Commit Graph

2246 Commits (3577a364be80008f33d9b902e9ea3f6a3257173c)

Author SHA1 Message Date
Tod Beardsley 4ca9a88324 Tidying up grammar and titles 2013-06-17 16:49:14 -05:00
Matt Andreko df8c80e3d1 Added CVE and disclosure date 2013-06-17 17:40:36 -04:00
sinn3r 163d3e771b Handle connect_login return value properly
Some modules ignore connect_login's return value, which may result
an EOF if send_cmd() is used later on.  All the modules fixed are
the ones require auth according to the module description, or
CVE/vendor/OSVDB info.
2013-06-17 15:48:34 -05:00
jvazquez-r7 1b456ab511 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-17 08:46:16 -05:00
jvazquez-r7 fed6427f16 Land #1884, @morrisson's saprouter port scanner module 2013-06-17 08:38:10 -05:00
jvazquez-r7 2e201bb2a3 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-16 15:19:36 -05:00
jvazquez-r7 d20f72a9fd Fix indentation 2013-06-16 15:18:19 -05:00
jvazquez-r7 3cd94f5025 Do final cleanup for infovista_enum 2013-06-16 11:50:40 -05:00
Matt Andreko fd026c5b34 Added References and Disclosure Date 2013-06-15 18:31:20 -04:00
jvazquez-r7 11bf17b0d6 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-15 11:55:22 -05:00
Bruno Morisson 852fc33c13 Added feedback, cleanup, and simplified modes 2013-06-15 17:16:10 +01:00
KarnGaneshen ba59434261 added infovista module 2013-06-15 17:16:26 +05:30
jvazquez-r7 7a11077834 Land #1923, @juushya's module for rfcode brute forcing 2013-06-14 13:36:14 -05:00
jvazquez-r7 ae027a9efb Final cleanup for rfcode_reader_enum 2013-06-14 13:09:48 -05:00
jvazquez-r7 6fbb782ada Clean sap_router_portscanner 2013-06-13 10:08:44 -05:00
KarnGaneshen 6188df1b3a added note :type - Info. This is mandatory field for report_note. also, vprint statements seem to be adding an extra space with a hyphen. kinda make print dis-aligned than other regular print_* statements. changed -> to -, removed ' from '#{user/pass}'. works fine. msftidy check. module load check. pcap taken. 2013-06-13 14:03:55 +05:30
jvazquez-r7 0b9cf213df Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-12 12:03:10 -05:00
KarnGaneshen 871f1b7c1f updated prints with ip-port reference. msftidy check. module load check. go rf reader.. 2013-06-12 00:53:58 +05:30
KarnGaneshen 736bf120d9 added sname in report data, corrected :host to rhost, :port to rport. msftidy check. module load check. upping it. 2013-06-12 00:25:50 +05:30
jvazquez-r7 0578572d98 Change sevone_enum because it's an Scanner 2013-06-11 08:51:15 -05:00
KarnGaneshen 5c078f5139 added report_note to store collected info. removed register rport for 80t. msftidy & module load checked. pushing it up. 2013-06-11 12:57:26 +05:30
jvazquez-r7 c641184e37 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-10 13:30:36 -05:00
jvazquez-r7 0c6dbe9885 Add final cleanup for sevone_enum 2013-06-10 13:16:22 -05:00
jvazquez-r7 6765a911a4 Land #1921, @juushya brute force login module for SevOne 2013-06-10 13:15:14 -05:00
sinn3r 622dc27d95 Land #1925 - fix SNMP enum module failing to catch some fail cases
[FixRM:#7945]
2013-06-10 12:51:02 -05:00
KarnGaneshen 72a9c8612b setting rfcode_reader_enum straight. more updates. 2013-06-10 22:57:00 +05:30
KarnGaneshen 5c988d99fe more updates to sevone.rb. hopefully all is covered.. 2013-06-10 21:59:18 +05:30
KarnGaneshen 04171c46ec more updates to sevone.rb. hopefully all is covered. 2013-06-10 21:47:56 +05:30
Karn Ganeshen ffa18d413f Updated rfcode_reader_enum.rb ...
Updated as per review comments. 
Removed loot of network configuration.
Used JSON.parse to bring cleaner loot output
Changed some print_goods to vprint_status
Changed if not to unless
2013-06-08 03:21:43 +05:30
Karn Ganeshen 74bddcf339 Update sevone_enum.rb
New updates as per review comments
2013-06-08 02:28:09 +05:30
Karn Ganeshen 1ca8fd2cf1 Update sevone_enum.rb
Updated as per initial review comments.
2013-06-08 01:14:43 +05:30
Karn Ganeshen eb0ae6ed27 Update rfcode_reader_enum.rb
Updated as per review comments
2013-06-08 01:00:18 +05:30
Thomas Ring 2bb0bd504c Makign changes recommended in redmine 7945 to fix SNMP enum module failing to catch some fail cases 2013-06-07 13:55:59 -05:00
Karn Ganeshen 6b8e6b3f0c Create rfcode_reader_enum.rb
Adding new aux - RFCode Reader Web interface Login Brute Force & Config Capture Utility
2013-06-07 23:53:09 +05:30
Karn Ganeshen fcc600aa3e Create sevone_enum.rb
Adding new aux - SevOne Network Performance Management System application version enumeration and brute force login Utility
2013-06-07 23:39:22 +05:30
jvazquez-r7 9c27a294cb Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-07 13:01:37 -05:00
James Lee 0302437c2b Land #1915, smtp user enumeration enhancements 2013-06-07 11:42:41 -05:00
Thomas Ring 8cf5b548c3 make recommended changes 2013-06-06 14:23:25 -05:00
Thomas Ring 067899341e fix a number of issues with the existing module (slowness, false positives, false negatives, stack traces, enumering unix users on windows systems, etc) 2013-06-06 13:26:04 -05:00
jvazquez-r7 e5a17ba227 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-05 09:41:23 -05:00
sinn3r a3b25fd7c9 Land #1909 - Novell Zenworks Mobile Device Managment exploit & auxiliary 2013-06-05 02:45:45 -05:00
sinn3r 307773b6a1 Extra space - die! 2013-06-05 02:44:56 -05:00
sinn3r 0c1d46c465 Add more references 2013-06-05 02:43:43 -05:00
sinn3r 5d90c6cd71 Make msftidy happy 2013-06-05 02:11:23 -05:00
sinn3r ca5155f01d Final touchup novell_mdm_creds 2013-06-05 02:08:55 -05:00
sinn3r a5a3f40394 Report auth info 2013-06-05 02:06:32 -05:00
steponequit ed4766dc46 initial commit of novell mdm modules 2013-06-04 09:20:10 -07:00
jvazquez-r7 4079484968 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-03 15:27:36 -05:00
Tod Beardsley 4cf682691c New module title and description fixes 2013-06-03 14:40:38 -05:00
CG 571b62d19d svn scanner added print_good and rport 2013-06-02 18:05:11 -04:00
jvazquez-r7 3a360caba1 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-31 19:03:21 -05:00
Bruno Morisson d318c1cd22 included feedback 2013-06-01 00:31:06 +01:00
sinn3r e99401ea82 Landing #1817 - couchdb login module 2013-05-31 16:04:10 -05:00
sinn3r a88321c700 Final touchup 2013-05-31 16:03:30 -05:00
sinn3r 483b5e204f Missing the header 2013-05-31 16:00:36 -05:00
sinn3r e398025a7f I don't think what fails really matters. 2013-05-31 15:59:40 -05:00
Bruno Morisson d03379f1c6 changed 2 vprint_error to print_error 2013-05-30 11:54:42 +01:00
Roberto Soares Espreto 07203568bd Performed changes to the correct operation of the module. 2013-05-29 20:50:28 -03:00
Bruno Morisson 612eabd21a added sap_router_portscanner module 2013-05-29 23:36:53 +01:00
jvazquez-r7 9d91596e46 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-29 16:21:32 -05:00
Tod Beardsley 10d8bebe73 Start with a random username to test 401 codes
SeeRM #7991

While this fixes the specific case of tomcat_mgr_login, it doesn't
address the general case where modules are attempting to test code 401
responses in order to determine if bruteforcing should continue.
2013-05-29 12:36:28 -05:00
jvazquez-r7 aa688c4313 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-29 10:47:04 -05:00
Samuel Huckins f0e3b0c124 Merge pull request #1836 from dmaloney-r7/bug/anyuser_anypass_http
Verified MSF specs passing, Pro on develop functional tests working (ran Bruteforce, saw normal and verbose output concerning that bruteforce was skipped for such a case and why, verified no cred saved with 'anyuser' user).
2013-05-29 07:44:18 -07:00
jvazquez-r7 6401d557fd Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-28 19:57:16 -05:00
jvazquez-r7 96888455a7 Add new signature for CF9 2013-05-28 16:04:08 -05:00
sinn3r a6a46f82bb Updates the description a little bit 2013-05-28 14:31:56 -05:00
sinn3r e4e5edc619 Looks like we don't need to check MD5, let's keep it that way then. 2013-05-28 14:31:15 -05:00
sinn3r 8ab90e657c Adds a check for Cold Fusion 10 2013-05-28 14:21:29 -05:00
Matt Andreko 5695994432 Added module to enumerate Canon printer Wifi settings 2013-05-27 18:02:37 -04:00
jvazquez-r7 094a5f1b18 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-26 16:03:33 -05:00
Matt Andreko ea7805d3c8 Fixed a bug in the HSTS module around null headers 2013-05-23 15:02:39 -04:00
jvazquez-r7 8e41ae3454 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-23 10:59:40 -05:00
John Sherwood d028f52dbd Fix broken ms12-020 vulnerability detection
The previous version of the script had an off-by-one error that prevented
proper detection of the vulnerability.  Changes made in this revision
include:

 - Correction of the off-by-one error
 - Use of match instead of == to check for valid RDP connection
 - Change of the channel requests to use IDs actually provided by
   the responses from the server
2013-05-22 00:08:25 -04:00
dmaloney-r7 ee28a3a8d7 Update http_login.rb
add parens around conditional to make bikeshed prettier
2013-05-21 11:28:23 -05:00
jvazquez-r7 0f3b13e21d up to date 2013-05-16 15:02:41 -05:00
jvazquez-r7 d9bdf3d52e Do final cleanup for sap_smb_relay 2013-05-16 14:25:10 -05:00
jvazquez-r7 9dd582c526 Land #1656, @nmonkee's module for SMB Relay attacks against SAP 2013-05-16 14:23:39 -05:00
jvazquez-r7 947735bd25 up to date 2013-05-16 11:26:50 -05:00
jvazquez-r7 c21035c0b9 Add final cleanup for sap_ctc_verb_tampering_user_mgmt 2013-05-16 10:42:09 -05:00
jvazquez-r7 7823df0478 Change module filename 2013-05-16 10:41:25 -05:00
jvazquez-r7 f3f0272395 Land #1652, @nmonkee's SAP CTC Verb Tampering for User Mgmt module 2013-05-16 10:40:17 -05:00
David Maloney 4503a7af50 Don't save creds of anyuser:anypass
If http accepts any user and any pass, it's not a real auth
there is no reason to create cred objects for this.
These creds have been confusing our users
2013-05-16 10:25:32 -05:00
nmonkee 11286630d5 modifications to CLBA_ SOAP requests to fix XML kernel processor error 2013-05-16 11:24:29 +01:00
jvazquez-r7 8a18853dfa Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-15 21:35:59 -05:00
jvazquez-r7 c82bb73347 Avoid super verbose output 2013-05-15 17:45:37 -05:00
jvazquez-r7 c410a54d44 Merge SAP SMB Relay abuses in just one module 2013-05-14 20:53:08 -05:00
jvazquez-r7 357ef001cc Change module filename 2013-05-14 20:52:33 -05:00
jvazquez-r7 83f1418f28 up to date 2013-05-14 14:48:58 -05:00
jvazquez-r7 07b3355a17 Merge branch 'sap_ctc_verb_tampering_add_user_and_add_role' of https://github.com/nmonkee/metasploit-framework 2013-05-14 13:47:39 -05:00
jvazquez-r7 b9caa23b30 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-14 12:26:23 -05:00
Roberto Soares Espreto 3d7c9a9a06 Changed the path from TARGETURI 2013-05-14 00:11:40 -03:00
sinn3r 5e997aaf80 Landing #1816 - lists essential information about CouchDB 2013-05-13 16:46:20 -05:00
sinn3r cba045a604 Make additional changes to the module 2013-05-13 16:42:33 -05:00
Roberto Soares Espreto a94d078bfd Added the statement return to condition: if res.nil? 2013-05-11 00:59:05 -03:00
Roberto Soares Espreto 18ee9af59f Added couchdb_enum.rb to list essential information about CouchDB 2013-05-10 23:18:48 -03:00
Roberto Soares Espreto 7a7f4a1727 Added couchdb_login.rb to try to brute-force credentials of CouchDB 2013-05-10 23:16:11 -03:00
jvazquez-r7 891e36c947 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-09 17:47:35 -05:00
jvazquez-r7 cf05602c6f Land #1661, @nmonkee's sap_soap_rfc_eps_get_directory_listing module 2013-05-09 16:46:13 -05:00
nmonkee 53c08cd60f fix incorrect printing typo 2013-05-09 21:37:04 +01:00
jvazquez-r7 ca41d859a9 up to date 2013-05-09 13:00:10 -05:00
jvazquez-r7 e711474654 Merge branch 'sap_soap_xmla_bw_smb_relay_' of https://github.com/nmonkee/metasploit-framework 2013-05-09 12:37:46 -05:00
jvazquez-r7 866fa167ab Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-08 16:29:52 -05:00
Tod Beardsley 4c75354a6a Land #1786, request_cgi instead of request_raw
Also some other small changes to modules, such as sensible defaults for
options.
2013-05-08 14:58:04 -05:00
jvazquez-r7 a1d2680a17 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-06 23:24:21 -05:00
jvazquez-r7 fff8593795 Fix author name 2013-05-06 17:34:37 -05:00
jvazquez-r7 ad21a107ec up to date 2013-05-06 15:48:59 -05:00
jvazquez-r7 fcb9dc1384 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-06 15:40:22 -05:00
jvazquez-r7 c84febb81a Fix extra character 2013-05-06 15:19:15 -05:00
jvazquez-r7 92b4d23c09 Add Mariano as Author because of the abuse disclosure 2013-05-06 15:15:15 -05:00
jvazquez-r7 db243e78c8 Land #1682, sap_router_info_request fix from @nmonkee 2013-05-06 15:13:57 -05:00
jvazquez-r7 85581a0b6f Clean up sap_soap_rfc_eps_get_directory_listing 2013-05-06 13:21:42 -05:00
jvazquez-r7 1fc0bfa165 Change module filename 2013-05-06 13:20:07 -05:00
jvazquez-r7 2384f34ada Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-03 15:39:16 -05:00
jvazquez-r7 589be270bf Land #1658, @nmonkee's SAP module for PFL_CHECK_OS_FILE_EXISTENCE 2013-05-03 14:19:36 -05:00
jvazquez-r7 9e1037bce0 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-02 16:15:28 -05:00
jvazquez-r7 b096449a97 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-02 15:12:19 -05:00
Tod Beardsley 7579b574cb Rework parse_xml
We try to avoid using Nokogiri in modules due to the sometimes
uncomfortable dependencies it creates with particular compiled libxml
versions. Also, the previous parse_xml doesn't seem to be correctly
skipping item entries with blank names.

I will paste the test XML in the PR proper, but do check against a live
target to make sure I'm not screwing it up.
2013-05-02 14:43:30 -05:00
Tod Beardsley 902cd7ec85 Revert removal of the SAP module
This reverts commit 26da7a6ee7.
2013-05-02 14:42:35 -05:00
Tod Beardsley 26da7a6ee7 Removing this from master due to test problems
This module was moved over to the unstable branch in commit
7106afdf7d , working up a fix now. Stay
tuned.
2013-05-02 13:43:02 -05:00
jvazquez-r7 132c09af82 Add BID reference 2013-05-02 10:21:09 -05:00
jvazquez-r7 6e68f3cf34 Clean up sap_soap_rfc_pfl_check_os_file_existence 2013-05-02 10:19:15 -05:00
jvazquez-r7 244bf71d4a Change module filename 2013-05-02 10:15:50 -05:00
jvazquez-r7 29d4e378aa Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-02 09:27:51 -05:00
jvazquez-r7 d9cdb6a138 Fix more feedback provided by @nmonkee: CMD vs COMMAND 2013-05-02 09:08:48 -05:00
jvazquez-r7 c6c7998e3b Fix feedback provided by @nmonkee 2013-05-02 09:06:51 -05:00
jvazquez-r7 4db81923bf Update description 2013-05-02 08:45:01 -05:00
jvazquez-r7 4054d91955 Land #1657, @nmonkee's RZL_READ_DIR_LOCAL SAP dir listing module 2013-05-02 08:38:50 -05:00
jvazquez-r7 e25057b64a Fix indent level 2013-05-01 22:01:36 -05:00
jvazquez-r7 c406271921 Cleanup sap_soap_rfc_rzl_read_dir 2013-05-01 21:51:06 -05:00
jvazquez-r7 98dd96c57d Change module filename 2013-05-01 21:50:24 -05:00
jvazquez-r7 6b6b53240b Fix SAP modules, mainly to make a better use of send_request_cgi 2013-05-01 14:06:53 -05:00
jvazquez-r7 38e41f20fe Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-24 13:24:13 -05:00
sinn3r cae30bec23 Clean up all the whitespace found 2013-04-23 18:27:11 -05:00
jvazquez-r7 d1c5179b83 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-19 17:48:12 -05:00
jvazquez-r7 c7fcd6931a Use vprint_error 2013-04-19 16:22:07 -05:00
Christian Mehlmauer eaff87879e added text 2013-04-19 22:03:05 +02:00
Christian Mehlmauer a6be72b019 fixes for mediawiki aux module 2013-04-19 21:43:12 +02:00
jvazquez-r7 d4fa2ba96d Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-19 14:14:36 -05:00
sinn3r 7fdf84ac45 Landing #1744 - Checks nil before using resp.headers['Server']
[Closes #1744]
2013-04-19 10:37:05 -05:00
jvazquez-r7 31586770a0 Added module for OSVDB 92490 2013-04-18 14:34:02 -05:00
RageLtMan 15c6df1482 Check for nil before calling on value 2013-04-18 00:32:37 -04:00
jvazquez-r7 cc35591723 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-15 17:43:15 -05:00
Tod Beardsley a36c6d2434 Lands #1730, adds a VERBOSE option checker
Also removes VERBOSE options from extant modules. There were only 5 of
them, and one was a commented option.
2013-04-15 15:32:56 -05:00
Tod Beardsley 29101bad41 Removing VERBOSE offenders 2013-04-15 15:29:56 -05:00
Meatballs e4ff7a2f2c Address egypt's feedback 2013-04-09 21:15:04 +01:00
jvazquez-r7 ba7603e66c Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-09 17:34:23 +02:00
sinn3r 76d4538d2a Merge branch 'master' of github.com:rapid7/metasploit-framework 2013-04-09 10:24:54 -05:00
sinn3r 1e258170dc It's a filename, so not trying to match any single char 2013-04-09 10:20:52 -05:00
sinn3r 50cf039170 Merge branch 'cve-2013-1899-not-auth' of github.com:jhart-r7/metasploit-framework into jhart-r7-cve-2013-1899-not-auth 2013-04-09 10:19:15 -05:00
jvazquez-r7 79620ed660 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-09 17:12:16 +02:00
Tod Beardsley ba86e14d43 Whitespace and caps fixes 2013-04-09 08:57:53 -05:00
Jon Hart b1152d1567 Improve Postgres CVE-2013-1899 to detect unauthorized connections 2013-04-08 09:55:23 -07:00
jvazquez-r7 d65bf8bab9 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-08 18:19:41 +02:00
sinn3r d24371eaff Merge branch 'hp_imc_reportimgservlt_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_reportimgservlt_traversal 2013-04-08 10:18:30 -05:00
sinn3r 1b5c34db1a Merge branch 'hp_imc_ictdownloadservlet_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_ictdownloadservlet_traversal 2013-04-08 10:17:19 -05:00
sinn3r 11253c8f3e Merge branch 'hp_imc_faultdownloadservlet_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_faultdownloadservlet_traversal 2013-04-08 10:16:52 -05:00
jvazquez-r7 daba48035d fix DEPTH description and basename 2013-04-05 11:05:46 +02:00
jvazquez-r7 b6edad1f1d fix DEPTH description and basename 2013-04-05 11:04:43 +02:00
jvazquez-r7 d163e96d6a fix DEPTH description and basename 2013-04-05 11:02:59 +02:00
jvazquez-r7 d823f724cd Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-04 22:16:35 +02:00
jvazquez-r7 30f44c3a24 final cleanup for dlink_dir_615h_http_login 2013-04-04 22:02:45 +02:00
jvazquez-r7 8f60d12e46 Merge branch 'dlink_login_dir_615H' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink_login_dir_615H 2013-04-04 22:01:49 +02:00
jvazquez-r7 b75d038fc2 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-04 21:54:36 +02:00
jvazquez-r7 7d1e9af728 final cleanup for dlink_dir_session_cgi_http_login 2013-04-04 21:41:42 +02:00
jvazquez-r7 0b9fe53919 module filename changed 2013-04-04 21:41:10 +02:00
jvazquez-r7 6ec6638568 Merge branch 'dlink_login_dir_300B_600B' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink_login_dir_300B_600B 2013-04-04 21:40:21 +02:00
jvazquez-r7 498a0dc309 final cleanup for dlink_dir_300_615_http_login 2013-04-04 21:15:22 +02:00
jvazquez-r7 cff70e41be Merge branch 'dlink_login' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink_login 2013-04-04 21:14:56 +02:00
HD Moore fe2b598503 Add the advisory URL 2013-04-04 10:22:31 -05:00
HD Moore c8a6dfbda2 Add scanner module for the new PostgreSQL flaw 2013-04-04 10:19:47 -05:00
m-1-k-3 7b4cdf4671 make msftidy happy 2013-04-04 13:22:01 +02:00
m-1-k-3 78c492da20 is_dlink, more feedback included, msftidy 2013-04-04 13:18:32 +02:00
m-1-k-3 2f96a673cd is_dlink, more feedback included 2013-04-04 13:17:45 +02:00
m-1-k-3 64f3e68310 is_dlink and some more feedback included 2013-04-04 13:01:18 +02:00
jvazquez-r7 89de9fdf22 cleanup for dlink_dir_300_615_http_login 2013-04-03 10:04:01 +02:00
jvazquez-r7 b4b3c82c86 delete space 2013-04-03 00:31:00 +02:00
jvazquez-r7 54120a2d3a delete space 2013-04-03 00:30:24 +02:00
jvazquez-r7 85d9e3e9ee delete space 2013-04-03 00:29:38 +02:00
jvazquez-r7 0b4eab2499 added module for ZDI-13-053 2013-04-03 00:24:11 +02:00
jvazquez-r7 018e147063 added module for ZDI-13-052 2013-04-03 00:22:38 +02:00
jvazquez-r7 dc17b4931c added module for ZDI-13-051 2013-04-03 00:21:01 +02:00
jvazquez-r7 070fd399f2 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-31 20:23:08 +02:00
m-1-k-3 587170ae52 fixed author details - next try 2013-03-30 12:43:55 +01:00
m-1-k-3 1d6184cd63 fixed author details 2013-03-30 12:41:31 +01:00
m-1-k-3 8032a33cd5 report_auth_info - proof 2013-03-29 22:06:25 +01:00
m-1-k-3 1156194a6b feedback included, server fingerprinting 2013-03-29 22:04:22 +01:00
m-1-k-3 2b4d6eb455 feedback included, server header check 2013-03-29 21:30:45 +01:00
m-1-k-3 b6a50da394 feedback included, server header check 2013-03-29 21:20:51 +01:00
nmonkee 5b30115336 vprint_status changed to vprint_error as requested 2013-03-28 14:27:51 +00:00
nmonkee 0f147dcf47 vprint_status changed to vprint_error as requested 2013-03-28 14:24:57 +00:00
nmonkee eee702a329 vprint_status changed to vprint_error as requested 2013-03-28 14:23:21 +00:00
nmonkee e2212ca8c9 vprint_status changed to vprint_error as requested 2013-03-28 14:22:01 +00:00
nmonkee 9d87db6831 vprint_status changed to vprint_error as requested 2013-03-28 14:08:24 +00:00
nmonkee aae1d5933e removed socket print, left over from debugging 2013-03-28 10:49:23 +00:00
nmonkee 376ca7b107 fixed issue with access denied condition thanks to @pho_bos 2013-03-28 10:41:37 +00:00
m-1-k-3 aa981cc991 DIR-645 also working 2013-03-27 12:11:14 +01:00
m-1-k-3 615aa57399 Dlink DIR615 HW rev B login module 2013-03-27 09:26:23 +01:00
m-1-k-3 680b551215 default to user admin 2013-03-27 08:59:19 +01:00
m-1-k-3 032214fb1d default to user admin 2013-03-27 08:49:04 +01:00
m-1-k-3 e1a719a6c0 http login module for DLink DIR300revB, DIR600revB, DIR815 2013-03-26 20:57:24 +01:00
m-1-k-3 c4fe21865c user fix 2013-03-26 20:15:19 +01:00
nmonkee bcc26427c0 EPS_GET_DIRECTORY_LISTING (List Directory abd SMB Relay) 2013-03-25 20:26:56 +00:00
nmonkee d8086a27a6 vprint_status mod 2013-03-25 20:20:29 +00:00
nmonkee 121c75f646 vprint_status mod 2013-03-25 20:18:14 +00:00
nmonkee da6a99defb vprint_status mod 2013-03-25 20:16:11 +00:00
nmonkee 95e7d55313 remove sap_soap_rfc_eps_delete_file_smb_relay.rb 2013-03-25 20:09:59 +00:00
nmonkee f7ccfa634e This module exploits an authentication bypass vulnerability in SAP NetWeaver CTC service 2013-03-25 19:59:16 +00:00
jvazquez-r7 3c12459703 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-25 19:33:36 +01:00
jvazquez-r7 9717a8c3b4 cleanup for tplink_traversal_noauth 2013-03-25 19:20:18 +01:00
jvazquez-r7 543b401a55 Merge branch 'tplink-traversal' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-tplink-traversal 2013-03-25 19:18:53 +01:00
jvazquez-r7 393d5d8bf5 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-25 19:09:42 +01:00
nmonkee f92f59bfad EPS_DELETE_FILE (File deletion and SMB Relay) 2013-03-25 17:23:27 +00:00
sinn3r dcce23d23d Merge branch 'bugs/tomcat_enum-double_check' of github.com:neinwechter/metasploit-framework into neinwechter-bugs/tomcat_enum-double_check 2013-03-25 12:19:52 -05:00
nmonkee 01ee30e389 PFL_CHECK_OS_FILE_EXISTENCE (file existence and SMB relay) 2013-03-25 17:11:23 +00:00
Nathan Einwechter aad0eed485 Fix whitespace EOL 2013-03-25 13:00:37 -04:00
nmonkee 5be98593a9 RZL_READ_DIR_LOCAL (directory listing and SMB relay) 2013-03-25 16:59:37 +00:00
Nathan Einwechter 3f79b2fd3b Use :abort for scanner mixin 2013-03-25 12:59:18 -04:00
nmonkee e840578ea2 SAP /sap/bw/xml/soap/xmla XMLA service (XML DOCTYPE) SMB relay 2013-03-25 16:57:12 +00:00
sinn3r 0d56da0511 Merge branch 'netgear-sph200d' of github.com:m-1-k-3/metasploit-framework into m-1-k-3-netgear-sph200d 2013-03-25 11:45:40 -05:00
Nathan Einwechter 99fe2a33d7 Deregister USER_AS_PASS and stop on connect error 2013-03-25 12:35:52 -04:00
jvazquez-r7 53b862300e cleanup for linksys_e1500_traversal 2013-03-25 17:33:38 +01:00
jvazquez-r7 ea804d433e change file name 2013-03-25 17:33:16 +01:00
m-1-k-3 e57498190b dlink dir 300/600 login module - initial commit 2013-03-25 08:48:24 +01:00
m-1-k-3 7ff9c70e38 10 to 0 is good :) 2013-03-23 22:46:26 +01:00
m-1-k-3 47d458a294 replacement of the netgear-sph200d module 2013-03-23 22:40:32 +01:00
m-1-k-3 bd522a03e3 replace module to the scanner directory 2013-03-23 22:29:44 +01:00
m-1-k-3 8f59999f82 replace module to the scanner directory 2013-03-23 22:25:04 +01:00
jvazquez-r7 ee98f28017 up to date 2013-03-12 16:58:48 +01:00
jvazquez-r7 1331952515 up to date 2013-03-12 16:55:06 +01:00
jvazquez-r7 6bd995f37e up to date 2013-03-12 16:53:37 +01:00
jvazquez-r7 9891650c30 up to date 2013-03-12 16:51:00 +01:00
jvazquez-r7 b498bf9b71 up to date 2013-03-12 16:50:35 +01:00
jvazquez-r7 074ea7dee4 Merge branch 'ssl' of https://github.com/luh2/metasploit-framework into luh2-ssl 2013-03-11 15:36:20 +01:00
James Lee 2160718250 Fix file header comment
[See #1555]
2013-03-07 17:53:19 -06:00
Meatballs df3361df50 Merge branch 'master' into wds_scanner_repull 2013-03-07 20:09:44 +00:00
James Lee 27727df415 Merge branch 'R3dy-psexec-mixin2' into rapid7 2013-03-05 14:36:55 -06:00
David Maloney 71ba044d03 remove debugging aid 2013-03-04 11:25:34 -06:00
David Maloney 6dcca7df78 Remove duplicated header issues
Headers were getting duped back into client config, causing invalid
requests to be sent out
2013-03-04 11:24:26 -06:00
David Maloney 4212c36566 Fix up basic auth madness 2013-03-01 11:59:02 -06:00
David Maloney b2f68f0fdb Merge branch 'dmaloney-r7-feature/http/authv2' of git://github.com/jlee-r7/metasploit-framework into jlee-r7-dmaloney-r7-feature/http/authv2 2013-02-28 14:37:37 -06:00
David Maloney c290bc565e Merge branch 'master' into feature/http/authv2 2013-02-28 14:33:44 -06:00
jvazquez-r7 8f58c7b25e cleanup for sap_icf_public_info 2013-02-28 18:47:48 +01:00
jvazquez-r7 0dcfb51071 cleanup for sap_soap_rfc_system_info 2013-02-28 18:46:18 +01:00
jvazquez-r7 1a10c27872 Merge branch 'sap_rfc_system_info' of https://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-sap_rfc_system_info 2013-02-28 18:45:42 +01:00
James Lee d3b3587660 Merge branch 'rapid7' into dmaloney-r7-feature/http/authv2 2013-02-27 14:01:57 -06:00
J.Townsend cbce1bdff2 update module description
This adds the version of wordpress the issue was fixed in to the description
2013-02-26 00:24:46 +00:00
James Lee 1ce86b7adb Whitespace 2013-02-25 14:29:10 -06:00
David Maloney 0ae489b37b last of revert-merge snaffu 2013-02-19 23:16:46 -06:00
James Lee 49f00acc11 Fix nil deref when dnsdomain is empty 2013-02-19 11:24:05 -06:00
Chris John Riley d49797267e Correct SAP Table Name 2013-02-19 11:20:49 +01:00
Chris John Riley 358b2f5783 Added module credit as this has turned into a rewrite ;) 2013-02-19 11:15:04 +01:00
Chris John Riley f3cf8ad1b9 Whitespace EOL 2013-02-19 11:13:33 +01:00
Chris John Riley a75bae927d Replaced report_note and table output with single function
Added proposed extract data function (HDM)
2013-02-19 11:12:12 +01:00
Chris John Riley d4011227e3 Made suitable changes to original module also (only report on non empty response) 2013-02-19 09:43:36 +01:00
Chris John Riley 4170a85d8a Added logic to only report when value is present 2013-02-19 09:42:13 +01:00
jvazquez-r7 a19da61177 deleting trailing comma 2013-02-16 00:53:28 +01:00
sinn3r 4eca6e5502 Merge branch 'feature/web_crawler_skip_paths' of github.com:tasos-r7/metasploit-framework into tasos-r7-feature/web_crawler_skip_paths 2013-02-13 14:07:20 -06:00
jvazquez-r7 167f5970c1 minor cleanup for rails_json_yaml_scanner 2013-02-13 00:07:58 +01:00
jvazquez-r7 3e2a368823 Merge branch 'rails_json_yaml_scanner' of https://github.com/jjarmoc/metasploit-framework into jjarmoc-rails_json_yaml_scanner 2013-02-13 00:07:11 +01:00
Jeff Jarmoc 846052a34d s/URIPATH/TARGETURI/g per @jvasquez-r7 comments on another pull. 2013-02-12 15:13:06 -06:00
Tasos Laskos f2cf4304d2 Merge remote-tracking branch 'upstream/master' into feature/web_crawler_skip_paths 2013-02-12 22:10:40 +02:00
Tasos Laskos 9efd3f6c5e scanner/http/crawler: added ExcludePathPatterns opt
Option 'ExcludePathPatterns' allows users to specify which paths should
be excluded from the crawl (and which forms to ignore) by passing a
list of patterns (only allows '*' wildcards).
2013-02-12 21:47:12 +02:00
Chris John Riley 3a6cd6f395 Added module for requesting RFC_SYSTEM_INFO via ICF web interface 2013-02-12 14:42:59 +01:00
Tod Beardsley 8ddc19e842 Unmerge #1476 and #1444
In that order. #1476 was an attempt to salvage the functionality, but
sinn3r found some more bugs. So, undoing that, and undoing #1444 as
well.

First, do no harm. It's obvious we cannot be making sweeping changes in
libraries like this without a minimum of testing available. #1478 starts
to address that, by the way.

FixRM #7752
2013-02-11 20:49:55 -06:00
Jeff Jarmoc ddd7d307e6 Add a scanner aux module for Rails JSON/YAML vuln CVE-2013-0333 2013-02-11 16:48:44 -06:00
David Maloney a43b902b5c Fix tomcat_mgr_login auth 2013-02-11 12:00:40 -06:00
sinn3r 7370d7d31b Final touchup 2013-02-08 18:21:06 -06:00
Spencer McIntyre 7522a87cf9 Adding an auxiliary scanner module for Titan FTP password disclosure. 2013-02-08 15:43:02 -05:00
James Lee 5b3b0a8b6d Merge branch 'dmaloney-r7-http/auth_methods' into rapid7 2013-02-08 12:45:35 -06:00
sinn3r ce7da154a6 Merge branch 'master' of github.com:hmoore-r7/metasploit-framework into hmoore-r7-master 2013-02-07 17:35:28 -06:00
sinn3r 035e8b7100 Merge branch 'groupwise_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-groupwise_traversal 2013-02-07 17:33:34 -06:00
jvazquez-r7 e9912496d8 nice check learned from sinn3r 2013-02-07 22:05:39 +01:00
jvazquez-r7 0d3c32b0a4 Added module for CVE-2012-0419 2013-02-07 21:15:49 +01:00
sinn3r 7f746e1caa That's what he said. 2013-02-07 11:13:18 -06:00
sinn3r d554c3a56a Don't really need the bottom comment 2013-02-07 10:46:42 -06:00
sinn3r 98559d4d51 Do a check and make sure this is Simple Web Server 2013-02-07 10:45:53 -06:00
sinn3r b11f052746 Allow arbitrary depth 2013-02-07 10:32:29 -06:00
sinn3r a3264e18e2 There aint no fail_with(), must use print_error 2013-02-07 10:30:17 -06:00
sinn3r b09f819e4b Add Simple Web Server dir traversal 2013-02-06 17:02:07 -06:00
James Lee 1095fe198b Merge branch 'rapid7' into dmaloney-r7-http/auth_methods 2013-02-06 16:57:50 -06:00
HD Moore f0ca4b2f08 Merge remote-tracking branch 'upstream/master' 2013-02-06 16:31:31 -06:00
Tod Beardsley e175e2c9e9 typo in method name 2013-02-06 12:19:57 -06:00
HD Moore 22e3458cea Fix multi-line output due to bad regex flag 2013-02-06 11:27:58 -06:00
HD Moore 9af888c03b Merge pull request #1433 from jjarmoc/jjarmoc-rails_xml_scan
rails_xml_yaml_scanner.rb improvements
2013-02-05 12:34:10 -08:00
David Maloney 877fb017b6 remove negotiate requirements
winrm can support basic, and now these modules can too, for free
2013-02-04 16:50:43 -06:00
David Maloney 44d4e298dc Attempting to cleanup winrm auth 2013-02-04 15:48:31 -06:00
Jeff Jarmoc 39cafd0cde Use OptEnum instead of OptString 2013-02-04 15:08:34 -06:00
David Maloney 8d013d1034 Merge branch 'master' into http/auth_methods 2013-02-04 13:11:57 -06:00
David Maloney 4c1e630bf3 BasicAuth datastore cleanup
cleanup all the old BasicAuth datastore options
2013-02-04 13:02:26 -06:00
David Maloney 8b1febb4cf add myself to the blame list for the module =P 2013-02-04 12:32:43 -06:00
David Maloney 9497e38ef7 Fix http login scanner
Fix the http_login scanner to use new buitin auth
2013-02-04 12:31:19 -06:00
HD Moore 0660347fca Explicit mult-line match 2013-02-03 21:06:57 -06:00
Jeff Jarmoc 5e0c18af2f adding self to credits 2013-02-03 16:14:42 -06:00
Jeff Jarmoc 57c8e41846 Re-order probes and checks.
This causes module to exit if error conditions are found, before sending unecessary probes.
2013-02-03 16:10:46 -06:00
Jeff Jarmoc 8dff427776 Allow 4xx codes, display codes in verbose output 2013-02-03 16:07:07 -06:00
Jeff Jarmoc 810470de3b Make HTTP_METHOD Configurable 2013-02-03 16:05:45 -06:00
David Maloney 5814c59620 move httpauth to mixin
HttpAuth stuff gets it's own little mixin
mix it in to Exploit::Http::Client
mix in it to Auxiliary::Web::HTTP
2013-02-01 15:12:10 -06:00
HD Moore d5ae005332 Rename with underscores 2013-02-01 14:39:01 -06:00
HD Moore 4e6c93ec7d Various style fixes, fix ruby 1.8 compat 2013-02-01 14:38:20 -06:00
jvazquez-r7 70b252dc7b Merge branch 'normalize_uri_update2' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-normalize_uri_update2 2013-01-31 22:32:50 +01:00