Commit Graph

915 Commits (6e86ac6e1b223755360f9a3a89b6bda4d1eec555)

Author SHA1 Message Date
William Vu a40e7164d8 Refactor QNAP module for traditional creds 2017-06-12 14:41:58 -05:00
William Vu e22334343e Use store_valid_credential in my modules
I used report_note because using the creds API was a pain in the ass.
2017-06-08 00:57:51 -05:00
darkbushido 81bcf2ca70 updating all LHOST to use the new opt type 2017-05-04 12:57:50 -05:00
William Vu 64452de06d Fix msf/core and self.class msftidy warnings
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
Carter 4bdbdc0e00 Fix response parsing 2017-03-29 18:21:12 -05:00
Carter 82ebbfb9a7 Fix msftidy warnings 2017-03-24 23:12:48 -04:00
Carter 3e2173d4f9 Add key length check and remove mixin
Also add a reference to the original honeyscore website
2017-03-24 22:33:09 -04:00
Carter 581d523d5b Fix things from review 2017-03-24 21:22:23 -04:00
Carter 8dd0f953b0 remove unnecessary require 2017-03-22 19:48:24 -04:00
Carter 420df11c44 Change up the way shodan is reached 2017-03-22 19:39:45 -04:00
Carter fa61d67761 Fix score comparison 2017-03-21 19:17:20 -04:00
Carter fef8ec10bc Fix author formatting 2017-03-21 13:23:41 -04:00
Carter d7640713df Add more checks and formatting 2017-03-21 13:23:06 -04:00
Carter 1f68a3bda6 Rename honeypot.rb to shodan_honeyscore.rb 2017-03-21 13:10:31 -04:00
Carter 79c7b84f08 Create honeypot.rb 2017-03-21 11:15:12 -04:00
William Vu 0a71e4a903 Update check with Exploit::CheckCode::Appears 2017-03-15 05:13:30 -05:00
William Vu 86d2217f4d Fix whitespace and clarify options 2017-03-15 04:27:30 -05:00
William Vu a0bff5c8c3 Bump RETRIES to 10
3 was a bit too low. I was using 10 and had more success with it.
2017-03-15 03:18:09 -05:00
William Vu 9f76b4d99c Change default RPORT to 443 with SSL
I never really tested port 80, so I wonder why I didn't change this.
Turns out 80 isn't even the vuln service. Welp. Hat tip @bcoles.
2017-03-12 21:03:31 -05:00
William Vu e7c920db44 Remove DEBEUG/print_debeug :( 2017-03-12 21:01:48 -05:00
William Vu d57b772ac9 Bump default RETRIES to 3 2017-03-12 21:00:38 -05:00
William Vu 634753f985 Add QNAP admin hash "disclosure" 2017-02-24 19:18:30 -06:00
aushack 3b386f86f6 Typo fix. 2017-02-14 17:05:46 +11:00
Carter e7b421e226 Update netgear_password_disclosure.rb 2017-02-08 13:40:11 -05:00
Carter fd935c8e3c Update netgear_password_disclosure.rb 2017-02-08 09:14:39 -05:00
Carter 2dfff95669 Fix msftidy warning 2017-02-08 08:28:23 -05:00
Carter c16b7e42a6 Fix review stuff 2017-02-07 21:41:38 -05:00
Carter 46fbc9dd3f Fix some formatting 2017-02-07 21:32:19 -05:00
Carter f4580a2616 Add token value check
Sometimes it wouldn't return creds if the token is 0. It usually works after running it another time.
2017-02-07 10:53:25 -05:00
Carter c1f9b724cf Maybe fix syntax error 2017-02-07 10:36:05 -05:00
Carter 00050abb73 Fix msftidy warnings 2017-02-06 22:06:50 -05:00
Carter 1f2a95c202 Use html parser instead of regex 2017-02-06 22:03:56 -05:00
Carter 115c60446e Fix weird if loop in check 2017-02-06 17:30:49 -05:00
Carter 6ebdbc3f81 Fix some stuff from review
I'm going to change the HTML Regex to a parser a bit later, I don't have time right now
2017-02-06 17:29:39 -05:00
Carter 9b4ca31432 Fix typo 2017-02-06 12:52:41 -05:00
Carter 52cf9c44df Update netgear_password_disclosure.rb 2017-02-06 12:43:31 -05:00
Carter 16c6480629 Add response checks
I can't test this right now as I'm not at a computer that has metasploit installed, but I'll test it when I get a chance to.
2017-02-06 12:10:01 -05:00
Carter f5450a718a Add TARGETURI datastore option 2017-02-06 11:54:29 -05:00
Carter 99227aca1a Fix things from review 2017-02-06 09:44:35 -05:00
Carter fb7e5ff847 Fix more msftidy warnings 2017-02-05 14:00:05 -05:00
Carter f08590982c Fix some msftidy warnings 2017-02-05 13:58:01 -05:00
Carter 609ea3700a Create netgear_password_disclosure.rb 2017-02-05 13:39:58 -05:00
wchen-r7 fd6a58a348 URI decode users 2017-01-26 18:30:17 -06:00
wchen-r7 e47f38b3c9 Look at the right link to extract users 2017-01-26 18:20:06 -06:00
wchen-r7 ba50f2f88b Fix nil for empty pass 2017-01-26 17:51:20 -06:00
wchen-r7 55b9c15d68 Pass should not be forced 2017-01-26 17:48:41 -06:00
wchen-r7 4ee0a380d1 Update module description 2017-01-26 16:35:15 -06:00
wchen-r7 72b654c9b1 Update description 2017-01-26 14:58:02 -06:00
wchen-r7 94bc44b485 Add Advantech WebAccess Post Auth Credential Collector 2017-01-26 14:53:59 -06:00
Brent Cook 836da6177f Cipher::Cipher is deprecated 2017-01-22 10:20:03 -06:00