bae19405a7
Various grammar, spelling, word choice fixes
2015-01-26 11:00:07 -06:00
f3a2d6663f
Fix #4616 and Fix #3798 - Correctly use OptRegexp
...
This patch fixes a problem with OptRegexp. The OptRegexp class is
always forcing the value to be converted to a string first, which
causes the EXCLUDE option in browser_autopwn to kick in and match
every found autopwn module, so it ignores all of them and you load
nothing (#4616 ).
It is important to understand that nil actually represents an option
not being set, which is a completely different behavior than having
an empty value (technically "" is still a value, and if there's a
value, it means the option is set). We need to watcher for these
scenarios.
I am restoring the #default method to avoid forcing a to_s, which should
fix the browser autopwn loading problem. And then I changed scraper.rb's
default value for datastore option PATTERN to a string, because still
fixes #3798 . The way I see it, #3798 is actually a module-specific issue.
Fix #4616
Fix #3798
2015-01-23 02:38:26 -06:00
b7eb4d24aa
Squash another rogue 5009
2015-01-13 10:36:43 -08:00
69f03f5c5d
Move ACPP default port into Rex
2015-01-12 19:43:57 -08:00
01a9fb1483
Spelling
2015-01-12 19:29:41 -08:00
a076a9ab89
report_vuln
2015-01-12 19:23:08 -08:00
d5cdfe73ed
Big style cleanup
2015-01-12 19:11:14 -08:00
9721993b8f
Allow blank password, remote more unused opts, print private
2015-01-12 18:43:54 -08:00
44059a6e34
Disable more unused options
2015-01-12 14:15:40 -08:00
ec506af8ea
Make ACPP login work
2015-01-12 14:01:23 -08:00
e9557ffe58
Simplify module in prep for some authbrute cleanups
2015-01-12 13:08:12 -08:00
97f5cbdf08
Add initial Airport ACPP login scanner
2015-01-12 13:08:12 -08:00
8c23e8c2e8
ruby 2.2 compatibility
...
Fix circular argument reference warnings for ruby 2.2
2015-01-07 12:00:50 +02:00
44dfa746eb
Resolve #4513 - Change #inspect to #to_s
...
Resolve #4513
2015-01-05 11:50:51 -06:00
d3050de862
Remove references to Redmine in code
...
See #4400 . This should be all of them, except for, of course, the module
that targets Redmine itself.
Note that this also updates the README.md with more current information
as well.
2014-12-19 17:27:08 -06:00
8d2bd74d31
Add preliminary module to cover 'Misfortune Cookie', CVE-2014-9222
2014-12-18 17:21:26 -08:00
6b0a98b69c
Resolve #4408 - bad uncaught nil get_once
2014-12-17 14:02:42 -06:00
f6af86a06d
Land #4402 , ms12_020_check NilClass fix
2014-12-16 15:34:25 -06:00
2604746fb7
Land #4361 , Kippo detector
2014-12-15 14:54:48 -06:00
8394cc13a8
Perform final cleanup of detect_kippo
2014-12-15 14:38:38 -06:00
c611249723
Take full advantage of the check command
2014-12-15 12:50:59 -06:00
9edb2b4fab
Fix #4378 - Do exception handling
...
Fix #4378
2014-12-15 12:37:36 -06:00
eb47ca593e
update desc to include domain admin information
2014-12-13 13:01:41 -06:00
2e94280cba
mv bmc to scanner/http
2014-12-13 12:58:16 -06:00
8dd5da9d64
added blog post reference
2014-12-12 18:53:26 -08:00
f676b72767
Add Kademlia scanner, lands #4210
2014-12-12 16:40:58 -06:00
338cce02c9
Downcase the service name for consistency
2014-12-12 16:40:42 -06:00
f5374d1552
Added report_service method for database support, added port number in the print_status output, removed arbitrary comments, fixed some spacing. Ready for another review from msf devs
2014-12-12 11:57:35 -08:00
b1f7682713
Make msftidy happy
2014-12-12 12:59:00 -06:00
493034ad10
Land #3305 , @claudijd Cisco SSL VPN Privilege Escalation exploit
2014-12-12 12:57:00 -06:00
0f27c63720
fix msftidy warnings
2014-12-12 13:16:21 +01:00
65b316cd8c
Land #4372
2014-12-11 18:48:16 -08:00
544f75e7be
fix invalid URI scheme, closes #4362
2014-12-11 23:34:10 +01:00
de88908493
code style
2014-12-11 23:30:20 +01:00
47c38ed04e
Merge pull request #4364 from todb-r7/bug/bruteforce-speed-3904
...
Modules should respect bruteforce_speed again
2014-12-11 13:19:42 -06:00
51762e1194
Explicitly include the HTTP Login scanner
...
This should be the last commit that fixes #3904 .
2014-12-11 11:08:08 -06:00
b533f74024
Add a bruteforce_speed option to all LoginScanners
2014-12-11 11:06:32 -06:00
7afa87f168
screwed up formatting. updated indention at the end. ok seriously, going to bed now
2014-12-11 01:05:56 -08:00
291166e1ff
forgot to run through msftidy.rb. made a few minor corrections
2014-12-11 00:47:39 -08:00
a1624c15ae
Addressed some recommendations made by wvu-r7. Need to remove some comments, add reporting, etc.
2014-12-11 00:40:20 -08:00
22c9db5818
added detect_kippo.rb
2014-12-10 19:37:35 -08:00
e89a399f95
Merge remote-tracking branch 'upstream/master' into add_cisco_ssl_vpn_priv_esc
2014-12-09 20:55:01 -05:00
09617f990b
Implement BRUTEFORCE_SPEED respect (telnet)
...
This implements just for telnet, but assuming this strategy is kosher,
it's not too painful to add for the rest of the LoginScanner using the
old defaults used by `AuthBrute`.
See #3904 , @dmaloney-r7 or @jlee-r7
2014-12-09 15:40:43 -06:00
916503390d
use get_data
2014-12-08 22:49:02 +01:00
fb9724e89d
fix heartbleed cert parsing, fix #4309
2014-12-08 21:58:38 +01:00
85e0d72711
Land #4229 , @tatehansen's module for CVE-2014-7992
2014-12-04 17:20:49 -08:00
f0cfcd4faf
Update dlsw_leak_capture name and print_
...
This makes it more obvious exactly what is being scanned for
2014-12-04 17:20:01 -08:00
52851d59c0
Update GATEWAY to GATEWAY_PROBE_HOST, add GATEWAY_PROBE_PORT
2014-12-04 13:26:16 -08:00
6bd56ac225
Update any modules that deregistered NETMASK
2014-12-04 13:22:06 -08:00
3aecd3a10e
added DLSw v1 and v2 check, added check for \x00 in leak segment
2014-12-03 23:27:11 -07:00
Tod Beardsley
sinn3r
Jon Hart
dmooray
William Vu
Brandon Perry
Andrew Morris
HD Moore
jvazquez-r7
Christian Mehlmauer
dmaloney-r7
Jonathan Claudius
tate