infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
44,671 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

455 Commits (e6c4fb1dab7e47482ecce10bb5786c3214880d8c)

Author SHA1 Message Date
William Vu 8e4b007edc Move verify_arch to dcerpc_getarch 
We can use this code elsewhere, such as the MS17-010 scanner.
 2017-12-14 02:08:25 -06:00
h00die c90f885938 Finished spelling issues 2017-09-17 16:00:04 -04:00
TC Johnson 8989d6dff2
Modified Accuvant bog posts to the new Optive urls 2017-08-02 13:25:17 +10:00
multiplex3r b2ecaa489d Rescue only RubySMB::Error::CommunicationError 2017-07-27 19:19:45 +10:00
multiplex3r f2091928ec Adding no SMBv1 error handler for ms17-010 exploit 2017-07-27 16:21:09 +10:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
Brent Cook 1d290d2491 resurrect one print_error/bad conversion for symmetry 2017-07-24 05:55:34 -07:00
g0tmi1k ef826b3f2c OCD - print_good & print_error 2017-07-19 12:48:52 +01:00
g0tmi1k b8d80d87f1 Remove last newline after class - Make @wvu-r7 happy 2017-07-19 11:19:49 +01:00
g0tmi1k 4720d1a31e OCD fixes - Spaces 2017-07-14 08:46:59 +01:00
g0tmi1k fd843f364b Removed extra lines 2017-07-14 08:17:16 +01:00
g0tmi1k 424522147e OCD fixes - Start of *.rb files 2017-07-13 23:53:59 +01:00
Brent Cook d20036e0fb revise spelling, add heartbleed and tidy checks 2017-06-28 18:50:20 -04:00
Brent Cook 461ab4501d add 'Also known as', AKA 'AKA', to module references 2017-06-28 15:53:00 -04:00
Stephen Shkardoon (ss23) a968a74ae0
Update ms17_010_eternalblue description and ranking. 
The module has been noted to cause crashes, reboots, BSOD, etc, on
some systems.
 2017-06-09 11:01:48 +12:00
David Maloney d5e74ffdf3
Merge branch 'master' into feature/eternal_blue/rubysmb_refactor 2017-05-30 13:59:31 -05:00
David Maloney a5f910ea63
move trans2 conditional to case statement 
this is cleaner as a case statement
 2017-05-30 13:52:29 -05:00
David Maloney b65c959347
limited port of the trans2 exploit packets 
ported some of the Trans2 packets for EternalBlue
over to RubySMB, but there is so much jacked up about these
packets I'm not sure we can do much more here
 2017-05-30 13:49:27 -05:00
William Vu 72ff4fbf48 Reword warning message, since it didn't make sense 2017-05-30 13:13:08 -05:00
William Vu 890d35cc30 Fix warning placement to be more helpful 2017-05-30 13:06:23 -05:00
David Maloney e9ac3fce5a
update credential mode for EB exploit 
ExternalBlue can now just flat out take
credentials to authenticate with. If credentials
are not supplied then it will still do the
anonymous login.
 2017-05-30 10:55:28 -05:00
Brent Cook beb1cef835 rescue connection failure for netbios, suggest how to fix it 2017-05-30 08:06:39 -05:00
William Vu a781480e89 Add error handling to get_once 
And check for specific ack result/reason for 32-bit.
 2017-05-29 22:28:50 -05:00
William Vu 6e253a5be7 Use Rex::Proto::DCERPC::Response 2017-05-29 21:58:03 -05:00
William Vu 42b14a93b8 Add comments 2017-05-28 23:45:09 -05:00
William Vu 7a2944d113 Implement VerifyArch for ETERNALBLUE 2017-05-28 23:26:59 -05:00
David Maloney ee5f37d2f7
remove nt trans raw sock op 
don't send the nt transact packet as raw
socket data, instead use the client send_recv
method
 2017-05-26 15:50:18 -05:00
David Maloney f0f99ad479
nttrans packet setup correctly,everything broken 
got the nttrans packet setup correctly but somewhere
along the line i broke the whole exploit wtf?
 2017-05-26 14:54:46 -05:00
David Maloney 0b0e2f64ca
update SMB1 "Freehole" packet 
the 'Freehole' packet is now generated with
RubySMB and sent by the client, rather than raw bytes
sent over the bare socket
 2017-05-25 13:43:16 -05:00
David Maloney bc8ad811aa
remove old anonymous login packet 
we are now using the anonymous login from the
RubySMB client we no longer need this method to
manually build the packet
 2017-05-25 10:49:42 -05:00
David Maloney 238052a18b
use RubySMB client echo 
replaced the manually created echo packet
with the RubySMB client echo command
 2017-05-25 10:47:14 -05:00
David Maloney 4ffe666b52
improve the cred fallback 
we might get a successful sessionsetup
but a failure on IPC$ due to anonymous access
 2017-05-24 17:36:07 -05:00
David Maloney 4c02b7b13a
added credentialed fallback 
if anonymous login is blocked, then the user can
supply credentials for the exploit to try as a fallback
 2017-05-24 16:09:51 -05:00
David Maloney dc67fcd5a8
use RubySMB for anonymous login 
use the new anonymous login capabilities in
RubySMB
 2017-05-24 15:40:05 -05:00
William Vu e4ea618edf
Land #8419, ETERNALBLUE fixes (round two) 
Hope I resolved the conflicts correctly.
 2017-05-23 17:03:21 -05:00
William Vu f80c3aa3f4 Correct absolute path 2017-05-23 16:50:25 -05:00
HD Moore 036f063988 Fix a stack trace when no SMB response is received 2017-05-19 16:24:41 -05:00
zerosum0x0 bdf121e1c0 x86 kernels will safely ret instead of BSOD 2017-05-17 23:48:14 -06:00
zerosum0x0 d944bdfab0 expect 0xC00000D 2017-05-17 23:05:20 -06:00
zerosum0x0 646ca14375 basic OS verification, ghetto socket read code 2017-05-17 22:48:45 -06:00
zerosum0x0 6fb4040d11 add core buffer dump for OS version 2017-05-16 23:18:39 -06:00
William Vu 6d81ca4208
Fix Array/String TypeError in ms17_010_eternalblue 2017-05-16 15:53:34 -05:00
William Vu e24de5f110
Fix Class/String TypeError in ms17_010_eternalblue 2017-05-16 15:41:16 -05:00
zerosum0x0 53bb5a8440 Update ms17_010_eternalblue.rb 2017-05-16 10:43:43 -06:00
zerosum0x0 cb4c700e62 fix typo 2017-05-14 21:52:36 -06:00
zerosum0x0 865a36068e sleep fix and new shellcode 2017-05-14 21:45:19 -06:00
zerosum0x0 e3dcf0ab2d added docs 2017-05-14 19:22:26 -06:00
zerosum0x0 9634f974dd fix msftidy 2017-05-14 18:14:02 -06:00
zerosum0x0 fa79339432 eternalblue module 2017-05-14 18:11:41 -06:00
William Vu 64452de06d Fix msf/core and self.class msftidy warnings 
Also fixed rex requires.
 2017-05-03 15:44:51 -05:00