Joshua Drake
52647260b3
add offset for alternative file open methods
...
git-svn-id: file:///home/svn/framework3/trunk@8757 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 05:57:22 +00:00
HD Moore
a239963a7d
Handle wrapped TCP services better
...
git-svn-id: file:///home/svn/framework3/trunk@8756 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 05:38:28 +00:00
HD Moore
dc90b43bcd
Emulate a much more common client version
...
git-svn-id: file:///home/svn/framework3/trunk@8755 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 04:37:59 +00:00
Joshua Drake
fbc157df56
add exploit module for cve-2010-0688
...
git-svn-id: file:///home/svn/framework3/trunk@8754 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 01:04:44 +00:00
HD Moore
b87f0ac796
Fix the reaper
...
git-svn-id: file:///home/svn/framework3/trunk@8753 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 23:32:57 +00:00
Joshua Drake
5543e4551f
add auxiliary dos module for apache mod_isapi bug
...
git-svn-id: file:///home/svn/framework3/trunk@8752 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 23:21:17 +00:00
HD Moore
54755d856c
Handle cases where the peer has no : (distcc exploit)
...
git-svn-id: file:///home/svn/framework3/trunk@8751 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 23:03:49 +00:00
HD Moore
69f50eea7c
Kill off any session with eof on the socket
...
git-svn-id: file:///home/svn/framework3/trunk@8750 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 22:58:43 +00:00
HD Moore
b1973c6630
Adds detection and exploitation coverage for the Energizer Duo trojan
...
git-svn-id: file:///home/svn/framework3/trunk@8749 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 19:06:50 +00:00
Stephen Fewer
cf48de7846
Update the README for the modified VNC code.
...
git-svn-id: file:///home/svn/framework3/trunk@8748 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 15:16:20 +00:00
Stephen Fewer
31b7b637a4
The new VNC DLL bins.
...
git-svn-id: file:///home/svn/framework3/trunk@8747 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 14:53:37 +00:00
Stephen Fewer
46cc8e538f
The new x64 VNC inject payload stage.
...
git-svn-id: file:///home/svn/framework3/trunk@8746 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 14:51:43 +00:00
Stephen Fewer
08d1850bcc
Commit the new VNC x86/x64 DLL source code...
...
git-svn-id: file:///home/svn/framework3/trunk@8745 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 14:49:45 +00:00
Stephen Fewer
d0f2b589b6
Delete the old VNC source code.
...
git-svn-id: file:///home/svn/framework3/trunk@8744 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 14:39:20 +00:00
HD Moore
1c1fe9c20f
Add a method for syncing the database (waiting on all pending writes)
...
git-svn-id: file:///home/svn/framework3/trunk@8743 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 14:17:34 +00:00
HD Moore
a35817f0cc
Store more information
...
git-svn-id: file:///home/svn/framework3/trunk@8742 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 13:52:39 +00:00
HD Moore
d8c900aabb
Report the workspace based on the session
...
git-svn-id: file:///home/svn/framework3/trunk@8741 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 05:31:21 +00:00
HD Moore
d5b85db27f
Fixes a false positive when the server always replies with 200 OK
...
git-svn-id: file:///home/svn/framework3/trunk@8740 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 05:26:33 +00:00
HD Moore
4bfd1a1f1e
Allow run_simple to inherit input/output from itself when opts are nil
...
git-svn-id: file:///home/svn/framework3/trunk@8739 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 04:47:40 +00:00
HD Moore
a5d05fc2fb
Fix up a typo
...
git-svn-id: file:///home/svn/framework3/trunk@8738 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 04:39:06 +00:00
HD Moore
5cc63cf983
Report the epm service as well
...
git-svn-id: file:///home/svn/framework3/trunk@8737 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 04:35:14 +00:00
Carlos Perez
b0da8cf6d3
Updated script for new methods
...
git-svn-id: file:///home/svn/framework3/trunk@8736 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 03:15:57 +00:00
HD Moore
bfe0e013da
Allow VNCPORT to be set via -v
...
git-svn-id: file:///home/svn/framework3/trunk@8735 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-07 23:01:33 +00:00
HD Moore
aebedfdb2d
Propogate the workspace down to multi-handlers
...
git-svn-id: file:///home/svn/framework3/trunk@8734 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-07 22:49:08 +00:00
Joshua Drake
a0d5ce473b
add (staged) to the descriptions of staged payloads, fixes #955
...
git-svn-id: file:///home/svn/framework3/trunk@8733 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-06 05:27:13 +00:00
Joshua Drake
607752f141
dont try to run cmds on meterpreter sessions with a "sys" member, see #803
...
git-svn-id: file:///home/svn/framework3/trunk@8732 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-06 04:58:38 +00:00
Joshua Drake
83419da78b
check for vulnerable version in JS prior to triggering vuln, closes #1011
...
git-svn-id: file:///home/svn/framework3/trunk@8731 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-06 04:36:16 +00:00
Tod Beardsley
5ce7b4d186
Pass this_cred for tomcat_mgr_login
...
git-svn-id: file:///home/svn/framework3/trunk@8730 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 20:05:01 +00:00
Joshua Drake
35c4a1d123
handle missing targets more gracefully, stub out linux and x86_64 support detection
...
git-svn-id: file:///home/svn/framework3/trunk@8729 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:35:18 +00:00
Joshua Drake
28f4eb2fd9
handle failed logins - fixes #1014
...
git-svn-id: file:///home/svn/framework3/trunk@8728 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:05:12 +00:00
Joshua Drake
2f3b54efe3
use happy color printer functions for cmd_check
...
git-svn-id: file:///home/svn/framework3/trunk@8727 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:03:59 +00:00
Stephen Fewer
195d1ab4b8
Commit snojobs jpeg patch for espia with an x64 build and some minor changes on the ruby side (The 'screenshot' command is now 'screengrab' to avoid a future conflict with changes happening in stdapi).
...
git-svn-id: file:///home/svn/framework3/trunk@8726 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 15:50:24 +00:00
Stephen Fewer
4e73d95dac
Commit the JPEG-8 lib code from snowjobs patch. Added an x64 build environment and the libs directory for x86/x64 projects to link against.
...
git-svn-id: file:///home/svn/framework3/trunk@8725 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 15:44:36 +00:00
James Lee
9fbf2c0c6e
add platform aliases for newer versions of windows.
...
git-svn-id: file:///home/svn/framework3/trunk@8724 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 08:26:51 +00:00
Joshua Drake
de9e944ad9
fix compile error
...
git-svn-id: file:///home/svn/framework3/trunk@8723 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 06:47:19 +00:00
Tod Beardsley
3d1f773f18
Reimplementing DB2's auth checker to use the same methods as the other auth_brute modules.
...
git-svn-id: file:///home/svn/framework3/trunk@8722 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 00:44:39 +00:00
Joshua Drake
73da75a931
big update to cmd stager
...
1. returns array of commands instead of big blob of lines
2. combine lines together when possible (to reduce # of commands to execute)
3. add cmd stager usage in mssql_payload
4. remove extraneous stuff here and there
git-svn-id: file:///home/svn/framework3/trunk@8721 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 00:29:44 +00:00
Joshua Drake
d8818fc268
execute xp_cmdshell from master explicitly
...
git-svn-id: file:///home/svn/framework3/trunk@8720 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 23:55:04 +00:00
Tod Beardsley
a5e187bd69
Add the ability to slow down brute force sessions.
...
git-svn-id: file:///home/svn/framework3/trunk@8719 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 23:29:26 +00:00
Joshua Drake
d370ab62c6
don't wait for shell.run to finish
...
git-svn-id: file:///home/svn/framework3/trunk@8718 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 22:33:16 +00:00
Joshua Drake
8a2382ed1a
don't wait for shell.run to finish
...
git-svn-id: file:///home/svn/framework3/trunk@8717 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 22:32:46 +00:00
Joshua Drake
1629bf7bf0
move http_send_cmd into cmdweb test exploit
...
git-svn-id: file:///home/svn/framework3/trunk@8716 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 21:00:58 +00:00
Joshua Drake
0ed5fc1af1
change VERBOSE option from OptString to OptBool
...
git-svn-id: file:///home/svn/framework3/trunk@8715 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 20:59:49 +00:00
Stephen Fewer
a44358df67
Simple fix for #1013 and the migration permission error message.
...
git-svn-id: file:///home/svn/framework3/trunk@8714 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 19:31:36 +00:00
Joshua Drake
0900314a15
redirect requests without subdirectories
...
git-svn-id: file:///home/svn/framework3/trunk@8713 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 18:28:05 +00:00
Joshua Drake
4bd857b53e
add exploit module for cve-2008-3558
...
git-svn-id: file:///home/svn/framework3/trunk@8712 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 17:41:26 +00:00
James Lee
bf2a64b3ac
use new argument list for get_host
...
git-svn-id: file:///home/svn/framework3/trunk@8711 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:59:55 +00:00
James Lee
c2612548c5
fix get_host, was breaking browser_autopwn, see #976
...
git-svn-id: file:///home/svn/framework3/trunk@8710 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:58:47 +00:00
James Lee
602395ead0
don't set the language if we don't have one
...
git-svn-id: file:///home/svn/framework3/trunk@8709 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:38:52 +00:00
James Lee
4f08e6fd25
treat the database as write-only and use the (improved) target cache, fixes 986
...
git-svn-id: file:///home/svn/framework3/trunk@8708 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:37:58 +00:00