Skip to content

Commit

Permalink
Reboot gh-pages
Browse files Browse the repository at this point in the history
  • Loading branch information
msjenkins-r7 committed Apr 11, 2024
0 parents commit d00c360
Show file tree
Hide file tree
Showing 3,226 changed files with 2,071,297 additions and 0 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
1 change: 1 addition & 0 deletions 404.html

Large diffs are not rendered by default.

1 change: 1 addition & 0 deletions CNAME
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
docs.metasploit.com
40 changes: 40 additions & 0 deletions acceptance-tests/app.js

Large diffs are not rendered by default.

16 changes: 16 additions & 0 deletions acceptance-tests/data/attachments/1017bdaf6a8ed606.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
## Load test modules
loadpath test/modules

## Session module
use auxiliary/scanner/mysql/mysql_login

## Set global datastore
irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'

## Run command
run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306


## Replication commands
use auxiliary/scanner/mysql/mysql_hashdump
run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306 Verbose=true
36 changes: 36 additions & 0 deletions acceptance-tests/data/attachments/10e6cbf25bfb24a2.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
Calling `DidYouMean::SPELL_CHECKERS.merge!(error_name => spell_checker)' has been deprecated. Please call `DidYouMean.correct_error(error_name, spell_checker)' instead.
Calling `DidYouMean::SPELL_CHECKERS.merge!(error_name => spell_checker)' has been deprecated. Please call `DidYouMean.correct_error(error_name, spell_checker)' instead.
Overriding user environment variable 'OPENSSL_CONF' to enable legacy functions.
msf6 > loadpath test/modules
Loaded 42 modules:
14 auxiliary modules
13 exploit modules
15 post modules
msf6 > features set mysql_session_type true
mysql_session_type => true
[!] Run the save command and restart the console for this feature to take effect.
msf6 > use auxiliary/scanner/mysql/mysql_login
[*] New in Metasploit 6.4 - The CreateSession option within this module can open an interactive session
msf6 auxiliary(scanner/mysql/mysql_login) > irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
msf6 auxiliary(scanner/mysql/mysql_login) > run PASS_FILE= USER_FILE= CreateSession=true username=root password=password rhost=127.0.0.1 rport=3306
[+] 127.0.0.1:3306 - 127.0.0.1:3306 - Found remote MySQL version 8.3.0
[!] 127.0.0.1:3306 - No active DB -- Credential data will not be saved!
[+] 127.0.0.1:3306 - 127.0.0.1:3306 - Success: 'root:password'
[*] MySQL session 1 opened (127.0.0.1:44545 -> 127.0.0.1:3306) at 2024-04-11 08:41:49 +0000
[*] 127.0.0.1:3306 - Scanned 1 of 1 hosts (100% complete)
[*] 127.0.0.1:3306 - Bruteforce completed, 1 credential was successful.
[*] 127.0.0.1:3306 - 1 MySQL session was opened successfully.
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/mysql/mysql_login) > use auxiliary/admin/mysql/mysql_sql
run session=1 Verbose=true
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(admin/mysql/mysql_sql) > [*] Using existing session 1
[*] Sending statement: 'select version()'...
[*] 127.0.0.1:3306 MySQL - querying with 'select version()'
[*] | 8.3.0 |
[*] Auxiliary module execution completed
sessions -K
msf6 auxiliary(admin/mysql/mysql_sql) > jobs -K
[*] Killing all sessions...
[*] 127.0.0.1 - MySQL session 1 closed.
msf6 auxiliary(admin/mysql/mysql_sql) >
80 changes: 80 additions & 0 deletions acceptance-tests/data/attachments/115c0a2543486546.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,80 @@
use auxiliary/scanner/mysql/mysql_login
Stopping all jobs...
msf6 auxiliary(admin/mysql/mysql_enum) > irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
[*] New in Metasploit 6.4 - The CreateSession option within this module can open an interactive session
msf6 auxiliary(scanner/mysql/mysql_login) > run PASS_FILE= USER_FILE= CreateSession=true username=root password=password rhost=127.0.0.1 rport=3306
msf6 auxiliary(scanner/mysql/mysql_login) > [+] 127.0.0.1:3306 - 127.0.0.1:3306 - Found remote MySQL version 5.5.42
[!] 127.0.0.1:3306 - No active DB -- Credential data will not be saved!
[+] 127.0.0.1:3306 - 127.0.0.1:3306 - Success: 'root:password'
[*] MySQL session 3 opened (127.0.0.1:38579 -> 127.0.0.1:3306) at 2024-04-11 08:41:59 +0000
[*] 127.0.0.1:3306 - Scanned 1 of 1 hosts (100% complete)
[*] 127.0.0.1:3306 - Bruteforce completed, 1 credential was successful.
[*] 127.0.0.1:3306 - 1 MySQL session was opened successfully.
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/mysql/mysql_login) > use auxiliary/admin/mysql/mysql_enum
run session=3 Verbose=true
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(admin/mysql/mysql_enum) > [*] Using existing session 3
[*] Running MySQL Enumerator...
[*] Enumerating Parameters
[*] 127.0.0.1:3306 MySQL - querying with 'show variables'
[*] MySQL Version: 5.5.42-MariaDB-1~wheezy-log
[*] Compiled for the following OS: debian-linux-gnu
[*] Architecture: x86_64
[*] Server Hostname: ee7793304ca6
[*] Data Directory: /var/lib/mysql/
[*] Logging of queries and logins: OFF
[*] Old Password Hashing Algorithm OFF
[*] Loading of local files: ON
[*] Deny logins with old Pre-4.1 Passwords: OFF
[*] Allow Use of symlinks for Database Files: YES
[*] Allow Table Merge:
[*] SSL Connection: DISABLED
[*] 127.0.0.1:3306 MySQL - querying with 'use mysql'
[*] Enumerating Accounts:
[*] 127.0.0.1:3306 MySQL - querying with 'select user, host, password from mysql.user'
[*] List of Accounts with Password Hashes:
[+] User: root Host: % Password Hash: *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19
[!] No active DB -- Credential data will not be saved!
[*] 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where Grant_priv = 'Y''
[*] The following users have GRANT Privilege:
[*] User: root Host: %
[*] 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where Create_user_priv = 'Y''
[*] The following users have CREATE USER Privilege:
[*] User: root Host: %
[*] 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where Reload_priv = 'Y''
[*] The following users have RELOAD Privilege:
[*] User: root Host: %
[*] 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where Shutdown_priv = 'Y''
[*] The following users have SHUTDOWN Privilege:
[*] User: root Host: %
[*] 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where Super_priv = 'Y''
[*] The following users have SUPER Privilege:
[*] User: root Host: %
[*] 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where FILE_priv = 'Y''
[*] The following users have FILE Privilege:
[*] User: root Host: %
[*] 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where Process_priv = 'Y''
[*] The following users have PROCESS Privilege:
[*] User: root Host: %
[*] 127.0.0.1:3306 MySQL - querying with ' select user, host
from mysql.user where
(Select_priv = 'Y') or
(Insert_priv = 'Y') or
(Update_priv = 'Y') or
(Delete_priv = 'Y') or
(Create_priv = 'Y') or
(Drop_priv = 'Y')'
[*] The following accounts have privileges to the mysql database:
[*] User: root Host: %
[*] 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where user = '''
[*] 127.0.0.1:3306 MySQL - querying with 'select user, host, password from mysql.user where length(password) = 0 or password is null'
[*] 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where host = "%"'
[*] The following accounts are not restricted by source:
[*] User: root Host: %
[*] Auxiliary module execution completed
sessions -K
msf6 auxiliary(admin/mysql/mysql_enum) > jobs -K
[*] Killing all sessions...
[*] 127.0.0.1 - MySQL session 3 closed.
msf6 auxiliary(admin/mysql/mysql_enum) >
28 changes: 28 additions & 0 deletions acceptance-tests/data/attachments/1515690466021a7e.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
use auxiliary/scanner/mysql/mysql_login
Stopping all jobs...
msf6 auxiliary(scanner/mysql/mysql_hashdump) > irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
[*] New in Metasploit 6.4 - The CreateSession option within this module can open an interactive session
msf6 auxiliary(scanner/mysql/mysql_login) > run PASS_FILE= USER_FILE= CreateSession=true username=root password=password rhost=127.0.0.1 rport=3306
msf6 auxiliary(scanner/mysql/mysql_login) > [+] 127.0.0.1:3306 - 127.0.0.1:3306 - Found remote MySQL version 5.5.42
[!] 127.0.0.1:3306 - No active DB -- Credential data will not be saved!
[+] 127.0.0.1:3306 - 127.0.0.1:3306 - Success: 'root:password'
[*] MySQL session 3 opened (127.0.0.1:33207 -> 127.0.0.1:3306) at 2024-04-11 08:41:52 +0000
use auxiliary/scanner/mysql/mysql_hashdump
[*] 127.0.0.1:3306 - Scanned 1 of 1 hosts (100% complete)
[*] 127.0.0.1:3306 - Bruteforce completed, 1 credential was successful.
[*] 127.0.0.1:3306 - 1 MySQL session was opened successfully.
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/mysql/mysql_login) > run session=3 Verbose=true
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(scanner/mysql/mysql_hashdump) > [*] Using existing session 3
[!] No active DB -- Credential data will not be saved!
[*] 127.0.0.1:3306 MySQL - querying with 'SELECT @@version'
[*] 127.0.0.1:3306 MySQL - querying with 'SELECT user,password from mysql.user'
[+] Saving HashString as Loot: root:*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
sessions -K
msf6 auxiliary(scanner/mysql/mysql_hashdump) > jobs -K
[*] Killing all sessions...
[*] 127.0.0.1 - MySQL session 3 closed.
msf6 auxiliary(scanner/mysql/mysql_hashdump) >
69 changes: 69 additions & 0 deletions acceptance-tests/data/attachments/17d6a90ad0da79cf.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
use auxiliary/admin/mysql/mysql_enum
Stopping all jobs...
msf6 auxiliary(scanner/mysql/mysql_version) > run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306 Verbose=true
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(admin/mysql/mysql_enum) > [*] Running module against 127.0.0.1
[+] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - Logged in to '' with 'root':'password'
[*] 127.0.0.1:3306 - Running MySQL Enumerator...
[*] 127.0.0.1:3306 - Enumerating Parameters
[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'show variables'
[*] 127.0.0.1:3306 - MySQL Version: 5.5.42-MariaDB-1~wheezy-log
[*] 127.0.0.1:3306 - Compiled for the following OS: debian-linux-gnu
[*] 127.0.0.1:3306 - Architecture: x86_64
[*] 127.0.0.1:3306 - Server Hostname: ee7793304ca6
[*] 127.0.0.1:3306 - Data Directory: /var/lib/mysql/
[*] 127.0.0.1:3306 - Logging of queries and logins: OFF
[*] 127.0.0.1:3306 - Old Password Hashing Algorithm OFF
[*] 127.0.0.1:3306 - Loading of local files: ON
[*] 127.0.0.1:3306 - Deny logins with old Pre-4.1 Passwords: OFF
[*] 127.0.0.1:3306 - Allow Use of symlinks for Database Files: YES
[*] 127.0.0.1:3306 - Allow Table Merge:
[*] 127.0.0.1:3306 - SSL Connection: DISABLED
[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'use mysql'
[*] 127.0.0.1:3306 - Enumerating Accounts:
[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host, password from mysql.user'
[*] 127.0.0.1:3306 - List of Accounts with Password Hashes:
[+] 127.0.0.1:3306 - User: root Host: % Password Hash: *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19
[!] 127.0.0.1:3306 - No active DB -- Credential data will not be saved!
[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where Grant_priv = 'Y''
[*] 127.0.0.1:3306 - The following users have GRANT Privilege:
[*] 127.0.0.1:3306 - User: root Host: %
[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where Create_user_priv = 'Y''
[*] 127.0.0.1:3306 - The following users have CREATE USER Privilege:
[*] 127.0.0.1:3306 - User: root Host: %
[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where Reload_priv = 'Y''
[*] 127.0.0.1:3306 - The following users have RELOAD Privilege:
[*] 127.0.0.1:3306 - User: root Host: %
[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where Shutdown_priv = 'Y''
[*] 127.0.0.1:3306 - The following users have SHUTDOWN Privilege:
[*] 127.0.0.1:3306 - User: root Host: %
[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where Super_priv = 'Y''
[*] 127.0.0.1:3306 - The following users have SUPER Privilege:
[*] 127.0.0.1:3306 - User: root Host: %
[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where FILE_priv = 'Y''
[*] 127.0.0.1:3306 - The following users have FILE Privilege:
[*] 127.0.0.1:3306 - User: root Host: %
[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where Process_priv = 'Y''
[*] 127.0.0.1:3306 - The following users have PROCESS Privilege:
[*] 127.0.0.1:3306 - User: root Host: %
[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with ' select user, host
from mysql.user where
(Select_priv = 'Y') or
(Insert_priv = 'Y') or
(Update_priv = 'Y') or
(Delete_priv = 'Y') or
(Create_priv = 'Y') or
(Drop_priv = 'Y')'
[*] 127.0.0.1:3306 - The following accounts have privileges to the mysql database:
[*] 127.0.0.1:3306 - User: root Host: %
[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where user = '''
[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host, password from mysql.user where length(password) = 0 or password is null'
[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where host = "%"'
[*] 127.0.0.1:3306 - The following accounts are not restricted by source:
[*] 127.0.0.1:3306 - User: root Host: %
[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - Disconnected
[*] Auxiliary module execution completed
sessions -K
msf6 auxiliary(admin/mysql/mysql_enum) > jobs -K
[*] Killing all sessions...
msf6 auxiliary(admin/mysql/mysql_enum) >
16 changes: 16 additions & 0 deletions acceptance-tests/data/attachments/186effe8f0defc6f.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
## Load test modules
loadpath test/modules

## Session module
use auxiliary/scanner/mysql/mysql_login

## Set global datastore
irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'

## Run command
run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306


## Replication commands
use post/test/mysql
run session=4 Verbose=true
14 changes: 14 additions & 0 deletions acceptance-tests/data/attachments/1aec3bd5fd15a5bc.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
{
"required_lines": [
{
"values": [
"(?-mix:MySQL Version: \\d+.\\d+.*)"
],
"options": {
}
}
],
"known_failures": [

]
}
16 changes: 16 additions & 0 deletions acceptance-tests/data/attachments/1bc9ef29c1a2a3fd.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
## Load test modules
loadpath test/modules

## Session module
use auxiliary/scanner/mysql/mysql_login

## Set global datastore
irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'

## Run command
run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306


## Replication commands
use post/test/mysql
run session=5 Verbose=true
14 changes: 14 additions & 0 deletions acceptance-tests/data/attachments/1d432a59fd2c9d14.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
{
"required_lines": [
{
"values": [
"(?-mix:MySQL Version: \\d+.\\d+.*)"
],
"options": {
}
}
],
"known_failures": [

]
}
16 changes: 16 additions & 0 deletions acceptance-tests/data/attachments/1df5f8cd0e6e3ad3.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
## Load test modules
loadpath test/modules

## Session module
use auxiliary/scanner/mysql/mysql_login

## Set global datastore
irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'

## Run command
run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306


## Replication commands
use auxiliary/scanner/mysql/mysql_hashdump
run session=5 Verbose=true
14 changes: 14 additions & 0 deletions acceptance-tests/data/attachments/1ed4e2e0dafe1de9.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
{
"required_lines": [
{
"values": [
"(?-mix:\\| \\d+.\\d+.*)"
],
"options": {
}
}
],
"known_failures": [

]
}
14 changes: 14 additions & 0 deletions acceptance-tests/data/attachments/1f611e0b8e190813.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
use auxiliary/admin/mysql/mysql_sql
Stopping all jobs...
msf6 auxiliary(admin/mysql/mysql_sql) > run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306 Verbose=true
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(admin/mysql/mysql_sql) > [*] Running module against 127.0.0.1
[+] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - Logged in to '' with 'root':'password'
[*] 127.0.0.1:3306 - Sending statement: 'select version()'...
[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select version()'
[*] 127.0.0.1:3306 - | 8.3.0 |
[*] Auxiliary module execution completed
sessions -K
msf6 auxiliary(admin/mysql/mysql_sql) > jobs -K
[*] Killing all sessions...
msf6 auxiliary(admin/mysql/mysql_sql) >
Loading

0 comments on commit d00c360

Please sign in to comment.