b990b14a65
Land #3771 , @us3r777's deletion of jboss_bshdeployer STAGERNAME option
2014-10-27 18:09:35 -05:00
35d3bbf74d
Fix up comment splats with the correct URI
...
See the complaint on #4039 . This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
f45b89503d
change WPVULNDBID to WPVDB
2014-10-03 17:13:18 +02:00
33b37727c7
Added wpvulndb links
2014-10-02 23:03:31 +02:00
4fbab43f27
Release fixes, all titles and descs
2014-10-01 14:26:09 -05:00
b266233e95
fix bug
2014-09-30 00:21:52 +02:00
c51c19ca88
bugfix
2014-09-27 14:56:34 +02:00
9a424a81bc
fixed bug
2014-09-27 13:46:55 +02:00
1c30c35717
Added WordPress custom_contact_forms module
2014-09-27 13:42:49 +02:00
2ae23bbe99
Remove STAGERNAME option
...
This option wasn't really required, the stager can be removed as
soon as the WAR is deployed. This commit does the modifications needed
to remove the stager right after the WAR deployment.
2014-09-09 21:44:08 +02:00
cb490fc00e
[SeeRM #8836 ] Change boot.ini to win.ini
2014-09-04 17:03:21 -05:00
6d9833e32b
Minor pre-release updates with descriptions
2014-08-25 13:34:45 -05:00
03a1f4455d
No need to escape single quotes in %q{} strigns
2014-08-25 13:03:33 -05:00
0737d0dbd5
Refactor auxiliary module
2014-08-22 17:05:45 -05:00
9ef09a7725
Pass msftidy
2014-08-22 13:24:59 -05:00
cd2e225359
Refactored auxilliary jboss_bshdeployer
...
Switch modules/auxiliary/admin/http/jboss_bshdeployer.rb to use the
changes.
2014-08-02 11:10:49 +02:00
9e9244830a
Added spec for lib/msf/http/jboss
...
Also renamed get_undeploy_bsh and get_undeploy_stager to
gen_undeploy_bsh and gen_undeploy_stager to be consistent
with the other functions
2014-07-29 01:57:04 +02:00
cd2ec0a863
Refactored jboss mixin and modules
...
Moved fail_with() from mixin to modules. Added PACKAGE datastore to
lib/msf/http/jboss/bsh.rb.
2014-07-24 22:58:58 +02:00
b526fc50f8
Refactored jboss mixin and modules
...
Moved VERB option to the mixin. Replaced "if datastore['VERBOSE']"
by vprint_status().
2014-07-22 23:08:42 +02:00
ae2cd63391
Refactored Jboss mixin
...
Moved TARGETURI option to the JBoss mixin. The mixin now includes
Msf::Exploit::Remote::HttpClient which provides USERNAME and PASSWORD
2014-07-21 23:41:58 +02:00
088f208c7c
Added auxiliary module jboss_bshdeployer
...
The module allows to deploy a WAR (a webshell for instance) using the
BSHDeployer.
Also refactored modules/exploits/multi/http/jboss_bshdeployer.rb to
use the new Mixin (lib/msf/http/jboss).
2014-07-18 11:51:46 +02:00
8a9c005f13
Add URL
2014-05-20 17:43:07 -05:00
3f3283ba06
Resolved some msftidy warnings (Set-Cookie)
2014-05-12 21:23:30 +02:00
d83f665466
Delete commas
2014-03-25 13:34:02 -05:00
e27adf6366
Fix msftidy warnings
2014-03-25 10:39:40 -03:00
473f745c3c
Add katello_satellite_priv_esc.rb
...
This module exploits a missing authorization vulnerability in the
"update_roles" action of "users" controller of Katello and Red Hat
Satellite (Katello 1.5.0-14 and earlier) by changing the specified
account to an administrator account.
2014-03-24 23:44:44 -03:00
de6be50d64
Minor cleanup and finger-wagging about a for loop
2014-03-03 14:12:22 -06:00
6ba26bf743
Use normalize_uri
2014-02-26 09:35:42 -06:00
582372ec3e
Do minor cleanup
2014-02-26 09:32:11 -06:00
b79197b8ab
feedback included, cleanup, login check
2014-02-26 13:44:36 +01:00
ec8e1e3d6f
small fixes
2014-02-21 21:59:45 +01:00
1384150b7a
make msftidy happy
2014-02-21 21:56:46 +01:00
c77fc034da
linksys wrt120 admin reset exploit
2014-02-21 21:53:56 +01:00
81a3b2934e
Fix prints
2014-01-23 15:33:24 -06:00
1479ef3903
Update typo3_winstaller_default_enc_keys.rb
...
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:08:10 +01:00
0eac17083a
Clean cfme_manageiq_evm_pass_reset
2013-12-18 16:16:32 -06:00
b9a9b90088
Update module to use added bcrypt gem
2013-12-18 16:15:35 -02:00
e20569181b
Remove EzCrypto-related code as per review
2013-12-18 16:15:22 -02:00
ef081cec49
Add missing disclosure date as per review
2013-12-18 15:47:23 -02:00
37826688ce
Add cfme_manageiq_evm_pass_reset.rb
...
This module exploits a SQL injection vulnerability in the "explorer"
action of "miq_policy" controller of the Red Hat CloudForms Management
Engine 5.1 (ManageIQ Enterprise Virtualization Manager 5.0 and earlier)
by changing the password of the target account to the specified
password.
2013-12-09 16:49:07 -02:00
230db6451b
Remove @peer for modules that use HttpClient
...
The HttpClient mixin has a peer() method, therefore these modules
should not have to make their own. Also new module writers won't
repeat the same old code again.
2013-12-03 12:58:16 -06:00
55847ce074
Fixup for release
...
Notably, adds a description for the module landed in #2709 .
2013-12-02 16:19:05 -06:00
20e0a7dcfb
Land #2709 - ZyXEL GS1510-16 Password Extractor
2013-12-02 13:13:01 -06:00
39fbb59ba9
re-added the reference I accidentally deleted
2013-12-02 19:06:19 +01:00
cb98d68e47
added @wchen-r7's code to store the password into the database
2013-12-02 18:35:59 +01:00
8e73023baa
and now in the correct data structure
2013-12-01 17:38:35 +01:00
ef77b7fbbf
added reference as requested at https://github.com/rapid7/metasploit-framework/pull/2709
2013-12-01 17:36:15 +01:00
aa62800184
added ZyXEL GS1510-16 Password Extractor
2013-11-29 10:42:17 +01:00
03838aaa79
Update rails_devise_pass_reset.rb
...
Fixed erroneous status if FLUSHTOKENS is false.
2013-11-27 22:27:45 -06:00
7f8baf979d
Adds the ability to configure object name in URI and XML. This allows exploiting other platforms that include devise.
...
For example, activeadmin is exploitable if running a vulnerable devise and rails version with the following settings;
msf > use auxiliary/admin/http/rails_devise_pass_reset
msf auxiliary(rails_devise_pass_reset) > set RHOST 127.0.0.1
RHOST => 127.0.0.1
msf auxiliary(rails_devise_pass_reset) > set RPORT 3000
RPORT => 3000
msf auxiliary(rails_devise_pass_reset) > set TARGETEMAIL admin@example.com
TARGETEMAIL => admin@example.com
msf auxiliary(rails_devise_pass_reset) > set TARGETURI /admin/password
TARGETURI => /admin/password
msf auxiliary(rails_devise_pass_reset) > set PASSWORD msf_pwnd
PASSWORD => msf_pwnd
msf auxiliary(rails_devise_pass_reset) > set OBJECTNAME admin_user
OBJECTNAME => admin_user
msf auxiliary(rails_devise_pass_reset) > exploit
[*] Clearing existing tokens...
[*] Generating reset token for admin@example.com...
[+] Reset token generated successfully
[*] Resetting password to "msf_pwnd"...
[+] Password reset worked successfully
[*] Auxiliary module execution completed
msf auxiliary(rails_devise_pass_reset) >
2013-11-27 15:35:43 -06:00
84572c58a8
Minor fixup for release
...
* Adds some new refs.
* Fixes a typo in a module desc.
* Fixes a weird slash continuation for string building (See #2589 )
2013-11-04 12:10:38 -06:00
344413b74d
Reorder refs for some reason.
2013-10-30 12:25:55 -05:00
32794f9d37
Move OpenBravo to aux module land
2013-10-30 12:20:04 -05:00
032da9be10
Land #2426 - make use of Msf::Config.data_directory
2013-10-21 13:07:33 -05:00
07ab53ab39
Merge from master to clear conflict
...
Conflicts:
modules/exploits/windows/brightstor/tape_engine_8A.rb
modules/exploits/windows/fileformat/a-pdf_wav_to_mp3.rb
2013-10-17 13:29:24 -05:00
2833d58387
Add OSVDB for vbulletin exploit
2013-10-16 15:01:28 -05:00
3c2dddd7aa
Update reference with a non-plagarised source
2013-10-16 14:44:18 -05:00
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
cad7329f2d
Minor updates to vbulletin admin exploit
2013-10-10 22:09:38 -05:00
4f3bbaffd1
Clean module and add reporting
2013-10-09 13:54:28 -05:00
5c36533742
Add module for the vbulletin exploit in the wild
2013-10-09 13:12:57 -05:00
7ba846ca24
Find and replace
2013-09-26 20:34:48 +01:00
02a073a8fe
Change module filename
2013-09-09 23:30:37 -05:00
64348dc020
Update information
2013-09-09 23:29:48 -05:00
ce769b0c78
Add module for CVE-2013-2641
2013-09-09 13:56:45 -05:00
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
b9360b9de6
Land #2286 , @wchen-r7's patch for undefined method errors
2013-08-26 20:46:05 -05:00
7fad26968c
More fix to jboss_seam_exec
2013-08-26 17:16:15 -05:00
5b4890f5b9
Fix caps on typo3_winstaller module
2013-08-26 14:47:42 -05:00
5993cbe3a8
Fix undefined method error
...
[FixRM #8348 ]
2013-08-21 00:40:38 -05:00
9f98d4afe6
Fix undefined method error
...
[FixRM #8349 ]
2013-08-21 00:38:35 -05:00
4790d8de50
Land #2256 , @wchen-r7's patch for [FixRM #8316 ]
2013-08-19 23:23:57 -05:00
5366453031
[FixRM #8316 ] - Escape characters correctly
...
dots need to be escaped
2013-08-19 16:51:19 -05:00
7fc37231e0
Fix email format
...
Correct email format
2013-08-19 16:34:14 -05:00
f42797fc5c
Fix indentation
2013-08-16 14:19:37 -05:00
f7339f4f77
Cleanup various style issues
...
* Unset default username and password
* Register SSL as a DefaultOption instead of redefining it
* Use the HttpClient mixin `ssl` instead of datastore.
* Unless is better than if !
* Try to store loot even if you can't cleanup the site ID.
2013-08-16 14:03:59 -05:00
dfa1310304
Commas in the author array
2013-08-16 13:54:46 -05:00
24b8fb0d7b
Whitespace retab, add rport 3780 as default
2013-08-16 13:31:05 -05:00
e436d31d23
Use SSL by defailt
2013-08-16 11:32:10 -05:00
60a229c71a
Use rhost and rport, not local host and port
2013-08-16 11:12:39 -05:00
646d55b638
Description should be present tense
2013-08-16 11:06:34 -05:00
f0237f07d6
Correct author and references
2013-08-16 11:04:51 -05:00
46d6fb3b42
Add module for xxe
2013-08-16 10:51:05 -05:00
7e539332db
Reverting disaster merge to 593363c5f with diff
...
There was a disaster of a merge at 6f37cf22eb593363c5f9
2013-07-29 21:47:52 -05:00
47c21dfe85
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-24 11:42:11 -05:00
147d432b1d
Move from DLink to D-Link
2013-07-23 14:11:16 -05:00
4367a9ae49
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-22 15:09:35 -05:00
70900cfe5e
Final cleanup for foreman_openstack_satellite_priv_esc
2013-07-22 14:59:23 -05:00
b6c9fd4723
Add foreman_openstack_satellite_priv_esc.rb
...
This module exploits a mass assignment vulnerability in the 'create'
action of 'users' controller of Foreman and Red Hat OpenStack/Satellite
(Foreman 1.2.0-RC1 and earlier) by creating an arbitrary administrator
account.
2013-07-22 15:24:25 -03:00
7ab4d4dcc4
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-25 17:34:29 -05:00
5c265c99d2
Clean jboss_seam_exec @cmaruti's collab
2013-06-25 14:09:30 -05:00
f78b4d8874
modified according to jvazquez-r7 feedback
2013-06-20 16:29:42 +02:00
4846a680db
modified according to jvazquez-r7 feedback
2013-06-20 16:19:43 +02:00
8e64bf3d16
modified according to jvazquez-r7 feedback
2013-06-20 16:15:28 +02:00
a5332e5ed2
Module was updated to support WebSphere AS running seam-2.
...
msf auxiliary(jboss_seam_exec) > run
[*] Found right index at [0] - getRuntime
[*] Index [1]
[*] Index [2]
[*] Index [3]
[*] Index [4]
[*] Index [5]
[*] Found right index at [6] - exec
[*] Index [7]
[*] Index [8]
[*] Index [9]
[*] Index [10]
[*] Index [11]
[*] Index [12]
[*] Index [13]
[*] Index [14]
[*] Index [15]
[*] Index [16]
[*] Index [17]
[*] Index [18]
[*] Index [19]
[*] Index [20]
[*] Index [21]
[*] Index [22]
[*] Index [23]
[*] Index [24]
[*] Target appears VULNERABLE!
[*] Sending remote command:pwd
[*] Exploited successfully
[*] Auxiliary module execution completed
2013-06-20 12:17:07 +02:00
011b0bb741
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-15 09:07:47 -05:00
649a8829d3
Add modules for Mutiny vulnerabilities
2013-05-15 09:02:25 -05:00
51a532e8b4
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-12 17:39:58 -05:00
feac292d85
Clean up for dlink_dsl320b_password_extractor
2013-05-12 17:35:59 -05:00
ee46771de5
Land #1799 , @m-1-k-3's auth bypass module for Dlink DSL320
2013-05-12 17:34:08 -05:00
e3582887cf
OSVDB, Base64
2013-05-07 08:28:48 +02:00
0f2a3fc2d4
dsl320b authentication bypass - password extract
2013-05-06 14:31:47 +02:00
070fd399f2
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-03-31 20:23:08 +02:00
587170ae52
fixed author details - next try
2013-03-30 12:43:55 +01:00
1d6184cd63
fixed author details
2013-03-30 12:41:31 +01:00
393d5d8bf5
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-03-25 19:09:42 +01:00
fdd06c923a
cleanup for dlink_dir_645_password_extractor
2013-03-25 18:04:12 +01:00
a9a5a3f64f
Merge branch 'dlink-dir645-password-extractor' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink-dir645-password-extractor
2013-03-25 18:02:51 +01:00
0d56da0511
Merge branch 'netgear-sph200d' of github.com:m-1-k-3/metasploit-framework into m-1-k-3-netgear-sph200d
2013-03-25 11:45:40 -05:00
2d5a0d6916
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-03-25 17:08:23 +01:00
98ac6e8090
feedback included
2013-03-24 21:01:30 +01:00
d90de54891
reporting and feedback
2013-03-24 15:00:18 +01:00
9f8ec37060
store loot
2013-03-24 11:48:49 +01:00
71708c4bc3
dir 645 password extractor - initial commit
2013-03-24 11:44:24 +01:00
49ac3ac1a3
cleanup for linksys_e1500_e2500_exec
2013-03-23 23:30:49 +01:00
98be5d97b8
Merge branch 'linksys-e1500-e2500-exec' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-linksys-e1500-e2500-exec
2013-03-23 23:30:14 +01:00
b2bf1df098
fixed encoding and set telnetd as default cmd
2013-03-23 22:56:15 +01:00
47d458a294
replacement of the netgear-sph200d module
2013-03-23 22:40:32 +01:00
270f64acc2
feedback included
2013-03-23 15:54:34 +01:00
dcd2aebdcd
feedback included
2013-03-20 21:34:30 +01:00
44f07cef19
Merge branch 'linksys-e1500-e2500-exec' of https://github.com/m-1-k-3/metasploit-framework
2013-03-20 00:47:31 +01:00
80d218b284
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-03-19 19:55:51 +01:00
9fc0f9a927
initial commit
2013-03-19 17:31:01 +01:00
e5f7c08d6f
Added module for CVE-2012-4940
2013-03-13 11:52:54 +01:00
91fbeda062
up to date
2013-03-12 17:04:27 +01:00
6055438476
up to date
2013-03-12 17:04:27 +01:00
4212c36566
Fix up basic auth madness
2013-03-01 11:59:02 -06:00
ec5c8e3a88
Merge branch 'dlink-dir300-600-execution' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink-dir300-600-execution
2013-02-16 19:12:42 +01:00
c2f8e4adbd
Minor - Note Rails 3.1.11 patch in Description.
2013-02-13 22:30:54 -06:00
d1784babea
little cleanup plus msftidy compliant
2013-02-13 20:24:49 +01:00
0ae473b010
info updated with rails information
2013-02-13 09:52:17 +01:00
f46eda2fa9
Merge branch 'rails_devise_pw_reset' of https://github.com/jjarmoc/metasploit-framework into jjarmoc-rails_devise_pw_reset
2013-02-13 09:51:37 +01:00
799beb5adc
minor cleanup
2013-02-13 01:00:25 +01:00
1d5d33f306
use normalize_uri()
2013-02-12 14:58:07 -06:00
c6a7a4e68d
/URIPATH/TARGETURI/g
2013-02-12 14:50:10 -06:00
c7719bf4cb
Verify response is non-nil.
2013-02-12 13:41:21 -06:00
9e1f106a87
msftidy cleanup
2013-02-12 13:38:58 -06:00
766257d26a
pointed by @m-1-k-3 while working on #1472
2013-02-11 21:21:43 +01:00
5f0a3c6b9e
Removes pry, oops.
2013-02-11 14:02:46 -06:00
753fa2c853
Handles error when TARGETEMAIL is invalid.
2013-02-11 13:58:56 -06:00
61ffcedbfd
Address HD's other comments, fixes mismatched var name in last commit.
2013-02-11 11:17:26 -06:00
e72dc47448
Uses REXML for encoding of password.
2013-02-11 11:12:29 -06:00
43a1fbb6f2
Make msftiday happy.
2013-02-10 21:13:18 -06:00
55cba56591
Aux module for joernchen's devise vuln - CVE-2013-0233
2013-02-10 21:10:00 -06:00
63c6791473
return
2013-02-09 11:17:02 +01:00
6cccf86a00
Merge branch 'master' of git://github.com/rapid7/metasploit-framework into dlink-dir300-600-execution
2013-02-09 11:09:56 +01:00
5357e23675
Fixups to the Linksys module
...
Professionalizes the description a little, but more importantly, handles
LANIP better, I think. Instead of faking a 1.1.1.1 address, just detect
if it's set or not in a method and return the right thing accordingly.
Please test this before landing, obviously. I think it's what's
intended.
2013-02-06 12:46:50 -06:00
faeaa74a49
Msftidy whitespace
2013-02-06 11:06:13 -06:00
43f3bb4fe6
small updates
2013-02-05 13:54:10 +01:00
5ca0e45388
initial commit
2013-02-04 08:44:12 +01:00
2bf2d4d8a4
Merge branch 'netgear_sph200d_traversal' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-netgear_sph200d_traversal
2013-02-03 23:35:29 +01:00
c24c926ffa
add aditional check to detect valid device
2013-02-01 20:55:06 +01:00
996ee06b0f
fix another print_ call
2013-02-01 20:43:54 +01:00
152f397a1f
first module cleanup
2013-02-01 20:38:11 +01:00
988761a6de
more updates, BID, Exploit-DB
2013-02-01 20:18:53 +01:00
fdd5fe77c1
more updates ...
2013-02-01 19:59:19 +01:00
0e22ee73b5
updates ...
2013-02-01 19:26:34 +01:00
c174e6a208
Correctly use normalize_uri()
...
normalize_uri() should be used when you're joining URIs. Because if
you're merging URIs after it's normalized, you could get double
slashes again.
2013-01-30 23:23:41 -06:00
ea5e993bf3
initial
2013-01-29 22:02:29 +01:00
1fc747994e
cleanup for linksys_wrt54gl_exec
2013-01-24 17:50:14 +01:00
3a5e92ba6f
hopefully all fixex included
2013-01-23 12:15:34 +01:00
11c13500be
small fix
2013-01-21 13:41:42 +01:00
62ff52280a
initial linksys OS command injection
2013-01-21 13:19:29 +01:00
33751c7ce4
Merges and resolves CJR's normalize_uri fixes
...
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules
Note that this trips all kinds of msftidy warnings, but that's for another
day.
Conflicts:
modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
modules/exploits/windows/http/xampp_webdav_upload_php.rb
2013-01-07 11:16:58 -06:00
95948b9d7c
msftidy: remove $Revision$
2013-01-03 00:58:09 +01:00
ca890369b1
msftidy: remove $Id$
2013-01-03 00:54:48 +01:00
f88ec5cbc8
Add normalize_uri to modules that may have
...
been missed by PULL 1045.
Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)
ref --> https://github.com/rapid7/metasploit-framework/pull/1045
2012-11-08 17:42:48 +01:00
910644400d
References EDB cleanup
...
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
54ed60e24e
Forgot to remove the second require
2012-09-24 18:50:53 -05:00
6bd450e114
Make Ruby 1.8 happy
2012-09-24 18:49:41 -05:00
6771466cb7
Added module for CVE-2011-2750
2012-09-13 17:24:16 +02:00
b4b860f356
Correct MC's name
2012-08-08 14:16:02 -05:00
f26053c2c3
Add vendor's name in there for easier searching
2012-08-07 12:16:52 -05:00
614ae02a26
Add CVE-2012-2626 Scrutinizer add-user aux mod
2012-08-07 12:13:25 -05:00
e5dd6fc672
Update milw0rm references.
...
milw0rm.com is long gone, so all milw0rm references are just
a bunch of broken links. Change to exploit-db instead.
2012-06-28 14:27:12 -05:00
97974d9241
Shorten title for display
2012-06-27 10:19:46 -05:00
f93658b37a
Minor name change
2012-06-25 15:51:02 -05:00
637edc21ce
Add CVE-2010-2731
2012-06-25 15:48:36 -05:00
302ab963d1
Adding ref for intersil module
2012-06-20 15:05:56 -05:00
e72303a922
Add Intersil HTTP Basic auth pass reset (originally #453 )
...
The modified version of pull request #453 . This addresses a couple
of things including:
* Change the description to better explain what the vulnerability is.
The advisory focuses the problem as an auth bypass, not DoS,
although it can end up dosing the server.
* The title and filename are changed as a result of matching that
advisory's description.
* Use 'TARGETURI' option instead of 'URI'.
* The reset attempt needs to check if the directory actually has
401 in place, otherwise this may result a false-positive.
* The last HTTP request needs to check a possible nil return value.
* More verbose outputs.
2012-06-16 21:14:57 -05:00
01803c4a33
Fix possible nil res. Bug #6939 . Part 1.
2012-06-04 13:11:47 -05:00
3752c10ccf
Adding FireFart's RPORT(80) cleanup
...
This was tested by creating a resource script to load every changed
module and displaying the options, like so:
````
use auxiliary/admin/2wire/xslt_password_reset
show options
use auxiliary/admin/http/contentkeeper_fileaccess
show options
````
...etc. This was run in both the master branch and FireFart's branch
while spooling out the results of msfconsole, then diffing those
results. All modules loaded successfully, and there were no changes to
the option sets, so it looks like a successful fix.
Thanks FireFart!
Squashed commit of the following:
commit 7c1eea53fe3743f59402e445cf34fab84cf5a4b7
Author: Christian Mehlmauer <FireFart@gmail.com>
Date: Fri May 25 22:09:42 2012 +0200
Cleanup Opt::RPORT(80) since it is already registered by Msf::Exploit::Remote::HttpClient
2012-06-02 09:53:19 -05:00
c606896122
Multiple fixes and improvements:
...
* Make session ID configurable based on feature #6894's suggestion.
* Fix a potential bug when res is nil.
* Use print_error() to make the error message more readable.
2012-05-24 02:16:29 -05:00
2f3bbdc00c
Sed replacement of exploit-db links with EDB refs
...
This is the result of:
find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/ \([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
aeb691bbee
Massive whitespace cleanup
2012-03-18 00:07:27 -05:00
7c77fe20cc
Some variables don't need to be in a double-quote.
2012-03-17 20:37:42 -05:00
302853f5a4
Unpolluting SVN Revision keyword
...
Sometimes Revision keywords get expanded, too. Fix those.
2012-03-02 10:18:32 -06:00
3626d48db2
Un-polluting SVN Id keyword
...
Sometimes the SVN Id keyword sneaks back into the github repo already
expanded.
2012-03-02 10:18:32 -06:00
b608aeeeb7
Migrating modules to use report_web_vulns and minor fixes
2012-03-02 10:18:32 -06:00
a2e5a4d9d5
New wmap version 1.5. Plugin and mixin changes. Modules edited to adjust to naming convention
2012-03-02 10:18:31 -06:00
ceb4888772
Fix up the boilerplate comment to use a better url
2012-02-20 19:40:50 -06:00
7b2a1dc791
Repair dead milw0rm link to exploit-db
2011-12-13 16:11:33 -06:00
67120d4263
msftidy on aux modules, see #5749
2011-11-20 13:12:07 +11:00
d75e4aead3
Cosmetic changes
2011-11-10 15:45:02 -06:00
0c36915dae
add osvdb ref
2011-11-10 13:24:26 -06:00
453082678f
Add CVE-2010-1871 (Feature #5922 )
2011-11-10 10:21:17 -06:00
7ffcf62a2e
Add #5364
...
git-svn-id: file:///home/svn/framework3/trunk@14181 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 17:34:42 +00:00
e9461c766e
Msftidy run against a bunch of whitespace violations, a few line too longs.
...
git-svn-id: file:///home/svn/framework3/trunk@13962 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 02:42:01 +00:00
5c41385284
Added aux module trendmicro_dlp_traversal.
...
git-svn-id: file:///home/svn/framework3/trunk@13772 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-22 07:34:53 +00:00
cacc3f237c
Added improvements to this module to use a wordlist of known sensitive files
...
git-svn-id: file:///home/svn/framework3/trunk@13654 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-29 03:13:22 +00:00
d50577066f
remove some silliness of registering UserAgent as an option since it's already an advanced option for HttpClient, make the default obvious
...
git-svn-id: file:///home/svn/framework3/trunk@13394 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-28 22:57:47 +00:00
fb33b0cbfd
Added contentkeeper_fileaccess aux traversal module.
...
git-svn-id: file:///home/svn/framework3/trunk@12288 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-10 15:27:17 +00:00
4590844871
tons of indentation fixes, some other style tweaks
...
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 08:06:27 +00:00
6b1eb27ab5
put scanner modules in the scanner directory
...
git-svn-id: file:///home/svn/framework3/trunk@10210 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-01 01:49:06 +00:00
36bbd6e8b6
coldfusion directory traversal module
...
git-svn-id: file:///home/svn/framework3/trunk@10209 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-01 01:43:48 +00:00
aac956db50
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@10128 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-24 18:22:48 +00:00
bb9be48739
Added tomcat utf8 traversal aux module.
...
git-svn-id: file:///home/svn/framework3/trunk@10104 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-23 16:17:43 +00:00
12fbdcd878
add http_fingerprint calls to modules that use various headers
...
git-svn-id: file:///home/svn/framework3/trunk@9627 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-25 20:53:12 +00:00
0e72894e58
more cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@9212 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-03 17:13:09 +00:00
0ea6eca4bc
big module whitespace/formatting cleanup pass
...
git-svn-id: file:///home/svn/framework3/trunk@9179 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 08:40:19 +00:00
54b276d5e5
Cosmetic
...
git-svn-id: file:///home/svn/framework3/trunk@9009 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-04 16:35:43 +00:00
df55aee06f
add osvdb and cve refs
...
git-svn-id: file:///home/svn/framework3/trunk@8444 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-10 19:35:28 +00:00
40be42676b
new tomcat_mgr_login aux module
...
- uses auth_brute mixin
- has old and new default users/passes/pairs
- replaces older modules/auxiliary/admin/http/tomcat_manager.rb
git-svn-id: file:///home/svn/framework3/trunk@8201 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-22 20:31:51 +00:00
5ebb0c4b38
add CVE, two default users & passwords, see #711
...
git-svn-id: file:///home/svn/framework3/trunk@8194 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-22 16:22:12 +00:00
2283e029db
crossing fingers, big cr removal batch
...
git-svn-id: file:///home/svn/framework3/trunk@8038 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-30 22:24:22 +00:00
5f650c0751
Added HP Web JetAdmin aux command exec module.
...
git-svn-id: file:///home/svn/framework3/trunk@7041 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-19 00:33:44 +00:00
9174bcd0a8
Added iomega_storcentrepro_sessionid aux module.
...
git-svn-id: file:///home/svn/framework3/trunk@6733 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-01 03:55:56 +00:00
37c2e301ed
replacing defunct framework URL in header comments in most modules and pcap_log
...
git-svn-id: file:///home/svn/framework3/trunk@6479 4d416f70-5f16-0410-b530-b9f4589650da
2009-04-13 14:33:26 +00:00
eccfcdfced
Sets svn keywords on modules missing it, tweaks the emailer module
...
git-svn-id: file:///home/svn/framework3/trunk@6407 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-28 06:03:35 +00:00
1d42efd73d
New module from spinbad
...
git-svn-id: file:///home/svn/framework3/trunk@6341 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-15 02:32:34 +00:00
ff8323e6d2
added modules from Matteo Cantoni.
...
git-svn-id: file:///home/svn/framework3/trunk@6170 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-21 12:51:30 +00:00
jvazquez-r7
URI Assassin
Christian Mehlmauer
Tod Beardsley
us3r777
sinn3r
Ramon de C Valle
Michael Messner
Niel Nielsen
Sven Vetsch / Disenchant
Jeff Jarmoc
Jeff Jarmoc
jvazquez-r7
Meatballs
Brandon Perry
Cristiano Maruti
m-1-k-3
sinn3r
David Maloney
Tod Beardsley
m-1-k-3
Chris John Riley
Michael Schierl
Efrain Torres
HD Moore
James Lee
Steve Tornio
Patrick Webster
David Rude
James Lee
Joshua Drake
cg
Mario Ceballos