Reboot gh-pages

rapid7 · May 9, 2024 · 0be098d · 0be098d
commit 0be098d
Show file tree

Hide file tree

Showing 3,237 changed files with 2,079,733 additions and 0 deletions.
diff --git a/404.html b/404.html
diff --git a/CNAME b/CNAME
@@ -0,0 +1 @@
+docs.metasploit.com
diff --git a/acceptance-tests/app.js b/acceptance-tests/app.js
diff --git a/acceptance-tests/data/attachments/11351619fa45a463.txt b/acceptance-tests/data/attachments/11351619fa45a463.txt
@@ -0,0 +1,14 @@
+{
+  "required_lines": [
+    {
+      "values": [
+        "(?-mix:MySQL Version: \\d+.\\d+.*)"
+      ],
+      "options": {
+      }
+    }
+  ],
+  "known_failures": [
+
+  ]
+}
diff --git a/acceptance-tests/data/attachments/13d76fb9c3a3dc38.txt b/acceptance-tests/data/attachments/13d76fb9c3a3dc38.txt
@@ -0,0 +1,16 @@
+## Load test modules
+loadpath test/modules
+
+## Session module 
+use auxiliary/scanner/mysql/mysql_login
+
+## Set global datastore
+irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
+
+## Run command
+run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306
+
+
+## Replication commands
+use auxiliary/scanner/mysql/mysql_version
+run session=4 Verbose=true
diff --git a/acceptance-tests/data/attachments/15f66cd4014bee35.txt b/acceptance-tests/data/attachments/15f66cd4014bee35.txt
@@ -0,0 +1,14 @@
+{
+  "required_lines": [
+    {
+      "values": [
+        "(?-mix:(?-mix:\\d+\\.\\d+\\.\\d+\\.\\d+:\\d+) is running MySQL \\d+.\\d+.*)"
+      ],
+      "options": {
+      }
+    }
+  ],
+  "known_failures": [
+
+  ]
+}
diff --git a/acceptance-tests/data/attachments/16d07a2f306825e5.txt b/acceptance-tests/data/attachments/16d07a2f306825e5.txt
@@ -0,0 +1,16 @@
+## Load test modules
+loadpath test/modules
+
+## Session module 
+use auxiliary/scanner/mysql/mysql_login
+
+## Set global datastore
+irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
+
+## Run command
+run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306
+
+
+## Replication commands
+use post/test/mysql
+run session=3 Verbose=true
diff --git a/acceptance-tests/data/attachments/1a7d1b1815cf5a50.txt b/acceptance-tests/data/attachments/1a7d1b1815cf5a50.txt
@@ -0,0 +1,26 @@
+use auxiliary/scanner/mysql/mysql_login
+Stopping all jobs...
+[4mmsf6[0m auxiliary([1m[31mscanner/mysql/mysql_hashdump[0m) [0m> irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
+[*] New in Metasploit 6.4 - The CreateSession option within this module can open an interactive session
+[4mmsf6[0m auxiliary([1m[31mscanner/mysql/mysql_login[0m) [0m> run PASS_FILE= USER_FILE= CreateSession=true username=root password=password rhost=127.0.0.1 rport=3306
+[4mmsf6[0m auxiliary([1m[31mscanner/mysql/mysql_login[0m) [0m> [+] 127.0.0.1:3306        - 127.0.0.1:3306 - Found remote MySQL version 5.5.42
+[!] 127.0.0.1:3306        - No active DB -- Credential data will not be saved!
+[+] 127.0.0.1:3306        - 127.0.0.1:3306 - Success: 'root:password'
+[*] MySQL session 2 opened (127.0.0.1:36009 -> 127.0.0.1:3306) at 2024-05-09 12:16:22 +0000
+[*] 127.0.0.1:3306        - Scanned 1 of 1 hosts (100% complete)
+[*] 127.0.0.1:3306        - Bruteforce completed, 1 credential was successful.
+[*] 127.0.0.1:3306        - 1 MySQL session was opened successfully.
+[*] Auxiliary module execution completed
+[4mmsf6[0m auxiliary([1m[31mscanner/mysql/mysql_login[0m) [0m> use auxiliary/admin/mysql/mysql_sql
+run session=2 Verbose=true
+[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
+[4mmsf6[0m auxiliary([1m[31madmin/mysql/mysql_sql[0m) [0m> [*] Using existing session 2
+[*] Sending statement: 'select version()'...
+[*] 127.0.0.1:3306 MySQL - querying with 'select version()'
+[*]  | 5.5.42 |
+[*] Auxiliary module execution completed
+sessions -K
+[4mmsf6[0m auxiliary([1m[31madmin/mysql/mysql_sql[0m) [0m> jobs -K
+[*] Killing all sessions...
+[*] 127.0.0.1 - MySQL session 2 closed.
+[4mmsf6[0m auxiliary([1m[31madmin/mysql/mysql_sql[0m) [0m> 
diff --git a/acceptance-tests/data/attachments/1d84b458a3a7d5da.txt b/acceptance-tests/data/attachments/1d84b458a3a7d5da.txt
@@ -0,0 +1,16 @@
+## Load test modules
+loadpath test/modules
+
+## Session module 
+use auxiliary/scanner/mysql/mysql_login
+
+## Set global datastore
+irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
+
+## Run command
+run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306
+
+
+## Replication commands
+use auxiliary/scanner/mysql/mysql_hashdump
+run session=5 Verbose=true
diff --git a/acceptance-tests/data/attachments/1e6fd6e0e90cff64.txt b/acceptance-tests/data/attachments/1e6fd6e0e90cff64.txt
@@ -0,0 +1,14 @@
+{
+  "required_lines": [
+    {
+      "values": [
+        "(?-mix:(?-mix:\\d+\\.\\d+\\.\\d+\\.\\d+:\\d+) is running MySQL \\d+.\\d+.*)"
+      ],
+      "options": {
+      }
+    }
+  ],
+  "known_failures": [
+
+  ]
+}
diff --git a/acceptance-tests/data/attachments/1fd1eca5486e93fe.txt b/acceptance-tests/data/attachments/1fd1eca5486e93fe.txt
@@ -0,0 +1,14 @@
+use auxiliary/admin/mysql/mysql_sql
+Stopping all jobs...
+[4mmsf6[0m auxiliary([1m[31madmin/mysql/mysql_sql[0m) [0m> run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306 Verbose=true
+[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
+[4mmsf6[0m auxiliary([1m[31madmin/mysql/mysql_sql[0m) [0m> [*] Running module against 127.0.0.1
+[+] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - Logged in to '' with 'root':'password'
+[*] 127.0.0.1:3306 - Sending statement: 'select version()'...
+[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select version()'
+[*] 127.0.0.1:3306 -  | 5.5.42 |
+[*] Auxiliary module execution completed
+sessions -K
+[4mmsf6[0m auxiliary([1m[31madmin/mysql/mysql_sql[0m) [0m> jobs -K
+[*] Killing all sessions...
+[4mmsf6[0m auxiliary([1m[31madmin/mysql/mysql_sql[0m) [0m> 
diff --git a/acceptance-tests/data/attachments/2603797748b8cc24.txt b/acceptance-tests/data/attachments/2603797748b8cc24.txt
@@ -0,0 +1,93 @@
+use auxiliary/admin/mysql/mysql_enum
+Stopping all jobs...
+[4mmsf6[0m auxiliary([1m[31madmin/mysql/mysql_sql[0m) [0m> run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306 Verbose=true
+[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
+[4mmsf6[0m auxiliary([1m[31madmin/mysql/mysql_enum[0m) [0m> [*] Running module against 127.0.0.1
+[+] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - Logged in to '' with 'root':'password'
+[*] 127.0.0.1:3306 - Running MySQL Enumerator...
+[*] 127.0.0.1:3306 - Enumerating Parameters
+[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'show variables'
+[*] 127.0.0.1:3306 - 	MySQL Version: 11.3.2-MariaDB-1:11.3.2+maria~ubu2204
+[*] 127.0.0.1:3306 - 	Compiled for the following OS: debian-linux-gnu
+[*] 127.0.0.1:3306 - 	Architecture: x86_64
+[*] 127.0.0.1:3306 - 	Server Hostname: ba6306661377
+[*] 127.0.0.1:3306 - 	Data Directory: /var/lib/mysql/
+[*] 127.0.0.1:3306 - 	Logging of queries and logins: ON
+[*] 127.0.0.1:3306 - 	Log Files Location: OFF
+[*] 127.0.0.1:3306 - 	Old Password Hashing Algorithm OFF
+[*] 127.0.0.1:3306 - 	Loading of local files: ON
+[*] 127.0.0.1:3306 - 	Deny logins with old Pre-4.1 Passwords: ON
+[*] 127.0.0.1:3306 - 	Skipping of GRANT TABLE: OFF
+[*] 127.0.0.1:3306 - 	Allow Use of symlinks for Database Files: YES
+[*] 127.0.0.1:3306 - 	Allow Table Merge: 
+[*] 127.0.0.1:3306 - 	SSL Connections: Enabled
+[*] 127.0.0.1:3306 - 	SSL CA Certificate: 
+[*] 127.0.0.1:3306 - 	SSL Key: 
+[*] 127.0.0.1:3306 - 	SSL Certificate: 
+[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'use mysql'
+[*] 127.0.0.1:3306 - Enumerating Accounts:
+[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host, authentication_string from mysql.user'
+[*] 127.0.0.1:3306 - 	List of Accounts with Password Hashes:
+[+] 127.0.0.1:3306 - 		User: mariadb.sys Host: localhost Password Hash: 
+[!] 127.0.0.1:3306 - No active DB -- Credential data will not be saved!
+[+] 127.0.0.1:3306 - 		User: root Host: localhost Password Hash: *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19
+[+] 127.0.0.1:3306 - 		User: root Host: % Password Hash: *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19
+[+] 127.0.0.1:3306 - 		User: healthcheck Host: 127.0.0.1 Password Hash: *334F68210D50581A2EE080F911417A8F8D982DC4
+[+] 127.0.0.1:3306 - 		User: healthcheck Host: ::1 Password Hash: *334F68210D50581A2EE080F911417A8F8D982DC4
+[+] 127.0.0.1:3306 - 		User: healthcheck Host: localhost Password Hash: *334F68210D50581A2EE080F911417A8F8D982DC4
+[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host, ssl_type from mysql.user where
+        (ssl_type = 'ANY') or
+        (ssl_type = 'X509') or
+        (ssl_type = 'SPECIFIED')'
+[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where Grant_priv = 'Y''
+[*] 127.0.0.1:3306 - 	The following users have GRANT Privilege:
+[*] 127.0.0.1:3306 - 		User: root Host: localhost
+[*] 127.0.0.1:3306 - 		User: root Host: %
+[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where Create_user_priv = 'Y''
+[*] 127.0.0.1:3306 - 	The following users have CREATE USER Privilege:
+[*] 127.0.0.1:3306 - 		User: root Host: localhost
+[*] 127.0.0.1:3306 - 		User: root Host: %
+[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where Reload_priv = 'Y''
+[*] 127.0.0.1:3306 - 	The following users have RELOAD Privilege:
+[*] 127.0.0.1:3306 - 		User: root Host: localhost
+[*] 127.0.0.1:3306 - 		User: root Host: %
+[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where Shutdown_priv = 'Y''
+[*] 127.0.0.1:3306 - 	The following users have SHUTDOWN Privilege:
+[*] 127.0.0.1:3306 - 		User: root Host: localhost
+[*] 127.0.0.1:3306 - 		User: root Host: %
+[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where Super_priv = 'Y''
+[*] 127.0.0.1:3306 - 	The following users have SUPER Privilege:
+[*] 127.0.0.1:3306 - 		User: root Host: localhost
+[*] 127.0.0.1:3306 - 		User: root Host: %
+[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where FILE_priv = 'Y''
+[*] 127.0.0.1:3306 - 	The following users have FILE Privilege:
+[*] 127.0.0.1:3306 - 		User: root Host: localhost
+[*] 127.0.0.1:3306 - 		User: root Host: %
+[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where Process_priv = 'Y''
+[*] 127.0.0.1:3306 - 	The following users have PROCESS Privilege:
+[*] 127.0.0.1:3306 - 		User: root Host: localhost
+[*] 127.0.0.1:3306 - 		User: root Host: %
+[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with '       select user, host
+        from mysql.user where
+        (Select_priv = 'Y') or
+        (Insert_priv = 'Y') or
+        (Update_priv = 'Y') or
+        (Delete_priv = 'Y') or
+        (Create_priv = 'Y') or
+        (Drop_priv = 'Y')'
+[*] 127.0.0.1:3306 - 	The following accounts have privileges to the mysql database:
+[*] 127.0.0.1:3306 - 		User: root Host: localhost
+[*] 127.0.0.1:3306 - 		User: root Host: %
+[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where user = '''
+[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host, authentication_string from mysql.user where length(authentication_string) = 0 or authentication_string is null'
+[*] 127.0.0.1:3306 - 	The following accounts have empty passwords:
+[*] 127.0.0.1:3306 - 		User: mariadb.sys Host: localhost
+[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - querying with 'select user, host from mysql.user where host = "%"'
+[*] 127.0.0.1:3306 - 	The following accounts are not restricted by source:
+[*] 127.0.0.1:3306 - 		User: root Host: %
+[*] 127.0.0.1:3306 - 127.0.0.1:3306 MySQL - Disconnected
+[*] Auxiliary module execution completed
+sessions -K
+[4mmsf6[0m auxiliary([1m[31madmin/mysql/mysql_enum[0m) [0m> jobs -K
+[*] Killing all sessions...
+[4mmsf6[0m auxiliary([1m[31madmin/mysql/mysql_enum[0m) [0m> 
diff --git a/acceptance-tests/data/attachments/28d45acb4db48a33.txt b/acceptance-tests/data/attachments/28d45acb4db48a33.txt
@@ -0,0 +1,16 @@
+## Load test modules
+loadpath test/modules
+
+## Session module 
+use auxiliary/scanner/mysql/mysql_login
+
+## Set global datastore
+irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
+
+## Run command
+run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306
+
+
+## Replication commands
+use auxiliary/admin/mysql/mysql_enum
+run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306 Verbose=true
diff --git a/acceptance-tests/data/attachments/2984d0c96c9250d3.txt b/acceptance-tests/data/attachments/2984d0c96c9250d3.txt
@@ -0,0 +1,16 @@
+## Load test modules
+loadpath test/modules
+
+## Session module 
+use auxiliary/scanner/mysql/mysql_login
+
+## Set global datastore
+irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
+
+## Run command
+run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306
+
+
+## Replication commands
+use auxiliary/admin/mysql/mysql_sql
+run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306 Verbose=true
diff --git a/acceptance-tests/data/attachments/2c77793b100ba125.txt b/acceptance-tests/data/attachments/2c77793b100ba125.txt
@@ -0,0 +1,16 @@
+## Load test modules
+loadpath test/modules
+
+## Session module 
+use auxiliary/scanner/mysql/mysql_login
+
+## Set global datastore
+irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
+
+## Run command
+run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306
+
+
+## Replication commands
+use auxiliary/scanner/mysql/mysql_hashdump
+run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306 Verbose=true
diff --git a/acceptance-tests/data/attachments/2ec276131809a995.txt b/acceptance-tests/data/attachments/2ec276131809a995.txt
@@ -0,0 +1,16 @@
+## Load test modules
+loadpath test/modules
+
+## Session module 
+use auxiliary/scanner/mysql/mysql_login
+
+## Set global datastore
+irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
+
+## Run command
+run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306
+
+
+## Replication commands
+use post/test/mysql
+run session=4 Verbose=true
diff --git a/acceptance-tests/data/attachments/3155730121901c32.txt b/acceptance-tests/data/attachments/3155730121901c32.txt
@@ -0,0 +1,11 @@
+use auxiliary/scanner/mysql/mysql_version
+Stopping all jobs...
+[4mmsf6[0m auxiliary([1m[31madmin/mysql/mysql_sql[0m) [0m> run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306 Verbose=true
+[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
+[4mmsf6[0m auxiliary([1m[31mscanner/mysql/mysql_version[0m) [0m> [+] 127.0.0.1:3306 - 127.0.0.1:3306 is running MySQL 5.5.42 (protocol 10)
+[*] 127.0.0.1:3306 - Scanned 1 of 1 hosts (100% complete)
+[*] Auxiliary module execution completed
+sessions -K
+[4mmsf6[0m auxiliary([1m[31mscanner/mysql/mysql_version[0m) [0m> jobs -K
+[*] Killing all sessions...
+[4mmsf6[0m auxiliary([1m[31mscanner/mysql/mysql_version[0m) [0m> 
diff --git a/acceptance-tests/data/attachments/33ef8a4ac15a8654.txt b/acceptance-tests/data/attachments/33ef8a4ac15a8654.txt
@@ -0,0 +1,16 @@
+## Load test modules
+loadpath test/modules
+
+## Session module 
+use auxiliary/scanner/mysql/mysql_login
+
+## Set global datastore
+irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
+
+## Run command
+run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306
+
+
+## Replication commands
+use auxiliary/scanner/mysql/mysql_version
+run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306 Verbose=true