github/metasploit-framework
1
Fork 0
mirror of https://github.com/rapid7/metasploit-framework synced 2024-11-05 14:57:30 +01:00
Code Releases Activity
8,239 Commits 20 Branches 919 Tags 1.3 GiB
cb65bf9163
Commit Graph

742 Commits

Author SHA1 Message Date
James Lee
998509529c don't consider compression when looking for a tlv 
git-svn-id: file:///home/svn/framework3/trunk@9527 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-15 17:55:37 +00:00
James Lee
dacd38c49c consolidate debugging functions in the file 
git-svn-id: file:///home/svn/framework3/trunk@9517 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-15 00:33:24 +00:00
James Lee
7498c30b30 replace $setsockopt with a function, remove unused hexdump function 
git-svn-id: file:///home/svn/framework3/trunk@9516 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-14 23:20:57 +00:00
James Lee
e2740c9e2b watch stderr as well as stdout 
git-svn-id: file:///home/svn/framework3/trunk@9513 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-14 05:01:37 +00:00
James Lee
a39a0df5dc shell interaction works in linux, still broken in windows. kill and ps work in windows now 
git-svn-id: file:///home/svn/framework3/trunk@9512 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-13 16:44:22 +00:00
James Lee
975e2c326e ps now works in windows by shelling out to tasklist.exe 
git-svn-id: file:///home/svn/framework3/trunk@9497 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 22:07:23 +00:00
Joshua Drake
74b30535c4 oops, forgot swf 
git-svn-id: file:///home/svn/framework3/trunk@9474 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-10 20:14:45 +00:00
James Lee
4f2c63dae7 add templates for creating linux armle ELFs, thanks Civ 
git-svn-id: file:///home/svn/framework3/trunk@9455 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-09 07:20:21 +00:00
James Lee
d47ded220f overhaul socket handling to use fsockopen if socket_create isn't available. portfwd now works on default Windows and Ubuntu installs 
git-svn-id: file:///home/svn/framework3/trunk@9450 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-08 07:59:36 +00:00
James Lee
f13417be08 stdapi is still in the base payload, but this file needs to exist 
git-svn-id: file:///home/svn/framework3/trunk@9446 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-07 17:00:47 +00:00
et
334f4915f1 Add parsers 
git-svn-id: file:///home/svn/framework3/trunk@9441 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-06 03:48:25 +00:00
Mike Smith
0de01754ff Change event.info db column type from varchar(65535) to text 
git-svn-id: file:///home/svn/framework3/trunk@9434 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-05 00:33:31 +00:00
James Lee
ff0af3fb5a turn off debug logging 
git-svn-id: file:///home/svn/framework3/trunk@9428 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-04 15:59:45 +00:00
James Lee
07ec574c3c fail if the socket couldn't connect 
git-svn-id: file:///home/svn/framework3/trunk@9427 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-04 15:28:11 +00:00
HD Moore
b3b2ac9ef1 Adds hsagent 
git-svn-id: file:///home/svn/framework3/trunk@9421 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-04 14:16:40 +00:00
HD Moore
17793d8ede Add new SID: frealek: an addition to metasploit/data/wordlists/sid.txt : "CLRExtProc", source : default listener.ora from Oracle XE 10g 10.2.0.1.0 
git-svn-id: file:///home/svn/framework3/trunk@9420 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-04 14:11:39 +00:00
James Lee
b23696a916 Woot, portfwd works. 
git-svn-id: file:///home/svn/framework3/trunk@9418 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-04 02:43:17 +00:00
James Lee
c068e8e6dc standardize whitespace 
git-svn-id: file:///home/svn/framework3/trunk@9413 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-03 23:18:21 +00:00
James Lee
5c87771a89 basic client sockets, connect and write work 
git-svn-id: file:///home/svn/framework3/trunk@9404 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-03 04:45:48 +00:00
James Lee
e4e2bc61a4 break out of the main loop when we get eof (or any other area) on the main socket. fixes infinite loop in the server when client exits 
git-svn-id: file:///home/svn/framework3/trunk@9402 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-03 00:24:55 +00:00
James Lee
975b207710 switch debug logging to the webserver error_log for easier perusement; add fs_stat which fixes downloads; only return success from delete_file if it actually deleted the file 
git-svn-id: file:///home/svn/framework3/trunk@9399 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-02 22:43:03 +00:00
James Lee
4f0ee6d44c add support for deleting files 
git-svn-id: file:///home/svn/framework3/trunk@9398 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-02 18:36:14 +00:00
James Lee
cf4597df3f use posix_getuid if it exists 
git-svn-id: file:///home/svn/framework3/trunk@9397 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-02 18:08:09 +00:00
James Lee
fe43e91bad initial commit of php meterpreter, see #391. upload, download, cd, pwd, ls, cat, sysinfo, getpid, and ps all work fine. 
* execute works with channel read/write but no interact yet
* getuid is weird, since php's get_current_user() and getmyuid() return the owner of the file instead of the running uid (wtf?)



git-svn-id: file:///home/svn/framework3/trunk@9393 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-02 08:28:39 +00:00
Joshua Drake
6d1e7bdaa5 big commit - lots of cmdstager changes 
created 4 cmd stagers (instead of just one): CmdStagerVBS, CmdStagerDebugAsm, CmdStagerDebugWrite, CmdStagerTFTP
created a TFTPServer mixin
created Msf::Exploit::EXE mixin to generate executables
updated all uses of CmdStager to use CmdStagerVBS for the time being
add exploit for cve-2001-0333 using CmdStagerTFTP
updated tftp server to wait for transfers to finish (up to 30 seconds) before shutting down
write debug.exe stager stub in 16-bit assembly (used in CmdStagerDebugAsm)


git-svn-id: file:///home/svn/framework3/trunk@9375 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-26 22:39:56 +00:00
James Lee
0c1878f620 fix buggy migration that caused attempts to set the boundary field in workspace before it existed, fixes #1724 
git-svn-id: file:///home/svn/framework3/trunk@9269 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-10 06:59:33 +00:00
James Lee
abbd6aeef7 change vulns.data to vulns.info, fixes #1660 
git-svn-id: file:///home/svn/framework3/trunk@9265 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-09 23:32:43 +00:00
HD Moore
47cea7bbb3 Respin of the service file 
git-svn-id: file:///home/svn/framework3/trunk@9226 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-05 18:25:26 +00:00
Joshua Drake
0e72894e58 more cleanups 
git-svn-id: file:///home/svn/framework3/trunk@9212 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-03 17:13:09 +00:00
HD Moore
cbd675e369 Add user.prefs 
git-svn-id: file:///home/svn/framework3/trunk@9191 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-01 22:02:00 +00:00
HD Moore
501820d9cb Handle deeper objects through recursion 
git-svn-id: file:///home/svn/framework3/trunk@9182 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-30 21:43:28 +00:00
HD Moore
661293c906 Patch the xml serializer to force binary encoding with newer versions of Ruby - fixes some annoying serialization issues 
git-svn-id: file:///home/svn/framework3/trunk@9181 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-30 21:35:03 +00:00
Mike Smith
4c1aa287a5 Add workspace.description and host.comments database columns. 
git-svn-id: file:///home/svn/framework3/trunk@9173 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-29 22:22:05 +00:00
James Lee
16cd48e4dc turn constants into class vars, fixes #1767 
git-svn-id: file:///home/svn/framework3/trunk@9172 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-29 21:49:18 +00:00
Joshua Drake
879a92ffbf change WriteLine to Write 
git-svn-id: file:///home/svn/framework3/trunk@9089 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-16 00:24:56 +00:00
Joshua Drake
5aea21fcb8 speel more godoer 
git-svn-id: file:///home/svn/framework3/trunk@9080 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-15 02:09:08 +00:00
Joshua Drake
e5d0e54de8 reduce payload space to 2048 
git-svn-id: file:///home/svn/framework3/trunk@9078 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-14 22:16:31 +00:00
Joshua Drake
f3bc38dc81 use nul padding 
git-svn-id: file:///home/svn/framework3/trunk@9077 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-14 22:15:02 +00:00
Joshua Drake
a9885c041d use nul padding 
git-svn-id: file:///home/svn/framework3/trunk@9076 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-14 22:14:21 +00:00
Joshua Drake
7c9d347c23 use nul padding 
git-svn-id: file:///home/svn/framework3/trunk@9075 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-14 22:14:08 +00:00
Joshua Drake
730b27eed1 fixup some of the payload exe generation/templating stuff, add pe/dll template+src 
git-svn-id: file:///home/svn/framework3/trunk@9073 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-14 21:44:23 +00:00
Joshua Drake
b251c0c4b7 re-organize template source 
git-svn-id: file:///home/svn/framework3/trunk@9072 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-14 20:12:00 +00:00
Mario Ceballos
c4fbda758f add db2admin/db2admin to the default wordlist. 
git-svn-id: file:///home/svn/framework3/trunk@9043 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-08 23:16:28 +00:00
et
0e78719eaf Simple parsing modules 
git-svn-id: file:///home/svn/framework3/trunk@9042 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-08 03:40:08 +00:00
et
62ba505f10 Extra parsing modules 
git-svn-id: file:///home/svn/framework3/trunk@9030 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-07 03:32:50 +00:00
et
b2ac91dd03 Dumb error on path handling 
git-svn-id: file:///home/svn/framework3/trunk@9014 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-05 03:09:48 +00:00
et
097a9614c9 SWF decompilation using flare 
git-svn-id: file:///home/svn/framework3/trunk@9008 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-04 05:22:26 +00:00
et
39c371acf9 Parsing fixes 
git-svn-id: file:///home/svn/framework3/trunk@8991 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-03 05:52:22 +00:00
HD Moore
c6c956ab46 Small patch to enable a new stager 
git-svn-id: file:///home/svn/framework3/trunk@8984 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-03 05:21:15 +00:00
Mike Smith
86ac69b394 Add columns to workspaces & hosts tables. 
git-svn-id: file:///home/svn/framework3/trunk@8956 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-29 22:26:35 +00:00
James Lee
0391cd5f28 typo fix 
git-svn-id: file:///home/svn/framework3/trunk@8951 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-29 06:04:52 +00:00
HD Moore
d49ed8b366 Expand serialized data fields 
git-svn-id: file:///home/svn/framework3/trunk@8946 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-28 16:49:53 +00:00
et
70b15c923c more detail in form parsing 
git-svn-id: file:///home/svn/framework3/trunk@8930 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-26 03:15:00 +00:00
et
4265707030 start to parse forms 
git-svn-id: file:///home/svn/framework3/trunk@8929 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-26 02:39:19 +00:00
HD Moore
091abc9c6b Some extra defaults 
git-svn-id: file:///home/svn/framework3/trunk@8922 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-25 21:58:24 +00:00
HD Moore
3a88909c06 Rename for consistency 
git-svn-id: file:///home/svn/framework3/trunk@8903 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-24 20:33:21 +00:00
HD Moore
aa1c65f4e6 Add a quick and dirty HTTP scanner 
git-svn-id: file:///home/svn/framework3/trunk@8901 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-24 20:28:09 +00:00
Stephen Fewer
75661291fa and the bins, tiny modification to the ruby side and update the README. 
git-svn-id: file:///home/svn/framework3/trunk@8891 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-24 00:03:32 +00:00
HD Moore
e3fd6e18d3 Add a generic purpose field 
git-svn-id: file:///home/svn/framework3/trunk@8868 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-22 00:08:17 +00:00
et
5949b91612 Using hpricot 
git-svn-id: file:///home/svn/framework3/trunk@8862 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-21 00:13:12 +00:00
HD Moore
8e058e40cb Rename user to username 
git-svn-id: file:///home/svn/framework3/trunk@8838 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-17 14:03:25 +00:00
Carlos Perez
f49d84992c Applied Patch provided by Rob Fuller Mubix 
git-svn-id: file:///home/svn/framework3/trunk@8820 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-15 00:37:45 +00:00
HD Moore
5e26eb9498 Adds name and info to the loot table: 
git-svn-id: file:///home/svn/framework3/trunk@8816 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-14 15:38:52 +00:00
Joshua Drake
0f0d6b9dff add OWASP BWA root user/pass to default lists 
git-svn-id: file:///home/svn/framework3/trunk@8810 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-13 08:28:48 +00:00
HD Moore
9288f34fbf Add a results column 
git-svn-id: file:///home/svn/framework3/trunk@8804 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-12 15:58:02 +00:00
HD Moore
5957dd5393 Add tasks 
git-svn-id: file:///home/svn/framework3/trunk@8791 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-11 18:42:21 +00:00
Stephen Fewer
edf030df53 ...and finally the bins! 
git-svn-id: file:///home/svn/framework3/trunk@8789 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-11 17:12:31 +00:00
HD Moore
3d601c0be9 Add a new table 
git-svn-id: file:///home/svn/framework3/trunk@8778 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-11 03:02:13 +00:00
HD Moore
bd3d6b55f6 Add alert fields 
git-svn-id: file:///home/svn/framework3/trunk@8766 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-10 17:31:47 +00:00
Stephen Fewer
31b7b637a4 The new VNC DLL bins. 
git-svn-id: file:///home/svn/framework3/trunk@8747 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-08 14:53:37 +00:00
Stephen Fewer
195d1ab4b8 Commit snojobs jpeg patch for espia with an x64 build and some minor changes on the ruby side (The 'screenshot' command is now 'screengrab' to avoid a future conflict with changes happening in stdapi). 
git-svn-id: file:///home/svn/framework3/trunk@8726 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-05 15:50:24 +00:00
Joshua Drake
d370ab62c6 don't wait for shell.run to finish 
git-svn-id: file:///home/svn/framework3/trunk@8718 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-04 22:33:16 +00:00
Joshua Drake
cc9113397c add exploit for IE Windows Help vulnerability 
git-svn-id: file:///home/svn/framework3/trunk@8682 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-01 23:14:20 +00:00
HD Moore
1fff5f447f Add loot content-type 
git-svn-id: file:///home/svn/framework3/trunk@8667 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-26 19:33:49 +00:00
HD Moore
20c96a191d Fix loots, add users 
git-svn-id: file:///home/svn/framework3/trunk@8593 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-22 22:57:02 +00:00
HD Moore
091e01978e Mad loot 
git-svn-id: file:///home/svn/framework3/trunk@8587 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-22 22:00:46 +00:00
Mike Smith
e59082f6b5 Added "created_at" and "updated_at" timestamps all primary tables (fixes #838) 
git-svn-id: file:///home/svn/framework3/trunk@8555 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-18 21:57:01 +00:00
Joshua Drake
4800d6841c commit cmd stager stuff from bannedit 
git-svn-id: file:///home/svn/framework3/trunk@8518 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-16 16:38:19 +00:00
Stephen Fewer
4ed9e71b76 Commit the meterpreter C side (and bins) for transparent zlib (zlib.c copied from the posix meterpreter source) compression of TLV's and channels. To use transparent compression with channels, create them with CHANNEL_FLAG_COMPRESS. To use transparent compression with any TLV value, bitwise or the TLV type with TLV_META_TYPE_COMPRESSED (Don't create the TLV type with TLV_META_TYPE_COMPRESSED as the compressed flag is removed on the remote end after compression). For consistency with the ruby side we could at a later stage add a boolean compress parameter to all the packet_add_tlv_* functions so you don't have to manually specify TLV_META_TYPE_COMPRESSED flag. 
git-svn-id: file:///home/svn/framework3/trunk@8515 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-16 14:56:24 +00:00
HD Moore
85c59038ed Add rsnake's RFI index 
git-svn-id: file:///home/svn/framework3/trunk@8504 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-15 15:37:04 +00:00
James Lee
2f4ab39712 new, much smaller, elf template 
git-svn-id: file:///home/svn/framework3/trunk@8448 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-11 02:31:36 +00:00
Joshua Drake
f82c53db2a move 70k binary to data/exploits instead of hex encoded in the exploit 
git-svn-id: file:///home/svn/framework3/trunk@8446 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-10 23:17:19 +00:00
Stephen Fewer
23901c83ea ...and the bins. 
git-svn-id: file:///home/svn/framework3/trunk@8433 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-09 16:48:13 +00:00
HD Moore
eaa930b9ce Sample wordlists 
git-svn-id: file:///home/svn/framework3/trunk@8419 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-08 23:00:02 +00:00
Tod Beardsley
d374c16662 Fixed up reporting for DB2 and tested; also added other default usernames for db2. 
git-svn-id: file:///home/svn/framework3/trunk@8411 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-08 18:54:50 +00:00
Tod Beardsley
0b6c44b2cb Adding reporting to postgres_login. Logging version info more verbosely for authenticated login, since it's way useful. 
git-svn-id: file:///home/svn/framework3/trunk@8408 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-08 17:35:58 +00:00
Stephen Fewer
b12ac46d9e ...and the stdapi bins. 
git-svn-id: file:///home/svn/framework3/trunk@8385 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-06 18:00:09 +00:00
et
accf417bb7 Fix crawl module example 
git-svn-id: file:///home/svn/framework3/trunk@8378 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-06 05:16:29 +00:00
Joshua Drake
4f9490f63f add default username/passwords for IBM Cognos Express Tomcat Manager 
git-svn-id: file:///home/svn/framework3/trunk@8368 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-04 20:34:55 +00:00
Tod Beardsley
6e8e6ef16a Fixes #769 by implementing a brute force module for Postgres. A couple notes: If you guess wrong at the database name, you still can try to login with a username and password -- you'll get a successful auth, but then get disconnected. So, that's pretty neat. 
Also, since Postgres-PR uses the stock TCPSocket object, connection timeouts and other errors take forever. This is avoided in the brute forcer by pre-validating the connection with Rex::Socket, but this is a hack -- it would be better to convert Postgres-PR to a Rex::Socket flavor, so you also get nicer error messages and what all. I did fork it off the main distribute it already anyway, so may as well will open a feature bug on this, but it's pretty low priority.




git-svn-id: file:///home/svn/framework3/trunk@8366 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-03 21:45:13 +00:00
natron
3ecabe1be9 Adds static signed jar and user messages letting them know. 
git-svn-id: file:///home/svn/framework3/trunk@8328 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-29 19:47:40 +00:00
HD Moore
42b331b47f Fix #790. Initialize the client state to be alive, tweak a few things on the meterpreter side 
git-svn-id: file:///home/svn/framework3/trunk@8327 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-29 18:52:44 +00:00
HD Moore
7684a6a260 Expand all data/info fields to 4k. Closes #791 
git-svn-id: file:///home/svn/framework3/trunk@8325 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-29 17:06:37 +00:00
Stephen Fewer
0099fedeb3 ...and the bins for the ps command fix. 
git-svn-id: file:///home/svn/framework3/trunk@8323 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-29 12:01:26 +00:00
Stephen Fewer
fc6eca57ec ...and finally the bins. 
git-svn-id: file:///home/svn/framework3/trunk@8320 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-29 01:14:23 +00:00
HD Moore
284af1260a Disable debug tracing 
git-svn-id: file:///home/svn/framework3/trunk@8312 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 23:10:58 +00:00
HD Moore
f3408fd327 Fixes #744. The core issue was the migrate code waiting on SetEvent, but the migrate stub was blocked on a WSASocket due to a pending packet_receive in the main server thread. Simply settin the thread termination signal did not work, as the SSL_read was already in progress. This change forcible terminates the main server thread before waiting on the event in order to bypass this deadlock. The downside is a failed migrate has no way to recover if it makes it this far. 
git-svn-id: file:///home/svn/framework3/trunk@8309 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 22:55:41 +00:00
natron
69ad365b46 Added STDERR to pure java payload, cleaned up user's view. 
git-svn-id: file:///home/svn/framework3/trunk@8308 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 22:53:36 +00:00
Stephen Fewer
6772efb79c ...and finally the bins. 
git-svn-id: file:///home/svn/framework3/trunk@8297 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 13:59:00 +00:00
natron
cd5e5880d2 Initial commit of Msf::Exploit::Java mixin and multi/browser/java_signed_applet exploit. 
git-svn-id: file:///home/svn/framework3/trunk@8267 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-27 19:46:39 +00:00
HD Moore
cf26fcb9ad Fixes #784. Adds .NET server support 
git-svn-id: file:///home/svn/framework3/trunk@8256 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-27 07:02:07 +00:00
HD Moore
9ea99c37a8 Updated DLL (Win7 - Trap) 
git-svn-id: file:///home/svn/framework3/trunk@8244 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-26 20:25:30 +00:00
HD Moore
4b637c4912 Updated with new target system, signature for 2000 SP4, fixed SP4 usage, but the priv esclation is non-functional, use twunk16/debug depending on what is available. 
git-svn-id: file:///home/svn/framework3/trunk@8240 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-26 19:13:28 +00:00
et
96d6e7bd9b In progress. crawling 
git-svn-id: file:///home/svn/framework3/trunk@8236 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-26 04:21:07 +00:00
HD Moore
a898901ad3 Switch to twunk_16 for Windows 7 compatibility 
git-svn-id: file:///home/svn/framework3/trunk@8230 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-25 18:07:48 +00:00
HD Moore
9a27a8dc01 Check the new binaries back in 
git-svn-id: file:///home/svn/framework3/trunk@8227 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-25 16:56:41 +00:00
Tod Beardsley
359e1ad53a See #726. Adds a DB2 scanner and brute forcer. 
git-svn-id: file:///home/svn/framework3/trunk@8223 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-25 15:58:24 +00:00
HD Moore
b0f0bc1c32 Add a dot 
git-svn-id: file:///home/svn/framework3/trunk@8218 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-25 00:28:55 +00:00
HD Moore
0c16bd9736 Switch to Zarvox, add ruby scripts to generate new sound samples 
git-svn-id: file:///home/svn/framework3/trunk@8217 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-24 18:56:48 +00:00
HD Moore
0535e59b6e Nuke a duplicate file 
git-svn-id: file:///home/svn/framework3/trunk@8216 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-24 18:33:49 +00:00
HD Moore
acceb274da Integrate a sound plugin, based on Robin Wood's patch 
git-svn-id: file:///home/svn/framework3/trunk@8215 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-24 18:33:32 +00:00
Joshua Drake
40be42676b new tomcat_mgr_login aux module 
- uses auth_brute mixin
- has old and new default users/passes/pairs
- replaces older modules/auxiliary/admin/http/tomcat_manager.rb


git-svn-id: file:///home/svn/framework3/trunk@8201 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-22 20:31:51 +00:00
Stephen Fewer
de691597b6 ...and finally the bins :) 
git-svn-id: file:///home/svn/framework3/trunk@8200 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-22 19:48:21 +00:00
HD Moore
8058fb22e8 Purge these copies until the secondary thread issue is fixed 
git-svn-id: file:///home/svn/framework3/trunk@8180 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-20 13:36:48 +00:00
HD Moore
2574416a29 Add the associated binaries 
git-svn-id: file:///home/svn/framework3/trunk@8169 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-19 22:31:06 +00:00
Stephen Fewer
c92d7b68bf ...and the bins! 
git-svn-id: file:///home/svn/framework3/trunk@8159 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-19 11:10:55 +00:00
HD Moore
396e894cdb Finger user enumerator 
git-svn-id: file:///home/svn/framework3/trunk@8109 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-13 23:37:14 +00:00
James Lee
fd89f4e6cd add an events table 
git-svn-id: file:///home/svn/framework3/trunk@8104 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-13 06:40:34 +00:00
HD Moore
42b3a5774d Adds the process username to the ps output (when possible). 
git-svn-id: file:///home/svn/framework3/trunk@8056 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-02 03:41:21 +00:00
HD Moore
4d7aec7c2d Fixes #745. This commit changes how token manipulation works, adds the steal_token, drop_token, and getprivs commands. Tested on NT 4.0, 2000 SP4, XP SP3, 2003 SP2, Vista, and Windows 7 
git-svn-id: file:///home/svn/framework3/trunk@8055 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-02 00:35:10 +00:00
HD Moore
9bf88af0cc Add 64-bit 
git-svn-id: file:///home/svn/framework3/trunk@8047 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-31 15:56:09 +00:00
HD Moore
98f83bbab1 Adds reg queryclass 
git-svn-id: file:///home/svn/framework3/trunk@8046 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-31 15:52:30 +00:00
Joshua Drake
2283e029db crossing fingers, big cr removal batch 
git-svn-id: file:///home/svn/framework3/trunk@8038 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-30 22:24:22 +00:00
James Lee
3109ae1b53 add the migration for notes. fixes 742 
git-svn-id: file:///home/svn/framework3/trunk@8033 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-30 16:23:40 +00:00
Mike Smith
29920bc94b Unpack rack-1.0.1 into vendor/gems directory 
This allows msfweb to be run without requiring rack to be pre-installed as a
gem.


git-svn-id: file:///home/svn/framework3/trunk@8031 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-30 05:39:21 +00:00
Mike Smith
94ea648902 Patch rails so that migrations can be run even when Base.logger == nil 
git-svn-id: file:///home/svn/framework3/trunk@8017 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-29 01:04:48 +00:00
Mike Smith
912038dda3 Moving rails-2.3.5/ to rails/ 
git-svn-id: file:///home/svn/framework3/trunk@8016 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-29 00:19:06 +00:00
Mike Smith
a554ab15ef Upgrade from rails 2.3.2 to 2.3.5 
git-svn-id: file:///home/svn/framework3/trunk@8015 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-29 00:17:51 +00:00
James Lee
c44497d04b add tebo's rpc wordlist 
git-svn-id: file:///home/svn/framework3/trunk@7964 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-24 00:19:00 +00:00
HD Moore
0f798f4674 Updated template, a little bit smaller 
git-svn-id: file:///home/svn/framework3/trunk@7946 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-22 14:12:25 +00:00
HD Moore
68aafc8e13 Fixes #658 by adding a 250ms sleep to the dispatch of the close call. 
git-svn-id: file:///home/svn/framework3/trunk@7934 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-21 19:53:10 +00:00
Joshua Drake
b37c34579b add exploit module for cve-2009-3869 
NOTE: no policy change is required for this exploit to succeed.



git-svn-id: file:///home/svn/framework3/trunk@7899 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-17 04:52:40 +00:00
Mike Smith
f9ffc8b8bc Add db_workspace command & other db refactoring. 
* Added "workspaces" table and associated ActiveRecord class.
 * Moved ActiveRecord models from db_objects.rb into separate files.
 * Do the DB migration check every time you connect (was previously done
   during db_create).
 * Use :dependent => :destroy associations so that we don't have to
   manually delete the dependent objects.

git-svn-id: file:///home/svn/framework3/trunk@7861 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-14 22:52:34 +00:00
Joshua Drake
255724d640 compile java applet with 1.3, Fixes #685 
git-svn-id: file:///home/svn/framework3/trunk@7850 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-14 17:26:19 +00:00
HD Moore
8c7c62bcbc Major update to the directory list based on the thousands of idiots scanning metasploit.com. Thanks! :) 
git-svn-id: file:///home/svn/framework3/trunk@7845 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-14 04:35:31 +00:00
HD Moore
1029ecd7f8 Cleanup wmap, add the missing database tables back, rename to have a wmap_prefix 
git-svn-id: file:///home/svn/framework3/trunk@7837 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-13 05:24:48 +00:00
Joshua Drake
34408c5e3e add exploit module for CVE-2009-3867 (JRE getSoundbank) 
git-svn-id: file:///home/svn/framework3/trunk@7827 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-11 21:18:31 +00:00
HD Moore
cf6732d570 Fresh bins (including sniffer). See #672 
git-svn-id: file:///home/svn/framework3/trunk@7807 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-10 18:36:01 +00:00
Stephen Fewer
be588716c5 Bug fix for meterpreter on NT4 (Tested on NT4.0 SP6). Add a function thread_open() in thread.c to wrap the use kernel32!OpenThread and ntdll!NtOpenThread for backwards compatibility. 
git-svn-id: file:///home/svn/framework3/trunk@7806 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-10 18:12:51 +00:00
HD Moore
6da0fda5ed Updated meterpreter binaries with a slight change to the thread schedule (solves a looping problem when the socket is dead). 
git-svn-id: file:///home/svn/framework3/trunk@7793 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-10 05:42:47 +00:00
Mike Smith
529b31e502 We don't want an id column in vulns_refs 
git-svn-id: file:///home/svn/framework3/trunk@7777 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-09 18:58:00 +00:00
HD Moore
ff19b649f3 See #662. This should fix most of the meterpreter-side issues with sockets, there is still a second piece of this which is unflushed data on the local forwards from the ruby code. 
git-svn-id: file:///home/svn/framework3/trunk@7761 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-08 22:08:06 +00:00
HD Moore
353fa1dba5 Updated binaries (32/64) with the first round of socket fixes 
git-svn-id: file:///home/svn/framework3/trunk@7751 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-08 15:01:44 +00:00
Mike Smith
61b556a0d1 Initialize the database schema using ActiveRecord migrations 
git-svn-id: file:///home/svn/framework3/trunk@7739 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-07 17:03:27 +00:00
HD Moore
bc1aee3b4e Add a data file with the names of phishing logs (based on autowhaler) 
git-svn-id: file:///home/svn/framework3/trunk@7735 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-07 15:47:49 +00:00
HD Moore
e99e2a8d95 Rebuild with Stephen's mutex changes (rebuild of sniffer, but checking in the others as well to match). 
git-svn-id: file:///home/svn/framework3/trunk@7734 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-07 14:44:35 +00:00
Stephen Fewer
56a64a0e2d Commit the latest windows x86/x64 build of the multi-threaded meterpreter (An x64 build of espia has been added too). 
git-svn-id: file:///home/svn/framework3/trunk@7733 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-07 13:07:26 +00:00
HD Moore
dfa0d155fc See #607. Switch sniffer code to use mutexes 
git-svn-id: file:///home/svn/framework3/trunk@7728 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-07 05:19:46 +00:00
HD Moore
8a186921e7 Rebuilt Stephen's changes locally, including the sniffer extension 
git-svn-id: file:///home/svn/framework3/trunk@7700 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-04 17:54:01 +00:00
Stephen Fewer
10d9105708 Initial commit of the multi-threaded meterpreter binaries. Only x86 today (minus the sniffer extension), x64 will follow next Monday. 
git-svn-id: file:///home/svn/framework3/trunk@7699 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-04 17:39:32 +00:00
HD Moore
15dca2285f Scrub the build path from the executable 
git-svn-id: file:///home/svn/framework3/trunk@7636 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-28 22:55:54 +00:00
et
2db0b95f30 Remove table 
git-svn-id: file:///home/svn/framework3/trunk@7630 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-26 20:53:46 +00:00
HD Moore
c44bcf3299 Add the stub site/dns lists for airpwn/dnspwn 
git-svn-id: file:///home/svn/framework3/trunk@7491 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-13 19:17:14 +00:00
HD Moore
d892264ad7 Adds a DoS proof of concept for MS09-065 (EOT) 
git-svn-id: file:///home/svn/framework3/trunk@7470 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-11 23:48:53 +00:00
Stephen Fewer
8c48a9a3f5 Commit the PassiveX DLL updated to build with Visual Studio C++ 2008. Removed some compiler warnings. Use VirtualProtect to make second stage RWX. Use WSASocketA() over socket() for second stage compatibility. Seems to now work with the shell stage (Tested on XPSP2/IE7) but still not working with meterpreter. 
git-svn-id: file:///home/svn/framework3/trunk@7461 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-11 00:39:38 +00:00
HD Moore
5d997f1b26 Reset the manifest to normal privs, this was causing issues on Vista 
git-svn-id: file:///home/svn/framework3/trunk@7406 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-08 03:40:47 +00:00
HD Moore
683e7f4650 Move hosts content into namelist, missed piece of #470 
git-svn-id: file:///home/svn/framework3/trunk@7404 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-08 00:17:59 +00:00
HD Moore
9d7d1a0c1d Fixes #470. Add the hostlist from fierce 
git-svn-id: file:///home/svn/framework3/trunk@7402 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-08 00:10:13 +00:00
HD Moore
90808980c4 Fixes #474. Adds rack back into the vendor lib tree 
git-svn-id: file:///home/svn/framework3/trunk@7373 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-06 14:44:24 +00:00
HD Moore
bec5fd192f Updated template, this one plays with vista better 
git-svn-id: file:///home/svn/framework3/trunk@7350 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-04 16:02:45 +00:00
HD Moore
58ac7efcfa Fixes #457. Oddly enough, it was the nop sled garbling registers 
git-svn-id: file:///home/svn/framework3/trunk@7342 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-03 23:50:32 +00:00
HD Moore
86bcabc411 Swizzle again. 
git-svn-id: file:///home/svn/framework3/trunk@7336 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-03 19:55:42 +00:00
HD Moore
244f71601c See #432. Remove unused components of the rails directory 
git-svn-id: file:///home/svn/framework3/trunk@7332 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-03 16:54:33 +00:00
HD Moore
a8113889ed Swizzle. 
git-svn-id: file:///home/svn/framework3/trunk@7330 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-03 05:17:38 +00:00
HD Moore
80a262f991 Fixes #423. Using /s on a regex forces an encoding that cant match random binary gibberish 
git-svn-id: file:///home/svn/framework3/trunk@7322 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-02 17:59:45 +00:00
Stephen Fewer
54f952129a A fresh build of the x64 meterpreter and extensions to sync up with the recent changes with SSL in #7311 and the addition of the rm/del command from #7291 
git-svn-id: file:///home/svn/framework3/trunk@7316 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-01 16:49:01 +00:00
HD Moore
21e82d8b69 This patch implements a much more flexible executable creation scheme at the cost of exe size. This also adds the "-x" option to msfencode, allowing the user to specify their own executable template for generation. 
git-svn-id: file:///home/svn/framework3/trunk@7315 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-01 04:11:43 +00:00
HD Moore
2c15be2100 Make a copy of the win32 exe template 
git-svn-id: file:///home/svn/framework3/trunk@7314 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-01 03:19:20 +00:00
HD Moore
e5e89906d0 Switch the meterpreter to SSLv3 and try to generate a slightly more realistic CN for the certificate. The goal is to work through a wider range of inline proxies. 
git-svn-id: file:///home/svn/framework3/trunk@7311 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-31 20:44:23 +00:00
HD Moore
5234fe8ff8 Fixes 416. Adds the rm/del commands to meterpreter, fixes build problems triggered by the POSIX code merge 
git-svn-id: file:///home/svn/framework3/trunk@7291 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-27 02:31:07 +00:00
HD Moore
e7638ef887 Fixes #397. Webrick requires :BindAddress but msfweb only passed in :Host, likely an api change was missed during a rails upgrade. 
git-svn-id: file:///home/svn/framework3/trunk@7277 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-26 17:33:05 +00:00
HD Moore
e94360f7cf The script now downloads this as needed 
git-svn-id: file:///home/svn/framework3/trunk@7256 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-25 20:47:16 +00:00
HD Moore
9904861e94 Prevent rails from overloading require, another big speed boost from Yoann, and it looks like we can avoid it 
git-svn-id: file:///home/svn/framework3/trunk@7247 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-25 17:07:48 +00:00
HD Moore
a6c738a89f Add Milo's prefetch meterpreter script, see http://milo2012.wordpress.com/2009/10/22/meterpreter-script-for-prefetch-tool/ 
git-svn-id: file:///home/svn/framework3/trunk@7229 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-23 05:25:20 +00:00
cg
d565fef520 support for McKesson Horizon Clinical Infrastructure Oracle passwords for oracle login_brute http://seclists.org/fulldisclosure/2009/Oct/261 
git-svn-id: file:///home/svn/framework3/trunk@7223 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-21 23:32:44 +00:00
HD Moore
8325b46694 Add Alexander Sotirov's metsvc binaries to the metepreter data directory 
git-svn-id: file:///home/svn/framework3/trunk@7214 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-20 18:43:27 +00:00
HD Moore
ed021ad08d Fixes #260. Remove the 'raw' option for payloads ni msfweb, this just causes encoding issues to pop up and isn't useful. 
git-svn-id: file:///home/svn/framework3/trunk@7174 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-17 06:09:59 +00:00
HD Moore
5f57666f44 Woops! Commit the h2b script needed for mssql_payload 
git-svn-id: file:///home/svn/framework3/trunk@7166 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-15 13:52:14 +00:00
et
18b340a8c3 Uppercase .cvs 
git-svn-id: file:///home/svn/framework3/trunk@7138 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-11 16:11:51 +00:00
et
1655c43e28 Added .svn,.cvs to wmap dirs. Thanks mubix 
git-svn-id: file:///home/svn/framework3/trunk@7137 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-11 14:57:44 +00:00
Mario Ceballos
acf828461c updated oraenum.rb with an additional wordlist. 
git-svn-id: file:///home/svn/framework3/trunk@7093 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-29 21:58:01 +00:00
HD Moore
bf5068f6b1 Fixes #288 and #320. This should fix the BSoD issue with the sniffer module (other than the mac filter change, this matches the vendor's example) and confirmed that the keyscan_dump fix works 
git-svn-id: file:///home/svn/framework3/trunk@7066 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-26 16:26:05 +00:00
et
3993aaf79c espia dll 
git-svn-id: file:///home/svn/framework3/trunk@7064 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-26 04:25:37 +00:00
Stephen Fewer
1937839e79 Patch meterpreter's sysinfo command to resolve the system language and architecture. 
git-svn-id: file:///home/svn/framework3/trunk@7028 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-10 13:09:48 +00:00
Stephen Fewer
36d60d5d12 Commit the x64 build of the meterpreter incognito extension. 
git-svn-id: file:///home/svn/framework3/trunk@7009 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-07 09:25:25 +00:00
Stephen Fewer
ff9efacffa Commit the x64 build of the meterpreter priv extension. 
git-svn-id: file:///home/svn/framework3/trunk@7008 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-07 09:17:29 +00:00
Stephen Fewer
d584b4d314 Fixed migrate for x64 meterpreter (Tested on Win 7 and 2003). 
git-svn-id: file:///home/svn/framework3/trunk@6999 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-04 01:40:48 +00:00
Stephen Fewer
8bb0efb97e the first binaries for the windows x64 meterpreter. only metsrv and stdapi for now. source code to follow later. 
git-svn-id: file:///home/svn/framework3/trunk@6998 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-03 17:50:41 +00:00
Stephen Fewer
1cb3c42589 First commit! update vnc server with the new exitfunk hash values as well as modify ReflectiveLoader to retrieve kernel32 base address dynamically ala its meterpreter counterpart. 
git-svn-id: file:///home/svn/framework3/trunk@6989 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-31 10:28:26 +00:00
HD Moore
cf10a62dcc Merge in the beginnings of x64 support from Stephen Fewer 
git-svn-id: file:///home/svn/framework3/trunk@6972 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-23 23:47:33 +00:00
HD Moore
2247b483d9 Updated pSnuffle sniffer code from _MAX_ 
git-svn-id: file:///home/svn/framework3/trunk@6965 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-19 14:07:33 +00:00
HD Moore
da32f1bdea Updated meterpreter code/binaries to scrub memory after use, works around Peter's memoryze signatures from BH/DC 2009 
git-svn-id: file:///home/svn/framework3/trunk@6942 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-08 14:22:32 +00:00
HD Moore
ed02a67367 Updated to match the new hashing alg from Stephen Fewer 
git-svn-id: file:///home/svn/framework3/trunk@6924 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-31 17:58:11 +00:00
HD Moore
5e74e80c89 Update psnuffle modules to use payload_data 
git-svn-id: file:///home/svn/framework3/trunk@6899 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-25 14:11:55 +00:00
HD Moore
2a7467dd7f Update the meterp binaries with clean builds from svn 
git-svn-id: file:///home/svn/framework3/trunk@6888 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-24 04:01:26 +00:00
James Lee
739207bf4a merge browser_autopwn back into trunk. This changes the database schema slightly, so make sure to db_destroy and db_create before using the database features. 
git-svn-id: file:///home/svn/framework3/trunk@6873 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-22 20:14:35 +00:00
HD Moore
238f8d798f Let vulns refer to hosts w/o a service, add a mac and address6 field to the hosts table. 
git-svn-id: file:///home/svn/framework3/trunk@6866 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-22 13:25:33 +00:00
HD Moore
b3e36e5692 Reduce the size of the generated executables (works better with sqlmap and other tools that need small exes). Payloads are now capped at 2048 and the amount of random data appended to the exe has been reduced. 
git-svn-id: file:///home/svn/framework3/trunk@6849 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-20 13:55:29 +00:00
James Lee
529ded22ae reverting last commit; somebody didn't cross their fingers 
git-svn-id: file:///home/svn/framework3/trunk@6847 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-19 20:48:47 +00:00
James Lee
c3dc1ecb55 reintegrate browser_autopwn into trunk; cross your fingers and hope this works 
git-svn-id: file:///home/svn/framework3/trunk@6846 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-19 17:27:36 +00:00
HD Moore
0d931953cf The sniffer module is now compiled against the dnet headers for packet decodes 
git-svn-id: file:///home/svn/framework3/trunk@6831 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-18 00:10:10 +00:00
HD Moore
be6bb23b5e Psnuffle modules 
git-svn-id: file:///home/svn/framework3/trunk@6824 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-17 20:39:06 +00:00
Mario Ceballos
3d3ea9788c added auxiliary module login_brute.rb and oracle_default_passwords.csv. 
git-svn-id: file:///home/svn/framework3/trunk@6819 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-17 14:20:22 +00:00
Mario Ceballos
c66e25978d remove duplicate sid. 
git-svn-id: file:///home/svn/framework3/trunk@6818 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-17 13:41:56 +00:00
HD Moore
f8c2a203fd OSVDB references updates from Steve Tornio 
git-svn-id: file:///home/svn/framework3/trunk@6812 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-16 16:02:24 +00:00
Mario Ceballos
4f88b5a5c1 added auxiliary module sid_brute.rb and sid.txt wordlist. 
git-svn-id: file:///home/svn/framework3/trunk@6807 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-16 00:03:50 +00:00
HD Moore
148ca687f5 Updated libraries and source code now using OpenSSL 
git-svn-id: file:///home/svn/framework3/trunk@6773 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-13 03:10:39 +00:00
HD Moore
e8784d68fb Fixes up the sniffer to handle large packet captures better, fixes a regression in the sysinfo command. 
git-svn-id: file:///home/svn/framework3/trunk@6768 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-12 13:17:37 +00:00
HD Moore
6e85581e2f Updates from jabra for the phishing modules 
git-svn-id: file:///home/svn/framework3/trunk@6767 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-12 03:57:25 +00:00
HD Moore
f76d73a823 Free packet memory when the capture is stopped 
git-svn-id: file:///home/svn/framework3/trunk@6765 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-11 18:19:42 +00:00
HD Moore
4989f9bdbe Fixes a bug where if the sniffer SDK could not initialize, it would still be treated as initialized the next time it was checked. 
git-svn-id: file:///home/svn/framework3/trunk@6764 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-11 17:52:40 +00:00
HD Moore
645ca020e9 Fixes a memory corruption issue with the SSL file descriptor (was using a stack reference instead of the Remote->fd reference), adds the source code sans the Packet SDK for the sniffer module 
git-svn-id: file:///home/svn/framework3/trunk@6763 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-11 17:32:50 +00:00
HD Moore
82cf85680c Adds the sniffer extension for testing 
git-svn-id: file:///home/svn/framework3/trunk@6762 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-11 13:39:43 +00:00
HD Moore
608ca7aae8 This patch removes some of the meterpreter compiler warnings and fixes migration over SSL 
git-svn-id: file:///home/svn/framework3/trunk@6761 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-09 22:44:33 +00:00
HD Moore
7b516e06fe Transfer the migration payload over SSL, still working on a crash bug after migration completes 
git-svn-id: file:///home/svn/framework3/trunk@6756 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-09 03:22:10 +00:00
HD Moore
485d3fcb17 Merge in the meterpreter binaries with the new kernel32 loader code 
git-svn-id: file:///home/svn/framework3/trunk@6745 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-05 20:27:33 +00:00
HD Moore
0c4c05fb24 Commit the SSL-updated meterpreter binaries 
git-svn-id: file:///home/svn/framework3/trunk@6741 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-05 05:22:06 +00:00
HD Moore
43372de9f0 Fix a bug in the new SSL code that broke large transfers 
git-svn-id: file:///home/svn/framework3/trunk@6720 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-27 01:52:36 +00:00
HD Moore
a74d3a3f38 Switches meterpreter to SSL by default, using the PolarSSL library. To build this, just place polarssl.lib into an workspace/common/Release/ 
git-svn-id: file:///home/svn/framework3/trunk@6718 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-26 23:18:53 +00:00
HD Moore
3596ea9676 Cleanup patch 
git-svn-id: file:///home/svn/framework3/trunk@6715 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-25 21:07:53 +00:00
HD Moore
d981332b89 Better search behavior for console and msfweb 
git-svn-id: file:///home/svn/framework3/trunk@6706 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-24 01:31:16 +00:00
HD Moore
2283e0ffe4 Update executable template and API 
git-svn-id: file:///home/svn/framework3/trunk@6682 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-20 17:42:17 +00:00
HD Moore
5f14719035 Handle cygwin support 
git-svn-id: file:///home/svn/framework3/trunk@6673 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-20 00:18:18 +00:00
HD Moore
c72263e9c3 Adds antoine's tftp brute forcer 
git-svn-id: file:///home/svn/framework3/trunk@6667 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-17 20:52:47 +00:00
HD Moore
b8efb1bbf9 Add Stephen Fewer's shiny exploit for the Java deserialization flaw 
git-svn-id: file:///home/svn/framework3/trunk@6664 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-16 17:19:44 +00:00
HD Moore
d69a1f6ff0 Adding the new msfweb tree, using rails 2.2.3 and newer prototype 
git-svn-id: file:///home/svn/framework3/trunk@6651 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-14 15:17:53 +00:00
HD Moore
ae1d18c88e Move out the old msfweb tree, replacing it with rails 2.2.3 and newer prototype 
git-svn-id: file:///home/svn/framework3/trunk@6650 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-14 15:17:09 +00:00
Patrick Webster
adac1d9c85 Added webdav in the dir list. 
git-svn-id: file:///home/svn/framework3/trunk@6561 4d416f70-5f16-0410-b530-b9f4589650da
 2009-05-18 03:25:25 +00:00
HD Moore
6b5893f1f0 Import the ruby snmp library into the tree. Making a few adjustments to make it msf-friendly 
git-svn-id: file:///home/svn/framework3/trunk@6529 4d416f70-5f16-0410-b530-b9f4589650da
 2009-05-08 03:35:59 +00:00
et
746a3c533a ext. sample dll. not ready for production enviroments 
git-svn-id: file:///home/svn/framework3/trunk@6506 4d416f70-5f16-0410-b530-b9f4589650da
 2009-04-29 03:38:42 +00:00
et
0c859dc35e Minor fixes regarding target_host handling 
git-svn-id: file:///home/svn/framework3/trunk@6477 4d416f70-5f16-0410-b530-b9f4589650da
 2009-04-12 02:00:50 +00:00
HD Moore
b360e42171 Updated sysinfo and setdesktop code 
git-svn-id: file:///home/svn/framework3/trunk@6462 4d416f70-5f16-0410-b530-b9f4589650da
 2009-04-07 15:46:45 +00:00
HD Moore
e1a6d31c58 Add a SNMP brute force scanner 
git-svn-id: file:///home/svn/framework3/trunk@6421 4d416f70-5f16-0410-b530-b9f4589650da
 2009-03-29 03:09:04 +00:00
HD Moore
89ecdd9ac8 Mostly working setdesktop code, removed grabdesktop 
git-svn-id: file:///home/svn/framework3/trunk@6393 4d416f70-5f16-0410-b530-b9f4589650da
 2009-03-25 23:14:14 +00:00
HD Moore
8b27f5faef Updated binaries, adds enumdesktops, setdesktop is still broken 
git-svn-id: file:///home/svn/framework3/trunk@6383 4d416f70-5f16-0410-b530-b9f4589650da
 2009-03-23 21:05:13 +00:00
HD Moore
e6f6824618 Fixes a crash on exit with vnc reflective dll injection, patch from Stephen Fewer 
git-svn-id: file:///home/svn/framework3/trunk@6371 4d416f70-5f16-0410-b530-b9f4589650da
 2009-03-23 05:17:40 +00:00
HD Moore
ebcc19c54b Recompiled, adds the grabdesktop, keyscan_start, keyscan_stop, and keyscan_dump commands to UI 
git-svn-id: file:///home/svn/framework3/trunk@6367 4d416f70-5f16-0410-b530-b9f4589650da
 2009-03-22 23:58:58 +00:00
HD Moore
13706d1bde Tons of new Mac OS X code from Dino Dai Zovi and Charlie Miller, more to follow 
git-svn-id: file:///home/svn/framework3/trunk@6353 4d416f70-5f16-0410-b530-b9f4589650da
 2009-03-18 23:28:24 +00:00
natron
5069038ecd Fixes meterpreter's migrate function to work on DEP-enabled boxes (ticket 275). Patch by Stephen Fewer (harmonysecurity.com). 
git-svn-id: file:///home/svn/framework3/trunk@6347 4d416f70-5f16-0410-b530-b9f4589650da
 2009-03-16 21:10:58 +00:00
et
8c145efd35 Email module sample config script 
git-svn-id: file:///home/svn/framework3/trunk@6164 4d416f70-5f16-0410-b530-b9f4589650da
 2009-01-19 01:18:41 +00:00
HD Moore
b80f50b6cb Fixes #268. Updates the executable template and provides a bug fix for msfencode to force the encoded version 
git-svn-id: file:///home/svn/framework3/trunk@6043 4d416f70-5f16-0410-b530-b9f4589650da
 2008-12-24 08:41:35 +00:00
kris
a30adcdca5 Fix Javascript payload generation in msfweb: was passing the invalid 
"javascript", so it now chooses "js_le" or "js_be" based on endianness


git-svn-id: file:///home/svn/framework3/trunk@6042 4d416f70-5f16-0410-b530-b9f4589650da
 2008-12-24 06:57:32 +00:00
kris
9aa29aa876 add java payload generation option to msfweb 
git-svn-id: file:///home/svn/framework3/trunk@6041 4d416f70-5f16-0410-b530-b9f4589650da
 2008-12-24 06:29:41 +00:00
HD Moore
5822ab75a7 Adds an exploit module (universal) for the new internet explorer xml bug. This module shows off the .NET memory techniques discovered by Alexander Sotirov and Mark Dowd. This code should bypass DEP, ASLR, and NX :-) 
git-svn-id: file:///home/svn/framework3/trunk@6012 4d416f70-5f16-0410-b530-b9f4589650da
 2008-12-12 01:45:00 +00:00
et
8547688d7d Added wmap profiles capabilities to use as a method to run specific modules 
git-svn-id: file:///home/svn/framework3/trunk@5988 4d416f70-5f16-0410-b530-b9f4589650da
 2008-12-01 03:48:23 +00:00
et
3e19245054 Fixed handling of root website directory. Minor presentation fixes in test modules 
git-svn-id: file:///home/svn/framework3/trunk@5987 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-30 22:41:09 +00:00
HD Moore
cfbb600304 fixes #259. pass in badchars properly 
git-svn-id: file:///home/svn/framework3/trunk@5957 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-19 06:41:42 +00:00
HD Moore
1acebca6c2 Remove test cases from gems 
git-svn-id: file:///home/svn/framework3/trunk@5938 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-17 06:14:09 +00:00
HD Moore
25a8621e72 This giant pile of bizzare image foo solves an issue with GLib not being able to parse international path names. 
git-svn-id: file:///home/svn/framework3/trunk@5934 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-17 04:34:09 +00:00
HD Moore
14d31c805e Fixes #254. Key off refname instead of name 
git-svn-id: file:///home/svn/framework3/trunk@5929 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-16 21:14:38 +00:00