sinn3r
07c14f5ee8
Land #3388 - Post mod to check Win32_QuickFixEngineering
2014-09-16 16:18:04 -05:00
sinn3r
36a3abe036
Add a reference
2014-09-16 16:17:22 -05:00
jvazquez-r7
80f02c2a05
Make module ready to go
2014-09-16 15:18:11 -05:00
sinn3r
169d04020d
Land #3571 - Add Wordpress XML-RPC Login Scanner (with LoginScanner)
2014-09-16 14:51:24 -05:00
sinn3r
4ed1fa55f5
Don't need this header
2014-09-16 14:50:32 -05:00
William Vu
35b8c2be4b
Land #3800 , release fixes
2014-09-16 14:05:23 -05:00
Joe Vennix
59dfa624c4
Add a REMOTE_JS datastore option for BeEf hooks etc.
2014-09-16 13:31:03 -05:00
sinn3r
3e09283ce5
Land #3777 - Fix struts_code_exec_classloader on windows
2014-09-16 13:09:58 -05:00
sinn3r
158d4972d9
More references and pass msftidy
2014-09-16 12:54:27 -05:00
Tod Beardsley
bd17c96a6e
Dropped a hyphen in the title
2014-09-16 12:47:44 -05:00
Vincent Herbulot
7a7b6cb443
Some refactoring
...
Use EDB instead of URL for Exploit-DB.
Remove peer variable as peer comes from HttpClient.
2014-09-16 17:49:45 +02:00
us3r777
4c615ecf94
Module for CVE-2014-5519, phpwiki/ploticus RCE
2014-09-16 00:09:41 +02:00
jvazquez-r7
7d4c4c3658
Land #3699 , @dmaloney-r7's ipboard login refactor
2014-09-15 08:29:42 -05:00
jvazquez-r7
3a6066792d
Work in rop chain...
2014-09-13 17:38:19 -05:00
jvazquez-r7
83bf220a10
Land #3730 , @TomSellers's post module for Remote Desktop Connection Manager
2014-09-12 15:38:33 -05:00
jvazquez-r7
5da6a450f1
fix find condition
2014-09-12 15:21:50 -05:00
jvazquez-r7
1749fc73c2
Change module filename
2014-09-12 15:05:33 -05:00
jvazquez-r7
95b6529579
Fix run method
2014-09-12 14:27:25 -05:00
jvazquez-r7
373861abb0
Land #3526 , @jhart-r7's soap_xml scanner cleanup
2014-09-12 13:29:52 -05:00
jvazquez-r7
12f949781a
Use double quote for xml strings
2014-09-12 13:18:48 -05:00
jvazquez-r7
67c0ee654b
Use Gem::Version
2014-09-12 10:35:12 -05:00
jvazquez-r7
0d054d8354
Update with master changes
2014-09-12 09:52:32 -05:00
jvazquez-r7
e2ef927177
Add first version for ZDI-14-255
2014-09-12 08:57:54 -05:00
William Vu
60b29cbd5e
Fix word splitting problem
2014-09-12 06:50:53 -05:00
William Vu
8a6a205e39
Land #3724 , NetworkManager creds module
2014-09-12 05:48:35 -05:00
William Vu
131401f024
Remove unused method
2014-09-12 05:48:11 -05:00
Luke Imhoff
706655f755
Land #3779 , Glassfish LoginScanner exception
...
MSP-11343
2014-09-11 15:57:47 -05:00
Tod Beardsley
d2f2b142b4
Land #3760 , Arris WEP/WPA leak from @dheiland-r7
2014-09-11 15:39:19 -05:00
Tod Beardsley
4fc1ec09c7
Land #3759 , Android UXSS, with ref/desc fixes
...
Incidentally, this also closes jvennix-r7#14 (let's see if I can close a
PR by merging from another repo!)
Also fixes #3782 (opened by accident).
2014-09-11 14:27:51 -05:00
Tod Beardsley
fbba4b32e0
Update the title and desc to be more descriptive
...
See #3759
2014-09-11 14:06:14 -05:00
Tod Beardsley
d627ab7628
Add refs for Android UXSS
...
See #3759
2014-09-11 14:05:50 -05:00
James Lee
8aa06b8605
Better api for check_setup
2014-09-10 23:43:54 -05:00
James Lee
c1658e5d51
Add a check_setup method
2014-09-10 20:09:46 -05:00
James Lee
84e4db9035
Don't raise in the middle
...
MSP-11343
This means we don't bomb out with an unhandled exception, instead
continuing attempting logins against the host even though it will never
succeed. Next up: verify state before running scan!()
2014-09-10 20:09:33 -05:00
Deral Heiland
872ba6a53b
Update arris_dg950 module with required changes
...
Collapsed several levels of the if/else statement and changed out 2 with
case. Changed print_good to print_line. Removed rescue ::Interrupt and
altered variable names to make them more readable
2014-09-10 19:07:53 -04:00
jvazquez-r7
373eb3dda0
Make struts_code_exec_classloader to work on windows
2014-09-10 18:00:16 -05:00
Jon Hart
e317bfe0d5
Add preliminary module for discovering services with empty UDP probes
2014-09-10 10:58:22 -07:00
sinn3r
280e16c241
Land #3677 - Updated shodan_search for new API
2014-09-10 11:39:00 -05:00
sinn3r
006393360e
Add conditions to check healthy shodan results
2014-09-10 11:38:06 -05:00
James Lee
257f0fc93e
Quick fix for ssh_login_pubkey
...
Fixes #3772 , closes #3774
2014-09-10 09:57:17 -05:00
Jon Hart
495e1c14a1
Land #3721 , @brandonprry's module for Railo CVE-2014-5468
2014-09-09 19:10:46 -07:00
Jon Hart
26d8432a22
Minor style and usability changes to @brandonprry's #3721
2014-09-09 19:09:45 -07:00
Brandon Perry
db6052ec6a
Update check method
2014-09-09 18:51:42 -05:00
sinn3r
0a6ce1f305
Land #3727 - SolarWinds Storage Manager exploit AND Msf::Payload::JSP
2014-09-09 17:21:03 -05:00
sinn3r
027f543bdb
Land #3732 - Eventlog Analzyer exploit
2014-09-09 11:33:20 -05:00
sinn3r
75269fd0fa
Make sure we're not doing a 'negative' timeout
2014-09-09 11:26:49 -05:00
Joe Vennix
7793ed4fea
Add some common UXSS scripts.
2014-09-09 02:31:27 -05:00
James Lee
b8000517cf
Land #3746 , reinstate DB_ALL_CREDS
2014-09-08 17:24:12 -05:00
David Maloney
2ac15f2088
some fixes based on Christruncer's feedback
...
fixed some stuff i borked, back to you chris
2014-09-08 15:27:01 -05:00
David Maloney
cd3cdc5384
Merge branch 'master' into feature/ipboard-login-refactor
2014-09-08 14:48:37 -05:00
Tod Beardsley
4abee39ab2
Fixup for release
...
Ack, a missing disclosure date on the GDB exploit. I'm deferring to the
PR itself for this as the disclosure and URL reference.
2014-09-08 14:00:34 -05:00
David Maloney
09e6c2f51f
Merge branch 'master' into feature/MSP-11162/db-all-creds
2014-09-08 12:52:25 -05:00
William Vu
ae5a8f449c
Land #3691 , gdbserver hax
2014-09-08 11:48:39 -05:00
Deral Heiland
9a6ee5090a
Add Arris DG950A SNMP data extraction module
...
This module will extract critical data such as WPA and WEP keys from
the Arris DG950a model cable modem via the SNMP protocal.
2014-09-08 11:04:31 -04:00
sinn3r
0ccb39c057
Land #3726 - Fix typos in wordpress login
2014-09-08 09:40:57 -05:00
cx
1b5e40ff78
New Creds model added
2014-09-08 11:42:05 +03:00
Joe Vennix
27889ea411
Add a safety fallback on js load.
2014-09-08 00:46:47 -05:00
Joe Vennix
8407d45c9c
Rework the timers.
2014-09-08 00:40:00 -05:00
Joe Vennix
5c9c8edfcf
Fix refs.
2014-09-07 23:33:45 -05:00
Joe Vennix
5efaf7d4cf
rename module, handle asyncness.
2014-09-07 23:25:08 -05:00
jvazquez-r7
10bb77af9f
Land #3716 , @wchen-r7's Glassfish LoginScanner update
2014-09-07 21:54:34 -05:00
Joe Vennix
1bf89fb6bd
Add Android <= 4.3 AOSP UXSS module.
2014-09-07 20:44:03 -05:00
jvazquez-r7
c86d01a667
Fix win.ini signature
2014-09-07 01:46:38 -05:00
sinn3r
44b9dc9b28
Update tmlisten_traversal
2014-09-06 01:18:11 -05:00
jvazquez-r7
df278dd2dc
Conver to exploit
2014-09-05 14:47:33 -05:00
jvazquez-r7
d4a8b7e00d
Move to exploits
2014-09-05 10:38:28 -05:00
jvazquez-r7
892f72e4ce
Move module path
2014-09-05 10:30:27 -05:00
jvazquez-r7
d041ee6629
Delete exploit modules from this branch
2014-09-05 10:29:24 -05:00
Chris Hebert
abffdd8705
Update alienvault_newpolicyform_sqli.rb
...
cleaned up according to msftidy.rb suggestions
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:17 - [WARNING] Spaces at EOL
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:18 - [WARNING] Tabbed indent: "\tlack of input filtering to read an arbitrary file from the file system.\n"
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:29 - [WARNING] Space-Tab mixed indent: "\t [ 'OSVDB', '106815' ],\n"
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:29 - [WARNING] Tabbed indent: "\t [ 'OSVDB', '106815' ],\n"
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:30 - [WARNING] Space-Tab mixed indent: "\t [ 'EDB', '33317'],\n"
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:30 - [WARNING] Tabbed indent: "\t [ 'EDB', '33317'],\n"
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:110 - [WARNING] Spaces at EOL
2014-09-04 21:46:37 -04:00
Chris Hebert
664cc131e3
Update alienvault_newpolicyform_sqli.rb
...
added 'ctx' variable relating to jvazquez-r7 note added on Jun 9
2014-09-04 21:34:24 -04:00
sinn3r
08ce278cca
Got these wrong
2014-09-04 17:05:51 -05:00
sinn3r
cb490fc00e
[SeeRM #8836 ] Change boot.ini to win.ini
2014-09-04 17:03:21 -05:00
jvazquez-r7
d83131f1d9
Land #3750 , @wvu favoring unless
2014-09-04 16:17:07 -05:00
jvazquez-r7
ff210a7c0a
delete parenthesis
2014-09-04 16:16:29 -05:00
sinn3r
85b48fd437
Land #3736 - Revert initial ff xpi prompt bypass for Firefox 22-27
2014-09-04 16:08:15 -05:00
jvazquez-r7
f063dcf0f4
Land #3741 , @pedrib's module for CVE-2014-5005 Desktop Central file upload
2014-09-04 15:44:21 -05:00
jvazquez-r7
f466b112df
Minor cleaning on check
2014-09-04 15:43:59 -05:00
jvazquez-r7
74b8e8eb40
Change module filename
2014-09-04 15:39:34 -05:00
jvazquez-r7
c32b977a27
Land #3747 , @wvu changes to printer_ready_message
2014-09-04 15:26:52 -05:00
William Vu
2d8c7a7a4d
Refactor if statement to early return
...
This eliminates the protracted if statement and aligns the code body.
2014-09-04 15:05:30 -05:00
William Vu
614c7c178d
Land #3749 , jtr_oracle_fast missing require fix
2014-09-04 15:03:37 -05:00
jvazquez-r7
c1bca5c138
Land #3742 , @pedrib's changes to desktopcentral_file_upload check method
2014-09-04 14:47:36 -05:00
jvazquez-r7
7563c0bd0e
Use Gem::Version
2014-09-04 14:40:13 -05:00
HD Moore
34455b5dc6
Fix missing require for jtr_oracle_fast
2014-09-04 14:38:07 -05:00
William Vu
50ac8366fd
Refactor CHANGE/RESET to actions
...
Missed in c1fdc4d945
.
2014-09-04 14:36:04 -05:00
jvazquez-r7
2615a7a3be
Favor \&\& and || operands
2014-09-04 14:35:37 -05:00
sinn3r
0dcf481d76
This one is good to go
2014-09-04 14:13:33 -05:00
William Vu
84f9ec0aad
Refactor implicit options hash
...
Missed in c1fdc4d945
.
2014-09-04 13:30:06 -05:00
David Maloney
00ec47fb83
call new prepend cred methods
...
add method calls o all the lgoinscanner modules
so that they call the prepend_db_* methods as approrpiate
these methods automatically check to see if DB_ALL_CREDS was
selected
2014-09-04 12:32:35 -05:00
David Maloney
c5755824a6
pass in vhost and useragent
...
have http loginscanner modules pass in VHOST
and Useragent to the LoginScanner classes
2014-09-04 11:02:19 -05:00
sinn3r
dd4fd7bb39
The reporting part
2014-09-03 16:32:23 -05:00
sinn3r
e1694ec3e5
LoginScanner update for hp_sys_mgmt_login
...
Work in progress
2014-09-03 16:23:57 -05:00
Joe Vennix
0e18d69aab
Add extended mode to prevent service from dying.
2014-09-03 16:07:27 -05:00
Joe Vennix
4293500a5e
Implement running exe in multi.
2014-09-03 15:56:21 -05:00
Pedro Ribeiro
f0e3fa18a3
Restore the original filename
2014-09-03 21:32:05 +01:00
Joe Vennix
268d42cf07
Add PrependFork to payload options.
2014-09-03 14:56:22 -05:00
jvazquez-r7
185ce36859
Land #3701 , @wchen-ru's AppleTV modules
2014-09-03 12:30:50 -05:00
jvazquez-r7
10dee28fbd
Add http socket to the module sockets and allow the framework to cleanup
2014-09-03 12:01:48 -05:00
sinn3r
5acbcc80e2
no threading
2014-09-03 11:37:30 -05:00
Pedro Ribeiro
ded085f5cc
Add CVE ID
2014-09-03 07:22:10 +01:00
Brandon Perry
ee3e5c9159
Add check method
2014-09-02 21:35:47 -05:00
Pedro Ribeiro
c672fad9ef
Add OSVDB ID, remove comma from Author field
2014-09-02 23:17:10 +01:00
Pedro Ribeiro
d69049008c
Refactor and rename desktopcentra_file_upload
...
- Rewrite check method
- Declare that v7 is also exploitable (tested and it works)
- Rename to dc_agentlogupload_file_upload to match the other DC module's naming convention
- Add CVE / OSVDB / Full disclosure references
2014-09-02 23:12:33 +01:00
Pedro Ribeiro
05856016c9
Add exploit for CVE-2014-5005
2014-09-02 23:09:10 +01:00
Joe Vennix
f7617183d9
Revert "Add initial firefox xpi prompt bypass."
...
This reverts commit ebcf972c08
.
2014-09-02 12:27:41 -05:00
cx
aaeb5a2f5f
jhart-r7 suggestions added
2014-09-02 12:05:54 +03:00
John Sawyer
3281781f6a
Addressed r7 comments, fixed bug in results loop
2014-09-01 13:43:31 -04:00
Pedro Ribeiro
d480a5e744
Credit h0ng10 properly
2014-09-01 07:58:26 +01:00
Pedro Ribeiro
59847eb15b
Remove newline at the top
2014-09-01 07:56:53 +01:00
Pedro Ribeiro
6a370a5f69
Add exploit for eventlog analyzer file upload
2014-09-01 07:56:01 +01:00
Tom Sellers
20a02a9d29
Cleanup
2014-08-31 14:01:13 -05:00
Tom Sellers
6f7bc94db4
Creation of rdcmanager_creds.rb
2014-08-31 13:38:08 -05:00
jvazquez-r7
c05edd4b63
Delete debug print_status
2014-08-31 01:34:47 -05:00
jvazquez-r7
8b1791da22
Modify modules to keep old behavior
2014-08-31 01:18:53 -05:00
jvazquez-r7
559ec4adfe
Add module for ZDI-14-299
2014-08-31 01:11:46 -05:00
DrDinosaur
8ba5488198
Update wordpress_login_enum.rb
...
Fixed some typos.
2014-08-30 13:37:48 -10:00
jvazquez-r7
e1b6ee283f
Allow Msf::Payload::JSP to guess system shell path if it isnt provided
2014-08-30 16:27:02 -05:00
Brandon Perry
438f0e6365
typos
2014-08-30 09:22:58 -05:00
Brandon Perry
f72cce9ff2
Update railo_cfml_rfi.rb
2014-08-29 17:33:15 -05:00
David Maloney
a142e78a66
refactor wordpress_xml_rpc_login
...
refactor the login module to use the loginscanner class
2014-08-29 13:09:09 -05:00
David Maloney
0e14b271a1
Merge branch 'master' into wordpress-xmlrpc-login-scanner
2014-08-29 12:50:34 -05:00
Spencer McIntyre
1cdf1c2c6e
Land #3709 , @nnam's wing ftp admin console cmd exec
2014-08-29 13:46:01 -04:00
Spencer McIntyre
8095b4893c
Rename and apply rubocop style to wing_ftp_admin_exec
2014-08-29 13:42:11 -04:00
cx
bd9417490e
Merge branch 'master' into linux-post-enum-psk
2014-08-29 15:50:28 +03:00
cx
eaf73f9f84
Linux Gather 802-11-Wireless Security Credentials
2014-08-29 11:08:08 +03:00
sinn3r
f7091d854e
Add a timeout
2014-08-28 22:26:38 -05:00
jvazquez-r7
40f581458a
Land #3570 , @ikkini scanner for rsync
2014-08-28 18:48:32 -05:00
jvazquez-r7
9fb9ab813c
Add URL reference
2014-08-28 18:47:56 -05:00
jvazquez-r7
bc542a011d
Change module filename
2014-08-28 18:42:30 -05:00
jvazquez-r7
213fe23970
Clean rsync_modules_list
2014-08-28 18:40:55 -05:00
nnam
02bbd53b82
Fix failure messages for check().
2014-08-28 12:09:35 -07:00
Nicholas Nam
6c90a50e47
Handle res.nil case in check(). Revert check for res.nil in
...
execute_command() because it was failing prior to the reverse_shell
connecting.
2014-08-28 10:57:52 -07:00
Nicholas Nam
0788ce9745
Removed unused require and import. Handle the res.nil case in
...
execute_command() and authenticate().
2014-08-28 10:30:30 -07:00
sinn3r
f097ef96e0
Use &&
2014-08-28 12:13:03 -05:00
sinn3r
d0d9949d91
Do SSL options correctly
2014-08-28 12:04:14 -05:00
jvazquez-r7
58091b9e2b
Land #3708 , @pedrib fix for manage_engine_dc_pmp_sqli
2014-08-28 10:47:03 -05:00
jvazquez-r7
d8c15766bd
Land #3567 @OJ's fixes to the MQAC local exploit solving conflicts
2014-08-28 10:19:47 -05:00
jvazquez-r7
9d3d25a3b3
Solve conflicts
2014-08-28 10:19:12 -05:00
Matt Andreko
784ece574e
Found additional typos.
2014-08-28 09:03:19 -05:00
Matt Andreko
cb634cfef3
Fixed annoying typo that shows up in validation screenshots
2014-08-28 08:50:30 -05:00
Brandon Perry
f4965ec5cf
Create railo_cfml_rfi.rb
2014-08-28 08:42:07 -05:00
inkrypto
4a479d17a9
Randomize padding on aux module, fix spacing on exploits
2014-08-27 20:41:33 -04:00
Tod Beardsley
6d45f75b47
Land #3690 , credential_collect refactor
...
@TomSellers strikes again!
2014-08-27 18:31:59 -05:00
Tom Sellers
9b0c5dfb0c
Minor fix
2014-08-27 18:31:13 -05:00
sinn3r
0ba2f1e457
Leave a note about the old empty password issue
2014-08-27 17:06:11 -05:00
sinn3r
d5b70cca24
"Auth bypass" does not really describe what the feature actually does
2014-08-27 16:56:07 -05:00
sinn3r
a32ffc4c26
Add the final portion for Glassfish login module
2014-08-27 15:09:11 -05:00
sinn3r
633eaab466
Land #3714 - Firefox 22-27 WebIDL Privileged Javascript Injection
2014-08-27 01:45:18 -05:00
sinn3r
5d8cbe0544
Early version of Glassfish using LoginScanner
2014-08-27 01:23:02 -05:00
Joe Vennix
26cfed6c6a
Rename exploit module.
2014-08-26 23:05:41 -05:00
Joe Vennix
96276aa6fa
Get the disclosure date right.
2014-08-26 20:36:58 -05:00
Joe Vennix
52f33128cd
Add Firefox WebIDL Javascript exploit.
...
Also removes an incorrect reference from another FF exploit.
2014-08-26 20:35:17 -05:00
HD Moore
fde2687c9e
Store edition,version,build in the fingerprint.match
2014-08-26 18:44:08 -05:00
Tom Sellers
d5e39ae284
Adjustments for new LoginScanner code
2014-08-26 18:13:00 -05:00
HD Moore
ba1f7c3bf6
Land #3687 , reworks the nat-pmp portscanner
2014-08-26 14:34:46 -05:00
HD Moore
ed9bb3e52c
Fix a small typo
2014-08-26 14:34:10 -05:00
Jon Hart
775ebce56b
Correct natpmp_portscan's print_* usage to include peer
2014-08-26 12:27:12 -07:00
HD Moore
3b8bbdf10c
Merge master back in before landing #3545
2014-08-26 14:07:58 -05:00
HD Moore
4e19d9ade1
Land #3545 , fix up sip scanners, msftidy, db services cmd
2014-08-26 14:07:21 -05:00
Jon Hart
5826d7b164
vprint_status when no external address obtained, print_ is too noisy
2014-08-26 12:05:40 -07:00
Jon Hart
e75e213b52
Clarify SIP mixin method name, store header values as string, etc
2014-08-26 11:40:49 -07:00
Jon Hart
246f021437
Update natpmp_external_address to use Msf::Auxiliary::UDPScanner
2014-08-26 10:49:53 -07:00
Jon Hart
5c57f9b4eb
Don't overload RPORT/LPORT for mapping external -> internal ports
2014-08-26 10:49:53 -07:00
Jon Hart
162508f532
Update NAT-PMP modules to use new/updated mixins
2014-08-26 10:49:53 -07:00
Jon Hart
816404bb88
Move common NAT-PMP functionality into a central place
2014-08-26 10:49:53 -07:00
Jon Hart
ca11eae3a9
Show a useful failure message when the external address probe fails
2014-08-26 10:49:52 -07:00
William Vu
9f6a40dfd6
Fix bad pack in mswin_tiff_overflow
...
Reported by @egyjuzer in #3706 .
2014-08-26 11:14:44 -05:00
Jon Hart
bb00c97f46
Add a CERT reference
2014-08-26 08:29:28 -07:00
Jon Hart
40fe2fd3a9
Remove DRDoS references, as this just proves amplification
2014-08-26 08:23:50 -07:00
Jon Hart
10f52d8765
Use MX of 1 to speed up responses from endpoints that respect it
2014-08-26 08:00:30 -07:00
Jon Hart
333c3a90ae
Space between SSDP headers and values, which is sometimes required
2014-08-26 07:57:59 -07:00
Jon Hart
337cd02dd7
Change Auxiliary::DRDoS' prove_drdos to prove_amplification
2014-08-26 07:48:44 -07:00
Jon Hart
04fbd07a16
vprint_error in the unlikely event we get an unexpected response
2014-08-26 07:30:14 -07:00
Nicholas Nam
40b66fae33
Add Wing FTP Server post-auth remote command execution module
2014-08-26 07:28:41 -07:00
Jon Hart
79b05db409
Correct minor style issues
2014-08-26 07:26:30 -07:00
Pedro Ribeiro
a8d03aeb59
Fix bug with PMP db paths
2014-08-26 12:54:31 +01:00
Pedro Ribeiro
473341610c
Update name to mention DC; correct servlet name
2014-08-26 12:39:48 +01:00
xistence
63b75a0093
SSDP Amplification module changes
2014-08-26 16:03:32 +07:00
xistence
a90d142140
Add UPnP SSDP Amplication Scanner
2014-08-26 12:53:14 +07:00
HD Moore
73e4ec709f
Fix smb_port and require 'recog' when no DB/MDM
2014-08-25 15:42:18 -05:00
sinn3r
463815d240
Add AppleTV modules (imge, video and login)
2014-08-25 15:24:41 -05:00
Jon Hart
6a522cc105
Remove unused BATCHSIZE from SIP options_tcp, duplicate from options
2014-08-25 13:12:29 -07:00
Jon Hart
bfa89bb3a5
Enforce binary encoding on non-modules, no encoding on modules
2014-08-25 13:12:29 -07:00
Jon Hart
6185721a61
Address @hmoore-r7's feedback regarding binary encoding
2014-08-25 13:11:22 -07:00
Jon Hart
9955cb5b27
Enforce proper protocol case where necessary
2014-08-25 13:11:22 -07:00
Jon Hart
637f86f37d
Gut SIP UDP stuff, use Msf::Auxiliary::UDPScanner
2014-08-25 13:11:21 -07:00
Jon Hart
c2e70446ed
Move SIP module stuff to Msf::Exploit::Remote::SIP
2014-08-25 13:11:21 -07:00
Jon Hart
02e41c27e7
Split SIP response parsing out on its own, add unit tests.
...
Passes rspec but fails in framework. WIP.
2014-08-25 13:11:20 -07:00
Jon Hart
d4ea3e9f29
Pass protocol down to parse_reply for report_* purposes
2014-08-25 13:09:39 -07:00
Jon Hart
a2e2e37a69
Fix SIP options scanning
2014-08-25 13:09:39 -07:00
Jon Hart
2a4d73ee35
Add status message that displays delay between requests
2014-08-25 12:55:27 -07:00
Jon Hart
5c61c09c6b
auxiliary/scanner/http/soap_xml cleanup
...
This:
* Corrects Ruby style (most) everywhere
* Uses Rex's sleep, converts to milliseconds -- seconds are too granular
* Moves begin/rescue inside nested verb+noun loop
* Prints errors even if not in verbose mode
* Corrects URI construction when PATH ends with /
2014-08-25 12:55:27 -07:00
Joe Vennix
6d3255a3b5
Update bad config error.
2014-08-25 14:43:23 -05:00
David Maloney
152ddb2f32
refactor the ipboard-login module
...
now that we have the loginScanner class, we simplify the module
by using the scanner and credcollection classes to handle all
the real work for us
2014-08-25 14:32:47 -05:00
Joe Vennix
b652ebb44f
Add other gdb-supported platforms that run on allowed arches.
2014-08-25 14:15:20 -05:00
Joe Vennix
c4a173e943
Remove automatic target, couldn't figure out generic payloads.
2014-08-25 14:14:47 -05:00
Tod Beardsley
6d9833e32b
Minor pre-release updates with descriptions
2014-08-25 13:34:45 -05:00
Tod Beardsley
03a1f4455d
No need to escape single quotes in %q{} strigns
2014-08-25 13:03:33 -05:00
Tod Beardsley
2f87c880df
Add link to blog post for NTP modules
2014-08-25 12:58:10 -05:00
Tod Beardsley
c3213a73e5
Use peer when writing scanner modules
...
This fixes the module seen in PR rapid7#3684 to use the peer method at
the beginning of print_* messages, rather than the vhost method at the
end. Doing this tends to make reading the output much easier since it's
more consistent.
Incidentally, this module has an msftidy complaint:
````
--- Checking new and changed module syntax with tools/msftidy.rb ---
modules/auxiliary/scanner/http/ipboard_login.rb - [INFO] Please use
vars_get in send_request_cgi: send_request_cgi({ 'uri' =>
normalize_uri(target_uri.path,
"index.php?app=core&module=global§ion=login&do=process"
````
This should be fixed as well, or explained why it's not being honored.
2014-08-25 12:48:32 -05:00