Matteo Cantoni
c559a6b39f
fix description
...
(cherry picked from commit 7c860b9553
)
2014-03-28 17:36:21 -05:00
Matteo Cantoni
ae53d75cdb
Module to HP LaserJet Printer SNMP Enumeration
...
(cherry picked from commit f18fef1864
)
2014-03-28 17:36:21 -05:00
kenkeiras
3a4f983a6f
Add CVE 2006-5229 reference
2014-03-28 22:35:19 +01:00
jvazquez-r7
9374777da1
Land #2996 , @mcantoni's jboss status aux module
2014-03-28 16:07:08 -05:00
jvazquez-r7
7689751c10
Module module location
2014-03-28 16:05:37 -05:00
kenkeiras
bca0d603ef
SSH user enumeration script
2014-03-28 16:23:52 +01:00
William Vu
5458200434
Fix a couple minor annoyances in PJL
2014-03-28 02:19:30 -05:00
William Vu
c1fdc4d945
Fix a couple things that were bugging me
2014-03-28 02:15:38 -05:00
coma
107901b481
Add CVE-2013-5877+CVE-2013-5880 for Oracle Demantra msftidy fix
2014-03-26 22:37:21 -07:00
coma
30da3575e8
Add CVE-2013-5877+CVE-2013-5880 for Oracle Demantra
2014-03-26 21:53:12 -07:00
Tod Beardsley
5b8d8d8009
Get Pro and Framework back in sync.
2014-03-26 09:25:19 -05:00
William Vu
cd448ba46c
Land #3132 , ntp_monlist improvements
2014-03-25 15:19:45 -05:00
William Vu
1c4797337f
Clean up rapid7/metasploit-framework#3132
2014-03-25 14:04:43 -05:00
Brandon Turner
460a1f551c
Fix for R7-2014-05
2014-03-24 14:12:12 -05:00
Joshua Smith
312f117262
updates file read to close file more quickly
2014-03-21 14:53:15 -04:00
Matteo Cantoni
4b2a2d4dea
Improve NTP monlist auxiliary module
2014-03-21 16:39:53 +01:00
Matteo Cantoni
fbcd661504
removed snmp_enum_hp_laserjet from this pull request
2014-03-21 15:58:53 +01:00
Spencer McIntyre
aa26405c23
Cleanup an expression and avoid fail_with
2014-03-20 17:33:09 -04:00
Spencer McIntyre
74398c4b6e
Allow using a single URI and/or a list of URIs
2014-03-20 09:54:02 -04:00
Joshua Smith
a8d919feb0
use TARGET_URI if given, otherwise TARGET_URIS_FILE
2014-03-19 23:32:04 -05:00
William Vu
b79920ba8f
Land #3089 , InvalidWordCount fix for smb_login
...
[FixRM #8730 ]
2014-03-19 16:12:56 -05:00
sinn3r
fe0b76e24e
Land #2994 - OWA 2013 support
2014-03-19 13:16:37 -05:00
silascutler
d361597104
Update es_enum.rb
2014-03-18 09:20:04 -04:00
silascutler
ad4c354460
Update es_enum.rb
...
Corrected changes from dev module
2014-03-17 13:38:33 -04:00
Silas Cutler
975c2adbad
Fixed spaces issues
2014-03-17 13:34:45 -04:00
Silas Cutler
b032f2c270
Added Elastic Search Enum
2014-03-17 13:31:24 -04:00
xistence
8fdb5250d4
changes to smtp relay aux module
2014-03-17 15:09:29 +07:00
David Maloney
da0c37cee2
Land #2684 , Meatballs PSExec refactor
2014-03-14 13:01:20 -05:00
William Vu
5aad8f2dc3
Land #3088 , SNMP timestamp elements fix
2014-03-13 02:22:14 -05:00
Tod Beardsley
206660ddde
Recreate the intent of cfebdae from @parzamendi-r7
...
The idea was to rescue on a NoReply instead of just fail, and was part
of a fix in #2656 .
[SeeRM #8730 ]
2014-03-11 14:30:01 -05:00
sho-luv
f7af9780dc
Rescue InvalidWordCount error
...
This is a cherry-pick of commit ea86da2 from PR #2656
2014-03-11 14:17:36 -05:00
James Lee
f51ee2d6b4
snmp_enum: Treat missing timestamp elements as 0
...
Timestamps don't always have all the elements we expect. This treats
them as zeroes to ensure that we don't raise silly exceptions in that
case.
2014-03-11 12:44:07 -05:00
William Vu
170608e97b
Fix first chunk of msftidy "bad char" errors
...
There needs to be a better way to go about preventing/fixing these.
2014-03-11 11:18:54 -05:00
Spencer McIntyre
ebee365fce
Land #2742 , report_vuln for MongoDB no auth
2014-03-06 19:34:45 -05:00
Spencer McIntyre
84f280d74f
Use a more descriptive MongoDB vulnerability title
2014-03-06 19:20:52 -05:00
Spencer McIntyre
12e4e0e36d
Return whether result is nil or not.
2014-02-28 10:17:37 -05:00
Spencer McIntyre
dfa91310c2
Support checking a single URI for ntlm information.
2014-02-28 08:47:29 -05:00
jgor
8be33f42fe
Define service as udp
2014-02-27 12:53:29 -06:00
Peter Arzamendi
ea5fe9ec0a
Updated to use get_cookie
2014-02-27 08:52:54 -06:00
Peter Arzamendi
9e52a10f2d
Set SSL to default to true and removed SSL from register_options. Updated Author to include full name
2014-02-26 20:49:03 -06:00
William Vu
6f398f374e
Land #3032 , inside_workspace_boundary? typo fix
2014-02-24 14:55:09 -06:00
James Lee
d2945b55c1
Fix typo
...
inside_workspace_boundary() -> inside_workspace_boundary?()
2014-02-24 14:46:08 -06:00
sinn3r
5cdd9a2ff3
Land #2995 - sqlmap minor cleanup, description & file tests
2014-02-24 10:39:01 -06:00
jvazquez-r7
4ca4d82d89
Land #2939 , @Meatballs1 exploit for Wikimedia RCE and a lot more...
2014-02-18 17:48:02 -06:00
xistence
1864089085
removed rport definition
2014-02-17 11:32:24 +07:00
Tod Beardsley
f6be574453
Slightly better file checks on sqlmap.py
2014-02-15 09:58:03 -06:00
Tod Beardsley
dacbf55fc1
Minor cleanup of title and desc on sqlmap
2014-02-15 09:55:06 -06:00
Royce Davis
0e7074c139
Modififed output for smb_enumshares module
2014-02-14 13:39:13 -06:00
Royce Davis
6dc9840064
Modified output for smb_enumshares
2014-02-14 13:12:52 -06:00
Russell Sim
ee3f1fc25b
Record successful passwordless access to mongodb
2014-02-14 08:52:17 +11:00
Matteo Cantoni
7c860b9553
fix description
2014-02-13 21:11:50 +01:00
Peter Arzamendi
5ef40e3844
Removed bad sets on datastore['USERNAME'] and datastore['PASSWORD']
2014-02-12 13:31:03 -06:00
Peter Arzamendi
2b8a8259f9
Updates to support OWA 2013 and some syntax changes
2014-02-12 09:40:49 -06:00
xistence
6944c54d13
Added EXTENDED option to smtp_relay
2014-02-12 15:44:53 +07:00
jvazquez-r7
79d559a0c9
Fix MIME message to_s
2014-02-10 22:23:23 -06:00
Tod Beardsley
1236a4eb07
Fixup on description and some option descrips
2014-02-10 14:41:59 -06:00
xistence
02fb84db20
Changed dns_amp to avoid false positives
2014-02-10 17:13:06 +07:00
Karn Ganeshen
4c01420f38
msftidy done
2014-02-06 16:52:39 +02:00
Karn Ganeshen
036ae2fd80
msftidy done
2014-02-06 16:25:41 +02:00
Karn Ganeshen
2c0ce2dffc
PocketPAD login
2014-02-05 20:22:52 +02:00
Karn Ganeshen
32e46c00d3
Rename ehterpadduo_login.rb to etherpadduo_login.rb
2014-02-05 20:21:16 +02:00
Karn Ganeshen
73418a975a
Rename ehterpadduo_login to ehterpadduo_login.rb
2014-02-05 20:20:30 +02:00
Karn Ganeshen
88b2e6b1c3
EtherPAD Duo Login
...
I've run it through retab. Msfpro loads the module fine. msftidy seems broken though. Gives this on run:
msftidy.rb:444: undefined (?...) sequence: /(?<!\.)datastore\[["'][^"']+["']\]\s*=(?![=~>])/
BR
2014-02-05 20:17:11 +02:00
William Vu
a58698c177
Land #2922 , multithreaded check command
2014-02-04 11:21:05 -06:00
jvazquez-r7
cccf2e4258
Land #2926 , @xistence A10 Networks Loadbalancer dir traversal module
2014-02-04 07:28:51 -06:00
jvazquez-r7
cc09367c62
Change the datastore name option
2014-02-04 07:28:14 -06:00
jvazquez-r7
ffd90a3d38
Add confirmation datastore option
2014-02-03 12:40:58 -06:00
jvazquez-r7
a92256e8d1
Clean a10networks_ax_directory_traversal
2014-02-03 08:41:23 -06:00
jvazquez-r7
53c2a737e9
Don't register rport again
2014-01-31 09:42:41 -06:00
jvazquez-r7
452042e757
Land #2925 , @xistence aux module for Support Center Plus traversal
2014-01-31 09:38:01 -06:00
jvazquez-r7
e9f04d9203
Do final cleanup for Support Center Plus module
2014-01-31 09:37:40 -06:00
jvazquez-r7
32c5d77ebd
Land #2918 , @wvu's fix for long argument lists
2014-01-31 08:49:22 -06:00
xistence
e81a0ed22b
Changes as requested for SupportCenterPlus module
2014-01-31 13:28:45 +07:00
William Vu
56287e308d
Clean up unused variables
2014-01-30 11:20:21 -06:00
xistence
8ac0ef396e
Added DNS recursion amplification scanner
2014-01-29 14:21:21 +07:00
xistence
d3be54fed6
Added Extended SMTP Open Relay aux module
2014-01-29 13:46:54 +07:00
xistence
c8296298b3
added A10Networks AX loadbalancer Dir Traversal Auxiliary Module
2014-01-28 16:37:25 +07:00
xistence
32d7f15a5c
added ManageEngine Support Center Plus directory traversal auxiliary module
2014-01-28 15:45:23 +07:00
jvazquez-r7
f766a74150
Land #2920 , @wvu-r7's author metadata update for printer aux modules
2014-01-27 13:02:31 -06:00
William Vu
d19e9307c6
Fix missing colon in :caller_host symbol
...
Good catch, @jvazquez-r7!
2014-01-27 12:43:59 -06:00
jvazquez-r7
0dbaeb6742
Add Matteo's email
2014-01-27 08:40:44 -06:00
sinn3r
f471f50092
ms08_067_check.rb is deprecated.
...
[SeeRM #8755 ]
2014-01-26 12:22:13 -06:00
William Vu
52371be52a
Clarify why contributors are listed as authors
...
Also adding @mcantoni to the list of authors. Sorry we missed you!
Dear contributors,
Even though we weren't able to use your code, we absolutely appreciate
that you wrote it. That's why we're listing you as authors. Thanks!!!
https://dev.metasploit.com/redmine/issues/6034
https://dev.metasploit.com/redmine/issues/5217
https://dev.metasploit.com/redmine/issues/6864
2014-01-25 18:02:17 -06:00
Matteo Cantoni
f18fef1864
Module to HP LaserJet Printer SNMP Enumeration
2014-01-25 15:48:13 +01:00
William Vu
eaeb2af97f
Use opts hash for h323_version
...
https://dev.metasploit.com/redmine/issues/8498
2014-01-24 20:32:37 -06:00
Tod Beardsley
82bf02910d
Land #2911 , correct author name for PJL credit
2014-01-24 11:00:12 -06:00
jvazquez-r7
fdaa172cc5
Land #2896 , @wchen-r7's check's normalization for auxiliary modules
2014-01-24 08:53:53 -06:00
sinn3r
9ba72ffc71
Remove check support
...
Actually, you can't support check because in check mode the module
doesn't know the IP
2014-01-23 21:30:11 -06:00
sinn3r
dc52d00be6
Modify vmware_http_login to work with check
2014-01-23 21:27:36 -06:00
William Vu
a67068f019
Correct author name
...
Was using the name quoted in Redmine. Technically, the author is Myo Soe
of the YGN Ethical Hacker Group (YEHG).
2014-01-23 19:09:20 -06:00
Tod Beardsley
f5809423a3
Let's spell right in my spellcheck PR
...
Updates #2900
2014-01-21 15:57:59 -06:00
Tod Beardsley
b3b51eb48c
Pre-release fixup
...
* Updated descriptions to be a little more descriptive.
* Updated store_loot calls to inform the user where the
loot is stored.
* Removed newlines in print_* statments -- these will screw
up Scanner output when dealing with multiple hosts.
Of the fixed newlines, I haven't see any output, so I'm not sure what
the actual message is going to look like -- I expect it's a whole bunch
of newlines in there so it'll be kinda ugly as is (not a blocker for
this but should clean up eventually)
2014-01-21 13:29:08 -06:00
sinn3r
0a8aa07131
Fix check method
...
This isn't a check, so shouldn't be using the check method
2014-01-19 16:47:15 -06:00
sinn3r
a1eba03d1f
Land #2725 - Rex::Proto::PJL plus modules
2014-01-16 15:57:38 -06:00
William Vu
9bf90b836b
Add environment variables support
2014-01-16 14:53:25 -06:00
William Vu
311704fc0a
Perform final cleanup
2014-01-15 13:49:37 -06:00
William Vu
7c52f9b496
Update description to use %q{}
2014-01-13 14:42:25 -06:00
jvazquez-r7
fe6d10ac5d
Land #2852 , @mandreko's scanner for OSVDB 101653
2014-01-13 14:07:07 -06:00
jvazquez-r7
8c3a71a2e7
Clean sercomm_backdoor scanner according to feedback
2014-01-13 13:53:47 -06:00
William Vu
d69b658de0
Land #2848 , @sho-luv's MS08-067 scanner
2014-01-09 14:39:25 -06:00
William Vu
fc616c4413
Clean up formatting
2014-01-09 14:16:31 -06:00
Matt Andreko
93668b3286
Code Review Feedback
...
Made it less verbose, converting to vprint_error
2014-01-09 14:53:33 -05:00
Matt Andreko
e21c97fd4d
Added missing metadata
...
Add credit where due
Add disclosure date and references
2014-01-09 14:33:54 -05:00
Matt Andreko
9456d26467
Added Scanner module for SerComm backdoor
2014-01-09 14:25:28 -05:00
William Vu
7fd4935263
Make the module output prettier
2014-01-09 01:03:01 -06:00
William Vu
27f079ad7c
Move {begin,end}_job from libs to modules
2014-01-09 01:03:01 -06:00
William Vu
131bfcaf41
Refactor away leftover get_rdymsg
2014-01-09 01:03:01 -06:00
William Vu
d3bbe5b5d0
Add filesystem commands and new PoC modules
...
This commit also refactors some of the code.
2014-01-09 01:03:01 -06:00
William Vu
af66310e3a
Address @jlee-r7's comments
2014-01-09 01:03:01 -06:00
William Vu
bab32d15f3
Address @wchen-r7's comments
2014-01-09 01:03:00 -06:00
William Vu
1c889beada
Add Rex::Proto::PJL and PoC modules
2014-01-09 01:03:00 -06:00
sho-luv
a8fcf13972
Added credits and clean initialize
...
Added wvu to creds as he did most of work. ;)
2014-01-08 21:16:09 -05:00
William Vu
8993c74083
Fix even moar outstanding issues
2014-01-08 19:38:54 -06:00
William Vu
1dd29d3b64
Fix moar outstanding issues
2014-01-08 18:11:18 -06:00
William Vu
945a2a296a
Fix outstanding issues
2014-01-08 17:09:41 -06:00
sho-luv
35ac9712ab
Added auxiliary check for MS08_067
...
I simply copied the check from ms08_0867_netapi.rb and put them in
a auxiliary check so I could scan for it. This was done because
Nmap's check is not safe and this is more stable.
2014-01-08 16:41:44 -05:00
jvazquez-r7
90158b9932
Land #2791 , @morisson's support to remote dns resolution on sap_router_portscanner
2014-01-02 12:19:50 -06:00
jvazquez-r7
f75782bc2f
Use RHOST, RPORT for the SAPROUTER options
2014-01-02 12:18:54 -06:00
Tod Beardsley
c34a5f3758
Unacronym the title on Poison Ivy C&C
2013-12-26 10:30:30 -06:00
Tod Beardsley
47765a1c4f
Fix chargen probe title, comment on the CVE
2013-12-26 10:29:11 -06:00
Tod Beardsley
056661e5dd
No at-signs in names please.
2013-12-26 10:26:01 -06:00
jvazquez-r7
b02e21a1d3
Land #2779 , @wchen-r7's mod to raise Msf::OptionValidateError when PORTS is invalid
2013-12-26 09:27:27 -06:00
rbsec
86a94022c0
Fix lotus_domino_hashes not working.
...
Some Lotus Domino servers prefix the "dspHTTPPassword" with a dollar
sign. Updated regex to take this into account.
2013-12-24 11:57:13 +00:00
sinn3r
213556761a
Land #2765 - Added Poison Ivy Command and Control Scanner
2013-12-23 17:36:18 -06:00
sinn3r
0a07bbdf2e
Minor changes
2013-12-23 17:35:42 -06:00
jvazquez-r7
88b3b2c78e
Switch RHOSTS to TARGETS and add validation
2013-12-23 11:58:26 -06:00
Bruno Morisson
94da642f5c
fixed typo: innacurated -> inaccurate
2013-12-21 20:36:43 +00:00
Bruno Morisson
c387a850ca
Fixed default value for RESOLVE (local)
2013-12-21 19:21:57 +00:00
Bruno Morisson
6ce0bab036
Cleanup, also split IP addresses separated by commas.
2013-12-21 00:15:00 +00:00
SeawolfRN
bf2dc97595
Merge branch 'poisonivyscanner' of github.com:SeawolfRN/metasploit-framework into poisonivyscanner
2013-12-20 18:46:35 +00:00
SeawolfRN
ae7a0159e7
Changed to Puts and get_once - also forgot the timeout...
2013-12-20 18:44:42 +00:00
jvazquez-r7
8be481f324
Land #2681 , @mcantoni and @todb-r7's support for chargen
2013-12-20 11:53:08 -06:00
jvazquez-r7
12efa99ce5
Fix udp_sweep
2013-12-20 11:47:48 -06:00
jvazquez-r7
2dc7ef4398
Fix udp_probe
2013-12-20 11:45:27 -06:00
Tod Beardsley
2f34f8458b
Downcase chargen service name
2013-12-20 10:41:53 -06:00
Tod Beardsley
35c847da94
Add chargen to udp_probe and udp_sweep
...
This simplifies the checks considerably for PR #2681 from @mcantoni
2013-12-20 10:32:15 -06:00
jvazquez-r7
eba164d2e3
Clean chargen_probe
2013-12-20 09:10:15 -06:00
Bruno Morisson
6ac0aad38b
Prevent report_* when RESOLVE is remote, since hostname may be unknown and local resolution fail, thus spitting out an error and failing
2013-12-19 23:37:13 +00:00
Bruno Morisson
c881ef5472
Unreachable and time out error identification
2013-12-19 22:59:56 +00:00
Matteo Cantoni
a199dc39af
used the recvfrom timeout
2013-12-19 20:56:11 +01:00
Bruno Morisson
773d4c5cd1
commented out response packet vprint
2013-12-19 18:35:11 +00:00
Bruno Morisson
ad8a156263
RHOSTS can be a comma separated list of hostnames
2013-12-19 18:33:32 +00:00
Bruno Morisson
564601e083
msftidy - fixed
2013-12-19 17:30:34 +00:00
Bruno Morisson
2480f023b1
Dropped scanner mixin. Tried to maintain usage
2013-12-19 17:15:44 +00:00
Bruno Morisson
21d959c58d
RESOLVE option takes either "remote" or "local"
2013-12-19 00:38:47 +00:00
Bruno Morisson
1778a08e98
Keeping changes away from the "ip" variable
2013-12-19 00:19:58 +00:00
Bruno Morisson
7ebcd5a8c9
Option to perform host resolution on remote saprouter
2013-12-18 23:53:58 +00:00
sinn3r
ee87f357b0
Raise Msf::OptionValidateError when the PORTS option is invalid
...
Instead of print_error for invalid ports, modules should be raising
Msf::OptionValidateError to warn the user about the invalid input.
2013-12-18 15:04:53 -06:00
sinn3r
4028dcede7
Add an input check for datastore option PORTS
...
If Rex::Socket.portspec_crack returns an empty array, we assume
there are no valid ports to test, so we raise an OptionValidateError
to warn the user about it.
2013-12-18 14:55:51 -06:00
jvazquez-r7
80eea97ccd
ChrisJohnRiley fix for sap_service_discovery
2013-12-17 13:31:56 -06:00
SeawolfRN
24bc10905e
Added Spaces and removed Interrupt
2013-12-16 22:12:35 +00:00
SeawolfRN
bf561fef95
Corrected Extraneous Whitespace\Newlines
2013-12-16 16:38:49 +00:00
SeawolfRN
79022c2e29
Probably should have checked it worked...
2013-12-16 11:33:08 +00:00
SeawolfRN
59003a9842
Updated Poison Ivy Scanner
2013-12-15 22:02:14 +00:00
SeawolfRN
226cd241bf
Added Poison Ivy Command and Control Scanner\n Auxiliary module to scan for Poison Ivy C&C on ports 80,8080,443 and 3460
2013-12-15 14:34:50 +00:00
Matteo Cantoni
999006e037
fixed some things, as suggested by jvazquez-r7
2013-12-14 19:41:31 +01:00
jvazquez-r7
c59b8fd7bc
Land #2741 , @russell TCP support for nfsmount
2013-12-09 09:46:34 -06:00
Russell Sim
291a52712e
Allow the NFS protocol to be specified in the mount scanner
2013-12-09 21:26:29 +11:00
sinn3r
230db6451b
Remove @peer for modules that use HttpClient
...
The HttpClient mixin has a peer() method, therefore these modules
should not have to make their own. Also new module writers won't
repeat the same old code again.
2013-12-03 12:58:16 -06:00
sinn3r
99dc9f9e7e
Fix msftidy warning
2013-12-03 00:09:51 -06:00
Jonathan Claudius
e37f7d3643
Use send_request_cgi instead of send_request_raw
2013-12-03 00:57:26 -05:00
Jonathan Claudius
14e600a431
Clean up res nil checking
2013-12-03 00:51:19 -05:00
Jonathan Claudius
b796095582
Use peer vs. rhost and rport for prints
2013-12-03 00:49:05 -05:00
Jonathan Claudius
0480e01830
Account for nil res value
2013-12-03 00:45:57 -05:00
Jonathan Claudius
c91d190d39
Add Cisco ASA ASDM Login
2013-12-03 00:16:04 -05:00
Tod Beardsley
55847ce074
Fixup for release
...
Notably, adds a description for the module landed in #2709 .
2013-12-02 16:19:05 -06:00
jvazquez-r7
8d6a534582
Change title
2013-12-02 08:54:37 -06:00
jvazquez-r7
24d09f2085
Land #2700 , @juushya's Oracle ILO Brute Forcer login
2013-12-02 08:53:10 -06:00
Karn Ganeshen
bc41120b75
Updated
2013-11-29 12:47:47 +05:30
Karn Ganeshen
1109a1d157
Updated
2013-11-28 11:30:02 +05:30
Matteo Cantoni
3111aee866
fix match and boolean expression
2013-11-26 21:42:09 +01:00
jvazquez-r7
cc60ca2e2a
Fix module title
2013-11-25 09:33:43 -06:00
jvazquez-r7
cc261d2c25
Land #2670 , @juushya's aux brute forcer mod for OpenMind
2013-11-25 09:29:41 -06:00
Karn Ganeshen
e157ff73d3
Oracle ILOM Login utility
2013-11-25 13:55:31 +05:30
Meatballs
dd9bb459bf
PSEXEC Refactor
...
Move peer into mixin
PSEXEC should use the psexec mixin
2013-11-24 16:24:05 +00:00
Matteo Cantoni
f3b907537c
Module to identifies open Chargen service
2013-11-23 17:17:24 +01:00
Karn Ganeshen
266de2d27f
Updated
2013-11-23 00:01:03 +03:00
Karn Ganeshen
b5011891a0
corrected rport syntax
2013-11-21 08:57:45 +03:00
Karn Ganeshen
9539972340
Module for OpenMind Message-OS portal login
2013-11-21 06:33:05 +03:00
William Vu
9f45121b23
Remove EOL spaces
2013-11-20 15:08:13 -06:00
Tod Beardsley
ded56f89c3
Fix caps in description
2013-11-18 16:15:50 -06:00
jvazquez-r7
f690667294
Land #2617 , @FireFart's mixin and login bruteforcer for TYPO3
2013-11-18 13:37:16 -06:00
jvazquez-r7
0391ae2bc0
Delete general reference
2013-11-18 13:19:09 -06:00
jvazquez-r7
1c4dabaf34
Beautify typo3_bruteforce module
2013-11-18 13:17:15 -06:00
sinn3r
b5fc0493a5
Land #2642 - Fix titles
2013-11-18 12:14:36 -06:00
jvazquez-r7
7d22312cd8
Fix redis communication
2013-11-15 19:36:18 -06:00
William Vu
2c485c509e
Fix caps on module titles (first pass)
2013-11-15 00:03:42 -06:00
sinn3r
970e70a853
Land #2626 - Add wordpress scanner
2013-11-12 11:30:23 -06:00
sinn3r
6a28f1f2a7
Change 4-space tabs to 2-space tabs
2013-11-12 11:29:28 -06:00
Tod Beardsley
2035983d3c
Fix a handful of msftidy warnings, and XXX SSL
...
Marked the SSL stuff as something that needs to be resolved in order to
fix a future bug in datastore manipulation. Also, fixed some whitespace
and exec complaints
[SeeRM #8498 ]
2013-11-11 21:23:35 -06:00
FireFart
48faa38c44
bugfix for wordpress_scanner
2013-11-11 00:24:32 +01:00
FireFart
b472c2b195
added a wordpress scanner
2013-11-10 23:08:59 +01:00
FireFart
bdd33d4daf
implement feedback from @jlee-r7
2013-11-07 23:07:58 +01:00
FireFart
cc3ee5f97b
typo3_bruteforce: update msf license
2013-11-07 22:53:28 +01:00
FireFart
e897c8379f
typo3_bruteforce: bugfix
2013-11-07 22:46:26 +01:00
FireFart
9d616dbfe9
added typo3 bruteforcer
2013-11-07 22:38:27 +01:00
HD Moore
09c31f7582
Small nitpicks to catch bad http responses
2013-11-06 15:06:04 -06:00
Tod Beardsley
91639dbb99
Trailing whitespace
2013-11-06 14:25:28 -06:00
Tod Beardsley
079816777a
I kin spel
2013-11-06 14:22:41 -06:00
HD Moore
6b43d94c72
Rename, change titles/descriptions, fix minor bugs
2013-11-06 13:45:40 -06:00
jvazquez-r7
b9caf091d4
Change supermicro_ipmi_traversal location
2013-11-06 12:47:50 -06:00
jvazquez-r7
c132a60973
Move Supermicro web interface name to a constant
2013-11-06 12:47:50 -06:00
jvazquez-r7
0609c5b290
Move private key to a constant
2013-11-06 12:47:50 -06:00
jvazquez-r7
275fd5e2ba
Sort options by name
2013-11-06 12:47:50 -06:00
jvazquez-r7
9f87fb33a7
Move digest calculation to a variable
2013-11-06 12:47:50 -06:00
Tod Beardsley
46f0998903
Add URL refs
2013-11-06 12:47:50 -06:00
Tod Beardsley
a973862c74
Add new modules
2013-11-06 12:47:50 -06:00
William Vu
f5d1d8eace
chmod -x .rb files without #! in modules and lib
...
It wasn't just cmdstager_printf.rb. :/
2013-10-30 19:51:25 -05:00
Tod Beardsley
9045eb06b0
Various title and description updates
2013-10-28 14:00:19 -05:00
William Vu
1fee3ce952
Land #2584 , reporting for energizer_duo_detect
2013-10-28 10:48:20 -05:00
jvazquez-r7
efcfc9eef7
Land #2273 , @kaospunk's enum domain feature for owa_login
2013-10-28 09:47:54 -05:00
jvazquez-r7
71a1ccf771
Clean owa_login enum_domain feature
2013-10-28 09:46:41 -05:00
jvazquez-r7
e0aec13ce1
[FixRM #4397 ] Add reporting for energizer_duo_detect
2013-10-25 16:51:44 -05:00
sinn3r
7d788fbf76
Land #2571 - HP Intelligent Management SOM FileDownloadServlet Arbitrary Download
2013-10-24 14:15:26 -05:00
jvazquez-r7
ea80c15c3b
Land #2383 , @jamcut's aux module for jenkins enum
2013-10-24 11:31:36 -05:00
jvazquez-r7
8428671f32
Land #2455 , @juushya's aux module for radware
2013-10-24 10:54:02 -05:00
jvazquez-r7
1673b66cbe
Delete some white lines
2013-10-24 10:50:14 -05:00
jvazquez-r7
b589e9aa6e
Use the peer method
2013-10-24 10:45:02 -05:00
jvazquez-r7
255cd18868
Use peer helper
2013-10-23 16:08:40 -05:00
jvazquez-r7
55e3f36589
Add module for ZDI-13-242
2013-10-23 11:24:29 -05:00
jvazquez-r7
a4dd53f650
Chane module filename
2013-10-22 11:16:14 -05:00
jvazquez-r7
cdd183f43a
Add reporting
2013-10-22 11:15:16 -05:00
jvazquez-r7
0d73275c3f
Delete not necessary check
2013-10-22 10:39:54 -05:00
jvazquez-r7
c50e7c73b6
Make parsing easier
2013-10-22 10:30:03 -05:00
jvazquez-r7
0cc7be0138
Use snake_case
2013-10-22 10:04:32 -05:00
jvazquez-r7
e4a340b7f1
Fix small issues
2013-10-22 10:02:32 -05:00
jvazquez-r7
a425e2be78
Fix typo
2013-10-22 09:28:43 -05:00
jvazquez-r7
111c12ef0d
Do cosmetic changes
2013-10-22 09:28:15 -05:00
jvazquez-r7
f46cdb8970
Add the correct plate
2013-10-22 09:27:37 -05:00
jvazquez-r7
de0d09886c
Retab changes for PR #2383
2013-10-22 09:26:44 -05:00
jvazquez-r7
0214501891
Merge for retab
2013-10-22 09:22:10 -05:00
jvazquez-r7
5613cfb249
Retab changes for PR #2455
2013-10-21 15:57:23 -05:00
jvazquez-r7
39d38e598d
Merge for retab
2013-10-21 15:55:48 -05:00
William Vu
2aed8a3aea
Update modules to use new ZDI reference
2013-10-21 15:13:46 -05:00
jamcut
58a43e87dd
Added fixes suggested by jlee-r7
...
additional code clean up
2013-10-21 14:18:12 -04:00
sinn3r
032da9be10
Land #2426 - make use of Msf::Config.data_directory
2013-10-21 13:07:33 -05:00
Karn Ganeshen
09c9cba3d5
Updated code
2013-10-21 19:29:05 +05:30
jvazquez-r7
183116c81f
Make module work, and final cleanup
2013-10-20 18:39:41 -05:00
jvazquez-r7
aa6a24da1b
Add module template
2013-10-19 00:27:57 -05:00
Tod Beardsley
ba2c52c5de
Fixed up some more weird splat formatting.
2013-10-16 16:25:48 -05:00
Karn Ganeshen
cc42fbc59e
Added ext .rb
...
... ext .rb why you no save.
2013-10-17 01:40:05 +05:30
Karn Ganeshen
f3d4229ed4
Updated code
...
msftidy compliant now. Have run it thru retab.rb, hence the indent like this.
2013-10-17 01:36:26 +05:30
Tod Beardsley
ed0b84b7f7
Another round of re-splatting.
2013-10-15 14:14:15 -05:00
Tod Beardsley
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
Tod Beardsley
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
Tod Beardsley
d0b1479d5b
Use the real timeout option for DCERPC
2013-10-14 17:41:51 -05:00
Tod Beardsley
e8d0292118
Use read_response class method
...
Looks like this was never implemented in other modules, but it collects
data from the socket in the usual get_once sort of way.
2013-10-14 17:24:22 -05:00
Tod Beardsley
14be85ea5d
Land #2511 , fix up NoMethodError and hanging connx
2013-10-14 16:30:19 -05:00
Meatballs
a3af5d681b
Ensure TCP connection is closed
2013-10-14 21:53:22 +01:00
Tod Beardsley
63e40f9fba
Release time fixes to modules
...
* Period at the end of a description.
* Methods shouldn't be meth_name! unless the method is destructive.
* "Setup" is a noun, "set up" is a verb.
* Use the clunky post module naming convention.
2013-10-14 15:17:39 -05:00
kaospunk
4b4804538f
Fixes issues based on feedback
...
This commit addresses comments made by @jvazquez-r7.
2013-10-14 16:02:29 -04:00
sinn3r
2a1ade2541
Add disclosure date and some explanation about it
2013-10-13 19:29:51 -05:00
jvazquez-r7
e2c5e6c19f
Fix email format
2013-10-13 18:28:35 -05:00
jvazquez-r7
008f787627
Add module for the dlink user-agent backdoor
2013-10-13 14:42:45 -05:00
Meatballs
988ac68074
Dont define the NDR syntax
2013-10-12 19:56:52 +01:00
Meatballs
765b55182e
Randomize client variables
...
Also tidyup indents and use predefined UUID syntax.
2013-10-12 19:52:15 +01:00
Meatballs
cad717a186
Use NDR 32bit syntax.
...
Compatible with both x86 and x64 systems.
Tidy up the module...
2013-10-12 18:52:45 +01:00
Tod Beardsley
876d4e0aa8
Land #1420 , WDS scanner
2013-10-11 16:53:25 -05:00
Tod Beardsley
a1cf9619d9
Be clear this is 64-bit only in the desc.
2013-10-11 16:52:50 -05:00
Tod Beardsley
181606e7cc
Single byte description update. Adds a period.
2013-10-11 15:04:25 -05:00
jvazquez-r7
63349e4664
Add OSVDB and BID references
2013-10-11 09:14:59 -05:00
Bruno Morisson
b26085457f
Trying to prevent @jvazquez-r7 from crying when reading my code:
...
- Documented fields in the several tables;
- Fixed the "remote" field location on the fs_table (changed due to REXML parsing);
- Fixed Total Memory field on os_table (bug?);
2013-10-11 11:29:27 +01:00
Meatballs
9ca9b4ab29
Merge branch 'master' into data_dir
...
Conflicts:
lib/msf/core/auxiliary/jtr.rb
2013-10-10 19:55:26 +01:00
jvazquez-r7
09f0db7fdf
Switch to rexml parsing, add some comments and cleanup
2013-10-10 13:19:10 -05:00
jvazquez-r7
9516bc5cf7
Retab changes for PR #2142
2013-10-10 11:02:51 -05:00
jvazquez-r7
cdc7b75a78
Merge for retab
2013-10-10 11:02:16 -05:00
Bruno Morisson
c264480651
Code cleanup, tried to implement suggestions from @jvazquez-r7. Hopefully is much more readable.
2013-10-10 11:58:33 +01:00
James Lee
813013fef5
Make defaults sane for the lockoutable smb_login
...
See #2376
2013-10-04 15:53:16 -05:00
jvazquez-r7
db11e88255
Land #2321 , @juushya's aux module for Sentry CDU enumeration
2013-10-04 08:35:54 -05:00
Karn Ganeshen
37e1e6533c
changed default options
...
Updated these default options to false:
'DB_ALL_CREDS' => false
'BLANK_PASSWORDS' => false
2013-10-04 02:48:42 +05:30
Karn Ganeshen
8aac3922f3
add radware_appdirector_enum
...
This module scans for Radware AppDirector's web login portal, and performs login brute force to identify valid credentials.
- mstidy.tb & retab.rb run done
- stop_on_success is set to true. Important, otherwise the app starts dropping bf source.
- slowing down brute force speed seems to work though, but can take a long time if more creds to check &| more targets
- better to run bf with 2-3 creds against range, & then come back with more creds if needed
2013-10-03 20:15:52 +05:30
Tabassassin
773abf0567
Pow, tab assassinated.
2013-10-02 17:16:38 -05:00
Meatballs
c460f943f7
Merge branch 'master' into data_dir
...
Conflicts:
modules/exploits/windows/local/always_install_elevated.rb
plugins/sounds.rb
scripts/meterpreter/powerdump.rb
scripts/shell/spawn_meterpreter.rb
2013-10-02 20:17:11 +01:00
sinn3r
7118f7dc4c
Land #2422 - rm methods peer & rport
...
Because they're already defined in the HttpClient mixin
2013-09-30 16:01:59 -05:00
Tod Beardsley
9ada96ac51
Fix sqlmap accidental codepoint
...
See http://www.ruby-doc.org/core-1.9.3/String.html#method-i-3C-3C
Apparently, String#<< uses Integer#chr, not Integer#to_s. News to me.
Fixed originally by @TsCl in PR #2435 , but fixing seperately in order to
avoid screwing up his downstream tracking. Note, this isn't a merge, so
using Closes tag on the commit message.
[Closes #2435 ]
2013-09-30 11:23:17 -05:00
Meatballs
7ba846ca24
Find and replace
2013-09-26 20:34:48 +01:00
Tod Beardsley
8696b5d2dc
Fix bug on missing hosts for SunRPC Portmap
...
Also cleans up and normalizes the print messages to follow the
conventions of "host:port - proto - message"
[FixRM #8409 ], reported by Chris F.
2013-09-26 09:42:38 -05:00
FireFart
09fa7b7692
remove rport methods since it is already defined in Msf::Exploit::Remote::HttpClient
2013-09-25 23:50:34 +02:00
FireFart
84ec2cbf11
remove peer methods since it is already defined in Msf::Exploit::Remote::HttpClient
2013-09-25 23:42:44 +02:00
jvazquez-r7
58d4096e0f
Resolv conflicts on #2267
2013-09-25 13:06:14 -05:00
FireFart
34b829abef
bugfix
2013-09-25 09:15:07 +02:00
FireFart
aeb663a5d4
fix output
2013-09-24 10:48:38 +02:00
FireFart
dc8f94bac1
Added wordpress version detection
2013-09-24 08:59:56 +02:00
jamcut
dff26ac9ff
Used default timeout
...
forgot an additional default timeout in my previous commit
2013-09-17 11:28:46 -04:00
jamcut
4aeb754112
Minor Changes
...
changed print calls to print_line
removed trailing \n's
used default timeout for send_request_cgi
2013-09-17 11:20:45 -04:00
jamcut
ea367d218c
dded Jenkins vulnerability scanner
2013-09-17 10:47:59 -04:00
Tod Beardsley
b4b7cecaf4
Various minor desc fixes, also killed some tabs.
2013-09-16 15:50:00 -05:00
jvazquez-r7
299860b09d
Land #2329 , @kaospunk auxiliary module to enumerate ntlm info
2013-09-16 08:16:30 -05:00
jvazquez-r7
4040fe4b6b
Fix style
2013-09-16 08:15:46 -05:00
sinn3r
149312a4c0
Correct wordpress_login_enum for #2301
...
tabassassin created a mess and I failed to resolve it properly.
Attempt #2 . See #2301 .
2013-09-12 14:56:46 -05:00
sinn3r
91b8ca8f22
Merge branch 'pr2301' into upstream-master
...
Conflicts:
modules/auxiliary/scanner/http/wordpress_login_enum.rb
2013-09-12 14:52:34 -05:00
James Lee
f73c18ccd9
Store the Array, not human-readable version
...
[SeeRM #8389 ]
2013-09-09 16:44:47 -05:00
jvazquez-r7
94cc3f0e49
Retab changes
2013-09-06 09:51:14 -05:00
jvazquez-r7
73a66819ea
Merge for retab
2013-09-06 09:50:37 -05:00
jvazquez-r7
7ce9d38eba
Fix module
2013-09-06 09:49:52 -05:00
Tab Assassin
8bc83f4922
Retab changes for PR #1420
2013-09-05 16:21:26 -05:00
Tab Assassin
d6a7ce5328
Merge for retab
2013-09-05 16:21:13 -05:00
Tab Assassin
f5a4c05dbc
Retab changes for PR #2267
2013-09-05 14:11:03 -05:00
Tab Assassin
4703a10b64
Merge for retab
2013-09-05 14:10:58 -05:00
Tab Assassin
015ac6d92c
Retab changes for PR #2273
2013-09-05 14:09:44 -05:00