f1e71b709c
Added 301 Redirect option to Basic Auth module
2014-02-24 14:59:20 -06:00
6f398f374e
Land #3032 , inside_workspace_boundary? typo fix
2014-02-24 14:55:09 -06:00
d2945b55c1
Fix typo
...
inside_workspace_boundary() -> inside_workspace_boundary?()
2014-02-24 14:46:08 -06:00
5cdd9a2ff3
Land #2995 - sqlmap minor cleanup, description & file tests
2014-02-24 10:39:01 -06:00
8f7f1d0497
Add module for CVE-2014-0050
2014-02-22 14:56:59 +01:00
ec8e1e3d6f
small fixes
2014-02-21 21:59:45 +01:00
1384150b7a
make msftidy happy
2014-02-21 21:56:46 +01:00
c77fc034da
linksys wrt120 admin reset exploit
2014-02-21 21:53:56 +01:00
4ca4d82d89
Land #2939 , @Meatballs1 exploit for Wikimedia RCE and a lot more...
2014-02-18 17:48:02 -06:00
1864089085
removed rport definition
2014-02-17 11:32:24 +07:00
8a24da9eea
Module to query Jboss status servlet
2014-02-15 17:46:52 +01:00
f6be574453
Slightly better file checks on sqlmap.py
2014-02-15 09:58:03 -06:00
dacbf55fc1
Minor cleanup of title and desc on sqlmap
2014-02-15 09:55:06 -06:00
0e7074c139
Modififed output for smb_enumshares module
2014-02-14 13:39:13 -06:00
6dc9840064
Modified output for smb_enumshares
2014-02-14 13:12:52 -06:00
ee3f1fc25b
Record successful passwordless access to mongodb
2014-02-14 08:52:17 +11:00
7c860b9553
fix description
2014-02-13 21:11:50 +01:00
5ef40e3844
Removed bad sets on datastore['USERNAME'] and datastore['PASSWORD']
2014-02-12 13:31:03 -06:00
2b8a8259f9
Updates to support OWA 2013 and some syntax changes
2014-02-12 09:40:49 -06:00
6944c54d13
Added EXTENDED option to smtp_relay
2014-02-12 15:44:53 +07:00
79d559a0c9
Fix MIME message to_s
2014-02-10 22:23:23 -06:00
1236a4eb07
Fixup on description and some option descrips
2014-02-10 14:41:59 -06:00
8a8bc74687
Land #2940 - DoliWamp 'jqueryFileTree.php' Traversal Gather Credentials
2014-02-10 13:49:02 -06:00
306b31eee3
Small changes before merging
2014-02-10 13:47:31 -06:00
02fb84db20
Changed dns_amp to avoid false positives
2014-02-10 17:13:06 +07:00
ac52edabd5
Land #2801 , Land @kicks4kittens IBM Sametime modules
2014-02-06 10:17:03 -06:00
30c325c22e
Make better json check
2014-02-06 10:16:26 -06:00
564f9bccc8
Correct print output
...
Printing the room details is the purpose of the module.
Reinstated printing the table in non-verbose mode (users won't know it's there otherwise)
2014-02-05 22:00:02 +01:00
445cd7be5a
remove "on {peer}
...
line already includes {peer} info
2014-02-05 21:57:58 +01:00
4c0c9101aa
Correct check, reinstate print
...
Corrected JSON check (response is empty, but valid JSON on check success)
Reinstated print to warn user (not only in VERBOSE)
2014-02-05 21:56:56 +01:00
60cf68f899
added default SSL
2014-02-05 21:54:02 +01:00
3560b41eb2
correct variable name
...
body isn't valid, replaced with res.body and tested
2014-02-05 21:51:55 +01:00
38add0ab50
alter print_status
...
Altered print_status to print_good to differentiate when user is online easier
2014-02-05 21:49:39 +01:00
89e1bcc0ca
Deprecate modules with date 2013-something
...
These modules had an expiration date of 2013.
2014-02-04 14:49:18 -06:00
a58698c177
Land #2922 , multithreaded check command
2014-02-04 11:21:05 -06:00
cccf2e4258
Land #2926 , @xistence A10 Networks Loadbalancer dir traversal module
2014-02-04 07:28:51 -06:00
cc09367c62
Change the datastore name option
2014-02-04 07:28:14 -06:00
ffd90a3d38
Add confirmation datastore option
2014-02-03 12:40:58 -06:00
9953821451
Fix desc on Drupal module, some peer prints
2014-02-03 12:16:06 -06:00
9b9b2fab58
Add DoliWamp 'jqueryFileTree.php' Traversal Gather Credentials module
2014-02-04 02:00:11 +10:30
a92256e8d1
Clean a10networks_ax_directory_traversal
2014-02-03 08:41:23 -06:00
53c2a737e9
Don't register rport again
2014-01-31 09:42:41 -06:00
452042e757
Land #2925 , @xistence aux module for Support Center Plus traversal
2014-01-31 09:38:01 -06:00
e9f04d9203
Do final cleanup for Support Center Plus module
2014-01-31 09:37:40 -06:00
32c5d77ebd
Land #2918 , @wvu's fix for long argument lists
2014-01-31 08:49:22 -06:00
e81a0ed22b
Changes as requested for SupportCenterPlus module
2014-01-31 13:28:45 +07:00
56287e308d
Clean up unused variables
2014-01-30 11:20:21 -06:00
8ac0ef396e
Added DNS recursion amplification scanner
2014-01-29 14:21:21 +07:00
d3be54fed6
Added Extended SMTP Open Relay aux module
2014-01-29 13:46:54 +07:00
c8296298b3
added A10Networks AX loadbalancer Dir Traversal Auxiliary Module
2014-01-28 16:37:25 +07:00
32d7f15a5c
added ManageEngine Support Center Plus directory traversal auxiliary module
2014-01-28 15:45:23 +07:00
f766a74150
Land #2920 , @wvu-r7's author metadata update for printer aux modules
2014-01-27 13:02:31 -06:00
d19e9307c6
Fix missing colon in :caller_host symbol
...
Good catch, @jvazquez-r7!
2014-01-27 12:43:59 -06:00
0dbaeb6742
Add Matteo's email
2014-01-27 08:40:44 -06:00
f471f50092
ms08_067_check.rb is deprecated.
...
[SeeRM #8755 ]
2014-01-26 12:22:13 -06:00
52371be52a
Clarify why contributors are listed as authors
...
Also adding @mcantoni to the list of authors. Sorry we missed you!
Dear contributors,
Even though we weren't able to use your code, we absolutely appreciate
that you wrote it. That's why we're listing you as authors. Thanks!!!
https://dev.metasploit.com/redmine/issues/6034
https://dev.metasploit.com/redmine/issues/5217
https://dev.metasploit.com/redmine/issues/6864
2014-01-25 18:02:17 -06:00
f18fef1864
Module to HP LaserJet Printer SNMP Enumeration
2014-01-25 15:48:13 +01:00
eaeb2af97f
Use opts hash for h323_version
...
https://dev.metasploit.com/redmine/issues/8498
2014-01-24 20:32:37 -06:00
f7ecae3f75
Land #2909 - Drupal OpenID External Entity Injection
2014-01-24 15:03:07 -06:00
c8e2301111
Be more informative about why CheckCode::Unknown
...
This is just kind of personal preference here. In case users wonder
why Unknown.
2014-01-24 15:01:52 -06:00
82bf02910d
Land #2911 , correct author name for PJL credit
2014-01-24 11:00:12 -06:00
fdaa172cc5
Land #2896 , @wchen-r7's check's normalization for auxiliary modules
2014-01-24 08:53:53 -06:00
e8b591ef54
Delete registering of check on bailiwicked modules
2014-01-24 08:47:04 -06:00
9ba72ffc71
Remove check support
...
Actually, you can't support check because in check mode the module
doesn't know the IP
2014-01-23 21:30:11 -06:00
dc52d00be6
Modify vmware_http_login to work with check
2014-01-23 21:27:36 -06:00
cf17bf2e72
Small fix
2014-01-23 19:34:50 -06:00
43de7eb74f
Use REXML
2014-01-23 19:32:42 -06:00
a67068f019
Correct author name
...
Was using the name quoted in Redmine. Technically, the author is Myo Soe
of the YGN Ethical Hacker Group (YEHG).
2014-01-23 19:09:20 -06:00
5a59e3d4e4
Fix typo
2014-01-23 18:53:58 -06:00
f529eb1d4b
Clean code
2014-01-23 18:51:24 -06:00
8e17d38c77
Add check method
2014-01-23 18:30:18 -06:00
b0deb45fad
Add Drupal advisory as reference
2014-01-23 18:10:57 -06:00
6d0d7eda10
Delete garbage comment
2014-01-23 18:09:05 -06:00
72b72effa6
Add module for CVE-2012-4554
2014-01-23 18:04:31 -06:00
7faa41dac0
Change Unknown to Safe because it's just a banner check
2014-01-23 15:36:19 -06:00
81a3b2934e
Fix prints
2014-01-23 15:33:24 -06:00
f5a935a186
Support check for bailiwicked_host
2014-01-23 15:31:37 -06:00
8d411d2037
Fix bailiwicked_domain to allow support of check()
2014-01-23 15:29:40 -06:00
f5809423a3
Let's spell right in my spellcheck PR
...
Updates #2900
2014-01-21 15:57:59 -06:00
b3b51eb48c
Pre-release fixup
...
* Updated descriptions to be a little more descriptive.
* Updated store_loot calls to inform the user where the
loot is stored.
* Removed newlines in print_* statments -- these will screw
up Scanner output when dealing with multiple hosts.
Of the fixed newlines, I haven't see any output, so I'm not sure what
the actual message is going to look like -- I expect it's a whole bunch
of newlines in there so it'll be kinda ugly as is (not a blocker for
this but should clean up eventually)
2014-01-21 13:29:08 -06:00
5025736d87
Fix check for modicon_password_recovery
2014-01-19 17:20:20 -06:00
a239e14084
Fix nodejs_popelining check
2014-01-19 17:06:35 -06:00
7080bb336c
Update ColdFusion check
2014-01-19 17:05:03 -06:00
4fdd2c19a1
Update vbulletin check
2014-01-19 16:54:27 -06:00
0a8aa07131
Fix check method
...
This isn't a check, so shouldn't be using the check method
2014-01-19 16:47:15 -06:00
01ab6fd545
Do small fixes
2014-01-17 17:59:03 -06:00
5ec062ea1c
Beautify print message
2014-01-17 17:42:26 -06:00
d96772ead1
Clean multi-threading on ibm_sametime_enumerate_users
2014-01-17 17:38:16 -06:00
bb3d9da0bb
Do first cleaning on ibm_sametime_enumerate_users
2014-01-17 16:33:25 -06:00
584401dc3f
Clean ibm_sametime_room_brute code
2014-01-17 15:57:12 -06:00
4d079d47b8
Enable SSL by default
2014-01-17 15:34:33 -06:00
277711b578
Fix metadata
2014-01-17 15:31:51 -06:00
10fd5304ce
Parse response body just one time
2014-01-17 15:17:25 -06:00
fe64dbde83
Use rhost and rport methods
2014-01-17 14:49:50 -06:00
5e8ab6fb89
Clea ibm_sametime_version
2014-01-17 12:23:11 -06:00
bce321c628
Do response handling a little better, fake test
2014-01-17 11:02:35 -06:00
11d613f1a7
Clean ibm_sametime_webplayer_dos
2014-01-17 10:52:42 -06:00
51b3d164f7
Move the DoS module to the correct location
2014-01-17 09:30:51 -06:00
a1eba03d1f
Land #2725 - Rex::Proto::PJL plus modules
2014-01-16 15:57:38 -06:00
9bf90b836b
Add environment variables support
2014-01-16 14:53:25 -06:00
311704fc0a
Perform final cleanup
2014-01-15 13:49:37 -06:00
d0d82fe405
Fixed code issues as requested in PR2801
...
Mostly coding style issues
Re-tested in testbed - output as expected
2014-01-15 13:53:14 +01:00
87648476e1
Fixed code issues as requested in PR2801
...
Mostly coding style issues
Re-tested in testbed - output as expected
2014-01-15 13:52:45 +01:00
55d4ad1b6a
Fixed code issues as requested in PR2801
...
Mostly coding style issues
Re-tested in testbed - output as expected
2014-01-15 13:51:19 +01:00
0b1671f1b8
Undo debugging comment
2014-01-14 17:02:30 -06:00
6372ae6121
Save some parsing
2014-01-14 17:00:00 -06:00
2d40f936e3
Added some additional creds that were useful
2014-01-13 23:15:51 -05:00
42fb8c48d1
Fixed the credential parsing and made output consistent
...
So in the previous refactor, we made the dedicated method to parse
usernames and passwords from the split up config values. However, that
didn't work, because on a single iteration of the loop, you only have
access to a possible username OR password. The other matching key will
be another iteration of the loop. Because of this, no credential pairs
were being reported.
The only way I can see around this (maybe because I'm a ruby newb) would
be to iterate over configs, and if the user or password regex matches,
add the matching value to a hash, which is identified by a key for both
user & pass. Then upon completion of the loop, it'd iterate over the
hash, finding keys that had both user & pass values.
2014-01-13 22:57:25 -05:00
7c52f9b496
Update description to use %q{}
2014-01-13 14:42:25 -06:00
61b30e8b60
Land #2869 , pre-release title/desc fixes
2014-01-13 14:29:27 -06:00
207e9c413d
Add the test info for sercomm_dump_config
2014-01-13 14:27:03 -06:00
fe6d10ac5d
Land #2852 , @mandreko's scanner for OSVDB 101653
2014-01-13 14:07:07 -06:00
671027a126
Pre-release title/desc fixes
2014-01-13 13:57:34 -06:00
8c3a71a2e7
Clean sercomm_backdoor scanner according to feedback
2014-01-13 13:53:47 -06:00
95a5d12345
Merge #2835 , #2836 , #2837 , #2838 , #2839 , #2840 , #2841 , #2842 into one branch
2014-01-13 10:57:09 -06:00
4a64c4651e
Land #2822 , @mandreko's aux module for OSVDB 101653
2014-01-09 15:15:37 -06:00
410302d6d1
Fix indentation
2014-01-09 15:14:52 -06:00
b1073b3dbb
Code Review Feedback
...
Removed the parameters from get() since it works without them
2014-01-09 15:54:23 -05:00
d69b658de0
Land #2848 , @sho-luv's MS08-067 scanner
2014-01-09 14:39:25 -06:00
2a0f2acea4
Made fixes from the PR from jvazquez-r7
...
The get_once would *only* return "MMcS", and stop. I
modified it to be a get(3, 3). Additionally, the command
length was set to 0x01 when it needed to be 0x00.
2014-01-09 15:33:04 -05:00
fc616c4413
Clean up formatting
2014-01-09 14:16:31 -06:00
93668b3286
Code Review Feedback
...
Made it less verbose, converting to vprint_error
2014-01-09 14:53:33 -05:00
be6958c965
Clean sercomm_dump_config
2014-01-09 13:42:11 -06:00
e21c97fd4d
Added missing metadata
...
Add credit where due
Add disclosure date and references
2014-01-09 14:33:54 -05:00
9456d26467
Added Scanner module for SerComm backdoor
2014-01-09 14:25:28 -05:00
01c5585d44
Moved auxiliary module to a more appropriate folder
2014-01-09 10:17:26 -05:00
d9e737c3ab
Code Review Feedback
...
Refactored the configuration settings so that creds could be reported to
the database more easily, while still being able to print general
configuration settings separately.
2014-01-09 10:14:34 -05:00
81adff2bff
Code Review Feedback
...
Changed datastore['rhost'] to rhost
Made the array storing configuration values into a class const
Moved superfluous array look-over to not be executed unless in verbose
mode
2014-01-09 09:19:13 -05:00
7fd4935263
Make the module output prettier
2014-01-09 01:03:01 -06:00
27f079ad7c
Move {begin,end}_job from libs to modules
2014-01-09 01:03:01 -06:00
131bfcaf41
Refactor away leftover get_rdymsg
2014-01-09 01:03:01 -06:00
d3bbe5b5d0
Add filesystem commands and new PoC modules
...
This commit also refactors some of the code.
2014-01-09 01:03:01 -06:00
af66310e3a
Address @jlee-r7's comments
2014-01-09 01:03:01 -06:00
bab32d15f3
Address @wchen-r7's comments
2014-01-09 01:03:00 -06:00
1c889beada
Add Rex::Proto::PJL and PoC modules
2014-01-09 01:03:00 -06:00
a8fcf13972
Added credits and clean initialize
...
Added wvu to creds as he did most of work. ;)
2014-01-08 21:16:09 -05:00
8993c74083
Fix even moar outstanding issues
2014-01-08 19:38:54 -06:00
1dd29d3b64
Fix moar outstanding issues
2014-01-08 18:11:18 -06:00
945a2a296a
Fix outstanding issues
2014-01-08 17:09:41 -06:00
35ac9712ab
Added auxiliary check for MS08_067
...
I simply copied the check from ms08_0867_netapi.rb and put them in
a auxiliary check so I could scan for it. This was done because
Nmap's check is not safe and this is more stable.
2014-01-08 16:41:44 -05:00
1479ef3903
Update typo3_winstaller_default_enc_keys.rb
...
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:08:10 +01:00
c5a3a0b5b7
Cleanup
2014-01-02 20:44:18 -05:00
6effdd42fa
Added module to enumerate certain Sercomm devices through backdoor
...
See more: https://github.com/elvanderb/TCP-32764
2014-01-02 20:42:42 -05:00
90158b9932
Land #2791 , @morisson's support to remote dns resolution on sap_router_portscanner
2014-01-02 12:19:50 -06:00
f75782bc2f
Use RHOST, RPORT for the SAPROUTER options
2014-01-02 12:18:54 -06:00
b8e17c2d8e
Don't use Pcap.lookupaddrs any more
2014-01-01 18:50:15 -06:00
7f9f4ba4db
Make gsubs compliant with the new indentation standard
2013-12-31 11:06:53 -06:00
c34a5f3758
Unacronym the title on Poison Ivy C&C
2013-12-26 10:30:30 -06:00
47765a1c4f
Fix chargen probe title, comment on the CVE
2013-12-26 10:29:11 -06:00
056661e5dd
No at-signs in names please.
2013-12-26 10:26:01 -06:00
kn0
William Vu
James Lee
sinn3r
ribeirux
Michael Messner
jvazquez-r7
xistence
Matteo Cantoni
Tod Beardsley
Royce Davis
Russell Sim
Peter Arzamendi
kicks4kittens
bcoles
Matt Andreko
sho-luv
Niel Nielsen