ddf0636dab
Land #3557 : MQAC arbitrary write priv esc XP SP3
2014-07-24 11:24:56 +10:00
1a4e59e547
Add add-ssh-key subcommand
2014-07-23 17:09:02 -05:00
064d624322
changing Credential == operator
...
it should no longer raise no method errors when comparing a credential to
an object that doesnt respond to public, private, or realm
2014-07-23 16:17:09 -05:00
6c1a3f4992
Merge pull request #3555 from jlee-r7/bug/MSP-10817/jtr-typo
...
Now able to complete without error.
MSP-10817 #land
2014-07-23 15:55:42 -05:00
eee72a86ba
Fix the case when john cracks only half of LM
2014-07-23 15:25:32 -05:00
ffd7d28bc6
Merge pull request #3559 from dmaloney-r7/feature/MSP-10230/snmp_login
...
MSP-10230 #land
2014-07-23 13:59:37 -05:00
41e5e24b19
Update gnome_commander_creds.rb
2014-07-23 20:26:43 +02:00
30c00f4fd6
gnome-commander credentials add
2014-07-23 20:20:29 +02:00
b1d1e4fc04
Merge branch 'staging/electro-release' of github.com:rapid7/metasploit-framework into staging/electro-release
2014-07-23 12:08:56 -05:00
b7d15d0b08
simple fix to mysql loginscanner
...
typo caused connection_timeout default to not get set
2014-07-23 12:07:57 -05:00
4f19a1defa
Add an origin type and actually honor realm
...
Also adds better help text
2014-07-22 19:52:10 -05:00
57839e0f4b
Fix some yardoc issues
2014-07-22 23:26:50 +02:00
b526fc50f8
Refactored jboss mixin and modules
...
Moved VERB option to the mixin. Replaced "if datastore['VERBOSE']"
by vprint_status().
2014-07-22 23:08:42 +02:00
1f007bf3c9
start adding new rpc calls
...
Signed-off-by: David Maloney <DMaloney@rapid7.com>
2014-07-22 15:46:27 -05:00
c1a0f707ef
typos
2014-07-22 22:29:01 +02:00
a338b4a11c
Merge branch 'feature/MSP-10029/core-search' into staging/electro-release
...
Support search
2014-07-22 14:50:38 -05:00
0db3a0ec97
Update code to reflect @jlee-r7's code review
2014-07-22 15:14:24 -04:00
125b2df8f5
Update code to reflect @hdmoore code suggestions
2014-07-22 14:53:24 -04:00
7f79e58e7f
Lots and cleanups based on PR feed back
2014-07-22 14:45:00 -04:00
073a8c5233
redirection returns an URI
2014-07-22 19:55:26 +02:00
a6479a77d6
Implented feedback from @jhart-r7
2014-07-22 19:49:58 +02:00
e54f5e8ee7
working snmp_login module
2014-07-22 12:44:21 -05:00
5d9c6bea9d
Fix a typo and use the execute_shellcode function
2014-07-22 13:06:57 -04:00
469ac30539
Merge branch 'upstream-master'
2014-07-22 11:50:13 -05:00
c553fcac73
start refacotirng snmp_login
2014-07-22 11:46:22 -05:00
0eb4fc0ed1
community string collection
...
add community string collection to handle snmp loginscanner
credentials
2014-07-22 11:44:31 -05:00
e2dd0a35d2
Merge branch 'master' of github.com:shuckins-r7/metasploit-framework
2014-07-22 11:23:19 -05:00
12904edf83
Remove unnecessary target info and add url reference
2014-07-22 11:20:07 -04:00
baff003ecc
extracted check version to module
...
also added some wordpress specs and applied
rubocop
2014-07-22 17:02:35 +02:00
ca0dcf23b0
Add a simple check method for cve-2014-4971
2014-07-22 10:54:10 -04:00
14fa49cdeb
Update spec to handle Mdm::Service#proto sequence
...
MSP-10029
Mdm::Service factories were changed in metasploit_data_models 0.19.0 to
use a sequence that cycles between 'tcp' and 'udp'. To make the spec
clearer, just hard-code the protos under test instead of relying on
default behavior.
2014-07-22 09:47:35 -05:00
6a545c2642
Clean up the mqac escalation module
2014-07-22 10:39:34 -04:00
f3eb708dd1
Update metasploit_data_models and metasploit-credential for tag search
...
MSP-10029
Use metasploit_data_models that supports searching Mdm::Tag and a
compatible metasploit-credential. Needed so
Metasploit::Credential::Core#tags can be searched in Pro.
2014-07-22 09:07:18 -05:00
da4eb0e08f
First commit of MQAC arbitrary write priv escalation
2014-07-22 10:04:12 -04:00
ef12a632f6
Change filename
2014-07-22 08:20:32 -05:00
2013e28608
WIP: First stab at creds add-* subcommands
2014-07-22 02:05:55 -05:00
f8af435df6
Fix version restrictions on metasploit-credential
...
MSP-10029
The '<' version should have been '0.8' and not '0.7.10' because '0.8' is
the next incompatible version number.
2014-07-21 19:44:20 -05:00
addecb6311
Fix running shipped bins by using a config file
...
This should get everything working again.
MSP-10817
2014-07-21 18:26:50 -05:00
917d2c718b
Use All4 instead of LanMan
...
... Which was the original behavior. A full incremental LanMan can take
many hours instead of the few seconds this module was intended to run.
2014-07-21 18:24:35 -05:00
d62b24744c
Moar " -> '
2014-07-21 18:04:36 -05:00
1a157ff803
Change all the " to ' when not interpolating
2014-07-21 18:00:03 -05:00
a2a75ffb03
Fix typo and full path issue
...
Previously, the JtR library was prepending the path to data/john/ for
shipped bins; without it, modules weren't finding the executables.
2014-07-21 17:58:27 -05:00
5190ed750f
This adds the human readable IDs
...
and converts the negative if's into unless.
2014-07-21 17:49:53 -05:00
72c2c07495
Add the specs, really
2014-07-21 17:39:51 -05:00
47d9a30af0
Add specs for Typo3 mixin
2014-07-21 17:39:07 -05:00
ae2cd63391
Refactored Jboss mixin
...
Moved TARGETURI option to the JBoss mixin. The mixin now includes
Msf::Exploit::Remote::HttpClient which provides USERNAME and PASSWORD
2014-07-21 23:41:58 +02:00
9db951cadc
Add sane defaults for HTTP method and path.
2014-07-21 14:57:28 -05:00
1a10b21e7f
Use metasploit-credential with association search
...
MSP-10029
2014-07-21 13:39:17 -05:00
6048f21875
Land #3552 - Correct DbVisualizer title name
2014-07-21 13:07:33 -05:00
73e665b863
Land #3542 - Multi Manage DbVisualizer Query
2014-07-21 13:02:19 -05:00
OJ
James Lee
darkbushido
Samuel Huckins
David Bloom
David Maloney
Christian Mehlmauer
us3r777
Trevor Rosen
Jay Smith
Spencer McIntyre
Luke Imhoff
jvazquez-r7
Brandon Perry
Joe Vennix
sinn3r