572e4f2bdf
Fix dumb missing options and add spec
2014-05-28 16:32:38 -05:00
15b1c79039
Adjust whitespace and set bytes to str for Python 2
2014-05-28 16:30:27 -04:00
3f86aebabf
Land #3398 , CAPWAP DoS description cleanup
2014-05-28 14:55:22 -05:00
785b53820e
Land #3399 , print_error instead of print_status
2014-05-28 14:53:00 -05:00
1bc2140fa6
Telnet LoginScanner basics
...
basic Telnet LoginScanner with shell
specs. Need to test functionality
and write additional specs
2014-05-28 14:47:58 -05:00
05e24326a6
Style compliance
2014-05-28 14:31:34 -05:00
747395e383
create telnet clinet mixin
...
copy paste existing stuff repurposed for use
in a real class instead of a metasploit module
2014-05-28 13:53:50 -05:00
c89cd24621
Rewire some snmp modules to use print_error instead of print_status.
2014-05-28 13:31:00 -05:00
07a61ae696
adding in changes from before my vacation..
...
MSP-9678
2014-05-28 13:18:28 -05:00
4b5c62ba8d
Dress up CAPWAP DoS desc a little.
2014-05-28 12:19:17 -05:00
821a62627a
final spec cleanup
2014-05-28 09:56:26 -05:00
d8adb3a814
fix gemfile
2014-05-28 09:42:05 -05:00
ca4c942ceb
Merge branch 'staging/electro-release' into feature/MSP-9640/cred_creation
2014-05-28 09:40:44 -05:00
967b0d49b1
Merge branch 'master' into staging/electro-release
...
Conflicts:
Gemfile
Gemfile.lock
2014-05-28 09:39:56 -05:00
deabd1c3b0
tidy the YARD
...
some more cleanup, in the YARD
docs this time.
2014-05-28 09:30:45 -05:00
c975d4dc49
some minor cleanup items
2014-05-28 09:26:19 -05:00
3ac2182984
First stab at axis2 login scanner
2014-05-27 23:53:04 -05:00
832d22cdb8
Land #3395 , sqlite3 gem for some post modules
2014-05-27 19:22:46 -05:00
7a29ae5f36
Add module for CVE-2014-3120
2014-05-27 18:01:16 -05:00
55ef5dd484
Land #3115 , @silascutler's module for elasticsearch indeces enumeration
2014-05-27 11:28:34 -05:00
2271afc1a5
Change module filename
2014-05-27 11:25:39 -05:00
3de8beb5fd
Clean code
2014-05-27 11:22:40 -05:00
cc1e81ecb7
Add sqlite3 to Gemfile
...
Fixes all the post modules that require it to parse pilfered sqlite DB
files.
2014-05-27 10:29:55 -05:00
69e8286838
Fix title
2014-05-27 10:29:32 -05:00
1316365c2f
Fix description
2014-05-27 10:22:39 -05:00
abe1d6ffc7
Land #3190 , @Karmanovskii's module to fingerprint MyBB database
2014-05-27 10:20:24 -05:00
86221de10e
Fix message
2014-05-27 10:18:27 -05:00
b96c2dd0ca
Change module filename
2014-05-27 10:15:39 -05:00
1d8c46155b
Do last code cleaning
2014-05-27 10:14:55 -05:00
ae1b7e564b
Update powershell.rb
2014-05-27 05:18:00 -05:00
704e4d78ca
Fix typo in client_request.rb comment
2014-05-26 23:55:48 -05:00
0133e861f8
Fix typo
2014-05-26 23:55:20 -05:00
352e14c21a
Land #3391 , all vars_get msftidy warning fixes
2014-05-26 23:41:46 -05:00
936c29e69b
Land #3387 , some Set-Cookie msftidy warning fixes
2014-05-26 23:37:33 -05:00
eacf70af83
Update mybb_get_type_db.rb
...
26.05.2014 23:26
I deleted mimicking IE11
2014-05-26 23:26:28 +04:00
1914e0abd3
Land 3393, Add session and framework vars to irb
2014-05-26 18:50:20 +01:00
994891e9c5
Land #3383 , @wchen-r7's [FixRM #8804 ] Fix / URIPATH for BrowserExploitServer
2014-05-25 19:51:30 -05:00
217a14e4d7
Land #3366 , @jholgui's module for CVE-2013-4074
2014-05-25 18:53:30 -05:00
33ba134147
Clean msftidy warnings and metadata
2014-05-25 18:52:01 -05:00
d3c17d8e3e
Delete wireshark_capwap_dos
2014-05-25 18:39:53 -05:00
77e70d8bbe
Add 2 more variables for meterpreter irb
2014-05-25 16:28:40 -04:00
c559483176
Land #3392 , @TomSellers patch to use python constants
2014-05-25 16:18:42 -04:00
77f66f8510
Update reverse_tcp.rb
2014-05-25 14:04:54 -05:00
b5c567c462
Update bind_tcp.rb
2014-05-25 14:03:45 -05:00
da0a9f66ea
Resolved all msftidy vars_get warnings
2014-05-25 19:29:39 +02:00
42a17cc085
Update powershell.rb
...
To be clear, the shell that was tested with was 'windows/shell_reverse_tcp' delivered via 'exploit/windows/smb/psexec'
Additional changes required to fix regex to support the multiline output. Also, InstanceId uses a lower case 'D' on the platforms I tested - PowerShell 2.0 on Windows 2003, Windows 7, Windows 2008 R2 as well as PowerShell 4.0 on Windows 2012 R2.
This method doesn't appear to be used anywhere in the Metasploit codebase currently.
2014-05-25 08:59:42 -05:00
76b9273f10
Improve reliability of have_powershell
...
I have a case where on a Windows 2008 R2 host with PowerShell 2.0 the 'have_powershell' method times out. When I interactively run the command I find that the output stops after the PowerShell command and the token from 'cmd_exec' is NOT displayed. When I hit return the shell then processes the '&echo <randomstring>' and generates the token that 'cmd_exec' was looking for. I tried various versions of the PowerShell command string such as 'Get-Host;Exit(0)', '$PSVErsionTable.PSVersion', and '-Command Get-Host' but was unable to change the behavior. I found that adding 'echo. | ' simulated pressing enter and did not disrupt the results on this host or on another host where the 'have_powershell' method functioned as expected.
There may be a better solution, but this was the only one that I could find.
2014-05-25 08:07:38 -05:00
9f166b87f6
Changed the description
2014-05-24 18:58:36 +01:00
71e2d19040
Adapted to auxiliary modules structure
2014-05-24 18:53:10 +01:00
df97c66ff5
Fixed check
2014-05-24 00:37:52 +02:00
James Lee
Spencer McIntyre
William Vu
David Maloney
joev
Lance Sanchez
Tod Beardsley
jvazquez-r7
Tom Sellers
Karmanovskii
Meatballs
Christian Mehlmauer
JoseMi