infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
35,959 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

3815 Commits (0ae2e64bc56dd8543a97cc4ebc94de4738376488)

Author SHA1 Message Date
JT 6b3da7f7d8 Update host_header_injection.rb 
made some changes as suggested by @espreto
 2015-10-07 13:01:49 +08:00
JT a1e0e0cdd9 Add HTTP Host-Header Injection Detection 2015-10-07 11:19:00 +08:00
wchen-r7 5fac0a6ae5
Land #5995, advanced options on Metasploit::Framework::LoginScanner::SMB 2015-10-06 16:36:18 -05:00
William Vu 3f2d5d7f06 Add newline back in 2015-10-05 11:42:58 -05:00
xistence 41b07eeef6 Small changes to servicedesk_plus_traversal 2015-10-05 08:56:00 +07:00
Roberto Soares ed8f5456a4 Fix bugs in drupal_views_user_enum. 2015-10-04 05:53:54 -03:00
xistence e6a57d5317 Add ManageEngine ServiceDesk Plus Path Traversal module 2015-10-03 15:54:44 +07:00
William Vu 2ab779ad3d
Land #6010, capture_sendto fixes 2015-10-01 10:54:24 -05:00
William Vu 2e2d27d53a
Land #5935, final creds refactor 2015-10-01 00:25:14 -05:00
William Vu 494b9cf75f Clean up module 
Prefer TARGETURI and full_uri.
 2015-09-30 22:37:03 -05:00
Jake Yamaki 2e5999a119 Missed colon for output standardization 2015-09-30 16:41:46 -04:00
Jake Yamaki 3d41b4046c Standardize output and include full uri 2015-09-30 16:33:15 -04:00
Jake Yamaki 1bfa087518 Add IP to testing results 
When specifying multiple hosts the resulting output is useless because you don't know which bypass goes to what IP address
 2015-09-30 15:22:24 -04:00
jvazquez-r7 269641a0ff
Update vmauthd_login to have into account advanced TCP options 2015-09-28 14:38:35 -05:00
jvazquez-r7 2f46335c90
Update brocade_enbale_login to have into account advanced TCP options 2015-09-28 14:36:23 -05:00
jvazquez-r7 adb76a9223
Update telnet_login to have into account advanced TCP options 2015-09-28 14:35:58 -05:00
jvazquez-r7 0eed30ce05
Update pop3_login to have into account advanced TCP options 2015-09-28 14:29:50 -05:00
jvazquez-r7 d02193aaeb
Update mysql_login to have into account advanced TCP options 2015-09-28 14:28:32 -05:00
jvazquez-r7 0abb387c1a Update mssql_login to have into account advanced TCP options 2015-09-28 14:22:19 -05:00
jvazquez-r7 df3e4e8afd
Update ftp_login to have into account advanced TCP options 2015-09-28 14:18:05 -05:00
jvazquez-r7 a99e44b43a
Update vnc_login to have into account advanced TCP options 2015-09-28 14:13:08 -05:00
jvazquez-r7 4d8f0a6ec4
Update db2_auth to have into account advanced Tcp options 2015-09-28 14:10:55 -05:00
jvazquez-r7 07b44fccb9
Update AFP login scanner to have into account advanced options 2015-09-28 14:03:55 -05:00
jvazquez-r7 1e4e5c5bae
Update ACPP login scanner to have into account advanced options 2015-09-28 13:50:20 -05:00
Jon Hart 7ad7db7442
Fix #6008 for rogue_send. Correctly. 2015-09-27 14:48:58 -07:00
Jon Hart 06a10e136a
Fix #6008 for rogue_send 2015-09-27 14:12:23 -07:00
Jon Hart d3a41323b8
Fix #6008 for ipidseq.rb 2015-09-27 14:05:05 -07:00
Jon Hart 5b1ee8c8ca
Fix #6008 for syn.rb 2015-09-27 13:54:11 -07:00
Jon Hart 3888b793bd
Fix #6008 for ack.rb 2015-09-27 13:53:47 -07:00
Jon Hart 766829c939
Fix #6008 for xmas.rb 2015-09-27 13:46:00 -07:00
jvazquez-r7 2b7ffdc312
Use datastore advanced options used by smb_login 2015-09-21 17:48:05 -05:00
jvazquez-r7 adab9f9548
Do final cleanup 2015-09-16 20:59:32 -05:00
jvazquez-r7 4d0d806e1d
Do minor cleanup 2015-09-16 19:30:40 -05:00
jvazquez-r7 46168e816b Merge for retab 2015-09-16 17:13:08 -05:00
jvazquez-r7 688a5c9123
Land #5972, @xistence's portmapper amplification scanner 2015-09-16 14:58:19 -05:00
jvazquez-r7 8ae884c1fc Do code cleanup 2015-09-16 14:46:27 -05:00
xistence 0657fdbaa7 Replaced RPORT 2015-09-13 09:19:05 +07:00
xistence 521636a016 Small changes 2015-09-13 08:31:19 +07:00
xistence 79e3a7f84b Portmap amplification scanner 2015-09-12 16:25:06 +07:00
wchen-r7 5646f2e0c4 successful status should include last_attempted_at 2015-09-04 13:45:44 -05:00
wchen-r7 d55757350d Use the latest credential API, no more report_auth_info 2015-09-04 03:04:14 -05:00
HD Moore 6e4ae1238b
Land #5791, show the VHOST in module output 2015-09-03 11:36:19 -05:00
HD Moore b8eee4a9e4 Show the IP address if it doesn't match the VHOST 2015-09-03 11:35:38 -05:00
HD Moore 1b021464fe
Land #5919, remove deprecated VMware modules & update resource script. 2015-09-03 10:23:48 -05:00
HD Moore 9f9bbce034
Land #5840, add LLMNR & mDNS modules 2015-09-02 18:30:29 -05:00
HD Moore 0120e5c443 Cosmetic tweaks, don't report duplicate responses 2015-09-02 18:30:03 -05:00
HD Moore 126fc9881e Cleanup and tweaks 2015-09-02 12:48:53 -05:00
Jon Hart 3d04d53e3a
first pass at better output and report_service 2015-09-02 10:31:46 -07:00
JT b89b6b653a Update trace.rb 2015-09-03 01:26:45 +08:00
JT 73bf812dfd Update trace.rb 
removed the cookie
 2015-09-03 00:35:23 +08:00
JT 5ecee6aaba Update trace.rb 
removed some spaces so that msftidy will be happy
 2015-09-03 00:27:22 +08:00
JT 34e0819a6e Modified the HTTP Trace Detection to XST Checker 
This was suggested by HD Moore in https://github.com/rapid7/metasploit-framework/pull/5612
 2015-09-03 00:19:08 +08:00
Waqas Ali 8e993d7793 Remove deprecated vmware modules 2015-09-02 13:00:15 +05:00
wchen-r7 0c4b020089
Land #5913, Add WP NextGEN Gallery Directory Traversal Vuln 2015-09-02 00:01:35 -05:00
HD Moore 381297ba93 Fix the regex flags 2015-09-01 23:07:48 -05:00
Roberto Soares 626704079d Changed output store_loot 2015-09-02 00:18:10 -03:00
Roberto Soares 96600a96ab Changed html parse by @wchen-r7 2015-09-01 22:03:21 -03:00
Alexander Salmin 3c72467b7d Fixes bug where "cert.rb:47: warning: flags ignored" happens due to some issuer patterns. 2015-09-02 01:02:46 +02:00
Roberto Soares 35661d0182 Add WP NextGEN Gallery Directory Traversal Vuln 2015-09-01 13:28:04 -03:00
Jon Hart cba3650488
report_service for mdns/llmnr query 2015-08-28 14:04:52 -07:00
wchen-r7 3d4cb06c67
Land #5807, Added Module WP Mobile Pack Vuln 2015-08-28 13:43:00 -05:00
wchen-r7 9e7f6d6500 Typos 2015-08-28 13:42:37 -05:00
wchen-r7 29e92aaabe
Land #5806, WordPress Subscribe Comments File Read Vuln 2015-08-28 11:52:59 -05:00
wchen-r7 62e6b23b4c Typo 2015-08-28 11:52:13 -05:00
jvazquez-r7 8785083722
Ensure disconnect 2015-08-24 12:36:15 -05:00
HD Moore 1e6c53b430 Correct the storage of ssh banners in service.info 2015-08-22 01:21:15 -05:00
jvazquez-r7 182c1bc7fe
Disconnect socket when login fails 2015-08-17 18:20:04 -05:00
Brent Cook b17d8f8d49
Land #5768, update modules to use metasploit-credential 2015-08-17 17:08:58 -05:00
Jon Hart 61e23ad23e
Switch back to ::Net::DNS::Packet.new 2015-08-13 11:29:56 -07:00
Jon Hart 9f2c62d4ce
Use query_name instead of datastore 2015-08-13 11:17:27 -07:00
Jon Hart 3a7cea51b4
Merge master and fix Net::DNS::RR merge conflicts 2015-08-13 08:53:25 -07:00
Josh Abraham e96717950c refactored 2015-08-06 08:18:26 -04:00
Roberto Soares 7bb4f9479f Added new reference and removed empty line. 2015-08-04 03:58:57 -03:00
Roberto Soares d9b6e9cc58 Changed res condition and some words. 2015-08-04 03:44:25 -03:00
Roberto Soares 19ceccd93a Added JSON parse output. 2015-08-04 03:13:11 -03:00
Roberto Soares f4679f5341 Added WP Mobile Pack Info Disclosure Vuln - Functional Module. 2015-08-04 02:21:26 -03:00
Roberto Soares d221e9d961 Added more references. 2015-08-03 02:46:54 -03:00
Roberto Soares e59e4828e4 Removed unnecessary DEPTH option. 2015-08-02 22:56:17 -03:00
Roberto Soares 514849bcdc Added WP Subscribe Comments File Read Vuln - Functional. 2015-08-02 21:24:52 -03:00
Roberto Soares fdb2b008f9 Fix a small typo - OSVDB instead of OSVBD. 2015-07-31 02:23:19 -03:00
Greg Mikeska 3c394d673d
altered module to default 
to replace RHOST with VHOST if it is defined.
MSP-11167
 2015-07-30 16:25:15 -05:00
wchen-r7 54c5c6ea38 Another update 2015-07-29 14:31:35 -05:00
William Vu c46ce6c391
Land #5780, password_prompt fix for Telnet scanner 2015-07-28 17:54:43 -05:00
Josh Abraham 0f4b2e4226 description update 2015-07-28 15:31:51 -04:00
Josh Abraham 27e5557b67 set port using rport instead of only 445 2015-07-28 15:29:23 -04:00
Josh Abraham fafbc4db3f GPP enumeration via an AUX module 2015-07-28 15:21:33 -04:00
kn0 2415072c17 Replaced 'and' with '&&' 2015-07-28 14:14:25 -05:00
kn0 ee5e5b1e71 Fixed NoMethodError for .match on nil 2015-07-28 09:03:54 -05:00
Brent Cook e53419a911 use password_prompt? not @password_prompt 2015-07-27 19:21:59 -05:00
wchen-r7 866a99ed07 This is better 2015-07-23 20:51:21 -05:00
wchen-r7 f5387ab3f2 Fix #5766, check res for send_request_raw 
Fix #5766
 2015-07-23 20:49:18 -05:00
wchen-r7 8bead5fde2 Modate update on using metasploit-credential 
Update some more modules to usethe new cred API.
Also, make sure to always provide proof because that seems handy.
 2015-07-23 18:07:19 -05:00
wchen-r7 91fc213ddf More metasploit-credential update 2015-07-23 15:50:50 -05:00
wchen-r7 4561850055 Use metasploit-credential API instead of report_auth_info 2015-07-22 01:11:43 -05:00
wchen-r7 6a9c934c54 Resolve conflict 2015-07-20 18:44:17 -05:00
wchen-r7 1e17ac4ec7 Use the cred API correctly 2015-07-20 18:40:48 -05:00
Brent Cook 07d05828d0
Land #5688, remove msfcli 2015-07-13 15:27:38 -05:00
William Vu 0a5119a4ac
Land #5702, vprint_* optional parameter 2015-07-13 18:47:22 +00:00
William Vu 53bcee011b
Land #5709, s/Filed/Failed/ typo fixes 2015-07-13 18:37:46 +00:00
wchen-r7 e4e9ac9d28 Remove cold_fusion_version, use coldfusion_version instead 
Please use auxiliary/scanner/http/coldfusion_version instead.
 2015-07-13 12:56:46 -05:00