4c2ae1a753
Fix jenkins when CSRF is enabled
2014-10-14 19:33:23 -05:00
1095d1dca3
Land #4015 , dates in the info on modules
2014-10-14 16:37:26 -05:00
592f1e9893
Land #3999 , errors on login suppressed by default
...
This also solved the merge conflict on:
modules/auxiliary/scanner/http/jenkins_login.rb
Fixes #3995 .
2014-10-14 16:35:09 -05:00
d775c6cfdb
Merge pull request #9 from todb-r7/pr4015-disclosure-fix
...
Pr4015 disclosure fix
2014-10-14 16:12:36 -05:00
e68aaa4226
Don't disclose empty disclosure dates
...
For rapid7#4015
2014-10-14 16:02:23 -05:00
b8aa3f5357
Test #4015 , disclosure dates on info
2014-10-14 16:01:59 -05:00
f612c8cd3e
Add disclosure date to info
2014-10-14 15:15:24 -05:00
fdd79e64c3
Land #4010 , ReverseAllowProxy clarification
2014-10-14 15:10:50 -05:00
8e58efbf4f
Land #4008 , OLE specs
2014-10-14 13:57:54 -05:00
9630d4676f
Land #4012 , info showing actions
2014-10-14 13:51:37 -05:00
309d578196
Land #4013 , OSVDB refs for a couple modules
2014-10-14 13:44:31 -05:00
bdbad5a81d
Fix misaligned bracket
2014-10-14 13:43:59 -05:00
9f6008e275
A couple OSVDB updates for recent modules
2014-10-14 13:39:36 -05:00
4f8801eeba
Land #3651 , local Bluetooth exploit a @KoreLogic
...
This started life as #3653 . I'll take this out of unstable as well,
since it got there on commit b10cbe4f
2014-10-14 13:13:34 -05:00
972efd423c
Land #4011 , module description cleanup
2014-10-14 12:43:17 -05:00
5c4f61057f
Show available actions for info
2014-10-14 12:41:02 -05:00
56534e7ad3
Changed a login failed to vprint instead of print
...
People often like to supress failed attempts. Note that this change may
or may not have any effect, given the status of #3995 .
This module was introduced in PR #3947 .
2014-10-14 12:01:09 -05:00
b1223165d4
Trivial grammar fixes
2014-10-14 12:00:50 -05:00
6ea3a78b47
Clarify the description on HP perfd module
...
Introduced in #3992
2014-10-14 11:58:52 -05:00
70d1eefaa9
Update reverse_tcp.rb
...
As I am using a exploit that does a check on the Server HTTP headers to identify the target I saw an error message that reads like this:
>The target server fingerprint "" does not match "(?-mix:(Jetty|JBoss))", use 'set FingerprintCheck false' to disable this check.
Then, while using a HTTP proxy to analyse the requests I am presented with an error that tells me to set another internal option to override a default behaviour. Although it should be pretty clear to everyone using the metasploit framework, I think it is more convenient if all error messages have the same format/way to present suggestions, in this case, presenting the full command the user needs to introduce in order to carry on with the execution of the exploit.
2014-10-14 11:24:59 +01:00
2f20998eaa
Force Rex::OLE::Util to work on LITTLE_ENDIAN
2014-10-13 16:01:43 -05:00
51f1309cc3
Add specs for Rex::OLE::CLSID
2014-10-13 14:28:58 -05:00
8b9c8da4ac
Add specs for Rex::OLE::Util
2014-10-13 13:41:43 -05:00
d51d2bf5a0
Land #3990 , @wchen-r7's fix for #3984 , a busted check in drupal_views_user_enum
2014-10-12 19:38:55 -07:00
458da2bca4
Land #3988 , @wchen-r7's fix for #3985 , a lack of logging for 'check'
2014-10-12 18:46:35 -07:00
d4297a7159
Land #3992 , @espreto's HP perfd gather module
2014-10-12 18:35:06 -07:00
76275a259a
Minor style cleanup of help and a failure message
2014-10-12 18:34:13 -07:00
d0f1cd1251
Merge pull request #1 from jhart-r7/landing-3992-jhart-fixes
...
Refactor hp_enum_perfd for better looting
2014-10-12 20:44:24 -03:00
96be53dcf1
Land #3962 - Show selected action
2014-10-12 14:02:40 -05:00
c3a58cec9e
Make note of other commands to investigate
2014-10-11 13:07:52 -07:00
c80a5b5796
List commands in sorted order
2014-10-11 13:00:30 -07:00
4ffc8b153c
Support running more than one perfd command in a single pass
2014-10-11 11:38:00 -07:00
c72593fae4
Store just banner for service, loot the rest. Also, minor style.
2014-10-11 11:12:49 -07:00
9550c54cd2
Correct indentation and whitespace
2014-10-11 10:39:12 -07:00
9500038695
Fix #3995 - Make negative messages less verbose
...
As an user testing against a large network, I only want to see
good news, not bad news.
2014-10-11 11:11:09 -05:00
7bd0f2c114
Changed Name, array in OptEnum and operator
2014-10-11 09:03:18 -03:00
cbde2e8cd1
Variable cmd now with interpolation
2014-10-10 18:21:16 -03:00
a04ad3aa8c
Update print_error to reflect new usage
2014-10-10 14:38:26 -05:00
26743b4c38
Rewrite existing code to use HasActions
...
And fix a bug in the initial use case where mod.action was dropped.
2014-10-10 14:35:54 -05:00
291bfed47e
Using Rex.sleep instead of select
2014-10-10 15:17:40 -03:00
7e7e0259e4
Fix tab completion for post actions
2014-10-10 12:24:23 -05:00
238a30a769
Update print_error to include post modules
2014-10-10 12:12:43 -05:00
bd315d7655
Changed print_good and OptEnum
2014-10-10 13:54:42 -03:00
08fdb4fab2
Add module to enumerate environment HP via perfd daemon
2014-10-10 13:09:36 -03:00
260aa8dc22
Fix #3984 - Fix broken check for drupal_views_user_enum
2014-10-10 10:23:20 -05:00
48d2343152
Fix #3985 - check command should elog
2014-10-10 01:06:37 -05:00
aefd15c185
Land #3376 , ARRIS SNMP enumerator from @inokii
2014-10-09 15:28:06 -05:00
520e1bccca
Land #3692 , @TomSellers's support for Metasploit Credential on enum_snmp
2014-10-09 15:18:44 -05:00
a535d236f6
Land #3947 , login scanner for jenkins by @nstarke
2014-10-09 12:59:02 -04:00
6ea530988e
Apply rubocop changes and remove multiline print
2014-10-09 12:57:39 -04:00
Fernando Munoz
Tod Beardsley
wvu-r7
Pedro Laguna
jvazquez-r7
Jon Hart
Roberto Soares
sinn3r
Spencer McIntyre