Commit Graph

926 Commits (3577a364be80008f33d9b902e9ea3f6a3257173c)

Author SHA1 Message Date
Matt Andreko df8c80e3d1 Added CVE and disclosure date 2013-06-17 17:40:36 -04:00
jvazquez-r7 2e201bb2a3 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-16 15:19:36 -05:00
jvazquez-r7 d20f72a9fd Fix indentation 2013-06-16 15:18:19 -05:00
jvazquez-r7 3cd94f5025 Do final cleanup for infovista_enum 2013-06-16 11:50:40 -05:00
Matt Andreko fd026c5b34 Added References and Disclosure Date 2013-06-15 18:31:20 -04:00
jvazquez-r7 11bf17b0d6 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-15 11:55:22 -05:00
KarnGaneshen ba59434261 added infovista module 2013-06-15 17:16:26 +05:30
jvazquez-r7 7a11077834 Land #1923, @juushya's module for rfcode brute forcing 2013-06-14 13:36:14 -05:00
jvazquez-r7 ae027a9efb Final cleanup for rfcode_reader_enum 2013-06-14 13:09:48 -05:00
KarnGaneshen 6188df1b3a added note :type - Info. This is mandatory field for report_note. also, vprint statements seem to be adding an extra space with a hyphen. kinda make print dis-aligned than other regular print_* statements. changed -> to -, removed ' from '#{user/pass}'. works fine. msftidy check. module load check. pcap taken. 2013-06-13 14:03:55 +05:30
jvazquez-r7 0b9cf213df Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-12 12:03:10 -05:00
KarnGaneshen 871f1b7c1f updated prints with ip-port reference. msftidy check. module load check. go rf reader.. 2013-06-12 00:53:58 +05:30
KarnGaneshen 736bf120d9 added sname in report data, corrected :host to rhost, :port to rport. msftidy check. module load check. upping it. 2013-06-12 00:25:50 +05:30
jvazquez-r7 0578572d98 Change sevone_enum because it's an Scanner 2013-06-11 08:51:15 -05:00
KarnGaneshen 5c078f5139 added report_note to store collected info. removed register rport for 80t. msftidy & module load checked. pushing it up. 2013-06-11 12:57:26 +05:30
jvazquez-r7 c641184e37 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-10 13:30:36 -05:00
jvazquez-r7 0c6dbe9885 Add final cleanup for sevone_enum 2013-06-10 13:16:22 -05:00
KarnGaneshen 72a9c8612b setting rfcode_reader_enum straight. more updates. 2013-06-10 22:57:00 +05:30
KarnGaneshen 5c988d99fe more updates to sevone.rb. hopefully all is covered.. 2013-06-10 21:59:18 +05:30
KarnGaneshen 04171c46ec more updates to sevone.rb. hopefully all is covered. 2013-06-10 21:47:56 +05:30
Karn Ganeshen ffa18d413f Updated rfcode_reader_enum.rb ...
Updated as per review comments. 
Removed loot of network configuration.
Used JSON.parse to bring cleaner loot output
Changed some print_goods to vprint_status
Changed if not to unless
2013-06-08 03:21:43 +05:30
Karn Ganeshen 74bddcf339 Update sevone_enum.rb
New updates as per review comments
2013-06-08 02:28:09 +05:30
Karn Ganeshen 1ca8fd2cf1 Update sevone_enum.rb
Updated as per initial review comments.
2013-06-08 01:14:43 +05:30
Karn Ganeshen eb0ae6ed27 Update rfcode_reader_enum.rb
Updated as per review comments
2013-06-08 01:00:18 +05:30
Karn Ganeshen 6b8e6b3f0c Create rfcode_reader_enum.rb
Adding new aux - RFCode Reader Web interface Login Brute Force & Config Capture Utility
2013-06-07 23:53:09 +05:30
Karn Ganeshen fcc600aa3e Create sevone_enum.rb
Adding new aux - SevOne Network Performance Management System application version enumeration and brute force login Utility
2013-06-07 23:39:22 +05:30
jvazquez-r7 e5a17ba227 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-05 09:41:23 -05:00
sinn3r a3b25fd7c9 Land #1909 - Novell Zenworks Mobile Device Managment exploit & auxiliary 2013-06-05 02:45:45 -05:00
sinn3r 307773b6a1 Extra space - die! 2013-06-05 02:44:56 -05:00
sinn3r 0c1d46c465 Add more references 2013-06-05 02:43:43 -05:00
sinn3r 5d90c6cd71 Make msftidy happy 2013-06-05 02:11:23 -05:00
sinn3r ca5155f01d Final touchup novell_mdm_creds 2013-06-05 02:08:55 -05:00
sinn3r a5a3f40394 Report auth info 2013-06-05 02:06:32 -05:00
steponequit ed4766dc46 initial commit of novell mdm modules 2013-06-04 09:20:10 -07:00
jvazquez-r7 4079484968 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-03 15:27:36 -05:00
CG 571b62d19d svn scanner added print_good and rport 2013-06-02 18:05:11 -04:00
jvazquez-r7 9d91596e46 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-29 16:21:32 -05:00
Tod Beardsley 10d8bebe73 Start with a random username to test 401 codes
SeeRM #7991

While this fixes the specific case of tomcat_mgr_login, it doesn't
address the general case where modules are attempting to test code 401
responses in order to determine if bruteforcing should continue.
2013-05-29 12:36:28 -05:00
jvazquez-r7 aa688c4313 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-29 10:47:04 -05:00
Samuel Huckins f0e3b0c124 Merge pull request #1836 from dmaloney-r7/bug/anyuser_anypass_http
Verified MSF specs passing, Pro on develop functional tests working (ran Bruteforce, saw normal and verbose output concerning that bruteforce was skipped for such a case and why, verified no cred saved with 'anyuser' user).
2013-05-29 07:44:18 -07:00
jvazquez-r7 6401d557fd Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-28 19:57:16 -05:00
jvazquez-r7 96888455a7 Add new signature for CF9 2013-05-28 16:04:08 -05:00
sinn3r a6a46f82bb Updates the description a little bit 2013-05-28 14:31:56 -05:00
sinn3r e4e5edc619 Looks like we don't need to check MD5, let's keep it that way then. 2013-05-28 14:31:15 -05:00
sinn3r 8ab90e657c Adds a check for Cold Fusion 10 2013-05-28 14:21:29 -05:00
Matt Andreko 5695994432 Added module to enumerate Canon printer Wifi settings 2013-05-27 18:02:37 -04:00
jvazquez-r7 094a5f1b18 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-26 16:03:33 -05:00
Matt Andreko ea7805d3c8 Fixed a bug in the HSTS module around null headers 2013-05-23 15:02:39 -04:00
dmaloney-r7 ee28a3a8d7 Update http_login.rb
add parens around conditional to make bikeshed prettier
2013-05-21 11:28:23 -05:00
David Maloney 4503a7af50 Don't save creds of anyuser:anypass
If http accepts any user and any pass, it's not a real auth
there is no reason to create cred objects for this.
These creds have been confusing our users
2013-05-16 10:25:32 -05:00
jvazquez-r7 38e41f20fe Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-24 13:24:13 -05:00
sinn3r cae30bec23 Clean up all the whitespace found 2013-04-23 18:27:11 -05:00
jvazquez-r7 d1c5179b83 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-19 17:48:12 -05:00
jvazquez-r7 c7fcd6931a Use vprint_error 2013-04-19 16:22:07 -05:00
Christian Mehlmauer eaff87879e added text 2013-04-19 22:03:05 +02:00
Christian Mehlmauer a6be72b019 fixes for mediawiki aux module 2013-04-19 21:43:12 +02:00
jvazquez-r7 d4fa2ba96d Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-19 14:14:36 -05:00
jvazquez-r7 31586770a0 Added module for OSVDB 92490 2013-04-18 14:34:02 -05:00
jvazquez-r7 cc35591723 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-15 17:43:15 -05:00
Tod Beardsley a36c6d2434 Lands #1730, adds a VERBOSE option checker
Also removes VERBOSE options from extant modules. There were only 5 of
them, and one was a commented option.
2013-04-15 15:32:56 -05:00
Tod Beardsley 29101bad41 Removing VERBOSE offenders 2013-04-15 15:29:56 -05:00
jvazquez-r7 79620ed660 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-09 17:12:16 +02:00
Tod Beardsley ba86e14d43 Whitespace and caps fixes 2013-04-09 08:57:53 -05:00
jvazquez-r7 d65bf8bab9 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-08 18:19:41 +02:00
sinn3r d24371eaff Merge branch 'hp_imc_reportimgservlt_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_reportimgservlt_traversal 2013-04-08 10:18:30 -05:00
sinn3r 1b5c34db1a Merge branch 'hp_imc_ictdownloadservlet_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_ictdownloadservlet_traversal 2013-04-08 10:17:19 -05:00
sinn3r 11253c8f3e Merge branch 'hp_imc_faultdownloadservlet_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_faultdownloadservlet_traversal 2013-04-08 10:16:52 -05:00
jvazquez-r7 daba48035d fix DEPTH description and basename 2013-04-05 11:05:46 +02:00
jvazquez-r7 b6edad1f1d fix DEPTH description and basename 2013-04-05 11:04:43 +02:00
jvazquez-r7 d163e96d6a fix DEPTH description and basename 2013-04-05 11:02:59 +02:00
jvazquez-r7 d823f724cd Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-04 22:16:35 +02:00
jvazquez-r7 30f44c3a24 final cleanup for dlink_dir_615h_http_login 2013-04-04 22:02:45 +02:00
jvazquez-r7 8f60d12e46 Merge branch 'dlink_login_dir_615H' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink_login_dir_615H 2013-04-04 22:01:49 +02:00
jvazquez-r7 b75d038fc2 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-04 21:54:36 +02:00
jvazquez-r7 7d1e9af728 final cleanup for dlink_dir_session_cgi_http_login 2013-04-04 21:41:42 +02:00
jvazquez-r7 0b9fe53919 module filename changed 2013-04-04 21:41:10 +02:00
jvazquez-r7 6ec6638568 Merge branch 'dlink_login_dir_300B_600B' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink_login_dir_300B_600B 2013-04-04 21:40:21 +02:00
jvazquez-r7 498a0dc309 final cleanup for dlink_dir_300_615_http_login 2013-04-04 21:15:22 +02:00
jvazquez-r7 cff70e41be Merge branch 'dlink_login' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink_login 2013-04-04 21:14:56 +02:00
m-1-k-3 7b4cdf4671 make msftidy happy 2013-04-04 13:22:01 +02:00
m-1-k-3 78c492da20 is_dlink, more feedback included, msftidy 2013-04-04 13:18:32 +02:00
m-1-k-3 2f96a673cd is_dlink, more feedback included 2013-04-04 13:17:45 +02:00
m-1-k-3 64f3e68310 is_dlink and some more feedback included 2013-04-04 13:01:18 +02:00
jvazquez-r7 89de9fdf22 cleanup for dlink_dir_300_615_http_login 2013-04-03 10:04:01 +02:00
jvazquez-r7 b4b3c82c86 delete space 2013-04-03 00:31:00 +02:00
jvazquez-r7 54120a2d3a delete space 2013-04-03 00:30:24 +02:00
jvazquez-r7 85d9e3e9ee delete space 2013-04-03 00:29:38 +02:00
jvazquez-r7 0b4eab2499 added module for ZDI-13-053 2013-04-03 00:24:11 +02:00
jvazquez-r7 018e147063 added module for ZDI-13-052 2013-04-03 00:22:38 +02:00
jvazquez-r7 dc17b4931c added module for ZDI-13-051 2013-04-03 00:21:01 +02:00
jvazquez-r7 070fd399f2 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-31 20:23:08 +02:00
m-1-k-3 587170ae52 fixed author details - next try 2013-03-30 12:43:55 +01:00
m-1-k-3 1d6184cd63 fixed author details 2013-03-30 12:41:31 +01:00
m-1-k-3 8032a33cd5 report_auth_info - proof 2013-03-29 22:06:25 +01:00
m-1-k-3 1156194a6b feedback included, server fingerprinting 2013-03-29 22:04:22 +01:00
m-1-k-3 2b4d6eb455 feedback included, server header check 2013-03-29 21:30:45 +01:00
m-1-k-3 b6a50da394 feedback included, server header check 2013-03-29 21:20:51 +01:00
m-1-k-3 aa981cc991 DIR-645 also working 2013-03-27 12:11:14 +01:00
m-1-k-3 615aa57399 Dlink DIR615 HW rev B login module 2013-03-27 09:26:23 +01:00
m-1-k-3 680b551215 default to user admin 2013-03-27 08:59:19 +01:00
m-1-k-3 032214fb1d default to user admin 2013-03-27 08:49:04 +01:00
m-1-k-3 e1a719a6c0 http login module for DLink DIR300revB, DIR600revB, DIR815 2013-03-26 20:57:24 +01:00
m-1-k-3 c4fe21865c user fix 2013-03-26 20:15:19 +01:00
jvazquez-r7 3c12459703 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-25 19:33:36 +01:00
jvazquez-r7 9717a8c3b4 cleanup for tplink_traversal_noauth 2013-03-25 19:20:18 +01:00
jvazquez-r7 543b401a55 Merge branch 'tplink-traversal' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-tplink-traversal 2013-03-25 19:18:53 +01:00
jvazquez-r7 393d5d8bf5 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-25 19:09:42 +01:00
sinn3r dcce23d23d Merge branch 'bugs/tomcat_enum-double_check' of github.com:neinwechter/metasploit-framework into neinwechter-bugs/tomcat_enum-double_check 2013-03-25 12:19:52 -05:00
Nathan Einwechter aad0eed485 Fix whitespace EOL 2013-03-25 13:00:37 -04:00
Nathan Einwechter 3f79b2fd3b Use :abort for scanner mixin 2013-03-25 12:59:18 -04:00
sinn3r 0d56da0511 Merge branch 'netgear-sph200d' of github.com:m-1-k-3/metasploit-framework into m-1-k-3-netgear-sph200d 2013-03-25 11:45:40 -05:00
Nathan Einwechter 99fe2a33d7 Deregister USER_AS_PASS and stop on connect error 2013-03-25 12:35:52 -04:00
jvazquez-r7 53b862300e cleanup for linksys_e1500_traversal 2013-03-25 17:33:38 +01:00
jvazquez-r7 ea804d433e change file name 2013-03-25 17:33:16 +01:00
m-1-k-3 e57498190b dlink dir 300/600 login module - initial commit 2013-03-25 08:48:24 +01:00
m-1-k-3 7ff9c70e38 10 to 0 is good :) 2013-03-23 22:46:26 +01:00
m-1-k-3 47d458a294 replacement of the netgear-sph200d module 2013-03-23 22:40:32 +01:00
m-1-k-3 bd522a03e3 replace module to the scanner directory 2013-03-23 22:29:44 +01:00
m-1-k-3 8f59999f82 replace module to the scanner directory 2013-03-23 22:25:04 +01:00
jvazquez-r7 b498bf9b71 up to date 2013-03-12 16:50:35 +01:00
jvazquez-r7 074ea7dee4 Merge branch 'ssl' of https://github.com/luh2/metasploit-framework into luh2-ssl 2013-03-11 15:36:20 +01:00
James Lee 2160718250 Fix file header comment
[See #1555]
2013-03-07 17:53:19 -06:00
David Maloney 71ba044d03 remove debugging aid 2013-03-04 11:25:34 -06:00
David Maloney 6dcca7df78 Remove duplicated header issues
Headers were getting duped back into client config, causing invalid
requests to be sent out
2013-03-04 11:24:26 -06:00
David Maloney 4212c36566 Fix up basic auth madness 2013-03-01 11:59:02 -06:00
James Lee d3b3587660 Merge branch 'rapid7' into dmaloney-r7-feature/http/authv2 2013-02-27 14:01:57 -06:00
J.Townsend cbce1bdff2 update module description
This adds the version of wordpress the issue was fixed in to the description
2013-02-26 00:24:46 +00:00
James Lee 1ce86b7adb Whitespace 2013-02-25 14:29:10 -06:00
David Maloney 0ae489b37b last of revert-merge snaffu 2013-02-19 23:16:46 -06:00
jvazquez-r7 a19da61177 deleting trailing comma 2013-02-16 00:53:28 +01:00
sinn3r 4eca6e5502 Merge branch 'feature/web_crawler_skip_paths' of github.com:tasos-r7/metasploit-framework into tasos-r7-feature/web_crawler_skip_paths 2013-02-13 14:07:20 -06:00
jvazquez-r7 167f5970c1 minor cleanup for rails_json_yaml_scanner 2013-02-13 00:07:58 +01:00
jvazquez-r7 3e2a368823 Merge branch 'rails_json_yaml_scanner' of https://github.com/jjarmoc/metasploit-framework into jjarmoc-rails_json_yaml_scanner 2013-02-13 00:07:11 +01:00
Jeff Jarmoc 846052a34d s/URIPATH/TARGETURI/g per @jvasquez-r7 comments on another pull. 2013-02-12 15:13:06 -06:00
Tasos Laskos f2cf4304d2 Merge remote-tracking branch 'upstream/master' into feature/web_crawler_skip_paths 2013-02-12 22:10:40 +02:00
Tasos Laskos 9efd3f6c5e scanner/http/crawler: added ExcludePathPatterns opt
Option 'ExcludePathPatterns' allows users to specify which paths should
be excluded from the crawl (and which forms to ignore) by passing a
list of patterns (only allows '*' wildcards).
2013-02-12 21:47:12 +02:00
Tod Beardsley 8ddc19e842 Unmerge #1476 and #1444
In that order. #1476 was an attempt to salvage the functionality, but
sinn3r found some more bugs. So, undoing that, and undoing #1444 as
well.

First, do no harm. It's obvious we cannot be making sweeping changes in
libraries like this without a minimum of testing available. #1478 starts
to address that, by the way.

FixRM #7752
2013-02-11 20:49:55 -06:00
Jeff Jarmoc ddd7d307e6 Add a scanner aux module for Rails JSON/YAML vuln CVE-2013-0333 2013-02-11 16:48:44 -06:00
David Maloney a43b902b5c Fix tomcat_mgr_login auth 2013-02-11 12:00:40 -06:00
sinn3r 7370d7d31b Final touchup 2013-02-08 18:21:06 -06:00
Spencer McIntyre 7522a87cf9 Adding an auxiliary scanner module for Titan FTP password disclosure. 2013-02-08 15:43:02 -05:00
James Lee 5b3b0a8b6d Merge branch 'dmaloney-r7-http/auth_methods' into rapid7 2013-02-08 12:45:35 -06:00
sinn3r 035e8b7100 Merge branch 'groupwise_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-groupwise_traversal 2013-02-07 17:33:34 -06:00
jvazquez-r7 e9912496d8 nice check learned from sinn3r 2013-02-07 22:05:39 +01:00
jvazquez-r7 0d3c32b0a4 Added module for CVE-2012-0419 2013-02-07 21:15:49 +01:00
sinn3r 7f746e1caa That's what he said. 2013-02-07 11:13:18 -06:00
sinn3r d554c3a56a Don't really need the bottom comment 2013-02-07 10:46:42 -06:00
sinn3r 98559d4d51 Do a check and make sure this is Simple Web Server 2013-02-07 10:45:53 -06:00
sinn3r b11f052746 Allow arbitrary depth 2013-02-07 10:32:29 -06:00
sinn3r a3264e18e2 There aint no fail_with(), must use print_error 2013-02-07 10:30:17 -06:00
sinn3r b09f819e4b Add Simple Web Server dir traversal 2013-02-06 17:02:07 -06:00
James Lee 1095fe198b Merge branch 'rapid7' into dmaloney-r7-http/auth_methods 2013-02-06 16:57:50 -06:00
Jeff Jarmoc 39cafd0cde Use OptEnum instead of OptString 2013-02-04 15:08:34 -06:00
David Maloney 4c1e630bf3 BasicAuth datastore cleanup
cleanup all the old BasicAuth datastore options
2013-02-04 13:02:26 -06:00
David Maloney 8b1febb4cf add myself to the blame list for the module =P 2013-02-04 12:32:43 -06:00
David Maloney 9497e38ef7 Fix http login scanner
Fix the http_login scanner to use new buitin auth
2013-02-04 12:31:19 -06:00
Jeff Jarmoc 5e0c18af2f adding self to credits 2013-02-03 16:14:42 -06:00
Jeff Jarmoc 57c8e41846 Re-order probes and checks.
This causes module to exit if error conditions are found, before sending unecessary probes.
2013-02-03 16:10:46 -06:00
Jeff Jarmoc 8dff427776 Allow 4xx codes, display codes in verbose output 2013-02-03 16:07:07 -06:00
Jeff Jarmoc 810470de3b Make HTTP_METHOD Configurable 2013-02-03 16:05:45 -06:00
David Maloney 5814c59620 move httpauth to mixin
HttpAuth stuff gets it's own little mixin
mix it in to Exploit::Http::Client
mix in it to Auxiliary::Web::HTTP
2013-02-01 15:12:10 -06:00
egypt 5332e80ae9 Fix errant use of .to_s instead of .path 2013-01-31 14:18:42 -06:00
sinn3r c174e6a208 Correctly use normalize_uri()
normalize_uri() should be used when you're joining URIs.  Because if
you're merging URIs after it's normalized, you could get double
slashes again.
2013-01-30 23:23:41 -06:00
Tod Beardsley b1f8b87f14 Chmod -x the joomla modules. Also fix a title typo
joomla_pages was incorrectly titled as "Joomla Version Scanner," which
of course is actually joomla_version.
2013-01-29 17:02:43 -06:00
sinn3r 1ea1ad3166 Fix the forgotten path() 2013-01-28 14:48:22 -06:00
sinn3r 690ef85ac1 Fix trailing slash problem
These modules require the target URI to be a directory path. So
if you remove the trailing slash, the web server might return a
301 or 404 instead of 200.

Related to: [SeeRM: #7727]
2013-01-28 13:19:31 -06:00
jvazquez-r7 01b7e3554e fix issue found by newpid0 2013-01-25 22:05:09 +01:00
jvazquez-r7 d0ecb617c3 Merge branch 'joomla-scanner' of https://github.com/Newpid0/metasploit-framework into Newpid0-joomla-scanner 2013-01-25 21:47:05 +01:00
jvazquez-r7 d6e9f891ea Proposal for joomla-scanner 2013-01-25 20:44:49 +01:00
f8lerror dd1ce34ecc Made recommended changes removed short timeout added returns and other small changes 2013-01-24 17:04:22 -05:00
sinn3r af3a1db4c1 Make better use of ruby regex 2013-01-24 14:16:01 -06:00
sinn3r 077c04d13a Merge branch 'feature/rm6822-cold_fusion_version' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-feature/rm6822-cold_fusion_version 2013-01-24 13:51:27 -06:00
f8lerror 6cdb1a80de Remove app from fingerprint and blank line 2013-01-24 09:47:20 -05:00
f8lerror bf2b01f8ef Delete a file and strip space 2013-01-24 09:30:04 -05:00
f8lerror 6e94c04a52 Code Corrections and Enhancements 2013-01-23 20:26:23 -05:00
sinn3r 5cfabb0443 Apply the changes I suggested before 2013-01-23 00:15:09 -06:00
sinn3r 1e39c31cc2 Merge branch 'feature/rm6822-coldfusion_locale_traversal' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-feature/rm6822-coldfusion_locale_traversal 2013-01-23 00:06:35 -06:00
f8lerror 5cfe58e8d5 General code review and corrections 2013-01-20 22:33:04 -05:00
Christian Mehlmauer e613c860a5 Added Name and Emailadress 2013-01-17 23:17:14 +01:00
Tod Beardsley a43b218917 Line full of whitespace 2013-01-17 12:43:06 -08:00
f8lerror 0b61d28e0e added Joomla scanner and url wordlist 2013-01-17 11:36:59 -05:00
lmercer a701b5eb79 fixed an error that occurred when patching. 2013-01-16 18:21:19 -05:00
lmercer ddd2dbc17b Updated coldfusion_local_traversal as described in Redmine Feature #6822 2013-01-16 17:54:15 -05:00
lmercer 481f2eb791 updated cold_fusion_version from Redmine Feature #6822 2013-01-16 17:23:35 -05:00
sinn3r 9dc42e93e7 Reduce unnecessary indent level 2013-01-15 14:36:41 -06:00
sinn3r 5109cc97fe Add more verbs
[SeeRM: #7138] by jabra
2013-01-15 14:11:53 -06:00
sinn3r ef6eec949c Move impersonate_ssl
To 'gather', because it grabs stuff, not scans.
2013-01-11 17:22:27 -06:00
jvazquez-r7 8c5847a13c Make output compatible with an scanner module 2013-01-11 00:10:15 +01:00
jvazquez-r7 0e950997e6 Merge branch 'wordpress-pingback-access' of https://github.com/smilingraccoon/metasploit-framework into smilingraccoon-wordpress-pingback-access 2013-01-10 23:57:22 +01:00
smilingraccoon 0c58a118ff Found the issue I believe, fixed two issues. One with 301/302 responses getting a bad URI due to switch from ip to dns in location header and other from res.to_s rather than res.body being passed to regex 2013-01-10 11:32:48 -05:00
smilingraccoon fc5a0e22b2 stupid push, forgot to remove test puts 2013-01-10 10:43:57 -05:00
smilingraccoon ed9d290a85 added status messages, made var blog_posts initalize as nil rather than empty string 2013-01-10 10:41:25 -05:00
smilingraccoon 5bafd6ddcc added status message 2013-01-10 09:43:37 -05:00
jvazquez-r7 5fe2f967da this rescue is done in the mixin 2013-01-09 21:28:06 +01:00
HD Moore 07f8eb6a07 Fix up a typo 2013-01-09 13:05:27 -06:00
HD Moore adb4c89602 Add a scanner module for CVE-2013-0156 2013-01-09 12:50:38 -06:00
smilingraccoon a0a4ef843b added error msgs to rescue 2013-01-09 11:22:36 -05:00
Thomas McCarthy f45739933e Update modules/auxiliary/scanner/http/wordpress_pingback_access.rb
Changed name var in initialize
2013-01-08 19:20:02 -05:00
luh2 8e80f5e82c Public key size determined properly 2013-01-08 16:39:27 +01:00
smilingraccoon 9f69dbbd30 update unless statements, targeturi, and resolve var 2013-01-07 13:17:49 -05:00