exploit/windows/smb/psexec'

Additional changes required to fix regex to support the multiline output.  Also, InstanceId uses a lower case 'D' on the platforms I tested - PowerShell 2.0 on Windows 2003, Windows 7, Windows 2008 R2 as well as PowerShell 4.0 on Windows 2012 R2.

This method doesn't appear to be used anywhere in the Metasploit codebase currently.
 2014-05-25 08:59:42 -05:00
Tom Sellers 76b9273f10 Improve reliability of have_powershell 
I have a case where on a Windows 2008 R2 host with PowerShell 2.0 the 'have_powershell' method times out.  When I interactively run the command I find that the output stops after the PowerShell command and the token from 'cmd_exec' is NOT displayed.  When I hit return the shell then processes the '&echo <randomstring>' and generates the token that 'cmd_exec' was looking for.  I tried various versions of the PowerShell command string such as 'Get-Host;Exit(0)', '$PSVErsionTable.PSVersion', and '-Command Get-Host' but was unable to change the behavior.  I found that adding 'echo. | ' simulated pressing enter and did not disrupt the results on this host or on another host where the 'have_powershell' method functioned as expected.

There may be a better solution, but this was the only one that I could find.
 2014-05-25 08:07:38 -05:00
David Maloney 32b88c2db6
final fixes to login creation 2014-05-23 10:58:21 -05:00
dmaloney-r7 85737d1235 Merge pull request #22 from rapid7/feature/MSP-9646/afp-loginscanner 
AFP login scanner
 2014-05-22 15:05:24 -05:00
dmaloney-r7 e062e88081 Merge pull request #23 from rapid7/feature/MSP-9671/tomcat-loginscanner 
Add Tomcat login scanner
 2014-05-22 15:01:47 -05:00
David Maloney fbacf80839 Merge branch 'staging/electro-release' into feature/MSP-9640/cred_creation 2014-05-22 14:39:17 -05:00
David Maloney 75d19e198b Merge branch 'staging/electro-release' of github.com:rapid7/metasploit-framework-private into staging/electro-release 2014-05-22 14:38:53 -05:00
David Maloney dcc6ed5351 Merge branch 'master' into staging/electro-release 2014-05-22 14:37:09 -05:00