d3da883aa2
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8774 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 22:07:04 +00:00
baf64ed999
Remove trailing
...
git-svn-id: file:///home/svn/framework3/trunk@8771 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 22:01:43 +00:00
3c57fe6e81
add exploit module for cve-2010-0806
...
git-svn-id: file:///home/svn/framework3/trunk@8770 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 22:01:32 +00:00
efbdaba298
Making telnet timeouts much less disasterous, since they can happen pretty commonly.
...
git-svn-id: file:///home/svn/framework3/trunk@8769 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 21:54:20 +00:00
542a9a0617
Report MySQL application-level protocol errors (such as host not allowed messages).
...
git-svn-id: file:///home/svn/framework3/trunk@8767 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 17:56:03 +00:00
aaea62bb92
Report the correct local/peer names for the session information. Fix a return value check
...
git-svn-id: file:///home/svn/framework3/trunk@8765 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 07:13:18 +00:00
b419a40c45
finished periodic missing CVE reference check (hint vulns w/o CVEs here!)
...
also some minor cleanups here and there
git-svn-id: file:///home/svn/framework3/trunk@8762 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 05:58:01 +00:00
3b9524697f
add verbose option
...
git-svn-id: file:///home/svn/framework3/trunk@8761 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 05:55:47 +00:00
4415e3fbbf
Fixing up ssh_login reporting.
...
git-svn-id: file:///home/svn/framework3/trunk@8759 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 22:07:04 +00:00
df395f3ff0
added Brett Gervasoni to authors
...
git-svn-id: file:///home/svn/framework3/trunk@8758 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 09:12:57 +00:00
52647260b3
add offset for alternative file open methods
...
git-svn-id: file:///home/svn/framework3/trunk@8757 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 05:57:22 +00:00
a239963a7d
Handle wrapped TCP services better
...
git-svn-id: file:///home/svn/framework3/trunk@8756 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 05:38:28 +00:00
fbc157df56
add exploit module for cve-2010-0688
...
git-svn-id: file:///home/svn/framework3/trunk@8754 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 01:04:44 +00:00
5543e4551f
add auxiliary dos module for apache mod_isapi bug
...
git-svn-id: file:///home/svn/framework3/trunk@8752 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 23:21:17 +00:00
b1973c6630
Adds detection and exploitation coverage for the Energizer Duo trojan
...
git-svn-id: file:///home/svn/framework3/trunk@8749 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 19:06:50 +00:00
46cc8e538f
The new x64 VNC inject payload stage.
...
git-svn-id: file:///home/svn/framework3/trunk@8746 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 14:51:43 +00:00
a35817f0cc
Store more information
...
git-svn-id: file:///home/svn/framework3/trunk@8742 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 13:52:39 +00:00
d5b85db27f
Fixes a false positive when the server always replies with 200 OK
...
git-svn-id: file:///home/svn/framework3/trunk@8740 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 05:26:33 +00:00
a5d05fc2fb
Fix up a typo
...
git-svn-id: file:///home/svn/framework3/trunk@8738 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 04:39:06 +00:00
5cc63cf983
Report the epm service as well
...
git-svn-id: file:///home/svn/framework3/trunk@8737 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 04:35:14 +00:00
a0d5ce473b
add (staged) to the descriptions of staged payloads, fixes #955
...
git-svn-id: file:///home/svn/framework3/trunk@8733 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-06 05:27:13 +00:00
83419da78b
check for vulnerable version in JS prior to triggering vuln, closes #1011
...
git-svn-id: file:///home/svn/framework3/trunk@8731 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-06 04:36:16 +00:00
5ce7b4d186
Pass this_cred for tomcat_mgr_login
...
git-svn-id: file:///home/svn/framework3/trunk@8730 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 20:05:01 +00:00
35c4a1d123
handle missing targets more gracefully, stub out linux and x86_64 support detection
...
git-svn-id: file:///home/svn/framework3/trunk@8729 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:35:18 +00:00
28f4eb2fd9
handle failed logins - fixes #1014
...
git-svn-id: file:///home/svn/framework3/trunk@8728 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:05:12 +00:00
de9e944ad9
fix compile error
...
git-svn-id: file:///home/svn/framework3/trunk@8723 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 06:47:19 +00:00
3d1f773f18
Reimplementing DB2's auth checker to use the same methods as the other auth_brute modules.
...
git-svn-id: file:///home/svn/framework3/trunk@8722 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 00:44:39 +00:00
73da75a931
big update to cmd stager
...
1. returns array of commands instead of big blob of lines
2. combine lines together when possible (to reduce # of commands to execute)
3. add cmd stager usage in mssql_payload
4. remove extraneous stuff here and there
git-svn-id: file:///home/svn/framework3/trunk@8721 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 00:29:44 +00:00
a5e187bd69
Add the ability to slow down brute force sessions.
...
git-svn-id: file:///home/svn/framework3/trunk@8719 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 23:29:26 +00:00
1629bf7bf0
move http_send_cmd into cmdweb test exploit
...
git-svn-id: file:///home/svn/framework3/trunk@8716 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 21:00:58 +00:00
0ed5fc1af1
change VERBOSE option from OptString to OptBool
...
git-svn-id: file:///home/svn/framework3/trunk@8715 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 20:59:49 +00:00
0900314a15
redirect requests without subdirectories
...
git-svn-id: file:///home/svn/framework3/trunk@8713 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 18:28:05 +00:00
4bd857b53e
add exploit module for cve-2008-3558
...
git-svn-id: file:///home/svn/framework3/trunk@8712 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 17:41:26 +00:00
bf2a64b3ac
use new argument list for get_host
...
git-svn-id: file:///home/svn/framework3/trunk@8711 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:59:55 +00:00
4f08e6fd25
treat the database as write-only and use the (improved) target cache, fixes 986
...
git-svn-id: file:///home/svn/framework3/trunk@8708 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 07:37:58 +00:00
e8f22a7136
add exploit module for cve-2008-3878
...
git-svn-id: file:///home/svn/framework3/trunk@8705 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 06:19:37 +00:00
5aebed8fe7
add exploit module for cve-2008-5002
...
git-svn-id: file:///home/svn/framework3/trunk@8703 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 21:17:31 +00:00
b70b17b42a
don't use undefined variables.
...
git-svn-id: file:///home/svn/framework3/trunk@8701 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 19:51:05 +00:00
fb5906385d
add exploit module for cve-2009-1534
...
git-svn-id: file:///home/svn/framework3/trunk@8698 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 18:12:37 +00:00
d86575701d
added CVE, KB references
...
git-svn-id: file:///home/svn/framework3/trunk@8696 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 03:20:58 +00:00
c07b47b30b
explicitly rescue timeouts since they inherit from ::Interrupt on ruby 1.8
...
git-svn-id: file:///home/svn/framework3/trunk@8694 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 23:08:05 +00:00
7d3ac25586
Adds Citrix-ICA to the UDP sweep discovery module.
...
git-svn-id: file:///home/svn/framework3/trunk@8693 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 18:48:28 +00:00
7a37934a01
process autorun scripts for telnet_login and ssh_login
...
1. create session.process_autoruns in Msf::Sessions::CommandShell
2. call process_autoruns from within the handler on_session code
4. set user_input and user_output in sessions base set_from_exploit method
5. remove on_session from Msf::Sessions::CommandShellOptions
6. include CommandShellOptions into telnet_login and ssh_login
7. call sess.process_autoruns from telnet_login and ssh_login
8. celebrate (while crossing fingers of course)!
git-svn-id: file:///home/svn/framework3/trunk@8692 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 18:07:50 +00:00
09a669875c
Bumping the minimum version of MySQL to try back to 4.1.20, no problems seen
...
on that build.
git-svn-id: file:///home/svn/framework3/trunk@8691 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 16:52:22 +00:00
074b4ada44
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8688 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 12:23:17 +00:00
4b59410507
rename module per ms bulletin
...
git-svn-id: file:///home/svn/framework3/trunk@8686 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 07:50:25 +00:00
d0153225a0
add exploit module for cve-2009-1612
...
git-svn-id: file:///home/svn/framework3/trunk@8685 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 02:26:55 +00:00
cc9113397c
add exploit for IE Windows Help vulnerability
...
git-svn-id: file:///home/svn/framework3/trunk@8682 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 23:14:20 +00:00
453451a26d
Check the version number of the remote MySQL server before attempting
...
to log in. Sadly, the library we're using right now doesn't know
how to correctly negotiate 4.x and 3.x versions of MySQL. Until that
gets resolved (by writing a new library for these old versions),
this will at least prevent false positives/negatives from getting
reported.
git-svn-id: file:///home/svn/framework3/trunk@8681 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 22:56:00 +00:00
e2af2f9ab9
Again.
...
git-svn-id: file:///home/svn/framework3/trunk@8680 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 20:20:37 +00:00
Steve Tornio