Commit Graph

493 Commits (63c0b6f569f58d42230c912d51f15dfa2ea272ef)

Author SHA1 Message Date
William Vu fed2ed444f Remove deprecated modules
psexec_psh is undeprecated because users have been reporting
idiosyncrasies between it and psexec in the field.
2016-09-03 12:43:01 -05:00
wchen-r7 61f9cc360b Correct casing - should be HttpUsername and HttpPassword 2016-05-27 18:31:54 -05:00
wchen-r7 4dcddb2399 Fix #4885, Support basic and form auth at the same time
When a module uses the HttpClient mixin but registers the USERNAME
and PASSWORD datastore options in order to perform a form auth,
it ruins the ability to also perform a basic auth (sometimes it's
possible to see both). To avoid option naming conflicts, basic auth
options are now HTTPUSERNAME and HTTPPASSWORD.

Fix #4885
2016-05-27 16:25:42 -05:00
dmohanty-r7 6a462d5f60
Land #6703, Make ms09_065_eot_integer passive 2016-03-23 13:39:41 -05:00
wchen-r7 8c5c0086e6 Change cve_2012_6301 module path & make passive
This addresses two things:

1. The module is in the wrong directory. dos/http is for http
   servers, not browsers.
2. PassiveActions should not be a 2D array.
2016-03-23 11:10:23 -05:00
wchen-r7 53860bef1f Make ms09_065_eot_integer passive
MS-932
2016-03-23 10:50:24 -05:00
Adam Cammack 05f585157d
Land #6646, add SSL SNI and unify SSLVersion opts 2016-03-15 16:35:22 -05:00
Christian Mehlmauer 3123175ac7
use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook f703fa21d6 Revert "change Metasploit3 class names"
This reverts commit 666ae14259.
2016-03-07 13:19:55 -06:00
Brent Cook 44990e9721 Revert "change Metasploit4 class names"
This reverts commit 3da9535e22.
2016-03-07 13:19:48 -06:00
Christian Mehlmauer 3da9535e22
change Metasploit4 class names 2016-03-07 09:57:22 +01:00
Christian Mehlmauer 666ae14259
change Metasploit3 class names 2016-03-07 09:56:58 +01:00
Brent Cook eea8fa86dc unify the SSLVersion fields between modules and mixins
Also actually handle the 'Auto' option that we had in the crawler and remove
hardcoded defaults in modules that do not need them.
2016-03-06 22:06:27 -06:00
wchen-r7 a82ce40c40 Update ibm_tsm_dos name
For some reason I actually modified the name, but I didn't mean
to.
2016-02-18 16:07:46 -06:00
James Lee adb175136e Fix extra whitespace and unused vars in call 2016-02-18 15:18:29 -06:00
Brent Cook 3d1861b3f4 Land #6526, integrate {peer} string into logging by default 2016-02-15 15:19:26 -06:00
wchen-r7 3121093898 Update metadata, plus other minor changes 2016-02-11 22:04:05 -06:00
William Webb c874699b82 removed ranking 2016-02-10 11:45:09 -06:00
William Webb 4c6cb03548 more build errors 2016-02-10 11:40:21 -06:00
William Webb 72f5a33804 addressed CI errors 2016-02-10 11:34:05 -06:00
William Webb 51604fa24a made necessary inheritance changes 2016-02-10 10:59:11 -06:00
William Webb eadbb6b582 moved module to modules/auxiliary/dos/misc 2016-02-09 11:44:01 -06:00
James Lee 8094eb631b
Do the same for aux modules 2016-02-01 16:06:34 -06:00
Jon Hart efdb6a8885
Land #6392, @wchen-r7's 'def peer' cleanup, fixing #6362 2015-12-24 08:53:32 -08:00
Jon Hart e3eafff7c9
Land #6237, @jww519's aux module for Android CVE-2012-6301 2015-12-23 13:27:09 -08:00
wchen-r7 cea3bc27b9 Fix #6362, avoid overriding def peer repeatedly
def peer is a method that gets repeated a lot in modules, so we
should have it in the tcp mixin. This commit also clears a few
modules that use the HttpClient mixin with def peer.
2015-12-23 11:44:55 -06:00
Jon Hart a8bb750db7
Address style/usability concerns in Android CVE-2012-6301 module 2015-12-17 13:45:32 -08:00
dmohanty-r7 a71d7ae2ae
Land #6089, @jvazquez-r7 Fix HTTP mixins namespaces 2015-11-05 16:56:41 -06:00
wchen-r7 e7d6493311 Replace links 2015-10-28 10:45:02 -05:00
wchen-r7 154fb585f4 Remove bad references (dead links)
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
jvazquez-r7 cf9ddbb701
Update moduels using Msf::HTTP::Wordpress 2015-10-15 11:47:13 -05:00
William Vu ddea0ea708
Fix #5797, extraneous nil fix 2015-10-07 01:11:51 -05:00
William Vu 0182f394b4 Remove extraneous nil
Didn't need it, forgot to remove it.
2015-10-07 01:10:33 -05:00
William Vu 2ab779ad3d
Land #6010, capture_sendto fixes 2015-10-01 10:54:24 -05:00
Jon Hart 989fe49750
Fix #6008 for synflood 2015-09-27 14:50:59 -07:00
Jon Hart 7b026676f1
Fix #6008 for avahi_portzero 2015-09-27 14:47:05 -07:00
wchen-r7 cf6d5fac2a Use the latest cred API, no more report_auth_info 2015-09-04 13:43:15 -05:00
Tod Beardsley cebcf72a99
Add discoverer credit, blog ref, longer desc 2015-08-01 10:31:41 -05:00
William Vu fcb7981199 Add BIND TKEY DoS 2015-08-01 06:01:35 -05:00
William Vu d86c21e94a
Land #5567, author fix 2015-06-19 10:41:41 -05:00
aushack 76cd9590a4 Fix author 2015-06-19 19:13:51 +10:00
wchen-r7 f9f35db7f3 Update description 2015-05-28 14:52:03 -05:00
erwanlr a74c3372c0 Uses vprint instead of print in #check_host 2015-05-28 15:46:51 +01:00
erwanlr 6d01d7f986 Uses peer instead of ip:port across all the module 2015-05-28 09:32:05 +01:00
erwanlr 447c4ee7df Allows the targetèuri to be shared between the #check and #dos 2015-05-28 09:30:04 +01:00
erwanlr d9d8634948 Changes the message displayed when vulnerable 2015-05-21 08:46:16 +01:00
erwanlr 4f6fe2abce Avoids swallowing exceptions 2015-05-20 21:36:03 +01:00
erwanlr 202a77fc12 Improves detection of the MS15-034 2015-05-20 18:08:00 +01:00
jvazquez-r7 a5267ab77e
Land #4940, @dnkolegov's modules for F5 BIG-IP devices 2015-05-12 09:59:21 -05:00
Denis Kolegov efb226a55c Fixed some minor errors 2015-05-10 02:59:57 -04:00