fdb954fdfb
Report credentials
2014-02-05 14:37:33 -06:00
631559a2e8
Add module for Kloco SQLi
2014-02-05 14:18:56 -06:00
14aa8ffd5c
Apply blockapi changes to bind_tcp and bind_tcp_rc4
2014-02-04 17:45:18 -06:00
553616b6cc
Add URL for browser exploit.
2014-02-04 17:04:06 -06:00
3a6626761b
Land #2945 , obsolete old modules
...
Obsoletes:
modules/auxiliary/admin/scada/igss_exec_17.rb
modules/exploits/windows/http/sap_mgmt_con_osexec_payload.rb
modules/post/windows/gather/resolve_hosts.rb
modules/post/windows/manage/persistence.rb
2014-02-04 15:11:25 -06:00
bda93c2bbc
Land #2811 - Add generate_war to jsp_shell payloads
2014-02-04 15:06:45 -06:00
89e1bcc0ca
Deprecate modules with date 2013-something
...
These modules had an expiration date of 2013.
2014-02-04 14:49:18 -06:00
80e7ae144b
Use the platform when selecting the payload
2014-02-04 14:34:11 -06:00
23fc73924e
Msftidy it up.
2014-02-04 14:24:36 -06:00
20b8062220
Apply blockapi changes to reverse_tcp_rc4
2014-02-04 12:30:56 -06:00
c70680cf1c
Fix infinite-retry bug
...
Derp, block_api clobbers ecx
2014-02-04 11:59:16 -06:00
a58698c177
Land #2922 , multithreaded check command
2014-02-04 11:21:05 -06:00
9c3664bd45
Unify reverse_http and reverse_https
...
This will make copy-pasta less painful in the future. There's still the
problem of reverse_https_proxy being very similar, but the logic in how
it gets generated in the module is more than i want to tackle right now
2014-02-04 09:09:12 -06:00
cccf2e4258
Land #2926 , @xistence A10 Networks Loadbalancer dir traversal module
2014-02-04 07:28:51 -06:00
cc09367c62
Change the datastore name option
2014-02-04 07:28:14 -06:00
700e09f386
Wording tweak.
2014-02-04 02:55:10 -06:00
bbabd72b0e
Whitespace tweaks.
2014-02-04 02:52:52 -06:00
eb6a5a4c19
Tweak checks.
2014-02-04 02:49:44 -06:00
4923a93974
Tweak description.
2014-02-04 02:47:49 -06:00
37479884a5
Add browserautopwn support.
2014-02-04 02:32:12 -06:00
eba3a5aab0
More accurate description.
2014-02-04 01:44:39 -06:00
177bd35552
Add webview HTTP exploit.
2014-02-04 01:37:09 -06:00
f163bc7f7a
Unbreak reverse_https_proxy
...
Broken by #2448 , 063da8a22e
2014-02-03 15:07:59 -06:00
7e2a9a7072
More desc fixes, add a vprint to give a hint
2014-02-03 13:18:52 -06:00
d34020115a
Fix up on apache descs and print_* methods
2014-02-03 13:13:57 -06:00
ffd90a3d38
Add confirmation datastore option
2014-02-03 12:40:58 -06:00
9953821451
Fix desc on Drupal module, some peer prints
2014-02-03 12:16:06 -06:00
08493f2670
Merge remote-tracking branch 'upstream/master' into upgrade_psh
...
Conflicts:
lib/msf/core/post/file.rb
2014-02-03 18:02:09 +00:00
be0b9fc2f8
Use the new block_api in windows/reverse_tcp
2014-02-03 11:34:52 -06:00
bfc0ac4dd4
Golf a few bytes off of reverse_http(s)
2014-02-03 11:33:55 -06:00
9b9b2fab58
Add DoliWamp 'jqueryFileTree.php' Traversal Gather Credentials module
2014-02-04 02:00:11 +10:30
a92256e8d1
Clean a10networks_ax_directory_traversal
2014-02-03 08:41:23 -06:00
50f860757b
Changes made to pandora_fms_exec module as requested
2014-02-03 14:10:27 +07:00
e54abb4274
Add support for shell session type
2014-02-02 23:37:56 -06:00
ae84e354e8
Be consistent with get_smartermail_creds method's return value
2014-02-02 22:06:14 -06:00
662fbf53b6
Update check_smartermail method
...
Instead of using exception handling to determine the right path,
the new method simply uses the file? method. It's also renamed as
"get_mail_config_path" to properly describe its functionality.
2014-02-02 22:01:38 -06:00
2b2194cee8
Modify prints
2014-02-02 21:58:10 -06:00
95eb758642
Initial commit
2014-02-02 19:04:38 +00:00
62dca111f8
Conform to style
2014-02-02 08:07:18 +10:30
e30195348e
Add Windows Gather SmarterMail Password Extraction post module
2014-02-02 05:51:21 +10:30
a5bff638c5
Remove EOL spaces
2014-01-31 15:01:03 -06:00
5a883a4477
updated
2014-01-31 21:59:26 +01:00
b67ac39a33
Land #2921 - Apache Struts Developer Mode OGNL Execution
2014-01-31 12:06:58 -06:00
60ead5de43
Explain why we flag the vuln as "Appears" instead of vulnerable
2014-01-31 12:05:58 -06:00
2fca2da9f7
Add an vprint message on check
2014-01-31 11:57:20 -06:00
356692f2f5
Land #2923 , @rangercha tomcat deploy module compatible with tomcat8
2014-01-31 10:53:53 -06:00
53c2a737e9
Don't register rport again
2014-01-31 09:42:41 -06:00
452042e757
Land #2925 , @xistence aux module for Support Center Plus traversal
2014-01-31 09:38:01 -06:00
e9f04d9203
Do final cleanup for Support Center Plus module
2014-01-31 09:37:40 -06:00
a010748056
Land #2924 , @xistence's exploit for CVE-2014-1683
2014-01-31 09:20:10 -06:00
710902dc56
Move file location
2014-01-31 09:18:59 -06:00
810605f0b7
Do final cleanup for the skybluecanvas exploit
2014-01-31 09:17:51 -06:00
32c5d77ebd
Land #2918 , @wvu's fix for long argument lists
2014-01-31 08:49:22 -06:00
f6291eb9a8
updated
2014-01-31 14:33:18 +01:00
e81a0ed22b
Changes as requested for SupportCenterPlus module
2014-01-31 13:28:45 +07:00
ffd8f7eee0
Changes as requested in SkyBlue Canvas RCE module
2014-01-31 12:52:48 +07:00
93db1c59af
Do small fixes
2014-01-30 17:16:43 -06:00
9daacf8fb1
Clean exploit method
2014-01-30 16:58:17 -06:00
4458dc80a5
Clean the find_csrf mehtod
2014-01-30 16:39:19 -06:00
697a86aad7
Organize a little bit the code
2014-01-30 16:29:45 -06:00
50317d44d3
Do more easy clean
2014-01-30 16:23:17 -06:00
1a9e6dfb2a
Allow check to detect platform and arch
2014-01-30 15:17:20 -06:00
b2273dce2e
Delete Automatic target
...
It isn't usefull at all, when auto targeting is done, the payload (java platform and arch)
has been already selected.
2014-01-30 15:04:08 -06:00
cebbe71dba
Do easy cleanup of exploit
2014-01-30 14:42:02 -06:00
c336133a8e
Do a first clean related to auto_target
2014-01-30 14:27:20 -06:00
57b8b49744
Clean query_manager
2014-01-30 14:20:02 -06:00
148e51a28b
Clean metadata and use TARGETURI
2014-01-30 14:03:52 -06:00
56287e308d
Clean up unused variables
2014-01-30 11:20:21 -06:00
e7ab77c736
added module for Oracle Forms and Reports
2014-01-30 14:45:17 +01:00
9a929e75e4
Added Pandora FMS RCE
2014-01-29 12:46:23 +07:00
c8296298b3
added A10Networks AX loadbalancer Dir Traversal Auxiliary Module
2014-01-28 16:37:25 +07:00
32d7f15a5c
added ManageEngine Support Center Plus directory traversal auxiliary module
2014-01-28 15:45:23 +07:00
bac6e2a3e1
added SkyBlueCanvas CMS 1.1 r248-03 RCE
2014-01-28 11:06:25 +07:00
f766a74150
Land #2920 , @wvu-r7's author metadata update for printer aux modules
2014-01-27 13:02:31 -06:00
d19e9307c6
Fix missing colon in :caller_host symbol
...
Good catch, @jvazquez-r7!
2014-01-27 12:43:59 -06:00
0dbaeb6742
Add Matteo's email
2014-01-27 08:40:44 -06:00
f086655075
Land #2913 , @bcoles Exploit for Simple E-Document
2014-01-27 08:09:45 -06:00
861126fdbd
Clean exploit code
2014-01-27 08:09:18 -06:00
a49473181c
Added new module. Abuses tomcat manager upload page. Tested on tomcat 5.5.36, 6.0.37, 7.0.50, 8.0.0rc10
2014-01-27 09:04:59 -05:00
f471f50092
ms08_067_check.rb is deprecated.
...
[SeeRM #8755 ]
2014-01-26 12:22:13 -06:00
8fe74629fe
Allow send_request_cgi to take care of the uri encoding
2014-01-26 00:06:41 -06:00
37adf1251c
Delete privileged flag because is configuration dependant
2014-01-25 18:25:31 -06:00
038cb7a981
Add module for CVE-2012-0394
2014-01-25 18:17:01 -06:00
52371be52a
Clarify why contributors are listed as authors
...
Also adding @mcantoni to the list of authors. Sorry we missed you!
Dear contributors,
Even though we weren't able to use your code, we absolutely appreciate
that you wrote it. That's why we're listing you as authors. Thanks!!!
https://dev.metasploit.com/redmine/issues/6034
https://dev.metasploit.com/redmine/issues/5217
https://dev.metasploit.com/redmine/issues/6864
2014-01-25 18:02:17 -06:00
cc4dea7d49
Was playing with ms08_067 check and realized I forgot this print
2014-01-25 16:15:52 -06:00
eaeb2af97f
Use opts hash for h323_version
...
https://dev.metasploit.com/redmine/issues/8498
2014-01-24 20:32:37 -06:00
7c5229e2eb
Use opts hash for glassfish_deployer
...
https://dev.metasploit.com/redmine/issues/8498
2014-01-24 20:17:02 -06:00
47b9bfaffc
Use opts hash for adobe_pdf_embedded_exe
...
https://dev.metasploit.com/redmine/issues/8498
2014-01-24 20:16:53 -06:00
a7fa4e312b
This module fails to load due to the missing end
2014-01-24 17:56:47 -06:00
9db295769d
Land #2905 , @wchen-r7's update of exploit checks
2014-01-24 16:49:33 -06:00
f7ecae3f75
Land #2909 - Drupal OpenID External Entity Injection
2014-01-24 15:03:07 -06:00
c8e2301111
Be more informative about why CheckCode::Unknown
...
This is just kind of personal preference here. In case users wonder
why Unknown.
2014-01-24 15:01:52 -06:00
cdc425e4eb
Update some checks
2014-01-24 12:08:23 -06:00
82bf02910d
Land #2911 , correct author name for PJL credit
2014-01-24 11:00:12 -06:00
fdaa172cc5
Land #2896 , @wchen-r7's check's normalization for auxiliary modules
2014-01-24 08:53:53 -06:00
e8b591ef54
Delete registering of check on bailiwicked modules
2014-01-24 08:47:04 -06:00
32d6032893
Add Simple E-Document Arbitrary File Upload module
2014-01-24 19:19:25 +10:30
9ba72ffc71
Remove check support
...
Actually, you can't support check because in check mode the module
doesn't know the IP
2014-01-23 21:30:11 -06:00
dc52d00be6
Modify vmware_http_login to work with check
2014-01-23 21:27:36 -06:00
cf17bf2e72
Small fix
2014-01-23 19:34:50 -06:00
43de7eb74f
Use REXML
2014-01-23 19:32:42 -06:00
a67068f019
Correct author name
...
Was using the name quoted in Redmine. Technically, the author is Myo Soe
of the YGN Ethical Hacker Group (YEHG).
2014-01-23 19:09:20 -06:00
5a59e3d4e4
Fix typo
2014-01-23 18:53:58 -06:00
f529eb1d4b
Clean code
2014-01-23 18:51:24 -06:00
8e17d38c77
Add check method
2014-01-23 18:30:18 -06:00
09b70d1574
Remove max search
2014-01-24 00:27:46 +00:00
0a15e07473
Merge remote-tracking branch 'upstream/master' into service_principle_name
2014-01-24 00:26:52 +00:00
5880f7ebf2
Remove max search
2014-01-24 00:25:03 +00:00
f6054e6581
Merge remote-tracking branch 'upstream/master' into enum_ad_users
2014-01-24 00:24:31 +00:00
b0deb45fad
Add Drupal advisory as reference
2014-01-23 18:10:57 -06:00
6d0d7eda10
Delete garbage comment
2014-01-23 18:09:05 -06:00
72b72effa6
Add module for CVE-2012-4554
2014-01-23 18:04:31 -06:00
982795ee5d
Merge pull request #32 from todb-r7/saner-ifs-pr1473
...
Clean up the if.nils?
2014-01-23 15:50:25 -08:00
790e4d7559
Move options to mixin
2014-01-23 23:47:46 +00:00
e066d86d41
Clean up the if.nils?
2014-01-23 17:36:10 -06:00
7faa41dac0
Change Unknown to Safe because it's just a banner check
2014-01-23 15:36:19 -06:00
81a3b2934e
Fix prints
2014-01-23 15:33:24 -06:00
f5a935a186
Support check for bailiwicked_host
2014-01-23 15:31:37 -06:00
8d411d2037
Fix bailiwicked_domain to allow support of check()
2014-01-23 15:29:40 -06:00
c403c521b3
Change check code
2014-01-23 11:03:40 -06:00
0a10c1297c
Address nil
2014-01-23 11:00:28 -06:00
333229ea7e
Throw Unknown if connection times out
2014-01-23 10:54:45 -06:00
6e8b6732c2
Merge remote-tracking branch 'upstream/master' into service_principle_name
2014-01-22 21:50:10 +00:00
c109a32165
Merge remote-tracking branch 'upstream/master' into enum_ad_users
2014-01-22 21:48:34 +00:00
7f560a4b41
Oops, I broke this module
2014-01-22 11:23:18 -06:00
c83053ba9b
Progress
2014-01-22 11:20:10 -06:00
62729dd9ab
Merge remote-tracking branch 'upstream/master' into enum_ad_perf
2014-01-22 10:06:54 +00:00
c190a1b630
Fix field order
2014-01-22 09:29:18 +00:00
646f7835a3
Saving progress
2014-01-21 17:14:55 -06:00
f5809423a3
Let's spell right in my spellcheck PR
...
Updates #2900
2014-01-21 15:57:59 -06:00
720f892e2f
Merge remote-tracking branch 'upstream/master' into enum_ad_perf
2014-01-21 21:00:51 +00:00
f571d63088
Merge remote-tracking branch 'upstream/master' into enum_ad_users
2014-01-21 21:00:09 +00:00
eee716a6b3
Grab comments and descriptions ftw
2014-01-21 20:59:31 +00:00
85396b7af2
Saving progress
...
Progress group 4: Making sure these checks comply with the new
guidelines. Please read: "How to write a check() method" found in
the wiki.
2014-01-21 14:10:35 -06:00
b3b51eb48c
Pre-release fixup
...
* Updated descriptions to be a little more descriptive.
* Updated store_loot calls to inform the user where the
loot is stored.
* Removed newlines in print_* statments -- these will screw
up Scanner output when dealing with multiple hosts.
Of the fixed newlines, I haven't see any output, so I'm not sure what
the actual message is going to look like -- I expect it's a whole bunch
of newlines in there so it'll be kinda ugly as is (not a blocker for
this but should clean up eventually)
2014-01-21 13:29:08 -06:00
689999c8b8
Saving progress
...
Progress group 3: Making sure these checks comply with the new
guidelines. Please read: "How to write a check() method" found in
the wiki.
2014-01-21 13:03:36 -06:00
cd989e5dc0
Initial commit
2014-01-21 17:08:31 +00:00
fe767f3f64
Saving progress
...
Progress group 2: Making sure these checks comply with the new
guidelines. Please read: "How to write a check() method" found in
the wiki.
2014-01-21 11:07:03 -06:00
6cd4c66d85
Merge remote-tracking branch 'oj/updated_meterpreter_binaries' into service_principle_name
2014-01-21 15:47:04 +00:00
7cc3c47349
Land #2891 - HP Data Protector Backup Client Service Directory Traversal
2014-01-20 20:08:01 -06:00
e5dc6a9911
Update exploit checks
...
Progress group 1: Making sure these checks comply with the new
guidelines. Please read: "How to write a check() method" found in
the wiki.
2014-01-20 14:26:10 -06:00
5025736d87
Fix check for modicon_password_recovery
2014-01-19 17:20:20 -06:00
a239e14084
Fix nodejs_popelining check
2014-01-19 17:06:35 -06:00
7080bb336c
Update ColdFusion check
2014-01-19 17:05:03 -06:00
4fdd2c19a1
Update vbulletin check
2014-01-19 16:54:27 -06:00
0a8aa07131
Fix check method
...
This isn't a check, so shouldn't be using the check method
2014-01-19 16:47:15 -06:00
e2fa581b8c
Delete empty line
2014-01-17 22:05:14 -06:00
01ab6fd545
Do small fixes
2014-01-17 17:59:03 -06:00
5ec062ea1c
Beautify print message
2014-01-17 17:42:26 -06:00
d96772ead1
Clean multi-threading on ibm_sametime_enumerate_users
2014-01-17 17:38:16 -06:00
jvazquez-r7
James Lee
Joe Vennix
Tod Beardsley
sinn3r
William Vu
Meatballs
bcoles
xistence
Mekanismen
RangerCha
Meatballs1