adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
25,805 Commits 27 Branches 1,043 Tags
7d1cd22acab75faef3d9d7e6ae4e68839e2dcdfd
Commit Graph

2796 Commits

Author SHA1 Message Date
James Lee 51a9a763c0 Move error_name to InvalidPacket and check for nil 
MSP-10713
 2014-07-15 15:02:53 -05:00
dmaloney-r7 7184d2ed5e Merge pull request #107 from rapid7/feature/MSP-9704/pop3-module-refactor 
Refactor pop3_login
 2014-07-14 13:27:11 -05:00
James Lee e68dcdbb06 Refactor pop3_login 
Also adjusts timeout in the scanner class to account for Dovecot's
default "Authentication Penalty" delay.

See http://wiki2.dovecot.org/Authentication/Penalty
 2014-07-11 17:26:49 -05:00
James Lee 62a2f1dc0a Credential -> Model for realm key constants 2014-07-10 14:30:25 -05:00
James Lee c5226352de Un-login-able should be print_status, not good 2014-07-09 17:45:41 -05:00
James Lee 7d9c0da691 Record correct creds with non-success status 2014-07-09 13:26:49 -05:00
James Lee afe36ab6ad Merge branch 'staging/electro-release' into feature/MSP-9707/smb-bruteforce-refactor 
Conflicts:
	lib/metasploit/framework/login_scanner/smb.rb
 2014-07-09 12:50:24 -05:00
David Maloney aeda74f394 Merge branch 'master' into staging/electro-release 
Conflicts:
	Gemfile
	Gemfile.lock
 2014-07-07 16:41:23 -05:00
James Lee 2a9ac0a007 Axe SSHKey in favor of a unified SSH 2014-07-07 13:35:17 -05:00
Christian Mehlmauer b15297eee0 Land #3490, @Meatballs1 tns listener verbose output 2014-07-03 16:20:38 +02:00
Rob Fuller c6675a2900 Add verbosity to Jenkins Enum 2014-07-02 13:25:18 -04:00
William Vu 68ba79aa16 Remove access_level, since we don't have access 2014-07-01 17:53:18 -05:00
William Vu 5fa0981026 Add login and move print_status 2014-07-01 17:48:42 -05:00
William Vu 864f0f1bbc Update description, loot -> creds 2014-07-01 11:46:21 -05:00
William Vu 3079c47d41 Refactor oracle_hashdump creds 2014-07-01 01:07:22 -05:00
jvazquez-r7 bf9c64d3ee Land #3483, @hmoore-r7's title change for ipmi_cipher_zero 2014-06-30 17:31:12 -05:00
Meatballs cf720a88e8 Be verbose about error codes 2014-06-30 19:10:03 +01:00
Meatballs f8ef6c50b4 Land #3470, Cerberus SFTP User Enumeration 2014-06-30 19:01:15 +01:00
Meatballs 94c5a0b603 More verbose around connection errors 2014-06-30 18:56:30 +01:00
Meatballs 183d601aae Small tidyup 2014-06-30 18:17:49 +01:00
attackdebris 004afa6e0c Clean commit of Cerberus FTP User Enumeration Module 2014-06-30 17:53:46 +01:00
HD Moore 72d8d8a40c RAKP defines auth, not cipher-0 bypass, see below. 
Dan Farmer noted that the RAKP reference in the title was not correct
and that RAKP is a separate issue and protocol implementation than
the use of Cipher Zero to perform an authentication bypass.

Cosmetic only change
 2014-06-30 00:52:40 -05:00
David Maloney 9cec330f05 Merge branch 'master' into staging/electro-release 2014-06-26 10:22:30 -05:00
James Lee 70fd3344fd Merge branch 'feature/MSP-9713/jtr_crack_fast' into staging/electro-release 2014-06-25 14:15:50 -05:00
James Lee 4e0bcc123d More useful msg when domain is ignored 2014-06-25 10:01:07 -05:00
James Lee f225ac92ab Refactor smb_login 
Maintains the new admin check functionality added in
rapid7/metasploit-framework#3330
 2014-06-25 04:13:37 -05:00
James Lee 85611702f9 Merge branch 'upstream-master' into feature/MSP-9707/smb-bruteforce-refactor 2014-06-23 23:58:47 -05:00
David Maloney 57cc390681 fix how we save mssql hashes 
since the 0x prefix is neccisary, just save the hash that way in the first place
 2014-06-23 12:38:36 -05:00
David Maloney c61f59d8a9 make sure to report the realm 2014-06-23 12:08:49 -05:00
David Maloney dadd959c6a refactor postgres hash cracking 
refactored postgres_hashdump to report the creds
it logged in with. added a new jtr module for
dealing with postgres hashes instead of the
crappy old md5 one we had before
 2014-06-23 12:02:39 -05:00
jvazquez-r7 469fae7058 Land #3465, @hmoore-r7's module for SMC IPMI Port 49152 file exposure vulnerability 2014-06-20 17:22:28 -05:00
jvazquez-r7 252d917bbb Fix msftidy and favor && over and 2014-06-20 17:21:10 -05:00
David Maloney d80f4d9e67 refactor jtr_mysql_fast and mysql_hashdump 
have mysql_hashdump report the cred it logged in with
refactor jtr_mysql to use the new jtr cracker
 2014-06-20 15:21:35 -05:00
James Lee 669779defb SMB cred creation refactor 2014-06-20 15:17:40 -05:00
James Lee 35c0ef0c68 Merge branch 'feature/MSP-9716/mssql_crack' into staging/electro-release 2014-06-20 12:39:07 -05:00
David Maloney 93da4dc561 account for mssql12 format 
mssql2012 and later uses a new format. some versions
of john support this and some do not yet
 2014-06-19 16:11:14 -05:00
David Maloney 4453dcdc8e some minor fixes 2014-06-19 15:45:24 -05:00
HD Moore fa5fc724eb Fix the disclosure date 2014-06-19 15:36:17 -05:00
HD Moore f7fd17106a Add the final cari.net URL 2014-06-19 15:33:06 -05:00
James Lee 9421beedb3 Refactor http_login 2014-06-19 14:12:21 -05:00
David Maloney 53352924d2 Merge branch 'staging/electro-release' into feature/MSP-9716/mssql_crack 
Conflicts:
	Gemfile
 2014-06-19 12:45:53 -05:00
David Maloney bb120fd1e2 report access level on mssql_hashdump 
if we know we have admin access on mssql hashdumop
we should report that on the Login object.
 2014-06-19 12:20:42 -05:00
David Maloney d3c77b345c report cracked credentials 
also makes mssql_hashdump report the credentials it logged in with
 2014-06-19 12:16:49 -05:00
dmaloney-r7 190923e9a7 Merge pull request #79 from rapid7/feature/MSP-9699/axis2-refactor 
Refactor axis_login
 2014-06-18 11:43:23 -05:00
David Maloney 4c3cc793ba fix missing .present? 2014-06-18 10:52:27 -05:00
David Maloney 58b016202b Merge branch 'staging/electro-release' into feature/MSP-9709/ssh-pubkey 2014-06-18 10:50:29 -05:00
David Maloney 2b0bb608b1 Merge branch 'master' into staging/electro-release 2014-06-18 10:49:58 -05:00
James Lee 5f176a56cb Fix typo 2014-06-17 17:16:46 -05:00
James Lee d114dd1da2 Fix bugs. :fail != :failed 2014-06-17 17:12:50 -05:00
James Lee d6de0da5a7 Refactor axis_login 2014-06-17 17:07:53 -05:00