Commit Graph

1347 Commits (3df9dfcea259a9aed7addc0a497bdfd16c80e3c6)

Author SHA1 Message Date
sinn3r 2a202e9035 Add OSVDB-86563 ManageEngine SecurityManager dir traversal 2012-10-29 12:23:48 -05:00
sinn3r 2c4273e478 Correct some modules with res nil 2012-10-29 04:41:30 -05:00
sinn3r 34731c3e0a Add OSVDB-86720 - Clansphere dir traversarl 2012-10-29 03:44:22 -05:00
HD Moore 3a42eb3f73 New modules and library for the ADDP protocol 2012-10-28 23:04:18 -05:00
sinn3r 7a1c3e7cf6 Merge branch 'dmaloney-r7-WinRM_piecemeal' 2012-10-27 18:55:24 -05:00
zombieCraig 164321a5ed Add Domain notes to smb_version 2012-10-26 11:56:14 -04:00
David Maloney b15c38f819 Fix output to display ip:port 2012-10-25 19:57:29 -05:00
David Maloney fb7af536d5 wtf, bad metadata
Removed extraneous references section
2012-10-25 10:16:12 -05:00
David Maloney bfbae5fbb7 Merge branch 'upstream-master' into WinRM_piecemeal
Conflicts:
	lib/msf/core/exploit/winrm.rb
2012-10-24 14:12:28 -05:00
David Maloney a15c35091d Add the WinRM login module 2012-10-24 11:25:39 -05:00
sinn3r 77c8548855 Merge branch 'dmaloney-r7-WinRM_piecemeal' 2012-10-23 16:33:16 -05:00
Michael Schierl 910644400d References EDB cleanup
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
sinn3r 33ce74fe8c Merge branch 'msftidy-1' of git://github.com/schierlm/metasploit-framework into schierlm-msftidy-1 2012-10-23 02:10:56 -05:00
David Maloney 2335c582c3 Null response handling 2012-10-23 00:25:31 -05:00
David Maloney e08cedec2e Requested revisions/cleanup
minor fixes to spacing, some typos, and abse64 switched to Rex
2012-10-22 17:01:00 -05:00
Rob Fuller 7437d9844b standardizing author info 2012-10-22 17:01:58 -04:00
Michael Schierl e9f7873afc Version cleanup
Remove all values that are neither 0 nor $Revision$.
2012-10-22 20:57:02 +02:00
Rob Fuller 49948faa9b remove non-functional enum_delicious module 2012-10-22 14:46:52 -04:00
David Maloney 7866b61a7e Typo fix 2012-10-20 00:31:35 -05:00
David Maloney 56cbe6a67e Some minor fixups 2012-10-19 15:25:03 -05:00
David Maloney 3a8dd261ae WinRM mixin and basic discovery module 2012-10-19 15:08:58 -05:00
jvazquez-r7 4ad6fcc30e osvdb added 2012-10-19 17:04:47 +02:00
Ewerson Guimaraes (Crash) 4d80e37741 NTP Clock Variables Disclosure 2012-10-18 20:03:28 -03:00
sinn3r 0675a6171b Cosmetic changes 2012-10-17 17:30:16 -05:00
jvazquez-r7 3bd84e255f minor cleanup 2012-10-17 22:06:47 +02:00
jvazquez-r7 848f0cd899 Merge branch 'module-lantronix_telnet_password' of https://github.com/jgor/metasploit-framework into jgor-module-lantronix_telnet_password 2012-10-17 22:06:25 +02:00
jgor 9af727388f deleted superfluous code and comments 2012-10-17 14:27:00 -05:00
jvazquez-r7 16e2a2e050 fix title for the apache activemq source disclosure mod 2012-10-17 17:23:56 +02:00
sinn3r e583847a31 I missed this sucker. 2012-10-15 22:02:26 -05:00
sinn3r 8e668e2808 Check STATUS_ACCESS_DENIED properly
When Samba throws STATUS_ACCESS_DENIED, the exception that's
throwin is actually Rex::Proto::SMB::Exception::ErrorCode, not
as LoginError.  It was handled correctly in try_user_pass(), but
not in other functions that also use smb_login().
2012-10-15 16:52:34 -05:00
jvazquez-r7 29299b29a5 Added modules for CVE-2012-4933 2012-10-15 16:03:19 +02:00
sinn3r e00dbfcc0d You mean.. FILEPATH. 2012-10-14 18:18:11 -05:00
sinn3r 2f04fdd71a Merge branch 'apache_activemq_traversal' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-apache_activemq_traversal 2012-10-14 18:16:41 -05:00
jvazquez-r7 d971abaeb9 deleted extra comma 2012-10-14 22:39:07 +02:00
jvazquez-r7 14bd0373d3 deleted extra space 2012-10-14 22:38:14 +02:00
jvazquez-r7 ac6a4c9283 Added module for CVE-2010-1587 2012-10-14 22:36:02 +02:00
jvazquez-r7 2b644dbc45 added module for Apache ActiveMQ directory traversal 2012-10-14 22:30:38 +02:00
jgor 79da6c7186 added Lantronix telnet password recovery module 2012-10-14 12:46:52 -05:00
HD Moore 286b86949b Prefix with host:port for readability 2012-10-08 15:23:26 -05:00
jvazquez-r7 6aefa40ec1 fix my english 2012-09-28 00:32:02 +02:00
jvazquez-r7 12177b0ed2 Added module for 2011-1900 2012-09-28 00:29:12 +02:00
sinn3r f6baf824b6 The USER_FILE path is wrong. 2012-09-27 01:33:11 -05:00
sinn3r 75d40d4d82 Make msftidy happy 2012-09-27 01:33:11 -05:00
Cristiano Maruti 99ec988485 Updated with wordlist path registered options 2012-09-27 01:33:11 -05:00
Cristiano Maruti 75f5e24178 Dell iDrac login aux scanner 2012-09-27 01:33:11 -05:00
James Lee 77a0cf18da Fix errors when pivoting
Printing stack traces is rude.

Also removes Capture which isn't necessary for this module
2012-09-23 22:59:44 -05:00
David Maloney f75ff8987c updated all my authour refs to use an alias 2012-09-19 21:46:14 -05:00
Ramon de C Valle 11f82de098 Update author information 2012-09-19 14:00:51 -03:00
jvazquez-r7 270fa1b87b updated descriptions for hp sitescope modules tested over linux 2012-09-05 23:25:08 +02:00
sinn3r bed3c7bbac Merge branch 'hp_sitescope_loadfilecontent_fileaccess' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_sitescope_loadfilecontent_fileaccess 2012-09-05 13:59:49 -05:00
sinn3r 598fdb5c50 Merge branch 'hp_sitescope_getsitescopeconfiguration' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_sitescope_getsitescopeconfiguration 2012-09-05 13:58:39 -05:00
jvazquez-r7 20655232d7 cleanup, tested and added osvdb reference 2012-09-05 20:03:46 +02:00
jvazquez-r7 c6f5b1f072 cleanup, test, osvdb reference 2012-09-05 19:56:04 +02:00
jvazquez-r7 ea2eb046c3 cleanup, final test, osvdb reference 2012-09-05 19:45:50 +02:00
jvazquez-r7 166f68b194 added module for ZDI-12-177 2012-09-05 12:54:30 +02:00
jvazquez-r7 534ab55e5c Added module for ZDI-12-173 2012-09-05 12:53:03 +02:00
jvazquez-r7 8a50ca2f47 Added module for ZDI-12-176 2012-09-05 12:51:25 +02:00
sinn3r 9d97dc8327 Add Metasploit blogs as references, because they're useful. 2012-09-03 15:57:27 -05:00
sinn3r 53a9a8afce Awww, typo! Nice catch, @Agarri_FR! :-) 2012-08-31 14:23:51 -05:00
sinn3r 638d9d1095 Fix nil res bug, change action name, etc 2012-08-25 02:41:50 -05:00
Ewerson Guimaraes (Crash) cad590488d Update modules/auxiliary/scanner/http/http_traversal.rb 2012-08-24 15:47:07 -03:00
Tod Beardsley 586d937161 Msftidy fix and adding OSVDB 2012-08-15 13:43:50 -05:00
sinn3r e5666d70e2 Merge branch 'glassfish-uri' of https://github.com/bonsaiviking/metasploit-framework into bonsaiviking-glassfish-uri 2012-08-13 11:53:03 -05:00
HD Moore f72f334124 Fix an odd issue with search due to use of the builtin Proxies option 2012-08-12 23:22:38 -05:00
RageLtMan 33c74c97e2 Add Opt::Proxies and opthash[:proxies] to ssh mods 2012-08-12 16:23:22 -04:00
RageLtMan c9690033c7 This commit allows ssh_login to use socks proxies. Net::SSH::Transport::Session could take a :proxy option,
but it expects a factory object not a string, when setting :proxy => datastore['Proxies'] user got:
"Auxiliary failed: NoMethodError private method `open' called for \"socks4:localhost:1080\":String."
VALID_OPTIONS in ssh.rb now takes :proxies option which is passed to the Rex socket in
Net::SSH::Transport::Session.new.

Testing: block all outgoing to SSH server, try to connect with a proxy. Try with :proxy option,
then merge this pull request and try again.
2012-08-12 16:01:52 -04:00
Daniel Miller db4f31de76 Fix use of URI option for glassfish_login
auxiliary/scanner/http/glassfish_login offers URI option to set the path
where Glassfish is installed, but it doesn't work. Replaced it with
TARGETURI and call target_uri.path to get a base path.
2012-08-10 15:44:53 -05:00
jvazquez-r7 d04fdc9382 Added aux module for CVE-2009-1730 2012-08-08 16:26:41 +02:00
sinn3r b46fb260a6 Comply with msftidy
*Knock, knock!*  Who's there? Me, the msftidy nazi!
2012-08-07 15:59:01 -05:00
jvazquez-r7 c2cc4b3b15 juan author name updated 2012-08-06 18:59:16 +02:00
sinn3r 99d3ee6fc4 Merge branch 'webpagetest_traversal' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-webpagetest_traversal 2012-08-06 03:15:16 -05:00
sinn3r f1e7ef06cc Add webpagetest dir traversal module
How did I forget this while writing the exploit?
2012-08-06 03:11:07 -05:00
Tod Beardsley d5b165abbb Msftidy.rb cleanup on recent modules.
Notably, DisclosureDate is required for other module parsers, so let's
not ignore those, even if you have to guess at the disclosure or call
the module's publish date the disclosure date.
2012-08-04 12:18:00 -05:00
sinn3r 87aae548e6 Final cleanup 2012-07-24 13:11:04 -05:00
Bruno Morisson dbc779e02d implemented fixes requested by sinn3r
Implemented the fixes, and re-tested the modules
2012-07-24 11:02:49 +01:00
Bruno Morisson 397d708340 Added bulk file retrieval to sap_mgmt_con_getlogfiles, and new module to get SAP process list from remote host
* Added option to retrieve all available files from remote SAP host to
sap_mgmt_con_getlogfiles, based on the listing request provided in
sap_mgmt_con_listlogfiles module, if the variable GETALL is set to true.
Kept previous functionality of retrieving just one chosen file.

* Added new module sap_mgmt_con_getprocesslist to remotely list SAP
processes using SAP SOAP interface. Based on the other sap_mgmt_con_*
modules by Chris John Riley.
2012-07-23 16:26:33 +01:00
HD Moore 9bff1c913b Merge pull request #592 from alexmaloteaux/ipv6arpfix
ipv6 and arp_scanner fix
2012-07-18 20:40:27 -07:00
HD Moore c887e0aaff Re-add AFP changes due to mangled merge 2012-07-17 00:42:49 -05:00
HD Moore f62e0b1cca AFP fixes and JTR typo fix 2012-07-16 21:45:45 -05:00
HD Moore bc2edeace2 Cleanup AFP module output 2012-07-16 21:02:40 -05:00
jvazquez-r7 2da984d700 Added module for OSVDB 83275 2012-07-12 13:12:31 +02:00
Alexandre Maloteaux 81ba60169f ipv6 and arp_scanner fix 2012-07-10 18:28:24 +01:00
sinn3r b817070545 Merge branch 'mac_oui' of https://github.com/alexmaloteaux/metasploit-framework into alexmaloteaux-mac_oui 2012-07-09 20:14:25 -05:00
Alexandre Maloteaux e509c72574 better handle company name 2012-07-10 00:24:30 +01:00
Alexandre Maloteaux e949b8c2c8 mac_oui 2012-07-09 23:46:57 +01:00
jvazquez-r7 b33220bf90 Added module for CVE-2012-2215 2012-07-09 17:32:55 +02:00
sinn3r d626de66f7 Print out where the scheme info is stored.
This module needs to print out where the scheme is stored so the
user knows where it is, see complaint:
https://community.rapid7.com/message/4448
2012-07-08 18:24:18 -05:00
sinn3r ecb4e20c92 Instead of deleting the "/", here's a different approach 2012-07-06 01:23:41 -05:00
sinn3r 7876d7fd60 Delete the extra "/" 2012-07-06 01:20:31 -05:00
sinn3r 686f176a99 Correct path 2012-07-06 01:12:47 -05:00
sinn3r 0c18662d46 Make msftidy happy and change the traversal option 2012-07-06 01:10:39 -05:00
sinn3r 3b7e1cd73a Add Dillion's module for Wangkongbao 2012-07-06 00:54:55 -05:00
sinn3r 68c582873b Add the MSF license text 2012-06-27 17:11:00 -05:00
jvazquez-r7 d3bc78c53b applied changes proposed by sinn3r 2012-06-27 23:55:51 +02:00
jvazquez-r7 2c5cc697c9 Added auxiliary module for CVE-2012-2926 2012-06-27 10:21:18 +02:00
HD Moore 348a0b8f6e Merge branch 'master' into feature/vuln-info 2012-06-24 23:00:13 -05:00
HD Moore c28d47dc70 Take into account an integer-normalized datastore 2012-06-24 23:00:02 -05:00
HD Moore e31a09203d Take into account an integer-normalized datastore 2012-06-24 22:59:14 -05:00
sinn3r 05eaac9085 Fix possible param duplicates 2012-06-24 19:05:42 -05:00
James Lee 3e974415d9 Give some verbose feedback if connection failed 2012-06-23 00:58:27 -06:00