Commit Graph

6095 Commits (fd97c89959c3052db1124fa1e4ea59b3d70164f2)

Author SHA1 Message Date
Joshua Drake 52647260b3 add offset for alternative file open methods
git-svn-id: file:///home/svn/framework3/trunk@8757 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 05:57:22 +00:00
HD Moore a239963a7d Handle wrapped TCP services better
git-svn-id: file:///home/svn/framework3/trunk@8756 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 05:38:28 +00:00
HD Moore dc90b43bcd Emulate a much more common client version
git-svn-id: file:///home/svn/framework3/trunk@8755 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 04:37:59 +00:00
Joshua Drake fbc157df56 add exploit module for cve-2010-0688
git-svn-id: file:///home/svn/framework3/trunk@8754 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 01:04:44 +00:00
HD Moore b87f0ac796 Fix the reaper
git-svn-id: file:///home/svn/framework3/trunk@8753 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 23:32:57 +00:00
Joshua Drake 5543e4551f add auxiliary dos module for apache mod_isapi bug
git-svn-id: file:///home/svn/framework3/trunk@8752 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 23:21:17 +00:00
HD Moore 54755d856c Handle cases where the peer has no : (distcc exploit)
git-svn-id: file:///home/svn/framework3/trunk@8751 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 23:03:49 +00:00
HD Moore 69f50eea7c Kill off any session with eof on the socket
git-svn-id: file:///home/svn/framework3/trunk@8750 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 22:58:43 +00:00
HD Moore b1973c6630 Adds detection and exploitation coverage for the Energizer Duo trojan
git-svn-id: file:///home/svn/framework3/trunk@8749 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 19:06:50 +00:00
Stephen Fewer cf48de7846 Update the README for the modified VNC code.
git-svn-id: file:///home/svn/framework3/trunk@8748 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 15:16:20 +00:00
Stephen Fewer 31b7b637a4 The new VNC DLL bins.
git-svn-id: file:///home/svn/framework3/trunk@8747 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 14:53:37 +00:00
Stephen Fewer 46cc8e538f The new x64 VNC inject payload stage.
git-svn-id: file:///home/svn/framework3/trunk@8746 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 14:51:43 +00:00
Stephen Fewer 08d1850bcc Commit the new VNC x86/x64 DLL source code...
git-svn-id: file:///home/svn/framework3/trunk@8745 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 14:49:45 +00:00
Stephen Fewer d0f2b589b6 Delete the old VNC source code.
git-svn-id: file:///home/svn/framework3/trunk@8744 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 14:39:20 +00:00
HD Moore 1c1fe9c20f Add a method for syncing the database (waiting on all pending writes)
git-svn-id: file:///home/svn/framework3/trunk@8743 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 14:17:34 +00:00
HD Moore a35817f0cc Store more information
git-svn-id: file:///home/svn/framework3/trunk@8742 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 13:52:39 +00:00
HD Moore d8c900aabb Report the workspace based on the session
git-svn-id: file:///home/svn/framework3/trunk@8741 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 05:31:21 +00:00
HD Moore d5b85db27f Fixes a false positive when the server always replies with 200 OK
git-svn-id: file:///home/svn/framework3/trunk@8740 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 05:26:33 +00:00
HD Moore 4bfd1a1f1e Allow run_simple to inherit input/output from itself when opts are nil
git-svn-id: file:///home/svn/framework3/trunk@8739 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 04:47:40 +00:00
HD Moore a5d05fc2fb Fix up a typo
git-svn-id: file:///home/svn/framework3/trunk@8738 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 04:39:06 +00:00
HD Moore 5cc63cf983 Report the epm service as well
git-svn-id: file:///home/svn/framework3/trunk@8737 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 04:35:14 +00:00
Carlos Perez b0da8cf6d3 Updated script for new methods
git-svn-id: file:///home/svn/framework3/trunk@8736 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 03:15:57 +00:00
HD Moore bfe0e013da Allow VNCPORT to be set via -v
git-svn-id: file:///home/svn/framework3/trunk@8735 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-07 23:01:33 +00:00
HD Moore aebedfdb2d Propogate the workspace down to multi-handlers
git-svn-id: file:///home/svn/framework3/trunk@8734 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-07 22:49:08 +00:00
Joshua Drake a0d5ce473b add (staged) to the descriptions of staged payloads, fixes #955
git-svn-id: file:///home/svn/framework3/trunk@8733 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-06 05:27:13 +00:00
Joshua Drake 607752f141 dont try to run cmds on meterpreter sessions with a "sys" member, see #803
git-svn-id: file:///home/svn/framework3/trunk@8732 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-06 04:58:38 +00:00
Joshua Drake 83419da78b check for vulnerable version in JS prior to triggering vuln, closes #1011
git-svn-id: file:///home/svn/framework3/trunk@8731 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-06 04:36:16 +00:00
Tod Beardsley 5ce7b4d186 Pass this_cred for tomcat_mgr_login
git-svn-id: file:///home/svn/framework3/trunk@8730 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 20:05:01 +00:00
Joshua Drake 35c4a1d123 handle missing targets more gracefully, stub out linux and x86_64 support detection
git-svn-id: file:///home/svn/framework3/trunk@8729 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:35:18 +00:00
Joshua Drake 28f4eb2fd9 handle failed logins - fixes #1014
git-svn-id: file:///home/svn/framework3/trunk@8728 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:05:12 +00:00
Joshua Drake 2f3b54efe3 use happy color printer functions for cmd_check
git-svn-id: file:///home/svn/framework3/trunk@8727 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:03:59 +00:00
Stephen Fewer 195d1ab4b8 Commit snojobs jpeg patch for espia with an x64 build and some minor changes on the ruby side (The 'screenshot' command is now 'screengrab' to avoid a future conflict with changes happening in stdapi).
git-svn-id: file:///home/svn/framework3/trunk@8726 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 15:50:24 +00:00
Stephen Fewer 4e73d95dac Commit the JPEG-8 lib code from snowjobs patch. Added an x64 build environment and the libs directory for x86/x64 projects to link against.
git-svn-id: file:///home/svn/framework3/trunk@8725 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 15:44:36 +00:00
James Lee 9fbf2c0c6e add platform aliases for newer versions of windows.
git-svn-id: file:///home/svn/framework3/trunk@8724 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 08:26:51 +00:00
Joshua Drake de9e944ad9 fix compile error
git-svn-id: file:///home/svn/framework3/trunk@8723 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 06:47:19 +00:00
Tod Beardsley 3d1f773f18 Reimplementing DB2's auth checker to use the same methods as the other auth_brute modules.
git-svn-id: file:///home/svn/framework3/trunk@8722 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 00:44:39 +00:00
Joshua Drake 73da75a931 big update to cmd stager
1. returns array of commands instead of big blob of lines
2. combine lines together when possible (to reduce # of commands to execute)
3. add cmd stager usage in mssql_payload
4. remove extraneous stuff here and there

git-svn-id: file:///home/svn/framework3/trunk@8721 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 00:29:44 +00:00
Joshua Drake d8818fc268 execute xp_cmdshell from master explicitly
git-svn-id: file:///home/svn/framework3/trunk@8720 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 23:55:04 +00:00
Tod Beardsley a5e187bd69 Add the ability to slow down brute force sessions.
git-svn-id: file:///home/svn/framework3/trunk@8719 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 23:29:26 +00:00
Joshua Drake d370ab62c6 don't wait for shell.run to finish
git-svn-id: file:///home/svn/framework3/trunk@8718 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 22:33:16 +00:00
Joshua Drake 8a2382ed1a don't wait for shell.run to finish
git-svn-id: file:///home/svn/framework3/trunk@8717 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 22:32:46 +00:00
Joshua Drake 1629bf7bf0 move http_send_cmd into cmdweb test exploit
git-svn-id: file:///home/svn/framework3/trunk@8716 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 21:00:58 +00:00
Joshua Drake 0ed5fc1af1 change VERBOSE option from OptString to OptBool
git-svn-id: file:///home/svn/framework3/trunk@8715 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 20:59:49 +00:00
Stephen Fewer a44358df67 Simple fix for #1013 and the migration permission error message.
git-svn-id: file:///home/svn/framework3/trunk@8714 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 19:31:36 +00:00
Joshua Drake 0900314a15 redirect requests without subdirectories
git-svn-id: file:///home/svn/framework3/trunk@8713 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 18:28:05 +00:00
Joshua Drake 4bd857b53e add exploit module for cve-2008-3558
git-svn-id: file:///home/svn/framework3/trunk@8712 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 17:41:26 +00:00
James Lee bf2a64b3ac use new argument list for get_host
git-svn-id: file:///home/svn/framework3/trunk@8711 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:59:55 +00:00
James Lee c2612548c5 fix get_host, was breaking browser_autopwn, see #976
git-svn-id: file:///home/svn/framework3/trunk@8710 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:58:47 +00:00
James Lee 602395ead0 don't set the language if we don't have one
git-svn-id: file:///home/svn/framework3/trunk@8709 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:38:52 +00:00
James Lee 4f08e6fd25 treat the database as write-only and use the (improved) target cache, fixes 986
git-svn-id: file:///home/svn/framework3/trunk@8708 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:37:58 +00:00