Skip to content

Commit

Permalink
Reboot gh-pages
Browse files Browse the repository at this point in the history
  • Loading branch information
@msjenkins-r7
msjenkins-r7 committed Apr 18, 2024
0 parents commit 7725e5d
Show file tree
Hide file tree
Showing 3,154 changed files with 2,070,942 additions and 0 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
1 change: 1 addition & 0 deletions 404.html

Large diffs are not rendered by default.

1 change: 1 addition & 0 deletions CNAME
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
docs.metasploit.com
40 changes: 40 additions & 0 deletions acceptance-tests/app.js

Large diffs are not rendered by default.

11 changes: 11 additions & 0 deletions acceptance-tests/data/attachments/184dc0cfc460971c.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
use auxiliary/scanner/mssql/mssql_schemadump
Stopping all jobs...
msf6 auxiliary(admin/mssql/mssql_sql) > run lhost=127.0.0.1 username=sa password=yourStrong(!)Password rhost=127.0.0.1 rport=1433 database=master Verbose=true
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(scanner/mssql/mssql_schemadump) > [*] 127.0.0.1:1433 - Instance Name: "660e18f4e64c"
[*] 127.0.0.1:1433 - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
sessions -K
msf6 auxiliary(scanner/mssql/mssql_schemadump) > jobs -K
[*] Killing all sessions...
msf6 auxiliary(scanner/mssql/mssql_schemadump) >
39 changes: 39 additions & 0 deletions acceptance-tests/data/attachments/1d8e8c05569830f4.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
Calling `DidYouMean::SPELL_CHECKERS.merge!(error_name => spell_checker)' has been deprecated. Please call `DidYouMean.correct_error(error_name, spell_checker)' instead.
Calling `DidYouMean::SPELL_CHECKERS.merge!(error_name => spell_checker)' has been deprecated. Please call `DidYouMean.correct_error(error_name, spell_checker)' instead.
Overriding user environment variable 'OPENSSL_CONF' to enable legacy functions.
msf6 > loadpath test/modules
Loaded 42 modules:
14 auxiliary modules
13 exploit modules
15 post modules
msf6 > features set mssql_session_type true
mssql_session_type => true
[!] Run the save command and restart the console for this feature to take effect.
msf6 > use auxiliary/scanner/mssql/mssql_login
[*] New in Metasploit 6.4 - The CreateSession option within this module can open an interactive session
msf6 auxiliary(scanner/mssql/mssql_login) > irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
msf6 auxiliary(scanner/mssql/mssql_login) > run PASS_FILE= USER_FILE= CreateSession=true username=sa password=yourStrong(!)Password rhost=127.0.0.1 rport=1433 database=master
[*] 127.0.0.1:1433 - 127.0.0.1:1433 - MSSQL - Starting authentication scanner.
[!] 127.0.0.1:1433 - No active DB -- Credential data will not be saved!
[+] 127.0.0.1:1433 - 127.0.0.1:1433 - Login Successful: WORKSTATION\sa:yourStrong(!)Password
[*] MSSQL session 1 opened (127.0.0.1:41127 -> 127.0.0.1:1433) at 2024-04-18 08:40:57 +0000
use post/test/mssql
[*] 127.0.0.1:1433 - Scanned 1 of 1 hosts (100% complete)
[*] 127.0.0.1:1433 - Bruteforce completed, 1 credential was successful.
[*] 127.0.0.1:1433 - 1 MSSQL session was opened successfully.
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/mssql/mssql_login) > run session=1 Verbose=true
msf6 post(test/mssql) > [!] SESSION may not be compatible with this module:
[!] * Unknown session platform. This module works with: Apple_iOS, Hardware, Multi, Mainframe, Firefox, NodeJS, Python, JavaScript, PHP, Unix, Irix, HPUX, AIX, FreeBSD, NetBSD, BSDi, OpenBSD, BSD, OSX, Solaris, Arista, Mikrotik, Brocade, Unifi, Juniper, Cisco, Linux, Ruby, R, Java, Android, Netware, Windows, Unknown.
[*] Running against session 1
[*] Session type is mssql and platform is
[+] should return a version
[+] should support the help command
[*] Testing complete in 0.02 seconds
[*] Passed: 2; Failed: 0; Skipped: 0
[*] Post module execution completed
sessions -K
msf6 post(test/mssql) > jobs -K
[*] Killing all sessions...
[*] 127.0.0.1 - MSSQL session 1 closed.
msf6 post(test/mssql) >
26 changes: 26 additions & 0 deletions acceptance-tests/data/attachments/2120361a09862b81.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
use auxiliary/scanner/mssql/mssql_login
Stopping all jobs...
msf6 auxiliary(admin/mssql/mssql_enum) > irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
[*] New in Metasploit 6.4 - The CreateSession option within this module can open an interactive session
msf6 auxiliary(scanner/mssql/mssql_login) > run PASS_FILE= USER_FILE= CreateSession=true username=sa password=yourStrong(!)Password rhost=127.0.0.1 rport=1433 database=master
msf6 auxiliary(scanner/mssql/mssql_login) > [*] 127.0.0.1:1433 - 127.0.0.1:1433 - MSSQL - Starting authentication scanner.
[!] 127.0.0.1:1433 - No active DB -- Credential data will not be saved!
[+] 127.0.0.1:1433 - 127.0.0.1:1433 - Login Successful: WORKSTATION\sa:yourStrong(!)Password
[*] MSSQL session 4 opened (127.0.0.1:42699 -> 127.0.0.1:1433) at 2024-04-18 08:40:59 +0000
use auxiliary/scanner/mssql/mssql_hashdump
[*] 127.0.0.1:1433 - Scanned 1 of 1 hosts (100% complete)
[*] 127.0.0.1:1433 - Bruteforce completed, 1 credential was successful.
[*] 127.0.0.1:1433 - 1 MSSQL session was opened successfully.
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/mssql/mssql_login) > run session=4 Verbose=true
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(scanner/mssql/mssql_hashdump) > [*] Using existing session 4
[!] No active DB -- Credential data will not be saved!
[*] Instance Name: "6b1c6d9c67d6"
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
sessions -K
msf6 auxiliary(scanner/mssql/mssql_hashdump) > jobs -K
[*] Killing all sessions...
[*] 127.0.0.1 - MSSQL session 4 closed.
msf6 auxiliary(scanner/mssql/mssql_hashdump) >
35 changes: 35 additions & 0 deletions acceptance-tests/data/attachments/263f807c862410b1.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
{
"required_lines": [
{
"values": [
"Version:"
],
"options": {
}
},
{
"values": [
"(?-mix:Microsoft SQL Server \\d+.\\d+)"
],
"options": {
}
},
{
"values": [
"Databases on the server:"
],
"options": {
}
},
{
"values": [
"System Logins on this Server:"
],
"options": {
}
}
],
"known_failures": [

]
}
16 changes: 16 additions & 0 deletions acceptance-tests/data/attachments/2e01ee2ca76b363d.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
## Load test modules
loadpath test/modules

## Session module
use auxiliary/scanner/mssql/mssql_login

## Set global datastore
irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'

## Run command
run lhost=127.0.0.1 username=sa password=yourStrong(!)Password rhost=127.0.0.1 rport=1433 database=master


## Replication commands
use auxiliary/scanner/mssql/mssql_schemadump
run lhost=127.0.0.1 username=sa password=yourStrong(!)Password rhost=127.0.0.1 rport=1433 database=master Verbose=true
16 changes: 16 additions & 0 deletions acceptance-tests/data/attachments/2e2585b2a6675f.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
## Load test modules
loadpath test/modules

## Session module
use auxiliary/scanner/mssql/mssql_login

## Set global datastore
irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'

## Run command
run lhost=127.0.0.1 username=sa password=yourStrong(!)Password rhost=127.0.0.1 rport=1433 database=master


## Replication commands
use auxiliary/scanner/mssql/mssql_schemadump
run lhost=127.0.0.1 username=sa password=yourStrong(!)Password rhost=127.0.0.1 rport=1433 database=master Verbose=true
16 changes: 16 additions & 0 deletions acceptance-tests/data/attachments/2f3474dfca02af24.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
## Load test modules
loadpath test/modules

## Session module
use auxiliary/scanner/mssql/mssql_login

## Set global datastore
irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'

## Run command
run lhost=127.0.0.1 username=sa password=yourStrong(!)Password rhost=127.0.0.1 rport=1433 database=master


## Replication commands
use auxiliary/scanner/mssql/mssql_hashdump
run lhost=127.0.0.1 username=sa password=yourStrong(!)Password rhost=127.0.0.1 rport=1433 database=master Verbose=true
21 changes: 21 additions & 0 deletions acceptance-tests/data/attachments/3739085980486de7.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
{
"required_lines": [
{
"values": [
"Instance Name:"
],
"options": {
}
},
{
"values": [
"Scanned 1 of 1 hosts (100% complete)"
],
"options": {
}
}
],
"known_failures": [

]
}
16 changes: 16 additions & 0 deletions acceptance-tests/data/attachments/37bf8dc52e6edfe1.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
## Load test modules
loadpath test/modules

## Session module
use auxiliary/scanner/mssql/mssql_login

## Set global datastore
irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'

## Run command
run lhost=127.0.0.1 username=sa password=yourStrong(!)Password rhost=127.0.0.1 rport=1433 database=master


## Replication commands
use auxiliary/admin/mssql/mssql_sql
run lhost=127.0.0.1 username=sa password=yourStrong(!)Password rhost=127.0.0.1 rport=1433 database=master Verbose=true
130 changes: 130 additions & 0 deletions acceptance-tests/data/attachments/3b0c3796fdf9b483.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,130 @@
use auxiliary/scanner/mssql/mssql_login
Stopping all jobs...
msf6 auxiliary(admin/mssql/mssql_sql) > irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
[*] New in Metasploit 6.4 - The CreateSession option within this module can open an interactive session
msf6 auxiliary(scanner/mssql/mssql_login) > run PASS_FILE= USER_FILE= CreateSession=true username=sa password=yourStrong(!)Password rhost=127.0.0.1 rport=1433 database=master
msf6 auxiliary(scanner/mssql/mssql_login) > [*] 127.0.0.1:1433 - 127.0.0.1:1433 - MSSQL - Starting authentication scanner.
[!] 127.0.0.1:1433 - No active DB -- Credential data will not be saved!
[+] 127.0.0.1:1433 - 127.0.0.1:1433 - Login Successful: WORKSTATION\sa:yourStrong(!)Password
[*] MSSQL session 3 opened (127.0.0.1:38989 -> 127.0.0.1:1433) at 2024-04-18 08:40:58 +0000
use auxiliary/admin/mssql/mssql_enum
[*] 127.0.0.1:1433 - Scanned 1 of 1 hosts (100% complete)
[*] 127.0.0.1:1433 - Bruteforce completed, 1 credential was successful.
[*] 127.0.0.1:1433 - 1 MSSQL session was opened successfully.
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/mssql/mssql_login) > run session=3 Verbose=true
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(admin/mssql/mssql_enum) > [*] Running MS SQL Server Enumeration...
[*] Using existing session 3
[*] Version:
[*] Microsoft SQL Server 2019 (RTM-CU26) (KB5035123) - 15.0.4365.2 (X64)
[*] Mar 29 2024 23:02:47
[*] Copyright (C) 2019 Microsoft Corporation
[*] Developer Edition (64-bit) on Linux (Ubuntu 20.04.6 LTS) <X64>[*] Configuration Parameters:
[*] C2 Audit Mode is Not Enabled
[*] xp_cmdshell is Not Enabled
[*] remote access is Enabled
[*] allow updates is Not Enabled
[*] Database Mail XPs is Not Enabled
[*] Ole Automation Procedures are Not Enabled
[*] Databases on the server:
[*] Database name:master
[*] Database Files for master:
[*] /var/opt/mssql/data/master.mdf
[*] /var/opt/mssql/data/mastlog.ldf
[*] Database name:tempdb
[*] Database Files for tempdb:
[*] /var/opt/mssql/data/tempdb.mdf
[*] /var/opt/mssql/data/templog.ldf
[*] /var/opt/mssql/data/tempdb2.ndf
[*] /var/opt/mssql/data/tempdb3.ndf
[*] /var/opt/mssql/data/tempdb4.ndf
[*] Database name:model
[*] Database Files for model:
[*] /var/opt/mssql/data/model.mdf
[*] /var/opt/mssql/data/modellog.ldf
[*] Database name:msdb
[*] Database Files for msdb:
[*] /var/opt/mssql/data/MSDBData.mdf
[*] /var/opt/mssql/data/MSDBLog.ldf
[*] System Logins on this Server:
[*] sa
[*] ##MS_SQLResourceSigningCertificate##
[*] ##MS_SQLReplicationSigningCertificate##
[*] ##MS_SQLAuthenticatorCertificate##
[*] ##MS_PolicySigningCertificate##
[*] ##MS_SmoExtendedSigningCertificate##
[*] ##MS_PolicyEventProcessingLogin##
[*] ##MS_PolicyTsqlExecutionLogin##
[*] ##MS_AgentSigningCertificate##
[*] BUILTIN\Administrators
[*] NT AUTHORITY\NETWORK SERVICE
[*] NT AUTHORITY\SYSTEM
[*] Disabled Accounts:
[*] ##MS_PolicyEventProcessingLogin##
[*] ##MS_PolicyTsqlExecutionLogin##
[*] No Accounts Policy is set for:
[*] All System Accounts have the Windows Account Policy Applied to them.
[*] Password Expiration is not checked for:
[*] sa
[*] ##MS_PolicyEventProcessingLogin##
[*] ##MS_PolicyTsqlExecutionLogin##
[*] System Admin Logins on this Server:
[*] sa
[*] BUILTIN\Administrators
[*] NT AUTHORITY\NETWORK SERVICE
[*] Windows Logins on this Server:
[*] NT AUTHORITY\NETWORK SERVICE
[*] NT AUTHORITY\SYSTEM
[*] Windows Groups that can logins on this Server:
[*] BUILTIN\Administrators
[*] Accounts with Username and Password being the same:
[*] No Account with its password being the same as its username was found.
[*] Accounts with empty password:
[*] No Accounts with empty passwords where found.
[*] Stored Procedures with Public Execute Permission found:
[*] sp_replsetsyncstatus
[*] sp_replcounters
[*] sp_replsendtoqueue
[*] sp_resyncexecutesql
[*] sp_prepexecrpc
[*] sp_repltrans
[*] sp_xml_preparedocument
[*] xp_qv
[*] xp_getnetname
[*] sp_releaseschemalock
[*] sp_refreshview
[*] sp_replcmds
[*] sp_unprepare
[*] sp_resyncprepare
[*] sp_createorphan
[*] xp_dirtree
[*] sp_replwritetovarbin
[*] sp_replsetoriginator
[*] sp_xml_removedocument
[*] sp_repldone
[*] sp_reset_connection
[*] xp_fileexist
[*] xp_fixeddrives
[*] sp_getschemalock
[*] sp_prepexec
[*] xp_revokelogin
[*] sp_execute_external_script
[*] sp_resyncuniquetable
[*] sp_replflush
[*] sp_resyncexecute
[*] xp_grantlogin
[*] sp_droporphans
[*] xp_regread
[*] sp_getbindtoken
[*] sp_replincrementlsn
[*] Instances found on this server:
[*] MSSQLSERVER
[*] Default Server Instance SQL Server Service is running under the privilege of:
[*] LocalSystem
[*] Auxiliary module execution completed
sessions -K
msf6 auxiliary(admin/mssql/mssql_enum) > jobs -K
[*] Killing all sessions...
[*] 127.0.0.1 - MSSQL session 3 closed.
msf6 auxiliary(admin/mssql/mssql_enum) >
22 changes: 22 additions & 0 deletions acceptance-tests/data/attachments/4350e1398575f23c.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
use auxiliary/admin/mssql/mssql_sql
Stopping all jobs...
msf6 post(test/mssql) > run lhost=127.0.0.1 username=sa password=yourStrong(!)Password rhost=127.0.0.1 rport=1433 database=master Verbose=true
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(admin/mssql/mssql_sql) > [*] Running module against 127.0.0.1
[*] 127.0.0.1:1433 - SQL Query: select @@version
[*] 127.0.0.1:1433 - Row Count: 1 (Status: 16 Command: 193)
Response
========

NULL
----
Microsoft SQL Server 2022 (RTM-CU12-GDR) (KB5036343) - 16.0.4120.1 (X64)
Mar 18 2024 12:02:14
Copyright (C) 2022 Microsoft Corporation
Developer Edition (64-bit) on Linux (Ubuntu 22.04.4 LTS) <X64>

[*] Auxiliary module execution completed
sessions -K
msf6 auxiliary(admin/mssql/mssql_sql) > jobs -K
[*] Killing all sessions...
msf6 auxiliary(admin/mssql/mssql_sql) >
Loading

0 comments on commit 7725e5d

Please sign in to comment.