I don't think the use of the constant is a show stopper since it is
identical to the existing Nessus plugin scheme as well. It doesn't make
it right but it's not a reason to block. Both should be fixed some time.
Made a handful of minor edits regarding file handle management, and also
noted that the act of saving nexpose credentials will always cause the
SSL nag screen to not display.
Thanks for the implementation, mboman!
[Closes#57] [Fixes#6156]
Squashed commit of the following:
commit 8d421ab8e3004bcb67e156b45f1355a608e0320c
Author: Tod Beardsley <todb@metasploit.com>
Date: Fri Dec 23 15:55:35 2011 -0600
Adds a comment note about bypassing the SSL verify warning
commit fd956b380f14bbb394f36b0a3c565906f9aed869
Author: Tod Beardsley <todb@metasploit.com>
Date: Fri Dec 23 15:53:29 2011 -0600
Changing file write mode from w+ to wb.
commit d884c87482b033b7200d5045ba5f9b2d910f4aa8
Author: Tod Beardsley <todb@metasploit.com>
Date: Fri Dec 23 15:15:46 2011 -0600
::File instead of File throughout
commit 6d72f87e8f175f088ac7beeb80742d50ab01b38a
Author: Tod Beardsley <todb@metasploit.com>
Date: Fri Dec 23 15:14:54 2011 -0600
Space change
commit f6f3527595379ba11b3be4341a0c620b06340fbb
Merge: a978d19 2335614
Author: Tod Beardsley <todb@metasploit.com>
Date: Fri Dec 23 15:13:12 2011 -0600
Merge branch 'master' of github_r7:rapid7/metasploit-framework into mboman_nexpose
commit a978d1962f756f507fdabb988380a7ecf3ce76bb
Author: Tod Beardsley <todb@metasploit.com>
Date: Fri Dec 23 15:12:51 2011 -0600
Minor fixups mostly around ::File handling.
commit bddd0249b9
Merge: 2ddc161bb2ea62
Author: Michael Boman <michael@michaelboman.org>
Date: Fri Dec 16 08:39:10 2011 +0100
Merge branch 'master' of git://github.com/rapid7/metasploit-framework into nexpose
commit 2ddc161671
Author: Michael Boman <michael@michaelboman.org>
Date: Wed Dec 14 11:44:29 2011 +0100
msftidy cleanup (whitespace after EOL)
commit b202c7ff3a
Author: Michael Boman <michael@michaelboman.org>
Date: Wed Dec 14 11:28:13 2011 +0100
Removed a ncusage call
commit 45da9728d1
Author: Michael Boman <michael@michaelboman.org>
Date: Wed Dec 14 09:19:58 2011 +0100
Fixed indenting, removed ncusage function until later...
commit e9f03aafba
Merge: 41d3fae8dc85f1
Author: Michael Boman <michael@michaelboman.org>
Date: Wed Dec 14 07:35:17 2011 +0100
Merge branch 'master' of git://github.com/rapid7/metasploit-framework into nexpose
commit 41d3fae61b
Merge: 63b6f38d87d8d5
Author: Michael Boman <michael@michaelboman.org>
Date: Tue Dec 13 20:07:34 2011 +0100
Merge branch 'master' of git://github.com/rapid7/metasploit-framework into nexpose
commit 63b6f3873d
Merge: b3b7be4cfa128a
Author: Michael Boman <michael@michaelboman.org>
Date: Tue Dec 13 17:01:06 2011 +0100
Merge branch 'master' of git://github.com/rapid7/metasploit-framework into nexpose
commit b3b7be4594
Author: Michael Boman <michael@michaelboman.org>
Date: Tue Dec 13 16:54:54 2011 +0100
Nexpose plugin can now save/load credentials
Also removes duplicated code between external/source/exploits/pxesploit
and external/source/pxesploit.
[Closes#63]
Squashed commit of the following:
commit 325f52527233ded1bf6506c366ec8cb9efdc2610
Author: scriptjunkie <scriptjunkie@scriptjunkie.us>
Date: Fri Dec 16 12:14:18 2011 -0600
Jetzt auf Deutsch! y español! 中國人!
[update pxexploit to resolve administrators' group name rather than assume the English 'Administrators']
Also remove duplicate/old pxexploit source code from the tree.
- Use 'Actions' to configure which OWA version to try
- Fix a bug where the USER_AS_PASS option might overwrite PASSWORD (and not restoring it) even though a password is already set.
- Increase timeout to 25
- Update description
Can't actually require FILENAME or REMOTE_FILENAME because I don't know
if you're going to upload or download. However, there shouldn't be a
stacktrace when you just try to go with neither.
get() should get get_once() (intent is to get 4 bytes,
not timeout after 4 seconds), no need to escape equals
signs in regexes, no need to newline the unexpected
responses.
get() should get get_once() (intent is to get 4 bytes,
not timeout after 4 seconds), no need to escape equals
signs in regexes, no need to newline the unexpected
responses.
Also refers to port 264/TCP as the SecuRemote service instead of the
Topology service (I believe this is correct)
Reporting is initially conservative -- if we don't get something for
fw_hostname, then don't bother reporting at all; assume we're
mis-identifying the target.
Also refers to port 264/TCP as the SecuRemote service instead of the
Topology service (I believe this is correct)
Reporting is initially conservative -- if we don't get something for
fw_hostname, then don't bother reporting at all; assume we're
mis-identifying the target.
James Lee