adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
24,961 Commits 27 Branches 1,043 Tags
2ee408e9dbb95e44288e8d7d4d8658ff97e41e4e
Commit Graph

7737 Commits

Author SHA1 Message Date
James Lee b1136752be Add Credential#== to facilitate specs 2014-06-05 11:37:48 -05:00
James Lee 8b6e188ba8 Add support for realm in CredentialCollection 
MSP-9988
 2014-06-04 17:03:52 -05:00
James Lee b1ff6b95b5 Better docs 2014-06-04 14:44:53 -05:00
James Lee 41644970bf Add a CredentialCollection 
Also moves Metasploit::Framework::LoginScanner::Credential to
Metasploit::Framework::Credential
 2014-06-04 13:01:09 -05:00
David Maloney 28bf29980e Merge branch 'master' into staging/electro-release 2014-06-04 10:21:08 -05:00
Trevor Rosen ad15e6fe17 Merge pull request #35 from rapid7/feature/MSP-9678/pop3-login-scanner 
Feature/msp 9678/pop3 login scanner

MSP-9678 #land
 2014-06-03 12:11:17 -05:00
Lance Sanchez edc9f94d41 fixing issues raised in code review 
MSP-9678
 2014-06-03 11:15:26 -05:00
Tod Beardsley d0d389598a Land #3086, Android Java Meterpreter updates 
w00t.
 2014-06-02 17:28:38 -05:00
Lance Sanchez 15fffb1668 Adding in some tests 
cleaning up the regex a bit

MSP-9678
 2014-06-02 13:50:30 -05:00
David Maloney 34004908bb Merge branch 'master' into staging/electro-release 
Conflicts:
	.ruby-version
 2014-06-02 11:10:33 -05:00
William Vu bba741897e Land #3413, improved FileDropper cleanup message 2014-06-02 11:05:48 -05:00
Lance Sanchez f2a2975bc1 Merge branch 'staging/electro-release' into feature/MSP-9678/pop3-login-scanner 2014-06-02 10:56:54 -05:00
Christian Mehlmauer 428df19739 Changed message 2014-06-02 17:28:09 +02:00
Meatballs 58ee2ccd6e Land #3390, Fix have_powershell 2014-06-01 10:43:35 +01:00
Christian Mehlmauer 03b4a29662 Clarify filedropper error message 2014-05-31 22:17:32 +02:00
Trevor Rosen dee4acdb2a Merge pull request #27 from rapid7/feature/MSP-9725/windows_hashdump 
Windows Hashdump post module refactor

MSP-9725 #land
 2014-05-30 14:04:31 -05:00
Trevor Rosen 8bcd763039 Merge pull request #26 from rapid7/feature/MSP-9685/telnet_login_scanner 
Feature/msp 9685/telnet login scanner

MSP-9685 #land
 2014-05-30 13:40:18 -05:00
David Maloney 782c8bd172 Merge branch 'staging/electro-release' into feature/MSP-9725/windows_hashdump 2014-05-30 13:28:35 -05:00
David Maloney ba525c7b78 use metasploit-credential creation methods 2014-05-30 13:07:11 -05:00
David Maloney 98a23881ee remove cred creation methods 
removed cred creation methods from framework
and include them from the metasploit-credential gem instead
 2014-05-30 11:28:53 -05:00
David Maloney e3c4745879 Windows Hashdump post module refactor 
refactor the Hashdump post module for window
to use the new cred creation methods.
Also some extra methods to do db safe checks
for record ids that we need
 2014-05-29 13:20:32 -05:00
dmaloney-r7 e669324366 Merge pull request #25 from rapid7/feature/MSP-9673/axis2-login-scanner 
Add axis2 login scanner
 2014-05-29 11:22:22 -05:00
David Maloney 2c6f89a58d add sane default for connection timeout 2014-05-29 11:12:59 -05:00
David Maloney eb04a3774a fixes for telnet wierdness 
had to work around the way the old
Auxiliary::Login mixin worked. Scanner
now works properly
 2014-05-29 10:43:00 -05:00
Tom Sellers aa85cb8195 Update powershell.rb 2014-05-29 05:46:32 -05:00
James Lee 572e4f2bdf Fix dumb missing options and add spec 2014-05-28 16:32:38 -05:00
David Maloney 1bc2140fa6 Telnet LoginScanner basics 
basic Telnet LoginScanner with shell
specs. Need to test functionality
and write additional specs
 2014-05-28 14:47:58 -05:00
David Maloney 747395e383 create telnet clinet mixin 
copy paste existing stuff repurposed for use
in a real class instead of a metasploit module
 2014-05-28 13:53:50 -05:00
Lance Sanchez 07a61ae696 adding in changes from before my vacation.. 
MSP-9678
 2014-05-28 13:18:28 -05:00
David Maloney ca4c942ceb Merge branch 'staging/electro-release' into feature/MSP-9640/cred_creation 2014-05-28 09:40:44 -05:00
David Maloney 967b0d49b1 Merge branch 'master' into staging/electro-release 
Conflicts:
	Gemfile
	Gemfile.lock
 2014-05-28 09:39:56 -05:00
David Maloney deabd1c3b0 tidy the YARD 
some more cleanup, in the YARD
docs this time.
 2014-05-28 09:30:45 -05:00
James Lee 3ac2182984 First stab at axis2 login scanner 2014-05-27 23:53:04 -05:00
Tom Sellers ae1b7e564b Update powershell.rb 2014-05-27 05:18:00 -05:00
William Vu 704e4d78ca Fix typo in client_request.rb comment 2014-05-26 23:55:48 -05:00
William Vu 0133e861f8 Fix typo 2014-05-26 23:55:20 -05:00
William Vu 352e14c21a Land #3391, all vars_get msftidy warning fixes 2014-05-26 23:41:46 -05:00
Meatballs 1914e0abd3 Land 3393, Add session and framework vars to irb 2014-05-26 18:50:20 +01:00
jvazquez-r7 994891e9c5 Land #3383, @wchen-r7's [FixRM #8804] Fix / URIPATH for BrowserExploitServer 2014-05-25 19:51:30 -05:00
Spencer McIntyre 77e70d8bbe Add 2 more variables for meterpreter irb 2014-05-25 16:28:40 -04:00
Christian Mehlmauer da0a9f66ea Resolved all msftidy vars_get warnings 2014-05-25 19:29:39 +02:00
Tom Sellers 42a17cc085 Update powershell.rb 
To be clear, the shell that was tested with was 'windows/shell_reverse_tcp' delivered via 'exploit/windows/smb/psexec'

Additional changes required to fix regex to support the multiline output.  Also, InstanceId uses a lower case 'D' on the platforms I tested - PowerShell 2.0 on Windows 2003, Windows 7, Windows 2008 R2 as well as PowerShell 4.0 on Windows 2012 R2.

This method doesn't appear to be used anywhere in the Metasploit codebase currently.
 2014-05-25 08:59:42 -05:00
Tom Sellers 76b9273f10 Improve reliability of have_powershell 
I have a case where on a Windows 2008 R2 host with PowerShell 2.0 the 'have_powershell' method times out.  When I interactively run the command I find that the output stops after the PowerShell command and the token from 'cmd_exec' is NOT displayed.  When I hit return the shell then processes the '&echo <randomstring>' and generates the token that 'cmd_exec' was looking for.  I tried various versions of the PowerShell command string such as 'Get-Host;Exit(0)', '$PSVErsionTable.PSVersion', and '-Command Get-Host' but was unable to change the behavior.  I found that adding 'echo. | ' simulated pressing enter and did not disrupt the results on this host or on another host where the 'have_powershell' method functioned as expected.

There may be a better solution, but this was the only one that I could find.
 2014-05-25 08:07:38 -05:00
David Maloney 32b88c2db6 final fixes to login creation 2014-05-23 10:58:21 -05:00
dmaloney-r7 85737d1235 Merge pull request #22 from rapid7/feature/MSP-9646/afp-loginscanner 
AFP login scanner
 2014-05-22 15:05:24 -05:00
dmaloney-r7 e062e88081 Merge pull request #23 from rapid7/feature/MSP-9671/tomcat-loginscanner 
Add Tomcat login scanner
 2014-05-22 15:01:47 -05:00
David Maloney fbacf80839 Merge branch 'staging/electro-release' into feature/MSP-9640/cred_creation 2014-05-22 14:39:17 -05:00
David Maloney 75d19e198b Merge branch 'staging/electro-release' of github.com:rapid7/metasploit-framework-private into staging/electro-release 2014-05-22 14:38:53 -05:00
David Maloney dcc6ed5351 Merge branch 'master' into staging/electro-release 2014-05-22 14:37:09 -05:00
David Maloney ac9af000af full cred creation rotuine done 
creating Logins as a seperate method, both
methods are done and fully documented.
 2014-05-22 13:53:26 -05:00