james
e642789674
Look for sp_execute_external_script in mssql_enum
...
sp_execute_external_script can be used to execute code in MSSQL.
MSSQL 2016+ can be configured to execute R code. MSSQL 2017 can
be configured to execute Python code.
Documentation:
https://docs.microsoft.com/en-us/sql/relational-databases/system-stored-procedures/sp-execute-external-script-transact-sql
https://docs.microsoft.com/en-us/sql/advanced-analytics/tutorials/rtsql-using-r-code-in-transact-sql-quickstart
Interesting uses of sp_execute_external_script:
R - https://pastebin.com/zBDnzELT
Python - https://gist.github.com/james-otten/63389189ee73376268c5eb676946ada5
2017-08-16 21:40:03 -05:00
TC Johnson
8989d6dff2
Modified Accuvant bog posts to the new Optive urls
2017-08-02 13:25:17 +10:00
Brent Cook
6300758c46
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
g0tmi1k
524373bb48
OCD - Removed un-needed full stop
2017-07-21 07:41:51 -07:00
g0tmi1k
772bec23a1
Fix various typos
2017-07-21 07:40:08 -07:00
g0tmi1k
3f6925196b
OCD - store_loot & print_good
2017-07-19 13:02:49 +01:00
g0tmi1k
ef826b3f2c
OCD - print_good & print_error
2017-07-19 12:48:52 +01:00
g0tmi1k
df9b642746
More print_status -> print_good
2017-07-19 11:39:15 +01:00
g0tmi1k
b8d80d87f1
Remove last newline after class - Make @wvu-r7 happy
2017-07-19 11:19:49 +01:00
g0tmi1k
a008f8e795
BruteForce - > Brute Force
2017-07-19 10:39:58 +01:00
g0tmi1k
4720d1a31e
OCD fixes - Spaces
2017-07-14 08:46:59 +01:00
g0tmi1k
9309115627
OCD - Banner clean up
2017-07-14 08:19:50 +01:00
g0tmi1k
fd843f364b
Removed extra lines
2017-07-14 08:17:16 +01:00
g0tmi1k
67310fa96c
print_status -> print_good. [When it is successful, show it!]
2017-07-14 00:09:35 +01:00
Pearce Barry
59de7d3635
Land #8671 , Add a module for CVE-2017-7615
2017-07-12 14:58:02 -05:00
Pearce Barry
580219695a
Oof, missed the parens...
2017-07-12 13:52:59 -05:00
Pearce Barry
aa22651340
Few style/spelling tweaks, nothing to see here...
2017-07-12 13:41:20 -05:00
Brent Cook
345407b0a4
Rex::Encoder::XDR conflicts with the XDR gem
2017-07-12 11:52:10 -05:00
jvoisin
263a42707e
Fix a typo
2017-07-09 16:34:51 +02:00
jvoisin
8510cda5ae
Implement @bcoles advices
2017-07-09 16:34:10 +02:00
jvoisin
f10cf75ae0
Fix some stuff
2017-07-09 10:45:15 +02:00
jvoisin
5fe805aaca
s/\t/ /g
2017-07-09 02:29:37 +02:00
jvoisin
968fa0c244
Add even more references
2017-07-09 02:27:54 +02:00
jvoisin
ae930ae7c1
Add a module for CVE-2017-7615
2017-07-09 02:14:21 +02:00
Roman
38b1e56bbd
negated wording regarding legacy auth
...
According to the docs this variable means the opposite:
https://dev.mysql.com/doc/refman/5.5/en/mysql-command-options.html#option_mysql_secure-auth
OFF -> insecure
ON -> secure
2017-07-03 14:29:07 +02:00
Brent Cook
07e7baebb8
sign my name
2017-06-25 14:59:01 -05:00
Brent Cook
7bc0dcea42
add ipv6 support for CHOST
2017-06-25 14:57:15 -05:00
Brent Cook
269597f994
add initial CHOST support
2017-06-24 18:57:43 -05:00
Brent Cook
eee1eff034
improve resolve / add / delete logic
2017-06-24 18:36:01 -05:00
Brent Cook
b36d56bed3
handle RXDomain on lookup failure
2017-06-24 18:10:50 -05:00
Brent Cook
c8755a3a7a
add pre-flight checks, log a lot more info
2017-06-24 12:32:15 -05:00
Brent Cook
8f3c470bb3
make usage more intuitive, remove weird defaults
2017-06-24 11:52:52 -05:00
Brent Cook
24c43b1822
reregister rhost
2017-06-22 18:33:19 -05:00
Brent Cook
ca813e7a5c
fix message formatting
2017-06-22 18:21:33 -05:00
Brent Cook
823260cc04
fix error message
2017-06-22 18:11:07 -05:00
Brent Cook
3cf722a45d
use correct preqrequisites
2017-06-22 18:08:20 -05:00
Brent Cook
5e48a11e60
handle specific exceptions, update docs
2017-06-22 18:01:52 -05:00
Brent Cook
6a261b172f
move from scanner to admin
2017-06-22 17:47:04 -05:00
Brendan Coles
c811c6a8c0
Add PASS_FILE option
2017-05-28 23:26:51 +00:00
Brendan Coles
8fce94b3cd
Add ScadaBR Credentials Dumper module
2017-05-28 01:24:53 +00:00
James Lee
4def7ce6cc
Land #8327 , Simplify storing credentials
2017-05-18 16:49:01 -05:00
wchen-r7
8025eb573a
Enforce check
...
Because we are not able to get our hands on the hardware for testing,
and that this module may trigger a backtrace if the UDP server isn't
Moxa, we force check to make sure that doesn't happen.
2017-05-16 16:43:22 -05:00
wchen-r7
2d7f7f9aec
Pass msftidy
2017-05-16 15:05:12 -05:00
Patrick DeSantis
4a0535c2d0
add moxa credential recovery module
2017-05-16 10:21:44 -04:00
William Vu
bee36ca90f
Fix edge case
2017-05-11 16:22:21 -05:00
William Vu
68f13808e7
Fix msftidy warnings for the WNR2000 module
2017-05-11 16:16:10 -05:00
Jeffrey Martin
a1efa30fa2
comments adjustments & enum better
2017-05-08 11:57:06 -05:00
Jeffrey Martin
e2fe70d531
convert store_valid_credential to named params
2017-05-05 18:23:15 -05:00
Jeffrey Martin
63b6ab5355
simplify valid credential storage
2017-05-04 22:51:40 -05:00
darkbushido
81bcf2ca70
updating all LHOST to use the new opt type
2017-05-04 12:57:50 -05:00