4cc91095de
Fix minor formatting issues
2014-02-25 13:48:37 -06:00
6783e31c67
Used the builtin send_redirect method in Msf::Exploit::Remote::HttpServer instead of creating a redirect inline
2014-02-24 15:59:49 -06:00
f1e71b709c
Added 301 Redirect option to Basic Auth module
2014-02-24 14:59:20 -06:00
b8e17c2d8e
Don't use Pcap.lookupaddrs any more
2014-01-01 18:50:15 -06:00
ff9cb481fb
Land #2464 , fixes for llmnr_response and friends
...
Fixed conflict in lib/msf/core/exploit/http/server.rb.
2013-12-10 13:41:45 -06:00
cd66cca8a1
Make browser autopwn datastore use OptRegexp.
2013-12-08 17:46:33 -06:00
b5f26455a3
Land #2545 , javascript library overhaul
2013-10-23 16:12:49 -05:00
afcce8a511
Merge osdetect and addonsdetect
2013-10-22 01:11:11 -05:00
9a3e719233
Rework the naming style
2013-10-21 20:16:37 -05:00
032da9be10
Land #2426 - make use of Msf::Config.data_directory
2013-10-21 13:07:33 -05:00
ba2c52c5de
Fixed up some more weird splat formatting.
2013-10-16 16:25:48 -05:00
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
541833e2cc
Convert llmnr_response to use Net::DNS
...
* Allows responding to AAAA requests in addition to the existing A
support
* Prevents problems when recvfrom returns a mapped address like
"::ffff:192.0.2.1"
Also:
* Fix a few typos
* capture: Don't shadow a method name (arp) with a local variable
* capture: Handle the case where our UDP send hits an ENETUNREACH
2013-10-04 12:35:30 -05:00
8b8422172f
Clean up tabs, warnings, modified datastore
2013-10-04 12:20:18 -05:00
c9cebfb3f0
Serve wpad.dat and proxy.pac in the same server
2013-10-04 12:00:53 -05:00
7ba846ca24
Find and replace
2013-09-26 20:34:48 +01:00
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
f4498c3916
Remove $Id tags
...
Also adds binary coding magic comment to a few files
2013-05-20 16:21:03 -05:00
cae30bec23
Clean up all the whitespace found
2013-04-23 18:27:11 -05:00
011b6899b0
Merge 'neinwechter/browser_autopwn-updates'
...
Brings in neinwechter's BAP fixes. Seems to not only be a more sane
strategy, but in practice, ends up with tons more shells for at least
MSIE which is what most people are using it for anyway.
[Closes #1612 ]
2013-03-20 15:26:09 -05:00
2160718250
Fix file header comment
...
[See #1555 ]
2013-03-07 17:53:19 -06:00
0ae489b37b
last of revert-merge snaffu
2013-02-19 23:16:46 -06:00
8ddc19e842
Unmerge #1476 and #1444
...
In that order. #1476 was an attempt to salvage the functionality, but
sinn3r found some more bugs. So, undoing that, and undoing #1444 as
well.
First, do no harm. It's obvious we cannot be making sweeping changes in
libraries like this without a minimum of testing available. #1478 starts
to address that, by the way.
FixRM #7752
2013-02-11 20:49:55 -06:00
5b3b0a8b6d
Merge branch 'dmaloney-r7-http/auth_methods' into rapid7
2013-02-08 12:45:35 -06:00
77390a5935
Fix a bug reported by Tom Liston
2013-02-06 23:34:55 -06:00
2c3de43f4b
datastore opts cleanup
...
cleanuo digestauth datastore options in modules
2013-02-04 12:10:44 -06:00
2776047553
Merge branch 'smb_cap' of github.com:Meatballs1/metasploit-framework into Meatballs1-smb_cap
2013-01-09 16:09:35 -06:00
4cadffc06a
msftidy
2013-01-09 10:37:40 +00:00
46139849a9
Move to .empty? over length
2013-01-09 10:36:06 +00:00
a8400030f8
Also correct outut of hash when length is 0
2013-01-09 10:26:57 +00:00
d36fcd5441
Fix smb capture error
2013-01-09 09:50:21 +00:00
33751c7ce4
Merges and resolves CJR's normalize_uri fixes
...
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules
Note that this trips all kinds of msftidy warnings, but that's for another
day.
Conflicts:
modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
modules/exploits/windows/http/xampp_webdav_upload_php.rb
2013-01-07 11:16:58 -06:00
95948b9d7c
msftidy: remove $Revision$
2013-01-03 00:58:09 +01:00
ca890369b1
msftidy: remove $Id$
2013-01-03 00:54:48 +01:00
c2586d0907
Instead of raising, offer advice on BPF filtering
...
Many people don't know how to disable ICMP echo responses off the top of
their head. However, the problem is solvable with a decent BPF filter.
2012-12-27 15:18:18 -06:00
c6533621a0
Oops removing debug prints
2012-12-27 14:58:52 -06:00
c695f429d5
Mirror upstream PacketFu fix on ICMP size
2012-12-27 14:56:49 -06:00
121353b360
Fixing EOLs to unix
...
In vim:
:set fileformat=unix
:wq
ta-da
2012-12-27 13:54:50 -06:00
9fa6c9f4c4
Merge remote branch 'ChrisJohnRiley/icmp_exfil' into icmp_exfil
2012-12-27 13:52:19 -06:00
20ea56e4b9
fixed type @wchen-r7 found
...
hopefully didn't miss any others
2012-12-11 15:29:53 -05:00
717799cffd
fix typos
...
negotiate spelled wrong in a couple spots
and only 3 g's in loggging
2012-12-11 15:00:21 -05:00
46f3b8f47d
Minor changes to get Travis to rerun (The Travis build failed)
2012-11-22 16:00:38 +01:00
8c60035a2d
Renamed functions to meet coding standards
...
Added client-side tool suggestion in description and references
(newlines in the description might help readability, if this is possible?)
Added some minor logic change to stop empty filenames
2012-11-20 18:48:18 +01:00
5667cffb77
Fixed typos
2012-11-20 09:06:15 +01:00
430227a460
msftidy cleanup
2012-11-19 16:04:35 +01:00
082bba3342
Rewrite
...
Removed unrequired global vars
Added flexibility in start, continue, end responses
Added ability to set filename in BOF packet or not
Fixed BEGIN RESCUE blocks to not catch errors themselves
BEGIN ENSURE block still needed to trigger save to loot on CTRL+C
2012-11-19 16:02:53 +01:00
f88ec5cbc8
Add normalize_uri to modules that may have
...
been missed by PULL 1045.
Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)
ref --> https://github.com/rapid7/metasploit-framework/pull/1045
2012-11-08 17:42:48 +01:00
e9f7873afc
Version cleanup
...
Remove all values that are neither 0 nor $Revision$.
2012-10-22 20:57:02 +02:00
201518b66f
msftidy corrections
2012-10-17 17:22:26 -05:00
51e70c44e3
fix error message after cleanup
2012-10-03 18:44:33 +02:00
0755cbe411
cleanup: clear strings, delete unused variables, author email foramt, use of unpack
2012-10-03 18:28:03 +02:00
a0422fe500
Make failing username dynamic
2012-10-03 19:17:32 +05:30
e33da009ea
add PostgreSQL password capturing module
2012-10-02 15:16:37 +05:30
2ca134a2c3
Merge branch 'printjob_capture'
...
This lands #811 , and also brings in my changes from
ChrisJohnRiley/metasploit-framework#2
Thanks Chris!
2012-10-01 15:55:14 -05:00
1e4f8591fd
Sneaking in an author credit
2012-10-01 11:42:56 -05:00
c0bc764fd4
Retabbing for tabs, not spaces
...
I'm not a fan of the tabs either, any more. But, until we switch over
for real, let's stick with the project's whitespace conventions?
2012-10-01 11:26:58 -05:00
802924d67a
Getting rid of continuation slashes. Plz don't.
...
Continuation slashes are the devil when it comes to reading Ruby,
especially if you're reading something like:
def hello
puts "Hello world!" \
if true
end
This looks like a syntax error and hurts my eyeballs.
Please avoid this convention in the future.
2012-10-01 11:23:06 -05:00
489c9b701e
Whitespace
2012-09-28 12:47:15 -05:00
1b2240d9bd
Commenting about IPP
2012-09-28 12:38:36 -05:00
a15a2b522c
Removing IPP as a selectable mode
2012-09-28 12:38:17 -05:00
6944aab46c
Removing Id SVN splat
2012-09-28 12:37:00 -05:00
db4b19a2df
Adding Juan's fix for peerhost
2012-09-28 10:26:35 -05:00
aa8a713a30
Fix added datastore item in BAP
2012-09-26 11:55:12 -05:00
0158312615
Java meterpreter can run scripts too!
2012-09-22 16:49:16 -05:00
ce441e95a6
Corrected typo, missing \ and minor regex match
2012-09-21 22:04:19 +03:00
9753494cba
Corrected regex scan vs. match issues
...
Altered PS and PCL to elsif to avoid
double detection of printjobs.
2012-09-21 13:20:14 +02:00
f7aaae614e
Reduced instances of #{name} to client
...
connections and disconnections. All other
output should be self explanatory and
doesn't need #{name}
2012-09-21 11:08:47 +02:00
78f77a3df2
Replaced if @verbose with vprint_status
...
Corrected bug in non-detected print types
2012-09-21 10:59:39 +02:00
0032713198
description modified
2012-09-21 10:09:42 +02:00
f6baf7fe34
Merge branch 'MySQL-JtR' of https://github.com/halfie/metasploit-framework into halfie-MySQL-JtR
2012-09-21 10:08:34 +02:00
7fcc34766a
Added datastore items to BAP handlers
...
Added two datastore items to handlers created by BAP
2012-09-20 15:21:08 -05:00
3d254b69fd
Applied all requirements from pull/715
...
Reworked PCL regex to match PCL 6/XL
msftidy is still complaining about
an indent. Can't find why however!
New PULL created as per request from
jvazquez-r7
2012-09-20 18:04:36 +02:00
17f7e94f4d
Add support for dumping MySQL challenge-response pairs in JtR format
2012-09-20 13:54:12 +05:30
d0558218ee
Add non-authed OPTION response to support WebDAV
2012-08-23 15:11:10 -04:00
8d187b272d
Some error handling on ntlm relayer
...
Instead of a cryptic exception, let the user know if the HTTP target
isn't actually asking for WWW-Authenticate.
There are likely many more opportunities to catch errors, but this is
the most obvious.
2012-08-21 16:13:00 -05:00
635710402b
Removing bullet points from module description
...
Due to the vagaries of various Metasploit module description viewers, we
can't guarantee things like lists and bullet points render right.
Descriptions should avoid using these things.
2012-08-21 16:00:04 -05:00
b457289e01
Merge remote branch 'webstersprodigy/module-http-ntlmrelay'
2012-08-21 15:28:50 -05:00
65b29d149f
Update to use OptEnum for RTYPE
2012-08-20 22:45:20 -04:00
8d4b4fc7be
Some more changes before pushing to master
2012-08-20 15:43:39 -05:00
e6bda752ee
cleaned up and using HttpServer for handling requests and sending 401
2012-08-20 15:23:49 -05:00
10698e2f99
Updating HTTP Basic capture mod with edits based on MSF team suggestions
2012-08-19 19:47:01 -05:00
de380cfb46
Adding aux mod for HTTP Basic Auth capture
2012-08-19 01:51:01 -05:00
b46fb260a6
Comply with msftidy
...
*Knock, knock!* Who's there? Me, the msftidy nazi!
2012-08-07 15:59:01 -05:00
3c7ad96b45
Changing a string concat from + to <<
2012-07-22 20:28:17 -04:00
6bb31280fb
Took/tested all egypt's comments, other than the Actions one
2012-07-22 20:02:12 -04:00
33ee6ee699
Merge branch 'sip-capture' of https://github.com/nevdull77/metasploit-framework into nevdull77-sip-capture
2012-07-22 03:36:13 -05:00
08f0f693b0
change sname in report_auth_info from sip_challenge to sip_client
2012-07-20 19:48:15 +02:00
5dc985c911
fix msftidy WARNING
2012-07-20 17:15:06 +02:00
3fc1c1db73
fix problem with report_auth_info that was passed invalid host and port params.
2012-07-20 17:07:42 +02:00
d494ed9bf7
add a function to sanitize source and dest ip's to avoid breaking JtR format.
2012-07-20 13:27:45 +02:00
7ec5c0d6e0
change module to use Rex::Socket::Udp instead of Ruby's ::UDPSocket.
2012-07-19 20:34:02 +02:00
1c6ce20ad8
Merge branch 'sip-capture' of https://github.com/nevdull77/metasploit-framework into nevdull77-sip-capture
2012-07-19 10:51:57 -05:00
9c510a738e
Improve outputs
2012-07-19 10:50:58 -05:00
7cb12921d6
Don't print cli addr twice
2012-07-19 10:43:55 -05:00
afd314701e
Improve outputs
2012-07-19 10:41:25 -05:00
3253929555
Fix indent
2012-07-19 10:21:30 -05:00
ad4a4b2ae3
add module for capturing SIP authentication challenge and response pairs.
...
The module starts a fake SIP server listening for incoming REGISTER requests.
It then triggers an authentication request at the client and captures the
response for cracking in JtR or Cain.
2012-07-18 20:45:08 +02:00
6ac6e375a7
Changes according to hdm and sinn3r feedback
2012-07-17 12:02:24 +02:00
7c2ea2ff23
Merge branch 'mysql-capture' of https://github.com/nevdull77/metasploit-framework into nevdull77-mysql-capture
2012-07-17 12:01:19 +02:00
William Vu
kn0
Tod Beardsley
Joe Vennix
sinn3r
James Lee
Meatballs
Tab Assassin
Tod Beardsley
David Maloney
HD Moore
sinn3r
Christian Mehlmauer
Rob Fuller
Chris John Riley
Chris John Riley
Michael Schierl
jvazquez-r7
Dhiru Kholia
scriptjunkie
webstersprodigy
saint patrick
Patrik Karlsson