901a1fdd1b
Minor tweaks.
2017-08-09 15:44:32 -05:00
67e86da50b
make SMBLoris run continuously as requested
...
as per ZeroSum's request the module now runs
continuously, refreshing the connections on every pass
until manually killed
2017-08-08 10:16:16 -05:00
289f03241b
add module documentation
...
add module docs for the new smbloris DoS
2017-08-04 16:10:44 -05:00
15cc2a9dc0
removedthreading stuff, tried keepalives
...
still seem to be topping out at
about 1.3GB allocated
2017-08-04 15:28:01 -05:00
e73ffe648e
tried adding supervisor model to smbloris
...
tried to overcome issues with slowdown
around the 4500 connection mark by using the
supervisor pattern to terminate the threads on
the backend. this seems to get us further, but we still
hit a slowdown and the allocations die out before
we hit any serious usage
2017-08-03 14:19:35 -05:00
c9da2d56b9
first pass at SMBLoris DoS module
...
the first pass on the DoS module for SMBLoris
running into issues with it topping out around 600MB
2017-08-03 11:32:57 -05:00
6300758c46
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
ef826b3f2c
OCD - print_good & print_error
2017-07-19 12:48:52 +01:00
b8d80d87f1
Remove last newline after class - Make @wvu-r7 happy
2017-07-19 11:19:49 +01:00
3d4feffc62
OCD - Spaces & headings
2017-07-19 11:04:15 +01:00
4720d1a31e
OCD fixes - Spaces
2017-07-14 08:46:59 +01:00
fd843f364b
Removed extra lines
2017-07-14 08:17:16 +01:00
424522147e
OCD fixes - Start of *.rb files
2017-07-13 23:53:59 +01:00
0d9f57ad7c
add @artkond's DoS module for Cisco CVE-2017-3881
...
This makes a few improvements, adds module docs.
2017-06-27 01:53:23 -05:00
704a1218fa
Land #8498 , store more specific credential wordpress_directory_traversal_dos
2017-06-12 10:13:52 -05:00
80e91e9de2
Minor fixups.
2017-06-12 09:51:30 -05:00
bc3b883758
Add docs, fix typo, add missing report mixin to avoid error.
2017-06-05 13:49:59 -05:00
a5805a55dc
make this a UDPScanner, rewrite
2017-06-05 12:39:48 -05:00
8c39c92245
Add description and loop capability.
2017-06-05 11:27:13 -05:00
a571834c4d
Initial commit of rpcbomb DoS aux module.
...
This just brings the code in as-in, next step is to update to use our mixins and such.
2017-06-05 10:23:39 -05:00
d68365d8df
store more specific credential wordpress_directory_traversal_dos
2017-05-31 18:55:35 -05:00
5698896672
Land #8323 wordpress pre4.6 dos
2017-05-29 07:59:43 -04:00
72a5142e37
Update directory traversal DoS module and docs
2017-05-29 00:30:23 +02:00
9b9d2f2345
Final version of configurable depth
2017-05-26 16:23:22 +02:00
33ddef9303
Add documentation, add configurable depth path
2017-05-26 16:14:03 +02:00
4def7ce6cc
Land #8327 , Simplify storing credentials
2017-05-18 16:49:01 -05:00
d00685a802
Don't run a DoS during wmap scans
2017-05-10 14:41:24 -05:00
a1efa30fa2
comments adjustments & enum better
2017-05-08 11:57:06 -05:00
e2fe70d531
convert store_valid_credential to named params
2017-05-05 18:23:15 -05:00
63b6ab5355
simplify valid credential storage
2017-05-04 22:51:40 -05:00
81bcf2ca70
updating all LHOST to use the new opt type
2017-05-04 12:57:50 -05:00
64452de06d
Fix msf/core and self.class msftidy warnings
...
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
0b62a6478a
Modification for Travis (remove require msf/core, and self.class in register)
2017-04-30 17:05:11 +02:00
3f348150c6
Modification of description
2017-04-30 16:38:39 +02:00
52ec448511
Add WordPress Directory Traversal DoS Module
2017-04-30 15:03:48 +02:00
30f7006b5b
Fixed typos of an old commit
2016-11-17 14:39:33 +01:00
8749eaf097
Fix the default num to be 0 when not specified.
2016-10-05 14:52:43 -05:00
fed2ed444f
Remove deprecated modules
...
psexec_psh is undeprecated because users have been reporting
idiosyncrasies between it and psexec in the field.
2016-09-03 12:43:01 -05:00
61f9cc360b
Correct casing - should be HttpUsername and HttpPassword
2016-05-27 18:31:54 -05:00
4dcddb2399
Fix #4885 , Support basic and form auth at the same time
...
When a module uses the HttpClient mixin but registers the USERNAME
and PASSWORD datastore options in order to perform a form auth,
it ruins the ability to also perform a basic auth (sometimes it's
possible to see both). To avoid option naming conflicts, basic auth
options are now HTTPUSERNAME and HTTPPASSWORD.
Fix #4885
2016-05-27 16:25:42 -05:00
6a462d5f60
Land #6703 , Make ms09_065_eot_integer passive
2016-03-23 13:39:41 -05:00
8c5c0086e6
Change cve_2012_6301 module path & make passive
...
This addresses two things:
1. The module is in the wrong directory. dos/http is for http
servers, not browsers.
2. PassiveActions should not be a 2D array.
2016-03-23 11:10:23 -05:00
53860bef1f
Make ms09_065_eot_integer passive
...
MS-932
2016-03-23 10:50:24 -05:00
05f585157d
Land #6646 , add SSL SNI and unify SSLVersion opts
2016-03-15 16:35:22 -05:00
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
2016-03-07 13:19:55 -06:00
44990e9721
Revert "change Metasploit4 class names"
...
This reverts commit 3da9535e22
2016-03-07 13:19:48 -06:00
3da9535e22
change Metasploit4 class names
2016-03-07 09:57:22 +01:00
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
eea8fa86dc
unify the SSLVersion fields between modules and mixins
...
Also actually handle the 'Auto' option that we had in the crawler and remove
hardcoded defaults in modules that do not need them.
2016-03-06 22:06:27 -06:00
Pearce Barry
David Maloney
Brent Cook
g0tmi1k
Jeffrey Martin
h00die
root
James Lee
darkbushido
William Vu
reanar
Cantoni Matteo
“lvarela”
wchen-r7
dmohanty-r7
Adam Cammack
Christian Mehlmauer