Brandon Perry
6b9635d7a5
Rename zabbix_toggleids_sqli to zabbix_toggleids_sqli.rb
2016-08-22 18:52:16 -05:00
Brandon Perry
2abf71a3ac
Create zabbix_toggleids_sqli
2016-08-21 12:43:20 -05:00
wchen-r7
5f8ef6682a
Fix #7202 , Make print_brute print ip:rport if available
...
Fix #7202
2016-08-16 15:34:30 -05:00
Pearce Barry
1e7663c704
Land #7200 , Rex::Ui::Text cleanup
2016-08-12 16:22:55 -05:00
wchen-r7
c2c05a820a
Force uripath and srvport options
2016-08-10 18:25:45 -05:00
wchen-r7
e56e801c12
Update ie_sandbox_findfiles.rb
2016-08-10 18:09:58 -05:00
David Maloney
eb73a6914d
replace old rex::ui::text::table refs
...
everywhere we called the class we have now rewritten it
to use the new namespace
MS-1875
2016-08-10 13:30:09 -05:00
Yorick Koster
87b27951cf
Fixed some build errors
2016-08-09 20:46:49 +02:00
Yorick Koster
79a84fb320
Internet Explorer iframe sandbox local file name disclosure vulnerability
...
It was found that Internet Explorer allows the disclosure of local file
names. This issue exists due to the fact that Internet Explorer behaves
different for file:// URLs pointing to existing and non-existent files.
When used in combination with HTML5 sandbox iframes it is possible to
use this behavior to find out if a local file exists. This technique
only works on Internet Explorer 10 & 11 since these support the HTML5
sandbox. Also it is not possible to do this from a regular website as
file:// URLs are blocked all together. The attack must be performed
locally (works with Internet zone Mark of the Web) or from a share.
2016-08-09 20:35:42 +02:00
wchen-r7
de16a6d536
Land #7182 , Nuuo / Netgear Surveillance admin password reset module
2016-08-08 16:10:30 -05:00
Pedro Ribeiro
7ca7682d17
Fix whitespace error from msftidy
2016-08-08 17:57:03 +01:00
Pedro Ribeiro
106f26587e
Add bugtraq reference
2016-08-05 21:52:46 +01:00
Pedro Ribeiro
036d0502db
Add github link
2016-08-04 17:38:45 +01:00
Pedro Ribeiro
ec67db03f1
add exploit for CVE 2016-5676
2016-08-04 16:56:16 +01:00
Jon Hart
554a0c5ad7
Deprecate nbname_probe, which duplicate nbname as of 77cd6dbc8b
2016-08-02 17:36:22 -07:00
William Vu
e699d3f05b
Fix empty output in nbns_response
...
Normally, the module prints nothing unless VERBOSE is true. In practice,
we at least want to see responded-to hosts. We leave details to be
printed when VERBOSE is set.
2016-07-31 09:47:19 -07:00
wchen-r7
cce1ae6026
Fix #6989 , scanner modules printing RHOST in progress messages
...
Fix #6989
2016-07-25 23:15:59 -05:00
James Lee
ff63e6e05a
Land #7018 , unvendor net-ssh
2016-07-19 17:06:35 -05:00
Brent Cook
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e0216
, reversing
changes made to 7b1d9596c7
.
2016-07-15 12:00:31 -05:00
David Maloney
b6b52952f4
set ssh to non-interactive
...
have to set the non-interactive flag so that it does not
prompt the user on an incorrect password
MS-1688
2016-07-14 11:12:03 -05:00
David Maloney
01d0d1702b
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup
2016-07-14 09:48:28 -05:00
thao doan
9862a2fc25
Land #7080 , Updated docs and made enhancements for Netgear soap password extractor
2016-07-13 14:30:46 -07:00
Brent Cook
2b016e0216
Land #6812 , remove broken OSVDB references
2016-07-11 22:59:11 -05:00
Brent Cook
627fffdb08
Land #7089 , correct usage of OptPort and OptRegex
2016-07-11 22:13:27 -05:00
Brent Cook
128f802928
use the regex source when generating or displaying a regex
2016-07-11 22:05:50 -05:00
Brendan
963437d5e7
Land #7063 , Add module for WebNMS 5.2 Arbitrary File Download
2016-07-11 10:05:21 -07:00
Brendan
c2a5da08af
Land #7064 , Add moule to steal creds from WebNMS 5.2
2016-07-11 06:38:50 -07:00
h00die
fdce5bc30c
add disclosure date
2016-07-09 09:30:00 -04:00
Brendan
bbe4162320
Added error checking and some suggested style changes
2016-07-08 08:27:56 -07:00
Brendan
09dcd1dade
Added version check and error handling, changed regex to ruby syntax.
...
Also made a few syntax changes to placate rubocop.
2016-07-07 10:35:18 -07:00
h00die
892f354ece
give me some credit
2016-07-06 21:39:45 -04:00
h00die
47cf6d5edf
better docs, extract more data
2016-07-06 21:28:57 -04:00
James Lee
1164c025a2
Revert "Land #7009 , egypt's rubyntlm cleanup"
...
This reverts commit d90f0779f8
, reversing
changes made to e3e360cc83
.
2016-07-05 15:22:44 -05:00
David Maloney
5f9f3259f8
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup
2016-07-05 10:48:38 -05:00
Brent Cook
54dfcee665
Land #7055 , add netgear_soap_password_extractor docs
2016-07-04 23:59:10 -05:00
Pedro Ribeiro
ec4769fade
Create exploit for WebNMS credential disclosure
2016-07-04 21:15:15 +01:00
Pedro Ribeiro
05ef5316df
Create exploit for WebNMS arbitrary file download
2016-07-04 21:10:14 +01:00
h00die
844c13dc17
added new vuln device to netgear list, plus docs
2016-07-01 18:32:30 -04:00
Pearce Barry
159446ce92
Ensure http_login scanner module saves passwds.
...
Fixes #6983 . When the auxiliary/scanner/http/http_login module discovers a successful basic auth user+password combination, make sure we properly store the password by specifically telling the credentials gem that the private data we're storing is a :password.
2016-06-30 16:58:39 -05:00
David Maloney
3d93c55174
move sshfactory into a mixin method
...
use a convience method to DRY up creation
of the SSHFactory inside modules. This will make it easier
to apply changes as needed in future. Also changed msframework attr
to just framework as per our normal convention
MS-1688
2016-06-28 15:23:12 -05:00
James Lee
4e63591ce8
Use the proper Author key, not Authors
2016-06-28 15:21:19 -05:00
David Maloney
ee2d1d4fdc
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup
2016-06-28 15:00:35 -05:00
David Maloney
97f9ca4028
Merge branch 'master' into egypt/ruby-ntlm
2016-06-28 14:14:56 -05:00
David Maloney
409e26351b
remove test module
...
sponge left in patient
2016-06-24 15:12:47 -05:00
David Maloney
6c3871bd0c
update ssh modules to use new SSHFactory
...
updated all of our SSh based module to use the
new SSHFactory class to plug Rex::Sockets into
Net::SSH
MS-1688
2016-06-24 13:55:28 -05:00
David Maloney
5bc513d6cd
get ssh sessions working properly
...
ssh sessions now working correctly
MD-1688
2016-06-24 12:14:48 -05:00
wchen-r7
9f280d714e
Land #6994 , NetBIOS Name Brute Force Spoofing modules
2016-06-23 17:54:51 -05:00
wchen-r7
048741660c
Land #6980 , Add ClamAV Remote Command Transmitter
2016-06-22 15:50:45 -05:00
David Maloney
3e94abe555
put net:ssh::commandstream back
...
this was apparently our own creation for doing
ssh sessions
MD-1688
2016-06-22 15:02:36 -05:00
David Maloney
6072697126
continued
2016-06-22 14:54:00 -05:00