jvazquez-r7
3573d31d08
final cleanup
2012-11-18 21:37:24 +01:00
jvazquez-r7
eddea29568
Merge branch 'sap_soap_rfc_brute_login' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_brute_login
2012-11-18 21:36:54 +01:00
jvazquez-r7
9fa8204152
datastore parameters cleanup
2012-11-18 11:53:17 +01:00
jvazquez-r7
5b55049610
module cleanup
2012-11-18 11:45:12 +01:00
jvazquez-r7
ea6c3e9b69
Merge branch 'sap_soap_rfc_susr_user_interface' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_susr_user_interface
2012-11-18 11:44:26 +01:00
jvazquez-r7
8a1a811844
Final cleanup
2012-11-18 01:41:10 +01:00
jvazquez-r7
482526e978
Merge branch 'sap_soap_bapi_user_create1' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_bapi_user_create1
2012-11-18 01:40:11 +01:00
jvazquez-r7
889124a439
final cleanup
2012-11-18 00:59:49 +01:00
jvazquez-r7
eed0f92829
Merge branch 'sap_soap_rfc_ping' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_ping
2012-11-18 00:59:35 +01:00
jvazquez-r7
22d4ccadea
description updated
2012-11-18 00:35:25 +01:00
jvazquez-r7
a35c640acf
final cleanup
2012-11-18 00:32:20 +01:00
jvazquez-r7
e72946303e
Merge branch 'sap_soap_rfc_system_info' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_system_info
2012-11-18 00:31:53 +01:00
sinn3r
f4aa84956c
Add technet reference
2012-11-17 01:24:12 -06:00
sinn3r
d4749ff009
Merge branch 'feature/automatic-fs-cleanup' of git://github.com/jlee-r7/metasploit-framework into jlee-r7-feature/automatic-fs-cleanup
2012-11-16 19:02:46 -06:00
jvazquez-r7
59e96e5850
fix typo
2012-11-17 00:35:53 +01:00
jvazquez-r7
8c0e4705f1
final cleanup
2012-11-17 00:18:35 +01:00
jvazquez-r7
c511e58971
Merge branch 'sap_soap_rfc_read_table' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_read_table
2012-11-17 00:18:04 +01:00
James Lee
591b085858
Add support for shell sessions in FileDropper
2012-11-16 15:51:54 -06:00
James Lee
c65f37782d
Merge branch 'rapid7' into tasos-r7-web-modules
2012-11-16 13:52:18 -06:00
jvazquez-r7
0ef41ffcd4
added reporting to the module
2012-11-16 20:05:26 +01:00
jvazquez-r7
d8d2bee6fb
Final cleanup
2012-11-16 19:20:58 +01:00
jvazquez-r7
65c741b539
Merge branch 'sap_soap_th_saprel' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_th_saprel
2012-11-16 19:19:21 +01:00
sinn3r
f784ea65af
Merge branch 'master' into ms12-005_mod
2012-11-16 11:59:41 -06:00
sinn3r
8648d21b3c
Merge branch 'dns_txt_query_exe' of git://github.com/corelanc0d3r/metasploit-framework into corelanc0d3r-dns_txt_query_exe
2012-11-16 11:52:57 -06:00
sinn3r
8375bb8390
Merge branch 'bypassuac_admincheck' of git://github.com/mubix/metasploit-framework into mubix-bypassuac_admincheck
2012-11-16 11:29:09 -06:00
sinn3r
8930d618e3
Merge branch 'invision_pboard_cleanup' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-invision_pboard_cleanup
2012-11-16 11:24:04 -06:00
jvazquez-r7
e8fe6031e9
Let default timeout for send_request_cgi
2012-11-16 18:09:47 +01:00
jvazquez-r7
51f238ec38
up to date
2012-11-16 16:03:09 +01:00
James Lee
83708a5a48
Add a FileDropper mixin for recording cleanup targets
...
Doesn't cover shell sessions yet, so needs a bit more work
2012-11-15 17:52:10 -06:00
Vlatko Kosturjak
c0df3a0407
Remove curly braces
2012-11-15 23:27:25 +01:00
Vlatko Kosturjak
eea85cf2ca
Remove curly braces
2012-11-15 23:26:28 +01:00
Vlatko Kosturjak
836d83a253
Remove curly braces
2012-11-15 23:25:10 +01:00
Vlatko Kosturjak
854bfe09e2
remove curly braces
2012-11-15 23:23:46 +01:00
Vlatko Kosturjak
73d43beff3
Remove EOL spaces
2012-11-15 22:46:22 +01:00
Vlatko Kosturjak
afced2278d
Remove EOL spaces
2012-11-15 22:43:47 +01:00
Vlatko Kosturjak
e479399b5d
Initial import of OpenVAS aux scripts
2012-11-15 22:39:56 +01:00
Vlatko Kosturjak
f7f7c451d3
Initial import of Nexpose aux scripts
2012-11-15 22:35:35 +01:00
Vlatko Kosturjak
1956af7dc1
Initial import of Metasploit RPC aux scripts
2012-11-15 22:32:22 +01:00
Vlatko Kosturjak
bd03a2dcfd
Initial import of Nessus basic aux scripts
2012-11-15 22:28:56 +01:00
David Maloney
de016780b8
Rename the PAYLOAD_TYPE datastore option
...
This datastore option conflicts with a reserved option in Pro causing
this module to fail in Pro.
2012-11-15 14:42:31 -06:00
Rob Fuller
e18acf2103
remove debugging code
2012-11-14 23:56:32 -05:00
Rob Fuller
7d41f1f9a0
add admin already and admin group checks
2012-11-14 23:54:01 -05:00
jvazquez-r7
09ec7dea95
fix check function after speak with egix
2012-11-15 01:34:17 +01:00
jvazquez-r7
3ba3e906d7
added improvements by egix
2012-11-15 01:20:32 +01:00
nmonkee
62f9766e63
made requested changes
2012-11-15 00:00:31 +00:00
James Lee
35a7999b4e
Merge branch 'rapid7' into tasos-r7-web-modules
2012-11-14 17:41:27 -06:00
nmonkee
b9a8791b87
made requested changes
2012-11-14 23:40:20 +00:00
nmonkee
047d6d350a
looks like I committed the wrong file first time round :(
2012-11-14 23:34:21 +00:00
nmonkee
a252dbc5d7
made requested changes
2012-11-14 23:25:25 +00:00
nmonkee
91b81bee4a
made requested changes
2012-11-14 23:19:09 +00:00
nmonkee
308eee7c4f
made requested changes
2012-11-14 23:00:45 +00:00
nmonkee
aa3cd500bb
made requested changes
2012-11-14 22:49:34 +00:00
nmonkee
83215edd8c
made requested changes
2012-11-14 22:38:32 +00:00
nmonkee
c5a017d054
made requested changes
2012-11-14 22:25:10 +00:00
nmonkee
833af3a347
made requested changes
2012-11-14 22:13:06 +00:00
nmonkee
e55e5d2796
made requested changes
2012-11-14 20:12:37 +00:00
sinn3r
af8ac2fbf6
There's a bug here, can you tell?
...
Need to be aware of what happens when no version is captured.
2012-11-14 11:54:59 -06:00
sinn3r
fcad2c3e26
Merge branch 'invision_pboard_cookie_prefix' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-invision_pboard_cookie_prefix
2012-11-14 11:52:58 -06:00
Tod Beardsley
4d633016aa
Merge remote branch 'Meatballs1/smb_login_update'
...
Thus ends our long national nightmare.
2012-11-14 10:13:34 -06:00
Tasos Laskos
8a9f0a0890
Merge remote-tracking branch 'upstream/master' into web-modules
2012-11-14 18:10:41 +02:00
jvazquez-r7
88ea347e40
added cookie prefix check
2012-11-14 16:20:40 +01:00
sinn3r
6b033fb1a8
Only store the password when there's one
2012-11-14 01:25:32 -06:00
jgor
212179b95e
change behavior to explicitly note when password is not set (or enhanced password supercedes it) as opposed to an empty string password
2012-11-13 23:49:45 -06:00
jgor
721cf41f47
fix nil class error on non-lantronix hosts
2012-11-13 23:46:59 -06:00
sinn3r
1546aa6a10
No need to repeat the default values
2012-11-13 18:38:17 -06:00
sinn3r
9054fafb15
Not sure why paths were repeated, but no more.
2012-11-13 18:32:32 -06:00
sinn3r
4675cd873b
Merge branch 'client_system_analyzer_upload' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-client_system_analyzer_upload
2012-11-13 11:21:23 -06:00
Royce Davis
f9b4971fc3
Fixed hard coded paths in psexec on command.rb
2012-11-13 10:28:16 -06:00
jvazquez-r7
fc571b1688
Merge branch 'enum_dirperms_default_path' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-enum_dirperms_default_path
2012-11-13 17:24:53 +01:00
James Lee
bbb2f69b55
Add missing require for PhpExe
2012-11-13 10:17:42 -06:00
sinn3r
ee7e502e89
Merge branch 'impersonate_ssl_tweak' of git://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-impersonate_ssl_tweak
2012-11-13 09:36:28 -06:00
sinn3r
cd257f6cd4
Merge branch 'download_exec' of git://github.com/corelanc0d3r/metasploit-framework into corelanc0d3r-download_exec
2012-11-13 01:48:19 -06:00
sinn3r
7d317e7863
Use PhpEXE, and a check() function
...
Uses the PhpEXE mixin for the payload. And then in the future
we can modify PhpEXE again to allow it to be space-free (problem
being a space is required when you use a function). Also, this
commit has a new check function.
2012-11-13 01:41:26 -06:00
sinn3r
162b5a391a
Merge branch 'invision_pboard_unserialize_exec' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-invision_pboard_unserialize_exec
2012-11-13 00:40:30 -06:00
sinn3r
f707a4774d
Merge branch 'esmnemon-modbus-aux'
2012-11-12 23:42:00 -06:00
sinn3r
aa6ac36abd
Cosmetic changes, mostly
2012-11-12 23:41:31 -06:00
sinn3r
66fe8ade52
Merge branch 'modbus-aux' of git://github.com/esmnemon/metasploit-framework into esmnemon-modbus-aux
2012-11-12 22:40:34 -06:00
sinn3r
e235aadcc0
Sometimes we might not be able to access a dir, be aware of that
2012-11-12 18:59:44 -06:00
sinn3r
862dd18b1c
Merge remote-tracking branch 'upstream/master' into enum_dirperms_default_path
...
Conflicts:
modules/post/windows/gather/enum_dirperms.rb
2012-11-12 18:54:47 -06:00
sinn3r
5270487d81
Add credit
2012-11-12 18:35:32 -06:00
sinn3r
be36083097
Make PATH optional, also correct a filtering bug
...
If the PATH option is not specified, the module will try to
enumerate from %PATH%. Also, this commit fixes a bug in the
filtering routine (basically the filtering routine didn't
really work).
2012-11-12 18:29:56 -06:00
corelanc0d3r
0bf92b5d97
improved payload dns_txt_query_exec
2012-11-13 00:55:32 +01:00
Meatballs1
5c10bc11a8
Fix spacing before -
2012-11-12 23:20:40 +00:00
corelanc0d3r
cad7eb0130
renamed and optimized download_exec payload
2012-11-13 00:02:49 +01:00
Tod Beardsley
dd1da88ff7
Make domain part less stupid looking
2012-11-12 16:54:52 -06:00
Meatballs1
970869b3e4
Retry push
2012-11-12 22:28:44 +00:00
sinn3r
222af8c91d
Fix NoMethodError when check_dir fails to enum the permission
...
See the following for more info:
http://dev.metasploit.com/redmine/issues/7452
2012-11-12 16:27:32 -06:00
Meatballs1
e30ab85549
Fix some outputting issues
2012-11-12 22:25:08 +00:00
sinn3r
72f0a5613f
Add more improvements
2012-11-12 15:40:12 -06:00
sinn3r
8fe3f289bf
Merge branch 'drupal_views_user_enum.rb' of git://github.com/zeknox/metasploit-framework into zeknox-drupal_views_user_enum.rb
2012-11-12 14:48:13 -06:00
Royce Davis
683bcd4b82
Added disconnect method to command.rb
2012-11-12 11:25:12 -06:00
Royce Davis
e57275d3f6
added check cleanup method to command.rb
2012-11-12 09:46:02 -06:00
jvazquez-r7
8e7a748805
thins in place...
2012-11-11 20:19:20 +01:00
jvazquez-r7
5076198ba2
fixing bperry comments
2012-11-11 20:18:19 +01:00
jvazquez-r7
c4f10a1d53
added bid reference
2012-11-11 17:48:57 +01:00
jvazquez-r7
9d3c068da0
added linux target
2012-11-11 17:28:48 +01:00
jvazquez-r7
8619c5291b
Added module for CVE-2012-5076
2012-11-11 17:05:51 +01:00
Chris John Riley
38b25f01f7
Corrected bad coding (sorry)
...
Added OptEnum and OptPath
Checks for nil and empty
Added reference
Made AlterSerial an advanced option instead of always on
2012-11-10 20:24:50 +01:00
Chris John Riley
6482de44e4
Added checks for Extension and Domain
...
Altered error handling on no response
2012-11-10 13:21:41 +01:00
jvazquez-r7
42dd1ee3ff
added module for CVE-2012-5692
2012-11-10 11:35:21 +01:00
Tod Beardsley
1b9d45e106
Test for subdom_list existence first
...
Otherwise, you get
````
[11/09/2012 14:50:38] [e(0)] core: Error running against host
173.236.237.136: can't convert nil into String
````
Other than that, looks good.
[Fixes #851 ]
2012-11-09 15:01:36 -06:00
Tod Beardsley
171ebe13cd
Whitespace fix for vhost_scanner
2012-11-09 14:48:46 -06:00
Tod Beardsley
b1c35fdb24
Merge remote branch 'sempervictus/http_vhost_scanner_from_file'
2012-11-09 14:46:54 -06:00
Tod Beardsley
9a94fef8d0
Merge branch 'llmnr-spoof'
2012-11-09 14:36:04 -06:00
Tod Beardsley
a6fd0fee1c
Fix up notification to not spam or hide
...
Instead of hiding the success notification in vprint, it should print,
but not every time. This fix thottles the notification to ten seconds
per host.
[Fixes #731 ]
2012-11-09 14:31:28 -06:00
Tod Beardsley
6cd5b79b60
Getting rid of Id and Revision
2012-11-09 13:30:14 -06:00
Tod Beardsley
f6c565848e
Resolving conflicted smb_login
2012-11-09 12:55:18 -06:00
Royce Davis
6e257d5f57
Simplify main method
2012-11-09 08:50:09 -06:00
Royce Davis
a889c8ae99
error handling adjustments on loggedin_users.rb
2012-11-09 08:33:05 -06:00
Tasos Laskos
7032ef0f6f
Merge remote-tracking branch 'upstream/master' into web-modules
2012-11-09 00:21:38 +02:00
Chris John Riley
08d56e31e1
recreated in new branch
...
removed space at EOL
2012-11-08 22:38:21 +01:00
Chris John Riley
b75ade746c
Removed EOL spaces
...
Removed unrequired udp_sock.close
2012-11-08 22:26:37 +01:00
jvazquez-r7
21693831ae
Added module for ZDI-11-018
2012-11-08 17:32:42 +01:00
Royce Davis
7ce3859e8c
Fixed a bunch of bull crap in loggedin_users.rb
2012-11-08 09:49:53 -06:00
Royce Davis
0c0d5b10ec
changes loggedin_users.rb
2012-11-08 09:26:17 -06:00
Royce Davis
3bf865456c
Better error handling in loggedin_users
2012-11-08 09:13:33 -06:00
HD Moore
36066f8c78
Catch a few stragglers for double slash
2012-11-08 07:21:37 -06:00
HD Moore
4d2147f392
Adds normalize_uri() and fixes double-slash typos
2012-11-08 07:16:51 -06:00
HD Moore
5ad2749cee
Rework ADDP modules to use the new mixin
2012-11-08 06:40:32 -06:00
HD Moore
0e8a3f0ea6
Merge branch 'master' into feature/udp-scanner-mixin
2012-11-08 06:09:22 -06:00
HD Moore
e008120c11
Bug fixes to the SSDP discovery module
2012-11-08 06:08:49 -06:00
Chris John Riley
da6bf29699
Display message when no response received
2012-11-08 11:59:13 +01:00
James Lee
ac1b60e6db
Remove debug load
2012-11-07 20:00:41 -06:00
Royce Davis
22ecd6afa9
Edit command.rb
2012-11-07 15:17:13 -06:00
Royce Davis
18aab8bcc7
Remove extrat comment lines from command.rb
2012-11-07 15:09:57 -06:00
Royce Davis
d159aa6f9f
Changed error handeling of command.rb module
2012-11-07 15:03:31 -06:00
David Maloney
04a80e0648
Fixes to the WMI setup
2012-11-07 11:26:48 -06:00
David Maloney
208e706307
Module title fixes
2012-11-07 10:33:14 -06:00
nmonkee
92679cd1c8
SAP Web GUI Brute Force
2012-11-07 16:18:00 +00:00
nmonkee
c13f8d8eba
SAP RFC TH_SAPREL
2012-11-07 16:10:09 +00:00
nmonkee
f618000d0d
SAP SOAP RFC SUSR_RFC_USER_INTERFACE (user creation)
2012-11-07 16:04:07 +00:00
nmonkee
2b973263b7
SAP SOAP RFC_Info
2012-11-07 15:17:56 +00:00
nmonkee
509e63268b
SAP SOAP RFC SXPG_CALL_SYSTEM
2012-11-07 15:06:28 +00:00
Royce Davis
ac518f7091
Removed double lines in Author field and general URLs
2012-11-07 08:22:09 -06:00
nmonkee
ddcc0a9592
This module makes use of the SXPG_CALL_SYSTEM Remote Function Call (via SOAP) to execute OS commands as configured in SM69.
2012-11-07 12:48:08 +00:00
nmonkee
e053c4a0ad
This module makes use of the RFC_READ_TABLE Remote Function Call (via SOAP) to read data from tables.
2012-11-07 12:37:01 +00:00
Chris John Riley
fc03fbe881
Initial sip_deregister.rb
2012-11-07 13:35:33 +01:00
nmonkee
3be7ad06c4
Calls the RFC_PING RFC module via SOAP to test the availability of the function. The function simply tests connectivity to remote RFC destinations.
2012-11-07 11:35:53 +00:00
nmonkee
b86bc9f365
SAP SOAP RFC DBMCLI Command Injection (via SXPG_CALL_SYSTEM)
2012-11-07 11:29:16 +00:00
nmonkee
f82b51b2c4
This module calls the RFC BAPI_USER_CREATE1 module (via SOAP). The module can be used for creating/modifying users.
2012-11-07 11:16:31 +00:00
nmonkee
6b7b8f7265
Flipping OptString for OptEnum
2012-11-07 11:00:43 +00:00
nmonkee
d19be3024f
Flipping OptEnum for OptString
2012-11-07 10:58:07 +00:00
nmonkee
51a3aa514d
This module attempts to brute force the username | password via an RFC interface (over SOAP)
2012-11-07 10:45:25 +00:00
Royce Davis
aec4d99549
ran msftidy on command.rb
2012-11-06 16:33:47 -06:00
Royce Davis
9f87b7b674
Removed smb_exec from this branch
2012-11-06 16:18:38 -06:00
Brandon McCann
c4f35def81
fixed vprint_line
2012-11-06 14:58:14 -06:00
Brandon McCann
d835a046ed
fixed drupal_views_user_enum.rb so it displays to stdout and stores to loot
2012-11-06 14:53:11 -06:00
Royce Davis
43ebec22b4
Silly typos
2012-11-06 13:14:07 -06:00
Royce Davis
8c41aca091
Removed some non essential requires from loggedin_users.rb
2012-11-06 09:17:09 -06:00
Royce Davis
e40ab4367a
removed other modules
2012-11-05 21:07:09 -06:00
Royce Davis
74745bdad6
New Module loggedin-users
2012-11-05 21:04:27 -06:00
Royce Davis
30088a410c
fixed junky spacings
2012-11-05 16:59:56 -06:00
Royce Davis
1a4968e6a8
removed hashgrab.rb from this branch
2012-11-05 16:38:58 -06:00
Royce Davis
d5b18114ac
New module loggedin_users.rb
2012-11-05 16:37:13 -06:00
Tod Beardsley
b973927ab2
Msftidy on digi_addp_reboot and pgpass_creds
2012-11-05 16:19:38 -06:00
jvazquez-r7
9166d12179
Merge branch 'WinRM_piecemeal' of https://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-WinRM_piecemeal
2012-11-05 23:08:59 +01:00
Tod Beardsley
70d53b4e2d
Merge remote branch 'jvazquez-r7/emc_networker_format_string'
2012-11-05 16:03:56 -06:00
jvazquez-r7
77b1e9e648
added comment about ropdb
2012-11-05 23:02:23 +01:00
Tod Beardsley
e385aad9e5
Merge remote branch 'jvazquez-r7/emc_networker_format_string'
2012-11-05 16:02:18 -06:00
HD Moore
aa8549fb6b
Correct use of rport.
2012-11-05 15:57:59 -06:00
Tod Beardsley
23cc2bd1a1
Merge remote branch 'origin/master'
2012-11-05 15:56:21 -06:00
Tod Beardsley
6a4d398b5d
Merge remote branch 'origin/feature/addp-modules'
2012-11-05 15:55:30 -06:00
jvazquez-r7
0f5f5f966b
Merge branch 'master' into feature/realport-modules
2012-11-05 22:52:38 +01:00
David Maloney
9d5ab5a66f
Stupid typing error
2012-11-05 15:41:47 -06:00
David Maloney
314026ed0e
Some error checking and fixups
2012-11-05 13:29:57 -06:00
Royce Davis
3236b4c425
New module hashgrab.rb
2012-11-05 12:06:51 -06:00
Royce Davis
a31606e196
New module ntdsgrab.rb
2012-11-05 12:05:16 -06:00
Royce Davis
0b940d8087
New module command.rb
2012-11-05 12:03:51 -06:00
Royce Davis
aa6e8c7437
smb_exec
2012-11-05 11:46:39 -06:00
Royce Davis
a9db705b60
New module for submission smb_exec
2012-11-05 11:45:03 -06:00
Royce Davis
b4872c1c48
Submiting module smb_exec to MSF
2012-11-05 11:37:10 -06:00
David Maloney
7c141e11c4
Hopefully final touches
...
Some smftidy cleanup, and added a method to check that the payload is
the correct arch when using the powershell method
2012-11-05 10:06:57 -06:00
jvazquez-r7
04668c7d61
fix response codes check to avoid second tries to fail
2012-11-05 09:26:26 +01:00
HD Moore
dccfb63bd6
Cleanup based on PR #1008 feedback
2012-11-04 22:47:56 -06:00
HD Moore
36f82fba09
Remove unused version fields from template
2012-11-04 22:38:31 -06:00
David Maloney
25a6e983a1
Remove the older modules
2012-11-04 14:48:34 -06:00
David Maloney
fca8208171
Some minor code cleanup
2012-11-04 14:45:15 -06:00
David Maloney
f69ccc779f
Unified smarter module
2012-11-04 13:14:02 -06:00
David Maloney
c30ada5eac
Adds temp vbs mod and tweaked decoder stub
2012-11-04 12:49:15 -06:00
HD Moore
910a91a0f6
First commit of a udp_mixin and modified scanners
2012-11-04 01:13:38 -05:00
HD Moore
963fdd6430
Initial commit for Digi RealPort modules
2012-11-03 17:44:53 -05:00
jvazquez-r7
88c99161b4
added universal target
2012-11-03 18:52:07 +01:00
jvazquez-r7
9576d26299
Merge branch 'bitweaver_traversal' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-bitweaver_traversal
2012-11-03 18:25:46 +01:00
jvazquez-r7
b8eea1007f
Added module for CVE-2012-2288 EMC Networker Format String
2012-11-03 18:17:12 +01:00
sinn3r
10cccb34d8
Uh... I don't want that print_line(). Forgot to remove it.
2012-11-03 05:18:17 -05:00
sinn3r
4415849009
Another attempt to fix the regex
2012-11-03 05:17:32 -05:00
HD Moore
80ebcf212a
See PR #981.Only real change is to retry on ENOBUF
2012-11-02 23:05:16 -05:00
sinn3r
d449052472
Make <br /> tag optional
2012-11-02 18:25:48 -05:00
sinn3r
45dce9ff76
Modify regex
2012-11-02 16:44:27 -05:00
HD Moore
0d6acad1a0
Updates for PR #981 (cleanup)
2012-11-02 15:47:52 -05:00
HD Moore
0bf5f63d67
Merge branch 'master' into feature/addp-modules
2012-11-02 15:41:03 -05:00
sinn3r
d4fc99e40c
Merge branch 'ms10_104_100_continue_support' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ms10_104_100_continue_support
2012-11-02 15:16:35 -05:00
sinn3r
1d26491b77
Ok... last fix, really
2012-11-02 15:09:30 -05:00
sinn3r
a161c1faa0
Final changes
2012-11-02 15:06:51 -05:00
sinn3r
ea5dc940d2
Move module to the correct directory
2012-11-02 14:52:28 -05:00
sinn3r
a9db59feb7
Cosmetic changes, mostly
2012-11-02 14:52:02 -05:00
sinn3r
51b15d8c09
Merge branch 'concrete5_member_list' of git://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-concrete5_member_list
2012-11-02 14:43:49 -05:00
sinn3r
00d0dc3e4d
Add CVE-2012-5192 - Bitweaver overlay_type module
2012-11-02 14:20:20 -05:00
sinn3r
38518478bd
Format/msftidy fixes
2012-11-02 11:24:34 -05:00
Chris John Riley
891ad4685c
$Id and $Revision
2012-11-02 11:24:34 -05:00
Chris John Riley
954ccf1ca1
Added ability to set extension on target
2012-11-02 11:24:33 -05:00
Chris John Riley
01b13480cb
Added concrete5.org references
2012-11-02 16:45:41 +01:00
Chris John Riley
f3e03ddb42
Concrete5 CMS member list scanner
2012-11-02 16:32:34 +01:00
David Maloney
ffca972075
Opps mispalced line
2012-11-02 09:34:32 -05:00
David Maloney
355bdbfa39
Add check for propper powershell version
2012-11-02 09:33:28 -05:00
sinn3r
4f47865636
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-11-02 01:16:54 -05:00
sinn3r
42b285c7f6
Merge branch '403labs-post-pgpass_creds'
2012-11-02 01:16:37 -05:00
sinn3r
1a162d7dd9
Use Rex table, fix 1.8 syntax issues, format fixes
2012-11-02 01:15:47 -05:00
sinn3r
c11779a144
Merge branch 'post-pgpass_creds' of git://github.com/403labs/metasploit-framework into 403labs-post-pgpass_creds
2012-11-01 22:50:17 -05:00
Tod Beardsley
b1b85bee44
Actually require PhpEXE mixin.
2012-11-01 14:53:18 -05:00
Tasos Laskos
37a9c13c34
updated auxiliary/scanner/http/crawler to accept a callback for each page
2012-11-01 21:20:56 +02:00
David Maloney
f843740fcb
more fixes
2012-11-01 11:59:18 -05:00
jvazquez-r7
22fbfb3601
cleanup
2012-11-01 17:38:04 +01:00
jvazquez-r7
e720769747
Added module for ZDI-12-171
2012-11-01 17:17:45 +01:00
David Maloney
aeb837838f
typo
2012-11-01 11:03:50 -05:00
David Maloney
84c8660c96
Fix targets to be more specific
2012-11-01 11:00:45 -05:00
David Maloney
0eccfaf1bb
Add a disclosure date
2012-11-01 10:24:28 -05:00
David Maloney
59f5d9bc5d
Man i'm rusty at writing for framework
...
Fixes up all sinn3r's findings so far
2012-11-01 08:37:21 -05:00
David Maloney
00b9fb3c90
Switc smart mgirate to post mod as it should be
2012-10-31 17:03:49 -05:00
David Maloney
dd7ab11e38
Minor cleanup
2012-10-31 16:14:34 -05:00
David Maloney
86f6d59d2e
Adding the winrm powershell exploit
...
also adds the smart_migrate meterp script for autorun purposes
2012-10-31 15:46:11 -05:00
David Maloney
86bf3d63b7
Updated Encryption comments
2012-10-31 15:25:33 -05:00
David Maloney
7cf7563a87
Merge branch 'upstream-master' into WinRM_piecemeal
2012-10-31 15:23:32 -05:00
sinn3r
9736d35230
Fix syntax error
2012-10-31 15:14:46 -05:00
sinn3r
98c1272b92
Update the description about AllowUnencrypted
2012-10-31 15:14:46 -05:00
David Maloney
8711484438
minor fixups
2012-10-31 15:14:46 -05:00
David Maloney
09195ad9a7
Adds the WQL execution module
2012-10-31 15:14:46 -05:00
David Maloney
d2d137ce68
adds the WinRM CMD execution module
2012-10-31 15:10:45 -05:00
m m
e170c1e3e3
typo in centos5 range
2012-10-31 18:28:26 +01:00
m m
f7481b160c
add centos5 target
2012-10-31 18:21:41 +01:00
jvazquez-r7
ef0f415c51
related to #980 adds support for HttpClient
2012-10-31 17:46:57 +01:00
jvazquez-r7
91e6b7cd28
added ie8 target
2012-10-31 11:57:38 +01:00
jvazquez-r7
a3358a471f
Merge branch 'aladdin_bof' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-aladdin_bof
2012-10-31 11:57:20 +01:00
esmnemon
81e56663fd
a few ruby cleanups
2012-10-31 09:59:47 +01:00
sinn3r
ec8a2955e1
Add OSVDB-86723 Aladdin Knowledge System ChooseFilePath Bof
2012-10-31 03:32:43 -05:00
jvazquez-r7
a2fd377326
module cleanup
2012-10-31 09:20:00 +01:00
jvazquez-r7
38a9761d6e
Merge branch 'ntp_readvars' of https://github.com/crashbrz/metasploit-framework into crashbrz-ntp_readvars
2012-10-31 09:06:31 +01:00
Ewerson Guimaraes (Crash)
ffe8a980f4
NTP Module - Remove [WARNING] Carriage return EOL
2012-10-30 22:25:23 -02:00
Ewerson Guimaraes (Crash)
b085e8ed73
Revert "Update NTP Module"
...
This reverts commit 8fd34a4475
.
2012-10-30 21:43:21 -02:00
Ewerson Guimaraes (Crash)
8fd34a4475
Update NTP Module
...
Changed the branche and remove CR
2012-10-30 21:08:01 -02:00
jvazquez-r7
357fd1b955
add peer info to print_error message
2012-10-30 17:47:17 +01:00
jvazquez-r7
201f7766d8
Merge branch 'clansphere_lfi_read' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-clansphere_lfi_read
2012-10-30 17:45:45 +01:00
sinn3r
a636971b71
Change error message
2012-10-30 11:39:25 -05:00
m m
3e3c518753
remove SessionTypes as per egypt
2012-10-30 17:13:57 +01:00
David Maloney
d3bb2b4891
minor fixups
2012-10-30 11:08:57 -05:00
sinn3r
3f3e6814a3
Make sure no extra '/' in there
2012-10-30 10:40:56 -05:00
jvazquez-r7
26808093d8
Merge branch 'nil_res_bug_fixes' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-nil_res_bug_fixes
2012-10-30 16:18:05 +01:00
David Maloney
736b8354d8
Merge branch 'upstream-master' into WinRM_piecemeal
2012-10-30 09:15:36 -05:00
David Maloney
c91f0ca535
Adds the WQL execution module
2012-10-30 09:13:55 -05:00
jvazquez-r7
5e873d0697
adding peer information to error message
2012-10-30 12:15:01 +01:00
jvazquez-r7
196d53aee4
Merge branch 'manageengine_traversal' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-manageengine_traversal
2012-10-30 12:12:04 +01:00
Zach Grace
5c27c9c953
Added a print_good from the results of store_loot
2012-10-29 15:18:13 -05:00
Zach Grace
eda5e8a12f
Changed platform type from windows to win and fixed an indentation error.
2012-10-29 14:23:50 -05:00
sagishahar
53c7479d70
Add Windows 8 support
...
Verified with Windows 8 Enterprise Evaluation
2012-10-29 20:12:47 +02:00
sagishahar
8c46c59142
Add support to Windows 8
...
Verified with Windows 8 Enterprise Evaluation
2012-10-29 20:11:27 +02:00
sinn3r
c878b9077b
Rename the DeviceExpert module to avoid confusion
2012-10-29 12:25:07 -05:00
sinn3r
2a202e9035
Add OSVDB-86563 ManageEngine SecurityManager dir traversal
2012-10-29 12:23:48 -05:00
m m
3855ba88b1
add meterpreter/command support to samba exploit using ROP
2012-10-29 17:33:00 +01:00
Tod Beardsley
5c0fb2789f
Merge branch 'module-metasploit-pcaplog-privesc' into rapid7-master
2012-10-29 11:32:32 -05:00
Tod Beardsley
65e27ff38a
Warn about the potential to jack up /etc/passwd
...
This needs to be underlined. It's too easy to wang up /etc/passwd by
accident.
This closes PR #632
[Fixes #38593685 ]
2012-10-29 11:28:27 -05:00
Tod Beardsley
5e80e19a4e
Msftidy complaint about EOL spaces
2012-10-29 11:08:03 -05:00
jvazquez-r7
0e3bc7d060
hp operations agent mods: fix use of pattern_create, use ropdb
2012-10-29 15:45:40 +01:00
sinn3r
2c4273e478
Correct some modules with res nil
2012-10-29 04:41:30 -05:00
sinn3r
34731c3e0a
Add OSVDB-86720 - Clansphere dir traversarl
2012-10-29 03:44:22 -05:00
HD Moore
3a42eb3f73
New modules and library for the ADDP protocol
2012-10-28 23:04:18 -05:00
sinn3r
9f9ee8a29e
Merge branch 'post-pgpass_creds' of git://github.com/403labs/metasploit-framework into 403labs-post-pgpass_creds
2012-10-28 18:18:15 -05:00
Vlatko Kosturjak
ce82b37289
Few removals of unneccessary zero bytes in sc
2012-10-28 21:22:33 +01:00
esmnemon
b44ec34bfd
renamed modbusFindunitID.rb to modbus_findunitid.rb
2012-10-28 15:11:10 +01:00
jvazquez-r7
19920b3275
update module titles for hp operation agent vulns
2012-10-28 02:38:39 +01:00
sinn3r
675e5c0bb5
Merge branch 'modbus-aux' of git://github.com/esmnemon/metasploit-framework into esmnemon-modbus-aux
2012-10-27 18:55:55 -05:00
sinn3r
7a1c3e7cf6
Merge branch 'dmaloney-r7-WinRM_piecemeal'
2012-10-27 18:55:24 -05:00
sinn3r
4e6b5393c5
Merge branch 'manage_engine_sqli' of git://github.com/wchen-r7/metasploit-framework into wchen-r7-manage_engine_sqli
2012-10-27 18:53:47 -05:00
sinn3r
320a23286a
Merge branch 'warnings' of git://github.com/wchen-r7/metasploit-framework into wchen-r7-warnings
2012-10-27 18:52:34 -05:00
sinn3r
7db7f1bfdf
Merge branch 'turboftp_update' of git://github.com/corelanc0d3r/metasploit-framework into corelanc0d3r-turboftp_update
2012-10-27 18:51:41 -05:00
sinn3r
5c23e0af7b
Merge branch 'smbversion-domain-notes' of git://github.com/zombieCraig/metasploit-framework into zombieCraig-smbversion-domain-notes
2012-10-27 18:48:48 -05:00
sinn3r
c015372ce0
Merge branch 'hp_operations_agent_coda_8c' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_operations_agent_coda_8c
2012-10-27 18:45:36 -05:00
jvazquez-r7
73deeacd7e
deleted unnecessary http headers according to my tests
2012-10-28 00:52:52 +02:00
jvazquez-r7
b4b1b77a77
deleted unnecessary http headers according to my tests
2012-10-28 00:51:18 +02:00
jvazquez-r7
51bc806014
Added module for CVE-2012-2019
2012-10-27 22:45:37 +02:00
jvazquez-r7
bcb80431d6
Added module for CVE-2012-2020
2012-10-27 22:43:16 +02:00
zombieCraig
164321a5ed
Add Domain notes to smb_version
2012-10-26 11:56:14 -04:00
Zach Grace
3746a3ef64
adding pgpass_creds post module
2012-10-25 21:30:54 -05:00
David Maloney
b15c38f819
Fix output to display ip:port
2012-10-25 19:57:29 -05:00
David Maloney
fb7af536d5
wtf, bad metadata
...
Removed extraneous references section
2012-10-25 10:16:12 -05:00
esmnemon
4ae482b71c
added a fix for modbusdetect.rb and a new utility modbusFindunitID.rb
2012-10-25 13:17:17 +02:00
David Maloney
bfbae5fbb7
Merge branch 'upstream-master' into WinRM_piecemeal
...
Conflicts:
lib/msf/core/exploit/winrm.rb
2012-10-24 14:12:28 -05:00
corelanc0d3r
b48e355a6d
fixed typo and defined badchars
2012-10-24 20:04:54 +02:00
David Maloney
a15c35091d
Add the WinRM login module
2012-10-24 11:25:39 -05:00
0a2940
2f0c2d76ea
remove load statements
2012-10-24 11:01:26 +02:00
0a2940
32ddd981eb
linux_kernel mixin not required
2012-10-24 10:58:09 +02:00
0a2940
6d5da1662b
Update modules/post/multi/escalate/metasploit_pcaplog.rb
...
Stance is now passive
2012-10-24 10:55:48 +02:00
sinn3r
ede5d0f46b
This is meant to be a warning, so we use print_warning
2012-10-24 00:55:54 -05:00
sinn3r
799c22554e
Warn user if a file/permission is being modified during new session
2012-10-24 00:54:17 -05:00
sinn3r
f1423bf0b4
If a message is clearly a warning, then use print_warning
2012-10-24 00:44:53 -05:00
sinn3r
b3e02f119c
Merge branch 'payload_ambiguity' of git://github.com/bonsaiviking/metasploit-framework into bonsaiviking-payload_ambiguity
2012-10-23 22:30:47 -05:00
sinn3r
8eb790f62c
Final touchup
2012-10-23 19:46:09 -05:00
sinn3r
f9bb910c3b
Make the check() try SQLI
2012-10-23 19:42:36 -05:00
sinn3r
8c5a73bb7f
Change exception handling
2012-10-23 19:34:12 -05:00
sinn3r
90542547c6
Add auto-target, and some changes to cleanup
2012-10-23 19:07:13 -05:00
sinn3r
18fb30074a
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-10-23 16:33:38 -05:00
sinn3r
77c8548855
Merge branch 'dmaloney-r7-WinRM_piecemeal'
2012-10-23 16:33:16 -05:00
Tod Beardsley
be9a954405
Merge remote branch 'jlee-r7/cleanup/post-requires'
2012-10-23 15:08:25 -05:00
Michael Schierl
910644400d
References EDB cleanup
...
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
sinn3r
22223d5d81
Better cleanup abilities
2012-10-23 13:58:19 -05:00
Michael Schierl
21f6127e29
Platform windows cleanup
...
Change all Platform 'windows' to 'win', as it internally is an alias
anyway and only causes unnecessary confusion to have two platform names
that mean the same.
2012-10-23 20:33:01 +02:00
James Lee
9c95c7992b
Require's for all the include's
2012-10-23 13:24:05 -05:00
sinn3r
4c41319c7c
Remove unused vars
2012-10-23 12:55:43 -05:00
sinn3r
bef4539915
Update description
2012-10-23 12:47:46 -05:00
sinn3r
3ff888a5c0
Move to 'multi' because it supports windows and linux
2012-10-23 12:41:51 -05:00
sinn3r
5f088fa718
Remove default platform
2012-10-23 12:41:17 -05:00
sinn3r
e05d353e8a
Add Linux support
2012-10-23 12:40:13 -05:00
Daniel Miller
8deead3bd2
Fix payload ambiguity with php/bind_tcp_ipv6 stager
...
Was seeing this in framework.log:
[w(0)] core: The module php/meterpreter/bind_tcp is ambiguous with
php/meterpreter/bind_tcp.
Added handler_type_alias based on windows/bind_ipv6_tcp stager.
2012-10-23 12:31:14 -05:00
sinn3r
bc3472a9b9
Randomize variable names
2012-10-23 11:41:53 -05:00
sinn3r
923ffe277d
Write EXE to JSP instead of using a TCPServer
2012-10-23 11:32:09 -05:00
sinn3r
33ce74fe8c
Merge branch 'msftidy-1' of git://github.com/schierlm/metasploit-framework into schierlm-msftidy-1
2012-10-23 02:10:56 -05:00
sinn3r
e5ec51a780
Rename file for consistency
2012-10-23 02:05:55 -05:00
sinn3r
669d22c917
Final improvements
2012-10-23 02:05:08 -05:00
David Maloney
2335c582c3
Null response handling
2012-10-23 00:25:31 -05:00
sinn3r
5072156df6
Designed specifically for Windows, so let's move to Windows
...
Plus additional fixes
2012-10-22 23:01:58 -05:00
sinn3r
2484bb02cf
Add the initial version of the module
...
From EDB.
2012-10-22 22:41:30 -05:00
James Lee
b2db3e133d
Rescue when the service is crashed
...
Failed exploit attempts leave the service in a state where the port is
still open but login attmempts reset the connection. Rescue that and
give the user an indication of what's going on.
2012-10-22 17:57:30 -05:00
Tod Beardsley
a9def564e7
Add a missing post require
2012-10-22 17:18:14 -05:00
David Maloney
e08cedec2e
Requested revisions/cleanup
...
minor fixes to spacing, some typos, and abse64 switched to Rex
2012-10-22 17:01:00 -05:00
Rob Fuller
7437d9844b
standardizing author info
2012-10-22 17:01:58 -04:00
Michael Schierl
5b18a34ad4
References cleanup
...
Uppercase MSB, spaces in URLs.
2012-10-22 22:37:01 +02:00
Michael Schierl
f9ac55c221
Infohash key cleanups
...
Replace obvious typos in infohash keys. Note that this *does*
affect the behaviour as those keys have been ignored before.
2012-10-22 21:24:36 +02:00
James Lee
12de87e682
Merge branch 'rapid7' into mubix-remove_delicious
...
[Closes #946 ]
2012-10-22 14:18:05 -05:00
Michael Schierl
e9f7873afc
Version cleanup
...
Remove all values that are neither 0 nor $Revision$.
2012-10-22 20:57:02 +02:00
Rob Fuller
49948faa9b
remove non-functional enum_delicious module
2012-10-22 14:46:52 -04:00
Michael Schierl
04a6021631
Privileged cleanup: auxiliary modules can't
2012-10-22 20:36:49 +02:00
Michael Schierl
39e81d3e53
Arch/Platform cleanup: aux modules need neither
2012-10-22 20:28:02 +02:00
Michael Schierl
e769abc868
Platform cleanup: platform should be lowercase
2012-10-22 20:14:39 +02:00
Michael Schierl
657d527f8d
DisclosureDate cleanup: Try parsing all dates
...
Fix all dates unparsable by `Date.strptime(value, '%b %d %Y')`
2012-10-22 20:04:21 +02:00
Michael Schierl
70ac7c8345
Author cleanup: fix unmatched angle brackets
2012-10-22 19:45:27 +02:00
Michael Schierl
d337d5204b
Author cleanup: One module did not have an author
2012-10-22 18:38:18 +02:00
sinn3r
469f04d3c4
Merge branch 'mubix-dns_postmods'
2012-10-22 02:04:46 -05:00
sinn3r
a3c86f386b
Merge branch 'dns_postmods' of git://github.com/mubix/metasploit-framework into mubix-dns_postmods
2012-10-22 01:57:21 -05:00
Rob Fuller
d5bb7b1e5b
Fix all-inclusive rescue on resolve_hostname as well
2012-10-22 02:32:51 -04:00
Rob Fuller
6a281b22c4
Fix all-inclusive rescue per @wchen-r7 suggestion
2012-10-22 02:22:56 -04:00
sinn3r
997d5b9a22
Merge branch 'post_enum_proxy' of git://github.com/mubix/metasploit-framework into mubix-post_enum_proxy
2012-10-22 00:45:06 -05:00
sinn3r
716f4ab3d2
Merge branch 'post_clone_proxy' of git://github.com/mubix/metasploit-framework into mubix-post_clone_proxy
2012-10-22 00:41:36 -05:00
sinn3r
e6df113a05
Merge branch 'dns_postmods' of git://github.com/mubix/metasploit-framework into mubix-dns_postmods
2012-10-21 23:44:50 -05:00
Rob Fuller
84d1c2315c
change to OptPath
2012-10-21 22:27:20 -04:00
sinn3r
ad9946689e
Update description
2012-10-21 16:40:01 -05:00
sinn3r
1821c11369
Code cleanup
2012-10-21 16:40:01 -05:00
sinn3r
c404b72d08
Doesn't make a lot of sense setting DefaultTarget to an older one
2012-10-21 16:40:01 -05:00
lincoln@corelan.be
c7d12d94b7
turboftp exploit
2012-10-21 16:40:00 -05:00
Rob Fuller
5f99f27899
add proxy setting cloning module
2012-10-21 03:13:35 -04:00
Rob Fuller
86c73e92d4
Add ability to remotely start registry for read
2012-10-21 01:34:34 -04:00
Rob Fuller
431dc31eac
proxy parsing post module
2012-10-20 23:25:40 -04:00