Tod Beardsley
f1950c2fe1
Adding back bitstruct (current upstream) and dns_fuzzer module
...
Fixes #3289 .
This commit adds back the bit-struct library because in the end,
it is useful for some modules, especially pello's. It's small
and it has a nice license, so why not. After all, it /is/
useful for quicky application headers. Eventually, should
be replaced by StructFu, but that requires some doc work
on my part to get that transition in place.
This also adds pello's DNS fuzzer module which makes use of
BitStruct to create sometimes malformed-on-purpose DNS headers.
Tested against 3 different DNS servers, caused one to reboot,
so I'd say it works.
2011-12-06 17:03:36 -06:00
sinn3r
0bbbcd549d
Add port information, and allow search in data
2011-12-05 22:22:36 -06:00
Tod Beardsley
84af4647db
Merge branch 'issue_1083_oracle'
2011-12-05 17:39:46 -06:00
Tod Beardsley
4da2c32734
Minor update to xdb_side_brute, see #1083
...
Adds a typo fix and adds an explicit VERBOSE option.
2011-12-05 15:11:09 -06:00
HD Moore
dbd00efefe
Merge branch '4.3-schema'
2011-12-05 15:04:35 -06:00
sinn3r
37516134f0
FILTER shouldn't be case-sensitive
2011-12-05 13:19:04 -06:00
HD Moore
97087d88fa
Mark portscan modules as v6 incompatible
2011-12-05 13:07:36 -06:00
HD Moore
cf28713f9a
Mark specific modules as incompatible due to use of quad-dot code
2011-12-05 13:07:36 -06:00
sinn3r
fd2eb200fb
Add Shodan Search Module (Feature #5451 )
2011-12-05 12:50:21 -06:00
Joshua J. Drake
ac7edc268a
Add some more clear documentation for selecting payloads for this module.
2011-12-05 00:35:11 -06:00
sinn3r
e524215b55
WTH, the date format is wrong
2011-12-04 15:23:31 -06:00
sinn3r
679ef457d8
Correct spelling, thx bannedit
2011-12-04 14:59:54 -06:00
sinn3r
f26447e021
Correct my own weird grammar
2011-12-04 14:50:53 -06:00
sinn3r
e07868d613
Catch possible exception if WTSGetActiveConsoleSessionId isn't available on the target machine
2011-12-04 14:48:45 -06:00
chao-mu
e52ebd602f
Encorporating patch submitted by Boris Lukashev to fix issue 6012 (Post module enable rdp broken and fixed (here)). Fix was to have the module include Msf::Post::Windows::WindowsServices, make service_change_startup available
2011-12-04 15:26:43 -05:00
sinn3r
3cd2caca1a
Fix #6052
2011-12-04 13:49:13 -06:00
sinn3r
89ed25978d
Add feature #6048
2011-12-04 13:44:21 -06:00
Steve Tornio
f63a616739
add osvdb ref
2011-12-04 07:48:48 -06:00
sinn3r
950b4a54a0
Fix bug #6050
2011-12-03 22:00:48 -06:00
sinn3r
2720572a37
Add IPSwitch Whatsup Gold TFTP directory traversal module
2011-12-03 18:46:34 -06:00
HD Moore
27974c4c27
Merge branch 'master' of github.com:rapid7/metasploit-framework into fastlib
...
Conflicts:
modules/auxiliary/scanner/http/axis_login.rb
modules/exploits/multi/http/axis2_deployer.rb
modules/post/multi/gather/thunderbird_creds.rb
modules/post/windows/gather/credentials/imvu.rb
msfopcode
2011-12-03 14:07:09 -06:00
Steve Tornio
b75799d18d
=add osvdb ref
2011-12-02 16:50:42 -06:00
Steve Tornio
83f12c6fe0
=add osvdb ref
2011-12-02 16:46:01 -06:00
sinn3r
c8634390b7
Add CCMPlayer m3u exploit (Feature #6029 )
2011-12-02 16:27:59 -06:00
sinn3r
30e3607ec0
The SUCCESS message may not be constant across foreign language verions according to jduck, chaning back to the old way
2011-12-02 15:11:27 -06:00
sinn3r
f4b755c319
Add License comment (author already put 'MSF_LICENSE' in there). Also drop rank, because it doesn't cover so many targets
2011-12-02 15:00:39 -06:00
sinn3r
cd2bb027bf
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-12-02 14:54:53 -06:00
sinn3r
895a509bd3
Add Avid Media Composer 5.5 (Feature #6035 )
2011-12-02 14:53:26 -06:00
Steve Tornio
2bb97791f7
Update OSVDF refs for servu module.
...
* Added osvdb ref to servu module.
* Fixed rhino entry in osvdb, removed comment from module.
Squashed commit of the following:
commit 80ce65253f51e07a0bcb8900402a1b3d59eaeaa1
Author: Steve Tornio <swtornio@gmail.com>
Date: Fri Dec 2 07:44:28 2011 -0600
add osvdb ref
commit 558f20d84dd705b57b7f807a5ea3815e17b6f9f5
Author: Steve Tornio <swtornio@gmail.com>
Date: Wed Nov 30 08:15:20 2011 -0600
fixed in osvdb
[Closes #39 ]
2011-12-02 13:21:41 -05:00
HD Moore
dbe7e6aecf
Remove a leftover debugging statement
2011-12-02 00:06:04 -06:00
sinn3r
2d320b1828
Fix bug: table being saved while empty
2011-12-01 22:47:42 -06:00
sinn3r
608a5586b2
Actually, don't really have a good reason for that exception handling anymore. I think.
2011-12-01 22:47:42 -06:00
sinn3r
0eb3b5a49b
Fix undefined method 'cmd_exec' bug. Thx Boris.
2011-12-01 22:47:42 -06:00
sinn3r
19fae182da
Add Thunderbird credential collector (Feature #6014 )
2011-12-01 22:47:42 -06:00
James Lee
a91926716d
don't dup the last part of the key, fixes #6036
2011-12-01 15:24:58 -07:00
HD Moore
9f99cfc757
Convert the h323 module to MSF_LICENSE (backport from Pro)
2011-12-01 16:01:01 -06:00
HD Moore
3e5e9a910e
Add h323 scanner
2011-12-01 16:01:01 -06:00
sinn3r
d0db88d35d
Make key_base an instance var so other functions can access it. Bug #6036
2011-12-01 14:41:44 -06:00
David Maloney
57f12cb2d8
Merge branch 'servu_sploit'
2011-12-01 11:21:32 -08:00
sinn3r
93a419c76b
Having nothing on the webpage may probably confuse some novice users. But I do like stealth.
2011-12-01 03:02:35 -06:00
sinn3r
8399ce6e41
Fix bug #6031
2011-11-30 15:22:52 -06:00
David Maloney
40ab37fa10
Merge branch 'iss5979'
2011-11-30 12:16:33 -08:00
David Maloney
2858cae296
Some quick corrections to tidy things up
2011-11-29 19:57:08 -08:00
David Maloney
be88f483a3
More Accurate Vulnerability Check
2011-11-29 18:38:00 -08:00
David Maloney
0dda948265
New Exploit for the Serv-U FTP Buffer overflow
...
from CVE 2004-2111
2011-11-29 17:34:01 -08:00
sinn3r
f26f6da74b
Add CVE-2011-3544 (feature #6023 ) Java Rhino exploit
2011-11-29 18:05:20 -06:00
Rob Fuller
e439aba779
switched %USERPROFILE% to %APPDATA% to make the code a bit more universal
2011-11-29 20:08:44 +00:00
sinn3r
897731f3a5
Check creds (feature #6025 ). Also bringing the 'Inbox' regex back
2011-11-29 11:01:39 -06:00
sinn3r
6f5d64f6de
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-29 03:31:15 -06:00
sinn3r
34a933d499
Feature #5610
2011-11-29 03:30:49 -06:00
Tod Beardsley
f503bd9488
Fixes #5749 by converting to unix-style linefeeds and forcing jtr modules to read files as binary, and updating msftidy to allow for r+b as a ghetto append.
2011-11-28 17:52:34 -06:00
Rob Fuller
c411c216c0
Solved most of msftidy issues with the /modules directory
2011-11-28 17:10:29 -06:00
sinn3r
3a84c31326
Using a better regex for a successful login. Thanks Borys.
2011-11-28 14:29:42 -06:00
sinn3r
bc541c118d
Apply patch #6020
2011-11-28 14:16:24 -06:00
sinn3r
5165865560
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-28 14:07:19 -06:00
sinn3r
59ab0c3a18
Fix bug #6021 , Thanks Borys
2011-11-28 14:06:56 -06:00
Tod Beardsley
44a47f9913
Fixing up OWA bruteforce module to conform with the usual print_status
...
messages.
2011-11-28 13:31:54 -06:00
sinn3r
a578db7f56
Apply fix for #6019
2011-11-28 01:12:18 -06:00
sinn3r
ebfe269698
Apply patch for #5824
2011-11-26 16:52:12 -06:00
sinn3r
5e08c93ac9
Apply patch #5580
2011-11-26 15:32:43 -06:00
sinn3r
b7950a752e
Add feature #4929 (MS09-053)
2011-11-26 13:30:35 -06:00
sinn3r
82a5da866a
Fix bug: table being saved while empty
2011-11-25 00:54:17 -06:00
sinn3r
ec3c37d963
Actually, don't really have a good reason for that exception handling anymore. I think.
2011-11-25 00:41:28 -06:00
sinn3r
3e7c821119
Fix undefined method 'cmd_exec' bug. Thx Boris.
2011-11-25 00:34:33 -06:00
sinn3r
7571466014
Add Thunderbird credential collector (Feature #6014 )
2011-11-24 19:39:34 -06:00
David Maloney
900232fb60
HTTP login scanners need to set duplicate_ok to true
...
or different web applications on the same server
may wipe eachother's creds out.
2011-11-23 23:05:51 -06:00
David Maloney
53b3e96af4
Added a check to the Axis login scanner to ensure
...
that the supplied url is valid.
Need this because we don't currently have a way to fingerprint
for Axis2 so we are relying on Tomcat fingerpinting.
2011-11-23 23:05:51 -06:00
sinn3r
3954030963
Apply patch #6004
2011-11-23 23:05:51 -06:00
David Maloney
d1c44160dd
Fix to the axis2 Deployer exploit to add Default Target
2011-11-23 23:05:51 -06:00
David Maloney
d3887d20e5
Consolidation of the Axis2 Deployer Exploits
...
Fixes #5276
2011-11-23 23:05:51 -06:00
David Maloney
c61d02686a
HTTP login scanners need to set duplicate_ok to true
...
or different web applications on the same server
may wipe eachother's creds out.
2011-11-22 13:04:10 -08:00
David Maloney
9d7f7b1f0e
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-22 11:53:14 -08:00
David Maloney
9e40fac8b1
Added a check to the Axis login scanner to ensure
...
that the supplied url is valid.
Need this because we don't currently have a way to fingerprint
for Axis2 so we are relying on Tomcat fingerpinting.
2011-11-22 11:52:06 -08:00
sinn3r
8b729b59f8
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-22 13:08:08 -06:00
sinn3r
25f4b45bd1
Apply patch #6004
2011-11-22 13:07:46 -06:00
David Maloney
4a22df4014
Fix to the axis2 Deployer exploit to add Default Target
2011-11-22 10:27:38 -08:00
David Maloney
30d1451159
Consolidation of the Axis2 Deployer Exploits
...
Fixes #5276
2011-11-22 08:47:53 -08:00
David Maloney
4ef7c373e9
Fix to typo in the tables being pushed.
2011-11-22 00:06:58 -06:00
David Maloney
f81567fb6f
Fix to typo in the tables being pushed.
2011-11-21 15:49:57 -08:00
sinn3r
e11ca43c37
Add feature #5680
2011-11-21 12:39:45 -06:00
sinn3r
76846aa578
Add MS10-038 (CVE-2010-0822) exploit
2011-11-21 11:36:47 -06:00
sinn3r
28a079f308
Add credit to the appropriate researcher
2011-11-20 02:32:45 -06:00
sinn3r
95d639ccf7
Change target index and names. Also retested on XP all the way to Win 7, IE 6 to IE8.
2011-11-20 01:44:52 -06:00
sinn3r
980cd4c888
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-19 20:41:29 -06:00
sinn3r
9c2fab0921
Add CVE-2010-0356 (Viscom Movie Player Pro) by tecr0c
2011-11-19 20:40:04 -06:00
James Lee
67120d4263
msftidy on aux modules, see #5749
2011-11-20 13:12:07 +11:00
James Lee
f35b6c5269
msftidy on post modules for spaces at EOL
2011-11-20 12:53:25 +11:00
sinn3r
a4cadf0d53
remove the extra comment that's not used
2011-11-19 12:48:39 -06:00
sinn3r
30f13984ea
Add wireshark console.lua exploit (CVE-2011-3360)
2011-11-18 21:24:48 -06:00
David Maloney
ff22246119
Attempt to fix #5979
2011-11-18 12:53:35 -08:00
Tod Beardsley
eca1253439
updating sudo
2011-11-18 10:17:43 -06:00
Tod Beardsley
356e0e6fb5
Moving sudo from linux to multi, because it is.
2011-11-18 10:16:57 -06:00
Tod Beardsley
fa77909c67
whitespace fix
2011-11-18 08:51:07 -06:00
Tod Beardsley
55367fad4f
Merge pull request #25 from rapid7/post_module_sudo
...
Post module sudo
2011-11-18 06:30:40 -08:00
David Maloney
11c1f0983f
Fixes #5993
2011-11-17 18:05:36 -08:00
David Maloney
77cba9de7c
Merge branch 'cbdfix'
...
Conflicts:
modules/post/windows/gather/credentials/imvu.rb
modules/post/windows/gather/forensics/duqu_check.rb
modules/post/windows/recon/computer_browser_discovery.rb
2011-11-17 14:55:20 -08:00
Tod Beardsley
d8b77564ef
Tidying up, fixing csh echo behavior
2011-11-17 16:29:02 -06:00
David Maloney
3bfe7e9b98
fix to comptuer browser discovery to output properly and sotre as loot
...
added additional option to save detected hosts in the db.
2011-11-17 14:17:28 -08:00
Tod Beardsley
9878517f80
Cleanup and light refactoring, deal with slowpoke linux telnet cmd_exec()
2011-11-17 13:19:13 -06:00
Tod Beardsley
84fb5b441a
Cleaning up some names and descs
2011-11-17 07:47:26 -06:00