infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
34,522 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

303 Commits (5d6c15a43dde66f14480532c35bc9a2e0eb6a9ea)

Author SHA1 Message Date
Tod Beardsley 5b4890f5b9 Fix caps on typo3_winstaller module 2013-08-26 14:47:42 -05:00
sinn3r 5993cbe3a8 Fix undefined method error 
[FixRM #8348]
 2013-08-21 00:40:38 -05:00
sinn3r 9f98d4afe6 Fix undefined method error 
[FixRM #8349]
 2013-08-21 00:38:35 -05:00
jvazquez-r7 4790d8de50 Land #2256, @wchen-r7's patch for [FixRM #8316] 2013-08-19 23:23:57 -05:00
sinn3r 5366453031 [FixRM #8316] - Escape characters correctly 
dots need to be escaped
 2013-08-19 16:51:19 -05:00
sinn3r 7fc37231e0 Fix email format 
Correct email format
 2013-08-19 16:34:14 -05:00
jvazquez-r7 f42797fc5c Fix indentation 2013-08-16 14:19:37 -05:00
Tod Beardsley f7339f4f77 Cleanup various style issues 
* Unset default username and password
  * Register SSL as a DefaultOption instead of redefining it
  * Use the HttpClient mixin `ssl` instead of datastore.
  * Unless is better than if !
  * Try to store loot even if you can't cleanup the site ID.
 2013-08-16 14:03:59 -05:00
jvazquez-r7 dfa1310304 Commas in the author array 2013-08-16 13:54:46 -05:00
Tod Beardsley 24b8fb0d7b Whitespace retab, add rport 3780 as default 2013-08-16 13:31:05 -05:00
Tod Beardsley e436d31d23 Use SSL by defailt 2013-08-16 11:32:10 -05:00
Tod Beardsley 60a229c71a Use rhost and rport, not local host and port 2013-08-16 11:12:39 -05:00
Tod Beardsley 646d55b638 Description should be present tense 2013-08-16 11:06:34 -05:00
Tod Beardsley f0237f07d6 Correct author and references 2013-08-16 11:04:51 -05:00
Brandon Perry 46d6fb3b42 Add module for xxe 2013-08-16 10:51:05 -05:00
Tod Beardsley 7e539332db Reverting disaster merge to 593363c5f with diff 
There was a disaster of a merge at 6f37cf22eb that is particularly
difficult to untangle (it was a bad merge from a long-running local
branch).

What this commit does is simulate a hard reset, by doing thing:

 git checkout -b reset-hard-ohmu
 git reset --hard 593363c5f9
 git checkout upstream-master
 git checkout -b revert-via-diff
 git diff --no-prefix upstream-master..reset-hard-ohmy > patch
 patch -p0 < patch

Since there was one binary change, also did this:

 git checkout upstream-master data/exploits/CVE-2012-1535/Main.swf

Now we have one commit that puts everything back. It screws up
file-level history a little, but it's at least at a point where we can
move on with our lives. Sorry.
 2013-07-29 21:47:52 -05:00
jvazquez-r7 47c21dfe85 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-24 11:42:11 -05:00
Tod Beardsley 147d432b1d Move from DLink to D-Link 2013-07-23 14:11:16 -05:00
jvazquez-r7 4367a9ae49 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-22 15:09:35 -05:00
jvazquez-r7 70900cfe5e Final cleanup for foreman_openstack_satellite_priv_esc 2013-07-22 14:59:23 -05:00
Ramon de C Valle b6c9fd4723 Add foreman_openstack_satellite_priv_esc.rb 
This module exploits a mass assignment vulnerability in the 'create'
action of 'users' controller of Foreman and Red Hat OpenStack/Satellite
(Foreman 1.2.0-RC1 and earlier) by creating an arbitrary administrator
account.
 2013-07-22 15:24:25 -03:00
jvazquez-r7 7ab4d4dcc4 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-25 17:34:29 -05:00
jvazquez-r7 5c265c99d2 Clean jboss_seam_exec @cmaruti's collab 2013-06-25 14:09:30 -05:00
Cristiano Maruti f78b4d8874 modified according to jvazquez-r7 feedback 2013-06-20 16:29:42 +02:00
Cristiano Maruti 4846a680db modified according to jvazquez-r7 feedback 2013-06-20 16:19:43 +02:00
Cristiano Maruti 8e64bf3d16 modified according to jvazquez-r7 feedback 2013-06-20 16:15:28 +02:00
Cristiano Maruti a5332e5ed2 Module was updated to support WebSphere AS running seam-2. 
msf auxiliary(jboss_seam_exec) > run

[*] Found right index at [0] - getRuntime
[*] Index [1]
[*] Index [2]
[*] Index [3]
[*] Index [4]
[*] Index [5]
[*] Found right index at [6] - exec
[*] Index [7]
[*] Index [8]
[*] Index [9]
[*] Index [10]
[*] Index [11]
[*] Index [12]
[*] Index [13]
[*] Index [14]
[*] Index [15]
[*] Index [16]
[*] Index [17]
[*] Index [18]
[*] Index [19]
[*] Index [20]
[*] Index [21]
[*] Index [22]
[*] Index [23]
[*] Index [24]
[*] Target appears VULNERABLE!
[*] Sending remote command:pwd
[*] Exploited successfully
[*] Auxiliary module execution completed
 2013-06-20 12:17:07 +02:00
jvazquez-r7 011b0bb741 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-15 09:07:47 -05:00
jvazquez-r7 649a8829d3 Add modules for Mutiny vulnerabilities 2013-05-15 09:02:25 -05:00
jvazquez-r7 51a532e8b4 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-12 17:39:58 -05:00
jvazquez-r7 feac292d85 Clean up for dlink_dsl320b_password_extractor 2013-05-12 17:35:59 -05:00
jvazquez-r7 ee46771de5 Land #1799, @m-1-k-3's auth bypass module for Dlink DSL320 2013-05-12 17:34:08 -05:00
m-1-k-3 e3582887cf OSVDB, Base64 2013-05-07 08:28:48 +02:00
m-1-k-3 0f2a3fc2d4 dsl320b authentication bypass - password extract 2013-05-06 14:31:47 +02:00
jvazquez-r7 070fd399f2 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-31 20:23:08 +02:00
m-1-k-3 587170ae52 fixed author details - next try 2013-03-30 12:43:55 +01:00
m-1-k-3 1d6184cd63 fixed author details 2013-03-30 12:41:31 +01:00
jvazquez-r7 393d5d8bf5 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-25 19:09:42 +01:00
jvazquez-r7 fdd06c923a cleanup for dlink_dir_645_password_extractor 2013-03-25 18:04:12 +01:00
jvazquez-r7 a9a5a3f64f Merge branch 'dlink-dir645-password-extractor' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink-dir645-password-extractor 2013-03-25 18:02:51 +01:00
sinn3r 0d56da0511 Merge branch 'netgear-sph200d' of github.com:m-1-k-3/metasploit-framework into m-1-k-3-netgear-sph200d 2013-03-25 11:45:40 -05:00
jvazquez-r7 2d5a0d6916 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-25 17:08:23 +01:00
m-1-k-3 98ac6e8090 feedback included 2013-03-24 21:01:30 +01:00
m-1-k-3 d90de54891 reporting and feedback 2013-03-24 15:00:18 +01:00
m-1-k-3 9f8ec37060 store loot 2013-03-24 11:48:49 +01:00
m-1-k-3 71708c4bc3 dir 645 password extractor - initial commit 2013-03-24 11:44:24 +01:00
jvazquez-r7 49ac3ac1a3 cleanup for linksys_e1500_e2500_exec 2013-03-23 23:30:49 +01:00
jvazquez-r7 98be5d97b8 Merge branch 'linksys-e1500-e2500-exec' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-linksys-e1500-e2500-exec 2013-03-23 23:30:14 +01:00
m-1-k-3 b2bf1df098 fixed encoding and set telnetd as default cmd 2013-03-23 22:56:15 +01:00
m-1-k-3 47d458a294 replacement of the netgear-sph200d module 2013-03-23 22:40:32 +01:00
m-1-k-3 270f64acc2 feedback included 2013-03-23 15:54:34 +01:00
m-1-k-3 dcd2aebdcd feedback included 2013-03-20 21:34:30 +01:00
jvazquez-r7 44f07cef19 Merge branch 'linksys-e1500-e2500-exec' of https://github.com/m-1-k-3/metasploit-framework 2013-03-20 00:47:31 +01:00
jvazquez-r7 80d218b284 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-19 19:55:51 +01:00
m-1-k-3 9fc0f9a927 initial commit 2013-03-19 17:31:01 +01:00
jvazquez-r7 e5f7c08d6f Added module for CVE-2012-4940 2013-03-13 11:52:54 +01:00
jvazquez-r7 91fbeda062 up to date 2013-03-12 17:04:27 +01:00
jvazquez-r7 6055438476 up to date 2013-03-12 17:04:27 +01:00
David Maloney 4212c36566 Fix up basic auth madness 2013-03-01 11:59:02 -06:00
jvazquez-r7 ec5c8e3a88 Merge branch 'dlink-dir300-600-execution' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink-dir300-600-execution 2013-02-16 19:12:42 +01:00
Jeff Jarmoc c2f8e4adbd Minor - Note Rails 3.1.11 patch in Description. 2013-02-13 22:30:54 -06:00
jvazquez-r7 d1784babea little cleanup plus msftidy compliant 2013-02-13 20:24:49 +01:00
jvazquez-r7 0ae473b010 info updated with rails information 2013-02-13 09:52:17 +01:00
jvazquez-r7 f46eda2fa9 Merge branch 'rails_devise_pw_reset' of https://github.com/jjarmoc/metasploit-framework into jjarmoc-rails_devise_pw_reset 2013-02-13 09:51:37 +01:00
jvazquez-r7 799beb5adc minor cleanup 2013-02-13 01:00:25 +01:00
Jeff Jarmoc 1d5d33f306 use normalize_uri() 2013-02-12 14:58:07 -06:00
Jeff Jarmoc c6a7a4e68d /URIPATH/TARGETURI/g 2013-02-12 14:50:10 -06:00
Jeff Jarmoc c7719bf4cb Verify response is non-nil. 2013-02-12 13:41:21 -06:00
Jeff Jarmoc 9e1f106a87 msftidy cleanup 2013-02-12 13:38:58 -06:00
jvazquez-r7 766257d26a pointed by @m-1-k-3 while working on #1472 2013-02-11 21:21:43 +01:00
Jeff Jarmoc 5f0a3c6b9e Removes pry, oops. 2013-02-11 14:02:46 -06:00
Jeff Jarmoc 753fa2c853 Handles error when TARGETEMAIL is invalid. 2013-02-11 13:58:56 -06:00
Jeff Jarmoc 61ffcedbfd Address HD's other comments, fixes mismatched var name in last commit. 2013-02-11 11:17:26 -06:00
Jeff Jarmoc e72dc47448 Uses REXML for encoding of password. 2013-02-11 11:12:29 -06:00
Jeff Jarmoc 43a1fbb6f2 Make msftiday happy. 2013-02-10 21:13:18 -06:00
Jeff Jarmoc 55cba56591 Aux module for joernchen's devise vuln - CVE-2013-0233 2013-02-10 21:10:00 -06:00
m-1-k-3 63c6791473 return 2013-02-09 11:17:02 +01:00
m-1-k-3 6cccf86a00 Merge branch 'master' of git://github.com/rapid7/metasploit-framework into dlink-dir300-600-execution 2013-02-09 11:09:56 +01:00
Tod Beardsley 5357e23675 Fixups to the Linksys module 
Professionalizes the description a little, but more importantly, handles
LANIP better, I think. Instead of faking a 1.1.1.1 address, just detect
if it's set or not in a method and return the right thing accordingly.

Please test this before landing, obviously. I think it's what's
intended.
 2013-02-06 12:46:50 -06:00
Tod Beardsley faeaa74a49 Msftidy whitespace 2013-02-06 11:06:13 -06:00
m-1-k-3 43f3bb4fe6 small updates 2013-02-05 13:54:10 +01:00
m-1-k-3 5ca0e45388 initial commit 2013-02-04 08:44:12 +01:00
jvazquez-r7 2bf2d4d8a4 Merge branch 'netgear_sph200d_traversal' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-netgear_sph200d_traversal 2013-02-03 23:35:29 +01:00
jvazquez-r7 c24c926ffa add aditional check to detect valid device 2013-02-01 20:55:06 +01:00
jvazquez-r7 996ee06b0f fix another print_ call 2013-02-01 20:43:54 +01:00
jvazquez-r7 152f397a1f first module cleanup 2013-02-01 20:38:11 +01:00
m-1-k-3 988761a6de more updates, BID, Exploit-DB 2013-02-01 20:18:53 +01:00
m-1-k-3 fdd5fe77c1 more updates ... 2013-02-01 19:59:19 +01:00
m-1-k-3 0e22ee73b5 updates ... 2013-02-01 19:26:34 +01:00
sinn3r c174e6a208 Correctly use normalize_uri() 
normalize_uri() should be used when you're joining URIs.  Because if
you're merging URIs after it's normalized, you could get double
slashes again.
 2013-01-30 23:23:41 -06:00
m-1-k-3 ea5e993bf3 initial 2013-01-29 22:02:29 +01:00
jvazquez-r7 1fc747994e cleanup for linksys_wrt54gl_exec 2013-01-24 17:50:14 +01:00
m-1-k-3 3a5e92ba6f hopefully all fixex included 2013-01-23 12:15:34 +01:00
m-1-k-3 11c13500be small fix 2013-01-21 13:41:42 +01:00
m-1-k-3 62ff52280a initial linksys OS command injection 2013-01-21 13:19:29 +01:00
Tod Beardsley 33751c7ce4 Merges and resolves CJR's normalize_uri fixes 
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules

Note that this trips all kinds of msftidy warnings, but that's for another
day.

Conflicts:
	modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
	modules/exploits/windows/http/xampp_webdav_upload_php.rb
 2013-01-07 11:16:58 -06:00
Christian Mehlmauer 95948b9d7c msftidy: remove $Revision$ 2013-01-03 00:58:09 +01:00
Christian Mehlmauer ca890369b1 msftidy: remove $Id$ 2013-01-03 00:54:48 +01:00
Chris John Riley f88ec5cbc8 Add normalize_uri to modules that may have 
been missed by PULL 1045.

Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)

ref --> https://github.com/rapid7/metasploit-framework/pull/1045
 2012-11-08 17:42:48 +01:00
Michael Schierl 910644400d References EDB cleanup 
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
 2012-10-23 21:02:09 +02:00
sinn3r 54ed60e24e Forgot to remove the second require 2012-09-24 18:50:53 -05:00
sinn3r 6bd450e114 Make Ruby 1.8 happy 2012-09-24 18:49:41 -05:00
jvazquez-r7 6771466cb7 Added module for CVE-2011-2750 2012-09-13 17:24:16 +02:00
sinn3r b4b860f356 Correct MC's name 2012-08-08 14:16:02 -05:00
sinn3r f26053c2c3 Add vendor's name in there for easier searching 2012-08-07 12:16:52 -05:00
sinn3r 614ae02a26 Add CVE-2012-2626 Scrutinizer add-user aux mod 2012-08-07 12:13:25 -05:00
sinn3r e5dd6fc672 Update milw0rm references. 
milw0rm.com is long gone, so all milw0rm references are just
a bunch of broken links.  Change to exploit-db instead.
 2012-06-28 14:27:12 -05:00
Tod Beardsley 97974d9241 Shorten title for display 2012-06-27 10:19:46 -05:00
sinn3r f93658b37a Minor name change 2012-06-25 15:51:02 -05:00
sinn3r 637edc21ce Add CVE-2010-2731 2012-06-25 15:48:36 -05:00
Tod Beardsley 302ab963d1 Adding ref for intersil module 2012-06-20 15:05:56 -05:00
sinn3r e72303a922 Add Intersil HTTP Basic auth pass reset (originally #453) 
The modified version of pull request #453. This addresses a couple
of things including:
* Change the description to better explain what the vulnerability is.
  The advisory focuses the problem as an auth bypass, not DoS,
  although it can end up dosing the server.
* The title and filename are changed as a result of matching that
  advisory's description.
* Use 'TARGETURI' option instead of 'URI'.
* The reset attempt needs to check if the directory actually has
  401 in place, otherwise this may result a false-positive.
* The last HTTP request needs to check a possible nil return value.
* More verbose outputs.
 2012-06-16 21:14:57 -05:00
sinn3r 01803c4a33 Fix possible nil res. Bug #6939. Part 1. 2012-06-04 13:11:47 -05:00
Christian Mehlmauer 3752c10ccf Adding FireFart's RPORT(80) cleanup 
This was tested by creating a resource script to load every changed
module and displaying the options, like so:

````
use auxiliary/admin/2wire/xslt_password_reset
show options
use auxiliary/admin/http/contentkeeper_fileaccess
show options
````

...etc. This was run in both the master branch and FireFart's branch
while spooling out the results of msfconsole, then diffing those
results. All modules loaded successfully, and there were no changes to
the option sets, so it looks like a successful fix.

Thanks FireFart!

Squashed commit of the following:

commit 7c1eea53fe3743f59402e445cf34fab84cf5a4b7
Author: Christian Mehlmauer <FireFart@gmail.com>
Date:   Fri May 25 22:09:42 2012 +0200

    Cleanup Opt::RPORT(80) since it is already registered by Msf::Exploit::Remote::HttpClient
 2012-06-02 09:53:19 -05:00
sinn3r c606896122 Multiple fixes and improvements: 
* Make session ID configurable based on feature #6894's suggestion.
* Fix a potential bug when res is nil.
* Use print_error() to make the error message more readable.
 2012-05-24 02:16:29 -05:00
Tod Beardsley 2f3bbdc00c Sed replacement of exploit-db links with EDB refs 
This is the result of:

find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/\([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
 2012-03-21 16:43:21 -05:00
sinn3r aeb691bbee Massive whitespace cleanup 2012-03-18 00:07:27 -05:00
sinn3r 7c77fe20cc Some variables don't need to be in a double-quote. 2012-03-17 20:37:42 -05:00
Tod Beardsley 302853f5a4 Unpolluting SVN Revision keyword 
Sometimes Revision keywords get expanded, too. Fix those.
 2012-03-02 10:18:32 -06:00
Tod Beardsley 3626d48db2 Un-polluting SVN Id keyword 
Sometimes the SVN Id keyword sneaks back into the github repo already
expanded.
 2012-03-02 10:18:32 -06:00
Efrain Torres b608aeeeb7 Migrating modules to use report_web_vulns and minor fixes 2012-03-02 10:18:32 -06:00
Efrain Torres a2e5a4d9d5 New wmap version 1.5. Plugin and mixin changes. Modules edited to adjust to naming convention 2012-03-02 10:18:31 -06:00
HD Moore ceb4888772 Fix up the boilerplate comment to use a better url 2012-02-20 19:40:50 -06:00
sinn3r 7b2a1dc791 Repair dead milw0rm link to exploit-db 2011-12-13 16:11:33 -06:00
James Lee 67120d4263 msftidy on aux modules, see #5749 2011-11-20 13:12:07 +11:00
HD Moore d75e4aead3 Cosmetic changes 2011-11-10 15:45:02 -06:00
Steve Tornio 0c36915dae add osvdb ref 2011-11-10 13:24:26 -06:00
wchen-r7 453082678f Add CVE-2010-1871 (Feature #5922) 2011-11-10 10:21:17 -06:00
Wei Chen 7ffcf62a2e Add #5364 
git-svn-id: file:///home/svn/framework3/trunk@14181 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-07 17:34:42 +00:00
Tod Beardsley e9461c766e Msftidy run against a bunch of whitespace violations, a few line too longs. 
git-svn-id: file:///home/svn/framework3/trunk@13962 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 02:42:01 +00:00
Patrick Webster 5c41385284 Added aux module trendmicro_dlp_traversal. 
git-svn-id: file:///home/svn/framework3/trunk@13772 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-22 07:34:53 +00:00
David Rude cacc3f237c Added improvements to this module to use a wordlist of known sensitive files 
git-svn-id: file:///home/svn/framework3/trunk@13654 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-29 03:13:22 +00:00
James Lee d50577066f remove some silliness of registering UserAgent as an option since it's already an advanced option for HttpClient, make the default obvious 
git-svn-id: file:///home/svn/framework3/trunk@13394 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-28 22:57:47 +00:00
Patrick Webster fb33b0cbfd Added contentkeeper_fileaccess aux traversal module. 
git-svn-id: file:///home/svn/framework3/trunk@12288 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-10 15:27:17 +00:00
Joshua Drake 4590844871 tons of indentation fixes, some other style tweaks 
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-20 08:06:27 +00:00
cg 6b1eb27ab5 put scanner modules in the scanner directory 
git-svn-id: file:///home/svn/framework3/trunk@10210 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-01 01:49:06 +00:00
cg 36bbd6e8b6 coldfusion directory traversal module 
git-svn-id: file:///home/svn/framework3/trunk@10209 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-01 01:43:48 +00:00
Joshua Drake aac956db50 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@10128 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-24 18:22:48 +00:00
Patrick Webster bb9be48739 Added tomcat utf8 traversal aux module. 
git-svn-id: file:///home/svn/framework3/trunk@10104 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-23 16:17:43 +00:00
Joshua Drake 12fbdcd878 add http_fingerprint calls to modules that use various headers 
git-svn-id: file:///home/svn/framework3/trunk@9627 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-25 20:53:12 +00:00
Joshua Drake 0e72894e58 more cleanups 
git-svn-id: file:///home/svn/framework3/trunk@9212 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-03 17:13:09 +00:00
Joshua Drake 0ea6eca4bc big module whitespace/formatting cleanup pass 
git-svn-id: file:///home/svn/framework3/trunk@9179 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-30 08:40:19 +00:00
HD Moore 54b276d5e5 Cosmetic 
git-svn-id: file:///home/svn/framework3/trunk@9009 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-04 16:35:43 +00:00
Steve Tornio df55aee06f add osvdb and cve refs 
git-svn-id: file:///home/svn/framework3/trunk@8444 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-10 19:35:28 +00:00
Joshua Drake 40be42676b new tomcat_mgr_login aux module 
- uses auth_brute mixin
- has old and new default users/passes/pairs
- replaces older modules/auxiliary/admin/http/tomcat_manager.rb


git-svn-id: file:///home/svn/framework3/trunk@8201 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-22 20:31:51 +00:00
Joshua Drake 5ebb0c4b38 add CVE, two default users & passwords, see #711 
git-svn-id: file:///home/svn/framework3/trunk@8194 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-22 16:22:12 +00:00
Joshua Drake 2283e029db crossing fingers, big cr removal batch 
git-svn-id: file:///home/svn/framework3/trunk@8038 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-30 22:24:22 +00:00
Patrick Webster 5f650c0751 Added HP Web JetAdmin aux command exec module. 
git-svn-id: file:///home/svn/framework3/trunk@7041 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-19 00:33:44 +00:00
Patrick Webster 9174bcd0a8 Added iomega_storcentrepro_sessionid aux module. 
git-svn-id: file:///home/svn/framework3/trunk@6733 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-01 03:55:56 +00:00
kris 37c2e301ed replacing defunct framework URL in header comments in most modules and pcap_log 
git-svn-id: file:///home/svn/framework3/trunk@6479 4d416f70-5f16-0410-b530-b9f4589650da
 2009-04-13 14:33:26 +00:00
HD Moore eccfcdfced Sets svn keywords on modules missing it, tweaks the emailer module 
git-svn-id: file:///home/svn/framework3/trunk@6407 4d416f70-5f16-0410-b530-b9f4589650da
 2009-03-28 06:03:35 +00:00
HD Moore 1d42efd73d New module from spinbad 
git-svn-id: file:///home/svn/framework3/trunk@6341 4d416f70-5f16-0410-b530-b9f4589650da
 2009-03-15 02:32:34 +00:00
Mario Ceballos ff8323e6d2 added modules from Matteo Cantoni. 
git-svn-id: file:///home/svn/framework3/trunk@6170 4d416f70-5f16-0410-b530-b9f4589650da
 2009-01-21 12:51:30 +00:00