a92256e8d1
Clean a10networks_ax_directory_traversal
2014-02-03 08:41:23 -06:00
53c2a737e9
Don't register rport again
2014-01-31 09:42:41 -06:00
452042e757
Land #2925 , @xistence aux module for Support Center Plus traversal
2014-01-31 09:38:01 -06:00
e9f04d9203
Do final cleanup for Support Center Plus module
2014-01-31 09:37:40 -06:00
32c5d77ebd
Land #2918 , @wvu's fix for long argument lists
2014-01-31 08:49:22 -06:00
e81a0ed22b
Changes as requested for SupportCenterPlus module
2014-01-31 13:28:45 +07:00
56287e308d
Clean up unused variables
2014-01-30 11:20:21 -06:00
8ac0ef396e
Added DNS recursion amplification scanner
2014-01-29 14:21:21 +07:00
d3be54fed6
Added Extended SMTP Open Relay aux module
2014-01-29 13:46:54 +07:00
c8296298b3
added A10Networks AX loadbalancer Dir Traversal Auxiliary Module
2014-01-28 16:37:25 +07:00
32d7f15a5c
added ManageEngine Support Center Plus directory traversal auxiliary module
2014-01-28 15:45:23 +07:00
f766a74150
Land #2920 , @wvu-r7's author metadata update for printer aux modules
2014-01-27 13:02:31 -06:00
d19e9307c6
Fix missing colon in :caller_host symbol
...
Good catch, @jvazquez-r7!
2014-01-27 12:43:59 -06:00
0dbaeb6742
Add Matteo's email
2014-01-27 08:40:44 -06:00
f471f50092
ms08_067_check.rb is deprecated.
...
[SeeRM #8755 ]
2014-01-26 12:22:13 -06:00
52371be52a
Clarify why contributors are listed as authors
...
Also adding @mcantoni to the list of authors. Sorry we missed you!
Dear contributors,
Even though we weren't able to use your code, we absolutely appreciate
that you wrote it. That's why we're listing you as authors. Thanks!!!
https://dev.metasploit.com/redmine/issues/6034
https://dev.metasploit.com/redmine/issues/5217
https://dev.metasploit.com/redmine/issues/6864
2014-01-25 18:02:17 -06:00
f18fef1864
Module to HP LaserJet Printer SNMP Enumeration
2014-01-25 15:48:13 +01:00
eaeb2af97f
Use opts hash for h323_version
...
https://dev.metasploit.com/redmine/issues/8498
2014-01-24 20:32:37 -06:00
82bf02910d
Land #2911 , correct author name for PJL credit
2014-01-24 11:00:12 -06:00
fdaa172cc5
Land #2896 , @wchen-r7's check's normalization for auxiliary modules
2014-01-24 08:53:53 -06:00
9ba72ffc71
Remove check support
...
Actually, you can't support check because in check mode the module
doesn't know the IP
2014-01-23 21:30:11 -06:00
dc52d00be6
Modify vmware_http_login to work with check
2014-01-23 21:27:36 -06:00
a67068f019
Correct author name
...
Was using the name quoted in Redmine. Technically, the author is Myo Soe
of the YGN Ethical Hacker Group (YEHG).
2014-01-23 19:09:20 -06:00
f5809423a3
Let's spell right in my spellcheck PR
...
Updates #2900
2014-01-21 15:57:59 -06:00
b3b51eb48c
Pre-release fixup
...
* Updated descriptions to be a little more descriptive.
* Updated store_loot calls to inform the user where the
loot is stored.
* Removed newlines in print_* statments -- these will screw
up Scanner output when dealing with multiple hosts.
Of the fixed newlines, I haven't see any output, so I'm not sure what
the actual message is going to look like -- I expect it's a whole bunch
of newlines in there so it'll be kinda ugly as is (not a blocker for
this but should clean up eventually)
2014-01-21 13:29:08 -06:00
0a8aa07131
Fix check method
...
This isn't a check, so shouldn't be using the check method
2014-01-19 16:47:15 -06:00
a1eba03d1f
Land #2725 - Rex::Proto::PJL plus modules
2014-01-16 15:57:38 -06:00
9bf90b836b
Add environment variables support
2014-01-16 14:53:25 -06:00
311704fc0a
Perform final cleanup
2014-01-15 13:49:37 -06:00
7c52f9b496
Update description to use %q{}
2014-01-13 14:42:25 -06:00
fe6d10ac5d
Land #2852 , @mandreko's scanner for OSVDB 101653
2014-01-13 14:07:07 -06:00
8c3a71a2e7
Clean sercomm_backdoor scanner according to feedback
2014-01-13 13:53:47 -06:00
d69b658de0
Land #2848 , @sho-luv's MS08-067 scanner
2014-01-09 14:39:25 -06:00
fc616c4413
Clean up formatting
2014-01-09 14:16:31 -06:00
93668b3286
Code Review Feedback
...
Made it less verbose, converting to vprint_error
2014-01-09 14:53:33 -05:00
e21c97fd4d
Added missing metadata
...
Add credit where due
Add disclosure date and references
2014-01-09 14:33:54 -05:00
9456d26467
Added Scanner module for SerComm backdoor
2014-01-09 14:25:28 -05:00
7fd4935263
Make the module output prettier
2014-01-09 01:03:01 -06:00
27f079ad7c
Move {begin,end}_job from libs to modules
2014-01-09 01:03:01 -06:00
131bfcaf41
Refactor away leftover get_rdymsg
2014-01-09 01:03:01 -06:00
d3bbe5b5d0
Add filesystem commands and new PoC modules
...
This commit also refactors some of the code.
2014-01-09 01:03:01 -06:00
af66310e3a
Address @jlee-r7's comments
2014-01-09 01:03:01 -06:00
bab32d15f3
Address @wchen-r7's comments
2014-01-09 01:03:00 -06:00
1c889beada
Add Rex::Proto::PJL and PoC modules
2014-01-09 01:03:00 -06:00
a8fcf13972
Added credits and clean initialize
...
Added wvu to creds as he did most of work. ;)
2014-01-08 21:16:09 -05:00
8993c74083
Fix even moar outstanding issues
2014-01-08 19:38:54 -06:00
1dd29d3b64
Fix moar outstanding issues
2014-01-08 18:11:18 -06:00
945a2a296a
Fix outstanding issues
2014-01-08 17:09:41 -06:00
35ac9712ab
Added auxiliary check for MS08_067
...
I simply copied the check from ms08_0867_netapi.rb and put them in
a auxiliary check so I could scan for it. This was done because
Nmap's check is not safe and this is more stable.
2014-01-08 16:41:44 -05:00
90158b9932
Land #2791 , @morisson's support to remote dns resolution on sap_router_portscanner
2014-01-02 12:19:50 -06:00
f75782bc2f
Use RHOST, RPORT for the SAPROUTER options
2014-01-02 12:18:54 -06:00
c34a5f3758
Unacronym the title on Poison Ivy C&C
2013-12-26 10:30:30 -06:00
47765a1c4f
Fix chargen probe title, comment on the CVE
2013-12-26 10:29:11 -06:00
056661e5dd
No at-signs in names please.
2013-12-26 10:26:01 -06:00
b02e21a1d3
Land #2779 , @wchen-r7's mod to raise Msf::OptionValidateError when PORTS is invalid
2013-12-26 09:27:27 -06:00
86a94022c0
Fix lotus_domino_hashes not working.
...
Some Lotus Domino servers prefix the "dspHTTPPassword" with a dollar
sign. Updated regex to take this into account.
2013-12-24 11:57:13 +00:00
213556761a
Land #2765 - Added Poison Ivy Command and Control Scanner
2013-12-23 17:36:18 -06:00
0a07bbdf2e
Minor changes
2013-12-23 17:35:42 -06:00
88b3b2c78e
Switch RHOSTS to TARGETS and add validation
2013-12-23 11:58:26 -06:00
94da642f5c
fixed typo: innacurated -> inaccurate
2013-12-21 20:36:43 +00:00
c387a850ca
Fixed default value for RESOLVE (local)
2013-12-21 19:21:57 +00:00
6ce0bab036
Cleanup, also split IP addresses separated by commas.
2013-12-21 00:15:00 +00:00
bf2dc97595
Merge branch 'poisonivyscanner' of github.com:SeawolfRN/metasploit-framework into poisonivyscanner
2013-12-20 18:46:35 +00:00
ae7a0159e7
Changed to Puts and get_once - also forgot the timeout...
2013-12-20 18:44:42 +00:00
8be481f324
Land #2681 , @mcantoni and @todb-r7's support for chargen
2013-12-20 11:53:08 -06:00
12efa99ce5
Fix udp_sweep
2013-12-20 11:47:48 -06:00
2dc7ef4398
Fix udp_probe
2013-12-20 11:45:27 -06:00
2f34f8458b
Downcase chargen service name
2013-12-20 10:41:53 -06:00
35c847da94
Add chargen to udp_probe and udp_sweep
...
This simplifies the checks considerably for PR #2681 from @mcantoni
2013-12-20 10:32:15 -06:00
eba164d2e3
Clean chargen_probe
2013-12-20 09:10:15 -06:00
6ac0aad38b
Prevent report_* when RESOLVE is remote, since hostname may be unknown and local resolution fail, thus spitting out an error and failing
2013-12-19 23:37:13 +00:00
c881ef5472
Unreachable and time out error identification
2013-12-19 22:59:56 +00:00
a199dc39af
used the recvfrom timeout
2013-12-19 20:56:11 +01:00
773d4c5cd1
commented out response packet vprint
2013-12-19 18:35:11 +00:00
ad8a156263
RHOSTS can be a comma separated list of hostnames
2013-12-19 18:33:32 +00:00
564601e083
msftidy - fixed
2013-12-19 17:30:34 +00:00
2480f023b1
Dropped scanner mixin. Tried to maintain usage
2013-12-19 17:15:44 +00:00
21d959c58d
RESOLVE option takes either "remote" or "local"
2013-12-19 00:38:47 +00:00
1778a08e98
Keeping changes away from the "ip" variable
2013-12-19 00:19:58 +00:00
7ebcd5a8c9
Option to perform host resolution on remote saprouter
2013-12-18 23:53:58 +00:00
ee87f357b0
Raise Msf::OptionValidateError when the PORTS option is invalid
...
Instead of print_error for invalid ports, modules should be raising
Msf::OptionValidateError to warn the user about the invalid input.
2013-12-18 15:04:53 -06:00
4028dcede7
Add an input check for datastore option PORTS
...
If Rex::Socket.portspec_crack returns an empty array, we assume
there are no valid ports to test, so we raise an OptionValidateError
to warn the user about it.
2013-12-18 14:55:51 -06:00
80eea97ccd
ChrisJohnRiley fix for sap_service_discovery
2013-12-17 13:31:56 -06:00
24bc10905e
Added Spaces and removed Interrupt
2013-12-16 22:12:35 +00:00
bf561fef95
Corrected Extraneous Whitespace\Newlines
2013-12-16 16:38:49 +00:00
79022c2e29
Probably should have checked it worked...
2013-12-16 11:33:08 +00:00
59003a9842
Updated Poison Ivy Scanner
2013-12-15 22:02:14 +00:00
226cd241bf
Added Poison Ivy Command and Control Scanner\n Auxiliary module to scan for Poison Ivy C&C on ports 80,8080,443 and 3460
2013-12-15 14:34:50 +00:00
999006e037
fixed some things, as suggested by jvazquez-r7
2013-12-14 19:41:31 +01:00
c59b8fd7bc
Land #2741 , @russell TCP support for nfsmount
2013-12-09 09:46:34 -06:00
291a52712e
Allow the NFS protocol to be specified in the mount scanner
2013-12-09 21:26:29 +11:00
230db6451b
Remove @peer for modules that use HttpClient
...
The HttpClient mixin has a peer() method, therefore these modules
should not have to make their own. Also new module writers won't
repeat the same old code again.
2013-12-03 12:58:16 -06:00
99dc9f9e7e
Fix msftidy warning
2013-12-03 00:09:51 -06:00
e37f7d3643
Use send_request_cgi instead of send_request_raw
2013-12-03 00:57:26 -05:00
14e600a431
Clean up res nil checking
2013-12-03 00:51:19 -05:00
b796095582
Use peer vs. rhost and rport for prints
2013-12-03 00:49:05 -05:00
0480e01830
Account for nil res value
2013-12-03 00:45:57 -05:00
c91d190d39
Add Cisco ASA ASDM Login
2013-12-03 00:16:04 -05:00
55847ce074
Fixup for release
...
Notably, adds a description for the module landed in #2709 .
2013-12-02 16:19:05 -06:00
8d6a534582
Change title
2013-12-02 08:54:37 -06:00
24d09f2085
Land #2700 , @juushya's Oracle ILO Brute Forcer login
2013-12-02 08:53:10 -06:00
bc41120b75
Updated
2013-11-29 12:47:47 +05:30
1109a1d157
Updated
2013-11-28 11:30:02 +05:30
3111aee866
fix match and boolean expression
2013-11-26 21:42:09 +01:00
cc60ca2e2a
Fix module title
2013-11-25 09:33:43 -06:00
cc261d2c25
Land #2670 , @juushya's aux brute forcer mod for OpenMind
2013-11-25 09:29:41 -06:00
e157ff73d3
Oracle ILOM Login utility
2013-11-25 13:55:31 +05:30
dd9bb459bf
PSEXEC Refactor
...
Move peer into mixin
PSEXEC should use the psexec mixin
2013-11-24 16:24:05 +00:00
f3b907537c
Module to identifies open Chargen service
2013-11-23 17:17:24 +01:00
266de2d27f
Updated
2013-11-23 00:01:03 +03:00
b5011891a0
corrected rport syntax
2013-11-21 08:57:45 +03:00
9539972340
Module for OpenMind Message-OS portal login
2013-11-21 06:33:05 +03:00
9f45121b23
Remove EOL spaces
2013-11-20 15:08:13 -06:00
ded56f89c3
Fix caps in description
2013-11-18 16:15:50 -06:00
f690667294
Land #2617 , @FireFart's mixin and login bruteforcer for TYPO3
2013-11-18 13:37:16 -06:00
0391ae2bc0
Delete general reference
2013-11-18 13:19:09 -06:00
1c4dabaf34
Beautify typo3_bruteforce module
2013-11-18 13:17:15 -06:00
b5fc0493a5
Land #2642 - Fix titles
2013-11-18 12:14:36 -06:00
7d22312cd8
Fix redis communication
2013-11-15 19:36:18 -06:00
2c485c509e
Fix caps on module titles (first pass)
2013-11-15 00:03:42 -06:00
970e70a853
Land #2626 - Add wordpress scanner
2013-11-12 11:30:23 -06:00
6a28f1f2a7
Change 4-space tabs to 2-space tabs
2013-11-12 11:29:28 -06:00
2035983d3c
Fix a handful of msftidy warnings, and XXX SSL
...
Marked the SSL stuff as something that needs to be resolved in order to
fix a future bug in datastore manipulation. Also, fixed some whitespace
and exec complaints
[SeeRM #8498 ]
2013-11-11 21:23:35 -06:00
48faa38c44
bugfix for wordpress_scanner
2013-11-11 00:24:32 +01:00
b472c2b195
added a wordpress scanner
2013-11-10 23:08:59 +01:00
bdd33d4daf
implement feedback from @jlee-r7
2013-11-07 23:07:58 +01:00
cc3ee5f97b
typo3_bruteforce: update msf license
2013-11-07 22:53:28 +01:00
e897c8379f
typo3_bruteforce: bugfix
2013-11-07 22:46:26 +01:00
9d616dbfe9
added typo3 bruteforcer
2013-11-07 22:38:27 +01:00
09c31f7582
Small nitpicks to catch bad http responses
2013-11-06 15:06:04 -06:00
91639dbb99
Trailing whitespace
2013-11-06 14:25:28 -06:00
079816777a
I kin spel
2013-11-06 14:22:41 -06:00
6b43d94c72
Rename, change titles/descriptions, fix minor bugs
2013-11-06 13:45:40 -06:00
b9caf091d4
Change supermicro_ipmi_traversal location
2013-11-06 12:47:50 -06:00
c132a60973
Move Supermicro web interface name to a constant
2013-11-06 12:47:50 -06:00
0609c5b290
Move private key to a constant
2013-11-06 12:47:50 -06:00
275fd5e2ba
Sort options by name
2013-11-06 12:47:50 -06:00
9f87fb33a7
Move digest calculation to a variable
2013-11-06 12:47:50 -06:00
46f0998903
Add URL refs
2013-11-06 12:47:50 -06:00
a973862c74
Add new modules
2013-11-06 12:47:50 -06:00
f5d1d8eace
chmod -x .rb files without #! in modules and lib
...
It wasn't just cmdstager_printf.rb. :/
2013-10-30 19:51:25 -05:00
9045eb06b0
Various title and description updates
2013-10-28 14:00:19 -05:00
1fee3ce952
Land #2584 , reporting for energizer_duo_detect
2013-10-28 10:48:20 -05:00
efcfc9eef7
Land #2273 , @kaospunk's enum domain feature for owa_login
2013-10-28 09:47:54 -05:00
71a1ccf771
Clean owa_login enum_domain feature
2013-10-28 09:46:41 -05:00
e0aec13ce1
[FixRM #4397 ] Add reporting for energizer_duo_detect
2013-10-25 16:51:44 -05:00
7d788fbf76
Land #2571 - HP Intelligent Management SOM FileDownloadServlet Arbitrary Download
2013-10-24 14:15:26 -05:00
ea80c15c3b
Land #2383 , @jamcut's aux module for jenkins enum
2013-10-24 11:31:36 -05:00
8428671f32
Land #2455 , @juushya's aux module for radware
2013-10-24 10:54:02 -05:00
1673b66cbe
Delete some white lines
2013-10-24 10:50:14 -05:00
b589e9aa6e
Use the peer method
2013-10-24 10:45:02 -05:00
255cd18868
Use peer helper
2013-10-23 16:08:40 -05:00
55e3f36589
Add module for ZDI-13-242
2013-10-23 11:24:29 -05:00
a4dd53f650
Chane module filename
2013-10-22 11:16:14 -05:00
cdd183f43a
Add reporting
2013-10-22 11:15:16 -05:00
0d73275c3f
Delete not necessary check
2013-10-22 10:39:54 -05:00
c50e7c73b6
Make parsing easier
2013-10-22 10:30:03 -05:00
0cc7be0138
Use snake_case
2013-10-22 10:04:32 -05:00
e4a340b7f1
Fix small issues
2013-10-22 10:02:32 -05:00
a425e2be78
Fix typo
2013-10-22 09:28:43 -05:00
111c12ef0d
Do cosmetic changes
2013-10-22 09:28:15 -05:00
f46cdb8970
Add the correct plate
2013-10-22 09:27:37 -05:00
de0d09886c
Retab changes for PR #2383
2013-10-22 09:26:44 -05:00
0214501891
Merge for retab
2013-10-22 09:22:10 -05:00
5613cfb249
Retab changes for PR #2455
2013-10-21 15:57:23 -05:00
39d38e598d
Merge for retab
2013-10-21 15:55:48 -05:00
2aed8a3aea
Update modules to use new ZDI reference
2013-10-21 15:13:46 -05:00
58a43e87dd
Added fixes suggested by jlee-r7
...
additional code clean up
2013-10-21 14:18:12 -04:00
032da9be10
Land #2426 - make use of Msf::Config.data_directory
2013-10-21 13:07:33 -05:00
09c9cba3d5
Updated code
2013-10-21 19:29:05 +05:30
183116c81f
Make module work, and final cleanup
2013-10-20 18:39:41 -05:00
aa6a24da1b
Add module template
2013-10-19 00:27:57 -05:00
ba2c52c5de
Fixed up some more weird splat formatting.
2013-10-16 16:25:48 -05:00
cc42fbc59e
Added ext .rb
...
... ext .rb why you no save.
2013-10-17 01:40:05 +05:30
f3d4229ed4
Updated code
...
msftidy compliant now. Have run it thru retab.rb, hence the indent like this.
2013-10-17 01:36:26 +05:30
ed0b84b7f7
Another round of re-splatting.
2013-10-15 14:14:15 -05:00
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
d0b1479d5b
Use the real timeout option for DCERPC
2013-10-14 17:41:51 -05:00
e8d0292118
Use read_response class method
...
Looks like this was never implemented in other modules, but it collects
data from the socket in the usual get_once sort of way.
2013-10-14 17:24:22 -05:00
14be85ea5d
Land #2511 , fix up NoMethodError and hanging connx
2013-10-14 16:30:19 -05:00
a3af5d681b
Ensure TCP connection is closed
2013-10-14 21:53:22 +01:00
63e40f9fba
Release time fixes to modules
...
* Period at the end of a description.
* Methods shouldn't be meth_name! unless the method is destructive.
* "Setup" is a noun, "set up" is a verb.
* Use the clunky post module naming convention.
2013-10-14 15:17:39 -05:00
4b4804538f
Fixes issues based on feedback
...
This commit addresses comments made by @jvazquez-r7.
2013-10-14 16:02:29 -04:00
2a1ade2541
Add disclosure date and some explanation about it
2013-10-13 19:29:51 -05:00
e2c5e6c19f
Fix email format
2013-10-13 18:28:35 -05:00
008f787627
Add module for the dlink user-agent backdoor
2013-10-13 14:42:45 -05:00
988ac68074
Dont define the NDR syntax
2013-10-12 19:56:52 +01:00
765b55182e
Randomize client variables
...
Also tidyup indents and use predefined UUID syntax.
2013-10-12 19:52:15 +01:00
cad717a186
Use NDR 32bit syntax.
...
Compatible with both x86 and x64 systems.
Tidy up the module...
2013-10-12 18:52:45 +01:00
876d4e0aa8
Land #1420 , WDS scanner
2013-10-11 16:53:25 -05:00
a1cf9619d9
Be clear this is 64-bit only in the desc.
2013-10-11 16:52:50 -05:00
181606e7cc
Single byte description update. Adds a period.
2013-10-11 15:04:25 -05:00
63349e4664
Add OSVDB and BID references
2013-10-11 09:14:59 -05:00
b26085457f
Trying to prevent @jvazquez-r7 from crying when reading my code:
...
- Documented fields in the several tables;
- Fixed the "remote" field location on the fs_table (changed due to REXML parsing);
- Fixed Total Memory field on os_table (bug?);
2013-10-11 11:29:27 +01:00
9ca9b4ab29
Merge branch 'master' into data_dir
...
Conflicts:
lib/msf/core/auxiliary/jtr.rb
2013-10-10 19:55:26 +01:00
09f0db7fdf
Switch to rexml parsing, add some comments and cleanup
2013-10-10 13:19:10 -05:00
9516bc5cf7
Retab changes for PR #2142
2013-10-10 11:02:51 -05:00
cdc7b75a78
Merge for retab
2013-10-10 11:02:16 -05:00
c264480651
Code cleanup, tried to implement suggestions from @jvazquez-r7. Hopefully is much more readable.
2013-10-10 11:58:33 +01:00
jvazquez-r7
xistence
William Vu
sinn3r
Matteo Cantoni
Tod Beardsley
Matt Andreko
sho-luv
rbsec
Bruno Morisson
SeawolfRN
Russell Sim
Jonathan Claudius
Karn Ganeshen
Meatballs
FireFart
HD Moore
jvazquez-r7
jamcut
kaospunk