Christian Mehlmauer
71a650fe6e
Land #3259 , XMPP Hostname autodetect by @TomSellers
2014-04-17 08:54:15 +02:00
Tom Sellers
1f452aab48
Code cleanup
...
Changes requested by wvu-R7
2014-04-17 12:46:25 -05:00
Tom Sellers
9e2285619e
Additional cleanup
...
Whitespace cleanup
2014-04-17 10:46:33 -05:00
Jonathan Claudius
f53e7f84b8
Adds Cisco SSL VPN Bruteforce Aux Mod
2014-04-16 22:47:58 -04:00
Tom Sellers
ee0d30a1f3
Whitespace fix
...
Removing extra line feeds
2014-04-16 17:27:39 -05:00
Tom Sellers
92eab6c54b
Attribution addition
...
Per comment from Firefart
2014-04-16 17:26:09 -05:00
Tom Sellers
1f3ec46b8a
Heartbleed - Add autodetection of XMPP hostname (round 2)
...
Add the ability to scrape the hostname from the XMPP error message when connecting to an XMPP (Jabber) server. This allows the connection to get far enough to negotiate a TLS tunnel with STARTTLS. The manually specified domain, if present, will be used first and then the hostname autodetection will kick in if that fails.
This version addresses issues that FireFart (Thanks!) brought up about code quality and connection reliability.
2014-04-16 08:49:45 -05:00
sinn3r
7a4e12976c
First little bit at Bug 8498
...
[FixRM #8489 ] rhost/rport modification
2014-04-15 18:20:16 -05:00
Tod Beardsley
9db01770ec
Add custom rhost/rport, remove editorializing desc
...
Verification:
````
resource (./a.rc)> run
[*] Connecting to FTP server ....
[*] FTP recv: "220 ProFTPD 1.3.3a Server (My FTP server)
[*] Connected to target FTP server.
[*] Authenticating as anonymous with password mozilla@example.com...
[*] FTP send: "USER anonymous\r\n"
[*] FTP recv: "331 Anonymous login ok, send your complete email address
as your password\r\n"
````
...etc.
2014-04-14 21:46:05 -05:00
Tom Sellers
0360d1177f
Heartbleed - Add autodetection of XMPP hostname
...
Add the ability to scrape the hostname from the XMPP error message when connecting to an XMPP (Jabber) server. This allows the connection to get far enough to negotiate a TLS tunnel with STARTTLS. The manually specified domain, if present, will be used first and then the hostname autodetection will kick in if that fails.
2014-04-14 20:09:21 -05:00
David Chan
1a73206034
Add detection for GnuTLS with with multiple records
2014-04-14 17:09:25 -07:00
Tom Sellers
634a03a852
Update to openssl_heartbleed to deal with SMTP RFC
...
Added CR character in order to have the commands match SMTP RFC 5321 2.3.8 for line termination. Some SMTP services, such as the Symantec Mail Gateway, require strict compliance or the connection will be dropped with the response '550 esmtp: protocol deviation'
Reference:
http://www.symantec.com/business/support/index?page=content&id=TECH96829
http://tools.ietf.org/html/rfc5321#section-2.3.8
2014-04-14 13:27:33 -05:00
David Chan
6fafc10184
Add HeartBleed check functionality
2014-04-12 00:07:00 -07:00
Sebastiano Di Paola
a63f020a68
Fixing coding style
2014-04-11 19:39:57 +02:00
Sebastiano Di Paola
4acacb005d
Fixed a bug...referring to wrong variable after filtering with regexp
2014-04-11 19:33:23 +02:00
Sebastiano Di Paola
83fe1cec65
Cleaned up Array.join call
2014-04-11 19:24:32 +02:00
Sebastiano Di Paola
55ec969bd9
Renamed FILTER -> DUMPFILTER, more intuitive and coherent
2014-04-11 19:07:57 +02:00
Sebastiano Di Paola
8268009b36
Renamed PATTERN_FILTER -> FILTER
2014-04-11 19:03:25 +02:00
Sebastiano Di Paola
c378fe95c1
Added missing space in comment
2014-04-11 19:01:01 +02:00
Sebastiano Di Paola
f8f710547c
Fixed call to String.match with regexp pattern
2014-04-11 18:59:59 +02:00
Sebastiano Di Paola
638cb41a3f
Remove Spaces at EOL, fixed if test on pattern variable
2014-04-11 18:58:05 +02:00
Sebastiano Di Paola
34fa4e29d9
Restored FTP option
2014-04-11 18:16:19 +02:00
Sebastiano Di Paola
eb0e35bf25
Fixed store on file option
2014-04-11 18:07:14 +02:00
Sebastiano Di Paola
4315ad2987
Fixed conflict and used OptRegexp type for pattern
2014-04-11 17:15:39 +02:00
jvazquez-r7
813e0eab89
Land #3233 , @wvu-r7's improvements fort heartbleed modules
2014-04-11 09:33:57 -05:00
jvazquez-r7
e2ec53272e
Fix also negative numbers
2014-04-11 09:33:27 -05:00
jvazquez-r7
fb5881d8e2
Land #2324 , @sensepost and @Firefart's sftp support for heartbleed
2014-04-11 08:47:22 -05:00
jvazquez-r7
2134d676b4
Use verbose by default
2014-04-11 07:58:56 -05:00
William Vu
6675464c20
Fix a few things in the Heartbleed modules
2014-04-10 16:06:40 -05:00
Sebastiano Di Paola
9adf629ee7
Added feature to dump to file leaked memory
2014-04-10 22:51:07 +02:00
Christian Mehlmauer
f115a7f6e1
Fix intendation
2014-04-10 02:52:05 +02:00
gigstorm
f1443c039e
Updated hash value to SSLv3
...
Tested and working on server that has SSLv3 only enabled
2014-04-11 14:01:28 -07:00
gigstorm
6ab3478c7e
Update to include SSL Version 3 protocol
...
SSL Version 3 will also respond to this and a server configured to respond to SSL version 3 but not TLS will show false negative without this option (proven). May need to update cipher suites to include this option.
2014-04-11 12:41:17 -07:00
Christian Mehlmauer
4fc272c0e9
Fix merge error
2014-04-10 00:53:14 +02:00
Christian Mehlmauer
98816c3a01
Added @sensepost FTP implemenation
2014-04-10 00:48:09 +02:00
singe
ccfcf2cedb
Added FTP STARTTLS support to heartbleed scanner.
2014-04-10 00:45:59 +02:00
jvazquez-r7
ccdc5bd281
Switch to get since @wvu-r7 also tested successfully with get
2014-04-09 17:30:00 -05:00
Christian Mehlmauer
a86a8fed05
Changed heartbleed jabber implementation to match openssl s_client
...
see here for example implementation:
https://github.com/openssl/openssl/blob/master/apps/s_client.c#L1719
2014-04-09 22:20:32 +02:00
Christian Mehlmauer
856ad7e83d
heartbleed - Better output on wrong jabber domain and add. nil? check
2014-04-09 21:53:17 +02:00
sinn3r
2de210f1c3
Land #3216 - Update @Meatballs1 and @FireFart in authors.rb
2014-04-09 16:38:10 -05:00
Christian Mehlmauer
fec089d88d
Land #3219 , openssl_heartbleed XMPP fix from @natronkeltner
2014-04-09 20:42:55 +02:00
Jeff Jarmoc
7a424784f8
Change default TLS Version to 1.0
...
Canonical testing shows this to be more widely supported, and yielding far more vulnerable hosts. Changing default to reflect that.
Experience of others in #metasploit seems similar.
2014-04-09 13:45:00 -05:00
Christian Mehlmauer
e2b50d3709
fix openssl_heardbleed
...
-) XMPP Domain now configurable
-) Missing get_once to initiate the TLS connection
2014-04-09 20:39:33 +02:00
jvazquez-r7
5696e52fac
Fix jabber to field
2014-04-09 13:48:45 -05:00
jvazquez-r7
28a471e446
Land #3221 , @Firefart's fix for pop3 starttls
2014-04-09 13:31:45 -05:00
jvazquez-r7
bea810b5d6
Add jabber fix from @natronkeltner
2014-04-09 13:11:45 -05:00
Tod Beardsley
76a9381b2a
Make the title of the Heartbleed module searchable
...
Right now, the title does not actually tie the Heartbeat check to the
Heartbleed attack, so people searching strictly on module title are not
going to get a hit for this module.
2014-04-09 11:03:01 -05:00
Christian Mehlmauer
899a7c9ea4
heartbleed bugfix for pop3
2014-04-09 17:51:44 +02:00
Tod Beardsley
062175128b
Update @Meatballs and @FireFart in authors.rb
2014-04-09 10:46:10 -05:00
Tod Beardsley
3849d1517f
Restore author credit
2014-04-09 09:42:39 -05:00
jvazquez-r7
8d38087a10
Fix case / when indention
2014-04-09 09:12:55 -05:00
Christian Mehlmauer
0e0fd20f88
Added RFC link
2014-04-09 15:19:29 +02:00
Christian Mehlmauer
a0a5b9faa1
Fix heartbleed module
...
-) incorrect length read
-) Parse TLS errors
2014-04-09 15:08:24 +02:00
jvazquez-r7
a93e22b5c0
Land #3209 , @Firefart's heartbleed's module fix
2014-04-09 06:38:06 -05:00
julianvilas
4e7c675f3c
Fix typo, extraquote in message
2014-04-09 10:22:15 +02:00
Christian Mehlmauer
cdfe333572
updated heartbleed module
...
-) Heartbeat length was added twice
-) Use the current date for the TLS client_hello
2014-04-09 09:19:05 +02:00
William Vu
dd69a9e5dd
Land #3206 , OpenSSL Heartbleed infoleak
2014-04-08 20:12:00 -05:00
William Vu
5e314f2a7c
Fix outstanding issues
2014-04-08 20:11:28 -05:00
jvazquez-r7
a4e1d866e1
Favor nil?
2014-04-08 18:21:49 -05:00
jvazquez-r7
153e003e23
Do small fixes
2014-04-08 18:21:09 -05:00
jvazquez-r7
39aecb140a
Use the datastore option
2014-04-08 16:55:08 -05:00
jvazquez-r7
496dd944e6
Add support for datastore TLSVERSION
2014-04-08 16:51:50 -05:00
jvazquez-r7
d51aa34437
Use Random generation Time as pointed by @Firefart
2014-04-08 16:46:15 -05:00
jvazquez-r7
d964243cc4
Move heartbeat length to a variable
2014-04-08 16:33:05 -05:00
jvazquez-r7
3d6c553efd
Fix endianess
2014-04-08 16:29:31 -05:00
jvazquez-r7
373b05c5aa
Minimize extensions in the Hello
2014-04-08 16:21:38 -05:00
jvazquez-r7
3254cce832
Align comment
2014-04-08 16:04:38 -05:00
jvazquez-r7
c20b71e7b6
Switch to vprint unless success
2014-04-08 16:03:38 -05:00
jvazquez-r7
7dbd690c99
Add new references
2014-04-08 16:01:06 -05:00
jvazquez-r7
a55579dd4a
Fix references
2014-04-08 15:56:56 -05:00
jvazquez-r7
4004cd8f9a
Allow hello data to grow dinamically
2014-04-08 15:52:39 -05:00
jvazquez-r7
b8e2c9fe42
Clean and fix @Firefart's code
2014-04-08 15:32:13 -05:00
jvazquez-r7
80bdbbed92
Solve conflict
2014-04-08 15:18:38 -05:00
Christian Mehlmauer
8c7debb81d
Added some comments and modified JABBER
2014-04-08 22:13:02 +02:00
jvazquez-r7
021da84459
Add authors and switch and's format
2014-04-08 15:10:27 -05:00
Christian Mehlmauer
9c053a5b91
Added additional protocols
2014-04-08 21:56:05 +02:00
jvazquez-r7
5f29026cb2
Complete @Firefart's module
2014-04-08 14:13:56 -05:00
Christian Mehlmauer
ac0cafcca6
Initial commit for openssl Heartbleed bug
2014-04-07 21:15:54 +02:00
coma
44640b126c
Add Oracle Demantra 2013-5795 (Database Credentials Retrieval)
2014-04-07 11:42:47 -07:00
silascutler
7b9b20a07e
Corrected Spaces Issues
...
Removed extra spaces on line 23&24
2014-04-07 14:30:52 -04:00
Tod Beardsley
7572d6612e
Spelling and grammar on new release modules
2014-04-07 12:18:13 -05:00
sinn3r
0c883723ba
Land #3149 - Oracle Demantra Arbitrary File Retrieval with auth bypass
2014-04-07 11:11:55 -05:00
sinn3r
31dfae3a01
Follow the 100 columns per line guideline
2014-04-07 11:10:20 -05:00
sinn3r
de242ecc00
Correct date format
...
Hmm weird, msftidy didn't pick this up
2014-04-07 11:09:27 -05:00
Spencer McIntyre
395f5beef8
Land #3178 , http header scan module
2014-04-04 11:36:35 -04:00
Spencer McIntyre
2b6ae68cbf
Minor modifications for http_header
2014-04-04 10:46:03 -04:00
Christian Mehlmauer
b4aa08251f
changed option from string to regex
2014-04-03 19:34:40 +02:00
Christian Mehlmauer
a4adfac312
Added feedback for http_header module
2014-04-02 23:01:23 +02:00
Christian Mehlmauer
69192edd4b
Added new http_header module
2014-04-02 22:04:54 +02:00
coma
149948485a
Add CVE-2013-5877+CVE-2013-5880 for Oracle Demantra fixed issues
2014-04-01 12:28:41 -07:00
silascutler
3788f136d9
Update es_enum.rb
...
Updated based on comments.
2014-04-01 11:43:15 -04:00
William Vu
c37dbd104a
Clean up perms and whitespace for owa_login
2014-04-02 01:45:15 -05:00
Tod Beardsley
2972220f60
Land #3047 for real.
...
Merge branch 'land-3047-really' into upstream-master
2014-04-01 13:16:13 -05:00
Spencer McIntyre
dfec2eb53f
Cleanup an expression and avoid fail_with
2014-03-31 18:05:20 -04:00
Spencer McIntyre
07e04717c2
Allow using a single URI and/or a list of URIs
2014-03-31 18:05:20 -04:00
Joshua Smith
b21d5c1801
use TARGET_URI if given, otherwise TARGET_URIS_FILE
2014-03-31 18:05:20 -04:00
Spencer McIntyre
5e9e7e15c8
Return whether result is nil or not.
2014-03-31 18:05:20 -04:00
Spencer McIntyre
0ac112b5e7
Support checking a single URI for ntlm information.
2014-03-31 18:05:19 -04:00
William Vu
3b6d73420e
Fix syntax error in dns_amp
2014-03-31 16:18:49 -05:00
Joshua Smith
159bc264a4
unretards the uri normalize loop
2014-03-31 15:58:21 -04:00
Joshua Smith
2290249a42
uses fail_with to bomb out on datastore probs
2014-03-31 15:52:05 -04:00
Joshua Smith
4f121e3e03
fixes if-logic for error condition
2014-03-31 15:38:05 -04:00
Tod Beardsley
894bbcae97
More fix-up on the DNS amplication scanner
2014-03-31 14:37:10 -05:00
Tod Beardsley
4d597174d0
Merge up from upstream/master
2014-03-31 14:33:28 -05:00
William Vu
387da26f8d
Land #3159 , HP LaserJet printer SNMP enumeration
2014-03-31 12:48:23 -05:00
William Vu
c6ceb8cdfd
Land #2929 , DNS recursion amplification scanner
2014-03-31 12:47:46 -05:00
William Vu
aaa15d13d9
Land #2928 , extended SMTP open relay checks
2014-03-31 12:47:10 -05:00
Tod Beardsley
ffdca3bf42
Fixup on some modules for release
...
There may be more coming, but if not, this should cover
this week's minor style changes.
2014-03-31 12:42:19 -05:00
Joshua Smith
2530fb9741
adds the return back in (forgot in prev commit)
2014-03-28 19:27:04 -04:00
Joshua Smith
dc4b8461e8
unbreaks & DRYs my previous change.
2014-03-28 19:15:38 -04:00
Matteo Cantoni
c559a6b39f
fix description
...
(cherry picked from commit 7c860b9553
)
2014-03-28 17:36:21 -05:00
Matteo Cantoni
ae53d75cdb
Module to HP LaserJet Printer SNMP Enumeration
...
(cherry picked from commit f18fef1864
)
2014-03-28 17:36:21 -05:00
kenkeiras
3a4f983a6f
Add CVE 2006-5229 reference
2014-03-28 22:35:19 +01:00
jvazquez-r7
9374777da1
Land #2996 , @mcantoni's jboss status aux module
2014-03-28 16:07:08 -05:00
jvazquez-r7
7689751c10
Module module location
2014-03-28 16:05:37 -05:00
kenkeiras
bca0d603ef
SSH user enumeration script
2014-03-28 16:23:52 +01:00
William Vu
5458200434
Fix a couple minor annoyances in PJL
2014-03-28 02:19:30 -05:00
William Vu
c1fdc4d945
Fix a couple things that were bugging me
2014-03-28 02:15:38 -05:00
coma
107901b481
Add CVE-2013-5877+CVE-2013-5880 for Oracle Demantra msftidy fix
2014-03-26 22:37:21 -07:00
coma
30da3575e8
Add CVE-2013-5877+CVE-2013-5880 for Oracle Demantra
2014-03-26 21:53:12 -07:00
Tod Beardsley
5b8d8d8009
Get Pro and Framework back in sync.
2014-03-26 09:25:19 -05:00
William Vu
cd448ba46c
Land #3132 , ntp_monlist improvements
2014-03-25 15:19:45 -05:00
William Vu
1c4797337f
Clean up rapid7/metasploit-framework#3132
2014-03-25 14:04:43 -05:00
Brandon Turner
460a1f551c
Fix for R7-2014-05
2014-03-24 14:12:12 -05:00
Joshua Smith
312f117262
updates file read to close file more quickly
2014-03-21 14:53:15 -04:00
Matteo Cantoni
4b2a2d4dea
Improve NTP monlist auxiliary module
2014-03-21 16:39:53 +01:00
Matteo Cantoni
fbcd661504
removed snmp_enum_hp_laserjet from this pull request
2014-03-21 15:58:53 +01:00
Spencer McIntyre
aa26405c23
Cleanup an expression and avoid fail_with
2014-03-20 17:33:09 -04:00
Spencer McIntyre
74398c4b6e
Allow using a single URI and/or a list of URIs
2014-03-20 09:54:02 -04:00
Joshua Smith
a8d919feb0
use TARGET_URI if given, otherwise TARGET_URIS_FILE
2014-03-19 23:32:04 -05:00
William Vu
b79920ba8f
Land #3089 , InvalidWordCount fix for smb_login
...
[FixRM #8730 ]
2014-03-19 16:12:56 -05:00
sinn3r
fe0b76e24e
Land #2994 - OWA 2013 support
2014-03-19 13:16:37 -05:00
silascutler
d361597104
Update es_enum.rb
2014-03-18 09:20:04 -04:00
silascutler
ad4c354460
Update es_enum.rb
...
Corrected changes from dev module
2014-03-17 13:38:33 -04:00
Silas Cutler
975c2adbad
Fixed spaces issues
2014-03-17 13:34:45 -04:00
Silas Cutler
b032f2c270
Added Elastic Search Enum
2014-03-17 13:31:24 -04:00
xistence
8fdb5250d4
changes to smtp relay aux module
2014-03-17 15:09:29 +07:00
David Maloney
da0c37cee2
Land #2684 , Meatballs PSExec refactor
2014-03-14 13:01:20 -05:00
William Vu
5aad8f2dc3
Land #3088 , SNMP timestamp elements fix
2014-03-13 02:22:14 -05:00
Tod Beardsley
206660ddde
Recreate the intent of cfebdae from @parzamendi-r7
...
The idea was to rescue on a NoReply instead of just fail, and was part
of a fix in #2656 .
[SeeRM #8730 ]
2014-03-11 14:30:01 -05:00
sho-luv
f7af9780dc
Rescue InvalidWordCount error
...
This is a cherry-pick of commit ea86da2 from PR #2656
2014-03-11 14:17:36 -05:00
James Lee
f51ee2d6b4
snmp_enum: Treat missing timestamp elements as 0
...
Timestamps don't always have all the elements we expect. This treats
them as zeroes to ensure that we don't raise silly exceptions in that
case.
2014-03-11 12:44:07 -05:00
William Vu
170608e97b
Fix first chunk of msftidy "bad char" errors
...
There needs to be a better way to go about preventing/fixing these.
2014-03-11 11:18:54 -05:00
Spencer McIntyre
ebee365fce
Land #2742 , report_vuln for MongoDB no auth
2014-03-06 19:34:45 -05:00
Spencer McIntyre
84f280d74f
Use a more descriptive MongoDB vulnerability title
2014-03-06 19:20:52 -05:00
Spencer McIntyre
12e4e0e36d
Return whether result is nil or not.
2014-02-28 10:17:37 -05:00
Spencer McIntyre
dfa91310c2
Support checking a single URI for ntlm information.
2014-02-28 08:47:29 -05:00
jgor
8be33f42fe
Define service as udp
2014-02-27 12:53:29 -06:00
Peter Arzamendi
ea5fe9ec0a
Updated to use get_cookie
2014-02-27 08:52:54 -06:00
Peter Arzamendi
9e52a10f2d
Set SSL to default to true and removed SSL from register_options. Updated Author to include full name
2014-02-26 20:49:03 -06:00
William Vu
6f398f374e
Land #3032 , inside_workspace_boundary? typo fix
2014-02-24 14:55:09 -06:00
James Lee
d2945b55c1
Fix typo
...
inside_workspace_boundary() -> inside_workspace_boundary?()
2014-02-24 14:46:08 -06:00
sinn3r
5cdd9a2ff3
Land #2995 - sqlmap minor cleanup, description & file tests
2014-02-24 10:39:01 -06:00
jvazquez-r7
4ca4d82d89
Land #2939 , @Meatballs1 exploit for Wikimedia RCE and a lot more...
2014-02-18 17:48:02 -06:00
xistence
1864089085
removed rport definition
2014-02-17 11:32:24 +07:00
Tod Beardsley
f6be574453
Slightly better file checks on sqlmap.py
2014-02-15 09:58:03 -06:00
Tod Beardsley
dacbf55fc1
Minor cleanup of title and desc on sqlmap
2014-02-15 09:55:06 -06:00
Royce Davis
0e7074c139
Modififed output for smb_enumshares module
2014-02-14 13:39:13 -06:00
Royce Davis
6dc9840064
Modified output for smb_enumshares
2014-02-14 13:12:52 -06:00
Russell Sim
ee3f1fc25b
Record successful passwordless access to mongodb
2014-02-14 08:52:17 +11:00
Matteo Cantoni
7c860b9553
fix description
2014-02-13 21:11:50 +01:00
Peter Arzamendi
5ef40e3844
Removed bad sets on datastore['USERNAME'] and datastore['PASSWORD']
2014-02-12 13:31:03 -06:00
Peter Arzamendi
2b8a8259f9
Updates to support OWA 2013 and some syntax changes
2014-02-12 09:40:49 -06:00
xistence
6944c54d13
Added EXTENDED option to smtp_relay
2014-02-12 15:44:53 +07:00
jvazquez-r7
79d559a0c9
Fix MIME message to_s
2014-02-10 22:23:23 -06:00
Tod Beardsley
1236a4eb07
Fixup on description and some option descrips
2014-02-10 14:41:59 -06:00
xistence
02fb84db20
Changed dns_amp to avoid false positives
2014-02-10 17:13:06 +07:00
Karn Ganeshen
4c01420f38
msftidy done
2014-02-06 16:52:39 +02:00
Karn Ganeshen
036ae2fd80
msftidy done
2014-02-06 16:25:41 +02:00
Karn Ganeshen
2c0ce2dffc
PocketPAD login
2014-02-05 20:22:52 +02:00
Karn Ganeshen
32e46c00d3
Rename ehterpadduo_login.rb to etherpadduo_login.rb
2014-02-05 20:21:16 +02:00
Karn Ganeshen
73418a975a
Rename ehterpadduo_login to ehterpadduo_login.rb
2014-02-05 20:20:30 +02:00
Karn Ganeshen
88b2e6b1c3
EtherPAD Duo Login
...
I've run it through retab. Msfpro loads the module fine. msftidy seems broken though. Gives this on run:
msftidy.rb:444: undefined (?...) sequence: /(?<!\.)datastore\[["'][^"']+["']\]\s*=(?![=~>])/
BR
2014-02-05 20:17:11 +02:00
William Vu
a58698c177
Land #2922 , multithreaded check command
2014-02-04 11:21:05 -06:00
jvazquez-r7
cccf2e4258
Land #2926 , @xistence A10 Networks Loadbalancer dir traversal module
2014-02-04 07:28:51 -06:00
jvazquez-r7
cc09367c62
Change the datastore name option
2014-02-04 07:28:14 -06:00
jvazquez-r7
ffd90a3d38
Add confirmation datastore option
2014-02-03 12:40:58 -06:00
jvazquez-r7
a92256e8d1
Clean a10networks_ax_directory_traversal
2014-02-03 08:41:23 -06:00
jvazquez-r7
53c2a737e9
Don't register rport again
2014-01-31 09:42:41 -06:00
jvazquez-r7
452042e757
Land #2925 , @xistence aux module for Support Center Plus traversal
2014-01-31 09:38:01 -06:00
jvazquez-r7
e9f04d9203
Do final cleanup for Support Center Plus module
2014-01-31 09:37:40 -06:00
jvazquez-r7
32c5d77ebd
Land #2918 , @wvu's fix for long argument lists
2014-01-31 08:49:22 -06:00
xistence
e81a0ed22b
Changes as requested for SupportCenterPlus module
2014-01-31 13:28:45 +07:00
William Vu
56287e308d
Clean up unused variables
2014-01-30 11:20:21 -06:00
xistence
8ac0ef396e
Added DNS recursion amplification scanner
2014-01-29 14:21:21 +07:00
xistence
d3be54fed6
Added Extended SMTP Open Relay aux module
2014-01-29 13:46:54 +07:00
xistence
c8296298b3
added A10Networks AX loadbalancer Dir Traversal Auxiliary Module
2014-01-28 16:37:25 +07:00
xistence
32d7f15a5c
added ManageEngine Support Center Plus directory traversal auxiliary module
2014-01-28 15:45:23 +07:00
jvazquez-r7
f766a74150
Land #2920 , @wvu-r7's author metadata update for printer aux modules
2014-01-27 13:02:31 -06:00
William Vu
d19e9307c6
Fix missing colon in :caller_host symbol
...
Good catch, @jvazquez-r7!
2014-01-27 12:43:59 -06:00
jvazquez-r7
0dbaeb6742
Add Matteo's email
2014-01-27 08:40:44 -06:00
sinn3r
f471f50092
ms08_067_check.rb is deprecated.
...
[SeeRM #8755 ]
2014-01-26 12:22:13 -06:00
William Vu
52371be52a
Clarify why contributors are listed as authors
...
Also adding @mcantoni to the list of authors. Sorry we missed you!
Dear contributors,
Even though we weren't able to use your code, we absolutely appreciate
that you wrote it. That's why we're listing you as authors. Thanks!!!
https://dev.metasploit.com/redmine/issues/6034
https://dev.metasploit.com/redmine/issues/5217
https://dev.metasploit.com/redmine/issues/6864
2014-01-25 18:02:17 -06:00
Matteo Cantoni
f18fef1864
Module to HP LaserJet Printer SNMP Enumeration
2014-01-25 15:48:13 +01:00
William Vu
eaeb2af97f
Use opts hash for h323_version
...
https://dev.metasploit.com/redmine/issues/8498
2014-01-24 20:32:37 -06:00
Tod Beardsley
82bf02910d
Land #2911 , correct author name for PJL credit
2014-01-24 11:00:12 -06:00
jvazquez-r7
fdaa172cc5
Land #2896 , @wchen-r7's check's normalization for auxiliary modules
2014-01-24 08:53:53 -06:00
sinn3r
9ba72ffc71
Remove check support
...
Actually, you can't support check because in check mode the module
doesn't know the IP
2014-01-23 21:30:11 -06:00
sinn3r
dc52d00be6
Modify vmware_http_login to work with check
2014-01-23 21:27:36 -06:00
William Vu
a67068f019
Correct author name
...
Was using the name quoted in Redmine. Technically, the author is Myo Soe
of the YGN Ethical Hacker Group (YEHG).
2014-01-23 19:09:20 -06:00
Tod Beardsley
f5809423a3
Let's spell right in my spellcheck PR
...
Updates #2900
2014-01-21 15:57:59 -06:00
Tod Beardsley
b3b51eb48c
Pre-release fixup
...
* Updated descriptions to be a little more descriptive.
* Updated store_loot calls to inform the user where the
loot is stored.
* Removed newlines in print_* statments -- these will screw
up Scanner output when dealing with multiple hosts.
Of the fixed newlines, I haven't see any output, so I'm not sure what
the actual message is going to look like -- I expect it's a whole bunch
of newlines in there so it'll be kinda ugly as is (not a blocker for
this but should clean up eventually)
2014-01-21 13:29:08 -06:00
sinn3r
0a8aa07131
Fix check method
...
This isn't a check, so shouldn't be using the check method
2014-01-19 16:47:15 -06:00
sinn3r
a1eba03d1f
Land #2725 - Rex::Proto::PJL plus modules
2014-01-16 15:57:38 -06:00
William Vu
9bf90b836b
Add environment variables support
2014-01-16 14:53:25 -06:00
William Vu
311704fc0a
Perform final cleanup
2014-01-15 13:49:37 -06:00
William Vu
7c52f9b496
Update description to use %q{}
2014-01-13 14:42:25 -06:00
jvazquez-r7
fe6d10ac5d
Land #2852 , @mandreko's scanner for OSVDB 101653
2014-01-13 14:07:07 -06:00
jvazquez-r7
8c3a71a2e7
Clean sercomm_backdoor scanner according to feedback
2014-01-13 13:53:47 -06:00
William Vu
d69b658de0
Land #2848 , @sho-luv's MS08-067 scanner
2014-01-09 14:39:25 -06:00
William Vu
fc616c4413
Clean up formatting
2014-01-09 14:16:31 -06:00
Matt Andreko
93668b3286
Code Review Feedback
...
Made it less verbose, converting to vprint_error
2014-01-09 14:53:33 -05:00
Matt Andreko
e21c97fd4d
Added missing metadata
...
Add credit where due
Add disclosure date and references
2014-01-09 14:33:54 -05:00
Matt Andreko
9456d26467
Added Scanner module for SerComm backdoor
2014-01-09 14:25:28 -05:00
William Vu
7fd4935263
Make the module output prettier
2014-01-09 01:03:01 -06:00
William Vu
27f079ad7c
Move {begin,end}_job from libs to modules
2014-01-09 01:03:01 -06:00
William Vu
131bfcaf41
Refactor away leftover get_rdymsg
2014-01-09 01:03:01 -06:00
William Vu
d3bbe5b5d0
Add filesystem commands and new PoC modules
...
This commit also refactors some of the code.
2014-01-09 01:03:01 -06:00
William Vu
af66310e3a
Address @jlee-r7's comments
2014-01-09 01:03:01 -06:00
William Vu
bab32d15f3
Address @wchen-r7's comments
2014-01-09 01:03:00 -06:00
William Vu
1c889beada
Add Rex::Proto::PJL and PoC modules
2014-01-09 01:03:00 -06:00
sho-luv
a8fcf13972
Added credits and clean initialize
...
Added wvu to creds as he did most of work. ;)
2014-01-08 21:16:09 -05:00
William Vu
8993c74083
Fix even moar outstanding issues
2014-01-08 19:38:54 -06:00
William Vu
1dd29d3b64
Fix moar outstanding issues
2014-01-08 18:11:18 -06:00
William Vu
945a2a296a
Fix outstanding issues
2014-01-08 17:09:41 -06:00
sho-luv
35ac9712ab
Added auxiliary check for MS08_067
...
I simply copied the check from ms08_0867_netapi.rb and put them in
a auxiliary check so I could scan for it. This was done because
Nmap's check is not safe and this is more stable.
2014-01-08 16:41:44 -05:00
jvazquez-r7
90158b9932
Land #2791 , @morisson's support to remote dns resolution on sap_router_portscanner
2014-01-02 12:19:50 -06:00
jvazquez-r7
f75782bc2f
Use RHOST, RPORT for the SAPROUTER options
2014-01-02 12:18:54 -06:00
Tod Beardsley
c34a5f3758
Unacronym the title on Poison Ivy C&C
2013-12-26 10:30:30 -06:00
Tod Beardsley
47765a1c4f
Fix chargen probe title, comment on the CVE
2013-12-26 10:29:11 -06:00
Tod Beardsley
056661e5dd
No at-signs in names please.
2013-12-26 10:26:01 -06:00
jvazquez-r7
b02e21a1d3
Land #2779 , @wchen-r7's mod to raise Msf::OptionValidateError when PORTS is invalid
2013-12-26 09:27:27 -06:00
rbsec
86a94022c0
Fix lotus_domino_hashes not working.
...
Some Lotus Domino servers prefix the "dspHTTPPassword" with a dollar
sign. Updated regex to take this into account.
2013-12-24 11:57:13 +00:00
sinn3r
213556761a
Land #2765 - Added Poison Ivy Command and Control Scanner
2013-12-23 17:36:18 -06:00
sinn3r
0a07bbdf2e
Minor changes
2013-12-23 17:35:42 -06:00
jvazquez-r7
88b3b2c78e
Switch RHOSTS to TARGETS and add validation
2013-12-23 11:58:26 -06:00
Bruno Morisson
94da642f5c
fixed typo: innacurated -> inaccurate
2013-12-21 20:36:43 +00:00
Bruno Morisson
c387a850ca
Fixed default value for RESOLVE (local)
2013-12-21 19:21:57 +00:00
Bruno Morisson
6ce0bab036
Cleanup, also split IP addresses separated by commas.
2013-12-21 00:15:00 +00:00
SeawolfRN
bf2dc97595
Merge branch 'poisonivyscanner' of github.com:SeawolfRN/metasploit-framework into poisonivyscanner
2013-12-20 18:46:35 +00:00
SeawolfRN
ae7a0159e7
Changed to Puts and get_once - also forgot the timeout...
2013-12-20 18:44:42 +00:00
jvazquez-r7
8be481f324
Land #2681 , @mcantoni and @todb-r7's support for chargen
2013-12-20 11:53:08 -06:00
jvazquez-r7
12efa99ce5
Fix udp_sweep
2013-12-20 11:47:48 -06:00
jvazquez-r7
2dc7ef4398
Fix udp_probe
2013-12-20 11:45:27 -06:00
Tod Beardsley
2f34f8458b
Downcase chargen service name
2013-12-20 10:41:53 -06:00
Tod Beardsley
35c847da94
Add chargen to udp_probe and udp_sweep
...
This simplifies the checks considerably for PR #2681 from @mcantoni
2013-12-20 10:32:15 -06:00
jvazquez-r7
eba164d2e3
Clean chargen_probe
2013-12-20 09:10:15 -06:00
Bruno Morisson
6ac0aad38b
Prevent report_* when RESOLVE is remote, since hostname may be unknown and local resolution fail, thus spitting out an error and failing
2013-12-19 23:37:13 +00:00
Bruno Morisson
c881ef5472
Unreachable and time out error identification
2013-12-19 22:59:56 +00:00
Matteo Cantoni
a199dc39af
used the recvfrom timeout
2013-12-19 20:56:11 +01:00