4557 Commits (641559ec1219980950d7fc1f82e5c72689a95a54)

Author	SHA1	Message	Date
David Maloney	96e492f572	Merge branch 'master' into staging/electro-release	2014-06-12 14:02:27 -05:00
William Vu	62a4991508	Land #3446, some code cleanup from @todb-r7	2014-06-12 13:35:36 -05:00
Tod Beardsley	3f5e50d18f	Aux modules don't have ranking. ... msftidy should have defintely caught this. That it didn't catch on Travis-CI concerns me. Need to research this.	2014-06-12 13:21:59 -05:00
Tod Beardsley	1aa029dbed	Avoid double quotes in the initialize/elewhere ... There is no need to have double quotes there for uninterpolated strings, and every other module uses single quotes.	2014-06-12 13:20:59 -05:00
Samuel Huckins	fe33444858	Merge pull request #58 from rapid7/feature/MSP-9693/db2_auth ... Errors resolved, cred created MSP-9693 #land	2014-06-12 12:49:54 -05:00
jvazquez-r7	e85f829ee4	modules living inside scanner should include the Scanner mixin	2014-06-12 12:20:44 -05:00
Samuel Huckins	430b3d181e	Merge pull request #67 from rapid7/feature/MSP-9695/ftp_login ... Access level string clarified, specs passing, valid looking cores with proper info MSP-9695 #land	2014-06-12 11:33:18 -05:00
Samuel Huckins	71a4f1ab33	Clarified RW access level ... MSP-9695	2014-06-12 11:32:20 -05:00
jvazquez-r7	67d4097e1d	Land #3271, @claudijd's Cisco ASA SSL VPN Bruteforce Aux Module	2014-06-12 11:27:23 -05:00
jvazquez-r7	7650067b41	Fix metadata	2014-06-12 11:22:52 -05:00
jvazquez-r7	e76c85c5d1	Fix usage of print_*	2014-06-12 11:13:45 -05:00
David Maloney	e4ff07dfa8	Merge branch 'staging/electro-release' into feature/MSP-9693/db2_auth	2014-06-12 10:52:06 -05:00
Samuel Huckins	a5d88fd2ab	Space in arg list, because I don't hate feedom.	2014-06-12 10:29:14 -05:00
joev	6bc37cca0c	Land #3430, @brandonprry's generic MongoDB injection enum.	2014-06-11 21:41:23 -05:00
David Maloney	c074ebda7b	refactor telnet_login	2014-06-11 17:46:42 -05:00
dmaloney-r7	85bee6ea12	Update ftp_login.rb	2014-06-11 17:29:23 -05:00
Brandon Perry	cca91dd7c5	Update mongodb_js_inject_collection_enum.rb ... some @jvennix-r7 fixes	2014-06-11 17:07:57 -05:00
David Maloney	83a2dc250d	make ftp guest attempts optional	2014-06-11 16:37:59 -05:00
David Maloney	1164cf5363	refactor ftp_login ... uses new cred goodness	2014-06-11 16:21:55 -05:00
Trevor Rosen	87a9ee9a69	Merge pull request #59 from rapid7/feature/MSP-9697/tomcat_login ... Feature/msp 9697/tomcat login MSP-9697 #land	2014-06-11 15:35:09 -05:00
Trevor Rosen	6c0d668f0a	Merge pull request #55 from rapid7/feature/MSP-9701/msssql_login ... Feature/msp 9701/msssql login MSP-9701 #land	2014-06-11 13:48:59 -05:00
Samuel Huckins	84aa0d42ed	Merge pull request #57 from rapid7/bug/MSP-10004/rubyzip ... Trevor added a 0.4.1 tag right before this PR landed, making this unmergable. Pulled in staging/electro-release, specs passing.	2014-06-11 13:48:03 -05:00
Samuel Huckins	1903542683	Merge branch 'staging/electro-release' into bug/MSP-10004/rubyzip ... Conflicts: Gemfile Gemfile.lock	2014-06-11 13:42:26 -05:00
Trevor Rosen	e8752f9c56	Point to correct creds version	2014-06-11 13:38:35 -05:00
Trevor Rosen	651871bd7a	Resolve upstream conflict	2014-06-11 13:34:45 -05:00
David Maloney	9593422f9c	Merge branch 'master' into staging/electro-release	2014-06-11 10:23:56 -05:00
William Vu	6ca5cf6c26	Add Chromecast YouTube remote control	2014-06-11 00:08:08 -05:00
David Maloney	c06fd21fb1	refactor tomcat_mgr_login ... uses the new Metasploit::Credential magic now	2014-06-10 15:59:00 -05:00
David Maloney	693c4aae66	make sure we capture realms ... need to account for the possability of realms in mssql_login	2014-06-10 14:41:45 -05:00
Luke Imhoff	b05e7fb9ac	Fix require ... MSP-10004 Change 'zip/zip' to 'zip' to match >= 1.0.0 rubyzip API.	2014-06-10 13:58:07 -05:00
David Maloney	74d376e387	refactor db2_auth module ... you know what it is	2014-06-10 13:43:07 -05:00
Luke Imhoff	4d923a4809	Update to Rubyzip 1.X API ... MSP-10004 `require 'zip'` instead of `'zip/zip'` and rename all classes to remove redundant Zip prefix inside the Zip namespace.	2014-06-10 13:41:42 -05:00
Tod Beardsley	44540e6d00	Land #3437, CSS Injection MITM scanner	2014-06-10 13:36:35 -05:00
jvazquez-r7	4aa1fee398	Land #3326, @FireFart's Heartbleed - server response parsing	2014-06-10 13:27:28 -05:00
David Maloney	0c89d6cdce	refactor mssql_login ... now uses all the Metasploit::Credential goodness	2014-06-10 11:49:08 -05:00
David Maloney	15ceb1e826	put calls in right place it helps	2014-06-10 11:17:19 -05:00
David Maloney	63ec83ea90	missing public ... missing the public in the invalidate_login call now fixed	2014-06-10 11:12:17 -05:00
David Maloney	e9d9806408	invalidate_login ... added invalidate_login call also made to_s on credential drop the @ if there is no realm present	2014-06-10 11:07:15 -05:00
David Maloney	dc590008a7	add invalidate_login call ... add the new invalidate login call to make sure we update the status on failed logins appropriately	2014-06-10 10:58:27 -05:00
Tod Beardsley	521284253f	Be more clear about the vuln and impact	2014-06-10 10:29:23 -05:00
jvazquez-r7	9b55f5143a	Add module for CVE-2014-0224	2014-06-09 17:38:11 -05:00
David Maloney	32f87b985c	refactor mysql_login ... refactor mysql_login to use the new Metasploit::Credential apradigm	2014-06-09 14:20:58 -05:00
David Maloney	61fd962331	refactor vnc_login ... refactor for new credential usage	2014-06-09 13:55:24 -05:00
Tod Beardsley	4103f2295b	Missing comma	2014-06-09 13:44:46 -05:00
Tod Beardsley	0e14d77dba	Minor fixup on DTLS module	2014-06-09 13:42:30 -05:00
jvazquez-r7	0e611b5d64	Land #3429, @jhart-r7's auxiliary module for CVE-2014-0195	2014-06-09 13:34:38 -05:00
jvazquez-r7	ed5d83a41b	Add vulnerability discoverer	2014-06-09 13:25:33 -05:00
jvazquez-r7	daf662b3c0	Do minor cleanup	2014-06-09 13:23:56 -05:00
David Maloney	a4e96d8f59	Merge branch 'master' into staging/electro-release	2014-06-09 13:07:22 -05:00
jvazquez-r7	1f33566033	Land #3432, @Meatballs1 sap_soap_rfc_brute_login's clean up	2014-06-09 11:39:52 -05:00