3396afb41a
Add IP and port (peer) to print_brute messages
2017-08-08 15:46:40 -05:00
39e59805f9
Fix annoying print_brute messages in ssh_login
2017-08-08 15:15:23 -05:00
67e86da50b
make SMBLoris run continuously as requested
...
as per ZeroSum's request the module now runs
continuously, refreshing the connections on every pass
until manually killed
2017-08-08 10:16:16 -05:00
289f03241b
add module documentation
...
add module docs for the new smbloris DoS
2017-08-04 16:10:44 -05:00
15cc2a9dc0
removedthreading stuff, tried keepalives
...
still seem to be topping out at
about 1.3GB allocated
2017-08-04 15:28:01 -05:00
e73ffe648e
tried adding supervisor model to smbloris
...
tried to overcome issues with slowdown
around the 4500 connection mark by using the
supervisor pattern to terminate the threads on
the backend. this seems to get us further, but we still
hit a slowdown and the allocations die out before
we hit any serious usage
2017-08-03 14:19:35 -05:00
c9da2d56b9
first pass at SMBLoris DoS module
...
the first pass on the DoS module for SMBLoris
running into issues with it topping out around 600MB
2017-08-03 11:32:57 -05:00
8989d6dff2
Modified Accuvant bog posts to the new Optive urls
2017-08-02 13:25:17 +10:00
d66e8062e7
Add TeamTalk Gather Credentials auxiliary module
2017-07-24 14:24:38 +00:00
6300758c46
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
80d18fae6a
update example modules to have zero violations
2017-07-24 06:15:54 -07:00
838b066abe
Merge branch 'master' into land-8716
2017-07-24 05:51:44 -07:00
df22e098ed
Land #8695 , Fix #8675 , Add Cache-Control header, also meta tag for BAP2
2017-07-23 07:17:45 -07:00
8c8dbc6d38
Land #8692 , Fix #8685 , Check nil condition for #wordlist_file in jtr modules
2017-07-23 07:12:21 -07:00
109fd8b6d3
Add Asterisk Gather Credentials auxiliary module
2017-07-23 09:55:12 +00:00
e710701416
Made msftidy.rb happy
...
...untested with the set-cookie 'fix'
2017-07-21 19:55:26 -07:00
5d04775f5e
use 2.4 OpenSSL::PKey::RSA api
2017-07-21 16:28:07 -04:00
524373bb48
OCD - Removed un-needed full stop
2017-07-21 07:41:51 -07:00
772bec23a1
Fix various typos
2017-07-21 07:40:08 -07:00
3f6925196b
OCD - store_loot & print_good
2017-07-19 13:02:49 +01:00
ef826b3f2c
OCD - print_good & print_error
2017-07-19 12:48:52 +01:00
df9b642746
More print_status -> print_good
2017-07-19 11:39:15 +01:00
b8d80d87f1
Remove last newline after class - Make @wvu-r7 happy
2017-07-19 11:19:49 +01:00
3d4feffc62
OCD - Spaces & headings
2017-07-19 11:04:15 +01:00
a008f8e795
BruteForce - > Brute Force
2017-07-19 10:39:58 +01:00
45f81f3c98
Squash some style issues
2017-07-18 12:45:02 -07:00
e93e524c3b
Merge branch 'upstream-master' into feature/rdp-scanner
2017-07-17 13:46:59 -07:00
43e04c8894
Improve RDP probe packet
2017-07-17 13:14:47 -07:00
ee1c87b868
Land #8172 , example modules
...
lands several example modules
2017-07-14 15:17:20 -05:00
e3e5c33b9b
WIP commit of RDP scanner
2017-07-14 13:02:43 -07:00
4720d1a31e
OCD fixes - Spaces
2017-07-14 08:46:59 +01:00
9309115627
OCD - Banner clean up
2017-07-14 08:19:50 +01:00
fd843f364b
Removed extra lines
2017-07-14 08:17:16 +01:00
67310fa96c
print_status -> print_good. [When it is successful, show it!]
2017-07-14 00:09:35 +01:00
424522147e
OCD fixes - Start of *.rb files
2017-07-13 23:53:59 +01:00
de230478eb
Land #8566 , Add ye olde NNTP Login Utility scanner module
2017-07-13 13:19:34 -05:00
e52e9c147d
First commit for Cisco Smart Install Scanner
2017-07-12 19:12:06 -07:00
59de7d3635
Land #8671 , Add a module for CVE-2017-7615
2017-07-12 14:58:02 -05:00
580219695a
Oof, missed the parens...
2017-07-12 13:52:59 -05:00
aa22651340
Few style/spelling tweaks, nothing to see here...
2017-07-12 13:41:20 -05:00
345407b0a4
Rex::Encoder::XDR conflicts with the XDR gem
2017-07-12 11:52:10 -05:00
5473b2132d
Implement :request_url for Msf HttpClient mixin
...
To round out implementation of a simple path for users to access
HttpClient like Open or Net::HTTP, create :request_url method which
takes a single URL parameter, uses :request_opts_from_url to build
the request configuration for Rex::Proto::Http::Client, executes
a GET request with it, and disconnects the client unless keepalive
is specified as the second parameter to :request_url.
Example usage of functionality is implemented in http_pdf_authors.
2017-07-11 16:07:13 -04:00
6d7a066477
fixes oracle_hashdump and jtr_oracle_fast modules
...
fixes functionality in the oracle database hashdumper
and the oracle hash cracker modules
2017-07-10 16:57:57 -05:00
50b1ec4044
Fix #8675 , Add Cache-Control header, also meta tag for BAP2
...
Hopefully that browsers will respect this.
Fix #8675
2017-07-10 16:05:09 -05:00
fe360e3e2a
Fix #8685 , Check nil condition for #wordlist_file in jtr modules
...
JTR modules should never assume there is always a database
connected while using #wordlist_file, considering a database is
an optional component for Framework.
Fix #8685
2017-07-10 11:18:20 -05:00
df697aa23c
Implement HttpClient options generation from URL
...
To address the complexity which comes with the flexibility offered
by Rex::Proto::Http::Client and its Msf mixin descendant, a simple
process needs to be implemented for issuing a request using only
the URL string in order to provide ease of access to users who may
not have the time to study how these clients work in detail.
Implement :request_opts_from_url in Msf's HttpClient mixin such as
to extract the options required for :send_request_* from a URL
string passed into the method. This approach reduces HTTP requests
in the mixin to `send_request_raw(request_opts_from_url(url))` when
`url` is just a string.
Implement this approach in the http_pdf_authors gather module to
further reduce infrastructure complexity around the simple need to
acquire PDF files via HTTP/S.
Testing:
Local to this module only, and in Pry of course. Seems to work...
2017-07-10 04:19:26 -04:00
997150a215
Use Msf::Exploit::Remote::HttpClient
...
Replace Net::HTTP usage with proper Rex::Proto::Http::Client via
the Msf module mixin. Generate the request opts from the same URI
parsed URL string, execute a one shot GET request, disconencting
after reciept of results. Depending on the response code, either
pass back an empty StringIO or if its 200, a StringIO(res.body).
2017-07-10 03:37:41 -04:00
263a42707e
Fix a typo
2017-07-09 16:34:51 +02:00
8510cda5ae
Implement @bcoles advices
2017-07-09 16:34:10 +02:00
f10cf75ae0
Fix some stuff
2017-07-09 10:45:15 +02:00
5fe805aaca
s/\t/ /g
2017-07-09 02:29:37 +02:00
968fa0c244
Add even more references
2017-07-09 02:27:54 +02:00
ae930ae7c1
Add a module for CVE-2017-7615
2017-07-09 02:14:21 +02:00
b3be89b508
Land #8663 , typo fix for zoomeye_search
2017-07-07 16:53:48 -05:00
8f464e17a1
Land #8658 , Add Gather PDF Authors auxiliary module
2017-07-07 16:20:29 -05:00
e5244f3113
Fixed typo
2017-07-07 15:26:37 -04:00
683ce10167
Add URL option
2017-07-07 18:42:00 +00:00
d864ce16b1
Add Gather PDF Authors auxiliary module
2017-07-06 23:29:17 +00:00
f45facdf6e
Fix HTTP verb in jboss_vulnscan print_status
2017-07-06 14:55:33 -05:00
aa387e96a7
Land #8577 , Add SurgeNews User Credentials scanner
2017-07-03 10:14:03 -05:00
38b1e56bbd
negated wording regarding legacy auth
...
According to the docs this variable means the opposite:
https://dev.mysql.com/doc/refman/5.5/en/mysql-command-options.html#option_mysql_secure-auth
OFF -> insecure
ON -> secure
2017-07-03 14:29:07 +02:00
dff96ce9a0
Re-order includes with Auxiliary::Scanner last
2017-07-01 08:30:17 +00:00
3d4d03c9b4
Land #8575 , Cerberus Helpdesk hash disclosure
2017-06-30 16:02:53 -05:00
40f0d36f6b
Land #8615 , add @artkond's DoS module for Cisco CVE-2017-3881
2017-06-30 11:17:09 -04:00
d20036e0fb
revise spelling, add heartbleed and tidy checks
2017-06-28 18:50:20 -04:00
461ab4501d
add 'Also known as', AKA 'AKA', to module references
2017-06-28 15:53:00 -04:00
0d9f57ad7c
add @artkond's DoS module for Cisco CVE-2017-3881
...
This makes a few improvements, adds module docs.
2017-06-27 01:53:23 -05:00
05c72214ae
Land #8205 , Add Satel SenNet Command Exec Module
2017-06-25 18:01:44 -05:00
07e7baebb8
sign my name
2017-06-25 14:59:01 -05:00
7bc0dcea42
add ipv6 support for CHOST
2017-06-25 14:57:15 -05:00
269597f994
add initial CHOST support
2017-06-24 18:57:43 -05:00
eee1eff034
improve resolve / add / delete logic
2017-06-24 18:36:01 -05:00
b36d56bed3
handle RXDomain on lookup failure
2017-06-24 18:10:50 -05:00
c8755a3a7a
add pre-flight checks, log a lot more info
2017-06-24 12:32:15 -05:00
cc9326d946
bcoles updates and table printing
2017-06-24 13:01:39 -04:00
8f3c470bb3
make usage more intuitive, remove weird defaults
2017-06-24 11:52:52 -05:00
24c43b1822
reregister rhost
2017-06-22 18:33:19 -05:00
ca813e7a5c
fix message formatting
2017-06-22 18:21:33 -05:00
823260cc04
fix error message
2017-06-22 18:11:07 -05:00
3cf722a45d
use correct preqrequisites
2017-06-22 18:08:20 -05:00
5e48a11e60
handle specific exceptions, update docs
2017-06-22 18:01:52 -05:00
6a261b172f
move from scanner to admin
2017-06-22 17:47:04 -05:00
125d14f81e
simplify module, add AAAA support
2017-06-22 17:44:55 -05:00
b618e5ca6f
Add more exception handling, fix tidy rules
2017-06-22 15:55:04 -05:00
ce124e6090
Add CNAME record
2017-06-22 15:55:04 -05:00
5528084e27
add Dnsruby
2017-06-22 15:55:04 -05:00
2410a3232f
Adding DNS Server Dynamic Update Record Injection module
2017-06-22 15:41:25 -05:00
3b248c78f3
resurrect old example modules, integrate into module tree
2017-06-22 11:36:35 -05:00
47a659f554
Land #8185 , Convert ntp modules to bindata
2017-06-22 09:37:58 -05:00
ceba4e6d61
Add pointer to CDX API
2017-06-21 12:34:40 -05:00
c12056d242
Fix enum_wayback using CDX API
2017-06-21 12:29:15 -05:00
b82051757d
Add SurgeNews User Credentials scanner module
2017-06-17 01:49:47 +00:00
c9e000e379
add new version
2017-06-16 20:59:19 -04:00
652e237131
add missing .to_binary_s calls
2017-06-16 13:39:04 -05:00
f008f2aa8f
working code
2017-06-16 08:24:54 -04:00
0e38823a8f
Add NNTP Login Utility scanner module
2017-06-15 20:25:40 +00:00
549f9e74d8
Fix AMT scanner for mangled HTML (no </p>)
...
Also stores proof using the correct :info for report_vuln (not :proof).
2017-06-14 16:54:32 -05:00
c1372456e2
Land #8326 , support LLMNR ANY responses
2017-06-14 14:01:44 -05:00
cbbb57d1a5
Land #8526 , Refactor QNAP and airOS modules for creds
2017-06-12 14:46:11 -05:00
a40e7164d8
Refactor QNAP module for traditional creds
2017-06-12 14:41:58 -05:00
bb9d1a6768
Land #8507 , Riverbed SteelHead VCX file read
2017-06-12 10:39:48 -05:00
704a1218fa
Land #8498 , store more specific credential wordpress_directory_traversal_dos
2017-06-12 10:13:52 -05:00
80e91e9de2
Minor fixups.
2017-06-12 09:51:30 -05:00
a349eb9a0d
fixes per peer review
2017-06-10 14:29:53 -04:00
aa00661fd0
Land #8518 , update CVE references where modules report_vuln
2017-06-08 13:38:12 -05:00
e22334343e
Use store_valid_credential in my modules
...
I used report_note because using the creds API was a pain in the ass.
2017-06-08 00:57:51 -05:00
b932aae82e
reference typo fix
2017-06-06 11:50:07 -05:00
1558db375d
update CVE reference in where modules report_vuln
2017-06-05 16:36:44 -05:00
bc3b883758
Add docs, fix typo, add missing report mixin to avoid error.
2017-06-05 13:49:59 -05:00
a5805a55dc
make this a UDPScanner, rewrite
2017-06-05 12:39:48 -05:00
8c39c92245
Add description and loop capability.
2017-06-05 11:27:13 -05:00
a571834c4d
Initial commit of rpcbomb DoS aux module.
...
This just brings the code in as-in, next step is to update to use our mixins and such.
2017-06-05 10:23:39 -05:00
de86c5d991
add storing creds and loot name consistency
2017-06-04 17:46:43 -04:00
ea5db9a039
working module
2017-06-02 23:09:19 -04:00
e7fa4c2d06
Land #8504 , print_good for ipmi_dumphashes
2017-06-02 18:49:41 -05:00
34e9b2c04b
Change ipmi_dumphashes to have non-verbose output, ever
2017-06-02 14:27:21 -06:00
2924318ca5
update java_rmi_server modules with CVE
2017-06-02 12:59:48 -05:00
d68365d8df
store more specific credential wordpress_directory_traversal_dos
2017-05-31 18:55:35 -05:00
a01a2ead1a
Land #8467 , Samba CVE-2017-7494 Improvements
2017-05-30 00:15:03 -05:00
5698896672
Land #8323 wordpress pre4.6 dos
2017-05-29 07:59:43 -04:00
c811c6a8c0
Add PASS_FILE option
2017-05-28 23:26:51 +00:00
72a5142e37
Update directory traversal DoS module and docs
2017-05-29 00:30:23 +02:00
8fce94b3cd
Add ScadaBR Credentials Dumper module
2017-05-28 01:24:53 +00:00
eebfd9b7f2
Switch to the mixin-provided SMB share enumeration methods
2017-05-26 17:02:06 -05:00
9b9d2f2345
Final version of configurable depth
2017-05-26 16:23:22 +02:00
33ddef9303
Add documentation, add configurable depth path
2017-05-26 16:14:03 +02:00
af4eafdf70
Updated module and doc
2017-05-24 06:33:08 +05:30
a6f416e8df
Land #8290 , Hwbridge Automotive Fix and Extension Enhancements
2017-05-19 13:46:54 -05:00
4def7ce6cc
Land #8327 , Simplify storing credentials
2017-05-18 16:49:01 -05:00
11da7c7c81
Land #8394 , Add Moxa Credential Recovery Module
2017-05-16 16:45:22 -05:00
8025eb573a
Enforce check
...
Because we are not able to get our hands on the hardware for testing,
and that this module may trigger a backtrace if the UDP server isn't
Moxa, we force check to make sure that doesn't happen.
2017-05-16 16:43:22 -05:00
2d7f7f9aec
Pass msftidy
2017-05-16 15:05:12 -05:00
20b682b2e4
Land #8391 , fix a typo in vmware_enum_permissions module description
...
orts
2017-05-16 09:33:26 -05:00
4a0535c2d0
add moxa credential recovery module
2017-05-16 10:21:44 -04:00
b2f69e9018
spelling
2017-05-15 21:11:19 -04:00
bee36ca90f
Fix edge case
2017-05-11 16:22:21 -05:00
68f13808e7
Fix msftidy warnings for the WNR2000 module
2017-05-11 16:16:10 -05:00
d00685a802
Don't run a DoS during wmap scans
2017-05-10 14:41:24 -05:00
faf01ed5ef
Land #8353 , add aux scanner for Intel AMT digest bypass
2017-05-09 18:45:21 -05:00
f7ff840ef0
Add missing return, thanks bperry!
2017-05-08 14:08:59 -05:00
9392e48b72
Add a scanner for Intel AMT auth bypass (CVE-2017-5689)
2017-05-08 13:24:00 -05:00
a1efa30fa2
comments adjustments & enum better
2017-05-08 11:57:06 -05:00
635a7a42e6
Update style lotus_domino_hashes
2017-05-07 16:37:48 +10:00
e2fe70d531
convert store_valid_credential to named params
2017-05-05 18:23:15 -05:00
63b6ab5355
simplify valid credential storage
2017-05-04 22:51:40 -05:00
81bcf2ca70
updating all LHOST to use the new opt type
2017-05-04 12:57:50 -05:00
64452de06d
Fix msf/core and self.class msftidy warnings
...
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
cf74cb81a7
Removed unnecessary 'msf/core' include.
2017-05-03 09:02:05 -04:00
012081eed2
Added support for ANY queries. Silently ignore unsupported queries instead of spamming stdout.
2017-05-01 17:28:56 -04:00
0b62a6478a
Modification for Travis (remove require msf/core, and self.class in register)
2017-04-30 17:05:11 +02:00
3f348150c6
Modification of description
2017-04-30 16:38:39 +02:00
52ec448511
Add WordPress Directory Traversal DoS Module
2017-04-30 15:03:48 +02:00
1a402ed1d8
Add arch to smb_ms17_010 DOUBLEPULSAR detection
2017-04-26 20:59:13 -05:00
f8792956ee
fix one module for testing
2017-04-26 16:21:13 -05:00
4019a14865
The local HWBridge now does not print out status for each URI request per default. This can be enabled by setting verbose to true.
...
Signed-off-by: Craig Smith <agent.craig@gmail.com>
2017-04-24 20:42:03 -07:00
5537348e28
Addes Statistics support from the API. When typing status in a hardware bridge it will also print packet statistics.
...
Signed-off-by: Craig Smith <agent.craig@gmail.com>
2017-04-24 20:42:03 -07:00
55f01d3fc7
made the plugin less spammy with more vprintf
2017-04-24 13:33:05 -06:00
453ca6e3bf
added OS printing on vulnerable systems
2017-04-24 13:20:44 -06:00
a69aba0eab
added XOR Key calculation
2017-04-22 23:54:30 -06:00
8a77bf7b60
removed wrong comments
2017-04-21 08:27:13 -06:00
9fab64c60e
added references
2017-04-20 15:22:37 -06:00
dd12afd717
added DoublePulsar detection
2017-04-20 15:03:29 -06:00
942959f7e8
Land #8255 , fixes for smb_ms17_010
2017-04-17 11:38:34 -05:00
7b936b0012
Land #8184 , convert IPMI protocol and modules to bindata
2017-04-17 07:40:15 -05:00
6f70efcfa1
add module documentation
2017-04-17 07:39:43 -05:00
b1c7f1302b
Fix report_vuln and prefer vprint_error
2017-04-17 02:48:56 -05:00
a9857eb1c2
Land #8099 , Aux module to launch instances in AWS
2017-04-14 14:12:10 -05:00
42122d2835
Land #8238 , move SMB2 support back into smb_login, add simpler permissions checks
2017-04-14 14:06:46 -05:00
d75f852d01
Land #8167 , Add MS17-010 auxiliary detection module
2017-04-14 13:00:16 -05:00
91fb3ce6b8
collapse SMB2 support into smb_login
...
converge the SMB and SMB loginscanners so that
there is only one SMB loginscanner that supports both
MS-2636
2017-04-13 15:22:03 -05:00
adeb4d10d7
smb2 login scanner admin check now working
...
we can now check for admin privs in the smb2
login scanner
MS-2636
2017-04-13 14:40:32 -05:00
c21d78b23b
Land #8186 , Convert DNS Fuzzer to use bindata
2017-04-11 23:27:08 -05:00
c867b7e228
Land #8204 , Add Cambian ePMP SNMP Configuration download
2017-04-11 10:59:13 -05:00
f7c8bd2464
add rescue for ::Rex::Proto::SMB::Exceptions::LoginError
2017-04-07 15:37:56 -06:00
e65eacce49
Add Satel SenNet Command Exec Module
2017-04-07 02:22:11 +05:30
3c189f0cb0
Adding Cambium SNMP Loot module
2017-04-07 01:32:45 +05:30
891e7e465e
convert DNS fuzzer to bindata
2017-04-04 03:03:32 -05:00
5f88971ca9
convert NTP modules to bindata
2017-04-04 02:57:38 -05:00
46c7e822c8
convert IPMI protocol and modules to bindata
2017-04-04 02:44:17 -05:00
98ffa4d380
Land #7652 , add varnish cache CLI authentication scanner module
2017-04-02 21:52:45 -05:00
a34c01ebd2
Land #8137 shodan honeyscore module
2017-04-02 21:37:36 -04:00
26fc6bc920
added report_vuln()
2017-04-01 21:48:19 -06:00
035f37cf42
Land #8144 , Add Moxa Device Discovery Scanner Module
2017-03-31 19:11:27 -05:00
f870f94fa9
Land #8163 , Add Cambium ePMP Arbitrary Command Execution
2017-03-31 19:06:19 -05:00
4bd50b0ad2
Merge branch 'ms17-010' of github.com:RiskSense-Ops/metasploit-framework into ms17-010
2017-03-30 10:10:08 -06:00
a125566fc7
removed unnecessary arguments
2017-03-30 10:09:31 -06:00
a13d6a7810
Land #8166 , Add new SMB LoginScanner using RubySMB for SMB1/SMB2 Support
2017-03-30 11:08:17 -05:00
ac83ff7e48
Land #8155 , Style fixes for HWBridge RF and a couple small bug fixes
2017-03-29 20:37:13 -05:00
ef7de6d49e
added MSB to description, moved a print statement
2017-03-29 17:43:49 -06:00
4bdbdc0e00
Fix response parsing
2017-03-29 18:21:12 -05:00
68f5c0e663
removed a print statement
2017-03-29 16:24:59 -06:00
7e6b8b02b8
replaced magic constant with setup_count
2017-03-29 15:37:28 -06:00
9923c39799
removed superfluous status
2017-03-29 15:32:29 -06:00
f0a1e12a7e
small typos
2017-03-29 15:30:35 -06:00
ffa376c514
added MS17-010 auxiliary detection module
2017-03-29 14:33:02 -06:00
a571bcdba4
update module description
2017-03-29 13:58:36 -05:00
418e371e35
add SMB2 login scanner and module
...
add smb2_login module backed by an smb2
LoginScanner class. This is a temporary alternative
to smb_login until ruby_smb catches up more on feature parity
MS-2557
2017-03-29 11:36:33 -05:00
30896d1fab
Add Cambium ePMP Arbitrary Command Execution Module
2017-03-28 00:17:36 +05:30
66a585ab41
Land #8050 , Add Cambium ePMP System Hash Dumper
2017-03-27 12:08:53 -05:00
935c59306b
Land #7897 , Add Cambium ePMP 1000 Device Configuration file dumper
2017-03-27 12:05:11 -05:00
d705949b37
Land #7784 , Cambium ePMP 1000 Login Scanner
2017-03-27 12:01:56 -05:00
31c03840bb
Style fixes for HWBridge RF and a couple small bug fixes
...
I should have tweaked these earlier, my bad.
2017-03-26 13:45:19 -05:00
dd7cf39678
updated references
2017-03-25 12:31:08 +05:30
63d88c159a
updated references
2017-03-25 12:27:38 +05:30
fd5e25bcc2
restored version check
2017-03-25 12:08:00 +05:30
68e4b8a855
Updated user data param to load aggregator
2017-03-24 22:58:04 -07:00
82ebbfb9a7
Fix msftidy warnings
2017-03-24 23:12:48 -04:00
3e2173d4f9
Add key length check and remove mixin
...
Also add a reference to the original honeyscore website
2017-03-24 22:33:09 -04:00
581d523d5b
Fix things from review
2017-03-24 21:22:23 -04:00
92c0748447
Land #8102 , Add a plugin to notify new sessions via SMS
2017-03-24 11:17:59 -05:00
e04f01ed6b
Land #7778 , RCE on Netgear WNR2000v5
2017-03-23 15:34:16 -05:00
8dd0f953b0
remove unnecessary require
2017-03-22 19:48:24 -04:00
420df11c44
Change up the way shodan is reached
2017-03-22 19:39:45 -04:00
2200c9faee
Create moxa_discover.rb
2017-03-22 10:49:26 -04:00
fa61d67761
Fix score comparison
2017-03-21 19:17:20 -04:00
fef8ec10bc
Fix author formatting
2017-03-21 13:23:41 -04:00
d7640713df
Add more checks and formatting
2017-03-21 13:23:06 -04:00
1f68a3bda6
Rename honeypot.rb to shodan_honeyscore.rb
2017-03-21 13:10:31 -04:00
79c7b84f08
Create honeypot.rb
2017-03-21 11:15:12 -04:00
2fde287424
Initial patch for rftransceiver (RfCat / YardstickOne)
2017-03-20 17:36:16 -05:00
2acd941b16
Merge branch 'master' into dtc_fix
2017-03-20 14:10:01 -05:00
06ebb22a8f
Land #8065 , Zigbee Hardware Bridge Extension
2017-03-20 10:44:15 -05:00
7bcd53d87d
Land #8079 , exploit and aux for dnaLims
2017-03-20 11:08:05 -04:00
fd5345a869
updates per pr
2017-03-20 10:40:43 -04:00
aa1e76f28e
Land #8128 , ensure there is a response before deferencing
2017-03-19 22:17:31 -05:00
534ca8c5cb
fix: URL encoding userdata
2017-03-18 21:52:49 -07:00
26d344a0ef
Initial checkin of launch instances module
2017-03-18 21:52:49 -07:00
f88a522bf5
fix #8121
2017-03-18 14:50:24 -04:00
06e6a973ce
land #7944 a scanner for Carlo Gavazzi energy meters
2017-03-18 10:35:43 -04:00
ea4ca7ecc5
Land #8116 , Handle ::Errno::ECONNRESET in telnet_version
2017-03-17 12:32:02 -05:00
db6bc6c784
Land #8100 , msfcrawler improvements
...
Does anyone use this anymore??
2017-03-16 21:31:23 -05:00
ab75794cd4
Land #8071 , Add API to send an MMS message to mobile devices
2017-03-16 11:57:34 -05:00
a1d7748d82
Fix #8061 , Handle ::Errno::ECONNRESET in telnet_version
...
Fix #8061
2017-03-15 16:33:37 -05:00
d4ee254057
Land #8076 , Add Easy File Sharing FTP Server Version 3.6 traversal
2017-03-15 16:17:13 -05:00
8afe6a9061
Update easy_file_sharing_ftp and add documentation
2017-03-15 16:14:41 -05:00
b65919e7b1
Land #7956 , Add QNAP NAS/NVR administrator hash disclosure
2017-03-15 11:12:59 -05:00
0a71e4a903
Update check with Exploit::CheckCode::Appears
2017-03-15 05:13:30 -05:00
86d2217f4d
Fix whitespace and clarify options
2017-03-15 04:27:30 -05:00
a0bff5c8c3
Bump RETRIES to 10
...
3 was a bit too low. I was using 10 and had more success with it.
2017-03-15 03:18:09 -05:00
cf8b4a78fa
Bring branch up to date with upstream-master
2017-03-14 16:48:33 -05:00
bb4d6e17c8
Resolve #8026 , Add a plugin to notify new sessions via SMS
...
This plugin will notify you of a new session via SMS.
It also changes the SMS text format to MIME.
Resolve #8026
2017-03-13 16:13:59 -05:00
665adec298
Patching storedb function (adding host/port/ssl for correct report_web_page)
2017-03-13 17:37:47 +01:00
9f76b4d99c
Change default RPORT to 443 with SSL
...
I never really tested port 80, so I wonder why I didn't change this.
Turns out 80 isn't even the vuln service. Welp. Hat tip @bcoles.
2017-03-12 21:03:31 -05:00
e7c920db44
Remove DEBEUG/print_debeug :(
2017-03-12 21:01:48 -05:00
d57b772ac9
Bump default RETRIES to 3
2017-03-12 21:00:38 -05:00
25bfa88c46
Land #7877 , Add mDNS query spoofing service
2017-03-10 15:44:57 -06:00
ed22902fd4
Support the subject field
2017-03-08 11:40:08 -06:00
f60dae0917
Lots of syntax fixups from rubocop
2017-03-08 09:21:33 -08:00
183be81ba8
Easy File Sharing FTP Server Directory Traversal
2017-03-08 17:59:27 +02:00
e327f9b330
Update other module descriptions
2017-03-07 16:55:06 -06:00
William Vu
David Maloney
TC Johnson
Brendan Coles
Brent Cook
g0tmi1k
Evgeny Naumov
Jon Hart
bwatters-r7
Pearce Barry
RageLtMan
wchen-r7
jvoisin
dmohanty-r7
MD5HashBrowns
Roman
h00die
KINGSABRI
William Webb
James Lee
Jeffrey Martin
Dylan Davis
root
HD Moore
juushya
Patrick DeSantis
darkbushido
Joe Testa
reanar
Craig Smith
zerosum0x0
zerosum0x0
Brent Cook
Carter
Javier Godinez
Jon P
Ahmed Elhady Mohamed