Commit Graph

3753 Commits (1e90a8004d6960ec69f8e70cb055d69464cf9ea1)

Author SHA1 Message Date
root 245c76374d Update nessus_xmlrpc_logic to use the new creds API 2015-06-08 14:40:15 +05:00
HD Moore 135958a225 Cleanup the udp_(sweep|probe) SNMP generators 2015-06-06 00:54:08 -05:00
HD Moore 6b05302059 Fixes #5459, refactors LoginScanner::SNMP 2015-06-06 00:50:55 -05:00
root 3ec6d9b7aa Update owa_login to use new cred API 2015-06-05 15:41:07 +05:00
root b6936febbe Update pcanywhere_login to use the new cred API 2015-06-05 12:16:00 +05:00
wchen-r7 874e090aa1 Update wordpress_login_enum to use the new cred API 2015-06-04 18:16:14 -05:00
John Sherwood d3c3741478 Use run_host so that we can use THREADS
- The refactor left the module using run_batch even though the
  features of the code that made this desirable were removed (i.e.,
  it was no longer doing one batch per community string).  By now
  switching back to run_host, we can again take advantage of the
  built-in metasploit multithreading capabilities.

- Also, added back in the display of the result.proof field.  This
  aids in identifying false positives (which have a blank response)
  and is functionality worth keeping.
2015-06-03 18:08:38 -04:00
Roberto Soares b305fa62f4 Changed vprint_error when nothing was downloaded. 2015-06-03 14:46:59 -03:00
Roberto Soares 24ec3b2fb5 Changed vprint_error to fail_with method. 2015-06-03 13:46:59 -03:00
wchen-r7 80c3022dc1 Deprecate cold_fusion_version. Please use coldfusion_version.
auxiliary/scanner/http/cold_fusion_version is deprecated. Please use
auxiliary/scanner/http/coldfusion_version instead.
2015-05-28 15:39:14 -05:00
wchen-r7 2ae9e39719
Land #5376, Report ipmi_dumphashes credentials with create_credential_login 2015-05-27 13:11:07 -05:00
Tod Beardsley 95b5ff6bea
Minor fixups on recent modules.
Edited modules/auxiliary/admin/http/netgear_soap_password_extractor.rb
first landed in #5301, @m-1-k-3's aux module to extract passwords from
Netgear soap interfaces

Edited modules/auxiliary/scanner/http/influxdb_enum.rb first landed in

Edited modules/auxiliary/scanner/http/title.rb first landed in #5333,
HTML Title Grabber

Edited modules/exploits/multi/browser/adobe_flash_uncompress_zlib_uaf.rb
first landed in #5401, multi-platform CVE-2015-0311 - Flash uncompress()
UAF

Edited modules/exploits/unix/webapp/wp_revslider_upload_execute.rb first
landed in #5290, Wordpress RevSlider Module
2015-05-26 17:00:10 -05:00
jvazquez-r7 e1f10772b3
Use create_cracked_credential 2015-05-21 16:30:42 -05:00
Roberto Soares b4a6cdbad0 Remove new line in vprint_line. 2015-05-21 12:33:09 -03:00
Roberto Soares 0135b3639f Add WordPress Simple Backup File Read Vulnerability. 2015-05-21 12:23:24 -03:00
Brent Cook a4df3468de unique: should be update:, include uri in data hash 2015-05-20 16:20:09 -05:00
Brent Cook c85b82e8a7 Merge branch 'master' into land-5358-notes 2015-05-20 16:02:59 -05:00
jvazquez-r7 d564a85f6f
Fix jtr_format 2015-05-18 19:55:48 -05:00
jvazquez-r7 f49362492a
Report hash's username correctly 2015-05-18 19:46:17 -05:00
jvazquez-r7 c6fcb9c6c5
Report credentials with create_credential_login 2015-05-18 19:39:03 -05:00
David Maloney 69a7a89936
use the correct print_error message
vrpint_error feeds through the old authbrute mixin
which does not behave properly anymore. use
print_error instead

5266
2015-05-18 13:51:23 -05:00
David Maloney 09d735e855
remove proof from failure message
the snmp login scanner will only have
proof on success, not on failure. remove it from
the failure message for cleaner formatting

5266
2015-05-18 13:45:01 -05:00
Stuart Morgan 79b9ef008a Bugfix 2015-05-17 13:55:56 +01:00
jvazquez-r7 dd5060e08c
Land #5340, @wchen-r7's change to the symantec_web_gateway_login writing style 2015-05-15 13:18:35 -05:00
jvazquez-r7 cf5fa6752e
Use parenthesis 2015-05-15 13:17:54 -05:00
jvazquez-r7 d05cae5faf
Land #5329, @wchen-r7's add configurable options to jenkins_login 2015-05-15 11:38:21 -05:00
wchen-r7 24a989b8a3
Land #5249, Add Module for Enum on InfluxDB database 2015-05-14 11:22:54 -05:00
wchen-r7 005c36b2a6 If data is empty, don't save (or even continue) 2015-05-14 11:22:10 -05:00
wchen-r7 ac0e4e747a Change writing style of symantec_web_gateway_login 2015-05-13 00:23:37 -05:00
wchen-r7 202c5e0121
Land #5333, HTML Title Grabber 2015-05-12 11:19:06 -05:00
wchen-r7 faec5844cb Some fixes 2015-05-12 11:18:21 -05:00
jvazquez-r7 a5267ab77e
Land #4940, @dnkolegov's modules for F5 BIG-IP devices 2015-05-12 09:59:21 -05:00
Stuart Morgan f0048b9a6d Apparently you don't quote the keys with the new syntax 2015-05-12 11:00:18 +01:00
Stuart Morgan 7c81adbd89 MSFTidy is now quiet and happy 2015-05-12 10:47:49 +01:00
Stuart Morgan 1f6bd3e2be Updated to new ruby hash syntax and removed <> from title 2015-05-12 10:43:32 +01:00
Stuart Morgan 518e28674e Removed CGI dependency (@hmoore-r7, @wchen-r7) 2015-05-11 21:10:18 +01:00
Stuart Morgan 78e310562b Readability style change 2015-05-11 19:48:12 +01:00
Stuart Morgan 8e3d803e74 Updated style as per @void-in's comments 2015-05-11 19:46:10 +01:00
Stuart Morgan 62d67469da Updated code style as per @hmoore-r7's instructions 2015-05-11 19:34:23 +01:00
Stuart Morgan b8f7c80fd2 Rubocop 2015-05-11 18:50:03 +01:00
Stuart Morgan 8308c2a925 Added check for nonsensical options 2015-05-11 18:48:55 +01:00
Stuart Morgan 99133deabb Reran tests, sorted out strip problem 2015-05-11 18:29:44 +01:00
Stuart Morgan c25a5d3859 Fixed a bunch of rubocop errors 2015-05-11 18:14:37 +01:00
Stuart Morgan 34cf90af59 Removed unnecessary include 2015-05-11 17:31:31 +01:00
Stuart Morgan c001f014ce HTML Title Grabber 2015-05-11 17:29:22 +01:00
wchen-r7 d8cc2c19d3 Fix #5315, User configurable options for jenkins_login
Fix #5315. This patch allows the user to configure the HTTP method
for the login, as well as the URL.
2015-05-11 10:15:49 -05:00
Denis Kolegov efb226a55c Fixed some minor errors 2015-05-10 02:59:57 -04:00
jvazquez-r7 a8adcda941
Redo port checks 2015-05-08 15:29:30 -05:00
jvazquez-r7 156aac1dff
Use timeout options 2015-05-08 15:23:08 -05:00
jvazquez-r7 bf9ca1f88f
Change module filename 2015-05-08 15:08:59 -05:00
jvazquez-r7 f56115552f
Do code cleanup 2015-05-08 14:56:39 -05:00
jvazquez-r7 b73241882b
Use datastore option 2015-05-08 14:48:19 -05:00
jvazquez-r7 b5f5bacb8c
Use the connect/read timeout as used by the HTTPClient mixin 2015-05-08 14:46:08 -05:00
jvazquez-r7 9fdbfd7031
Use vprint_error 2015-05-08 14:21:36 -05:00
jvazquez-r7 017ae463ed
Fix description style 2015-05-08 14:18:29 -05:00
void-in a7988f9e93 Change credentials to service:service 2015-05-08 22:52:59 +05:00
William Vu 508574970c
Land #5307, Brocade login scanner resurrection 2015-05-07 22:43:39 -05:00
William Vu 8d3737d13c Fix some stylistic issues 2015-05-07 22:43:23 -05:00
Tod Beardsley e8913e5620
Addressed most of @wvu's issues with #5312 2015-05-06 14:47:08 -05:00
Tod Beardsley f423306b6f
Various post-commit fixups
Edited modules/auxiliary/dos/http/ms15_034_ulonglongadd.rb first landed
in #5150, @wchen-r7's DOS module for CVE-2015-1635 HTTP.sys

Edited modules/auxiliary/gather/apple_safari_ftp_url_cookie_theft.rb
first landed in #5192, @joevennix's module for Safari CVE-2015-1126

Edited modules/auxiliary/gather/java_rmi_registry.rb first landed in

Edited modules/auxiliary/gather/ssllabs_scan.rb first landed in #5016,
add SSL Labs scanner

Edited modules/auxiliary/scanner/http/goahead_traversal.rb first landed
in #5101, Add Directory Traversal for GoAhead Web Server

Edited modules/auxiliary/scanner/http/owa_iis_internal_ip.rb first
landed in #5158, OWA internal IP disclosure scanner

Edited modules/auxiliary/scanner/http/wp_mobileedition_file_read.rb
first landed in #5159, WordPress Mobile Edition Plugin File Read Vuln

Edited modules/exploits/linux/http/multi_ncc_ping_exec.rb first landed
in #4924, @m-1-k-3's DLink CVE-2015-1187 exploit

Edited modules/exploits/unix/webapp/wp_slideshowgallery_upload.rb first
landed in #5131, WordPress Slideshow Upload

Edited modules/exploits/windows/local/run_as.rb first landed in #4649,
improve post/windows/manage/run_as and as an exploit

(These results courtesy of a delightful git alias, here:

```
  cleanup-prs = !"for i in `git status | grep modules | sed
s/#.*modules/modules/`; do echo -n \"Edited $i first landed in \" && git
log --oneline --first-parent $i | tail -1 | sed 's/.*Land //' && echo
''; done"

```

So that's kind of fun.
2015-05-06 11:39:15 -05:00
Brent Cook 93c785560b remove brocade_telnet scanner, extend telnet
Rather than duplicate the entire telnet scanner, add a pre-login hook that a
module can use to extend the behavior on connect. This also adds a local
pass-through print_error method like http has.
2015-05-05 21:19:46 -05:00
Mike dc053aeb58 Spelling Fix
s/Brocde/Brocade/ as per bcook-r7
2015-05-05 21:16:24 -05:00
root fc1c0028a8 moved array definition to avoid error 2015-05-05 21:16:23 -05:00
root 7949daf42b brocade_enable_login msftidy success 2015-05-05 21:16:23 -05:00
root 6b5aaa5479 brocade enable command bruteforcer 2015-05-05 21:16:23 -05:00
Denis Kolegov 7fb99cdaaf Merged fixed conflicts 2015-05-02 05:37:36 -04:00
Denis Kolegov f95774c6b4 Fixed bugs 2015-05-02 05:09:03 -04:00
jvazquez-r7 93ac8b48e3
Land #5178, @jboss_vulnscan check for console default admin
* And minor fixes
2015-05-01 17:38:20 -05:00
jvazquez-r7 697c6c20cb
Do minor cleanup 2015-05-01 17:37:45 -05:00
jvazquez-r7 c6806b4e5f
Land #5102, @wchen-r7's ManageEngine Desktop Central Login Utility 2015-05-01 15:20:21 -05:00
jvazquez-r7 b037560c90
Do minor style fixes 2015-05-01 15:01:13 -05:00
James Lee ee5dc1d6e4
Land #5277, typo in telnet_encrypt_overflow 2015-04-30 10:44:55 -05:00
Brent Cook 4c9f44b00c
Revert "Land #4888, @h00die's brocade credential bruteforcer"
There were some issues with this module that caused backtraces when run outside
of msfconsole. Reverting it for now so we can add some specs and ensure that it
works like the other login scanners.
2015-04-29 15:36:03 -05:00
William Vu 9b17191e48 Remove unnecessary {,dis}connect 2015-04-28 15:09:16 -05:00
William Vu 28e661e204 Fix false positive in POODLE scanner
If SSL is false somehow.
2015-04-28 14:19:48 -05:00
Christian Mehlmauer 7523e592d2
Land #5198, WordPress contus video gallery 2.7 scanner 2015-04-27 23:24:57 +02:00
Brandon Perry 7a2084cdc5 Rename wordpress_contus_video_gallery_sqli.rb to wp_contus_video_gallery_sqli.rb 2015-04-26 16:54:21 -05:00
m-1-k-3 b330b1d41c typo in title of telnet_encrypt_overflow.rb 2015-04-26 02:32:14 +02:00
Roberto Soares c41c7a1ba2 Rewrote the conditions of res. 2015-04-25 17:18:38 -03:00
Roberto Soares d01da0c522 Changed if conditions and exception handling 2015-04-25 15:08:36 -03:00
Roberto Soares 3a84396f32 Removed authorization header. 2015-04-25 14:30:21 -03:00
Roberto Soares b810a96dac Add Module for Enum on InfluxDB database. 2015-04-25 04:41:33 -03:00
Brent Cook ff96101dba
Land #5218, fix #3816, remove print_debug / DEBUG 2015-04-24 13:41:07 -05:00
jvazquez-r7 896d6e8cb7
Fix title 2015-04-24 11:09:39 -05:00
jvazquez-r7 7af6f31c3a
Fix message 2015-04-24 11:08:00 -05:00
jvazquez-r7 5ca6fe3cb0
Do code cleanup 2015-04-24 11:07:13 -05:00
Roberto Soares e51897d64e Filepath option 2015-04-24 04:35:59 -03:00
Roberto Soares 7b0b59b5f6 Add WordPress GI-Media Library Plugin File Read. 2015-04-24 04:24:16 -03:00
Brandon Perry e9f8b25987 Update wordpress_contus_video_gallery_sqli.rb
Update to use the Wordpress mixin
2015-04-22 14:43:55 -05:00
Brandon Perry 26d208f089 Update wordpress_contus_video_gallery_sqli.rb
remove 'uri'
2015-04-22 14:42:03 -05:00
Brent Cook 3963289519
Land #4888, @h00die's brocade credential bruteforcer 2015-04-21 18:27:03 -05:00
Mike 3a1778ef7c Spelling Fix
s/Brocde/Brocade/ as per bcook-r7
2015-04-21 17:57:36 -04:00
jvazquez-r7 ab94f15a60
Take care of modules using the 'DEBUG' option 2015-04-21 12:13:40 -05:00
jvazquez-r7 4224008709
Delete print_debug/vprint_debug 2015-04-21 11:14:03 -05:00
Brent Cook 073850c5ad
Land #5158, OWA internal IP disclosure scanner 2015-04-21 11:10:39 -05:00
Brent Cook 5296c6507d
Land #5157, OWA login scanner auth timing logs 2015-04-21 11:06:08 -05:00
William Vu 79ca0a56f9
Land #4171, Steam protocol support 2015-04-20 15:35:06 -05:00
Brandon Perry b622aae97f Update wordpress_contus_video_gallery_sqli.rb 2015-04-19 18:24:12 -05:00
Brandon Perry c393f7c398 add contus video gallery scanner 2015-04-19 17:58:08 -05:00
Christian Mehlmauer ed9175d73f
Land #5167, WordPress CP Multi-View Calendar SQLI Scanner 2015-04-19 23:36:23 +02:00
Brandon Perry 8c0bcd2e03 Update wordpress_cp_calendar_sqli.rb
Use the new WPVDB
2015-04-19 16:32:57 -05:00
wchen-r7 4f903a604c Fix #5103, Revert unwanted URI encoding
Fix #5103. By default, Httpclient will encode the URI but
we don't necessarily want that. These modules originally
didn't use URI encoding when they were written so we should
just keep them that way.
2015-04-17 13:59:49 -05:00
Christian Mehlmauer 6653c9e33d
Land #5162, WordPress Dukapress File Read Vulnerability 2015-04-17 11:20:55 +02:00
Christian Mehlmauer 6c77b64dae
wrong method name 2015-04-17 11:20:14 +02:00
Christian Mehlmauer aef464fc2e
Land #5159, WordPress Mobile Edition Plugin File Read Vuln 2015-04-17 11:13:00 +02:00
Christian Mehlmauer 153344a1dd
fix Unkown typo 2015-04-16 23:59:28 +02:00
Roberto Soares ed588e335b Changed the print_error output. 2015-04-16 17:32:59 -03:00
Roberto Soares bf3bdcffb4 Changed the deph value to 7. 2015-04-16 17:30:28 -03:00
Roberto Soares dd474757fe Changed the print_error output. 2015-04-16 17:26:44 -03:00
Roberto Soares f50cedeafd Changed the depth value to 7. 2015-04-16 17:22:49 -03:00
Christian Mehlmauer 0e186fa617
first fail_with fixes 2015-04-16 21:08:33 +02:00
William Vu 1455d4e94d Fix AUTH_TIME 2015-04-16 11:39:33 -05:00
William Vu 7c572777e1 Fix whitespace 2015-04-16 11:34:50 -05:00
William Vu 7a9167b235 Fix comments 2015-04-16 11:34:47 -05:00
Nate Power 9bcc988266 Update owa_login 2015-04-16 11:23:04 -05:00
Brandon Perry 75b88f199a Create wordpress_cp_calendar_sqli.rb 2015-04-16 09:53:00 -05:00
Roberto Soares ecc67b1a57 Fix loot name 2015-04-16 10:42:20 -03:00
Roberto Soares d898af5513 Add check version and removed HttpClient 2015-04-16 10:40:35 -03:00
Roberto Soares 768294710b Add check and removed HttpClient 2015-04-16 10:22:10 -03:00
Roberto Soares 890561bff3 Rewriting the condition 'if' for only one line 2015-04-16 09:23:56 -03:00
Roberto Soares b90ff36ef4 Rewriting the condition 'if' for only one line 2015-04-16 09:15:17 -03:00
Roberto Soares 21e964e699 Add Author and references.. 2015-04-16 07:20:48 -03:00
Roberto Soares f6f4bd0746 Add WordPress Dukapress File Read Vulnerability 2015-04-16 07:17:46 -03:00
Roberto Soares c8e1185a04 Included Wordpress mixin. 2015-04-16 05:02:39 -03:00
William Vu 42ff0decc7
Land #4722, timing options for snmp_login 2015-04-16 02:25:29 -05:00
William Vu 88062a578d Clean up PR 2015-04-16 02:25:06 -05:00
William Vu bec6270f07 Fix regex 2015-04-15 23:47:03 -05:00
William Vu 0a4ab99aa5
Land #5149, couchdb_enum cleanup 2015-04-15 21:50:30 -05:00
William Vu 4410f8da6e Clean up module some more 2015-04-15 21:48:19 -05:00
William Vu 01ae7002cf Fix EOF whitespace 2015-04-15 21:27:53 -05:00
William Vu 20d4d1ce3f Move report_goods before the return 2015-04-15 21:22:41 -05:00
Roberto Soares 0031f09d60 Add author, EDB, WPVDB and fix loot. 2015-04-15 20:03:36 -03:00
Roberto Soares 0f1cf1d1b1 Add Module WP Mobile Edition Plugin File Read Vuln 2015-04-15 19:45:08 -03:00
William Vu 66b7179a97 Rename module to owa_iis_internal_ip 2015-04-15 17:10:01 -05:00
William Vu a109dae033 Fix EOL whitespace 2015-04-15 16:58:59 -05:00
William Vu cc422eeeea Fix splat 2015-04-15 16:58:18 -05:00
Nate Power 34ce4edacb Add exchange_iis_internal_ip 2015-04-15 16:55:19 -05:00
Roberto Soares 1d6300991c Clean the code of the module couchdb_enum. 2015-04-15 02:58:51 -03:00
Tod Beardsley d87483b28d
Squashed commit of the following:
commit 49f480af8b9d27e676c02006ae8873a119e1aae6
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Mon Apr 13 10:42:13 2015 -0500

    Fix funny punctuation on rootpipe exploit title

    See #5119

commit 0b439671efd6dabcf1a69fd0b089c28badf5ccff
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Mon Apr 13 10:37:39 2015 -0500

    Fix vendor caps

    Trusting the github repo README at

    https://github.com/embedthis/goahead

    See #5101
2015-04-13 10:46:47 -05:00
sinn3r 284ef5bbbb
Land #5112, Nessus REST Login Module 2015-04-10 13:32:53 -05:00
root 7810f3d9a3 Add previous nessus_xmlrpc_login file 2015-04-10 12:32:42 +05:00
root bbbd4d3634 change name to keep both XML and REST modules 2015-04-10 12:20:43 +05:00
root b6e750d7eb Nessus auxiliary scanner for updated REST API 2015-04-09 11:36:17 +05:00
sinn3r 1bfda9e78f
Land #5101, Add Directory Traversal for GoAhead Web Server 2015-04-08 15:30:23 -05:00
Brent Cook e03f2df691
Land #5002, RMI/JMX improvements 2015-04-08 15:23:29 -05:00
sinn3r 5f389cf3c2 Add ManageEngine Desktop Central Login Utility 2015-04-08 02:05:56 -05:00
Roberto Soares dc14c770be Changed the traversal variable to just one line 2015-04-08 02:26:59 -03:00
Roberto Soares 441042ed37 Removed the segments variable 2015-04-08 01:29:45 -03:00
Roberto Soares d399d05383 Add Directory Traversal for GoAhead Web Server 2015-04-07 20:22:06 -03:00
Zach Grace 42e82cc644 Rubocop fixes 2015-04-07 18:21:08 -05:00
Zach Grace 7275d5745f Fixes, refactoring and adding JBoss AS default creds scanning 2015-04-07 17:40:25 -05:00
William Vu 56dc7afea6
Land #5068, @todb-r7's module author cleanup 2015-04-03 16:00:36 -05:00
jvazquez-r7 79b2a23dff
Land #5015, @espreto file traversal scanner for RIPS 2015-04-03 15:35:58 -05:00
jvazquez-r7 ce6e5e12d8
Make depth an option 2015-04-03 15:33:27 -05:00
jvazquez-r7 70fad73092
Add metadata 2015-04-03 15:27:28 -05:00
jvazquez-r7 e3bbb7c297 Solve conflicts 2015-04-03 14:57:49 -05:00
root 4bd40fed7f yard doc and comment corrections for auxiliary 2015-04-03 16:12:23 +05:00
Denis Kolegov c9e8f9cbea Add BigIP HTTP VS scanner and fix connection errors 2015-04-03 02:30:03 -04:00
Tod Beardsley 6532fad579
Remove credits to Alligator Security Team
All but one of these modules credits both a team name and individual
team members. We should just be crediting team members. The domain
persists in all the other credits.

The one that didn't was credited to dflah_ specifically, so merely
changed the author name.

Longer description, if needed, wrapped at 72 characters.

[See #5012]
2015-04-02 15:12:22 -05:00
sinn3r a592f645f0
Land #5039, Webdorado gallery wd 1.2.5 unauthenticated SQLi scanner 2015-04-01 14:34:58 -05:00
Brandon Perry e73286cfa5 update stale references 2015-03-30 17:17:48 -05:00
sinn3r 613f4777ce Land #5024, add joomla_ecommercewd_sqli_scanner.rb 2015-03-30 12:45:09 -05:00
Brandon Perry de2bf0181c add first pass at gallerywd sqli scanner 2015-03-28 16:15:51 -05:00
Brandon Perry 9f0483248c add TARGETURI datastore option 2015-03-28 15:46:41 -05:00
Brandon Perry 6ede476423 Update joomla_ecommercewd_sqli_scanner.rb 2015-03-28 08:38:12 -05:00
Brandon Perry 0dbd8544b4 Update joomla_ecommercewd_sqli_scanner.rb 2015-03-27 21:20:59 -05:00
Brandon Perry 31be47d5bc Create joomla_ecommercewd_sqli_scanner.rb 2015-03-27 20:25:33 -05:00
Roberto Soares 3e104fd8e6
Add Directory Traversal for RIPS Scanner 2015-03-27 05:08:43 -03:00
jvazquez-r7 0540e25db2
Calculate the java/rmi/registry/RegistryImpl_Stub hash dinamically 2015-03-25 11:29:07 -05:00
dnkolegov 040a1af9c5 Delete useless ecnryption cookie detection, fix minor issues 2015-03-25 02:34:33 -04:00
Tod Beardsley 49a6057f74
Grammaring harder 2015-03-24 11:10:36 -05:00
dnkolegov ee17d6e606 Deleted spaces at EOL 2015-03-23 04:34:38 -04:00
dnkolegov 2a0deaa6c8 Deleted default options and SYN scan 2015-03-23 04:31:08 -04:00
William Vu 6f51946aa0
Land #4969, GitLab module references 2015-03-20 17:26:51 -05:00
William Vu 99f3de0843 Clean up info hash formatting 2015-03-20 17:26:21 -05:00
jvazquez-r7 1226b3656f
Land #4945, @wchen-r7's login scanner for Symantec web gateway 2015-03-20 14:44:05 -05:00
jvazquez-r7 2f35fcff99
Fix require 2015-03-20 14:43:42 -05:00
Meatballs 8ee520e749
Add reference 2015-03-20 19:17:34 +00:00
sinn3r b19f766728
Land #4942, Gitlab Login Scanner 2015-03-20 13:02:12 -05:00
sinn3r a2ce14a31e
Land #4941, Gitlab Unauth User Enumeration 2015-03-20 12:28:35 -05:00
sinn3r 235124a40a Fix typo 2015-03-20 12:27:23 -05:00
sinn3r 84164b44b2 Should also rescue JSON::ParserError for banner parsing 2015-03-20 12:27:02 -05:00
sinn3r 94ab2f94fd Remove symbols that aren't used
These symbols belong to the AuthBrute mixin, but we are not using
AuthBrute for login testing.
2015-03-19 14:14:01 -05:00
jvazquez-r7 14be07a2c4
Update java_rmi_server modules 2015-03-17 21:29:52 -05:00
jvazquez-r7 1242404085
Delete comment 2015-03-17 14:18:07 -05:00
William Vu d1d6378179
Land #4566, Misfortune Cookie scanner improvements 2015-03-17 12:32:35 -05:00
sinn3r f95b783193 I don't need these eitehr 2015-03-17 11:33:49 -05:00
jvazquez-r7 ebe7ad07b0 Add specs, plus modify java_rmi_server modules 2015-03-17 11:26:27 -05:00
Meatballs e1ebc6c7fe
Update date, remove URL (will replace later) 2015-03-17 12:50:47 +00:00
Meatballs 0cd85cb052
Correct capitilzation of GitLab 2015-03-17 11:33:57 +00:00
Meatballs d18224e3cb
Correct capitilzation of GitLab 2015-03-17 11:32:14 +00:00
Meatballs f4a1e981ab
Add gitlab login scanner 2015-03-17 11:19:23 +00:00
Meatballs 878247f495
Small modifications 2015-03-17 10:03:32 +00:00
Meatballs f1d5d8f1ce
Store to loot as well 2015-03-17 09:55:28 +00:00
Meatballs 9f40826f8e Store creds in database 2015-03-17 09:17:08 +00:00
Meatballs 3830e71257 Catch 7.5 401 2015-03-17 09:17:08 +00:00
Meatballs 1b565b0290 Check revision 2015-03-17 09:17:07 +00:00
Meatballs 7216f2a971 Initial commit 2015-03-17 09:17:07 +00:00
sinn3r 14296826f7 A cleaner way to set datastore options 2015-03-17 03:07:49 -05:00
sinn3r ff58f7d270 Add Symantec Web Gateway Login Module 2015-03-17 02:51:57 -05:00