Merge branch 'master' of git://github.com/rapid7/metasploit-framework into dlink-dir300-600-execution

Author: m-1-k-3

data/gui/msfgui.jar

@@ -260,7 +260,8 @@ protected RpcConnection doInBackground() throws Exception {
 				// Don't fork cause we'll check if it dies
 				String rpcType = "Basic";
 				java.util.List args = new java.util.ArrayList(java.util.Arrays.asList(new String[]{
-						"msfrpcd","-f","-P",defaultPass,"-t","Msg","-U",defaultUser,"-a","127.0.0.1"}));
+						"msfrpcd","-f","-P",defaultPass,"-t","Msg","-U",defaultUser,"-a","127.0.0.1",
+						"-p",Integer.toString(defaultPort)}));
 				if(!defaultSsl)
 					args.add("-S");
 				if(disableDb)

external/source/gui/msfguijava/src/msfgui/RpcConnection.java

@@ -188,7 +188,9 @@ def connection(url)
 			context,
 			url.scheme == "https",
 			'SSLv23',
-			@opts[:proxies]
+			@opts[:proxies],
+                    @opts[:username],
+                    @opts[:password]
 		)
 
 		conn.set_config(

lib/anemone/rex_http.rb

@@ -22,7 +22,9 @@ def initialize(info = {})
 				Opt::Proxies,
 				OptInt.new('MAX_PAGES', [ true, 'The maximum number of pages to crawl per URL', 500]),
 				OptInt.new('MAX_MINUTES', [ true, 'The maximum number of minutes to spend on each URL', 5]),
-				OptInt.new('MAX_THREADS', [ true, 'The maximum number of concurrent requests', 4])
+				OptInt.new('MAX_THREADS', [ true, 'The maximum number of concurrent requests', 4]),
+				OptString.new('USERNAME', [false, 'The HTTP username to specify for authentication']),
+				OptString.new('PASSWORD', [false, 'The HTTP password to specify for authentication'])
 			], self.class
 		)
 
@@ -34,8 +36,6 @@ def initialize(info = {})
 				OptString.new('UserAgent', [true, 'The User-Agent header to use for all requests',
 					"Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
 				]),
-				OptString.new('BasicAuthUser', [false, 'The HTTP username to specify for basic authentication']),
-				OptString.new('BasicAuthPass', [false, 'The HTTP password to specify for basic authentication']),
 				OptString.new('HTTPAdditionalHeaders', [false, "A list of additional headers to send (separated by \\x01)"]),
 				OptString.new('HTTPCookie', [false, "A HTTP cookie header to send with each request"]),
 				OptBool.new('SSL', [ false, 'Negotiate SSL for outgoing connections', false]),
@@ -118,8 +118,9 @@ def run
 			:info     => ""
 		})
 
-		if datastore['BasicAuthUser']
-			t[:http_basic_auth] = [ "#{datastore['BasicAuthUser']}:#{datastore['BasicAuthPass']}" ].pack("m*").gsub(/\s+/, '')
+		if datastore['USERNAME'] and datastore['USERNAME'] != ''
+			t[:username] = datastore['USERNAME'].to_s
+			t[:password] = datastore['PASSWORD'].to_s
 		end
 
 		if datastore['HTTPCookie']
@@ -278,9 +279,8 @@ def crawler_options(t)
 			opts[:cookies] = t[:cookies]
 		end
 
-		if t[:http_basic_auth]
-			opts[:http_basic_auth] = t[:http_basic_auth]
-		end
+		opts[:username] = t[:username] || ''
+		opts[:password] =t[:password] || ''
 
 		opts
 	end

lib/msf/core/auxiliary/crawler.rb

@@ -10,6 +10,7 @@
 module Msf
 class Auxiliary::Web::HTTP
 
+
 	class Request
 		attr_accessor :url
 		attr_reader	 :opts
@@ -69,6 +70,7 @@ def timed_out
 	attr_reader :framework
 
 	attr_accessor :redirect_limit
+	attr_accessor :username , :password
 
 	def initialize( opts = {} )
 		@opts = opts.dup
@@ -84,8 +86,8 @@ def initialize( opts = {} )
 
 		@request_opts = {}
 		if opts[:auth].is_a? Hash
-			@request_opts['basic_auth'] = [ opts[:auth][:user].to_s + ':' +
-								opts[:auth][:password] ]. pack( 'm*' ).gsub( /\s+/, '' )
+			@username = opts[:auth][:user].to_s
+			@password = opts[:auth][:password].to_s
 		end
 
 		self.redirect_limit = opts[:redirect_limit] || 20
@@ -105,7 +107,9 @@ def connect
 			opts[:target].port,
 			{},
 			opts[:target].ssl,
-			'SSLv23'
+			'SSLv23',
+			username,
+			password
 		)
 
 		c.set_config({
@@ -266,10 +270,12 @@ def queue( request )
 	end
 
 	def _request( url, opts = {} )
-		body		= opts[:body]
+		body    = opts[:body]
 		timeout = opts[:timeout] || 10
-		method	= opts[:method].to_s.upcase || 'GET'
-		url		 = url.is_a?( URI ) ? url : URI( url.to_s )
+		method  = opts[:method].to_s.upcase || 'GET'
+		url	    = url.is_a?( URI ) ? url : URI( url.to_s )
+
+		rex_overrides = opts.delete( :rex ) || {}
 
 		param_opts = {}
 
@@ -285,14 +291,19 @@ def _request( url, opts = {} )
 		end
 
 		opts = @request_opts.merge( param_opts ).merge(
-			'uri'		 => url.path || '/',
-			'method'	=> method,
+			'uri'     => url.path || '/',
+			'method'  => method,
 			'headers' => headers.merge( opts[:headers] || {} )
-		)
+		# Allow for direct rex overrides
+		).merge( rex_overrides )
 
 		opts['data'] = body if body
 
 		c = connect
+		if opts['username'] and opts['username'] != ''
+			c.username = opts['username'].to_s
+			c.password = opts['password'].to_s
+		end
 		Response.from_rex_response c.send_recv( c.request_cgi( opts ), timeout )
 	rescue ::Timeout::Error
 		Response.timed_out

lib/msf/core/auxiliary/web/http.rb

@@ -71,7 +71,7 @@ def wmap_base_url
 		else
 			res << datastore['VHOST']
 		end
-		res << ":" + wmap_target_port
+		res << ":" + wmap_target_port.to_s
 		res
 	end
 

lib/msf/core/auxiliary/wmapmodule.rb

@@ -22,7 +22,9 @@ def on_new_session(session)
 					# Meterpreter should do this automatically as part of
 					# fs.file.rm().  Until that has been implemented, remove the
 					# read-only flag with a command.
-					session.shell_command_token(%Q|attrib.exe -r "#{win_file}"|)
+					if session.platform =~ /win/
+						session.shell_command_token(%Q|attrib.exe -r #{win_file}|)
+					end
 					session.fs.file.rm(file)
 					print_good("Deleted #{file}")
 					true