Commit Graph

7650 Commits (7145078e63d98a9dbe695804fca33c06341c98d1)

Author SHA1 Message Date
sinn3r 5b787406b9 Correct output messages
When HttpClient is used, it's actually not necessary to put the
target's IP/port and the module name in the output, because it's
already included in there.
2012-11-27 11:10:31 -06:00
sinn3r 46f86f46fa Merge branch 'aux-scan-nessus' of git://github.com/kost/metasploit-framework into kost-aux-scan-nessus 2012-11-27 11:01:36 -06:00
sinn3r b395f8f96d Only XP for target coverage 2012-11-27 10:48:20 -06:00
sinn3r 2e71fc740e No badchars, then no need to have the key 2012-11-27 10:46:20 -06:00
jvazquez-r7 8c53b275c6 Added module for cve-2012-3753 2012-11-27 12:10:00 +01:00
sinn3r 319fa04c16 Fix Ruby 1.8 comma of death 2012-11-26 16:45:43 -06:00
sinn3r 9ccc69c4c1 Mostly cosmetic changes. Plus a nil token bug fix. 2012-11-26 16:32:49 -06:00
sinn3r 32ea36916c Cosmetic changes 2012-11-26 16:28:16 -06:00
sinn3r 65ac56a7a7 Merge branch 'aux-scan-metasploit' of git://github.com/kost/metasploit-framework into kost-aux-scan-metasploit 2012-11-26 16:26:11 -06:00
sinn3r 472ec35adb Merge branch 'kost-aux-scan-splunk-login' 2012-11-26 16:16:02 -06:00
sinn3r af451df864 Lots of changes made
These changes include:
* More description
* Checks if auth is actually required.
* Collects the default credential on the webpage, and then tries it.
* Fixes possible nil 'Set-Cookie' header.
* Supports more options (USERPASS_FILE, USER_FILE, PASS_FILE)
* Removes the msg() function.
2012-11-26 16:12:11 -06:00
Tod Beardsley f1fedee63b EOL space, deleted 2012-11-26 14:19:40 -06:00
sinn3r 3588787df9 Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-11-26 12:59:49 -06:00
sinn3r 0ea63ca9c2 Merge branch 'web-modules' of git://github.com/tasos-r7/metasploit-framework into tasos-r7-web-modules 2012-11-26 12:59:29 -06:00
Tasos Laskos 7795dc58f4 auxiliary/scanner/http/crawler#form_from_url: rescue => rescue URI::Error 2012-11-26 20:54:20 +02:00
jvazquez-r7 36e2a4fddc Merge branch 'splunk_nil_cookie' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-splunk_nil_cookie 2012-11-26 19:18:32 +01:00
sinn3r 541ecd49d6 Merge branch 'web-modules' of git://github.com/tasos-r7/metasploit-framework into tasos-r7-web-modules 2012-11-26 12:17:24 -06:00
sinn3r 9c3be383d0 The 'Set-Cookie' header should be checked before accessing it 2012-11-26 12:06:43 -06:00
Tasos Laskos c17cffdece auxiliary/scanner/http: wrapped an exception-prone URL parse in a begin/rescue block 2012-11-26 18:58:06 +02:00
malerisch 6dfda6da37 Added Maxthon3 Cross Context Scripting (XCS) exploits for Win 2012-11-24 15:53:58 -08:00
Vlatko Kosturjak c22335a2f5 Remove spaces at EOL 2012-11-24 23:32:32 +01:00
Vlatko Kosturjak 7bafc97fec Remove non needed and redundant checks 2012-11-24 23:01:08 +01:00
Vlatko Kosturjak bbe3659093 Import of MSF web interface guesser 2012-11-24 22:56:38 +01:00
Vlatko Kosturjak cdfe663675 initial import of splunk password guesser 2012-11-24 22:05:57 +01:00
Vlatko Kosturjak 860519099f Removed space at EOL 2012-11-24 19:34:42 +01:00
jvazquez-r7 414fd052c1 final cleanup 2012-11-24 15:03:14 +01:00
jvazquez-r7 fab3427b25 Merge branch 'command' of https://github.com/R3dy/metasploit-framework into R3dy-command 2012-11-24 15:02:39 +01:00
Vlatko Kosturjak 4ad0907c29 Wrap description to 80 cols 2012-11-24 08:13:36 +01:00
Vlatko Kosturjak 14ec0c8a60 Fix http code check + be more verbose 2012-11-24 08:09:26 +01:00
Vlatko Kosturjak 83168e8b56 Correct placement of autofilter ports statement 2012-11-24 07:38:27 +01:00
Vlatko Kosturjak d008fa0250 Make wrapping works and look better 2012-11-24 07:33:25 +01:00
Vlatko Kosturjak f88c4491b5 Added autofilter_port to 3790(metasploit web intf) 2012-11-24 07:28:39 +01:00
Vlatko Kosturjak 8608bebbe7 Wrapped module info to col80 2012-11-24 07:27:10 +01:00
sinn3r e9256de6f6 Merge branch 'jvazquez-r7-apple_quicktime_texml_font_table' 2012-11-23 18:53:31 -06:00
sinn3r 965efc9c8d Last touch up 2012-11-23 18:51:51 -06:00
sinn3r ddee88bb03 Merge branch 'aux-scan-openvas' of git://github.com/kost/metasploit-framework into kost-aux-scan-openvas 2012-11-23 18:47:33 -06:00
sinn3r 89ddedf773 If no badchars, no need to specify. 2012-11-23 18:46:50 -06:00
Vlatko Kosturjak ec3ce499f1 Simplify variable assigment 2012-11-24 00:33:49 +01:00
Vlatko Kosturjak 17de7be1bf Fix exception handling block 2012-11-24 00:31:32 +01:00
Vlatko Kosturjak 505de0bfc6 Use vars_post instead of direct body construction 2012-11-24 00:21:35 +01:00
Vlatko Kosturjak a5db9331bc Simplify rescue handler 2012-11-24 00:15:39 +01:00
Vlatko Kosturjak d968a33e14 Simplify variable assigment 2012-11-24 00:13:28 +01:00
jvazquez-r7 4c9b8d4567 targets updated 2012-11-23 18:48:59 +01:00
jvazquez-r7 2978775335 change default RPORT 2012-11-23 12:14:08 +01:00
jvazquez-r7 ca3240a83e Merge branch 'SXPG_COMMAND_EXEC_DBMCLI' of https://github.com/nmonkee/metasploit-framework into nmonkee-SXPG_COMMAND_EXEC_DBMCLI 2012-11-23 12:13:22 +01:00
jvazquez-r7 f7fb8bb862 change module filename 2012-11-23 11:43:34 +01:00
jvazquez-r7 cb7e98ea29 Cleanup for command module 2012-11-23 11:42:59 +01:00
sinn3r a2623122bd Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-11-23 02:09:48 -06:00
HD Moore d4e873df07 Fix bad reference (thanks Daniel Moeller) 2012-11-22 23:51:57 -06:00
HD Moore b04b3963d8 Fix missing parenthesis 2012-11-22 23:50:47 -06:00
HD Moore d2cde0b294 Make error handling consistent in SNMP modules 2012-11-22 21:36:33 -06:00
HD Moore b357d221fb Fix stack trace/error handling in AIX snmp version 2012-11-22 21:28:49 -06:00
jvazquez-r7 52ff38ad8a add module for cve-2012-3752 2012-11-22 19:56:12 +01:00
Meatballs1 579126c777 Remove redundant sleep 2012-11-22 10:44:41 +00:00
Meatballs1 8252c7f52e Remove post file 2012-11-22 10:41:52 +00:00
Meatballs1 021e0f37e9 Cleanup s 2012-11-22 10:34:05 +00:00
Meatballs1 7936fce7cf Remove auto migrate - we probably dont want to migrate away from a SYSTEM process. 2012-11-22 10:29:58 +00:00
Meatballs1 128eafe22c Changed to Local Exploit 2012-11-22 10:26:23 +00:00
Meatballs1 4496f7f4a5 Only verify user if non custom MSI 2012-11-21 21:27:27 +00:00
Meatballs1 75054807be Initial commit 2012-11-21 21:11:45 +00:00
nmonkee 564a32ce7c Made requested changes 2012-11-21 17:33:15 +00:00
sinn3r 007dcd2dcb Module is good, except with a little grammar error 2012-11-21 10:30:28 -06:00
jvazquez-r7 04aae008ca fix to use pseudorandom exe name 2012-11-21 09:56:20 +01:00
jvazquez-r7 14cba22e64 changes requested by egypt 2012-11-21 09:46:22 +01:00
Royce Davis e16cea6db8 Fixed execerror, redundant if statement, and poor exception handling 2012-11-20 18:46:07 -06:00
jvazquez-r7 99d32191c5 Added module for OSVDB 87334 2012-11-20 23:15:21 +01:00
Tod Beardsley 064df7c537 Minor grammar touch on modbus_findunitid 2012-11-20 14:08:07 -06:00
Tod Beardsley 6b4c131cf5 Avoiding a future conflict with release 2012-11-20 13:24:19 -06:00
nmonkee ff07e5d021 sap_soap_rfc_dbmcli_sxpg_command_exec 2012-11-20 15:34:53 +00:00
jvazquez-r7 32373c1a6a new filename 2012-11-20 16:01:58 +01:00
jvazquez-r7 bb13c87aab module filename changed 2012-11-20 16:01:26 +01:00
jvazquez-r7 96024dc639 title updated 2012-11-20 16:00:50 +01:00
jvazquez-r7 bfbab4526a Merge branch 'sap_soap_rfc_sxpg_call_system' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_sxpg_call_system 2012-11-20 16:00:14 +01:00
jvazquez-r7 217fa27abb pcap to verify deleted 2012-11-20 15:55:56 +01:00
jvazquez-r7 101238db35 Merge branch 'sap_soap_rfc_dbmcli_sxpg_call_system_command_exec' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_dbmcli_sxpg_call_system_command_exec 2012-11-20 15:55:32 +01:00
nmonkee e16a51fcf9 author change 2012-11-20 14:23:29 +00:00
nmonkee 1bc62b8686 pcap for lin 2012-11-20 14:15:49 +00:00
nmonkee 838eb5154a Merge branch 'sap_soap_rfc_dbmcli_sxpg_call_system_command_exec' of https://github.com/jvazquez-r7/metasploit-framework into sap_soap_rfc_dbmcli_sxpg_call_system_command_exec 2012-11-20 14:13:51 +00:00
nmonkee be66ccdf00 pcap for lin 2012-11-20 13:59:49 +00:00
jvazquez-r7 959ea1f0c5 final cleanup 2012-11-20 12:52:00 +01:00
jvazquez-r7 b002996708 Merge branch 'narcissus' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-narcissus 2012-11-20 12:49:15 +01:00
jvazquez-r7 5f99b56688 up to date to test rapid7#1030 2012-11-20 12:13:14 +01:00
jvazquez-r7 31ca077dd6 cleanup for sap_soap_rfc_sxpg_call_system.rb 2012-11-20 11:54:21 +01:00
sinn3r edaa66094c Merge branch 'jlee-r7-feature/automatic-fs-cleanup' 2012-11-19 16:13:08 -06:00
jvazquez-r7 8385b8314c fix 1.8 warning about space before argument parenthesis 2012-11-19 22:55:44 +01:00
jvazquez-r7 3d753e9690 Delete pcap used to verify 2012-11-19 22:47:07 +01:00
jvazquez-r7 2f44bbaf21 Merge branch 'sap_soap_rfc_sxpg_command_exec' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_sxpg_command_exec 2012-11-19 22:46:38 +01:00
sinn3r a93fbfea32 Add Narcissus module (OSVDB-87410) 2012-11-19 15:12:57 -06:00
nmonkee dcb5cfdbbd pcap for lin 2012-11-19 21:06:05 +00:00
nmonkee a3550fb91b Merge branch 'sap_soap_rfc_sxpg_command_exec' of https://github.com/nmonkee/metasploit-framework into sap_soap_rfc_sxpg_command_exec 2012-11-19 21:01:00 +00:00
nmonkee aaeb05725a pcaps for lin and win 2012-11-19 21:00:11 +00:00
Royce Davis 795ea5bec2 Fix randomize of dislayname and removed filename from command.rb 2012-11-19 14:34:06 -06:00
Royce Davis 7fa8717860 Fixed cleanup method to report an Error on command.rb 2012-11-19 13:59:58 -06:00
nmonkee 6adbee13b3 Merge branch 'sap_soap_rfc_sxpg_command_exec' of https://github.com/jvazquez-r7/metasploit-framework into sap_soap_rfc_dbmcli_sxpg_call_system_command_exec 2012-11-19 17:18:21 +00:00
jvazquez-r7 ee7bf42903 cleanup for last testing 2012-11-19 17:59:27 +01:00
jvazquez-r7 35b3bf4aa5 back to the original Brute mixin 2012-11-19 14:13:49 +01:00
jvazquez-r7 24fe043960 Merge branch 'samba' of https://github.com/mephos/metasploit-framework into mephos-samba 2012-11-19 14:13:15 +01:00
nmonkee 149704d918 deleting file sap_soap_rfc_sxpg_call_system_command_exec 2012-11-18 23:56:33 +00:00
jvazquez-r7 3bf88e5884 final cleanup for sap_web_gui_brute_login 2012-11-18 22:39:05 +01:00
jvazquez-r7 165e9c26da Merge branch 'sap_web_gui_brute_login' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_web_gui_brute_login 2012-11-18 22:38:30 +01:00
jvazquez-r7 3573d31d08 final cleanup 2012-11-18 21:37:24 +01:00
jvazquez-r7 eddea29568 Merge branch 'sap_soap_rfc_brute_login' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_brute_login 2012-11-18 21:36:54 +01:00
jvazquez-r7 9fa8204152 datastore parameters cleanup 2012-11-18 11:53:17 +01:00
jvazquez-r7 5b55049610 module cleanup 2012-11-18 11:45:12 +01:00
jvazquez-r7 ea6c3e9b69 Merge branch 'sap_soap_rfc_susr_user_interface' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_susr_user_interface 2012-11-18 11:44:26 +01:00
jvazquez-r7 8a1a811844 Final cleanup 2012-11-18 01:41:10 +01:00
jvazquez-r7 482526e978 Merge branch 'sap_soap_bapi_user_create1' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_bapi_user_create1 2012-11-18 01:40:11 +01:00
jvazquez-r7 889124a439 final cleanup 2012-11-18 00:59:49 +01:00
jvazquez-r7 eed0f92829 Merge branch 'sap_soap_rfc_ping' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_ping 2012-11-18 00:59:35 +01:00
jvazquez-r7 22d4ccadea description updated 2012-11-18 00:35:25 +01:00
jvazquez-r7 a35c640acf final cleanup 2012-11-18 00:32:20 +01:00
jvazquez-r7 e72946303e Merge branch 'sap_soap_rfc_system_info' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_system_info 2012-11-18 00:31:53 +01:00
sinn3r f4aa84956c Add technet reference 2012-11-17 01:24:12 -06:00
sinn3r d4749ff009 Merge branch 'feature/automatic-fs-cleanup' of git://github.com/jlee-r7/metasploit-framework into jlee-r7-feature/automatic-fs-cleanup 2012-11-16 19:02:46 -06:00
jvazquez-r7 59e96e5850 fix typo 2012-11-17 00:35:53 +01:00
jvazquez-r7 8c0e4705f1 final cleanup 2012-11-17 00:18:35 +01:00
jvazquez-r7 c511e58971 Merge branch 'sap_soap_rfc_read_table' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_read_table 2012-11-17 00:18:04 +01:00
James Lee 591b085858 Add support for shell sessions in FileDropper 2012-11-16 15:51:54 -06:00
James Lee c65f37782d Merge branch 'rapid7' into tasos-r7-web-modules 2012-11-16 13:52:18 -06:00
jvazquez-r7 0ef41ffcd4 added reporting to the module 2012-11-16 20:05:26 +01:00
jvazquez-r7 d8d2bee6fb Final cleanup 2012-11-16 19:20:58 +01:00
jvazquez-r7 65c741b539 Merge branch 'sap_soap_th_saprel' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_th_saprel 2012-11-16 19:19:21 +01:00
sinn3r f784ea65af Merge branch 'master' into ms12-005_mod 2012-11-16 11:59:41 -06:00
sinn3r 8648d21b3c Merge branch 'dns_txt_query_exe' of git://github.com/corelanc0d3r/metasploit-framework into corelanc0d3r-dns_txt_query_exe 2012-11-16 11:52:57 -06:00
sinn3r 8375bb8390 Merge branch 'bypassuac_admincheck' of git://github.com/mubix/metasploit-framework into mubix-bypassuac_admincheck 2012-11-16 11:29:09 -06:00
sinn3r 8930d618e3 Merge branch 'invision_pboard_cleanup' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-invision_pboard_cleanup 2012-11-16 11:24:04 -06:00
jvazquez-r7 e8fe6031e9 Let default timeout for send_request_cgi 2012-11-16 18:09:47 +01:00
jvazquez-r7 51f238ec38 up to date 2012-11-16 16:03:09 +01:00
James Lee 83708a5a48 Add a FileDropper mixin for recording cleanup targets
Doesn't cover shell sessions yet, so needs a bit more work
2012-11-15 17:52:10 -06:00
Vlatko Kosturjak c0df3a0407 Remove curly braces 2012-11-15 23:27:25 +01:00
Vlatko Kosturjak eea85cf2ca Remove curly braces 2012-11-15 23:26:28 +01:00
Vlatko Kosturjak 836d83a253 Remove curly braces 2012-11-15 23:25:10 +01:00
Vlatko Kosturjak 854bfe09e2 remove curly braces 2012-11-15 23:23:46 +01:00
Vlatko Kosturjak 73d43beff3 Remove EOL spaces 2012-11-15 22:46:22 +01:00
Vlatko Kosturjak afced2278d Remove EOL spaces 2012-11-15 22:43:47 +01:00
Vlatko Kosturjak e479399b5d Initial import of OpenVAS aux scripts 2012-11-15 22:39:56 +01:00
Vlatko Kosturjak f7f7c451d3 Initial import of Nexpose aux scripts 2012-11-15 22:35:35 +01:00
Vlatko Kosturjak 1956af7dc1 Initial import of Metasploit RPC aux scripts 2012-11-15 22:32:22 +01:00
Vlatko Kosturjak bd03a2dcfd Initial import of Nessus basic aux scripts 2012-11-15 22:28:56 +01:00
David Maloney de016780b8 Rename the PAYLOAD_TYPE datastore option
This datastore option conflicts with a reserved option in Pro causing
this module to fail in Pro.
2012-11-15 14:42:31 -06:00
Rob Fuller e18acf2103 remove debugging code 2012-11-14 23:56:32 -05:00
Rob Fuller 7d41f1f9a0 add admin already and admin group checks 2012-11-14 23:54:01 -05:00
jvazquez-r7 09ec7dea95 fix check function after speak with egix 2012-11-15 01:34:17 +01:00
jvazquez-r7 3ba3e906d7 added improvements by egix 2012-11-15 01:20:32 +01:00
nmonkee 62f9766e63 made requested changes 2012-11-15 00:00:31 +00:00
James Lee 35a7999b4e Merge branch 'rapid7' into tasos-r7-web-modules 2012-11-14 17:41:27 -06:00
nmonkee b9a8791b87 made requested changes 2012-11-14 23:40:20 +00:00
nmonkee 047d6d350a looks like I committed the wrong file first time round :( 2012-11-14 23:34:21 +00:00
nmonkee a252dbc5d7 made requested changes 2012-11-14 23:25:25 +00:00
nmonkee 91b81bee4a made requested changes 2012-11-14 23:19:09 +00:00
nmonkee 308eee7c4f made requested changes 2012-11-14 23:00:45 +00:00
nmonkee aa3cd500bb made requested changes 2012-11-14 22:49:34 +00:00
nmonkee 83215edd8c made requested changes 2012-11-14 22:38:32 +00:00
nmonkee c5a017d054 made requested changes 2012-11-14 22:25:10 +00:00
nmonkee 833af3a347 made requested changes 2012-11-14 22:13:06 +00:00
nmonkee e55e5d2796 made requested changes 2012-11-14 20:12:37 +00:00
sinn3r af8ac2fbf6 There's a bug here, can you tell?
Need to be aware of what happens when no version is captured.
2012-11-14 11:54:59 -06:00
sinn3r fcad2c3e26 Merge branch 'invision_pboard_cookie_prefix' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-invision_pboard_cookie_prefix 2012-11-14 11:52:58 -06:00
Tod Beardsley 4d633016aa Merge remote branch 'Meatballs1/smb_login_update'
Thus ends our long national nightmare.
2012-11-14 10:13:34 -06:00
Tasos Laskos 8a9f0a0890 Merge remote-tracking branch 'upstream/master' into web-modules 2012-11-14 18:10:41 +02:00
jvazquez-r7 88ea347e40 added cookie prefix check 2012-11-14 16:20:40 +01:00
sinn3r 6b033fb1a8 Only store the password when there's one 2012-11-14 01:25:32 -06:00
jgor 212179b95e change behavior to explicitly note when password is not set (or enhanced password supercedes it) as opposed to an empty string password 2012-11-13 23:49:45 -06:00
jgor 721cf41f47 fix nil class error on non-lantronix hosts 2012-11-13 23:46:59 -06:00
sinn3r 1546aa6a10 No need to repeat the default values 2012-11-13 18:38:17 -06:00
sinn3r 9054fafb15 Not sure why paths were repeated, but no more. 2012-11-13 18:32:32 -06:00
sinn3r 4675cd873b Merge branch 'client_system_analyzer_upload' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-client_system_analyzer_upload 2012-11-13 11:21:23 -06:00
Royce Davis f9b4971fc3 Fixed hard coded paths in psexec on command.rb 2012-11-13 10:28:16 -06:00
jvazquez-r7 fc571b1688 Merge branch 'enum_dirperms_default_path' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-enum_dirperms_default_path 2012-11-13 17:24:53 +01:00
James Lee bbb2f69b55 Add missing require for PhpExe 2012-11-13 10:17:42 -06:00
sinn3r ee7e502e89 Merge branch 'impersonate_ssl_tweak' of git://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-impersonate_ssl_tweak 2012-11-13 09:36:28 -06:00
sinn3r cd257f6cd4 Merge branch 'download_exec' of git://github.com/corelanc0d3r/metasploit-framework into corelanc0d3r-download_exec 2012-11-13 01:48:19 -06:00
sinn3r 7d317e7863 Use PhpEXE, and a check() function
Uses the PhpEXE mixin for the payload. And then in the future
we can modify PhpEXE again to allow it to be space-free (problem
being a space is required when you use a function).  Also, this
commit has a new check function.
2012-11-13 01:41:26 -06:00
sinn3r 162b5a391a Merge branch 'invision_pboard_unserialize_exec' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-invision_pboard_unserialize_exec 2012-11-13 00:40:30 -06:00
sinn3r f707a4774d Merge branch 'esmnemon-modbus-aux' 2012-11-12 23:42:00 -06:00
sinn3r aa6ac36abd Cosmetic changes, mostly 2012-11-12 23:41:31 -06:00
sinn3r 66fe8ade52 Merge branch 'modbus-aux' of git://github.com/esmnemon/metasploit-framework into esmnemon-modbus-aux 2012-11-12 22:40:34 -06:00
sinn3r e235aadcc0 Sometimes we might not be able to access a dir, be aware of that 2012-11-12 18:59:44 -06:00
sinn3r 862dd18b1c Merge remote-tracking branch 'upstream/master' into enum_dirperms_default_path
Conflicts:
	modules/post/windows/gather/enum_dirperms.rb
2012-11-12 18:54:47 -06:00
sinn3r 5270487d81 Add credit 2012-11-12 18:35:32 -06:00
sinn3r be36083097 Make PATH optional, also correct a filtering bug
If the PATH option is not specified, the module will try to
enumerate from %PATH%.  Also, this commit fixes a bug in the
filtering routine (basically the filtering routine didn't
really work).
2012-11-12 18:29:56 -06:00
corelanc0d3r 0bf92b5d97 improved payload dns_txt_query_exec 2012-11-13 00:55:32 +01:00
Meatballs1 5c10bc11a8 Fix spacing before - 2012-11-12 23:20:40 +00:00
corelanc0d3r cad7eb0130 renamed and optimized download_exec payload 2012-11-13 00:02:49 +01:00
Tod Beardsley dd1da88ff7 Make domain part less stupid looking 2012-11-12 16:54:52 -06:00
Meatballs1 970869b3e4 Retry push 2012-11-12 22:28:44 +00:00
sinn3r 222af8c91d Fix NoMethodError when check_dir fails to enum the permission
See the following for more info:
http://dev.metasploit.com/redmine/issues/7452
2012-11-12 16:27:32 -06:00
Meatballs1 e30ab85549 Fix some outputting issues 2012-11-12 22:25:08 +00:00
sinn3r 72f0a5613f Add more improvements 2012-11-12 15:40:12 -06:00
sinn3r 8fe3f289bf Merge branch 'drupal_views_user_enum.rb' of git://github.com/zeknox/metasploit-framework into zeknox-drupal_views_user_enum.rb 2012-11-12 14:48:13 -06:00
Royce Davis 683bcd4b82 Added disconnect method to command.rb 2012-11-12 11:25:12 -06:00
Royce Davis e57275d3f6 added check cleanup method to command.rb 2012-11-12 09:46:02 -06:00
jvazquez-r7 8e7a748805 thins in place... 2012-11-11 20:19:20 +01:00
jvazquez-r7 5076198ba2 fixing bperry comments 2012-11-11 20:18:19 +01:00
jvazquez-r7 c4f10a1d53 added bid reference 2012-11-11 17:48:57 +01:00
jvazquez-r7 9d3c068da0 added linux target 2012-11-11 17:28:48 +01:00
jvazquez-r7 8619c5291b Added module for CVE-2012-5076 2012-11-11 17:05:51 +01:00
Chris John Riley 38b25f01f7 Corrected bad coding (sorry)
Added OptEnum and OptPath
Checks for nil and empty
Added reference
Made AlterSerial an advanced option instead of always on
2012-11-10 20:24:50 +01:00
Chris John Riley 6482de44e4 Added checks for Extension and Domain
Altered error handling on no response
2012-11-10 13:21:41 +01:00
jvazquez-r7 42dd1ee3ff added module for CVE-2012-5692 2012-11-10 11:35:21 +01:00
Tod Beardsley 1b9d45e106 Test for subdom_list existence first
Otherwise, you get

````
[11/09/2012 14:50:38] [e(0)] core: Error running against host
173.236.237.136: can't convert nil into String
````

Other than that, looks good.

[Fixes #851]
2012-11-09 15:01:36 -06:00
Tod Beardsley 171ebe13cd Whitespace fix for vhost_scanner 2012-11-09 14:48:46 -06:00
Tod Beardsley b1c35fdb24 Merge remote branch 'sempervictus/http_vhost_scanner_from_file' 2012-11-09 14:46:54 -06:00
Tod Beardsley 9a94fef8d0 Merge branch 'llmnr-spoof' 2012-11-09 14:36:04 -06:00
Tod Beardsley a6fd0fee1c Fix up notification to not spam or hide
Instead of hiding the success notification in vprint, it should print,
but not every time. This fix thottles the notification to ten seconds
per host.

[Fixes #731]
2012-11-09 14:31:28 -06:00
Tod Beardsley 6cd5b79b60 Getting rid of Id and Revision 2012-11-09 13:30:14 -06:00
Tod Beardsley f6c565848e Resolving conflicted smb_login 2012-11-09 12:55:18 -06:00
Royce Davis 6e257d5f57 Simplify main method 2012-11-09 08:50:09 -06:00
Royce Davis a889c8ae99 error handling adjustments on loggedin_users.rb 2012-11-09 08:33:05 -06:00
Tasos Laskos 7032ef0f6f Merge remote-tracking branch 'upstream/master' into web-modules 2012-11-09 00:21:38 +02:00
Chris John Riley 08d56e31e1 recreated in new branch
removed space at EOL
2012-11-08 22:38:21 +01:00
Chris John Riley b75ade746c Removed EOL spaces
Removed unrequired udp_sock.close
2012-11-08 22:26:37 +01:00
jvazquez-r7 21693831ae Added module for ZDI-11-018 2012-11-08 17:32:42 +01:00
Royce Davis 7ce3859e8c Fixed a bunch of bull crap in loggedin_users.rb 2012-11-08 09:49:53 -06:00
Royce Davis 0c0d5b10ec changes loggedin_users.rb 2012-11-08 09:26:17 -06:00
Royce Davis 3bf865456c Better error handling in loggedin_users 2012-11-08 09:13:33 -06:00
HD Moore 36066f8c78 Catch a few stragglers for double slash 2012-11-08 07:21:37 -06:00
HD Moore 4d2147f392 Adds normalize_uri() and fixes double-slash typos 2012-11-08 07:16:51 -06:00
HD Moore 5ad2749cee Rework ADDP modules to use the new mixin 2012-11-08 06:40:32 -06:00
HD Moore 0e8a3f0ea6 Merge branch 'master' into feature/udp-scanner-mixin 2012-11-08 06:09:22 -06:00
HD Moore e008120c11 Bug fixes to the SSDP discovery module 2012-11-08 06:08:49 -06:00
Chris John Riley da6bf29699 Display message when no response received 2012-11-08 11:59:13 +01:00
James Lee ac1b60e6db Remove debug load 2012-11-07 20:00:41 -06:00
Royce Davis 22ecd6afa9 Edit command.rb 2012-11-07 15:17:13 -06:00
Royce Davis 18aab8bcc7 Remove extrat comment lines from command.rb 2012-11-07 15:09:57 -06:00
Royce Davis d159aa6f9f Changed error handeling of command.rb module 2012-11-07 15:03:31 -06:00
David Maloney 04a80e0648 Fixes to the WMI setup 2012-11-07 11:26:48 -06:00
David Maloney 208e706307 Module title fixes 2012-11-07 10:33:14 -06:00
nmonkee 92679cd1c8 SAP Web GUI Brute Force 2012-11-07 16:18:00 +00:00
nmonkee c13f8d8eba SAP RFC TH_SAPREL 2012-11-07 16:10:09 +00:00
nmonkee f618000d0d SAP SOAP RFC SUSR_RFC_USER_INTERFACE (user creation) 2012-11-07 16:04:07 +00:00
nmonkee 2b973263b7 SAP SOAP RFC_Info 2012-11-07 15:17:56 +00:00
nmonkee 509e63268b SAP SOAP RFC SXPG_CALL_SYSTEM 2012-11-07 15:06:28 +00:00
Royce Davis ac518f7091 Removed double lines in Author field and general URLs 2012-11-07 08:22:09 -06:00
nmonkee ddcc0a9592 This module makes use of the SXPG_CALL_SYSTEM Remote Function Call (via SOAP) to execute OS commands as configured in SM69. 2012-11-07 12:48:08 +00:00
nmonkee e053c4a0ad This module makes use of the RFC_READ_TABLE Remote Function Call (via SOAP) to read data from tables. 2012-11-07 12:37:01 +00:00
Chris John Riley fc03fbe881 Initial sip_deregister.rb 2012-11-07 13:35:33 +01:00
nmonkee 3be7ad06c4 Calls the RFC_PING RFC module via SOAP to test the availability of the function. The function simply tests connectivity to remote RFC destinations. 2012-11-07 11:35:53 +00:00
nmonkee b86bc9f365 SAP SOAP RFC DBMCLI Command Injection (via SXPG_CALL_SYSTEM) 2012-11-07 11:29:16 +00:00
nmonkee f82b51b2c4 This module calls the RFC BAPI_USER_CREATE1 module (via SOAP). The module can be used for creating/modifying users. 2012-11-07 11:16:31 +00:00
nmonkee 6b7b8f7265 Flipping OptString for OptEnum 2012-11-07 11:00:43 +00:00
nmonkee d19be3024f Flipping OptEnum for OptString 2012-11-07 10:58:07 +00:00
nmonkee 51a3aa514d This module attempts to brute force the username | password via an RFC interface (over SOAP) 2012-11-07 10:45:25 +00:00
Royce Davis aec4d99549 ran msftidy on command.rb 2012-11-06 16:33:47 -06:00
Royce Davis 9f87b7b674 Removed smb_exec from this branch 2012-11-06 16:18:38 -06:00
Brandon McCann c4f35def81 fixed vprint_line 2012-11-06 14:58:14 -06:00
Brandon McCann d835a046ed fixed drupal_views_user_enum.rb so it displays to stdout and stores to loot 2012-11-06 14:53:11 -06:00
Royce Davis 43ebec22b4 Silly typos 2012-11-06 13:14:07 -06:00
Royce Davis 8c41aca091 Removed some non essential requires from loggedin_users.rb 2012-11-06 09:17:09 -06:00
Royce Davis e40ab4367a removed other modules 2012-11-05 21:07:09 -06:00