Commit Graph

728 Commits (0cb18004ec4925660b71ad6a2944d0d4c46b6374)

Author SHA1 Message Date
wchen-r7 74e1b8d5ac Fix res nil 2015-11-24 00:15:05 -06:00
wchen-r7 95ca288f9d Modify check 2015-11-23 20:33:14 -06:00
wchen-r7 09e6a54886 In case anonymous is not allowed for decryption 2015-11-23 20:26:41 -06:00
wchen-r7 20ba10d46c Spaces, how dare you 2015-11-23 16:45:02 -06:00
wchen-r7 faab28f1d6 Add Jenkins Domain Credential Discovery Auxiliary Module 2015-11-23 16:23:59 -06:00
aushack 1410d03386 Fixed msftidy capitalisation. 2015-11-22 14:32:51 +11:00
aushack fc46ce0ced Bring module title in line with other WP modules. 2015-11-22 13:39:45 +11:00
William Vu 32faf7a8d4 Fix #6183, hard tabs fix 2015-11-10 16:48:03 -06:00
William Vu a9fe09497e Fix hard tabs
Mixing tabs and spaces? Seriously?
2015-11-10 16:47:29 -06:00
William Vu 8dc636507b
Land #6183, dns_srv_enum updates 2015-11-10 16:44:27 -06:00
William Vu e98570cbd1 Clean up module 2015-11-10 16:44:10 -06:00
fraf0 970c5da9a6 Update dns_srv_enum.rb 2015-11-07 20:01:26 +01:00
fraf0 730f6b2326 Update dns_srv_enum.rb
Remove some comment following message on pull-request.
2015-11-07 15:23:32 +01:00
dmohanty-r7 a71d7ae2ae
Land #6089, @jvazquez-r7 Fix HTTP mixins namespaces 2015-11-05 16:56:41 -06:00
fraf0 3739a2fb72 Update dns_srv_enum.rb 2015-11-03 16:59:55 +01:00
fraf0 f1feccfd7c Update dns_srv_enum.rb 2015-11-03 16:53:26 +01:00
Louis Sato 57304a30a8
Land #6139, remove bad ref links 2015-10-29 16:00:43 -05:00
wchen-r7 93df45eff1
Land #6138, Land joomla plugin com_realestatemanager Error Based SQLi 2015-10-28 13:36:14 -05:00
wchen-r7 09b79414ee Report hash 2015-10-28 13:33:00 -05:00
wchen-r7 154fb585f4 Remove bad references (dead links)
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
William Vu 9041f95511 Perform final cleanup 2015-10-27 11:21:17 -05:00
nixawk 132cbf0cd7 joomla plugin com_realestatemanager Error Based SQL Ijnection 2015-10-27 15:18:17 +00:00
Brandon Perry c7fe014854 remove global variables 2015-10-26 17:13:51 -05:00
Brandon Perry 8b4f2290ed no more session ids in desc 2015-10-25 11:01:17 -05:00
nixawk f738dd2acb replace print_* with vprint_* / fix check method 2015-10-25 06:57:56 +00:00
nixawk a6628110f6 rebuild joomla_contenthistory_sqli (cve-2015-7297) 2015-10-25 03:56:36 +00:00
Brandon Perry 949a4c797b Update joomla_contenthistory_sqli.rb 2015-10-23 09:33:12 -05:00
Brandon Perry 07d549d783 Update joomla_contenthistory_sqli.rb
Remove sessions for now
2015-10-23 09:32:15 -05:00
Brandon Perry e4281dd1fb Create joomla_contenthistory_sqli.rb 2015-10-22 15:05:02 -05:00
fraf0 4e50f3ebde Update dns_srv_enum.rb
Patch for :
	- Split record srvrcd one entry by line for readability.
	- Add record for Default-First-Site-Name :
	(according to https://technet.microsoft.com/en-us/library/cc759550%28v=ws.10%29.aspx)
		'_gc._tcp.Default-First-Site-Name._sites.',
		'_kerberos._tcp.Default-First-Site-Name._sites.',
		'_kerberos.tcp.Default-First-Site-Name._sites.dc._msdcs.',
		'_ldap._tcp.Default-First-Site-Name._sites.',
		'_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.',
		'_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.',
	- Remove double entry '_kerberos.tcp.dc._msdcs.'
	- Add fqdn query in logs.
	- Add report_note to store and preserve the fqdn query.

Ps : I'm not very familiar with the code and patch rules for modules. Thank you to excuse my eventual errors.
2015-10-21 18:27:14 +02:00
jvazquez-r7 cf9ddbb701
Update moduels using Msf::HTTP::Wordpress 2015-10-15 11:47:13 -05:00
HD Moore cd2e9d4232 Move Msf::Java to the normal Msf::Exploit::Remote namespace 2015-10-09 13:24:34 -07:00
William Vu 2e2d27d53a
Land #5935, final creds refactor 2015-10-01 00:25:14 -05:00
HD Moore cddf72cd57 Show errors when no results are found 2015-09-10 14:05:40 -07:00
wchen-r7 5646f2e0c4 successful status should include last_attempted_at 2015-09-04 13:45:44 -05:00
wchen-r7 cf6d5fac2a Use the latest cred API, no more report_auth_info 2015-09-04 13:43:15 -05:00
wchen-r7 d55757350d Use the latest credential API, no more report_auth_info 2015-09-04 03:04:14 -05:00
wchen-r7 0c7d2af6bc
Land #5750, Add WP All In One Migration Export Module 2015-08-28 14:12:14 -05:00
wchen-r7 837b6a4f71 Update description 2015-08-28 14:11:51 -05:00
wchen-r7 d2e758ac8b Better failure handling 2015-08-28 14:08:29 -05:00
jvazquez-r7 1558fabdb2
Land #5844, @joevennix updates apple_safari_webarchive_uxss to use the webarchive mixin 2015-08-21 17:27:56 -05:00
jvazquez-r7 a560496455 Do minor ruby style fixes 2015-08-14 14:50:03 -05:00
jvazquez-r7 82193f11e7 Minor js fixes 2015-08-14 14:45:48 -05:00
Tod Beardsley e4cb6872f2
Add exploit for CVE-2015-4495, Firefox PDF.js 2015-08-14 12:07:15 -05:00
joev 0615d908c4 Update description to explain quarantine effects. 2015-08-13 23:46:37 -05:00
joev 84144bf6cf Update webarchive_uxss to use the webarchive mixin.
- Fixes extension installation to use a new window, not an iframe
- Steals the entire cookie file
- Removes cache poisoning scripts, which no longer seem to work
2015-08-13 23:41:27 -05:00
Tod Beardsley 50041fad2a
Pre-Bloggery cleanup
Edited modules/auxiliary/gather/lansweeper_collector.rb first landed in
and minor description word choice changes.

Edited modules/auxiliary/server/browser_autopwn2.rb first landed in
options. Also removed from the description the missing options of
'WhiteList' and 'RealList' -- those don't appear to be available
according to `show options` and `show advanced`, @wchen-r7.

Edited modules/post/multi/recon/local_exploit_suggester.rb first landed
in #5823, mv local_exploit_{suggestor,suggester} for minor description
cleanup and axing the description of the SHOWDESCRIPTION option (it's
already described identically on the option itself).
2015-08-13 12:33:04 -05:00
jvazquez-r7 67f661823a
Land #5614, @cldrn's module to collect lansweeper credentials 2015-08-04 16:55:49 -05:00
jvazquez-r7 ed3f993b75
Do some style fixes 2015-08-04 16:41:15 -05:00
jvazquez-r7 0e3434ebad
Fix metadata 2015-08-04 16:28:50 -05:00