Roberto Soares Espreto
291bfed47e
Using Rex.sleep instead of select
2014-10-10 15:17:40 -03:00
Roberto Soares Espreto
bd315d7655
Changed print_good and OptEnum
2014-10-10 13:54:42 -03:00
Roberto Soares Espreto
08fdb4fab2
Add module to enumerate environment HP via perfd daemon
2014-10-10 13:09:36 -03:00
Pedro Ribeiro
8163b7de96
Thanks for helping me clean up Todd!
2014-10-09 18:20:31 +01:00
Pedro Ribeiro
9d1e206e43
Incorporate cred changes and other minor fixes
2014-10-09 17:59:38 +01:00
Pedro Ribeiro
4817e1e953
Update trackit_sql_domain_creds.rb
2014-10-08 21:41:04 +01:00
Brendan Coles
3c7be9c4c5
Remove hash rockets from references #3766
...
[SeeRM #8776 ]
2014-10-08 09:01:19 +00:00
Pedro Ribeiro
6af6b502c3
Remove spaces at EOL
2014-10-08 08:30:30 +01:00
Pedro Ribeiro
713ff5134a
Add OSVDB id
2014-10-08 08:24:44 +01:00
Pedro Ribeiro
bd812c593c
Add full disclosure URL
2014-10-08 08:24:04 +01:00
Pedro Ribeiro
bbac61397d
Restore :address to rhost and explain why
2014-10-08 08:23:43 +01:00
Pedro Ribeiro
9cb0ad1ac2
Change the reporting address to the real value
2014-10-08 01:18:17 +01:00
Pedro Ribeiro
6e9bebdaf9
Fix noob mistake in assignment
2014-10-08 01:04:15 +01:00
Pedro Ribeiro
7dbfa19e65
Add exploit for Track-It! domain/sql creds vuln
2014-10-07 23:54:43 +01:00
Christian Mehlmauer
f45b89503d
change WPVULNDBID to WPVDB
2014-10-03 17:13:18 +02:00
Christian Mehlmauer
33b37727c7
Added wpvulndb links
2014-10-02 23:03:31 +02:00
jvazquez-r7
c00094ba6e
Land #3345 , @mvdevnull's auxiliary module for OSVDB 106815, Alienvault sqli
2014-09-19 15:01:21 -05:00
jvazquez-r7
62414e2214
Add Timeout to exploit sqli
2014-09-19 15:00:54 -05:00
jvazquez-r7
db6372ec8b
Do minor module cleanup
2014-09-19 14:43:35 -05:00
jvazquez-r7
4a9294e3bf
Mark module as not executable
2014-09-19 14:36:44 -05:00
Joe Vennix
59dfa624c4
Add a REMOTE_JS datastore option for BeEf hooks etc.
2014-09-16 13:31:03 -05:00
Tod Beardsley
4fc1ec09c7
Land #3759 , Android UXSS, with ref/desc fixes
...
Incidentally, this also closes jvennix-r7#14 (let's see if I can close a
PR by merging from another repo!)
Also fixes #3782 (opened by accident).
2014-09-11 14:27:51 -05:00
Tod Beardsley
fbba4b32e0
Update the title and desc to be more descriptive
...
See #3759
2014-09-11 14:06:14 -05:00
Tod Beardsley
d627ab7628
Add refs for Android UXSS
...
See #3759
2014-09-11 14:05:50 -05:00
sinn3r
280e16c241
Land #3677 - Updated shodan_search for new API
2014-09-10 11:39:00 -05:00
sinn3r
006393360e
Add conditions to check healthy shodan results
2014-09-10 11:38:06 -05:00
Joe Vennix
7793ed4fea
Add some common UXSS scripts.
2014-09-09 02:31:27 -05:00
Joe Vennix
27889ea411
Add a safety fallback on js load.
2014-09-08 00:46:47 -05:00
Joe Vennix
8407d45c9c
Rework the timers.
2014-09-08 00:40:00 -05:00
Joe Vennix
5c9c8edfcf
Fix refs.
2014-09-07 23:33:45 -05:00
Joe Vennix
5efaf7d4cf
rename module, handle asyncness.
2014-09-07 23:25:08 -05:00
Joe Vennix
1bf89fb6bd
Add Android <= 4.3 AOSP UXSS module.
2014-09-07 20:44:03 -05:00
Chris Hebert
abffdd8705
Update alienvault_newpolicyform_sqli.rb
...
cleaned up according to msftidy.rb suggestions
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:17 - [WARNING] Spaces at EOL
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:18 - [WARNING] Tabbed indent: "\tlack of input filtering to read an arbitrary file from the file system.\n"
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:29 - [WARNING] Space-Tab mixed indent: "\t [ 'OSVDB', '106815' ],\n"
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:29 - [WARNING] Tabbed indent: "\t [ 'OSVDB', '106815' ],\n"
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:30 - [WARNING] Space-Tab mixed indent: "\t [ 'EDB', '33317'],\n"
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:30 - [WARNING] Tabbed indent: "\t [ 'EDB', '33317'],\n"
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:110 - [WARNING] Spaces at EOL
2014-09-04 21:46:37 -04:00
Chris Hebert
664cc131e3
Update alienvault_newpolicyform_sqli.rb
...
added 'ctx' variable relating to jvazquez-r7 note added on Jun 9
2014-09-04 21:34:24 -04:00
jvazquez-r7
ff210a7c0a
delete parenthesis
2014-09-04 16:16:29 -05:00
William Vu
2d8c7a7a4d
Refactor if statement to early return
...
This eliminates the protracted if statement and aligns the code body.
2014-09-04 15:05:30 -05:00
John Sawyer
3281781f6a
Addressed r7 comments, fixed bug in results loop
2014-09-01 13:43:31 -04:00
Jon Hart
246f021437
Update natpmp_external_address to use Msf::Auxiliary::UDPScanner
2014-08-26 10:49:53 -07:00
Jon Hart
162508f532
Update NAT-PMP modules to use new/updated mixins
2014-08-26 10:49:53 -07:00
Jon Hart
816404bb88
Move common NAT-PMP functionality into a central place
2014-08-26 10:49:53 -07:00
Jon Hart
ca11eae3a9
Show a useful failure message when the external address probe fails
2014-08-26 10:49:52 -07:00
John Sawyer
0a27a18104
Committing changes from r7 comments
2014-08-23 00:08:27 -04:00
John Sawyer
1959f7a235
Updated shodan_search for new API
2014-08-20 00:48:13 -04:00
jvazquez-r7
674c3ca260
Use [] for references
2014-07-30 10:44:42 -05:00
Christian Mehlmauer
3d2a62bc29
Updated W3 Total Cache Hash extract module
2014-07-29 19:49:48 +02:00
jvazquez-r7
8937fbb2f5
Fix email format
2014-07-11 12:45:23 -05:00
William Vu
43f41de124
Land #3508 , CVE-2014-4671 Flash JSONP disclosure
2014-07-11 10:11:48 -05:00
joev
b8225ae2dc
Remove unnecessary ||= and ivars.
2014-07-10 16:06:28 -05:00
joev
e0389dfbc3
Update code as per @wvu's code review.
2014-07-10 15:03:40 -05:00
joev
dd439066ca
Patch rhost to display hostname of JSONP_URL.
2014-07-10 12:02:22 -05:00
joev
841cb6a590
STEAL_URL -> STEAL_URLS.
2014-07-10 09:14:32 -05:00
joev
fad30bc874
Add flash rosetta exploit module for stealing URLs.
2014-07-10 09:09:10 -05:00
HD Moore
002234993f
SMB lib fixes, unattend.xml cred gathering
2014-06-23 20:08:42 -05:00
Meatballs
615aeb66a5
Dont use or
2014-06-23 23:11:04 +01:00
Meatballs
752007848b
Tidy up code
...
Dont rescue Exception
Remove eol spaces
Dont use and
More verbose path
2014-06-23 23:08:33 +01:00
HD Moore
2772d84a18
Major rework of this module, please see the diff
2014-06-23 16:13:42 -05:00
William Vu
a0aca251f5
Land #3472 , releae fixes
2014-06-23 11:41:35 -05:00
Tod Beardsley
0219c4974a
Release fixups, word choice, refs, etc.
2014-06-23 11:17:00 -05:00
William Vu
40d1ec551e
Add WEP, PSK, and MGT
2014-06-21 23:15:20 -05:00
Spencer McIntyre
c685e0d06e
Land #3444 , chromecast wifi enumeration
2014-06-17 22:09:58 -04:00
William Vu
1394ad1431
Break my double quote habit
...
Doesn't it feel better? C doesn't love me anymore.
2014-06-17 14:22:55 -05:00
William Vu
8376b4aa2b
Map constants to readable values
...
Thanks, @zeroSteiner and @kernelsmith. :)
2014-06-17 13:10:08 -05:00
Tod Beardsley
2aa26fa290
Minor spacing and word choice fixups
2014-06-16 11:40:21 -05:00
Tod Beardsley
1ab379a0fe
Land #3448 , ident =! indent
2014-06-12 14:15:06 -05:00
Tod Beardsley
e9783200f2
Land #3447 , fix variable typo
2014-06-12 14:07:34 -05:00
William Vu
cb91b2b094
Fix broken table indent (s/Ident/Indent/ hash key)
2014-06-12 13:41:44 -05:00
Jon Cave
a647246148
Use correct variable name
2014-06-12 19:38:41 +01:00
Tod Beardsley
3f5e50d18f
Aux modules don't have ranking.
...
msftidy should have defintely caught this. That it didn't catch on
Travis-CI concerns me. Need to research this.
2014-06-12 13:21:59 -05:00
joev
6bc37cca0c
Land #3430 , @brandonprry's generic MongoDB injection enum.
2014-06-11 21:41:23 -05:00
William Vu
23f7fe45ed
Add Chromecast wifi enumeration module
2014-06-11 21:00:47 -05:00
Brandon Perry
cca91dd7c5
Update mongodb_js_inject_collection_enum.rb
...
some @jvennix-r7 fixes
2014-06-11 17:07:57 -05:00
Brandon Perry
4367e8ef0c
Update mongodb_js_inject_collection_enum.rb
...
Fix some logic bugs that caused incorrect results.
2014-06-07 21:03:28 -05:00
Brandon Perry
dc89621d5c
Update mongodb_js_inject_collection_enum.rb
...
No need to make extra requests. Off by one.
2014-06-07 20:09:00 -05:00
Brandon Perry
2663af986b
Update mongodb_js_inject_collection_enum.rb
...
This adds a bit more error handling, and better decision making in regards to false responses.
2014-06-07 19:58:12 -05:00
Brandon Perry
4071fb332b
Create mongodb_js_inject_collection_enum.rb
...
This module was tested against a small php application I wrote interfacing with MongoDB 2.2.7
https://gist.github.com/brandonprry/c2de8ac2be825007c4de
2014-06-07 11:20:34 -05:00
jvazquez-r7
69e8286838
Fix title
2014-05-27 10:29:32 -05:00
jvazquez-r7
1316365c2f
Fix description
2014-05-27 10:22:39 -05:00
jvazquez-r7
abe1d6ffc7
Land #3190 , @Karmanovskii's module to fingerprint MyBB database
2014-05-27 10:20:24 -05:00
jvazquez-r7
86221de10e
Fix message
2014-05-27 10:18:27 -05:00
jvazquez-r7
b96c2dd0ca
Change module filename
2014-05-27 10:15:39 -05:00
jvazquez-r7
1d8c46155b
Do last code cleaning
2014-05-27 10:14:55 -05:00
Karmanovskii
eacf70af83
Update mybb_get_type_db.rb
...
26.05.2014 23:26
I deleted mimicking IE11
2014-05-26 23:26:28 +04:00
Chris Hebert
99046ba12a
Update alienvault_newpolicyform_sqli.rb
...
Added EDB link - should be ready now.
2014-05-23 10:07:45 -04:00
Tod Beardsley
fa353e6bd9
Add CVE, IBM ref for SameTime modules
2014-05-22 11:34:04 -05:00
Karmanovskii
e26dee5e22
Update mybb_get_type_db.rb
...
19/05/2014
I deleted - #return Exploit::CheckCode::Unknown # necessary ????
2014-05-19 21:32:30 +04:00
Karmanovskii
06912ac2b6
Update mybb_get_type_db.rb
...
1.Changed "Rex::Proto::Http::Client" to "Msf::Exploit::Remote::HttpClient"
2.changed the name of the variable "_Version_server".
2014-05-17 16:30:29 +04:00
Karmanovskii
cbb84e854c
Update mybb_get_type_db.rb
...
14.05.2014
Eliminated notes jvazquez-r7
2014-05-14 14:56:40 +04:00
Christian Mehlmauer
3f3283ba06
Resolved some msftidy warnings (Set-Cookie)
2014-05-12 21:23:30 +02:00
Chris Hebert
681e4194ea
Update alienvault_newpolicyform_sqli.rb
...
and the new variable as well.
2014-05-10 20:19:40 -04:00
Chris Hebert
3ae3c478bd
Update alienvault_newpolicyform_sqli.rb
...
enhanced as requested by Christian Mehlmauer
changed xnDa to a random string to make IDS harder to detect.
2014-05-10 20:17:30 -04:00
Chris Hebert
1affbfbe9d
Update alienvault_newpolicyform_sqli.rb
...
fixed reinitialize i=0, full = '' and filename .....
spotted by Spencer McIntyre - thanks.
2014-05-10 18:49:41 -04:00
Chris Hebert
8e79663001
Update alienvault_newpolicyform_sqli.rb
...
Added vendor advisory
2014-05-10 18:31:12 -04:00
Chris Hebert
ec1df58bf7
Update alienvault_newpolicyform_sqli.rb
...
Changed reference -- OSVDB # 106815
(waiting for EDB - no response yet)
2014-05-10 18:14:09 -04:00
Chris Hebert
473efe1040
Update alienvault_newpolicyform_sqli.rb
2014-05-10 17:28:50 -04:00
mvdevnull
117e0b839b
Add module - alienvault_newpolicyform_sqli
2014-05-09 15:10:58 -04:00
Tod Beardsley
c6affcd6d3
Fix caps, description on F5 module
...
The product name isn't "Load Balancer" as far as I can tell.
2014-05-05 13:38:53 -05:00
jvazquez-r7
9cd6c5ef2b
Land #3297 , @Th4nat0s's F6 backends disclosure module
2014-04-30 09:31:37 -05:00
jvazquez-r7
4e80e1c239
Clean up pull request code
2014-04-30 09:31:07 -05:00
Thanat0s
70314494ca
test nil of port & host
2014-04-28 23:33:01 +02:00
Thanat0s
fe3f7fd76a
Obey to reviewer.. code fix
2014-04-28 23:26:29 +02:00
Thanat0s
2396d497d8
move scanner to gather
2014-04-28 12:57:54 +02:00
Spencer McIntyre
9ccb9397e3
Land #3264 , throttl and csv output support for module
2014-04-23 19:00:28 -04:00
Spencer McIntyre
e2b92a824f
Change white space for authors in dns_reverse_lookup
2014-04-23 18:56:27 -04:00
Thanat0s
457c48b89b
Error on sleep
2014-04-23 11:38:23 +02:00
sinn3r
d7513b0eb2
Handle nil properly when no results are found
2014-04-15 18:19:29 -05:00
Tod Beardsley
40a359f312
Include a vhost for Shodan or else it complains
...
Works now. The rhost option was not keeping the custom vhost option.
````
msf auxiliary(shodan_search) > rexploit
[*] Reloading module...
[*] Total: 13443 on 269 pages. Showing: 1
[*] Country Statistics:
[*] United States (US): 2006
[*] Germany (DE): 1787
[*] Korea, Republic of (KR): 1061
[*] Italy (IT): 916
[*] Hungary (HU): 604
[*] Collecting data, please WaitUntilAuthEmptyt...
IP Results
==========
````
2014-04-14 21:23:27 -05:00
Tod Beardsley
1436f68955
Fix shodan to not muck with datastore
2014-04-14 21:21:11 -05:00
Thanat0s
176204d62d
With implemented remarks
2014-04-14 21:11:04 +02:00
Thanat0s
dd7bceee56
fix threaded issues
2014-04-12 17:43:39 +02:00
Thanat0s
d493c48cc6
add thottling,notes insert and output to dns_rev_lookup
2014-04-12 16:36:18 +02:00
Tod Beardsley
56662bd89b
Correct corpwatch_lookup_name datastore usage
...
[SeeRM #8498 ]
2014-04-10 16:56:55 -05:00
Tod Beardsley
06dedeec8f
Update corpwatch_lookup_id to run correctly
...
[SeeRM #8498 ]
2014-04-10 16:52:34 -05:00
Tod Beardsley
062175128b
Update @Meatballs and @FireFart in authors.rb
2014-04-09 10:46:10 -05:00
Tod Beardsley
7572d6612e
Spelling and grammar on new release modules
2014-04-07 12:18:13 -05:00
Karmanovskii
5dbd124ef9
Update mybb_get_type_db.rb
2014-04-05 02:53:43 -07:00
Karmanovskii
c035715a71
Update mybb_get_type_db.rb
...
Changed the name of the variable _Version_server on _version_server according to the recommendation of jvazquez-r7
2014-04-05 02:50:53 -07:00
jvazquez-r7
e2cbcf3c5d
Land #3179 , @brandonprry AlienVault sqli aux module
2014-04-04 09:17:11 -05:00
jvazquez-r7
ff6105e55d
Add check codes
2014-04-04 09:13:43 -05:00
Brandon Perry
44db611845
defaultoptions, not option
2014-04-04 05:55:35 -07:00
jvazquez-r7
6f14cd225d
Do minor clean up
2014-04-03 23:22:44 -05:00
Christian Mehlmauer
253a1c1f87
Land #3180 , EMC Cloud Tiering Appliance Unauthed XXE with root perms
2014-04-03 22:02:13 +02:00
Brandon Perry
a57da00932
fix refs line
2014-04-03 14:07:00 -07:00
Brandon Perry
51f83fccde
add some checks in vase the file wasn't retrievable
2014-04-03 14:04:05 -07:00
Brandon Perry
e2ded663a6
make more robust
2014-04-03 06:15:09 -07:00
Brandon Perry
53b8148438
make more random
2014-04-03 05:52:35 -07:00
Brandon Perry
77b64ee77d
make more random
2014-04-03 05:41:00 -07:00
Brandon Perry
75dc4c459b
msftidy
2014-04-02 13:22:21 -07:00
Brandon Perry
bb82277a41
msftidy
2014-04-02 13:20:13 -07:00
Brandon Perry
abc0b31f26
exploithub wat
2014-04-02 13:18:48 -07:00
Brandon Perry
765657d55a
alienvault module
2014-04-02 13:09:46 -07:00
Brandon Perry
d3f353118a
edb update
2014-04-02 13:06:54 -07:00
Brandon Perry
32cd846fe4
emc cta xxe module
2014-04-02 13:05:53 -07:00
Karmanovskii
b11df0eaf0
Update and rename myBB_GetTypeDB.rb to mybb_get_type_db.rb
2014-03-28 16:47:49 -07:00
William Vu
2344a9368e
Fix warnings generated by #3158
...
Keeping ManualRanking for DoS modules.
2014-03-31 12:35:15 -05:00
Karmanovskii
0b51e7459c
Update myBB_GetTypeDB.rb
...
I have added detection MyBB forum.
2014-03-24 12:19:51 -07:00
Tod Beardsley
cd9182c77f
Msftidy warning fix on Joomla module.
...
Pre-commit hooks people.
2014-03-24 12:03:12 -05:00
sinn3r
93ad818358
Fix header and e-mail format for author
2014-03-20 12:07:50 -05:00
Brandon Perry
9b2cfb6c84
change default targeturi to something more universal
2014-03-19 21:03:50 -05:00
Brandon Perry
b52a535609
add official url
2014-03-19 20:41:32 -05:00
Brandon Perry
ab42cb1bff
better error handling for the user
2014-03-19 18:46:57 -05:00
Brandon Perry
2ef2f9b47c
use vars_get
2014-03-19 07:51:34 -07:00
Brandon Perry
920b2da720
Merge branch 'master' into joomla_sqli
2014-03-19 07:43:32 -07:00
Brandon Perry
a01dd48640
a bit better error message if injection works but no file
2014-03-13 13:38:43 -07:00
Brandon Perry
b0688e0fca
clarify LOAD_FILE perms in description
2014-03-13 13:11:27 -07:00
Brandon Perry
2734b89062
update normalize_uri calls
2014-03-13 06:55:15 -07:00
Brandon Perry
7540dd83eb
randomize markers
2014-03-12 20:11:55 -05:00
Brandon Perry
3fedafb530
whoops, extra char
2014-03-12 19:54:58 -05:00
Brandon Perry
aa00a5d550
check method
2014-03-12 19:47:39 -05:00
Brandon Perry
9cb1c1a726
whoops, typoed the markers
2014-03-12 10:58:34 -07:00
Brandon Perry
6636d43dc5
initial module
2014-03-12 10:46:56 -07:00
William Vu
170608e97b
Fix first chunk of msftidy "bad char" errors
...
There needs to be a better way to go about preventing/fixing these.
2014-03-11 11:18:54 -05:00
Karmanovskii
6d748f49d3
Update myBB_GetTypeDB.rb
...
1.I added comment header;
2.I made a link to your account as a comment;
3.I added a link https://github.com/rapid7/metasploit-framework/pull/3070
Items 2 and 3 on the advice wchen-r7
2014-03-07 10:49:30 -08:00
Karmanovskii
162527c0e4
Update and rename modules/auxiliary/analyze/myBB_GetTypeDB.rb to modules/auxiliary/gather/myBB_GetTypeDB.rb
...
Minor changes and bug: "Msf :: Auxiliary" - forgot to change
2014-03-06 09:43:23 -08:00
sinn3r
f0e97207b7
Fix email format
2014-03-04 17:51:24 -06:00
Brandon Perry
c86764d414
update default password to root
2014-03-04 11:55:30 -08:00
Brandon Perry
2b06791ea6
updates regarding PR comments
2014-03-04 10:08:31 -08:00
Brandon Perry
a3523bdcb9
Update mantisbt_admin_sqli.rb
...
remove extra new line and fix author line
2014-03-04 08:44:53 -06:00
Brandon Perry
98b59c4103
update desc
2014-03-03 12:40:58 -08:00
Brandon Perry
c5d1071456
add mantisbt aux module
2014-03-03 12:36:38 -08:00
James Lee
d2945b55c1
Fix typo
...
inside_workspace_boundary() -> inside_workspace_boundary?()
2014-02-24 14:46:08 -06:00
Tod Beardsley
1236a4eb07
Fixup on description and some option descrips
2014-02-10 14:41:59 -06:00
sinn3r
8a8bc74687
Land #2940 - DoliWamp 'jqueryFileTree.php' Traversal Gather Credentials
2014-02-10 13:49:02 -06:00
sinn3r
306b31eee3
Small changes before merging
2014-02-10 13:47:31 -06:00
jvazquez-r7
ac52edabd5
Land #2801 , Land @kicks4kittens IBM Sametime modules
2014-02-06 10:17:03 -06:00
jvazquez-r7
30c325c22e
Make better json check
2014-02-06 10:16:26 -06:00
kicks4kittens
564f9bccc8
Correct print output
...
Printing the room details is the purpose of the module.
Reinstated printing the table in non-verbose mode (users won't know it's there otherwise)
2014-02-05 22:00:02 +01:00
kicks4kittens
445cd7be5a
remove "on {peer}
...
line already includes {peer} info
2014-02-05 21:57:58 +01:00
kicks4kittens
4c0c9101aa
Correct check, reinstate print
...
Corrected JSON check (response is empty, but valid JSON on check success)
Reinstated print to warn user (not only in VERBOSE)
2014-02-05 21:56:56 +01:00
kicks4kittens
60cf68f899
added default SSL
2014-02-05 21:54:02 +01:00
kicks4kittens
3560b41eb2
correct variable name
...
body isn't valid, replaced with res.body and tested
2014-02-05 21:51:55 +01:00
Tod Beardsley
9953821451
Fix desc on Drupal module, some peer prints
2014-02-03 12:16:06 -06:00
bcoles
9b9b2fab58
Add DoliWamp 'jqueryFileTree.php' Traversal Gather Credentials module
2014-02-04 02:00:11 +10:30
sinn3r
f7ecae3f75
Land #2909 - Drupal OpenID External Entity Injection
2014-01-24 15:03:07 -06:00
sinn3r
c8e2301111
Be more informative about why CheckCode::Unknown
...
This is just kind of personal preference here. In case users wonder
why Unknown.
2014-01-24 15:01:52 -06:00
jvazquez-r7
cf17bf2e72
Small fix
2014-01-23 19:34:50 -06:00
jvazquez-r7
43de7eb74f
Use REXML
2014-01-23 19:32:42 -06:00
jvazquez-r7
5a59e3d4e4
Fix typo
2014-01-23 18:53:58 -06:00
jvazquez-r7
f529eb1d4b
Clean code
2014-01-23 18:51:24 -06:00
jvazquez-r7
8e17d38c77
Add check method
2014-01-23 18:30:18 -06:00
jvazquez-r7
b0deb45fad
Add Drupal advisory as reference
2014-01-23 18:10:57 -06:00
jvazquez-r7
6d0d7eda10
Delete garbage comment
2014-01-23 18:09:05 -06:00
jvazquez-r7
72b72effa6
Add module for CVE-2012-4554
2014-01-23 18:04:31 -06:00
sinn3r
7080bb336c
Update ColdFusion check
2014-01-19 17:05:03 -06:00
sinn3r
4fdd2c19a1
Update vbulletin check
2014-01-19 16:54:27 -06:00
jvazquez-r7
01ab6fd545
Do small fixes
2014-01-17 17:59:03 -06:00
jvazquez-r7
5ec062ea1c
Beautify print message
2014-01-17 17:42:26 -06:00
jvazquez-r7
d96772ead1
Clean multi-threading on ibm_sametime_enumerate_users
2014-01-17 17:38:16 -06:00
jvazquez-r7
bb3d9da0bb
Do first cleaning on ibm_sametime_enumerate_users
2014-01-17 16:33:25 -06:00
jvazquez-r7
584401dc3f
Clean ibm_sametime_room_brute code
2014-01-17 15:57:12 -06:00
jvazquez-r7
4d079d47b8
Enable SSL by default
2014-01-17 15:34:33 -06:00
jvazquez-r7
277711b578
Fix metadata
2014-01-17 15:31:51 -06:00
jvazquez-r7
10fd5304ce
Parse response body just one time
2014-01-17 15:17:25 -06:00
jvazquez-r7
fe64dbde83
Use rhost and rport methods
2014-01-17 14:49:50 -06:00
jvazquez-r7
5e8ab6fb89
Clea ibm_sametime_version
2014-01-17 12:23:11 -06:00
kicks4kittens
d0d82fe405
Fixed code issues as requested in PR2801
...
Mostly coding style issues
Re-tested in testbed - output as expected
2014-01-15 13:53:14 +01:00
kicks4kittens
87648476e1
Fixed code issues as requested in PR2801
...
Mostly coding style issues
Re-tested in testbed - output as expected
2014-01-15 13:52:45 +01:00
kicks4kittens
55d4ad1b6a
Fixed code issues as requested in PR2801
...
Mostly coding style issues
Re-tested in testbed - output as expected
2014-01-15 13:51:19 +01:00
Tod Beardsley
feaf6c23cf
Merge and Unconflict client.rb, new module splat
...
The only conflict was the regex option for no encoding, which was added
after @Meatballs1's original PR for rapid7/metasploit-framework#1421
Also fixes the module with the new license splat.
Conflicts:
lib/rex/proto/smb/client.rb
2013-12-30 16:53:13 -06:00
kicks4kittens
17c0751677
Create ibm_sametime_room_brute.rb
...
init
2013-12-26 13:02:52 +01:00
kicks4kittens
7ba1950424
Create ibm_sametime_enumerate_users.rb
...
init
2013-12-26 13:01:48 +01:00
kicks4kittens
2d6f41d67f
Create ibm_sametime_version.rb
...
init
2013-12-26 13:00:39 +01:00
OJ
5e4c395f86
Fix small spacing issue
2013-12-18 17:14:47 +10:00
zeknox
2eee34babf
added timeout options and rescue timeout
2013-12-16 20:00:13 -06:00
zeknox
fe34d0e36e
fixed syntax
2013-12-16 19:26:40 -06:00
zeknox
7b8de95f6b
fixed database overwriting issues
2013-12-16 19:16:12 -06:00
zeknox
07f686bb1a
added ResolverArgumentError rescue statement
2013-12-16 18:46:14 -06:00
zeknox
e6f1f648be
modified wordlist path, modified report_goods to log udp or tcp, made wordlist not required
2013-12-13 10:49:44 -06:00
zeknox
d6e19df8e2
added additional url reference
2013-12-12 22:57:23 -06:00
zeknox
9f18c57fce
added period to description and changed tester to user
2013-12-12 22:11:02 -06:00
zeknox
dba0e9bf77
msftidy done
2013-12-12 20:30:46 -06:00
zeknox
554cd41403
added dns_cache_scraper and useful wordlists
2013-12-12 20:18:18 -06:00
Tod Beardsley
e737b136cc
Minor grammar/caps fixup for release
2013-12-09 14:01:27 -06:00
sinn3r
92412279ae
Account for failed cred gathering attempts
...
Sometimes the SQL error doesn't contain the info we need.
2013-12-09 02:11:46 -06:00
jvazquez-r7
f2f8c08c8e
Use blank? method
2013-12-05 16:36:44 -06:00
jvazquez-r7
a380d9b4f2
Add aux module for CVE-2013-3522
2013-12-05 15:58:05 -06:00
joev
0612f340f1
Commas are good.
2013-11-13 14:38:50 -06:00
joev
ad5f82d211
Add missing refs to aux/gather/android_htmlfileprovider.
2013-11-13 14:36:18 -06:00
William Vu
f5d1d8eace
chmod -x .rb files without #! in modules and lib
...
It wasn't just cmdstager_printf.rb. :/
2013-10-30 19:51:25 -05:00
sinn3r
032da9be10
Land #2426 - make use of Msf::Config.data_directory
2013-10-21 13:07:33 -05:00
Tod Beardsley
ba2c52c5de
Fixed up some more weird splat formatting.
2013-10-16 16:25:48 -05:00
Tod Beardsley
5d86ab4ab8
Catch mis-formatted bracket comments.
2013-10-15 14:52:12 -05:00
Tod Beardsley
ed0b84b7f7
Another round of re-splatting.
2013-10-15 14:14:15 -05:00
Tod Beardsley
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
Tod Beardsley
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
Meatballs
9ca9b4ab29
Merge branch 'master' into data_dir
...
Conflicts:
lib/msf/core/auxiliary/jtr.rb
2013-10-10 19:55:26 +01:00
sinn3r
c10f0253bc
Land #2472 - Clean up the way Apple Safari UXSS aux module does data collection
2013-10-07 15:47:28 -05:00
Tod Beardsley
293927aff0
msftidy fix for coldfusion exploit
2013-10-07 12:22:48 -05:00
joev
47e7a2de83
Kill stray debugger statement.
2013-10-06 19:32:22 -05:00
joev
c2a81907ba
Clean up the way Apple Safari UXSS aux module does data collection.
...
[FIXRM #7918 ]
2013-10-06 19:28:16 -05:00
jvazquez-r7
1fe0c50df0
Ignore unexpected answers
2013-10-02 20:41:02 -05:00
Meatballs
c460f943f7
Merge branch 'master' into data_dir
...
Conflicts:
modules/exploits/windows/local/always_install_elevated.rb
plugins/sounds.rb
scripts/meterpreter/powerdump.rb
scripts/shell/spawn_meterpreter.rb
2013-10-02 20:17:11 +01:00
Meatballs
7ba846ca24
Find and replace
2013-09-26 20:34:48 +01:00
FireFart
84ec2cbf11
remove peer methods since it is already defined in Msf::Exploit::Remote::HttpClient
2013-09-25 23:42:44 +02:00
Tod Beardsley
b4b7cecaf4
Various minor desc fixes, also killed some tabs.
2013-09-16 15:50:00 -05:00
jvazquez-r7
2741983158
Update description
2013-09-13 18:31:11 -05:00
jvazquez-r7
40aeaf445b
Add auxiliary module for HP SNAC Auth Bypass
2013-09-13 18:29:57 -05:00
Tab Assassin
785c2eeb95
Retab changes for PR #1421
2013-09-05 16:20:04 -05:00
Tab Assassin
a5cf67a9af
Merge for retab
2013-09-05 16:19:51 -05:00
Tab Assassin
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
jvazquez-r7
b9360b9de6
Land #2286 , @wchen-r7's patch for undefined method errors
2013-08-26 20:46:05 -05:00
sinn3r
6b8feaff8c
Type conversion
2013-08-26 13:56:11 -05:00
sinn3r
50e7d8015a
Validate datastore option "YEAR"
...
The YEAR option is a numeric value, so should be OptInt in order to
go through validation.
[FixRM #8345 ]
[FixRM #8344 ]
2013-08-21 01:38:16 -05:00
sinn3r
8806e76e4d
Fix undefined method error
...
[FixRM #8343 ]
2013-08-21 00:44:10 -05:00
sinn3r
86d6bce8c4
[FixRM #8312 ] - Fix file handle leaks
...
Fix file handle leaks for [SeeRM #8312 ]
2013-08-18 20:31:13 -05:00
HD Moore
6c1ba9c9c9
Switch to Failure vs Exploit::Failure
2013-08-15 14:14:46 -05:00
Tod Beardsley
164153f1e6
Minor updates to titles and descriptions
2013-07-22 13:04:54 -05:00
sinn3r
4a3dc2e365
Print all the creds! All your base belong to me.
...
After a short discussion with Tod, we think it's best to print the
creds by default. If some dude runs Metasploit in a public place,
dumps passwords, and gets shoulder surfed, well, sucks for them :-p
2013-07-09 19:56:44 -05:00
sinn3r
d3433a017b
Print hash too
2013-07-09 16:39:24 -05:00
jvazquez-r7
234624793c
Add module for CVE-2013-1814
2013-07-09 14:03:35 -05:00
sinn3r
0ecffea66f
Updates fingerprint() for CF10
2013-05-28 14:42:11 -05:00
ringt
54eeb8f000
Adding new version...old version does not work in windows, doesnt fingerprint, and a few other minor things
2013-05-21 13:13:21 -05:00
jvazquez-r7
f04ca17bb9
Fix default action
2013-05-13 11:56:02 -05:00
jvazquez-r7
5b64379553
Add Coldfusion 9 target, OSVDB ref and review
2013-05-13 11:55:11 -05:00
sinn3r
60299c2adb
Add EDB-25305 - That ColdFusion 10 sub0 0day stuff
...
This is just an aux module that extract passwords from
password.properties. Yes, this can leverage a shell too, but
obviously that's best implemented in #1737 , or as a new exploit.
We'll see.
2013-05-12 21:23:53 -05:00
HD Moore
63b0eace32
Add a missing require
2013-05-04 22:39:57 -05:00
Tod Beardsley
4227c23133
Add a reference for Safari module
2013-04-29 14:07:55 -05:00
Joe Vennix
431cba8f36
Update print_status labels.
2013-04-29 11:13:53 -05:00
Joe Vennix
c2a1d296a2
Rename DOWNLOAD_URI -> DOWNLOAD_PATH.
...
Conflicts:
modules/auxiliary/gather/apple_safari_webarchive_uxss.rb
2013-04-29 11:11:06 -05:00
Joe Vennix
55e0ec3187
Add support for DOWNLOAD_URI option.
...
* Fixes some comments that were no longer accurate.
Conflicts:
modules/auxiliary/gather/apple_safari_webarchive_uxss.rb
2013-04-29 11:10:19 -05:00
Tod Beardsley
c27245e092
Touch descriptions for module and options
2013-04-26 13:05:16 -05:00
Joe Vennix
b4606ba60a
Remove unnecessary puts call.
2013-04-26 12:55:02 -05:00
Tod Beardsley
ca6d6fbc84
msftidy for whitespace
2013-04-26 12:44:11 -05:00
Tod Beardsley
16769a9260
Fixing path normalization
2013-04-26 12:40:24 -05:00
Joe Vennix
2fa16f4d36
Rewrite relative script URLs to be absolute.
...
* Adds rescue clauses around URI parsing/pulling
* Actually use the URI_PATH datastore option.
2013-04-26 11:25:20 -05:00
Joe Vennix
993356c73e
Add safari webarchive uxss to framework as an aux module.
2013-04-25 11:14:16 -05:00
Tod Beardsley
e377e30873
unscrewing syntax error
2013-03-20 15:04:31 -05:00
Tod Beardsley
fd20eba35e
Expanding the title and desc for external_ip
...
Also allowing the capitalization on "via" to be small.
2013-03-20 14:42:12 -05:00
jvazquez-r7
2684e6103c
use of send_request_cgi
2013-03-11 20:36:47 +01:00
jvazquez-r7
9c89599737
cleanup before merge external_ip
2013-03-11 20:35:25 +01:00
jvazquez-r7
546e24a9c6
Merge branch 'external_ip_discovery' of https://github.com/sempervictus/metasploit-framework into sempervictus-external_ip_discovery
2013-03-11 20:35:07 +01:00
James Lee
2160718250
Fix file header comment
...
[See #1555 ]
2013-03-07 17:53:19 -06:00
RageLtMan
25f3f935c4
Apply Egypt's cleanup
...
Remove revision, raise the exception itself, remove scanner mixin,
datastore['RHOST'] unstead of RHOSTS, and useles agent var removed.
2013-03-07 18:34:12 -05:00
RageLtMan
dfe3a4f394
msftidy and module placement per todb
2013-03-06 17:36:01 -05:00
David Maloney
4212c36566
Fix up basic auth madness
2013-03-01 11:59:02 -06:00
David Maloney
c290bc565e
Merge branch 'master' into feature/http/authv2
2013-02-28 14:33:44 -06:00
sinn3r
cae1939914
Kinda too long
2013-02-25 13:44:11 -06:00
Matt Andreko
2c0a916c83
Made the password optional
2013-02-23 17:14:30 -05:00
Matt Andreko
b221711ecd
Added basic error handling
2013-02-23 10:24:04 -05:00
Matt Andreko
67c2c3da20
Code Review Feedback
...
Fixed the USER/PASS that I missed in last review
Converted from Scanner module to Gather
2013-02-23 10:09:23 -05:00
David Maloney
0ae489b37b
last of revert-merge snaffu
2013-02-19 23:16:46 -06:00
jvazquez-r7
829cf0f076
name changed to dns_srv_enum
2013-02-15 16:20:55 +01:00
jvazquez-r7
d1ba860409
changing filename for dns_srv
2013-02-15 16:20:33 +01:00
jvazquez-r7
374faf9b02
cleanup for dns_srv
2013-02-15 16:19:48 +01:00
jvazquez-r7
9d4bd763a6
Merge branch 'darkoperator-dnsenum2dnssrv' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-dnsenum2dnssrv
2013-02-15 16:19:31 +01:00
jvazquez-r7
38f5fbced3
cleanup for dns_reverse_lookup
2013-02-15 12:56:01 +01:00
jvazquez-r7
f1e3dab45f
Merge branch 'darkoperator-dnsenum2dnsreverselookup' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-dnsenum2dnsreverselookup
2013-02-15 12:55:39 +01:00
jvazquez-r7
6aed858f80
cleanup for dns_bruteforce
2013-02-15 12:37:46 +01:00
jvazquez-r7
1be003a4d0
Merge branch 'darkoperator-dnsenum2dnsbruteforce' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-dnsenum2dnsbruteforce
2013-02-15 12:37:27 +01:00
jvazquez-r7
57e1d1baa5
cleanup for dns_info
2013-02-15 12:03:08 +01:00
Carlos Perez
bcd59aa8fa
Typo word module does not go in the name.
2013-02-14 21:56:24 -04:00
Carlos Perez
1d64de6c11
Typo word module does not go in the name.
2013-02-14 21:55:38 -04:00
Carlos Perez
7f7b4e5a97
more changes to description and name
2013-02-14 21:49:57 -04:00
Carlos Perez
faf970cf1f
more changes to description and name
2013-02-14 21:47:43 -04:00
Carlos Perez
1b8610042a
more changes to description and name
2013-02-14 21:46:21 -04:00
Carlos Perez
0b9d4d976f
more changes to description and name
2013-02-14 21:44:31 -04:00
Carlos Perez
23320a5dde
Fix spelling problems
2013-02-14 15:48:11 -04:00
Carlos Perez
a7d4f5ff4a
Fix spelling problems
2013-02-14 15:46:36 -04:00
Carlos Perez
7f97ff271f
Fix spelling problems
2013-02-14 15:44:32 -04:00
Carlos Perez
1872b137f5
Fix spelling problems
2013-02-14 15:41:17 -04:00
Carlos Perez
e8ccfae048
Fix spelling problems
2013-02-14 15:38:17 -04:00
Carlos Perez
6c85e5242e
change wildcard message to print_warning
2013-02-11 12:04:30 -04:00
Carlos Perez
431641fec9
added check for retry options
2013-02-11 12:02:15 -04:00
Carlos Perez
fd6f00f641
added report note for wildcard
2013-02-11 11:37:20 -04:00
Carlos Perez
5f10704697
applied fixes
2013-02-11 11:31:13 -04:00
Carlos Perez
55efe01bf7
Applied fixes
2013-02-11 11:23:06 -04:00
Carlos Perez
fd15436a96
Added new line to end of file.
2013-02-08 20:52:49 -04:00
Carlos Perez
78f81843f6
Added new line to end of file.
2013-02-08 20:51:37 -04:00
Carlos Perez
eda3fc0715
Added new line to end of file.
2013-02-08 20:50:23 -04:00
Carlos Perez
166b59b61a
Added new line to end of file.
2013-02-08 20:48:57 -04:00
Carlos Perez
ac8194ed07
Split of DNS SRV Record Enumeration from enum_dns
2013-02-08 10:09:34 -04:00
Carlos Perez
256ab7f737
Split of DNS Reverse Lookup from enum_dns
2013-02-08 09:50:21 -04:00
Carlos Perez
906585798d
Split of DNS General Info from enum_dns
2013-02-08 09:49:19 -04:00
Carlos Perez
2186db5295
Split of DNS Name Brutforce from enum_dns
2013-02-08 09:48:32 -04:00
sinn3r
39cdb89831
Oh don't be so sensitive about it.
...
Fixnum vs String
2013-01-31 15:04:13 -06:00
Meatballs
edc61a1986
Repull
2013-01-31 20:02:10 +00:00
sinn3r
c174e6a208
Correctly use normalize_uri()
...
normalize_uri() should be used when you're joining URIs. Because if
you're merging URIs after it's normalized, you could get double
slashes again.
2013-01-30 23:23:41 -06:00
sinn3r
690ef85ac1
Fix trailing slash problem
...
These modules require the target URI to be a directory path. So
if you remove the trailing slash, the web server might return a
301 or 404 instead of 200.
Related to: [SeeRM: #7727 ]
2013-01-28 13:19:31 -06:00
jvazquez-r7
702638a6a3
final cleanup
2013-01-14 17:36:24 +01:00
Christian Mehlmauer
b11fd48b05
implemented juans feedback
2013-01-14 17:06:52 +01:00
Christian Mehlmauer
8b85f7d977
fix msftidy
2013-01-14 14:55:53 +01:00
Christian Mehlmauer
0acbcfd964
fix url path
2013-01-14 14:39:50 +01:00
Christian Mehlmauer
c17ee70e66
Use target_uri for the wordpress url
2013-01-14 14:34:34 +01:00
Christian Mehlmauer
0c95938b1d
Added a request to force db caching
2013-01-13 20:12:37 +01:00
Christian Mehlmauer
27f100d37c
fix email
2013-01-12 14:24:29 +01:00
Christian Mehlmauer
d36c966931
spaces
2013-01-12 14:22:38 +01:00
Christian Mehlmauer
93b5980210
fix
2013-01-12 14:13:54 +01:00
Christian Mehlmauer
0b8094eb5d
w3_total_cache
2013-01-12 14:09:59 +01:00
sinn3r
ef6eec949c
Move impersonate_ssl
...
To 'gather', because it grabs stuff, not scans.
2013-01-11 17:22:27 -06:00
Christian Mehlmauer
e4a6669927
msftidy: remove $Revision$
2013-01-03 01:05:45 +01:00
Christian Mehlmauer
95948b9d7c
msftidy: remove $Revision$
2013-01-03 00:58:09 +01:00
Christian Mehlmauer
ca890369b1
msftidy: remove $Id$
2013-01-03 00:54:48 +01:00
sinn3r
b0e4931de8
When 'credentials' is empty, it is empty.......
2012-11-29 10:22:20 -06:00
sinn3r
b3a473aec0
Forgot to remove this option
2012-11-28 18:48:33 -06:00
sinn3r
0415d31c61
Update description
2012-11-28 16:07:21 -06:00
sinn3r
52c2437d5a
Add OSVDB-83199 as a cred collecting aux module
...
From #1102
2012-11-28 15:56:13 -06:00
Michael Schierl
e9f7873afc
Version cleanup
...
Remove all values that are neither 0 nor $Revision$.
2012-10-22 20:57:02 +02:00
Cristiano Maruti
8fce975593
Aux module raise an error because Report module is not included in the source
2012-09-05 10:38:36 +02:00
Tod Beardsley
c7de73e7bf
Clean up SVN metadata
2012-09-04 19:36:10 -05:00
Tod Beardsley
7b8ab53661
Use :unique_data option for dns.enum reporting
...
Otherwise, you will only report the last thing that comes through on
that host for the dns.enum note type.
2012-09-04 19:32:29 -05:00
Daniel Miller
6db09ba20c
Key notes on nameserver IP, not discovered IP
2012-08-16 21:31:23 -05:00
Daniel Miller
7005216d1f
Fix axfr support for auxiliary/gather/enum_dns
...
AXFR support in net-dns is broken. This fixes it, and makes the
requisite modifications to enum_dns module. Basic problem is that AXFR
responses consist of a chain of DNS replies, not a single reply with
multiple answers. Previously, only the first of these replies, the SOA
record, was returned. Also added some exception handling to avoid
problems like #483 .
2012-08-16 20:40:24 -05:00
Daniel Miller
0311caf4df
Alternate means of looking up NS IP
...
Sometimes a nameserver won't have an A record for its own name. Check
for this and fall back to using the system resolver via
Rex::Socket.gethostbyname. Example:
$ dig +short zonetransfer.me NS
ns12.zoneedit.com.
ns16.zoneedit.com.
$ dig +short @ns12.zoneedit.com ns12.zoneedit.com A
$ dig +short @ns16.zoneedit.com ns12.zoneedit.com A
$ dig +short @ns16.zoneedit.com ns16.zoneedit.com A
$
Also removed an extra A lookup that was unnecessary.
2012-08-16 11:48:37 -05:00
sinn3r
c0bf362084
Fix the fix for enum_dns
2012-06-18 18:37:56 -05:00
RageLtMan
c68476cce2
Add DNS/TCP to enum_dns
2012-06-18 10:47:03 -04:00
Tod Beardsley
7bb3679fef
Errors are different from mere failures (enum_dns)
...
This makes a clear distinction between errors and failures when
performing zone transfers, and logs accordingly.
[See #483 ]
2012-06-15 18:11:25 -05:00
Tod Beardsley
5a49ac50f1
Shorten option description on enum_dns
2012-06-15 10:33:49 -05:00
sinn3r
3f0431cf51
Massive whitespace destruction
...
Remove whitespace found at the end of the line
2012-06-06 00:36:17 -05:00
sinn3r
c30af98b53
Massive whitespace destruction
...
Remove all the lines that have nothing but whitespace
2012-06-06 00:22:36 -05:00
sinn3r
0fcc53b0a2
Handle nil for get_once
2012-06-04 15:31:10 -05:00
sinn3r
babababeb1
1. Fix enum_dns: .txt is not (or no longer a method)
...
2. Patch snmp_enum: bug #6500
2012-05-04 13:23:27 -05:00