Commit Graph

6580 Commits (0eab2fa98d3e0ba07042c29362747c96c29e8940)

Author SHA1 Message Date
wchen-r7 0c7d2af6bc
Land #5750, Add WP All In One Migration Export Module 2015-08-28 14:12:14 -05:00
wchen-r7 837b6a4f71 Update description 2015-08-28 14:11:51 -05:00
wchen-r7 d2e758ac8b Better failure handling 2015-08-28 14:08:29 -05:00
wchen-r7 3d4cb06c67
Land #5807, Added Module WP Mobile Pack Vuln 2015-08-28 13:43:00 -05:00
wchen-r7 9e7f6d6500 Typos 2015-08-28 13:42:37 -05:00
wchen-r7 29e92aaabe
Land #5806, WordPress Subscribe Comments File Read Vuln 2015-08-28 11:52:59 -05:00
wchen-r7 62e6b23b4c Typo 2015-08-28 11:52:13 -05:00
wchen-r7 e82bd10817 Add aux module to be able to open android meterpreter from a browser 2015-08-27 14:36:55 -05:00
jvazquez-r7 8785083722
Ensure disconnect 2015-08-24 12:36:15 -05:00
HD Moore 1e6c53b430 Correct the storage of ssh banners in service.info 2015-08-22 01:21:15 -05:00
jvazquez-r7 1558fabdb2
Land #5844, @joevennix updates apple_safari_webarchive_uxss to use the webarchive mixin 2015-08-21 17:27:56 -05:00
jvazquez-r7 182c1bc7fe
Disconnect socket when login fails 2015-08-17 18:20:04 -05:00
Brent Cook b17d8f8d49
Land #5768, update modules to use metasploit-credential 2015-08-17 17:08:58 -05:00
jvazquez-r7 a560496455 Do minor ruby style fixes 2015-08-14 14:50:03 -05:00
jvazquez-r7 82193f11e7 Minor js fixes 2015-08-14 14:45:48 -05:00
Tod Beardsley e4cb6872f2
Add exploit for CVE-2015-4495, Firefox PDF.js 2015-08-14 12:07:15 -05:00
joev 0615d908c4 Update description to explain quarantine effects. 2015-08-13 23:46:37 -05:00
joev 84144bf6cf Update webarchive_uxss to use the webarchive mixin.
- Fixes extension installation to use a new window, not an iframe
- Steals the entire cookie file
- Removes cache poisoning scripts, which no longer seem to work
2015-08-13 23:41:27 -05:00
Jon Hart 61e23ad23e
Switch back to ::Net::DNS::Packet.new 2015-08-13 11:29:56 -07:00
Jon Hart 9f2c62d4ce
Use query_name instead of datastore 2015-08-13 11:17:27 -07:00
Tod Beardsley 50041fad2a
Pre-Bloggery cleanup
Edited modules/auxiliary/gather/lansweeper_collector.rb first landed in
and minor description word choice changes.

Edited modules/auxiliary/server/browser_autopwn2.rb first landed in
options. Also removed from the description the missing options of
'WhiteList' and 'RealList' -- those don't appear to be available
according to `show options` and `show advanced`, @wchen-r7.

Edited modules/post/multi/recon/local_exploit_suggester.rb first landed
in #5823, mv local_exploit_{suggestor,suggester} for minor description
cleanup and axing the description of the SHOWDESCRIPTION option (it's
already described identically on the option itself).
2015-08-13 12:33:04 -05:00
Jon Hart 3a7cea51b4
Merge master and fix Net::DNS::RR merge conflicts 2015-08-13 08:53:25 -07:00
jvazquez-r7 a611fff7bf
Use Rex::ThreadSafe.select on CVE-2015-1793 2015-08-08 07:43:39 -07:00
jvazquez-r7 c8ba5bb90c
Land #5513, @rcvalle's exploit for incomplete internal state distinction in JSSE 2015-08-08 07:41:53 -07:00
jvazquez-r7 2707b3b402
Use Rex::ThreadSafe.select 2015-08-08 07:40:19 -07:00
jvazquez-r7 a0eef3880a
Initialize version local variable 2015-08-08 07:35:37 -07:00
jvazquez-r7 bb74b6fecb
Fix data reading 2015-08-08 07:18:01 -07:00
jvazquez-r7 6fe7672732
Improve Rex sockets usage 2015-08-07 00:11:58 -07:00
Josh Abraham e96717950c refactored 2015-08-06 08:18:26 -04:00
jvazquez-r7 67f661823a
Land #5614, @cldrn's module to collect lansweeper credentials 2015-08-04 16:55:49 -05:00
jvazquez-r7 ed3f993b75
Do some style fixes 2015-08-04 16:41:15 -05:00
jvazquez-r7 0e3434ebad
Fix metadata 2015-08-04 16:28:50 -05:00
Roberto Soares 7bb4f9479f Added new reference and removed empty line. 2015-08-04 03:58:57 -03:00
Roberto Soares d9b6e9cc58 Changed res condition and some words. 2015-08-04 03:44:25 -03:00
Roberto Soares 19ceccd93a Added JSON parse output. 2015-08-04 03:13:11 -03:00
Roberto Soares f4679f5341 Added WP Mobile Pack Info Disclosure Vuln - Functional Module. 2015-08-04 02:21:26 -03:00
Roberto Soares d221e9d961 Added more references. 2015-08-03 02:46:54 -03:00
Roberto Soares e59e4828e4 Removed unnecessary DEPTH option. 2015-08-02 22:56:17 -03:00
Roberto Soares 514849bcdc Added WP Subscribe Comments File Read Vuln - Functional. 2015-08-02 21:24:52 -03:00
Tod Beardsley cebcf72a99
Add discoverer credit, blog ref, longer desc 2015-08-01 10:31:41 -05:00
William Vu fcb7981199 Add BIND TKEY DoS 2015-08-01 06:01:35 -05:00
Roberto Soares fdb2b008f9 Fix a small typo - OSVDB instead of OSVBD. 2015-07-31 02:23:19 -03:00
Greg Mikeska 3c394d673d
altered module to default
to replace RHOST with VHOST if it is defined.
MSP-11167
2015-07-30 16:25:15 -05:00
wchen-r7 54c5c6ea38 Another update 2015-07-29 14:31:35 -05:00
William Vu 61b2ca6675
Land #5781, Msf::Format::Webarchive rename 2015-07-29 13:38:42 -05:00
William Vu c46ce6c391
Land #5780, password_prompt fix for Telnet scanner 2015-07-28 17:54:43 -05:00
Josh Abraham 0f4b2e4226 description update 2015-07-28 15:31:51 -04:00
Josh Abraham 27e5557b67 set port using rport instead of only 445 2015-07-28 15:29:23 -04:00
Josh Abraham fafbc4db3f GPP enumeration via an AUX module 2015-07-28 15:21:33 -04:00
kn0 2415072c17 Replaced 'and' with '&&' 2015-07-28 14:14:25 -05:00
kn0 ee5e5b1e71 Fixed NoMethodError for .match on nil 2015-07-28 09:03:54 -05:00
HD Moore 7681d73e01 Relocate Webarchive into the Exploit namespace, fixes #5717 2015-07-28 04:11:17 -07:00
Brent Cook e53419a911 use password_prompt? not @password_prompt 2015-07-27 19:21:59 -05:00
Fabien 3fd18e4844 Update soap_addportmapping.rb 2015-07-26 21:57:49 +02:00
Fabien 1210183930 Update soap_addportmapping.rb 2015-07-26 21:41:47 +02:00
Fabien 8dbd51ae38 Update soap_addportmapping.rb 2015-07-26 20:59:43 +02:00
Fabien fba81fc539 Create soap_addportmapping.rb 2015-07-26 20:59:04 +02:00
jvazquez-r7 18636e3b9b
Land #5739, @wchen-r7 fixes #5738 updating L/URI HOST/PORT options 2015-07-24 15:45:31 -05:00
jvazquez-r7 ec7bf606c6
Land #5735, @rcvalle's for CVE-2015-1793 OpenSSL mitm 2015-07-24 14:38:27 -05:00
jvazquez-r7 45b4334006
Use Rex::Socket::SslTcpServer
* Also add rex sockets managing
2015-07-24 11:16:09 -05:00
wchen-r7 866a99ed07 This is better 2015-07-23 20:51:21 -05:00
wchen-r7 f5387ab3f2 Fix #5766, check res for send_request_raw
Fix #5766
2015-07-23 20:49:18 -05:00
wchen-r7 8bead5fde2 Modate update on using metasploit-credential
Update some more modules to usethe new cred API.
Also, make sure to always provide proof because that seems handy.
2015-07-23 18:07:19 -05:00
Tod Beardsley e32b3c71f4
Fix ZDI ref on sandbox escape module 2015-07-23 17:11:19 -05:00
wchen-r7 91fc213ddf More metasploit-credential update 2015-07-23 15:50:50 -05:00
Christian Sanders 50074c4617 Fix typo .blank to .blank? 2015-07-22 09:05:16 -05:00
wchen-r7 4561850055 Use metasploit-credential API instead of report_auth_info 2015-07-22 01:11:43 -05:00
rastating d3f31fb56a Fix msftidy results 2015-07-21 21:29:44 +01:00
rastating 55be2eff06 Replace return with fail_with 2015-07-21 21:25:42 +01:00
wchen-r7 6a9c934c54 Resolve conflict 2015-07-20 18:44:17 -05:00
wchen-r7 1e17ac4ec7 Use the cred API correctly 2015-07-20 18:40:48 -05:00
Tod Beardsley f94fe3cefd
More correct URL, not just a bare wiki link
Edited modules/auxiliary/server/browser_autopwn2.rb first landed in
2015-07-20 16:23:29 -05:00
Tod Beardsley 4cacbcc4f7
Minor fixups on sysaid modules
Edited modules/auxiliary/admin/http/sysaid_file_download.rb first landed
in #5472, @pedrib's module for SysAid CVE-2015-2996 and CVE-2015-2997

Edited modules/auxiliary/admin/http/sysaid_sql_creds.rb first landed in
2015-07-20 16:19:21 -05:00
rastating c63fdad1f1 Add URL reference 2015-07-20 18:15:17 +01:00
rastating f1a909c292 Add WP All In One Migration export module 2015-07-20 18:13:32 +01:00
jvazquez-r7 454dd59da8
Add vuln discoverers 2015-07-17 13:37:30 -05:00
jvazquez-r7 29718ce4e1
Land #5474, @pedrib's module for sysaid CVE-2015-2996 and CVE-2015-2998
* sysaid SQL database cred disclosure
2015-07-17 12:36:48 -05:00
jvazquez-r7 a54b58fc24
Fix port parsing and cleanup 2015-07-17 12:34:46 -05:00
jvazquez-r7 869ac87b64
Land #5472, @pedrib's module for SysAid CVE-2015-2996 and CVE-2015-2997
* SysAid arbitrary file download
2015-07-17 11:46:00 -05:00
jvazquez-r7 9ac1688eb1
Do code cleanup 2015-07-17 11:45:28 -05:00
jvazquez-r7 787c0e2c41
Land #5470, @pedrib's module for SysAid CVE-2015-2993
* SysAid Help Desk Administrator Account Creation
2015-07-17 11:09:08 -05:00
jvazquez-r7 ca38fc5518
Update description 2015-07-17 11:08:28 -05:00
Ramon de C Valle 449c751521 Add missing info 2015-07-16 09:36:18 -07:00
wchen-r7 8d0e34dbc0 Resolve #5738, make the LHOST option visible
Resolve #5738
2015-07-16 11:00:15 -05:00
Ramon de C Valle 5d6c15a43d Add openssl_altchainsforgery_mitm_proxy.rb
This module exploits a logic error in OpenSSL by impersonating the
server and sending a specially-crafted chain of certificates, resulting
in certain checks on untrusted certificates to be bypassed on the
client, allowing it to use a valid leaf certificate as a CA certificate
to sign a fake certificate. The SSL/TLS session is then proxied to the
server allowing the session to continue normally and application data
transmitted between the peers to be saved. This module requires an
active man-in-the-middle attack.
2015-07-15 22:36:29 -07:00
jvazquez-r7 886ca47dfb
Land #5650, @wchen-r7's browser autopwn 2 2015-07-15 10:21:44 -05:00
wchen-r7 4f8f640189 Rename autopwnv2 to just autopwn2 2015-07-14 17:38:51 -05:00
wchen-r7 8384be6466 Fix rand_text_alpha and bump max exploit count to 21 2015-07-14 01:02:01 -05:00
Brent Cook 07d05828d0
Land #5688, remove msfcli 2015-07-13 15:27:38 -05:00
William Vu 0a5119a4ac
Land #5702, vprint_* optional parameter 2015-07-13 18:47:22 +00:00
William Vu 53bcee011b
Land #5709, s/Filed/Failed/ typo fixes 2015-07-13 18:37:46 +00:00
wchen-r7 e4e9ac9d28 Remove cold_fusion_version, use coldfusion_version instead
Please use auxiliary/scanner/http/coldfusion_version instead.
2015-07-13 12:56:46 -05:00
wchen-r7 884b779b36
Land #5593, CVE-2015-1155 Safari file:// Redirection Sandbox Escape 2015-07-13 11:28:39 -05:00
Mo Sadek 6a5645d747 Changed "Filed" to "Failed" in multiple files 2015-07-13 11:21:20 -05:00
Mo Sadek d1f23c54c7 Changed Filed to Failed on line 43 in java_rmi_registry.rb 2015-07-13 10:33:15 -05:00
wchen-r7 e638d85f30
Merge branch 'upstream-master' into bapv2 2015-07-12 02:01:09 -05:00
g0tmi1k d795b2f831 Module cleanup 2015-07-11 19:40:21 +01:00
HD Moore 728b338593 Give msftidy a cookie 2015-07-10 11:28:10 -05:00
HD Moore cf4b18700d Fix CVE reference 2015-07-10 11:14:59 -05:00
wchen-r7 f59c99e2ff Remove msfcli, please use msfconsole -x instead
msfcli is no longer supported, please use msfconsole.

Announcement on SecurityStreet:
Weekly Metasploit Wrapup
Posted by Tod Beardsley in Metasploit on Jan 23, 2015 11:57:05 AM
2015-07-09 12:50:02 -05:00
HD Moore 67666160e8 Add patched server detection 2015-07-08 13:47:59 -05:00
HD Moore 25e0f888dd Initial commit of R7-2015-08 coverage 2015-07-08 13:42:11 -05:00
cldrn d3902771b6 Fixes call to the credentials API and adds version info 2015-07-07 13:48:16 -05:00
wchen-r7 fdb715c9dd
Merge branch 'upstream-master' into bapv2 2015-07-07 13:45:39 -05:00
wchen-r7 9a1500ee96 Change module name a little bit, makes it easier to find in GUI 2015-07-06 22:31:07 -05:00
wchen-r7 4a70e23f9a Add ExploitReloadTimeout datastore option
Some exploits require more time, and if we try the next exploit too
soon, it may crash the browser.
2015-07-06 19:20:15 -05:00
Donny Maasland a9edfa1b4b Fix a small typo 2015-07-06 13:37:36 +02:00
HD Moore d2063c92e1 Refactor datastore names to match standards 2015-07-05 18:21:45 -05:00
joev b577f79845 Fix some bugs in the safari file navigation module. 2015-07-05 16:46:18 -05:00
HD Moore 43d47ad83e Port BAPv2 to Auxiliary 2015-07-02 15:29:24 -05:00
Josh Abraham 99c29052c7 Merge branch 'smb_enumuser_domain_storage' of github.com:jabra-/metasploit-framework into smb_enumuser_domain_storage 2015-07-02 08:24:04 -04:00
Josh Abraham dfa71a2b44 update to store creds using the new method 2015-07-02 08:22:21 -04:00
HD Moore afa442ad89 Fix a stack trace with ipmi_dumphashes when no database was configured. 2015-06-29 00:46:35 -05:00
cldrn 355738909a Fixes typo 2015-06-28 09:32:16 -05:00
cldrn 5c18fc82f2 Stores credentials using create_credential_login 2015-06-28 09:24:31 -05:00
cldrn b332b25795 Stores credentials in DB, fixes loop variable and nil dereference bug 2015-06-27 19:06:15 -05:00
jvazquez-r7 52b49503a0
Land #5498, @hmoore-r7's patch for a number of Net::DNS/enum_dns issues 2015-06-26 18:25:03 -05:00
William Vu c04490e5eb Remove comma before coordinating conjunction
An independent clause does not follow.
2015-06-26 12:50:37 -05:00
cldrn 2968f52ca4 Removes debug sql output 2015-06-26 12:22:34 -05:00
cldrn a338920cb3 lansweeper_collector retrieves and decrypts credentials store in the database of Lansweeper 2015-06-26 12:21:35 -05:00
Tod Beardsley 31eedbcfa0
Minor cleanups on recent modules
Edited modules/auxiliary/scanner/http/ms15_034_http_sys_memory_dump.rb
first landed in #5577, MS15-034 HTTP.SYS Information Disclosure

Edited modules/exploits/multi/browser/adobe_flash_shader_drawing_fill.rb
first landed in #5605, CVE-2015-3105 flash exploit

Edited modules/exploits/multi/browser/adobe_flash_shader_job_overflow.rb
first landed in #5559, Adobe Flash Player ShaderJob Buffer Overflow

Edited modules/auxiliary/test/report_auth_info.rb first landed in #5540,
@wchen-r7's changes for multiple auxiliary modules to use the new cred
API
2015-06-26 12:18:33 -05:00
Trevor Rosen 84c0e62fd3
Land #5493, update OWA scanner creds persistence 2015-06-26 08:46:27 -05:00
cldrn 7f4a96f3dc Fixes coding style issues 2015-06-26 03:29:17 -05:00
cldrn 3da3595181 MSF module to download and decrypt credentials stored in Lansweeper's database 2015-06-25 19:29:30 -05:00
root 63f584cbfd Add last_attempted_at 2015-06-25 12:08:38 +05:00
William Vu 827d241482
Land #5539, Quake scanner fix 2015-06-24 15:00:39 -05:00
joev 8b6fba4988 Tweak and fix some things in Safari file URL module. 2015-06-24 02:08:06 -05:00
Tod Beardsley 18a9585f7a
Add safari module for CVE-2015-1155 2015-06-23 16:15:50 -05:00
Trevor Rosen c45e42465a
Land #5492, update PCAnywhere login scanner 2015-06-23 14:48:25 -05:00
William Vu 5751e196bb Remove extraneous newline 2015-06-23 14:43:37 -05:00
wchen-r7 59af7ef1fc Remove the extra target_uri 2015-06-23 10:27:50 -05:00
wchen-r7 a2a231c242
Land #5577, MS15-034 HTTP.SYS Information Disclosure 2015-06-23 10:20:54 -05:00
wchen-r7 11366971da Oh never mind, user-agent makes it more difficult to use (more crashes) 2015-06-23 01:24:17 -05:00
wchen-r7 6127b8a037 Pass user-agent 2015-06-23 01:23:01 -05:00
wchen-r7 8ce5cc23cf More consistent filename style 2015-06-23 01:08:34 -05:00
wchen-r7 e9b548e8a2 Changes for ms15034_http_sys_memory_dump.rb 2015-06-23 01:07:33 -05:00
root 302db36daa Add last_attempted_at to creds object 2015-06-23 09:46:01 +05:00
rwhitcroft 8086a6f8cc remove unnecessary begin/rescue, change print_* to vprint_* in check() 2015-06-22 20:25:12 -04:00
rwhitcroft 90e17aee6b clarified affected OSes and error messages 2015-06-22 15:47:26 -04:00
rwhitcroft 774aef7241 add module to dump memory via MS15-034 2015-06-22 10:31:31 -04:00
Ramon de C Valle 7bda1e494b Use Rex::Socket::Tcp 2015-06-21 13:40:31 -07:00
Ramon de C Valle 7f55f6631c Remove the timeout option 2015-06-20 20:14:47 -07:00
Ramon de C Valle 01e87282a9 Use Msf::ThreadManager#spawn 2015-06-20 18:48:10 -07:00
Ramon de C Valle dabc7abae5 Change method names to lowercase 2015-06-20 18:23:34 -07:00
Pedro Ribeiro 50a3a32bfd Update sysaid_sql_creds.rb 2015-06-20 16:58:42 +01:00
Pedro Ribeiro 78c2f8a3a3 Update sysaid_sql_creds.rb 2015-06-20 16:57:34 +01:00
Pedro Ribeiro 11aca8b27a Update sysaid_file_download.rb 2015-06-20 16:54:33 +01:00
Pedro Ribeiro cf8008ed38 Update sysaid_admin_acct.rb 2015-06-20 16:52:13 +01:00
jvazquez-r7 4762e9f62c
Land #5540, @wchen-r7's changes for multiple auxiliary modules to use the new cred API 2015-06-19 15:39:09 -05:00
jvazquez-r7 fa6e45964e
Provide context to the note 2015-06-19 15:38:26 -05:00
wchen-r7 83427583ea report_note for group info 2015-06-19 15:09:50 -05:00
wchen-r7 ef286fdfcf Remove report_auth_info 2015-06-19 15:06:02 -05:00
wchen-r7 b104155cf1 Do Metasploit::Model::Login::Status::UNTRIED 2015-06-19 15:05:42 -05:00
wchen-r7 bd097e3264
Land #5497, Refactor LoginScanner::SNMP to be fast and less buggy 2015-06-19 14:57:36 -05:00
jvazquez-r7 34d5d92646
Land #5555, @Th3R3p0's support for for RFB Version 4 2015-06-19 14:15:04 -05:00
Brent Cook d19c2e7206
Land #5544, track updates to SSL Labs API 2015-06-19 11:39:38 -05:00
Brent Cook bf170a195d the API sometimes returns negative percents - treat these as 0 2015-06-19 11:38:36 -05:00
Brent Cook 5a277389f2 remove some trailing commas 2015-06-19 11:38:22 -05:00
William Vu 2587595a92
Land #5556, vprint_status fix 2015-06-19 11:24:54 -05:00
jvazquez-r7 ebd376e0f3
Land #5485, @wchen-r7 updates wordpress_login_enum to use the new cred API 2015-06-19 10:50:07 -05:00
jvazquez-r7 dfae4bbbf0
Do reporting more accurate 2015-06-19 10:48:12 -05:00
wchen-r7 7f56b4635c
Land #5546, Use the new cred API for auxiliary/server/capture/telnet 2015-06-19 10:46:01 -05:00
William Vu d86c21e94a
Land #5567, author fix 2015-06-19 10:41:41 -05:00
aushack 76cd9590a4 Fix author 2015-06-19 19:13:51 +10:00
wchen-r7 9b5770c966 Change to Metasploit::Model::Login::Status::SUCCESSFUL 2015-06-18 23:40:51 -05:00
g0tmi1k ce9481d2b7 Inconstancy - If datastore['VERBOSE'] vs vprint 2015-06-18 09:27:01 +01:00
Th3R3p0 a6c7f93bbe changed text to show support for RFB version 4.001 2015-06-17 13:09:03 -04:00
root fcf6212d2f Update telnet capture module to use the new creds API 2015-06-16 16:37:36 +05:00
Denis Kolegov c3d2797f10 Fixed Info fields 2015-06-16 04:22:22 -04:00
Denis Kolegov 2778274e47 Added new SSL Labs API fields and fixed minor errors 2015-06-16 02:59:12 -04:00
wchen-r7 b6379b4d24 Update drupal_views_user_enum 2015-06-16 00:02:02 -05:00
wchen-r7 0b88e86a49 Using the new cred API for multiple auxiliary modules 2015-06-15 16:06:57 -05:00
Jon Hart fd0b42be4a
Properly store quake service info 2015-06-15 12:45:14 -07:00
Jon Hart 079a9d449c
Use peer 2015-06-15 11:45:55 -07:00
Jon Hart feb7263137
Wire in recog support for ssh_version 2015-06-15 11:42:20 -07:00
Jon Hart 80f1173fcf
Style and scanner usability cleanup for ssh_version 2015-06-15 10:12:07 -07:00
wchen-r7 907f596de6
Land #5520, Update titan_ftp_admin_pwd to use the new creds API 2015-06-15 03:26:19 -05:00
wchen-r7 940d045029 Correctly report rport 2015-06-15 03:23:39 -05:00
wchen-r7 308b1a3d7f Don't deregister username & password 2015-06-15 03:21:09 -05:00
wchen-r7 ebce415957
Land #5507, Update nessus_xmlrpc_logic to use the new creds API 2015-06-15 02:59:01 -05:00
wchen-r7 c20cf15104 Msut have last_attempted_at key 2015-06-15 02:58:31 -05:00
Joshua Abraham c801e52f60 Update smb_enumusers_domain.rb 2015-06-13 17:02:43 -04:00
jvazquez-r7 e628d71261
Land #5397, @espreto's module for WordPress Simple Backup File Read Vulnerability 2015-06-12 15:32:06 -05:00
jvazquez-r7 184c20cd46
Do minor cleanup 2015-06-12 15:31:42 -05:00
wchen-r7 8dad739c76
Land #5508, Get Ready to Move VMware modules to the VMware directory 2015-06-10 11:59:40 -05:00
Tod Beardsley 0d979f61ae
Minor fixups on newish modules 2015-06-10 11:09:42 -05:00
root 7cb82f594b Add ftp port for service 2015-06-10 14:24:05 +05:00
root 3ffe006e09 Update titan_ftp_admin_pwd to use the new creds API 2015-06-10 13:36:26 +05:00
root 3fe6ddd10a Change credential status from untried to successful 2015-06-10 10:09:57 +05:00
root 78a6e1bc90 Change credential status from untried to successful 2015-06-10 10:07:33 +05:00
root 1b3f911f84 Change credential status from untried to successful 2015-06-10 09:54:10 +05:00
root 49e4820c57 Add depcrecated note to the existing modules 2015-06-09 10:42:53 +05:00
Ramon de C Valle a48d79a2e7 Add jsse_skiptls_mitm_proxy.rb
This module exploits an incomplete internal state distinction in Java
Secure Socket Extension (JSSE) by impersonating the server and finishing
the handshake before the peers have authenticated themselves and
instantiated negotiated security parameters, resulting in a plaintext
SSL/TLS session with the client. This plaintext SSL/TLS session is then
proxied to the server using a second SSL/TLS session from the proxy to
the server (or an alternate fake server) allowing the session to
continue normally and plaintext application data transmitted between the
peers to be saved. This module requires an active man-in-the-middle
attack.
2015-06-08 19:41:17 -07:00
Josh Abraham 8381d4f994 update smb_enumusers_domain to store enumerated users in the DB 2015-06-08 19:42:03 -04:00
root 3279518bbd Move VMware modules to the VMware directory 2015-06-08 14:58:22 +05:00
root 245c76374d Update nessus_xmlrpc_logic to use the new creds API 2015-06-08 14:40:15 +05:00
HD Moore c80017992a A dirty patch for a number of Net::DNS/dns_enum issues 2015-06-06 13:48:52 -05:00
HD Moore 135958a225 Cleanup the udp_(sweep|probe) SNMP generators 2015-06-06 00:54:08 -05:00
HD Moore 6b05302059 Fixes #5459, refactors LoginScanner::SNMP 2015-06-06 00:50:55 -05:00
root 3ec6d9b7aa Update owa_login to use new cred API 2015-06-05 15:41:07 +05:00