Commit Graph

42003 Commits (35bc1fbf28d7c2acdff2d003cdaf615d2494ac91)

Author SHA1 Message Date
itsmeroy2012 fef10b7be8 fixing minor issues 2017-04-03 16:54:45 +05:30
William Vu 95c4dd8108 Prefer start_with? over =~
Oops, old habit.
2017-04-03 02:38:50 -05:00
William Vu 7de2aa1a63 Update Nmap parser to handle masscan
masscan is missing <status>, meaning hosts aren't treated as alive.

Thanks to @jhart-r7 and @jlmurray for working on this previously.
2017-04-03 02:26:14 -05:00
Brent Cook 98ffa4d380
Land #7652, add varnish cache CLI authentication scanner module 2017-04-02 21:52:45 -05:00
Brent Cook 0c3ef4bf47 add note about later versions of Varnish 2017-04-02 21:52:20 -05:00
Brent Cook deb7701d3e tweak misshapen output in MD->HTML 2017-04-02 21:44:50 -05:00
Brent Cook 4c0539d129
Land #8178, Add support for non-Ruby modules 2017-04-02 21:02:37 -05:00
h00die a34c01ebd2
Land #8137 shodan honeyscore module 2017-04-02 21:37:36 -04:00
Carter 3d860c2942 Change RHOST to TARGET 2017-04-02 21:10:42 -04:00
h00die 0092818893
Land #8169 add exploit rank where missing 2017-04-02 20:59:25 -04:00
Bryan Chu 151ed16c02 Re-ranking files
../exec_shellcode.rb
Rank Great -> Excellent

../cfme_manageiq_evm_upload_exec.rb
Rank Great -> Excellent

../hp_smhstart.rb
Rank Average -> Normal
2017-04-02 18:33:46 -04:00
itsmeroy2012 3ada361357 removing twice exploit 2017-04-02 14:33:23 +05:30
itsmeroy2012 2c75526a12 Fixing white spaces 2017-04-02 14:31:11 +05:30
itsmeroy2012 da14a80e8d Fixing hashes 2017-04-02 14:28:04 +05:30
itsmeroy2012 85a95233c7 Documentation on iis_webdav_upload_asp 2017-04-02 14:26:29 +05:30
zerosum0x0 ff27edab14 added docs 2017-04-01 21:58:07 -06:00
zerosum0x0 26fc6bc920 added report_vuln() 2017-04-01 21:48:19 -06:00
Adam Cammack 2de8f1b97d
Fixups for specs 2017-03-31 22:19:53 -05:00
h00die e80b8cb373 move sploit.c out to data folder 2017-03-31 20:51:33 -04:00
William Webb 035f37cf42
Land #8144, Add Moxa Device Discovery Scanner Module 2017-03-31 19:11:27 -05:00
William Webb f870f94fa9
Land #8163, Add Cambium ePMP Arbitrary Command Execution 2017-03-31 19:06:19 -05:00
Adam Cammack 6910cb04dd
Add first exploit written in Python 2017-03-31 17:07:55 -05:00
Adam Cammack a3e196e31e
Support arbitrary external command_stager exploits
So much done, so much more to do.
2017-03-31 17:06:28 -05:00
Metasploit 9edc08cd36
Bump version of framework to 4.14.8 2017-03-31 14:38:29 -07:00
h00die 05201b9578
land #8177 tomcat_gather docs fix 2017-03-31 16:56:44 -04:00
h00die 2b87923a19 fixes for markdown 2017-03-31 16:54:59 -04:00
h00die 823c1a6286 added more verifieds 2017-03-31 16:52:20 -04:00
h00die 23ac9214ea
land #8010 post gather module for tomcat creds 2017-03-31 16:15:55 -04:00
h00die 34a152dc76 handle no sysinfo from ssh_login 2017-03-31 16:15:16 -04:00
Pearce Barry c00b9ca1e5
Land #8175, Get into the DANGER ZOOOOOOONE 2017-03-31 14:31:22 -05:00
Pearce Barry 7b0eeea2f0
Land #8176, deregeister smb2_login from pro bruteforce 2017-03-31 13:56:26 -05:00
David Maloney 7b9772376a
deregeister smb2_login from pro bruteforce
this loginscanner is temporary while we continue
to add the smb2 support and so we don't want the
Metasploit Pro bruteforcer picking it up

MS-2609
2017-03-31 13:34:10 -05:00
HD Moore b5771b0f72 Get into the DANGER ZOOOOOOONE 2017-03-31 12:26:42 -05:00
Metasploit b6085e188d
Bump version of framework to 4.14.7 2017-03-31 10:02:19 -07:00
Brent Cook 9f75a1d392
Land #8174, bump rex-text to fix problems running split-line VBA code 2017-03-31 11:40:21 -05:00
Brent Cook 8eea57cda3
Land #8173, bump rex-core, change 'sleep' to allow < 200ms durations 2017-03-31 11:40:00 -05:00
Pearce Barry ab4d86fd21
Land #8168, change description of alpha encoders 2017-03-31 11:37:12 -05:00
Brent Cook ce87174373 bump rex-text to fix problems running split-line VBA code 2017-03-31 11:34:41 -05:00
Brent Cook a937b00f85 bump rex-core, change 'sleep' to allow < 200ms durations 2017-03-31 11:33:21 -05:00
dmohanty-r7 1ce7bf3938
Land #8126, Add SolarWind LEM Default SSH Pass/RCE 2017-03-31 11:21:32 -05:00
dmohanty-r7 c445a1a85a
Wrap ssh.loop with begin/rescue 2017-03-31 11:16:10 -05:00
Adam Cammack 1306065c91
Always run both loaders
How did I miss this? How did this work before??? I have a bad feeling
this may break pro.
2017-03-31 10:42:13 -05:00
Koen Riepe 628827cda9
Added some documentation and gracefull error handeling. 2017-03-31 12:45:30 +02:00
Koen Riepe df2a9a4af3
Added documentation file and implemented fixes for output and linux parsing. 2017-03-31 11:19:12 +02:00
Bryan Chu 5e31a32771 Add missing ranks
../exec_shellcode.rb
Rank = Great
This exploit is missing autodetection and version checks,
but should be ranked Great due to high number of possible targets

../cfme_manageiq_evm_upload_exec.rb
Rank = Great
This exploit implements a check to assess target availability,
and the vulnerability does not require any user action

../dlink_dcs_930l_authenticated_remote_command_execution
Rank = Excellent
Exploit utilizes command injection

../efw_chpasswd_exec
Rank = Excellent
Exploit utilizes command injection

../foreman_openstack_satellite_code_exec
Rank = Excellent
Exploit utilizes code injection

../nginx_chunked_size
Rank = Great
Exploit has explicit targets with nginx version auto-detection

../tp_link_sc2020n_authenticated_telnet_injection
Rank = Excellent
See dlink_dcs_930l_authenticated_remote_command_execution,
exploit uses OS Command Injection

../hp_smhstart
Rank = Average
Must be specific user to exploit, no autodetection,
specific versions only
2017-03-31 02:39:44 -04:00
Christian Mehlmauer 0a398a59c5
change description 2017-03-30 20:06:23 +02:00
bwatters-r7 6bcb9b523b
Land #8165, Fix x86 mettle shellcode 2017-03-30 11:45:11 -05:00
zerosum0x0 4bd50b0ad2 Merge branch 'ms17-010' of github.com:RiskSense-Ops/metasploit-framework into ms17-010 2017-03-30 10:10:08 -06:00
zerosum0x0 a125566fc7
removed unnecessary arguments 2017-03-30 10:09:31 -06:00
Pearce Barry a13d6a7810
Land #8166, Add new SMB LoginScanner using RubySMB for SMB1/SMB2 Support 2017-03-30 11:08:17 -05:00