Commit Graph

8076 Commits (352cf295b599a7ac91981492c27d8c28e936f9c6)

Author SHA1 Message Date
jvoisin 5fe805aaca s/\t/ /g 2017-07-09 02:29:37 +02:00
jvoisin 968fa0c244 Add even more references 2017-07-09 02:27:54 +02:00
jvoisin ae930ae7c1 Add a module for CVE-2017-7615 2017-07-09 02:14:21 +02:00
William Vu b3be89b508
Land #8663, typo fix for zoomeye_search 2017-07-07 16:53:48 -05:00
dmohanty-r7 8f464e17a1
Land #8658, Add Gather PDF Authors auxiliary module 2017-07-07 16:20:29 -05:00
MD5HashBrowns e5244f3113 Fixed typo 2017-07-07 15:26:37 -04:00
Brendan Coles 683ce10167 Add URL option 2017-07-07 18:42:00 +00:00
Brendan Coles d864ce16b1 Add Gather PDF Authors auxiliary module 2017-07-06 23:29:17 +00:00
William Vu f45facdf6e Fix HTTP verb in jboss_vulnscan print_status 2017-07-06 14:55:33 -05:00
dmohanty-r7 aa387e96a7
Land #8577, Add SurgeNews User Credentials scanner 2017-07-03 10:14:03 -05:00
Roman 38b1e56bbd negated wording regarding legacy auth
According to the docs this variable means the opposite:
https://dev.mysql.com/doc/refman/5.5/en/mysql-command-options.html#option_mysql_secure-auth
OFF     ->      insecure
ON      ->      secure
2017-07-03 14:29:07 +02:00
Brendan Coles dff96ce9a0 Re-order includes with Auxiliary::Scanner last 2017-07-01 08:30:17 +00:00
Pearce Barry 3d4d03c9b4
Land #8575, Cerberus Helpdesk hash disclosure 2017-06-30 16:02:53 -05:00
Brent Cook 40f0d36f6b
Land #8615, add @artkond's DoS module for Cisco CVE-2017-3881 2017-06-30 11:17:09 -04:00
Brent Cook d20036e0fb revise spelling, add heartbleed and tidy checks 2017-06-28 18:50:20 -04:00
Brent Cook 461ab4501d add 'Also known as', AKA 'AKA', to module references 2017-06-28 15:53:00 -04:00
Brent Cook 0d9f57ad7c add @artkond's DoS module for Cisco CVE-2017-3881
This makes a few improvements, adds module docs.
2017-06-27 01:53:23 -05:00
Brent Cook 05c72214ae
Land #8205, Add Satel SenNet Command Exec Module 2017-06-25 18:01:44 -05:00
Brent Cook 07e7baebb8 sign my name 2017-06-25 14:59:01 -05:00
Brent Cook 7bc0dcea42 add ipv6 support for CHOST 2017-06-25 14:57:15 -05:00
Brent Cook 269597f994 add initial CHOST support 2017-06-24 18:57:43 -05:00
Brent Cook eee1eff034 improve resolve / add / delete logic 2017-06-24 18:36:01 -05:00
Brent Cook b36d56bed3 handle RXDomain on lookup failure 2017-06-24 18:10:50 -05:00
Brent Cook c8755a3a7a add pre-flight checks, log a lot more info 2017-06-24 12:32:15 -05:00
h00die cc9326d946 bcoles updates and table printing 2017-06-24 13:01:39 -04:00
Brent Cook 8f3c470bb3 make usage more intuitive, remove weird defaults 2017-06-24 11:52:52 -05:00
Brent Cook 24c43b1822 reregister rhost 2017-06-22 18:33:19 -05:00
Brent Cook ca813e7a5c fix message formatting 2017-06-22 18:21:33 -05:00
Brent Cook 823260cc04 fix error message 2017-06-22 18:11:07 -05:00
Brent Cook 3cf722a45d use correct preqrequisites 2017-06-22 18:08:20 -05:00
Brent Cook 5e48a11e60 handle specific exceptions, update docs 2017-06-22 18:01:52 -05:00
Brent Cook 6a261b172f move from scanner to admin 2017-06-22 17:47:04 -05:00
Brent Cook 125d14f81e simplify module, add AAAA support 2017-06-22 17:44:55 -05:00
KINGSABRI b618e5ca6f Add more exception handling, fix tidy rules 2017-06-22 15:55:04 -05:00
KINGSABRI ce124e6090 Add CNAME record 2017-06-22 15:55:04 -05:00
KINGSABRI 5528084e27 add Dnsruby 2017-06-22 15:55:04 -05:00
KINGSABRI 2410a3232f Adding DNS Server Dynamic Update Record Injection module 2017-06-22 15:41:25 -05:00
Brent Cook 3b248c78f3 resurrect old example modules, integrate into module tree 2017-06-22 11:36:35 -05:00
William Webb 47a659f554
Land #8185, Convert ntp modules to bindata 2017-06-22 09:37:58 -05:00
William Vu ceba4e6d61 Add pointer to CDX API 2017-06-21 12:34:40 -05:00
William Vu c12056d242 Fix enum_wayback using CDX API 2017-06-21 12:29:15 -05:00
Brendan Coles b82051757d Add SurgeNews User Credentials scanner module 2017-06-17 01:49:47 +00:00
h00die c9e000e379 add new version 2017-06-16 20:59:19 -04:00
William Webb 652e237131
add missing .to_binary_s calls 2017-06-16 13:39:04 -05:00
h00die f008f2aa8f working code 2017-06-16 08:24:54 -04:00
Brendan Coles 0e38823a8f Add NNTP Login Utility scanner module 2017-06-15 20:25:40 +00:00
William Vu 549f9e74d8 Fix AMT scanner for mangled HTML (no </p>)
Also stores proof using the correct :info for report_vuln (not :proof).
2017-06-14 16:54:32 -05:00
James Lee c1372456e2
Land #8326, support LLMNR ANY responses 2017-06-14 14:01:44 -05:00
Jeffrey Martin cbbb57d1a5
Land #8526, Refactor QNAP and airOS modules for creds 2017-06-12 14:46:11 -05:00
William Vu a40e7164d8 Refactor QNAP module for traditional creds 2017-06-12 14:41:58 -05:00
William Vu bb9d1a6768
Land #8507, Riverbed SteelHead VCX file read 2017-06-12 10:39:48 -05:00
Pearce Barry 704a1218fa
Land #8498, store more specific credential wordpress_directory_traversal_dos 2017-06-12 10:13:52 -05:00
Pearce Barry 80e91e9de2
Minor fixups. 2017-06-12 09:51:30 -05:00
h00die a349eb9a0d fixes per peer review 2017-06-10 14:29:53 -04:00
Brent Cook aa00661fd0
Land #8518, update CVE references where modules report_vuln 2017-06-08 13:38:12 -05:00
William Vu e22334343e Use store_valid_credential in my modules
I used report_note because using the creds API was a pain in the ass.
2017-06-08 00:57:51 -05:00
Jeffrey Martin b932aae82e
reference typo fix 2017-06-06 11:50:07 -05:00
Jeffrey Martin 1558db375d
update CVE reference in where modules report_vuln 2017-06-05 16:36:44 -05:00
Pearce Barry bc3b883758
Add docs, fix typo, add missing report mixin to avoid error. 2017-06-05 13:49:59 -05:00
Brent Cook a5805a55dc
make this a UDPScanner, rewrite 2017-06-05 12:39:48 -05:00
Pearce Barry 8c39c92245
Add description and loop capability. 2017-06-05 11:27:13 -05:00
Pearce Barry a571834c4d
Initial commit of rpcbomb DoS aux module.
This just brings the code in as-in, next step is to update to use our mixins and such.
2017-06-05 10:23:39 -05:00
h00die de86c5d991 add storing creds and loot name consistency 2017-06-04 17:46:43 -04:00
h00die ea5db9a039 working module 2017-06-02 23:09:19 -04:00
William Vu e7fa4c2d06
Land #8504, print_good for ipmi_dumphashes 2017-06-02 18:49:41 -05:00
Dylan Davis 34e9b2c04b Change ipmi_dumphashes to have non-verbose output, ever 2017-06-02 14:27:21 -06:00
Jeffrey Martin 2924318ca5
update java_rmi_server modules with CVE 2017-06-02 12:59:48 -05:00
Jeffrey Martin d68365d8df
store more specific credential wordpress_directory_traversal_dos 2017-05-31 18:55:35 -05:00
Brent Cook a01a2ead1a
Land #8467, Samba CVE-2017-7494 Improvements 2017-05-30 00:15:03 -05:00
h00die 5698896672
Land #8323 wordpress pre4.6 dos 2017-05-29 07:59:43 -04:00
Brendan Coles c811c6a8c0 Add PASS_FILE option 2017-05-28 23:26:51 +00:00
root 72a5142e37 Update directory traversal DoS module and docs 2017-05-29 00:30:23 +02:00
Brendan Coles 8fce94b3cd Add ScadaBR Credentials Dumper module 2017-05-28 01:24:53 +00:00
HD Moore eebfd9b7f2 Switch to the mixin-provided SMB share enumeration methods 2017-05-26 17:02:06 -05:00
root 9b9d2f2345 Final version of configurable depth 2017-05-26 16:23:22 +02:00
root 33ddef9303 Add documentation, add configurable depth path 2017-05-26 16:14:03 +02:00
juushya af4eafdf70 Updated module and doc 2017-05-24 06:33:08 +05:30
Pearce Barry a6f416e8df
Land #8290, Hwbridge Automotive Fix and Extension Enhancements 2017-05-19 13:46:54 -05:00
James Lee 4def7ce6cc
Land #8327, Simplify storing credentials 2017-05-18 16:49:01 -05:00
wchen-r7 11da7c7c81 Land #8394, Add Moxa Credential Recovery Module 2017-05-16 16:45:22 -05:00
wchen-r7 8025eb573a Enforce check
Because we are not able to get our hands on the hardware for testing,
and that this module may trigger a backtrace if the UDP server isn't
Moxa, we force check to make sure that doesn't happen.
2017-05-16 16:43:22 -05:00
wchen-r7 2d7f7f9aec Pass msftidy 2017-05-16 15:05:12 -05:00
wchen-r7 20b682b2e4 Land #8391, fix a typo in vmware_enum_permissions module description
orts
2017-05-16 09:33:26 -05:00
Patrick DeSantis 4a0535c2d0 add moxa credential recovery module 2017-05-16 10:21:44 -04:00
h00die b2f69e9018 spelling 2017-05-15 21:11:19 -04:00
William Vu bee36ca90f Fix edge case 2017-05-11 16:22:21 -05:00
William Vu 68f13808e7 Fix msftidy warnings for the WNR2000 module 2017-05-11 16:16:10 -05:00
James Lee d00685a802
Don't run a DoS during wmap scans 2017-05-10 14:41:24 -05:00
Brent Cook faf01ed5ef
Land #8353, add aux scanner for Intel AMT digest bypass 2017-05-09 18:45:21 -05:00
HD Moore f7ff840ef0 Add missing return, thanks bperry! 2017-05-08 14:08:59 -05:00
HD Moore 9392e48b72 Add a scanner for Intel AMT auth bypass (CVE-2017-5689) 2017-05-08 13:24:00 -05:00
Jeffrey Martin a1efa30fa2
comments adjustments & enum better 2017-05-08 11:57:06 -05:00
Brendan Coles 635a7a42e6 Update style lotus_domino_hashes 2017-05-07 16:37:48 +10:00
Jeffrey Martin e2fe70d531
convert store_valid_credential to named params 2017-05-05 18:23:15 -05:00
Jeffrey Martin 63b6ab5355
simplify valid credential storage 2017-05-04 22:51:40 -05:00
darkbushido 81bcf2ca70 updating all LHOST to use the new opt type 2017-05-04 12:57:50 -05:00
William Vu 64452de06d Fix msf/core and self.class msftidy warnings
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
Joe Testa cf74cb81a7 Removed unnecessary 'msf/core' include. 2017-05-03 09:02:05 -04:00
Joe Testa 012081eed2 Added support for ANY queries. Silently ignore unsupported queries instead of spamming stdout. 2017-05-01 17:28:56 -04:00
reanar 0b62a6478a Modification for Travis (remove require msf/core, and self.class in register) 2017-04-30 17:05:11 +02:00
reanar 3f348150c6 Modification of description 2017-04-30 16:38:39 +02:00
reanar 52ec448511 Add WordPress Directory Traversal DoS Module 2017-04-30 15:03:48 +02:00
William Vu 1a402ed1d8 Add arch to smb_ms17_010 DOUBLEPULSAR detection 2017-04-26 20:59:13 -05:00
Brent Cook f8792956ee fix one module for testing 2017-04-26 16:21:13 -05:00
Craig Smith 4019a14865 The local HWBridge now does not print out status for each URI request per default. This can be enabled by setting verbose to true.
Signed-off-by: Craig Smith <agent.craig@gmail.com>
2017-04-24 20:42:03 -07:00
Craig Smith 5537348e28 Addes Statistics support from the API. When typing status in a hardware bridge it will also print packet statistics.
Signed-off-by: Craig Smith <agent.craig@gmail.com>
2017-04-24 20:42:03 -07:00
zerosum0x0 55f01d3fc7 made the plugin less spammy with more vprintf 2017-04-24 13:33:05 -06:00
zerosum0x0 453ca6e3bf added OS printing on vulnerable systems 2017-04-24 13:20:44 -06:00
zerosum0x0 a69aba0eab added XOR Key calculation 2017-04-22 23:54:30 -06:00
zerosum0x0 8a77bf7b60 removed wrong comments 2017-04-21 08:27:13 -06:00
zerosum0x0 9fab64c60e added references 2017-04-20 15:22:37 -06:00
zerosum0x0 dd12afd717
added DoublePulsar detection 2017-04-20 15:03:29 -06:00
William Vu 942959f7e8
Land #8255, fixes for smb_ms17_010 2017-04-17 11:38:34 -05:00
Brent Cook 7b936b0012
Land #8184, convert IPMI protocol and modules to bindata 2017-04-17 07:40:15 -05:00
Brent Cook 6f70efcfa1 add module documentation 2017-04-17 07:39:43 -05:00
William Vu b1c7f1302b Fix report_vuln and prefer vprint_error 2017-04-17 02:48:56 -05:00
Brent Cook a9857eb1c2
Land #8099, Aux module to launch instances in AWS 2017-04-14 14:12:10 -05:00
Brent Cook 42122d2835
Land #8238, move SMB2 support back into smb_login, add simpler permissions checks 2017-04-14 14:06:46 -05:00
dmohanty-r7 d75f852d01
Land #8167, Add MS17-010 auxiliary detection module 2017-04-14 13:00:16 -05:00
David Maloney 91fb3ce6b8
collapse SMB2 support into smb_login
converge the SMB and SMB loginscanners so that
there is only one SMB loginscanner that supports both

MS-2636
2017-04-13 15:22:03 -05:00
David Maloney adeb4d10d7
smb2 login scanner admin check now working
we can now check for admin privs in the smb2
login scanner

MS-2636
2017-04-13 14:40:32 -05:00
William Webb c21d78b23b
Land #8186, Convert DNS Fuzzer to use bindata 2017-04-11 23:27:08 -05:00
William Webb c867b7e228
Land #8204, Add Cambian ePMP SNMP Configuration download 2017-04-11 10:59:13 -05:00
zerosum0x0 f7c8bd2464 add rescue for ::Rex::Proto::SMB::Exceptions::LoginError 2017-04-07 15:37:56 -06:00
juushya e65eacce49 Add Satel SenNet Command Exec Module 2017-04-07 02:22:11 +05:30
juushya 3c189f0cb0 Adding Cambium SNMP Loot module 2017-04-07 01:32:45 +05:30
Brent Cook 891e7e465e convert DNS fuzzer to bindata 2017-04-04 03:03:32 -05:00
Brent Cook 5f88971ca9 convert NTP modules to bindata 2017-04-04 02:57:38 -05:00
Brent Cook 46c7e822c8 convert IPMI protocol and modules to bindata 2017-04-04 02:44:17 -05:00
Brent Cook 98ffa4d380
Land #7652, add varnish cache CLI authentication scanner module 2017-04-02 21:52:45 -05:00
h00die a34c01ebd2
Land #8137 shodan honeyscore module 2017-04-02 21:37:36 -04:00
zerosum0x0 26fc6bc920 added report_vuln() 2017-04-01 21:48:19 -06:00
William Webb 035f37cf42
Land #8144, Add Moxa Device Discovery Scanner Module 2017-03-31 19:11:27 -05:00
William Webb f870f94fa9
Land #8163, Add Cambium ePMP Arbitrary Command Execution 2017-03-31 19:06:19 -05:00
zerosum0x0 4bd50b0ad2 Merge branch 'ms17-010' of github.com:RiskSense-Ops/metasploit-framework into ms17-010 2017-03-30 10:10:08 -06:00
zerosum0x0 a125566fc7
removed unnecessary arguments 2017-03-30 10:09:31 -06:00
Pearce Barry a13d6a7810
Land #8166, Add new SMB LoginScanner using RubySMB for SMB1/SMB2 Support 2017-03-30 11:08:17 -05:00
Pearce Barry ac83ff7e48
Land #8155, Style fixes for HWBridge RF and a couple small bug fixes 2017-03-29 20:37:13 -05:00
zerosum0x0 ef7de6d49e added MSB to description, moved a print statement 2017-03-29 17:43:49 -06:00
Carter 4bdbdc0e00 Fix response parsing 2017-03-29 18:21:12 -05:00
zerosum0x0 68f5c0e663
removed a print statement 2017-03-29 16:24:59 -06:00
zerosum0x0 7e6b8b02b8
replaced magic constant with setup_count 2017-03-29 15:37:28 -06:00
zerosum0x0 9923c39799
removed superfluous status 2017-03-29 15:32:29 -06:00
zerosum0x0 f0a1e12a7e
small typos 2017-03-29 15:30:35 -06:00
zerosum0x0 ffa376c514
added MS17-010 auxiliary detection module 2017-03-29 14:33:02 -06:00
David Maloney a571bcdba4
update module description 2017-03-29 13:58:36 -05:00
David Maloney 418e371e35
add SMB2 login scanner and module
add smb2_login module backed by an smb2
LoginScanner class. This is a temporary alternative
to smb_login until ruby_smb catches up more on feature parity

MS-2557
2017-03-29 11:36:33 -05:00
juushya 30896d1fab Add Cambium ePMP Arbitrary Command Execution Module 2017-03-28 00:17:36 +05:30
William Webb 66a585ab41
Land #8050, Add Cambium ePMP System Hash Dumper 2017-03-27 12:08:53 -05:00
William Webb 935c59306b
Land #7897, Add Cambium ePMP 1000 Device Configuration file dumper 2017-03-27 12:05:11 -05:00
William Webb d705949b37
Land #7784, Cambium ePMP 1000 Login Scanner 2017-03-27 12:01:56 -05:00
Pearce Barry 31c03840bb
Style fixes for HWBridge RF and a couple small bug fixes
I should have tweaked these earlier, my bad.
2017-03-26 13:45:19 -05:00
juushya dd7cf39678 updated references 2017-03-25 12:31:08 +05:30
juushya 63d88c159a updated references 2017-03-25 12:27:38 +05:30
juushya fd5e25bcc2 restored version check 2017-03-25 12:08:00 +05:30
Javier Godinez 68e4b8a855 Updated user data param to load aggregator 2017-03-24 22:58:04 -07:00
Carter 82ebbfb9a7 Fix msftidy warnings 2017-03-24 23:12:48 -04:00
Carter 3e2173d4f9 Add key length check and remove mixin
Also add a reference to the original honeyscore website
2017-03-24 22:33:09 -04:00
Carter 581d523d5b Fix things from review 2017-03-24 21:22:23 -04:00
dmohanty-r7 92c0748447
Land #8102, Add a plugin to notify new sessions via SMS 2017-03-24 11:17:59 -05:00
William Webb e04f01ed6b
Land #7778, RCE on Netgear WNR2000v5 2017-03-23 15:34:16 -05:00
Carter 8dd0f953b0 remove unnecessary require 2017-03-22 19:48:24 -04:00
Carter 420df11c44 Change up the way shodan is reached 2017-03-22 19:39:45 -04:00
Patrick DeSantis 2200c9faee Create moxa_discover.rb 2017-03-22 10:49:26 -04:00
Carter fa61d67761 Fix score comparison 2017-03-21 19:17:20 -04:00
Carter fef8ec10bc Fix author formatting 2017-03-21 13:23:41 -04:00
Carter d7640713df Add more checks and formatting 2017-03-21 13:23:06 -04:00
Carter 1f68a3bda6 Rename honeypot.rb to shodan_honeyscore.rb 2017-03-21 13:10:31 -04:00
Carter 79c7b84f08 Create honeypot.rb 2017-03-21 11:15:12 -04:00
Craig Smith 2fde287424 Initial patch for rftransceiver (RfCat / YardstickOne) 2017-03-20 17:36:16 -05:00
Pearce Barry 2acd941b16 Merge branch 'master' into dtc_fix 2017-03-20 14:10:01 -05:00
Pearce Barry 06ebb22a8f
Land #8065, Zigbee Hardware Bridge Extension 2017-03-20 10:44:15 -05:00
h00die 7bcd53d87d
Land #8079, exploit and aux for dnaLims 2017-03-20 11:08:05 -04:00
h00die fd5345a869 updates per pr 2017-03-20 10:40:43 -04:00
Brent Cook aa1e76f28e
Land #8128, ensure there is a response before deferencing 2017-03-19 22:17:31 -05:00
Javier Godinez 534ca8c5cb fix: URL encoding userdata 2017-03-18 21:52:49 -07:00
Javier Godinez 26d344a0ef Initial checkin of launch instances module 2017-03-18 21:52:49 -07:00
h00die f88a522bf5 fix #8121 2017-03-18 14:50:24 -04:00
h00die 06e6a973ce
land #7944 a scanner for Carlo Gavazzi energy meters 2017-03-18 10:35:43 -04:00
Brent Cook ea4ca7ecc5
Land #8116, Handle ::Errno::ECONNRESET in telnet_version 2017-03-17 12:32:02 -05:00
William Vu db6bc6c784
Land #8100, msfcrawler improvements
Does anyone use this anymore??
2017-03-16 21:31:23 -05:00
bwatters-r7 ab75794cd4
Land #8071, Add API to send an MMS message to mobile devices 2017-03-16 11:57:34 -05:00
wchen-r7 a1d7748d82 Fix #8061, Handle ::Errno::ECONNRESET in telnet_version
Fix #8061
2017-03-15 16:33:37 -05:00
wchen-r7 d4ee254057
Land #8076, Add Easy File Sharing FTP Server Version 3.6 traversal 2017-03-15 16:17:13 -05:00
wchen-r7 8afe6a9061 Update easy_file_sharing_ftp and add documentation 2017-03-15 16:14:41 -05:00
Brent Cook b65919e7b1
Land #7956, Add QNAP NAS/NVR administrator hash disclosure 2017-03-15 11:12:59 -05:00
William Vu 0a71e4a903 Update check with Exploit::CheckCode::Appears 2017-03-15 05:13:30 -05:00
William Vu 86d2217f4d Fix whitespace and clarify options 2017-03-15 04:27:30 -05:00
William Vu a0bff5c8c3 Bump RETRIES to 10
3 was a bit too low. I was using 10 and had more success with it.
2017-03-15 03:18:09 -05:00
wchen-r7 cf8b4a78fa
Bring branch up to date with upstream-master 2017-03-14 16:48:33 -05:00
wchen-r7 bb4d6e17c8 Resolve #8026, Add a plugin to notify new sessions via SMS
This plugin will notify you of a new session via SMS.

It also changes the SMS text format to MIME.

Resolve #8026
2017-03-13 16:13:59 -05:00
Jon P 665adec298 Patching storedb function (adding host/port/ssl for correct report_web_page) 2017-03-13 17:37:47 +01:00
William Vu 9f76b4d99c Change default RPORT to 443 with SSL
I never really tested port 80, so I wonder why I didn't change this.
Turns out 80 isn't even the vuln service. Welp. Hat tip @bcoles.
2017-03-12 21:03:31 -05:00
William Vu e7c920db44 Remove DEBEUG/print_debeug :( 2017-03-12 21:01:48 -05:00
William Vu d57b772ac9 Bump default RETRIES to 3 2017-03-12 21:00:38 -05:00
dmohanty-r7 25bfa88c46
Land #7877, Add mDNS query spoofing service 2017-03-10 15:44:57 -06:00
wchen-r7 ed22902fd4 Support the subject field 2017-03-08 11:40:08 -06:00
Craig Smith f60dae0917 Lots of syntax fixups from rubocop 2017-03-08 09:21:33 -08:00
Ahmed Elhady Mohamed 183be81ba8 Easy File Sharing FTP Server Directory Traversal 2017-03-08 17:59:27 +02:00
wchen-r7 e327f9b330 Update other module descriptions 2017-03-07 16:55:06 -06:00
wchen-r7 dc13b84189 Bring mms branch up to date w/ master 2017-03-07 16:13:39 -06:00
Jin Qian 7e19486a97
Merge branch 'wchen-r7-sms' into upstream-master
Merged #8047
2017-03-07 15:56:00 -06:00
wchen-r7 fbde0d18f2 Add auxiliary/client/mms/send_mms 2017-03-07 12:53:17 -06:00
Craig Smith 60cd04bc7b Added module for zstumbler 2017-03-06 16:10:14 -08:00
juushya 0b5da60564 Added nil check + formatting edits 2017-03-07 02:17:21 +05:30
juushya d99d81992f Added nil check + formatting edits 2017-03-07 02:16:01 +05:30
juushya 05efb61d3b Added nil check + formatting edits 2017-03-07 02:14:18 +05:30
juushya 62b0efd99d Added nil check + formatting edits 2017-03-07 01:44:23 +05:30
juushya 9a5ab604e5 Added nil check + formatting edits 2017-03-07 01:21:07 +05:30
juushya 2d8e3c73f5 Minor edits 2017-03-07 00:20:05 +05:30
juushya 3ab214e758 Minor edits 2017-03-07 00:03:24 +05:30
wchen-r7 a466dc44c6 Do exception handling for sms client 2017-03-06 10:54:08 -06:00
Pearce Barry b5afac6627
Per PR #8054, we don't need the OUTPUTPATH option here. 2017-03-03 16:20:01 -06:00
wchen-r7 48e06e27b0 Fix #8052, remove forgotten OUTPUTPATH option
Fix #8052
2017-03-03 12:00:07 -06:00
wchen-r7 6ad8afb8b3 Add API to send a text message (SMS) to mobile devices 2017-03-02 16:47:55 -06:00
juushya e8460c3b94 Minor edit 2017-03-03 02:37:20 +05:30
juushya fafd35330d Add epmp1000 dump hashes module 2017-03-03 02:22:34 +05:30
juushya c6e65b1521 Minor edits 2017-03-03 02:00:19 +05:30
juushya 6bd09c142f Minor edits 2017-03-03 00:53:17 +05:30
juushya c9a354b844 Added nil checks 2017-03-01 20:18:51 +05:30
Craig Smith dcb42a3e69 Initial zigbee support using killerbee. Core session setup portion 2017-02-27 17:29:54 -08:00
wchen-r7 69c7b0168c Restore USERNAME and PASSWORD options for owa_login
Requested by our own pentesters, the username & password options
should be restored so users can more easily try one password but
multiple users.
2017-02-27 15:04:06 -06:00
William Vu 634753f985 Add QNAP admin hash "disclosure" 2017-02-24 19:18:30 -06:00
James Barnett 2631259919 Land #7973, Enable cert validation for Nexpose
This PR enables connection to a Nexpose console using the
nexpose client gem.

It also allows you to connect using a trusted certificate
instead of simply overriding the SSL validation.
2017-02-24 14:27:24 -06:00
h00die 43550b8cdf fixing line length 2017-02-23 19:55:23 -05:00
h00die 041238f77c
land #7896 Binom3 power meter scanner and brute 2017-02-23 19:49:50 -05:00
bwatters-r7 40e6413867
Land #7980, Add a sploit for CVE-2017-5982, kodi file traversal 2017-02-22 13:11:48 -06:00
Jan-Erik Rediger 49da6289a9 Fix typo in smtp fuzzer 2017-02-20 21:47:59 +01:00
jvoisin 73eed104a9 Take into account @h00die's comments. 2017-02-20 13:22:20 +01:00
jvoisin 7bd6aff1cf Add a sploit for CVE-2017-5982 2017-02-19 21:57:27 +01:00
Brent Cook 24151a9c27
Land #7753, Add auxiliary RomPager misfortune cookie authentication bypass 2017-02-17 18:07:15 -06:00
Brent Cook e4c324c988
Land #7941, treat a user with no mailbox as a valid credential anyway 2017-02-17 17:09:57 -06:00
Jeffrey Martin cbfe18e4d7
use certificates in nexpose 2017-02-16 14:34:02 -06:00
aushack 3b386f86f6 Typo fix. 2017-02-14 17:05:46 +11:00
juushya e6bfbb7c78 Added random cookie gen, res checks, & minor updates 2017-02-12 16:55:11 +05:30
juushya 906ca6c24e Add Carlo Gavazzi module 2017-02-11 11:18:43 +05:30
James Barnett 94a234e5bf
Specify sname as http/https to keep with standards throughout the code. 2017-02-10 17:31:08 -06:00
jakxx 58779f0aaf owa_login no mailbox bugfix
The owa_login module currently misses a success condition where the
creds are valid but there is no mailbox setup. This commit adds the
check for the condition for OWA 2013.
2017-02-09 21:35:58 -05:00
wchen-r7 4a9a8adaa1
Land #7928, http_version now stores the fingerprints 2017-02-09 16:28:51 -06:00
James Lee 4f13bde471
Override `empty?` for the weird ones
Fixes #7899
2017-02-09 14:57:20 -06:00
Christian Mehlmauer 8ade9b8aae
Land #7905, WordPress content injection module 2017-02-09 15:49:50 +01:00
William Vu cf395ea7b1 Make error checks more consistent 2017-02-08 18:00:44 -06:00
William Vu 0d56676690 Add error check for listing posts 2017-02-08 17:13:12 -06:00
Spencer McIntyre cba5e266f8
Land #7916, module for netgear password disclosure 2017-02-08 15:48:55 -05:00
Carter e7b421e226 Update netgear_password_disclosure.rb 2017-02-08 13:40:11 -05:00
William Vu 766e7b013d Once more, with feeling 2017-02-08 09:17:37 -06:00
William Vu a71b097e6b Revert status iteration, since it doesn't work
Also.
2017-02-08 09:13:42 -06:00
Carter fd935c8e3c Update netgear_password_disclosure.rb 2017-02-08 09:14:39 -05:00
William Vu 6b2a995a7d Revert AutoPublish, since it doesn't work
Apparently.
2017-02-08 07:43:17 -06:00
William Vu df38a91fbd Be nice and parse JSON for the error 2017-02-08 07:37:09 -06:00
Carter 2dfff95669 Fix msftidy warning 2017-02-08 08:28:23 -05:00
William Vu befe224c58 Use wordpress_and_online? before actions 2017-02-08 07:24:57 -06:00
William Vu 46ab03f528 Add SearchTerm to filter listed posts 2017-02-08 06:10:46 -06:00
William Vu 064420075f Update diagnostics and print better header 2017-02-08 04:54:25 -06:00
William Vu 6df55c9733 Gotta catch 'em (post statuses) all 2017-02-08 04:31:06 -06:00
William Vu 7583d050b7 Add AutoPublish to publish updated posts 2017-02-08 04:01:42 -06:00
William Vu e480107bd5 Add PostCount (default 100) to list more posts 2017-02-08 03:52:20 -06:00
William Vu 13f4b0d7ae Be more specific with invalid post ID 2017-02-08 02:18:52 -06:00
Carter c16b7e42a6 Fix review stuff 2017-02-07 21:41:38 -05:00
Carter 46fbc9dd3f Fix some formatting 2017-02-07 21:32:19 -05:00
William Vu 6f4ff89218 Add WPVDB reference 2017-02-07 18:33:58 -06:00
jvoisin 96f7b2e245 http_version now store the fngerprints
Currently, the `http_version` module doesn't store the fingerprints
into the database; this commit should fix this behaviour.
2017-02-07 18:36:36 +01:00
Carter f4580a2616 Add token value check
Sometimes it wouldn't return creds if the token is 0. It usually works after running it another time.
2017-02-07 10:53:25 -05:00
Carter c1f9b724cf Maybe fix syntax error 2017-02-07 10:36:05 -05:00
William Vu b4056a110b Print diagnostics if no posts found/given 2017-02-07 04:37:05 -06:00
William Vu e1ade9caf8
Land #7910, closed ports fix for TCP portscan 2017-02-07 02:23:15 -06:00
Carter 00050abb73 Fix msftidy warnings 2017-02-06 22:06:50 -05:00
Carter 1f2a95c202 Use html parser instead of regex 2017-02-06 22:03:56 -05:00
Carter 115c60446e Fix weird if loop in check 2017-02-06 17:30:49 -05:00
Carter 6ebdbc3f81 Fix some stuff from review
I'm going to change the HTML Regex to a parser a bit later, I don't have time right now
2017-02-06 17:29:39 -05:00
h00die f531366d89
Land #7790 an aux module to extract Meteocontrol Weblog admin password 2017-02-06 15:23:06 -05:00
Carter 9b4ca31432 Fix typo 2017-02-06 12:52:41 -05:00
Carter 52cf9c44df Update netgear_password_disclosure.rb 2017-02-06 12:43:31 -05:00
Carter 16c6480629 Add response checks
I can't test this right now as I'm not at a computer that has metasploit installed, but I'll test it when I get a chance to.
2017-02-06 12:10:01 -05:00
Carter f5450a718a Add TARGETURI datastore option 2017-02-06 11:54:29 -05:00
Carter 99227aca1a Fix things from review 2017-02-06 09:44:35 -05:00
William Vu 8af966a132 Add WordPress content injection module 2017-02-06 04:40:26 -06:00
Carter fb7e5ff847 Fix more msftidy warnings 2017-02-05 14:00:05 -05:00
Carter f08590982c Fix some msftidy warnings 2017-02-05 13:58:01 -05:00
Carter 609ea3700a Create netgear_password_disclosure.rb 2017-02-05 13:39:58 -05:00
MatToufoutu db77061719 do not add closed ports to database 2017-02-04 16:24:40 +01:00
juushya d305f895ff Fixed a typo space 2017-02-04 11:59:45 +05:30
juushya 36416c20cb Updated check for extract fail case now + Minor edits 2017-02-04 03:00:31 +05:30
juushya 34b861403e Minor updates 2017-02-04 01:44:18 +05:30
Pearce Barry 23c2787d57
Land #7795, Hardware Bridge API.
Initial bridge API that supports the HW rest protocol.
2017-02-02 08:47:59 -06:00
Pearce Barry 16de745437
Minor code cleanups/corrections. 2017-02-01 16:12:45 -06:00
juushya 58a50d7dd1 Minor edits 2017-02-01 04:46:05 +05:30
juushya 6d6db2f40f Add epmp1000 dump config module 2017-02-01 04:42:47 +05:30
juushya 20a51371ce Minor Edits 2017-02-01 04:23:28 +05:30
juushya 423648e347 Minor edits 2017-02-01 03:53:14 +05:30
juushya 82d2777417 Minor update 2017-02-01 03:44:50 +05:30
juushya 59e31e26f2 Add Binom3 module 2017-02-01 03:35:35 +05:30
Pedro Ribeiro d5845343bd Fix whitespace, thanks msftidy! 2017-01-30 10:15:20 +00:00
Pedro Ribeiro fd6e10bf26 Add CVE numbers 2017-01-30 10:03:13 +00:00
Brent Cook 3c9b1be649
Land #7883, Fix cisco_firepower_download to pass the username properly 2017-01-27 16:31:06 -06:00
Brent Cook 4480ea7877
Land #7827, Cisco Firepower Management Console LoginScanner 2017-01-27 16:26:40 -06:00
Brent Cook 171cc7d54e slight wording tweak 2017-01-27 16:26:23 -06:00
wchen-r7 e6de951e3e Fix cisco_firepower_download to pass the username properly 2017-01-27 16:25:34 -06:00
Brent Cook a4dd1fc846
Land #7805, Add CVE-2016-6435 - Cisco Firepower Management Console Dir Traversal 2017-01-27 16:09:14 -06:00
h00die f846535d78
Land #7876 which adds an Advantech Webaccess credential gatherer 2017-01-26 19:37:36 -05:00