David Maloney
a929a55404
fix show command parsing
...
this ius better than a regex and handles special charachters
in usernames and passwords far better than the previous way
2014-06-20 10:48:42 -05:00
David Maloney
3c85601426
not every version has dupe supression
2014-06-19 16:28:23 -05:00
David Maloney
93da4dc561
account for mssql12 format
...
mssql2012 and later uses a new format. some versions
of john support this and some do not yet
2014-06-19 16:11:14 -05:00
David Maloney
aca532b994
making egypt happy
...
it's a full time job
2014-06-19 15:07:33 -05:00
David Maloney
0ff8708e6d
some minor fixes
2014-06-19 13:08:43 -05:00
David Maloney
53352924d2
Merge branch 'staging/electro-release' into feature/MSP-9716/mssql_crack
...
Conflicts:
Gemfile
2014-06-19 12:45:53 -05:00
David Maloney
20f7cde9cc
add incremental and single modes
...
make sure we run single mode and incremnetal modes
during our runs through these hashes.
2014-06-19 12:38:01 -05:00
David Maloney
bb120fd1e2
report access level on mssql_hashdump
...
if we know we have admin access on mssql hashdumop
we should report that on the Login object.
2014-06-19 12:20:42 -05:00
David Maloney
d3c77b345c
report cracked credentials
...
also makes mssql_hashdump report the credentials it logged in with
2014-06-19 12:16:49 -05:00
James Lee
b606448976
Merge branch 'feature/MSP-9689/jtr_cracker' into staging/electro-release
2014-06-19 10:14:57 -05:00
James Lee
2d9c6f832a
Moar parens!!1!!
2014-06-19 10:07:21 -05:00
David Maloney
62f4054858
startring refactor on jtr_mssql
...
started work on the mssql hash cracker
fixed some minor bugs with the underlying mixin
crackers now runs. still have to have the cred objects created
2014-06-18 14:50:08 -05:00
David Maloney
641559ec12
put pry in gemfile
...
include pry in the development group of the framework
gemfile
2014-06-18 11:47:36 -05:00
dmaloney-r7
190923e9a7
Merge pull request #79 from rapid7/feature/MSP-9699/axis2-refactor
...
Refactor axis_login
2014-06-18 11:43:23 -05:00
David Maloney
fd0e24cdb2
moar docs!
2014-06-18 11:38:07 -05:00
David Maloney
4b4d9796c5
more minor cleanup
...
cleanup from code review
2014-06-18 11:24:55 -05:00
David Maloney
9f11170c3b
some minor cleanup on jtr stuff
...
minor cleanup to code nstyling stuff
2014-06-18 10:57:41 -05:00
dmaloney-r7
8e58d0803f
Merge pull request #77 from rapid7/feature/MSP-9709/ssh-pubkey
...
Refactor ssh_login_pubkey
2014-06-18 10:53:08 -05:00
David Maloney
4c3cc793ba
fix missing .present?
2014-06-18 10:52:27 -05:00
David Maloney
58b016202b
Merge branch 'staging/electro-release' into feature/MSP-9709/ssh-pubkey
2014-06-18 10:50:29 -05:00
David Maloney
2b0bb608b1
Merge branch 'master' into staging/electro-release
2014-06-18 10:49:58 -05:00
Joshua Smith
5e4a612351
Land missed commit from #3460 , typo fix
2014-06-18 00:08:01 -05:00
Spencer McIntyre
c685e0d06e
Land #3444 , chromecast wifi enumeration
2014-06-17 22:09:58 -04:00
OJ
aca8fcb352
Land #3415 -- x86->x64 Payload Injection
2014-06-18 11:09:55 +10:00
Meatballs1
4cfeaa1649
Merge pull request #50 from OJ/meat-x64_injection
...
Update to include required bins
2014-06-18 02:00:19 +01:00
OJ
5879ca3340
Merge branch 'upstream/master' into meatballs x64_injection
2014-06-18 10:24:33 +10:00
Joshua Smith
bab1e30557
Land #3460 , Ericom AccessNow Server BOF exploit
2014-06-17 19:10:34 -05:00
Joshua Smith
9af9d2f5c2
slight cleanup
2014-06-17 19:08:31 -05:00
jvazquez-r7
f622a3a0e5
Fix typo
2014-06-17 17:56:26 -05:00
James Lee
5f176a56cb
Fix typo
2014-06-17 17:16:46 -05:00
James Lee
d114dd1da2
Fix bugs. :fail != :failed
2014-06-17 17:12:50 -05:00
James Lee
d6de0da5a7
Refactor axis_login
2014-06-17 17:07:53 -05:00
David Maloney
34c0b00816
don't autload this mixin
...
causes laod order problems when we try to
autoload this mixin. We will just explicitly require
2014-06-17 16:10:09 -05:00
David Maloney
763f6f8d80
finish cleaning up jtr mixin
...
finish cleaning up the module mixin for jtr
2014-06-17 15:16:32 -05:00
jvazquez-r7
1133332702
Finish module
2014-06-17 15:01:35 -05:00
William Vu
1394ad1431
Break my double quote habit
...
Doesn't it feel better? C doesn't love me anymore.
2014-06-17 14:22:55 -05:00
jvazquez-r7
8f8af0e93a
Add draft version
2014-06-17 14:21:49 -05:00
William Vu
5e12675842
Land #3459 , newline fixes for msftidy
2014-06-17 14:21:11 -05:00
William Vu
56c71c7b85
Land #3457 , newline check for msftidy
2014-06-17 14:20:53 -05:00
Christian Mehlmauer
03fa858089
Added newline at EOF
2014-06-17 21:05:00 +02:00
Christian Mehlmauer
8e1949f3c8
Added newline at EOF
2014-06-17 21:03:18 +02:00
David Maloney
432b88680b
start fixing jtr module mixin
2014-06-17 13:27:11 -05:00
William Vu
8376b4aa2b
Map constants to readable values
...
Thanks, @zeroSteiner and @kernelsmith. :)
2014-06-17 13:10:08 -05:00
Joe Vennix
b8cedf14a8
Update gemfile dependencies. I have no idea if i need to tag this or wtf.
2014-06-17 12:14:17 -05:00
Luke Imhoff
99330ea40a
Update to use corrected v0.4.2-electro-release tag
2014-06-17 11:14:59 -05:00
David Maloney
d473d86ef0
use tr instead of gsub for mutation
...
this should be another slight performance
increase as straight up string replacement
should require less overhead then multiple
runs of regex replacement.
2014-06-17 10:29:09 -05:00
Christian Mehlmauer
3c00388f87
Add check for newline at end of file
2014-06-17 15:44:43 +02:00
OJ
b710014ece
Land #3435 -- Rocket Servergraph ZDI-14-161/162
2014-06-17 18:06:03 +10:00
James Lee
6237d56398
Refactor ssh_login_pubkey
...
* Fix a bug in LoginScanner::SSHKey (which was copy-pasted from SSH)
where the ssh_socket accessor was not being set because of a
shadowing local var
* Fix a bug in the db command dispatcher where an extra column was
added to the table, causing an unhandled exception when running the
creds command
* Add a big, ugly, untested class for imitating
Metasploit::Framework::CredentialCollection for ssh keys. This class
continues the current behavoir of silently ignoring files that are a)
encrypted or b) not private keys.
* Remove unnecessary proof gathering in the module (it's already
handled by the LoginScanner class)
2014-06-16 18:38:20 -05:00
David Maloney
a81b0ed17b
rename method to_file
...
change method name from write to to_file
as it makes more sense for what it is is doing
and what it returns
2014-06-16 18:03:06 -05:00