5366453031
[FixRM #8316 ] - Escape characters correctly
...
dots need to be escaped
2013-08-19 16:51:19 -05:00
7fc37231e0
Fix email format
...
Correct email format
2013-08-19 16:34:14 -05:00
a8ca32ab34
Oh yeah, need to do this too
2013-08-19 16:28:58 -05:00
154b1e8888
Remove comments
2013-08-19 16:27:35 -05:00
cf10a0ca91
Use print_line instead of print
...
These modules should be using print_line instead of print
2013-08-19 16:25:44 -05:00
8eb9266bff
Use the correct var
2013-08-19 16:19:03 -05:00
58d5cf6faa
Module should use OptRegexp for regex pattern option
...
Instead of using OptString, OptRegexp should be used because this
datastore option is a regex pattern.
2013-08-19 16:16:34 -05:00
8c03e905de
Get rid of function that's never used
...
RPORT datastore option is deregistered, and is never used anywhere
in the module, so I don't why we need this rport() function here.
2013-08-19 16:09:10 -05:00
a815d9277e
Merge pull request #2245 from todb-r7/grammar-and-such
...
Trivial grammar and word choice fixes for modules
2013-08-19 13:45:18 -07:00
17b5e57280
Typo
2013-08-19 15:32:19 -05:00
fb5ded1472
[FixRM #8314 ] - Use OptPath instead of OptString
...
These modules need to use OptPath to make sure the path is validated.
2013-08-19 15:30:33 -05:00
2e74c50880
[SeeRM #8313 ] - Print where files are stored
...
As an user, I want to be able to see where my file is stored when the
module I'm using runs a store_loot().
2013-08-19 15:02:15 -05:00
d0b56e1650
Use the correct variable
2013-08-19 14:38:40 -05:00
d89932bfd8
Use the correct variable
2013-08-19 14:33:01 -05:00
ca313806ae
Trivial grammar and word choice fixes for modules
2013-08-19 13:24:42 -05:00
4cef4e88a6
If exception hits, make sure it's closed.
2013-08-19 13:21:53 -05:00
11ef366818
Properly close hashlist
2013-08-19 13:14:13 -05:00
89d4f0180d
Make sure we close hashlist
2013-08-19 12:54:27 -05:00
abaec32ad6
What Luke said.
...
"You cannot, in general, place a variable declaration in a begin
scope and use it in the ensure scope unless you use nil?. It is
better to swap line 35 and line 34."
2013-08-18 23:54:04 -05:00
86d6bce8c4
[FixRM #8312 ] - Fix file handle leaks
...
Fix file handle leaks for [SeeRM #8312 ]
2013-08-18 20:31:13 -05:00
abd4fb778f
add osvdb ref for chasys overflow
2013-08-18 06:35:28 -05:00
0037ccceed
add osvdb ref for openx backdoor
2013-08-18 06:34:50 -05:00
c5d426fc70
Land #2235 , @wchen-r7's patch for [SeeRM #6264 ]
2013-08-17 10:05:41 -05:00
a75a4906f2
Description update
2013-08-16 23:28:24 -05:00
780293d817
Minor changes
2013-08-16 23:24:40 -05:00
a8cc15db20
Add module for ZDI-13-178
2013-08-16 18:13:18 -05:00
a94c6aa72b
[FixRM 6264] Check required vulnerable component before testing
...
tomcat_enum requires the admin web app package for it to work, but
by default many Apache Tomcat don't actually have this. The module
should check that first before trying usernames.
[FixRM 6264], see:
http://dev.metasploit.com/redmine/issues/6264
I also made changes to do_login in order to verify successful/bad
attempts more specific.
2013-08-16 15:45:23 -05:00
e50ef209b2
Land #2233 , @bperry-r7's module for nexpose
2013-08-16 14:21:22 -05:00
f42797fc5c
Fix indentation
2013-08-16 14:19:37 -05:00
f7339f4f77
Cleanup various style issues
...
* Unset default username and password
* Register SSL as a DefaultOption instead of redefining it
* Use the HttpClient mixin `ssl` instead of datastore.
* Unless is better than if !
* Try to store loot even if you can't cleanup the site ID.
2013-08-16 14:03:59 -05:00
dfa1310304
Commas in the author array
2013-08-16 13:54:46 -05:00
24b8fb0d7b
Whitespace retab, add rport 3780 as default
2013-08-16 13:31:05 -05:00
85b050112a
Land #2231 , @wchen-r7's patch for [SeeRM #8114 ]
2013-08-16 12:52:10 -05:00
a86b247077
Land #2224 - Add brute force module for Cisco IronPort
2013-08-16 12:07:14 -05:00
bbe57dbf3a
Some cleanup, also remove TARGETURI because not registered by default
2013-08-16 12:06:24 -05:00
d4dbea5594
Check 200
2013-08-16 11:34:32 -05:00
e436d31d23
Use SSL by defailt
2013-08-16 11:32:10 -05:00
60a229c71a
Use rhost and rport, not local host and port
2013-08-16 11:12:39 -05:00
646d55b638
Description should be present tense
2013-08-16 11:06:34 -05:00
f0237f07d6
Correct author and references
2013-08-16 11:04:51 -05:00
46d6fb3b42
Add module for xxe
2013-08-16 10:51:05 -05:00
e4885b2017
updated module
...
removed the csrfkey parameter from login uri.
2013-08-16 13:04:02 +05:30
1a3b4eebdb
Fix directory name on ruby
2013-08-15 22:54:31 -05:00
795ad70eab
Change directory names
2013-08-15 22:52:42 -05:00
c5c2aebf15
Update references
2013-08-15 22:04:15 -05:00
cc5804f5f3
Add Port for OSVDB 96277
2013-08-15 18:34:51 -05:00
79acc96e9a
Land #2230 , enum_shares nil deref
...
[FixRM #8224 ]
2013-08-15 16:55:39 -05:00
462ccc3d36
Missed these little devils
2013-08-15 16:50:13 -05:00
cd734acf3e
[See RM 8114] - Reduce false positive if traffic is redirected
...
Fix complaint for hitting this false positive when the user has
all the traffic redirected.
2013-08-15 16:33:10 -05:00
83a179ff08
[Fix RM 8224] - undefined method `include?' for nil:NilClass
...
Bug due to registry_enumkeys returning nil.
2013-08-15 16:04:35 -05:00
6c1ba9c9c9
Switch to Failure vs Exploit::Failure
2013-08-15 14:14:46 -05:00
a65181d51b
new revision - cisco_ironport_enum
...
Added code to check successful conn first, so now if there is no connectivity on target port, script aborts run.
New check to ensure 'set-cookie' is set by the app as expected, before any further fingerprinting & b-f starts.
If the app is not Ironport, 'set-cookie' will not be set & remains null, and so script aborts run.
De-registered 'TARGETURI.'
Registered 'username' and 'password' with default value.
Changed some run messages.
And lastly, changed the csrf key piece cos I miss a cold beer right now.
2013-08-15 04:06:30 +05:30
23c5f02e9a
Land #2225 - Fix dlink_dir300_exec_telnet
2013-08-14 13:11:42 -05:00
98e0053dc6
Fix indent level
2013-08-14 13:07:01 -05:00
178a7b0dbb
Fix author's email format
2013-08-14 11:56:47 -05:00
2a4b8e4a64
Add useful comment
2013-08-14 11:49:32 -05:00
e6c36864c4
Fix telnet related stuff
2013-08-14 11:47:57 -05:00
d526663a53
Add module to brute force the Cisco IronPort application
2013-08-14 09:16:49 -07:00
7145a85fb4
Add MiniWeb (Build 300) Arbitrary File Upload
2013-08-15 01:01:46 +09:30
1d82ed176f
Update joomla_media_upload_exec references
2013-08-13 23:27:01 -05:00
bce50d1b05
Land #2220 - OSX Password Prompt Spoof
2013-08-13 22:15:14 -05:00
919e0d1901
MSF license, make use of print_good
2013-08-13 22:14:35 -05:00
e1856651bc
Incorporate the suggested edits from the PR review.
...
* Rewrites helpers to just use cmd_exec, since that works in meterpreter and shell.
* Changes _EOF_ to EOF, since that threw a harmless error in shell
commits
* Prefer using Post mixin API instead of rolling-own implementation
* Fixes whitespace
[SeeRM #5940 ]
2013-08-13 19:35:55 -05:00
99ef714d00
Updates pps description.
2013-08-13 19:35:55 -05:00
52fa000211
Get password_prompt_spoof module working. [RM #5940 ]
2013-08-13 19:35:55 -05:00
54cffdb27d
Land #2219 - OSVDB-95933: Joomla Media Manager File Upload Vulnerability
2013-08-13 19:04:57 -05:00
e912a64ccc
Description change
2013-08-13 19:04:25 -05:00
c9799c1ee6
Land #2212 - Change migrate order & print target_pid
2013-08-13 18:56:54 -05:00
312ff1a20e
Delete period from regular expressions
2013-08-13 17:50:26 -05:00
04eed49310
Add support for FileDropper
2013-08-13 16:47:24 -05:00
e4a570d36b
Update metadata according to OSVDB
2013-08-13 16:42:53 -05:00
2086c51b67
Add module for Joomla Upload Exploit in the wild
2013-08-13 16:27:27 -05:00
73e9bf9fa8
Merge branch 'bug/smart_migrate' of github.com:/dmaloney-r7/metasploit-framework into bug/smart_migrate
...
Conflicts:
modules/post/windows/manage/smart_migrate.rb
2013-08-13 13:56:01 -05:00
6be4d9e583
missing interpolation
2013-08-13 13:52:44 -05:00
31cbc270fd
Favor unless over if for negative condition
2013-08-13 08:46:12 -05:00
bc9a26d4ee
Fix condition
2013-08-12 23:05:26 -05:00
568181de84
Add sthetic spaces
2013-08-12 22:33:34 -05:00
6d70d4924e
Land #2206 , @PsychoSpy module for OSVDB 94097
2013-08-12 22:27:03 -05:00
7981601eb8
Do final cleanup on intrasrv_bof
2013-08-12 22:24:53 -05:00
ebd485349f
Retab smart_migrate.rb module
...
Retabs completely for PR #2212
2013-08-12 20:23:33 -05:00
2d3c2c1c87
Set default target to 0 because there's only one
2013-08-12 20:01:23 -05:00
c0335cee26
Land #2214 - CVE-2013-3928: Chasys Draw IES Buffer Overflow
2013-08-12 19:16:02 -05:00
7562324d96
Land #2210 - CVE-2013-5019: Ultra Mini HTTPD Stack Buffer Overflow
2013-08-12 19:13:58 -05:00
51d9c59dcd
Extra tabs, bye
2013-08-12 19:13:20 -05:00
db78ffcc46
...
2013-08-12 18:21:10 -04:00
49bcec5c92
Additional cleanup
2013-08-12 18:20:03 -04:00
b3f229ff59
Add module for CVE-2013-3928
2013-08-12 17:18:30 -05:00
7014322dfd
Code cleanup
2013-08-12 18:16:00 -04:00
264fe32705
Added new badchars
2013-08-12 18:08:49 -04:00
bbc93b2a58
msftidy
2013-08-12 15:14:01 -04:00
28f030494e
Use tcp mixin/clean corrupt bytes
2013-08-12 15:12:15 -04:00
4480dc3bec
Land #2213 , @todb-r7's deletion of deprecated modules
2013-08-12 11:36:24 -05:00
b1fc8308c1
Land #2211 , @bcoles exploit for CVE-201-2620
2013-08-12 11:23:20 -05:00
bfb5040dbf
Remove deprecated modules
...
These three modules are well over their deprecation dates. Making good
on that threat now.
* service_permissions: Marked for removal on 2013-01-10
* bypassuac: Marked for removal on 2013-01-04
* ms10_092_schelevator: Marked for removal on 2013-06-01
2013-08-12 11:21:45 -05:00
8ac01d3b8e
Fix description and make it aggressive
2013-08-12 11:19:25 -05:00
c9bd791ff6
fix smart_migrate choice order
...
was trying winlogon first
should do explorer first
2013-08-12 11:02:27 -05:00
7854c452d2
Added more payload padding
2013-08-12 11:10:10 -04:00
9f33a59dc2
Fix target ret
2013-08-12 11:04:55 -04:00
6f96445b42
Change target ret/cleanup
2013-08-12 10:13:48 -04:00
a35d548979
Use HttpClient
2013-08-12 10:01:01 -04:00
sinn3r
Brandon Turner
Tod Beardsley
Steve Tornio
jvazquez-r7
Brandon Perry
Karn Ganeshen
James Lee
HD Moore
bcoles
Joe Vennix
Joff Thyer
David Maloney
Tab Assassin
Nathan Einwechter