metasploit-gs/lib/msf/core/exploit at 6e8e6ef16a1cade52107d3a79c1c0569c4fecd4e - metasploit-gs - GreySec Git

adam/metasploit-gs

Files

T

History

Tod Beardsley 6e8e6ef16a Fixes #769 by implementing a brute force module for Postgres. A couple notes: If you guess wrong at the database name, you still can try to login with a username and password -- you'll get a successful auth, but then get disconnected. So, that's pretty neat.

Also, since Postgres-PR uses the stock TCPSocket object, connection timeouts and other errors take forever. This is avoided in the brute forcer by pre-validating the connection with Rex::Socket, but this is a hack -- it would be better to convert Postgres-PR to a Rex::Socket flavor, so you also get nicer error messages and what all. I did fork it off the main distribute it already anyway, so may as well will open a feature bug on this, but it's pretty low priority.




git-svn-id: file:///home/svn/framework3/trunk@8366 4d416f70-5f16-0410-b530-b9f4589650da

2010-02-03 21:45:13 +00:00

..

arkeia.rb

Another large number of warnings fixed by Yoann Guillot

2009-10-25 17:18:23 +00:00

browser_autopwn.rb

allow the browser_autopwn mixin access to exploit modules' Rank constants. see 628

2009-12-15 07:21:17 +00:00

brute.rb

Code cleanups

2008-10-19 21:03:39 +00:00

brutetargets.rb

Remove "#{xxx.to_s}" redundancies ('s/\(#{[^}]*\)\.to_s}/\1}/g')

2008-12-19 07:11:08 +00:00

capture.rb

See #794 . Fixing this better to ensure that we never end up with a nil for a source mac address on ARP packets.

2010-02-02 22:05:24 +00:00

db2.rb

See #726 . Cleaning up my gross whitespace.

2010-01-28 23:08:39 +00:00

dcerpc_epm.rb

Fixes #441 . Unpack the version in a way that works with 1.9

2009-11-02 15:09:54 +00:00

dcerpc_lsa.rb

Fixes #441 . Unpack the version in a way that works with 1.9

2009-11-02 15:09:54 +00:00

dcerpc_mgmt.rb

Fixes #441 . Unpack the version in a way that works with 1.9

2009-11-02 15:09:54 +00:00

dcerpc.rb

Adds the check() method and scanner module to ms08-067, massively upgrades the smb/version scanner, with better SP detection and remote language pack detection.

2008-11-03 09:17:08 +00:00

dcerpc.rb.ut.rb

Fixes #441 . Unpack the version in a way that works with 1.9

2009-11-02 15:09:54 +00:00

dect_coa.rb

Merge the DECT code from DK, clean some things up

2009-09-12 15:40:33 +00:00

dialup.rb

Parenthesized arguments

2009-07-08 20:51:47 +00:00

egghunter.rb

Code cleanups

2008-10-19 21:03:39 +00:00

fileformat.rb

Fix up the fileformat mixin; some slightly wrong ruby and an extra \n at the end of the generated files

2009-03-14 01:28:59 +00:00

fmtstr.rb

add exploitability detection (by trying %n)

2009-12-09 23:53:26 +00:00

ftp.rb

fix 1.9.1 compatability

2009-12-08 23:50:29 +00:00

ftpserver.rb

Fixes #434 . Always use Timeout.timeout() -- on Ruby 1.9 this results in the Timeout::TimeoutError exception vs RuntimeError

2009-11-02 18:14:57 +00:00

http.rb

See #708 . Sets a default timeout for http requests

2009-12-21 22:42:21 +00:00

imap.rb

Another large number of warnings fixed by Yoann Guillot

2009-10-25 17:18:23 +00:00

ip.rb

comment typo

2009-07-15 06:40:23 +00:00

java.rb

Added STDERR to pure java payload, cleaned up user's view.

2010-01-28 22:53:36 +00:00

kernel_mode.rb

Another large number of warnings fixed by Yoann Guillot

2009-10-25 17:18:23 +00:00

lorcon2.rb

Add channel support back in, patch from dragorn

2009-11-09 19:52:18 +00:00

lorcon.rb

Remove "#{xxx.to_s}" redundancies ('s/\(#{[^}]*\)\.to_s}/\1}/g')

2008-12-19 07:11:08 +00:00

mixins.rb

See #730 . First pass at a Postgres Query module. Doesn't handle errors very well yet (still need to work all that out and create some test cases).

2010-02-02 01:40:48 +00:00

mssql_commands.rb

Merge in David Kennedy's new MSSQL changes (centralized SQL query mixin)

2009-10-23 19:15:32 +00:00

mssql.rb

minor whitespace change

2010-01-20 02:31:30 +00:00

mysql.rb

use the authbrute mixin

2010-01-18 22:22:22 +00:00

ndmp.rb

Another large number of warnings fixed by Yoann Guillot

2009-10-25 17:18:23 +00:00

oracle.rb

Module loading broken again by revision r7709.

2009-12-05 11:10:46 +00:00

pdf_parse.rb

Fixes #452 . Solves a number of crashes caused by Regexp.new() on 1.9 without an explicit language specified

2009-11-02 17:09:13 +00:00

pop2.rb

Another large number of warnings fixed by Yoann Guillot

2009-10-25 17:18:23 +00:00

postgres.rb

Fixes #769 by implementing a brute force module for Postgres. A couple notes: If you guess wrong at the database name, you still can try to login with a username and password -- you'll get a successful auth, but then get disconnected. So, that's pretty neat.

2010-02-03 21:45:13 +00:00

seh.rb

Code cleanups

2008-10-19 21:03:39 +00:00

seh.rb.ut.rb

Code cleanups

2008-10-19 21:03:39 +00:00

smb.rb

Clean up trailing whitespace

2009-12-26 18:29:24 +00:00

smtp_deliver.rb

Updates the autopwn matching algorithm to use multiple ports and service names

2009-10-28 18:04:50 +00:00

smtp.rb

Updates the autopwn matching algorithm to use multiple ports and service names

2009-10-28 18:04:50 +00:00

snmp.rb

Oops

2009-05-08 20:27:40 +00:00

sunrpc.rb

a few fixes to sunrpc code

2010-02-03 20:30:09 +00:00

tcp.rb

Cleanup for tcp mixin, report smb version better, downcase service names

2010-01-05 18:47:04 +00:00

tcp.rb.ut.rb

Code cleanups

2008-10-19 21:03:39 +00:00

telnet.rb

add a telnet login scanner

2010-01-20 03:25:34 +00:00

tns.rb

adds support for a 10g packet given the right connect string.

2009-08-05 00:46:35 +00:00

udp.rb

Use the {add|remove}_socket methods in the IP, TCP and UDP mixins instead doing

2009-07-09 06:58:11 +00:00