Commit Graph

5439 Commits (fb09655c4239e1bc28a439789410355d053a08cf)

Author SHA1 Message Date
Joshua Drake 52b71077d3 major overhaul of ms09-004 (cve-2008-5416) exploit
git-svn-id: file:///home/svn/framework3/trunk@8151 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 01:51:48 +00:00
James Lee 08eb80f4a9 use the authbrute mixin
git-svn-id: file:///home/svn/framework3/trunk@8150 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-18 22:22:22 +00:00
James Lee d90ffdc015 use a username and password from the datastore if provided
git-svn-id: file:///home/svn/framework3/trunk@8149 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-18 22:21:39 +00:00
Joshua Drake c13841d902 base RegexScanner on Generic instead of JmpRegScanner
git-svn-id: file:///home/svn/framework3/trunk@8148 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-18 22:17:08 +00:00
James Lee 46b346239e don't always use the username as a password, let modules do that if they want it
git-svn-id: file:///home/svn/framework3/trunk@8147 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-18 22:03:02 +00:00
James Lee d8f7645094 : -> .
git-svn-id: file:///home/svn/framework3/trunk@8146 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-18 21:35:42 +00:00
James Lee cb9cf943b4 Remove the database lookups so we don't trigger lockout policies unnecessarily. We'll probably have to revisit this at some point
git-svn-id: file:///home/svn/framework3/trunk@8145 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-18 21:19:28 +00:00
HD Moore 0bafe814be Fix the RawL5 namspace after the Racket upgrade
git-svn-id: file:///home/svn/framework3/trunk@8144 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-18 04:36:31 +00:00
Carlos Perez f2e61b9cda All output from enumeration that could be saved in a CSV is now saved in one for easier parsing
git-svn-id: file:///home/svn/framework3/trunk@8143 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-18 01:17:54 +00:00
Carlos Perez f054310e0c Bug fixes, and now all commands output is saved to individual files for easier parsing
git-svn-id: file:///home/svn/framework3/trunk@8142 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-17 19:11:40 +00:00
James Lee d4c42806f6 can't really be a scanner since a sid is needed for each host
git-svn-id: file:///home/svn/framework3/trunk@8141 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-17 17:56:05 +00:00
James Lee bbe10b439f let the user know when a client connects
git-svn-id: file:///home/svn/framework3/trunk@8140 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-16 01:00:01 +00:00
James Lee 6c572466fa make the oracle login a scanner for consistency. see 757
git-svn-id: file:///home/svn/framework3/trunk@8139 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-16 00:59:06 +00:00
HD Moore 69f609bdcd Updated description to make the source of the exploit clear and why it only triggers reliably vs 6 now. Adjusts the heap spray to be slightly bigger
git-svn-id: file:///home/svn/framework3/trunk@8138 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-16 00:55:42 +00:00
Steve Tornio a0326fc842 add CVE and OSVDB refs
git-svn-id: file:///home/svn/framework3/trunk@8137 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 22:05:02 +00:00
HD Moore 579a6fe799 Metasploit port of the IE "Aurora" exploit, based on this sample: http://wepawet.iseclab.org/view.php?hash=1aea206aa64ebeabb07237f1e2230d0f&type=js
git-svn-id: file:///home/svn/framework3/trunk@8136 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 21:36:04 +00:00
HD Moore 64c4754ade Add -V to avoid automatic VNC connection
git-svn-id: file:///home/svn/framework3/trunk@8135 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 16:17:13 +00:00
HD Moore b6b25b7f03 allow the default workspace to be purged and recreated
git-svn-id: file:///home/svn/framework3/trunk@8134 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 15:58:13 +00:00
HD Moore 2ba892aa69 Report host mac, name, and whether its a VM
git-svn-id: file:///home/svn/framework3/trunk@8133 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 15:49:13 +00:00
James Lee 61984579d5 don't report to the db if there isn't one
git-svn-id: file:///home/svn/framework3/trunk@8132 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 04:34:12 +00:00
HD Moore 7390b1d42d Add and improve database reporting to existing scanner modules
git-svn-id: file:///home/svn/framework3/trunk@8131 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 03:25:34 +00:00
HD Moore 90221c1191 Consistency change
git-svn-id: file:///home/svn/framework3/trunk@8130 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 02:58:59 +00:00
HD Moore 0b7df74615 Rename modules to be consistent with the new convention
git-svn-id: file:///home/svn/framework3/trunk@8129 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 02:55:08 +00:00
James Lee 1e3662e3ad events need to be part of core, not base
git-svn-id: file:///home/svn/framework3/trunk@8128 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 01:29:54 +00:00
James Lee 26aa834600 base should not depend on ui
git-svn-id: file:///home/svn/framework3/trunk@8127 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 01:24:45 +00:00
James Lee 53662ed46e save events to the database. fixes 618
git-svn-id: file:///home/svn/framework3/trunk@8126 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 00:32:48 +00:00
Joshua Drake fba8a1d110 added a German target with 0x0a0a0a0a as the spray addr
git-svn-id: file:///home/svn/framework3/trunk@8125 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-14 22:24:56 +00:00
HD Moore a753666073 Switch sysread back to get_once(). This reverts a previous change, but the sysread breaks SSL support
git-svn-id: file:///home/svn/framework3/trunk@8124 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-14 21:40:30 +00:00
HD Moore caa67aa3d5 Require the nmap XML parser
git-svn-id: file:///home/svn/framework3/trunk@8123 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-14 20:29:55 +00:00
James Lee 78808fe3c1 show the database driver in framework.inspect
git-svn-id: file:///home/svn/framework3/trunk@8122 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-14 18:57:54 +00:00
James Lee df1cb6b36e move smb/login. see 757
git-svn-id: file:///home/svn/framework3/trunk@8121 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-14 18:51:04 +00:00
HD Moore a55dfa1bbc Adds scanner_progress for granular percentage
git-svn-id: file:///home/svn/framework3/trunk@8120 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-14 18:20:32 +00:00
James Lee 7be26761f5 merge bannedit's WAR payload patch
git-svn-id: file:///home/svn/framework3/trunk@8119 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-14 18:15:15 +00:00
HD Moore d84ca6d438 Replicants should receive the same module store as the original
git-svn-id: file:///home/svn/framework3/trunk@8118 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-14 18:14:44 +00:00
HD Moore 3823512ae9 This adds the ability to use the module as a hash
git-svn-id: file:///home/svn/framework3/trunk@8117 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-14 18:09:34 +00:00
James Lee 54095a585e update the auth bruteforcer, and use it in smb/login
git-svn-id: file:///home/svn/framework3/trunk@8116 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-14 16:58:43 +00:00
HD Moore bc9985d5da Minor fixes to the nessusv2 importer, allow the db_import command to work on it directly
git-svn-id: file:///home/svn/framework3/trunk@8115 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-14 15:26:20 +00:00
HD Moore 568770ae23 Fixes #690 by merging John Miller's patch to enable Nessus v2 support
git-svn-id: file:///home/svn/framework3/trunk@8114 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-14 12:57:26 +00:00
HD Moore b9e6c8eef7 Fixes #758 by setting the http content type
git-svn-id: file:///home/svn/framework3/trunk@8113 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-14 12:51:31 +00:00
HD Moore 55dc3aa192 Support for slackware's mktemp, fixes #762
git-svn-id: file:///home/svn/framework3/trunk@8112 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-14 12:48:30 +00:00
Carlos Perez 4f8a3dc95b Meterpreter Script for extracting username, password, server and port of configured services in pidgin client
git-svn-id: file:///home/svn/framework3/trunk@8111 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-14 03:23:47 +00:00
James Lee 0d9e372497 remove more dumb debug prints
git-svn-id: file:///home/svn/framework3/trunk@8110 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-13 23:49:31 +00:00
HD Moore 396e894cdb Finger user enumerator
git-svn-id: file:///home/svn/framework3/trunk@8109 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-13 23:37:14 +00:00
HD Moore 9bb14e1c4e Add a telnet banner grabber
git-svn-id: file:///home/svn/framework3/trunk@8108 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-13 21:46:48 +00:00
HD Moore 831833667a Minor tweak (run inside of sh -c '')
git-svn-id: file:///home/svn/framework3/trunk@8107 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-13 20:19:51 +00:00
HD Moore dded66d71a Fixed up to work against Windows 2000 -> Windows 7
git-svn-id: file:///home/svn/framework3/trunk@8106 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-13 14:37:15 +00:00
James Lee 2890f3eeda missed this in the last commit
git-svn-id: file:///home/svn/framework3/trunk@8105 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-13 07:03:18 +00:00
James Lee fd89f4e6cd add an events table
git-svn-id: file:///home/svn/framework3/trunk@8104 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-13 06:40:34 +00:00
HD Moore de2a293c26 Lookup users via SAMR
git-svn-id: file:///home/svn/framework3/trunk@8103 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-13 00:27:11 +00:00
HD Moore 540beed83e Prevent the dcerpc NDR string functions from modifying their argument directly
git-svn-id: file:///home/svn/framework3/trunk@8102 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-12 23:15:07 +00:00