infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,585 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

1693 Commits (42c8a2d2655609563133138d6e8dfc78046d4a28)

Author SHA1 Message Date
Robin Wood e7604f80b2 added a warning and using optpath 2013-01-20 21:24:00 +00:00
Robin Wood 6da4b72d85 added a warning and using optpath 2013-01-20 21:23:59 +00:00
Robin Wood ebb0635e0a stopped using fixed table name 2013-01-20 21:23:59 +00:00
Robin Wood fce58ad96d Fixed msftidy stuff 2013-01-20 21:23:58 +00:00
Robin Wood 23d1eb7a80 File/dir brute forcer using MySQL 2013-01-20 21:23:58 +00:00
Christian Mehlmauer e613c860a5 Added Name and Emailadress 2013-01-17 23:17:14 +01:00
Tod Beardsley a43b218917 Line full of whitespace 2013-01-17 12:43:06 -08:00
jvazquez-r7 ffd8890ba2 Merge branch 'smb_login_option' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-smb_login_option 2013-01-17 18:15:41 +01:00
f8lerror 0b61d28e0e added Joomla scanner and url wordlist 2013-01-17 11:36:59 -05:00
lmercer a701b5eb79 fixed an error that occurred when patching. 2013-01-16 18:21:19 -05:00
lmercer ddd2dbc17b Updated coldfusion_local_traversal as described in Redmine Feature #6822 2013-01-16 17:54:15 -05:00
lmercer 481f2eb791 updated cold_fusion_version from Redmine Feature #6822 2013-01-16 17:23:35 -05:00
sinn3r 9dc42e93e7 Reduce unnecessary indent level 2013-01-15 14:36:41 -06:00
sinn3r 5109cc97fe Add more verbs 
[SeeRM: #7138] by jabra
 2013-01-15 14:11:53 -06:00
sinn3r 6e6e90d733 Cosmetic changes 2013-01-15 11:36:49 -06:00
sinn3r a06d49a8be Return symbols 
STOP_ON_SUCCESS is being ignored because the module's login function
doesn't pass a symbol to the mixin.  This addresses that.
 2013-01-15 11:25:02 -06:00
sinn3r ef6eec949c Move impersonate_ssl 
To 'gather', because it grabs stuff, not scans.
 2013-01-11 17:22:27 -06:00
jvazquez-r7 8c5847a13c Make output compatible with an scanner module 2013-01-11 00:10:15 +01:00
jvazquez-r7 0e950997e6 Merge branch 'wordpress-pingback-access' of https://github.com/smilingraccoon/metasploit-framework into smilingraccoon-wordpress-pingback-access 2013-01-10 23:57:22 +01:00
smilingraccoon 0c58a118ff Found the issue I believe, fixed two issues. One with 301/302 responses getting a bad URI due to switch from ip to dns in location header and other from res.to_s rather than res.body being passed to regex 2013-01-10 11:32:48 -05:00
smilingraccoon fc5a0e22b2 stupid push, forgot to remove test puts 2013-01-10 10:43:57 -05:00
smilingraccoon ed9d290a85 added status messages, made var blog_posts initalize as nil rather than empty string 2013-01-10 10:41:25 -05:00
smilingraccoon 5bafd6ddcc added status message 2013-01-10 09:43:37 -05:00
jvazquez-r7 5fe2f967da this rescue is done in the mixin 2013-01-09 21:28:06 +01:00
HD Moore 07f8eb6a07 Fix up a typo 2013-01-09 13:05:27 -06:00
HD Moore adb4c89602 Add a scanner module for CVE-2013-0156 2013-01-09 12:50:38 -06:00
jvazquez-r7 7a1a9985d5 Merge branch 'mysql_login_exceptions' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-mysql_login_exceptions 2013-01-09 18:21:03 +01:00
smilingraccoon a0a4ef843b added error msgs to rescue 2013-01-09 11:22:36 -05:00
sinn3r 4e70f7d888 Merge branch 'bug/rm7139-smtp_enum-false-positive' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-bug/rm7139-smtp_enum-false-positive 2013-01-09 01:13:43 -06:00
Thomas McCarthy f45739933e Update modules/auxiliary/scanner/http/wordpress_pingback_access.rb 
Changed name var in initialize
 2013-01-08 19:20:02 -05:00
lmercer 69485ba261 made changes as specified in Redmine Bug #7139 2013-01-08 12:14:57 -05:00
Joshua J. Drake 3ceb313752 Fixes format string issue in smb_login - FixRM #7657 2013-01-07 22:17:49 -06:00
Joshua J. Drake c74d258509 Revert "Fixes format string issue in smb_login - FixRM #7657" 
Will replay on separate branch.

This reverts commit a12b628ccc.
 2013-01-07 22:03:57 -06:00
Joshua J. Drake 60987de854 Merge branch 'master' of github.com:rapid7/metasploit-framework 2013-01-07 21:20:20 -06:00
Joshua J. Drake a12b628ccc Fixes format string issue in smb_login - FixRM #7657 2013-01-07 21:20:09 -06:00
sinn3r 5bc1066c69 Change how modules use the mysql login functions 2013-01-07 16:12:10 -06:00
smilingraccoon 9f69dbbd30 update unless statements, targeturi, and resolve var 2013-01-07 13:17:49 -05:00
Tod Beardsley 36adf86184 Various and sundry fixes for normalize_uri 2013-01-07 12:02:08 -06:00
Tod Beardsley 6a9445966a Caught missing paren 2013-01-07 11:21:55 -06:00
Tod Beardsley 33751c7ce4 Merges and resolves CJR's normalize_uri fixes 
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules

Note that this trips all kinds of msftidy warnings, but that's for another
day.

Conflicts:
	modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
	modules/exploits/windows/http/xampp_webdav_upload_php.rb
 2013-01-07 11:16:58 -06:00
smilingraccoon 0de23a7edb fixed description 2013-01-04 21:16:56 -05:00
smilingraccoon e35afdce5d added wordpress-pingback scanner 2013-01-04 20:59:33 -05:00
smilingraccoon 3936725958 added wordpress-pingback scanner 2013-01-04 20:44:40 -05:00
Christian Mehlmauer 6654faf55e Msftidy fixes 2013-01-04 09:29:34 +01:00
sinn3r 6f50410e5f Merge branch 'patch-1' of github.com:mubix/metasploit-framework into mubix-patch-1 2013-01-03 17:51:54 -06:00
James Lee 9e912a23ff Merge branch 'rapid7' into FireFart-msftidy_aux_1 2013-01-03 16:54:25 -06:00
Tonimir Kisasondi 39e81fb07f Update modules/auxiliary/scanner/http/wordpress_login_enum.rb 
Simple fix for msfconsole start error.
 2013-01-03 21:52:10 +01:00
Tod Beardsley 1406f7cb0a Msftidy on sap_router_info_request 2013-01-03 10:55:11 -06:00
Christian Mehlmauer e4a6669927 msftidy: remove $Revision$ 2013-01-03 01:05:45 +01:00
Christian Mehlmauer 4d8a2a0885 msftidy: remove $Revision$ 2013-01-03 01:01:18 +01:00
Christian Mehlmauer 95948b9d7c msftidy: remove $Revision$ 2013-01-03 00:58:09 +01:00
Christian Mehlmauer ca890369b1 msftidy: remove $Id$ 2013-01-03 00:54:48 +01:00
Rob Fuller 88d12da3db hilight positive results in WebDAV scanner 
As suggested by Lee Baird
 2013-01-02 13:27:25 -05:00
sinn3r 33ea21e415 Merge branch '403labs-zgrace-wordpress_login_enum' 2012-12-28 17:47:05 -06:00
sinn3r d92b3bd2e1 Apply fixes 2012-12-28 17:46:17 -06:00
Tod Beardsley e5eb8c6301 Fix connected in sap_router_info_request 
See #1028 comments
 2012-12-28 16:34:59 -06:00
sinn3r 2746a57093 Merge branch 'zgrace-wordpress_login_enum' of git://github.com/403labs/metasploit-framework into 403labs-zgrace-wordpress_login_enum 2012-12-28 15:42:09 -06:00
Tod Beardsley 3daea913b1 Merge branch 'sap_router_info_request' 2012-12-28 15:22:44 -06:00
Tod Beardsley 35604ac1aa Normalizing caps and expanding description a bit 
Be nice to have a couple more lines on the description
 2012-12-28 15:12:40 -06:00
Tod Beardsley 5d7197d8ba Moved shout outs, organized includes 
include Msf::Exploit::Remote::Tcp must precede the include for the
Scanner mixin -- otherwise you end up with some undesired effects, like
having an RHOST and RHOSTS on the datastore.

Also, took out the block of shout outs and gave references and credits
to the people / url's mentioned.
 2012-12-28 14:51:23 -06:00
Zach Grace d4bdf1b6b4 Added user name enumeration based on author id enumeration 2012-12-24 16:09:03 -06:00
sinn3r 2c4d517e75 Merge branch 'useragent_cleanup' of git://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-useragent_cleanup 2012-12-21 11:14:06 -06:00
Chris John Riley 413b75cd8b Fixed crash issues with unescape 
Added better formatting to avoid pages of output
 2012-12-21 12:07:14 +01:00
Chris John Riley e237512bd7 Cleaned up the SAP modules as they are all sending double user-agent strings (also added OptEnum where appropriate) 2012-12-21 10:47:45 +01:00
sinn3r cad8abef48 msftidy cleanup 2012-12-18 11:46:27 -06:00
sinn3r 860ebbcfb1 Merge branch 'master' into averagesecurityguy-master 2012-12-18 11:45:41 -06:00
sinn3r 0344c568fd Merge branch 'smb_fixes' of git://github.com/alexmaloteaux/metasploit-framework into alexmaloteaux-smb_fixes 2012-12-18 11:38:14 -06:00
sinn3r 9825b07df8 Merge branch 'sap_soap_rfc_dbmcli_sxpg_command_exec' of git://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_dbmcli_sxpg_command_exec 2012-12-18 01:12:50 -06:00
nmonkee 37f7122006 NameError undefined local variable or method output - fixed 2012-12-17 19:34:36 +00:00
Tod Beardsley 10511e8281 Merge remote branch 'origin/bug/fix-double-slashes' 
Ran the new normalize_uri() specs, all passes, so I'm quite confident in
this change.
 2012-12-17 13:29:19 -06:00
sinn3r d2885d9045 Correct US Cert references 2012-12-13 14:19:53 -06:00
jvazquez-r7 8f388eb226 fixing if typo 2012-12-11 23:28:21 +01:00
jvazquez-r7 b5b5667539 Merge branch 'symantec_brightmail' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-symantec_brightmail 2012-12-11 23:27:56 +01:00
sinn3r 0ca1dbd14e Account for the timeout condition 2012-12-11 16:24:42 -06:00
jvazquez-r7 461f057c95 Merge branch 'loggedin_users' of https://github.com/R3dy/metasploit-framework into R3dy-loggedin_users 2012-12-11 17:33:31 +01:00
sinn3r 25d888bebb Add CVE-2012-4347 Symantec Messaging Gateway Log File Download 2012-12-10 18:09:29 -06:00
sinn3r 64a8b59ff9 Change CVE forma 
Although the original text should work perfectly, for better
consistency, it's best to remove the "CVE" part. This may not
be a big deal in framework, but stands out a lot in Pro.
 2012-12-09 01:09:21 -06:00
Stephen Haywood f56ef52ffc Fixed path error when BASE_PATH is nil. 2012-12-06 23:55:34 -05:00
Stephen Haywood 761e735a55 Store wc.db file in loot. Add BASE_PATH option. 2012-12-06 23:38:03 -05:00
Royce Davis 600121c36a Fixed issue involing static path to Windows directory 2012-12-06 16:28:59 -06:00
Stephen Haywood 8a149b3ea3 Removed Version. 2012-12-06 17:24:16 -05:00
Stephen Haywood 4ce51fe889 Made changes requested by sinn3r. 2012-12-06 17:18:50 -05:00
Stephen Haywood d938959e97 Module to find SVN wc.db files. 2012-12-06 16:30:23 -05:00
jvazquez-r7 232eb7bf2d Final cleanup plus name change 2012-12-05 00:32:42 +01:00
jvazquez-r7 9cff72af72 Merge branch 'loggedin_users' of https://github.com/R3dy/metasploit-framework into R3dy-loggedin_users 2012-12-05 00:31:24 +01:00
Royce Davis a1136be59e Fixed last ip changed it to peer 2012-12-02 19:17:59 -06:00
Royce Davis 2b171bb003 Added report_note functionality 2012-12-02 18:49:50 -06:00
Royce Davis e4e3ec8fdd Fixed module to use clean psexec method 2012-12-02 18:35:23 -06:00
Royce Davis 476a5dc58c Fixed return without disconnect 2012-12-02 18:27:27 -06:00
Royce Davis 4276279dd8 Fixed print_status to use peer instead of ip 2012-12-02 18:25:09 -06:00
sinn3r 1085357dbb Talked to Todb, we like "." better 2012-11-30 14:53:57 -06:00
sinn3r 61a74bf257 Minor changes here and there 
Changes include:
* Some corrections in metadata
* report_note()
* Removes connect(), usually don't need it in modules
 2012-11-30 14:24:27 -06:00
Matt Andreko a73d8792ee Changed RPORT definition per egypt 2012-11-30 13:57:25 -05:00
Matt Andreko 40b8c93ef8 Added HSTS scanner for HTTPS sites 2012-11-30 09:30:11 -05:00
Royce Davis 7d4982b47b Fixed description area and authoer section 2012-11-29 14:21:27 -06:00
Royce Davis d6a3f6666d Fixed simple return form get_output method 2012-11-29 14:15:57 -06:00
Royce Davis cf53588ab7 Removed Version 2012-11-29 14:14:41 -06:00
Royce Davis 3ebbee5b1f Removed generic URLs 2012-11-29 14:13:49 -06:00
HD Moore 93a69ea62e Fix instances of invalid lower-case datastore use 2012-11-29 00:05:36 -06:00
Alexandre Maloteaux c0c3dff4e6 Several fixes for smb, mainly win 8 compatibility 2012-11-28 22:49:40 +01:00