root
b6936febbe
Update pcanywhere_login to use the new cred API
2015-06-05 12:16:00 +05:00
wchen-r7
874e090aa1
Update wordpress_login_enum to use the new cred API
2015-06-04 18:16:14 -05:00
John Sherwood
d3c3741478
Use run_host so that we can use THREADS
...
- The refactor left the module using run_batch even though the
features of the code that made this desirable were removed (i.e.,
it was no longer doing one batch per community string). By now
switching back to run_host, we can again take advantage of the
built-in metasploit multithreading capabilities.
- Also, added back in the display of the result.proof field. This
aids in identifying false positives (which have a blank response)
and is functionality worth keeping.
2015-06-03 18:08:38 -04:00
Pedro Ribeiro
7f35c3b4f5
Update sysaid_sql_creds.rb
2015-06-03 22:00:08 +01:00
Pedro Ribeiro
54bfe29527
Update and rename sysaid_file_ to sysaid_file_download.rb
2015-06-03 21:59:45 +01:00
Pedro Ribeiro
42e84cd7d5
Update sysaid_admin_acct.rb
2015-06-03 21:59:04 +01:00
Pedro Ribeiro
6683b86822
Create sysaid_sql_creds.rb
2015-06-03 21:46:48 +01:00
Pedro Ribeiro
72b7982e7a
Create sysaid_file_
2015-06-03 21:46:13 +01:00
Pedro Ribeiro
765077d741
Create sysaid_admin_acct.rb
2015-06-03 21:38:43 +01:00
Roberto Soares
b305fa62f4
Changed vprint_error when nothing was downloaded.
2015-06-03 14:46:59 -03:00
Roberto Soares
24ec3b2fb5
Changed vprint_error to fail_with method.
2015-06-03 13:46:59 -03:00
jvazquez-r7
6669665d6d
Land #5402 , @nstarke's module to extract accouns information from a AVTECH744_DVR device
2015-05-29 16:14:50 -05:00
jvazquez-r7
843572df6d
Change module filename
2015-05-29 16:14:16 -05:00
jvazquez-r7
acb0af3826
Update description
2015-05-29 16:13:43 -05:00
jvazquez-r7
39ae6263e9
Use Rex::Text.encode_base64
2015-05-29 16:12:21 -05:00
jvazquez-r7
8338b21f6c
Make some code cleanup
2015-05-29 16:04:29 -05:00
wchen-r7
b6b055a5f2
Land #5431 , deprecate cold_fusion_version, use coldfusion_version instead.
2015-05-28 15:40:34 -05:00
wchen-r7
80c3022dc1
Deprecate cold_fusion_version. Please use coldfusion_version.
...
auxiliary/scanner/http/cold_fusion_version is deprecated. Please use
auxiliary/scanner/http/coldfusion_version instead.
2015-05-28 15:39:14 -05:00
Christian Mehlmauer
52e30d4fc2
Land #5434 , OSVDB reference
2015-05-28 22:00:44 +02:00
wchen-r7
068198c980
Land #5386 , automatically find file for ms15_034
2015-05-28 14:52:31 -05:00
wchen-r7
f9f35db7f3
Update description
2015-05-28 14:52:03 -05:00
Tod Beardsley
818dbf58f0
Adding an OSVDB number to the Netgear module
2015-05-28 14:37:39 -05:00
erwanlr
a74c3372c0
Uses vprint instead of print in #check_host
2015-05-28 15:46:51 +01:00
erwanlr
6d01d7f986
Uses peer instead of ip:port across all the module
2015-05-28 09:32:05 +01:00
erwanlr
447c4ee7df
Allows the targetèuri to be shared between the #check and #dos
2015-05-28 09:30:04 +01:00
wchen-r7
2ae9e39719
Land #5376 , Report ipmi_dumphashes credentials with create_credential_login
2015-05-27 13:11:07 -05:00
Tod Beardsley
95b5ff6bea
Minor fixups on recent modules.
...
Edited modules/auxiliary/admin/http/netgear_soap_password_extractor.rb
first landed in #5301 , @m-1-k-3's aux module to extract passwords from
Netgear soap interfaces
Edited modules/auxiliary/scanner/http/influxdb_enum.rb first landed in
Edited modules/auxiliary/scanner/http/title.rb first landed in #5333 ,
HTML Title Grabber
Edited modules/exploits/multi/browser/adobe_flash_uncompress_zlib_uaf.rb
first landed in #5401 , multi-platform CVE-2015-0311 - Flash uncompress()
UAF
Edited modules/exploits/unix/webapp/wp_revslider_upload_execute.rb first
landed in #5290 , Wordpress RevSlider Module
2015-05-26 17:00:10 -05:00
Nicholas Starke
a3ff9859c8
Adding Credentials Capabilities
...
This commit adds the ability for credentials
to be retrieved via the 'creds' command. It
also contains a few miscellaneous stylistic
syntax changes.
2015-05-24 15:03:06 -05:00
Nicholas Starke
9430d38a09
Adding AVTECH744_DVR Module
...
This module retrieves account information from
an AVTECH 744 DVR, including username, cleartext
password, account role, and the device PIN.
2015-05-21 16:33:06 -05:00
jvazquez-r7
e1f10772b3
Use create_cracked_credential
2015-05-21 16:30:42 -05:00
jvazquez-r7
305da46491
Land #5301 , @m-1-k-3's aux module to extract passwords from Netgear soap interfaces
2015-05-21 16:07:05 -05:00
Roberto Soares
b4a6cdbad0
Remove new line in vprint_line.
2015-05-21 12:33:09 -03:00
Roberto Soares
0135b3639f
Add WordPress Simple Backup File Read Vulnerability.
2015-05-21 12:23:24 -03:00
erwanlr
d9d8634948
Changes the message displayed when vulnerable
2015-05-21 08:46:16 +01:00
Brent Cook
a4df3468de
unique: should be update:, include uri in data hash
2015-05-20 16:20:09 -05:00
Brent Cook
c85b82e8a7
Merge branch 'master' into land-5358-notes
2015-05-20 16:02:59 -05:00
erwanlr
4f6fe2abce
Avoids swallowing exceptions
2015-05-20 21:36:03 +01:00
erwanlr
202a77fc12
Improves detection of the MS15-034
2015-05-20 18:08:00 +01:00
wchen-r7
23c77adc68
Land #5377 , Update cred reporting method for http_ntlm
2015-05-20 11:57:42 -05:00
jvazquez-r7
55c07b1bdd
Report credentials with create_credential_login
2015-05-19 00:14:55 -05:00
jvazquez-r7
d564a85f6f
Fix jtr_format
2015-05-18 19:55:48 -05:00
jvazquez-r7
f49362492a
Report hash's username correctly
2015-05-18 19:46:17 -05:00
jvazquez-r7
c6fcb9c6c5
Report credentials with create_credential_login
2015-05-18 19:39:03 -05:00
David Maloney
69a7a89936
use the correct print_error message
...
vrpint_error feeds through the old authbrute mixin
which does not behave properly anymore. use
print_error instead
5266
2015-05-18 13:51:23 -05:00
David Maloney
09d735e855
remove proof from failure message
...
the snmp login scanner will only have
proof on success, not on failure. remove it from
the failure message for cleaner formatting
5266
2015-05-18 13:45:01 -05:00
Stuart Morgan
79b9ef008a
Bugfix
2015-05-17 13:55:56 +01:00
jvazquez-r7
dd5060e08c
Land #5340 , @wchen-r7's change to the symantec_web_gateway_login writing style
2015-05-15 13:18:35 -05:00
jvazquez-r7
cf5fa6752e
Use parenthesis
2015-05-15 13:17:54 -05:00
jvazquez-r7
d05cae5faf
Land #5329 , @wchen-r7's add configurable options to jenkins_login
2015-05-15 11:38:21 -05:00
wchen-r7
24a989b8a3
Land #5249 , Add Module for Enum on InfluxDB database
2015-05-14 11:22:54 -05:00
wchen-r7
005c36b2a6
If data is empty, don't save (or even continue)
2015-05-14 11:22:10 -05:00
wchen-r7
ac0e4e747a
Change writing style of symantec_web_gateway_login
2015-05-13 00:23:37 -05:00
wchen-r7
202c5e0121
Land #5333 , HTML Title Grabber
2015-05-12 11:19:06 -05:00
wchen-r7
faec5844cb
Some fixes
2015-05-12 11:18:21 -05:00
jvazquez-r7
a5267ab77e
Land #4940 , @dnkolegov's modules for F5 BIG-IP devices
2015-05-12 09:59:21 -05:00
Stuart Morgan
f0048b9a6d
Apparently you don't quote the keys with the new syntax
2015-05-12 11:00:18 +01:00
Stuart Morgan
7c81adbd89
MSFTidy is now quiet and happy
2015-05-12 10:47:49 +01:00
Stuart Morgan
1f6bd3e2be
Updated to new ruby hash syntax and removed <> from title
2015-05-12 10:43:32 +01:00
Stuart Morgan
518e28674e
Removed CGI dependency (@hmoore-r7, @wchen-r7)
2015-05-11 21:10:18 +01:00
Stuart Morgan
78e310562b
Readability style change
2015-05-11 19:48:12 +01:00
Stuart Morgan
8e3d803e74
Updated style as per @void-in's comments
2015-05-11 19:46:10 +01:00
Stuart Morgan
62d67469da
Updated code style as per @hmoore-r7's instructions
2015-05-11 19:34:23 +01:00
Stuart Morgan
b8f7c80fd2
Rubocop
2015-05-11 18:50:03 +01:00
Stuart Morgan
8308c2a925
Added check for nonsensical options
2015-05-11 18:48:55 +01:00
Stuart Morgan
99133deabb
Reran tests, sorted out strip problem
2015-05-11 18:29:44 +01:00
Stuart Morgan
c25a5d3859
Fixed a bunch of rubocop errors
2015-05-11 18:14:37 +01:00
Stuart Morgan
34cf90af59
Removed unnecessary include
2015-05-11 17:31:31 +01:00
Stuart Morgan
c001f014ce
HTML Title Grabber
2015-05-11 17:29:22 +01:00
wchen-r7
d8cc2c19d3
Fix #5315 , User configurable options for jenkins_login
...
Fix #5315 . This patch allows the user to configure the HTTP method
for the login, as well as the URL.
2015-05-11 10:15:49 -05:00
Denis Kolegov
efb226a55c
Fixed some minor errors
2015-05-10 02:59:57 -04:00
jvazquez-r7
a8adcda941
Redo port checks
2015-05-08 15:29:30 -05:00
jvazquez-r7
156aac1dff
Use timeout options
2015-05-08 15:23:08 -05:00
jvazquez-r7
bf9ca1f88f
Change module filename
2015-05-08 15:08:59 -05:00
jvazquez-r7
f56115552f
Do code cleanup
2015-05-08 14:56:39 -05:00
jvazquez-r7
b73241882b
Use datastore option
2015-05-08 14:48:19 -05:00
jvazquez-r7
b5f5bacb8c
Use the connect/read timeout as used by the HTTPClient mixin
2015-05-08 14:46:08 -05:00
jvazquez-r7
9fdbfd7031
Use vprint_error
2015-05-08 14:21:36 -05:00
jvazquez-r7
017ae463ed
Fix description style
2015-05-08 14:18:29 -05:00
jvazquez-r7
2e01eb519d
Do minor fixes
2015-05-08 14:04:44 -05:00
jvazquez-r7
5588ad36b3
Print status message
2015-05-08 13:51:00 -05:00
jvazquez-r7
7e62ba85a1
Do code cleanup
2015-05-08 13:33:28 -05:00
jvazquez-r7
60c2c7a7cd
Delete unused variable
2015-05-08 13:19:39 -05:00
jvazquez-r7
c0f21c3ae1
Fix metadata
2015-05-08 13:19:23 -05:00
void-in
a7988f9e93
Change credentials to service:service
2015-05-08 22:52:59 +05:00
William Vu
508574970c
Land #5307 , Brocade login scanner resurrection
2015-05-07 22:43:39 -05:00
William Vu
8d3737d13c
Fix some stylistic issues
2015-05-07 22:43:23 -05:00
William Vu
c9cb9ad564
Fix extraneous comma
2015-05-07 15:32:48 -05:00
Tod Beardsley
4df622c76b
Oops, one last for #5312 .
2015-05-06 14:48:17 -05:00
Tod Beardsley
e8913e5620
Addressed most of @wvu's issues with #5312
2015-05-06 14:47:08 -05:00
Tod Beardsley
f423306b6f
Various post-commit fixups
...
Edited modules/auxiliary/dos/http/ms15_034_ulonglongadd.rb first landed
in #5150 , @wchen-r7's DOS module for CVE-2015-1635 HTTP.sys
Edited modules/auxiliary/gather/apple_safari_ftp_url_cookie_theft.rb
first landed in #5192 , @joevennix's module for Safari CVE-2015-1126
Edited modules/auxiliary/gather/java_rmi_registry.rb first landed in
Edited modules/auxiliary/gather/ssllabs_scan.rb first landed in #5016 ,
add SSL Labs scanner
Edited modules/auxiliary/scanner/http/goahead_traversal.rb first landed
in #5101 , Add Directory Traversal for GoAhead Web Server
Edited modules/auxiliary/scanner/http/owa_iis_internal_ip.rb first
landed in #5158 , OWA internal IP disclosure scanner
Edited modules/auxiliary/scanner/http/wp_mobileedition_file_read.rb
first landed in #5159 , WordPress Mobile Edition Plugin File Read Vuln
Edited modules/exploits/linux/http/multi_ncc_ping_exec.rb first landed
in #4924 , @m-1-k-3's DLink CVE-2015-1187 exploit
Edited modules/exploits/unix/webapp/wp_slideshowgallery_upload.rb first
landed in #5131 , WordPress Slideshow Upload
Edited modules/exploits/windows/local/run_as.rb first landed in #4649 ,
improve post/windows/manage/run_as and as an exploit
(These results courtesy of a delightful git alias, here:
```
cleanup-prs = !"for i in `git status | grep modules | sed
s/#.*modules/modules/`; do echo -n \"Edited $i first landed in \" && git
log --oneline --first-parent $i | tail -1 | sed 's/.*Land //' && echo
''; done"
```
So that's kind of fun.
2015-05-06 11:39:15 -05:00
Brent Cook
93c785560b
remove brocade_telnet scanner, extend telnet
...
Rather than duplicate the entire telnet scanner, add a pre-login hook that a
module can use to extend the behavior on connect. This also adds a local
pass-through print_error method like http has.
2015-05-05 21:19:46 -05:00
Mike
dc053aeb58
Spelling Fix
...
s/Brocde/Brocade/ as per bcook-r7
2015-05-05 21:16:24 -05:00
root
fc1c0028a8
moved array definition to avoid error
2015-05-05 21:16:23 -05:00
root
7949daf42b
brocade_enable_login msftidy success
2015-05-05 21:16:23 -05:00
root
6b5aaa5479
brocade enable command bruteforcer
2015-05-05 21:16:23 -05:00
Denis Kolegov
7fb99cdaaf
Merged fixed conflicts
2015-05-02 05:37:36 -04:00
Denis Kolegov
f95774c6b4
Fixed bugs
2015-05-02 05:09:03 -04:00
jvazquez-r7
93ac8b48e3
Land #5178 , @jboss_vulnscan check for console default admin
...
* And minor fixes
2015-05-01 17:38:20 -05:00
jvazquez-r7
697c6c20cb
Do minor cleanup
2015-05-01 17:37:45 -05:00
jvazquez-r7
04fa626eab
Save credentials as UNTRIED
2015-05-15 14:58:55 -05:00
jvazquez-r7
16c3bf91a1
Do code cleanup
2015-05-15 14:46:34 -05:00
jvazquez-r7
c6806b4e5f
Land #5102 , @wchen-r7's ManageEngine Desktop Central Login Utility
2015-05-01 15:20:21 -05:00
jvazquez-r7
b037560c90
Do minor style fixes
2015-05-01 15:01:13 -05:00
William Vu
83288ff391
Fix typo
2015-04-30 17:58:26 -05:00
James Lee
ee5dc1d6e4
Land #5277 , typo in telnet_encrypt_overflow
2015-04-30 10:44:55 -05:00
Brent Cook
4c9f44b00c
Revert "Land #4888 , @h00die's brocade credential bruteforcer"
...
There were some issues with this module that caused backtraces when run outside
of msfconsole. Reverting it for now so we can add some specs and ensure that it
works like the other login scanners.
2015-04-29 15:36:03 -05:00
William Vu
9b17191e48
Remove unnecessary {,dis}connect
2015-04-28 15:09:16 -05:00
William Vu
28e661e204
Fix false positive in POODLE scanner
...
If SSL is false somehow.
2015-04-28 14:19:48 -05:00
m-1-k-3
0a4554a204
reporting included, extract device details
2015-04-28 13:01:51 +02:00
Christian Mehlmauer
7523e592d2
Land #5198 , WordPress contus video gallery 2.7 scanner
2015-04-27 23:24:57 +02:00
m-1-k-3
ce697ee44c
netgear soap password extractor
2015-04-27 17:56:30 +02:00
Brandon Perry
7a2084cdc5
Rename wordpress_contus_video_gallery_sqli.rb to wp_contus_video_gallery_sqli.rb
2015-04-26 16:54:21 -05:00
m-1-k-3
b330b1d41c
typo in title of telnet_encrypt_overflow.rb
2015-04-26 02:32:14 +02:00
Roberto Soares
c41c7a1ba2
Rewrote the conditions of res.
2015-04-25 17:18:38 -03:00
Roberto Soares
d01da0c522
Changed if conditions and exception handling
2015-04-25 15:08:36 -03:00
Roberto Soares
3a84396f32
Removed authorization header.
2015-04-25 14:30:21 -03:00
Roberto Soares
b810a96dac
Add Module for Enum on InfluxDB database.
2015-04-25 04:41:33 -03:00
Brent Cook
ff96101dba
Land #5218 , fix #3816 , remove print_debug / DEBUG
2015-04-24 13:41:07 -05:00
jvazquez-r7
896d6e8cb7
Fix title
2015-04-24 11:09:39 -05:00
jvazquez-r7
1825b45ac3
Land #5242 , @espreto's module for GI-Media Library Plugin Directory Traversal
2015-04-24 11:08:52 -05:00
jvazquez-r7
7af6f31c3a
Fix message
2015-04-24 11:08:00 -05:00
jvazquez-r7
5ca6fe3cb0
Do code cleanup
2015-04-24 11:07:13 -05:00
Brent Cook
f457f36cdd
Land #5213 , improvements to MS15-035 DoS
2015-04-24 10:54:48 -05:00
kaospunk
bb0b2eee37
Fix missing . in SRV query
...
This update adds a missing . to the end of the
_ldap._tcp SRV record so that it properly forms
the DNS query.
2015-04-24 10:42:31 -04:00
Roberto Soares
e51897d64e
Filepath option
2015-04-24 04:35:59 -03:00
Roberto Soares
7b0b59b5f6
Add WordPress GI-Media Library Plugin File Read.
2015-04-24 04:24:16 -03:00
Brandon Perry
e9f8b25987
Update wordpress_contus_video_gallery_sqli.rb
...
Update to use the Wordpress mixin
2015-04-22 14:43:55 -05:00
Brandon Perry
26d208f089
Update wordpress_contus_video_gallery_sqli.rb
...
remove 'uri'
2015-04-22 14:42:03 -05:00
Brent Cook
3963289519
Land #4888 , @h00die's brocade credential bruteforcer
2015-04-21 18:27:03 -05:00
Mike
3a1778ef7c
Spelling Fix
...
s/Brocde/Brocade/ as per bcook-r7
2015-04-21 17:57:36 -04:00
jvazquez-r7
3db0e12b67
Modify autopwn comment
2015-04-21 14:19:15 -05:00
jvazquez-r7
ab94f15a60
Take care of modules using the 'DEBUG' option
2015-04-21 12:13:40 -05:00
jvazquez-r7
4224008709
Delete print_debug/vprint_debug
2015-04-21 11:14:03 -05:00
Brent Cook
073850c5ad
Land #5158 , OWA internal IP disclosure scanner
2015-04-21 11:10:39 -05:00
Brent Cook
5296c6507d
Land #5157 , OWA login scanner auth timing logs
2015-04-21 11:06:08 -05:00
wchen-r7
a44da8e6d7
URL refs
2015-04-21 09:29:08 -05:00
Brent Cook
9a49538c1a
Land #5016 , add SSL Labs scanner
2015-04-20 21:34:16 -05:00
Brent Cook
752c3243f6
wrap print* functions in report_* wrappers
...
Preserve the semantics in the code, but don't call functions like 'print_error'
unless there is an actual error running the module. Fix spelling of 'Overall'.
2015-04-20 21:13:43 -05:00
wchen-r7
ff32d6cee3
Improve MS15-034 DOS
2015-04-20 20:36:08 -05:00
jvazquez-r7
c6c7560aed
Land #4846 , @joevennix's android 4.3 uxss module
2015-04-20 18:43:24 -05:00
jvazquez-r7
9b240e1d8f
Use parenthesis
2015-04-20 18:42:34 -05:00
William Vu
79ca0a56f9
Land #4171 , Steam protocol support
2015-04-20 15:35:06 -05:00
jvazquez-r7
f762873a31
Land #5192 , @joevennix's module for Safari CVE-2015-1126
...
* Module to profit cross domain vulnerability on safari
2015-04-20 15:19:54 -05:00
jvazquez-r7
e2eaff6b3a
Don't modify datastore options
2015-04-20 15:16:21 -05:00
jvazquez-r7
88c52ae7ae
Delete second stop_service, the mixin should had done the job
2015-04-20 15:13:11 -05:00
jvazquez-r7
dc0549d2dd
Use #wait
2015-04-20 15:06:01 -05:00
jvazquez-r7
c1234e05e2
Delete parenthesis from condition
2015-04-20 14:56:37 -05:00
jvazquez-r7
0283ac05e5
Do minor style fixes
2015-04-20 14:54:39 -05:00
jvazquez-r7
69b8edda4a
Use single quotes
2015-04-20 14:53:38 -05:00
jvazquez-r7
16daa935dd
Do minor code cleanup
2015-04-20 13:08:51 -05:00
Brandon Perry
b622aae97f
Update wordpress_contus_video_gallery_sqli.rb
2015-04-19 18:24:12 -05:00
Brandon Perry
c393f7c398
add contus video gallery scanner
2015-04-19 17:58:08 -05:00
Christian Mehlmauer
ed9175d73f
Land #5167 , WordPress CP Multi-View Calendar SQLI Scanner
2015-04-19 23:36:23 +02:00
Brandon Perry
8c0bcd2e03
Update wordpress_cp_calendar_sqli.rb
...
Use the new WPVDB
2015-04-19 16:32:57 -05:00
joev
2010e966b3
Add non-httponly cookie theft module for ios/osx safari.
2015-04-19 11:32:37 -05:00
wchen-r7
4f903a604c
Fix #5103 , Revert unwanted URI encoding
...
Fix #5103 . By default, Httpclient will encode the URI but
we don't necessarily want that. These modules originally
didn't use URI encoding when they were written so we should
just keep them that way.
2015-04-17 13:59:49 -05:00
Christian Mehlmauer
6653c9e33d
Land #5162 , WordPress Dukapress File Read Vulnerability
2015-04-17 11:20:55 +02:00
Christian Mehlmauer
6c77b64dae
wrong method name
2015-04-17 11:20:14 +02:00
Christian Mehlmauer
aef464fc2e
Land #5159 , WordPress Mobile Edition Plugin File Read Vuln
2015-04-17 11:13:00 +02:00
William Vu
3422501d91
Land #5174 , deprecated module cleanup
2015-04-16 17:43:28 -05:00
Christian Mehlmauer
153344a1dd
fix Unkown typo
2015-04-16 23:59:28 +02:00
Christian Mehlmauer
2b9fd93729
remove deprecated modules
2015-04-16 22:49:22 +02:00
Roberto Soares
ed588e335b
Changed the print_error output.
2015-04-16 17:32:59 -03:00
Roberto Soares
bf3bdcffb4
Changed the deph value to 7.
2015-04-16 17:30:28 -03:00
Roberto Soares
dd474757fe
Changed the print_error output.
2015-04-16 17:26:44 -03:00
Roberto Soares
f50cedeafd
Changed the depth value to 7.
2015-04-16 17:22:49 -03:00
Christian Mehlmauer
352e170624
more failure reasons
2015-04-16 22:04:11 +02:00
Christian Mehlmauer
b4b8ac0849
moar fail_with's
2015-04-16 21:26:37 +02:00
Christian Mehlmauer
4dc402fd3c
moar fail_with's
2015-04-16 21:16:52 +02:00
Christian Mehlmauer
0e186fa617
first fail_with fixes
2015-04-16 21:08:33 +02:00
William Vu
1455d4e94d
Fix AUTH_TIME
2015-04-16 11:39:33 -05:00
William Vu
7c572777e1
Fix whitespace
2015-04-16 11:34:50 -05:00
William Vu
7a9167b235
Fix comments
2015-04-16 11:34:47 -05:00
Nate Power
9bcc988266
Update owa_login
2015-04-16 11:23:04 -05:00
Brandon Perry
75b88f199a
Create wordpress_cp_calendar_sqli.rb
2015-04-16 09:53:00 -05:00
Roberto Soares
ecc67b1a57
Fix loot name
2015-04-16 10:42:20 -03:00
Roberto Soares
d898af5513
Add check version and removed HttpClient
2015-04-16 10:40:35 -03:00
Roberto Soares
768294710b
Add check and removed HttpClient
2015-04-16 10:22:10 -03:00
Roberto Soares
890561bff3
Rewriting the condition 'if' for only one line
2015-04-16 09:23:56 -03:00
Roberto Soares
b90ff36ef4
Rewriting the condition 'if' for only one line
2015-04-16 09:15:17 -03:00
Roberto Soares
21e964e699
Add Author and references..
2015-04-16 07:20:48 -03:00
Roberto Soares
f6f4bd0746
Add WordPress Dukapress File Read Vulnerability
2015-04-16 07:17:46 -03:00
Roberto Soares
c8e1185a04
Included Wordpress mixin.
2015-04-16 05:02:39 -03:00
William Vu
42ff0decc7
Land #4722 , timing options for snmp_login
2015-04-16 02:25:29 -05:00
William Vu
88062a578d
Clean up PR
2015-04-16 02:25:06 -05:00
William Vu
bec6270f07
Fix regex
2015-04-15 23:47:03 -05:00
William Vu
0a4ab99aa5
Land #5149 , couchdb_enum cleanup
2015-04-15 21:50:30 -05:00
William Vu
4410f8da6e
Clean up module some more
2015-04-15 21:48:19 -05:00
Brent Cook
30d60975ba
Land #5144 , add missing report_note in apache_range_dos
2015-04-15 21:47:18 -05:00
William Vu
01ae7002cf
Fix EOF whitespace
2015-04-15 21:27:53 -05:00
William Vu
20d4d1ce3f
Move report_goods before the return
2015-04-15 21:22:41 -05:00
Roberto Soares
0031f09d60
Add author, EDB, WPVDB and fix loot.
2015-04-15 20:03:36 -03:00
Roberto Soares
0f1cf1d1b1
Add Module WP Mobile Edition Plugin File Read Vuln
2015-04-15 19:45:08 -03:00
William Vu
66b7179a97
Rename module to owa_iis_internal_ip
2015-04-15 17:10:01 -05:00
William Vu
a109dae033
Fix EOL whitespace
2015-04-15 16:58:59 -05:00
William Vu
cc422eeeea
Fix splat
2015-04-15 16:58:18 -05:00
Nate Power
34ce4edacb
Add exchange_iis_internal_ip
2015-04-15 16:55:19 -05:00
sinn3r
7cc80c418b
Correct a bad spelling in ms15_034_ulonglongadd.rb
2015-04-15 15:32:55 -05:00
sinn3r
76d36a46dc
Missing a checkcode
2015-04-15 14:04:18 -05:00
sinn3r
8a542b841c
Don't check Server header
2015-04-15 13:33:09 -05:00
sinn3r
90ed6ee0b6
No "vhost"
2015-04-15 13:32:11 -05:00
sinn3r
3aa8e6908d
Converted to a DOS module
2015-04-15 13:13:16 -05:00
sinn3r
19ab71aa43
Final update i swear
2015-04-15 10:20:15 -05:00
sinn3r
7a77dbc9f0
Update description
2015-04-15 10:15:40 -05:00
sinn3r
2206ae48a1
Match the PR title
2015-04-15 01:50:59 -05:00
sinn3r
63048a7385
Newline
...
-_-
2015-04-15 01:38:09 -05:00
sinn3r
6f874b81ff
Add MS15-034 check (CVE-2015-1635)
2015-04-15 01:37:43 -05:00
Roberto Soares
1d6300991c
Clean the code of the module couchdb_enum.
2015-04-15 02:58:51 -03:00
William Vu
3cdc84bf27
Fix missing type in report_note
2015-04-14 14:02:20 -05:00
Tod Beardsley
d87483b28d
Squashed commit of the following:
...
commit 49f480af8b9d27e676c02006ae8873a119e1aae6
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Mon Apr 13 10:42:13 2015 -0500
Fix funny punctuation on rootpipe exploit title
See #5119
commit 0b439671efd6dabcf1a69fd0b089c28badf5ccff
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Mon Apr 13 10:37:39 2015 -0500
Fix vendor caps
Trusting the github repo README at
https://github.com/embedthis/goahead
See #5101
2015-04-13 10:46:47 -05:00
sinn3r
284ef5bbbb
Land #5112 , Nessus REST Login Module
2015-04-10 13:32:53 -05:00
Jon Cave
b2b7da2dc5
Fix spelling of Microsoft in module name
2015-04-10 11:09:16 +01:00
root
7810f3d9a3
Add previous nessus_xmlrpc_login file
2015-04-10 12:32:42 +05:00
root
bbbd4d3634
change name to keep both XML and REST modules
2015-04-10 12:20:43 +05:00
root
b6e750d7eb
Nessus auxiliary scanner for updated REST API
2015-04-09 11:36:17 +05:00
William Vu
c9bf8f3140
Land #5105 , @joevennix's cable modem 0day
2015-04-08 16:09:46 -05:00
William Vu
831a59b10b
Fix whitespace
2015-04-08 16:09:28 -05:00
Tod Beardsley
52f1b95222
Add disclosure link
2015-04-08 16:07:33 -05:00
sinn3r
1bfda9e78f
Land #5101 , Add Directory Traversal for GoAhead Web Server
2015-04-08 15:30:23 -05:00
Brent Cook
e03f2df691
Land #5002 , RMI/JMX improvements
2015-04-08 15:23:29 -05:00
Tod Beardsley
7ed1655976
Adding module for R7-2015-01
...
Disclosure coming soon, will update this module with a pointer to the
correct reference.
2015-04-08 12:34:31 -05:00
sinn3r
5f389cf3c2
Add ManageEngine Desktop Central Login Utility
2015-04-08 02:05:56 -05:00
Roberto Soares
dc14c770be
Changed the traversal variable to just one line
2015-04-08 02:26:59 -03:00
Roberto Soares
441042ed37
Removed the segments variable
2015-04-08 01:29:45 -03:00
Roberto Soares
d399d05383
Add Directory Traversal for GoAhead Web Server
2015-04-07 20:22:06 -03:00
Zach Grace
42e82cc644
Rubocop fixes
2015-04-07 18:21:08 -05:00
Zach Grace
7275d5745f
Fixes, refactoring and adding JBoss AS default creds scanning
2015-04-07 17:40:25 -05:00
William Vu
e1af495d21
Add extra release fixes
2015-04-06 13:08:40 -05:00
William Vu
56dc7afea6
Land #5068 , @todb-r7's module author cleanup
2015-04-03 16:00:36 -05:00
jvazquez-r7
79b2a23dff
Land #5015 , @espreto file traversal scanner for RIPS
2015-04-03 15:35:58 -05:00
jvazquez-r7
ce6e5e12d8
Make depth an option
2015-04-03 15:33:27 -05:00
jvazquez-r7
70fad73092
Add metadata
2015-04-03 15:27:28 -05:00
jvazquez-r7
e3bbb7c297
Solve conflicts
2015-04-03 14:57:49 -05:00
jvazquez-r7
e729185804
Land #5051 , @nullbind's new options for mssql_enum_domain_accounts_sqli
2015-04-03 14:44:20 -05:00
jvazquez-r7
fe9fbfd157
Make calculations easier
2015-04-03 14:43:01 -05:00
root
452ebcf9ad
travis
2015-04-03 16:29:35 +05:00
root
be829e77ba
cravis error solve
2015-04-03 16:25:18 +05:00
root
4bd40fed7f
yard doc and comment corrections for auxiliary
2015-04-03 16:12:23 +05:00
Denis Kolegov
c9e8f9cbea
Add BigIP HTTP VS scanner and fix connection errors
2015-04-03 02:30:03 -04:00
Tod Beardsley
6532fad579
Remove credits to Alligator Security Team
...
All but one of these modules credits both a team name and individual
team members. We should just be crediting team members. The domain
persists in all the other credits.
The one that didn't was credited to dflah_ specifically, so merely
changed the author name.
Longer description, if needed, wrapped at 72 characters.
[See #5012 ]
2015-04-02 15:12:22 -05:00
sinn3r
a592f645f0
Land #5039 , Webdorado gallery wd 1.2.5 unauthenticated SQLi scanner
2015-04-01 14:34:58 -05:00
nullbind
91aeef0a8a
added startrid and endrid
2015-04-01 10:09:13 -05:00
Tod Beardsley
d1318d1b48
Fixups for release
2015-03-31 11:02:12 -05:00
Brandon Perry
e73286cfa5
update stale references
2015-03-30 17:17:48 -05:00
sinn3r
613f4777ce
Land #5024 , add joomla_ecommercewd_sqli_scanner.rb
2015-03-30 12:45:09 -05:00
jvazquez-r7
8ff54ff98d
Add msb reference
2015-03-30 10:58:08 -05:00
sinn3r
9af1e76bf7
Obfuscate js
2015-03-30 10:52:01 -05:00
sinn3r
c7fa01c5ae
Rename file
2015-03-30 10:39:33 -05:00
Denis Kolegov
9d78aa96d9
Add output of API errors to console
2015-03-30 02:42:09 -04:00
Brandon Perry
de2bf0181c
add first pass at gallerywd sqli scanner
2015-03-28 16:15:51 -05:00
Brandon Perry
9f0483248c
add TARGETURI datastore option
2015-03-28 15:46:41 -05:00
Brandon Perry
6ede476423
Update joomla_ecommercewd_sqli_scanner.rb
2015-03-28 08:38:12 -05:00
Brandon Perry
0dbd8544b4
Update joomla_ecommercewd_sqli_scanner.rb
2015-03-27 21:20:59 -05:00
Brandon Perry
31be47d5bc
Create joomla_ecommercewd_sqli_scanner.rb
2015-03-27 20:25:33 -05:00
Denis Kolegov
45f8738cfe
Fix stdout errors
2015-03-27 07:53:59 -04:00
Denis Kolegov
3515a0a71f
Initial commit for supporting SSL Labs API
2015-03-27 07:34:11 -04:00
Roberto Soares
3e104fd8e6
Add Directory Traversal for RIPS Scanner
2015-03-27 05:08:43 -03:00
sinn3r
f996c5a888
Update description
2015-03-27 02:31:36 -05:00
sinn3r
67dc46791d
Limit the module to IE 8 and IE9
2015-03-27 02:30:04 -05:00
sinn3r
f88d9651b6
I don't think it's worth putting the js in ie_addons.js
2015-03-27 02:26:50 -05:00
sinn3r
bd2763292a
Properly credit Soroush Dalili
2015-03-26 23:36:16 -05:00
sinn3r
560f31c34d
Minor changes
2015-03-26 23:29:44 -05:00
sinn3r
68624dd56e
Final for ie_files_disclosure.rb
2015-03-26 22:49:22 -05:00
sinn3r
b0b17775c2
First working version
2015-03-26 21:53:26 -05:00
jvazquez-r7
0540e25db2
Calculate the java/rmi/registry/RegistryImpl_Stub hash dinamically
2015-03-25 11:29:07 -05:00
dnkolegov
5d80ef9325
Fix minor issues
2015-03-25 02:53:36 -04:00
dnkolegov
040a1af9c5
Delete useless ecnryption cookie detection, fix minor issues
2015-03-25 02:34:33 -04:00
rastating
7a0fe05803
Add CVE-ID to module references
2015-03-24 22:30:43 +00:00
Christian Mehlmauer
7bf00f8f47
Land #4789 , @rastating WPLMS wordpress module
2015-03-24 20:46:38 +01:00
jvazquez-r7
39e87f927a
Make code consistent
2015-03-24 11:44:26 -05:00
Tod Beardsley
49a6057f74
Grammaring harder
2015-03-24 11:10:36 -05:00
dnkolegov
ee17d6e606
Deleted spaces at EOL
2015-03-23 04:34:38 -04:00
dnkolegov
2a0deaa6c8
Deleted default options and SYN scan
2015-03-23 04:31:08 -04:00
jvazquez-r7
8c3e39acf0
Land #4847 @rastating's module for WordPress WP EasyCart privilege escalation
2015-03-20 18:23:05 -05:00
jvazquez-r7
349d7cb9ee
Do minor cleanup
2015-03-20 18:20:45 -05:00
William Vu
6f51946aa0
Land #4969 , GitLab module references
2015-03-20 17:26:51 -05:00
William Vu
99f3de0843
Clean up info hash formatting
2015-03-20 17:26:21 -05:00
jvazquez-r7
1226b3656f
Land #4945 , @wchen-r7's login scanner for Symantec web gateway
2015-03-20 14:44:05 -05:00
jvazquez-r7
2f35fcff99
Fix require
2015-03-20 14:43:42 -05:00
Meatballs
8ee520e749
Add reference
2015-03-20 19:17:34 +00:00
sinn3r
b19f766728
Land #4942 , Gitlab Login Scanner
2015-03-20 13:02:12 -05:00
sinn3r
a2ce14a31e
Land #4941 , Gitlab Unauth User Enumeration
2015-03-20 12:28:35 -05:00
sinn3r
235124a40a
Fix typo
2015-03-20 12:27:23 -05:00
sinn3r
84164b44b2
Should also rescue JSON::ParserError for banner parsing
2015-03-20 12:27:02 -05:00
jvazquez-r7
b839547dc3
Add documentation for Registry modules and methods
2015-03-19 17:57:21 -05:00
jvazquez-r7
a7f1244251
Finish the java_rmi_registry gather module
2015-03-19 17:33:45 -05:00
sinn3r
94ab2f94fd
Remove symbols that aren't used
...
These symbols belong to the AuthBrute mixin, but we are not using
AuthBrute for login testing.
2015-03-19 14:14:01 -05:00
jvazquez-r7
5c3134a616
Add first support to gather information from RMI registries
2015-03-19 11:16:04 -05:00
OJ
e943cb550f
Land #4585 : CVE-2015-0975 XXE in OpenNMS
2015-03-18 22:34:52 +10:00
OJ
d1a2f58303
Fix of regex for file capture and format tweaks
2015-03-18 22:17:44 +10:00
OJ
fa7242388b
Move the module to the correct location
2015-03-18 18:18:54 +10:00
jvazquez-r7
14be07a2c4
Update java_rmi_server modules
2015-03-17 21:29:52 -05:00
James Lee
bd4738b93e
Land #4827 , capture and nbns fixups
2015-03-17 17:37:55 -05:00
James Lee
d7fa0ec669
Let IPAddr#hton do the calculating
2015-03-17 17:36:45 -05:00
jvazquez-r7
1242404085
Delete comment
2015-03-17 14:18:07 -05:00
William Vu
d1d6378179
Land #4566 , Misfortune Cookie scanner improvements
2015-03-17 12:32:35 -05:00
sinn3r
f95b783193
I don't need these eitehr
2015-03-17 11:33:49 -05:00
jvazquez-r7
ebe7ad07b0
Add specs, plus modify java_rmi_server modules
2015-03-17 11:26:27 -05:00
Meatballs
e1ebc6c7fe
Update date, remove URL (will replace later)
2015-03-17 12:50:47 +00:00
Meatballs
0cd85cb052
Correct capitilzation of GitLab
2015-03-17 11:33:57 +00:00
Meatballs
d18224e3cb
Correct capitilzation of GitLab
2015-03-17 11:32:14 +00:00
Meatballs
f4a1e981ab
Add gitlab login scanner
2015-03-17 11:19:23 +00:00
Meatballs
878247f495
Small modifications
2015-03-17 10:03:32 +00:00
Meatballs
f1d5d8f1ce
Store to loot as well
2015-03-17 09:55:28 +00:00
Meatballs
9f40826f8e
Store creds in database
2015-03-17 09:17:08 +00:00
Meatballs
3830e71257
Catch 7.5 401
2015-03-17 09:17:08 +00:00
Meatballs
1b565b0290
Check revision
2015-03-17 09:17:07 +00:00
Meatballs
7216f2a971
Initial commit
2015-03-17 09:17:07 +00:00
sinn3r
14296826f7
A cleaner way to set datastore options
2015-03-17 03:07:49 -05:00
sinn3r
ff58f7d270
Add Symantec Web Gateway Login Module
2015-03-17 02:51:57 -05:00
dnkolegov
e01f824b2c
Fix capitalization warnings
2015-03-17 03:46:00 -04:00
dnkolegov
78be03623f
Fix indent warnings
2015-03-17 03:39:04 -04:00
dnkolegov
34c30502fd
Add SSL/TLS support, fix minor errors, change default parameters
2015-03-17 02:49:11 -04:00
dnkolegov
dd751a3371
Add ssl/tls support, change default parameters
2015-03-17 02:23:13 -04:00
jvazquez-r7
0a37df67a0
Add initial support for better RMI calls
2015-03-16 23:44:16 -05:00
HD Moore
2ea984423b
while(true)->loop, use thread.join
2015-03-16 14:08:01 -05:00
William Vu
ac0e23d783
Land #4932 , hardcoded username fix
...
For mssql_escalate_execute_as_sqli.
2015-03-16 01:46:13 -05:00
Scott Sutherland
00dbcc12ca
Removed imp_user var from escalate_privs func
2015-03-15 22:02:12 -07:00
nullbind
5bebabb005
fixed hardcoded username
2015-03-15 19:45:02 -05:00
Sven Vetsch
4d3a1a2f71
fix all duplicated keys in modules
2015-03-14 13:10:42 +01:00
William Vu
a32cd2ae9e
Land #4877 , CVE-2015-0240 (Samba) aux module
2015-03-13 00:03:53 -05:00
sinn3r
0d36115112
Update MS15-018 MSB reference
2015-03-12 10:13:37 -05:00
dnkolegov
bc0276a9c8
Add scanner for F5 web management interfaces
2015-03-12 06:50:29 -04:00
Tod Beardsley
df80d56fda
Land #4898 , prefer URI to open-uri
2015-03-09 09:14:10 -05:00
root
5b25ba5df3
moved array definition to avoid error
2015-03-07 12:57:44 -05:00
root
fac777da3d
brocade_enable_login msftidy success
2015-03-06 20:33:09 -05:00
joev
ccd0712d43
Use ===, doh.
2015-03-06 12:29:34 -06:00
joev
fefd4e271a
Don't hardcode the hex.
2015-03-06 12:16:03 -06:00
root
591716e557
brocade enable command bruteforcer
2015-03-06 09:41:14 -05:00
dnkolegov
252557227d
Add F5 BigIP APM DoS module
2015-03-06 01:55:42 -05:00
joev
3fb4fbe8e6
Add 'not allowed' check instead of magic check.
2015-03-06 00:01:31 -06:00
joev
7db3277731
Actually hide the iframe.
2015-03-05 23:52:29 -06:00
joev
d7295959ca
Remove open-uri usage in msf.
2015-03-05 23:45:28 -06:00
joev
3c5d7b3ef0
Okay, putting source code in a quoted string is horrible.
2015-03-05 23:25:37 -06:00
Tod Beardsley
e429d4c04f
Add reference and description for PTH on Postgres
...
Dave and William did most of the work already over on PR #4871 , this
just points it out in the module.
2015-03-05 14:36:56 -06:00
sinn3r
16c86227e2
Change to OptBool and default to explicit
2015-03-05 13:07:03 -06:00
aushack
2f4df39dc9
Fixed typo
2015-03-05 17:40:51 +11:00
sinn3r
d40e7485dd
Add CVE-2015-0240 auxiliary module
2015-03-04 23:50:14 -06:00
David Maloney
c8f23b2903
fix jtr_postgres_fast too
...
the JtR hash cracker for postgres hashes now uses
the new PostgresMD5 class for finding it's hashes
MSP-12244
2015-03-03 18:46:47 -06:00
David Maloney
199c3ba96c
postgres hashdump now stores PostgresMD5 objects
...
instead of nonreplayabke hashes the postgres_hashdump
aux module now saves them approriately as PostgresMD5s
with the md5 tag intact at the front
MSP-12244
2015-03-03 16:45:13 -06:00
sinn3r
5f3ed83922
Land #4836 , Solarwinds Core Orion Service SQL injection
2015-03-02 11:44:26 -06:00
Brandon Perry
f8e3874203
add nil check
2015-02-28 20:43:19 -06:00
rastating
3b21de3906
Add WPVDB reference
2015-02-26 13:37:23 +00:00
Brandon Perry
ceb92cdf5e
update login method
2015-02-26 07:33:51 -06:00
joev
c4b85603d2
Fix encoding, oops.
2015-02-25 22:56:33 -06:00
joev
d486d17302
Add reference to 2014 fix.
2015-02-25 21:04:01 -06:00
joev
a410d2ec25
Add android 4.3 stock browser cookie/password theft.
2015-02-25 21:02:15 -06:00
William Vu
f24da1b178
Add file checking to printer_delete_file
2015-02-25 18:14:13 -06:00
William Vu
dc3ba40e5d
Add file checking to printer_upload_file
2015-02-25 18:13:36 -06:00
William Vu
513d11ce93
Complete replacement of "pathname" with "path"
...
See e8c2c3687d
.
2015-02-25 15:52:26 -06:00
William Vu
b3d4fc798f
Add printer_delete_file module
2015-02-25 15:47:53 -06:00
William Vu
90d179e56f
Add printer_upload_file module
2015-02-25 15:01:01 -06:00
William Vu
3cf94740e6
Land #4817 , CHECK_TCP option for Lantronix module
2015-02-25 13:16:14 -06:00
William Vu
d301752a88
Fix whitespace
2015-02-25 13:16:03 -06:00
rastating
e2dfdd60c0
Update version range
2015-02-25 19:11:15 +00:00
Jon Hart
a1c80d9f18
Fix URL
2015-02-25 08:54:08 -08:00
Jon Hart
ab0d0d4ad4
Remove UDPScanner from MDNS and LLMNR mixin -- leave that for modules
2015-02-25 08:53:38 -08:00
Jon Hart
e48425db31
Update LLMNR code to use MDNS, since the format is the same
2015-02-24 16:06:07 -08:00
Jon Hart
efd10ee08a
Show name in status
2015-02-24 15:37:40 -08:00
Jon Hart
54495a4f4c
Correct URL
2015-02-24 15:37:40 -08:00
Jon Hart
9ccd59cefc
Simplify mdns query response printing (for now)
2015-02-24 15:37:40 -08:00
Jon Hart
5396618a2e
Build LLMNR data ourselves, since Net::DNS is too restrictive.
2015-02-24 15:37:40 -08:00
Jon Hart
c0d1775d86
Show rport in each batch
2015-02-24 15:37:40 -08:00
Jon Hart
093606ae23
stash
2015-02-24 15:37:40 -08:00
Jon Hart
80f5e68e8e
Add basic descriptions
2015-02-24 15:37:40 -08:00
Jon Hart
95353da107
Cleanup, new base mDNS query module
2015-02-24 15:37:39 -08:00
Jon Hart
ece84c0e30
Use build_probe
2015-02-24 15:37:39 -08:00
Jon Hart
4feda7f3e7
Allow friendly LLMNR type (PTR, ptr, 12) and class (IN, in, 1)
2015-02-24 15:37:39 -08:00
Jon Hart
4d82976740
Store LLMNR results
2015-02-24 15:37:39 -08:00
Jon Hart
b3787ded6b
Add mDNS mixins, update query module to use them
2015-02-24 15:37:38 -08:00
Jon Hart
9d21f29298
Update LLMNR query to use new UDPScanner functionality
2015-02-24 15:37:38 -08:00
Jon Hart
fef19dd2a8
Add preliminary module for scanning mDNS
2015-02-24 15:37:38 -08:00
Jon Hart
5f4c4ee4be
Use correct options to Packet.new
2015-02-24 15:37:38 -08:00
Jon Hart
1e38a5db86
Use Net::DNS::Packet to build queries, static probe
2015-02-24 15:37:38 -08:00
Jon Hart
473213849f
More truthy method to determine whether to print, better inspection
2015-02-24 15:37:38 -08:00
Jon Hart
392ba483f9
Better handling of *print_
2015-02-24 15:37:38 -08:00
Jon Hart
5cb14255c1
Inspect any responses
2015-02-24 15:37:38 -08:00
Jon Hart
d2bddd6bcd
Parse and print each response (for real. 3rd time's a charm...)
2015-02-24 15:37:38 -08:00
Jon Hart
25d85b60f3
Parse and print each response (for real)
2015-02-24 15:37:38 -08:00
Jon Hart
0f5aaaf607
Parse and print each response (for now)
2015-02-24 15:37:37 -08:00
Jon Hart
9ad0fc38f7
Print something more useful with LLMNR responses
2015-02-24 15:37:37 -08:00
Jon Hart
a9a6a564c6
Use LLMNR multicast address for RHOSTS by default
2015-02-24 15:37:37 -08:00
Jon Hart
f4a1ce7fb6
Default RHOSTS to 224.0.0.252, the multicast group for LLMNR
2015-02-24 15:37:37 -08:00
Jon Hart
7917a70216
Initial commit of some code for LLMNR research
...
This is largely useless right now because LLMNR is only supposed to
work in the same multicast/broadcast domain and implementations are
supposed to ignore requests with an IP TTL != 1.
2015-02-24 15:37:37 -08:00
rastating
242d3b8680
Add WP EasyCart privilege escalation module
2015-02-24 21:11:22 +00:00
Tod Beardsley
6feae9524b
Fix up funny indent on description
...
[See #4770 ]
2015-02-24 12:25:48 -06:00
Brandon Perry
1134b0a6fa
fix dataastore to datastore
2015-02-24 10:34:33 -06:00
William Vu
f3cad229d3
Fix duplicate hash key "References"
...
In modules/auxiliary/scanner/http/http_login.rb.
2015-02-24 05:19:58 -06:00
William Vu
8c5ff858d0
Land #4812 , hp_sys_mgmt_login configurable URIs
2015-02-23 19:04:14 -06:00
Brandon Perry
c9439addf8
fix url
2015-02-23 16:50:58 -06:00
HD Moore
bf103def9e
Add the /ews/ path to enable easy OWA brute force
2015-02-23 14:03:39 -06:00
William Vu
bcfbcb7eea
Clean up whitespace
2015-02-23 13:15:21 -06:00
sinn3r
c39d6e152e
Land #4819 , Normalize HTTP LoginScanner modules
2015-02-23 11:43:42 -06:00
HD Moore
1b1716bcf6
Fix a handful of bugs that broke this modules. Fixes #4799
2015-02-22 22:01:01 -06:00
HD Moore
9730a1655e
Small cleanups to the LLMR responder module
2015-02-22 22:00:42 -06:00
HD Moore
615d71de6e
Remove extraneous calls to GC.start()
2015-02-22 21:51:33 -06:00
Brandon Perry
3d82c7755b
add solarwinds module
2015-02-22 15:35:42 -06:00
rastating
61bdd58fbe
Fix required flag on options
2015-02-22 16:20:47 +00:00
rastating
37a55cce74
Abstracted version comparison code
2015-02-22 16:20:46 +00:00
rastating
31cdd757f6
Add WordPress WPLMS privilege escalation module
2015-02-22 16:20:46 +00:00