d73531c0d3
added disclosure dates
2016-09-13 20:37:04 -04:00
4d49f7140c
update links and CVE on webnms_file_download
2016-09-13 18:50:53 +01:00
8b90df8b67
update links and CVE on webnms_cred_disclosure
2016-09-13 18:49:58 +01:00
226ded8d7e
Land #6921 , Support basic and form auth at the same time
2016-08-25 16:31:26 -05:00
eb73a6914d
replace old rex::ui::text::table refs
...
everywhere we called the class we have now rewritten it
to use the new namespace
MS-1875
2016-08-10 13:30:09 -05:00
de16a6d536
Land #7182 , Nuuo / Netgear Surveillance admin password reset module
2016-08-08 16:10:30 -05:00
7ca7682d17
Fix whitespace error from msftidy
2016-08-08 17:57:03 +01:00
106f26587e
Add bugtraq reference
2016-08-05 21:52:46 +01:00
036d0502db
Add github link
2016-08-04 17:38:45 +01:00
ec67db03f1
add exploit for CVE 2016-5676
2016-08-04 16:56:16 +01:00
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e02167b1d9596c7
2016-07-15 12:00:31 -05:00
9862a2fc25
Land #7080 , Updated docs and made enhancements for Netgear soap password extractor
2016-07-13 14:30:46 -07:00
2b016e0216
Land #6812 , remove broken OSVDB references
2016-07-11 22:59:11 -05:00
963437d5e7
Land #7063 , Add module for WebNMS 5.2 Arbitrary File Download
2016-07-11 10:05:21 -07:00
c2a5da08af
Land #7064 , Add moule to steal creds from WebNMS 5.2
2016-07-11 06:38:50 -07:00
fdce5bc30c
add disclosure date
2016-07-09 09:30:00 -04:00
bbe4162320
Added error checking and some suggested style changes
2016-07-08 08:27:56 -07:00
09dcd1dade
Added version check and error handling, changed regex to ruby syntax.
...
Also made a few syntax changes to placate rubocop.
2016-07-07 10:35:18 -07:00
892f354ece
give me some credit
2016-07-06 21:39:45 -04:00
47cf6d5edf
better docs, extract more data
2016-07-06 21:28:57 -04:00
ec4769fade
Create exploit for WebNMS credential disclosure
2016-07-04 21:15:15 +01:00
05ef5316df
Create exploit for WebNMS arbitrary file download
2016-07-04 21:10:14 +01:00
844c13dc17
added new vuln device to netgear list, plus docs
2016-07-01 18:32:30 -04:00
14adcce8bf
Missed the HTTPUSERNAME fix
2016-05-27 18:37:04 -05:00
61f9cc360b
Correct casing - should be HttpUsername and HttpPassword
2016-05-27 18:31:54 -05:00
4dcddb2399
Fix #4885 , Support basic and form auth at the same time
...
When a module uses the HttpClient mixin but registers the USERNAME
and PASSWORD datastore options in order to perform a form auth,
it ruins the ability to also perform a basic auth (sometimes it's
possible to see both). To avoid option naming conflicts, basic auth
options are now HTTPUSERNAME and HTTPPASSWORD.
Fix #4885
2016-05-27 16:25:42 -05:00
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
2016-03-07 13:19:55 -06:00
44990e9721
Revert "change Metasploit4 class names"
...
This reverts commit 3da9535e22
2016-03-07 13:19:48 -06:00
3da9535e22
change Metasploit4 class names
2016-03-07 09:57:22 +01:00
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
53ff3051e1
Land #6531 , NETGEAR ProSafe Network Management System 300 auth'd File Download
2016-02-26 10:53:16 -06:00
bc050410a6
Allow max traversal depth as an option, and report cred
2016-02-26 10:52:30 -06:00
5710c85a9e
Style changes
2016-02-23 15:15:57 +07:00
b64294abc9
Create file for CERT VU 777024 (auth download)
2016-02-04 07:57:48 +08:00
8094eb631b
Do the same for aux modules
2016-02-01 16:06:34 -06:00
283cf5b869
Update msftidy to catch more potential URL vs PACKETSTORM warnings
...
Fix the affected modules
2015-12-24 09:12:24 -08:00
27a6aa0be1
Fix current msftidy warnings about PACKETSTORM vs URL
2015-12-24 09:05:02 -08:00
93a4fd0ee4
Minor edits
2015-12-02 15:43:11 -06:00
581ea89f7f
fix nil error
2015-12-02 11:19:08 +01:00
f06e4f3dbd
make this module work with other languages too
2015-12-02 11:14:10 +01:00
1a4b91e33e
unzip backup file
2015-12-02 11:01:56 +01:00
217374d1c0
add limesurvey file download
2015-12-02 00:06:13 +01:00
a71d7ae2ae
Land #6089 , @jvazquez-r7 Fix HTTP mixins namespaces
2015-11-05 16:56:41 -06:00
e7d6493311
Replace links
2015-10-28 10:45:02 -05:00
154fb585f4
Remove bad references (dead links)
...
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
4517270627
Fix modules using Msf::HTTP::JBoss
2015-10-15 11:49:15 -05:00
cf9ddbb701
Update moduels using Msf::HTTP::Wordpress
2015-10-15 11:47:13 -05:00
d334dc237f
Update kaseya_master_admin.rb
2015-10-02 13:21:28 +01:00
1b21cd9481
Do code cleanup
2015-10-01 13:37:18 -05:00
8af5a8e310
Create exploit for Kaseya privilege escalation
2015-09-29 11:51:21 +01:00
4561850055
Use metasploit-credential API instead of report_auth_info
2015-07-22 01:11:43 -05:00
4cacbcc4f7
Minor fixups on sysaid modules
...
Edited modules/auxiliary/admin/http/sysaid_file_download.rb first landed
in #5472 , @pedrib's module for SysAid CVE-2015-2996 and CVE-2015-2997
Edited modules/auxiliary/admin/http/sysaid_sql_creds.rb first landed in
2015-07-20 16:19:21 -05:00
29718ce4e1
Land #5474 , @pedrib's module for sysaid CVE-2015-2996 and CVE-2015-2998
...
* sysaid SQL database cred disclosure
2015-07-17 12:36:48 -05:00
a54b58fc24
Fix port parsing and cleanup
2015-07-17 12:34:46 -05:00
869ac87b64
Land #5472 , @pedrib's module for SysAid CVE-2015-2996 and CVE-2015-2997
...
* SysAid arbitrary file download
2015-07-17 11:46:00 -05:00
9ac1688eb1
Do code cleanup
2015-07-17 11:45:28 -05:00
ca38fc5518
Update description
2015-07-17 11:08:28 -05:00
50a3a32bfd
Update sysaid_sql_creds.rb
2015-06-20 16:58:42 +01:00
78c2f8a3a3
Update sysaid_sql_creds.rb
2015-06-20 16:57:34 +01:00
11aca8b27a
Update sysaid_file_download.rb
2015-06-20 16:54:33 +01:00
cf8008ed38
Update sysaid_admin_acct.rb
2015-06-20 16:52:13 +01:00
7f35c3b4f5
Update sysaid_sql_creds.rb
2015-06-03 22:00:08 +01:00
54bfe29527
Update and rename sysaid_file_ to sysaid_file_download.rb
2015-06-03 21:59:45 +01:00
42e84cd7d5
Update sysaid_admin_acct.rb
2015-06-03 21:59:04 +01:00
6683b86822
Create sysaid_sql_creds.rb
2015-06-03 21:46:48 +01:00
72b7982e7a
Create sysaid_file_
2015-06-03 21:46:13 +01:00
765077d741
Create sysaid_admin_acct.rb
2015-06-03 21:38:43 +01:00
818dbf58f0
Adding an OSVDB number to the Netgear module
2015-05-28 14:37:39 -05:00
95b5ff6bea
Minor fixups on recent modules.
...
Edited modules/auxiliary/admin/http/netgear_soap_password_extractor.rb
first landed in #5301 , @m-1-k-3's aux module to extract passwords from
Netgear soap interfaces
Edited modules/auxiliary/scanner/http/influxdb_enum.rb first landed in
Edited modules/auxiliary/scanner/http/title.rb first landed in #5333 ,
HTML Title Grabber
Edited modules/exploits/multi/browser/adobe_flash_uncompress_zlib_uaf.rb
first landed in #5401 , multi-platform CVE-2015-0311 - Flash uncompress()
UAF
Edited modules/exploits/unix/webapp/wp_revslider_upload_execute.rb first
landed in #5290 , Wordpress RevSlider Module
2015-05-26 17:00:10 -05:00
04fa626eab
Save credentials as UNTRIED
2015-05-15 14:58:55 -05:00
16c3bf91a1
Do code cleanup
2015-05-15 14:46:34 -05:00
0a4554a204
reporting included, extract device details
2015-04-28 13:01:51 +02:00
ce697ee44c
netgear soap password extractor
2015-04-27 17:56:30 +02:00
0e186fa617
first fail_with fixes
2015-04-16 21:08:33 +02:00
831a59b10b
Fix whitespace
2015-04-08 16:09:28 -05:00
52f1b95222
Add disclosure link
2015-04-08 16:07:33 -05:00
7ed1655976
Adding module for R7-2015-01
...
Disclosure coming soon, will update this module with a pointer to the
correct reference.
2015-04-08 12:34:31 -05:00
4bd40fed7f
yard doc and comment corrections for auxiliary
2015-04-03 16:12:23 +05:00
d1318d1b48
Fixups for release
2015-03-31 11:02:12 -05:00
7a0fe05803
Add CVE-ID to module references
2015-03-24 22:30:43 +00:00
7bf00f8f47
Land #4789 , @rastating WPLMS wordpress module
2015-03-24 20:46:38 +01:00
349d7cb9ee
Do minor cleanup
2015-03-20 18:20:45 -05:00
3b21de3906
Add WPVDB reference
2015-02-26 13:37:23 +00:00
e2dfdd60c0
Update version range
2015-02-25 19:11:15 +00:00
242d3b8680
Add WP EasyCart privilege escalation module
2015-02-24 21:11:22 +00:00
61bdd58fbe
Fix required flag on options
2015-02-22 16:20:47 +00:00
37a55cce74
Abstracted version comparison code
2015-02-22 16:20:46 +00:00
31cdd757f6
Add WordPress WPLMS privilege escalation module
2015-02-22 16:20:46 +00:00
036cb77dd0
Land #4709 , fixed up some datastore mangling
2015-02-05 21:22:38 -06:00
c633c710bc
Mostly caps/grammar/spelling, GoodRanking on MBAM
2015-02-05 12:36:47 -06:00
c22865fb71
Fix nexpose_xxe_file_read datastore
2015-02-05 02:53:00 -06:00
c0e1440572
Land #4685 , @FireFart's module for Wordpress Platform Theme RCE
2015-02-03 17:35:59 -06:00
d0cf316758
Land #4659 , @pedrib's ManageEngine directory listing module
2015-02-01 14:19:46 -06:00
128ca47aa7
Fix banner
2015-02-01 14:19:03 -06:00
361aaa7551
Fix banner
2015-02-01 14:16:09 -06:00
39a25fc549
Update manageengine_file_download.rb
2015-02-01 10:49:48 +00:00
e9b5aa94c3
Add OSVDB id and full disclosure URL
2015-02-01 10:49:11 +00:00
2c956c0a0f
add wordpress platform theme rce
2015-01-31 22:02:44 +01:00
h00die
Pedro Ribeiro
Pearce Barry
David Maloney
wchen-r7
Brent Cook
thao doan
Brendan
h00die
Christian Mehlmauer
James Lee
Jon Hart
dmohanty-r7
jvazquez-r7
Tod Beardsley
m-1-k-3
William Vu
root
rastating