Commit Graph

22 Commits (58dde9ff33fe05b37cb8047658fa0f42ed00d025)

Author SHA1 Message Date
William Vu 4c036e70c1 Fix http://seclists.org links to https://
I have no idea how this happened in my own code. I was seeing https://.
2018-09-15 18:54:45 -05:00
h00die bd7ea1f90d more updates, 465 more pages to go 2017-08-26 21:01:10 -04:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
g0tmi1k 4720d1a31e OCD fixes - Spaces 2017-07-14 08:46:59 +01:00
Jeffrey Martin 1558db375d
update CVE reference in where modules report_vuln 2017-06-05 16:36:44 -05:00
William Vu 64452de06d Fix msf/core and self.class msftidy warnings
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
William Vu 2668a4a1cd
Fix #6993, tnspoison_checker cleanup 2016-10-19 00:53:33 -05:00
Interference Security 3e01dbfded Fixed Space-Tab mixed indent warning 2016-10-01 15:13:26 +05:30
Interference Security 4227cb76a8 Fixed stack trace bug & verified logic
- Fixed stack trace bug when value of "packet" is nill.
- Verified logic of Oracle TNS Listener poisoning which requires an ACCEPT response to be marked as vulnerable.
2016-10-01 15:01:02 +05:30
Interference Security 0fa1fc50f8 Fixed false positive bug
Checking for "(ERROR_STACK=(ERROR=" is not enough to mark a target as vulnerable. TNS response packet bytes for "Accept" and "Refuse" are required to be sure.
Reference: https://thesprawl.org/research/oracle-tns-protocol/
2016-06-19 17:33:05 +05:30
Christian Mehlmauer 3123175ac7
use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook f703fa21d6 Revert "change Metasploit3 class names"
This reverts commit 666ae14259.
2016-03-07 13:19:55 -06:00
Christian Mehlmauer 666ae14259
change Metasploit3 class names 2016-03-07 09:56:58 +01:00
wchen-r7 17a1f2ee8a Fix #6242, Check nil for sock.read
Fix #6242
2015-11-16 14:24:46 -06:00
root 4bd40fed7f yard doc and comment corrections for auxiliary 2015-04-03 16:12:23 +05:00
Christian Mehlmauer 544f75e7be
fix invalid URI scheme, closes #4362 2014-12-11 23:34:10 +01:00
Tod Beardsley d242bc220b
Minor fixups and disclosure date for TNS module 2014-11-12 13:25:10 -06:00
Tod Beardsley 955a5142ca Edit e-mail address for antispam 2014-11-12 13:19:04 -06:00
Nikita c0285067c9 Add new module to test TNS poison
msf auxiliary(tnspoison_checker) > show options 

Module options (auxiliary/scanner/oracle/tnspoison_checker1):

   Name     Current Setting                          Required  Description
   ----     ---------------                          --------  -----------
   RHOSTS   172.16.2.100, 172.16.2.24, 172.16.2.101  yes       The target address range or CIDR identifier
   RPORT    1521                                     yes       The target port
   THREADS  1                                        yes       The number of concurrent threads

msf auxiliary(tnspoison_checker) > exploit 

[+] 172.16.2.100:1521 is vulnerable
[*] Scanned 1 of 3 hosts (033% complete)
[-] 172.16.2.24:1521 is not vulnerable 
[*] Scanned 2 of 3 hosts (066% complete)
[-] 172.16.2.101:1521 unable to connect to the server
[*] Scanned 3 of 3 hosts (100% complete)
[*] Auxiliary module execution completed
2014-11-11 17:29:27 +03:00
Nikita 621b9523b1 Update tnspoison_checker.rb 2014-10-13 22:05:08 +04:00
Nikita 1996886ae9 Update tnspoison_checker.rb 2014-10-13 12:53:39 +04:00
Nikita 22aabc7805 Add new module to test TNS poison
This module simply checks the server for vulnerabilities like TNS Poison
2014-10-13 12:21:07 +04:00