Commit Graph

36163 Commits (504f6874f2b9247cae6b0700ad972aa906ea1868)

Author SHA1 Message Date
Jon Hart 504f6874f2
Convert to actions 2015-12-03 15:15:48 -08:00
Jon Hart 93cd3446db
Minor cleanup of some print_ lines 2015-12-03 15:01:27 -08:00
Jon Hart 753eddbbd6
Correct true/false for optional options, default values 2015-12-03 14:53:27 -08:00
Tyler Bennett 9d71ff6b9d cleaned up a few misc prints and added in logic if mailport is empty 2015-12-03 15:51:49 -05:00
Tyler Bennett 3d617efa88 added code to parse mailport from config 2015-12-03 15:36:08 -05:00
Tyler Bennett 0d89dde4a6 changed sock.get to sock.get_once and fixed booleans hopefully. Still cleaning things up but its getting closer 2015-12-03 12:51:48 -05:00
Tyler Bennett a8887e6b77 firts iteration of moving each payload to its own function and setting optional vars, cleaning up rubocop warnings as well 2015-12-02 16:33:09 -05:00
Tyler Bennett ca496a376f set username as a requirement and added note about randomly assinged password for user if not set 2015-12-02 14:16:36 -05:00
Tyler Bennett 36f48dc945 cleaned up required opts, only left needed vars to run the rest are optional based on user preference 2015-12-01 11:02:14 -05:00
Tyler Bennett 5e9a0ab3ff removed version var in initialize method 2015-12-01 10:57:16 -05:00
Tyler Bennett cb60b41d5d added in fixes and missing typos, randomized the password for the user 2015-12-01 10:43:58 -05:00
Tyler Bennett 5acd9b283e removed misc comments that arent needed 2015-11-18 11:54:32 -05:00
Tyler Bennett 3d95bd7851 fixed issue with msftidy and fixed rubocop issues that broke the module 2015-11-18 10:40:50 -05:00
Tyler Bennett e55ac99c12 fixed a bunch more rubocop errors 2015-11-17 14:30:33 -05:00
Tyler Bennett 6e4ccb46e5 knocked out a few more rubocop errors 2015-11-17 11:44:11 -05:00
Tyler Bennett 38c4e4ee6c added a few more rubocop fixes 2015-11-17 10:48:57 -05:00
Tyler Bennett f499b822cd added more rubocop fixes, still testing issue with RHOSTS 2015-11-17 10:30:50 -05:00
Tyler Bennett afd1e43226 added rubocop fixes 2015-11-17 09:41:12 -05:00
Tyler Bennett d677a8b871 Adding Dahua DVR auth bypass auxiliary scanner per CVE-2013-6117 2015-11-16 13:54:44 -05:00
scriptjunkie 06a5b5b0bd
Land #6234, Host header transport 2015-11-14 11:35:47 -06:00
Jon Hart d0c928081b
Land #6231 2015-11-13 13:30:31 -08:00
William Vu 4401c6f1fd
Land #6178, rsync modules_list improvements 2015-11-13 10:46:24 -06:00
sammbertram cd4aa28d11 Transport priority changes
Pass in the "lhost" and "lport" options to the default transport during the native payload. This takes the following LHOST priorities:
1. OverrideLHOST, only if OverrideRequestHost is TRUE
2. The request Host: header.
3. The LHOST datastore.
2015-11-13 13:21:46 +00:00
sammbertram 9d9865150b Transport priority changes
Default transport request should set the priority to the Host: request header, and the subsequent OverrideRequestHost, OverrideLHOST, and OverrideLPORT options in the handler for reverse_http(s).
2015-11-13 13:19:01 +00:00
Louis Sato 9a0f0a7843
Land #6142, uptime refactor 2015-11-12 16:58:55 -06:00
wchen-r7 0e121df69d Need a default template
The set_template_default actually needs the second argument,
otherwise we hit a RuntimeError.
2015-11-12 15:17:03 -06:00
wchen-r7 aaea730508 Fix #6213 - Method to_linux_x86_elf fails to set set :template
:template by default is just the base name of the file, not the
fullname. Before we use it, we need to normalize it. Methods
in this class rely on set_template_default for normalization (
which can also handle a custom path), so we'll just use that too.

Fix #6213
2015-11-12 15:07:58 -06:00
wchen-r7 ee25cb88b5
Land #6196, vBulletin 5.1.2 Unserialize Code Execution 2015-11-12 14:38:39 -06:00
wchen-r7 6077617bfd rm res var name
the res variable isn't used
2015-11-12 14:37:47 -06:00
wchen-r7 199ed9ed25 Move vbulletin_unserialize.rb to exploits/multi/http/
According to @all3g, this works on Windows too, so we will move
this to multi/http.
2015-11-12 14:36:01 -06:00
William Vu e8dacf32fd
Land #6182, Heartbleed scanner improvements 2015-11-11 16:59:20 -06:00
William Vu ce3f9e2fab Fix minor style issues 2015-11-11 16:58:20 -06:00
Brent Cook a2fe2fbd5e
Land #6214, #6060, simplify framework gem layout and version scheme
This merges things up and removes duplicate gemspecs so we can easily make
framework gem releases for embedding in 3rd-party projects.
2015-11-11 15:04:21 -06:00
Brent Cook 1b951b36fe remove -db / -pcap / -all gemspecs, merge into one 2015-11-11 15:01:50 -06:00
wchen-r7 99607e6e4d
Land #6205, BisonWare BisonFTP Server Directory Traversal
CVE-2015-7602
2015-11-11 11:47:45 -06:00
wchen-r7 40bdd2bd01 Do module cleanup for auxiliary/scanner/ftp/bison_ftp_traversal 2015-11-11 11:46:37 -06:00
wchen-r7 c79a66be02
Land #6204, directory traversal for PCMan FTP server
CVE-2015-7601
2015-11-11 11:07:34 -06:00
wchen-r7 e6e5bde492 Do module cleanup for auxiliary/scanner/ftp/pcman_ftp_traversal 2015-11-11 11:06:54 -06:00
wchen-r7 7ad42c2ba1
Land #6216, remove duplicate keys for LoginScanner modules 2015-11-11 10:12:12 -06:00
wchen-r7 81cf79d77d
Land #6221, update references for caidao_php_backdoor_exec.rb 2015-11-11 09:54:05 -06:00
JT 75a0472db8 Update bison_ftp_traversal.rb
made some changes
2015-11-11 14:01:39 +08:00
JT 4716e2e16b Update pcman_ftp_traversal.rb
made some changes
2015-11-11 14:00:04 +08:00
JT a0351133a6 Add more references to this exploit
Adding exploit-db doc about China Chopper webshell and details about this webshell in US-CERT.
2015-11-11 09:51:05 +08:00
William Vu 32faf7a8d4 Fix #6183, hard tabs fix 2015-11-10 16:48:03 -06:00
William Vu a9fe09497e Fix hard tabs
Mixing tabs and spaces? Seriously?
2015-11-10 16:47:29 -06:00
William Vu 8dc636507b
Land #6183, dns_srv_enum updates 2015-11-10 16:44:27 -06:00
William Vu e98570cbd1 Clean up module 2015-11-10 16:44:10 -06:00
Samuel Huckins f0dacaaf4c
Land #6199, SMTPDeliver tweaks
MS-633
2015-11-10 11:53:23 -06:00
Jon Hart 8f86b2519f
Resolve 'duplicate key warning' for some modules 2015-11-09 18:40:32 -08:00
William Vu 2f362aec69
Land #6215, Payload/Compat hash fixes 2015-11-09 16:23:38 -06:00