72d9587a50
DbVisualizer stores the user database configuration in dbvis.xml
...
This module retrieves the connections settings from this file
2014-07-14 20:08:48 +02:00
667b1363f3
Delete dbvis_enum.rb
2014-07-14 10:57:53 +02:00
0ef0f6aae1
Update dbvis_enum.rb
2014-07-14 10:54:43 +02:00
bcbb0b4fde
dbvis connections gathering
...
DbVisualizer stores the user database configuration in dbvis.xml.
This module retrieves the connections settings from this file.
2014-07-14 10:49:20 +02:00
1b7008dafa
typo in name
2014-07-13 13:24:54 +02:00
2fd7bcf8bf
Land #3514 , report_note for scraper
2014-07-11 17:17:10 -05:00
5d833cbb16
http_header report_note remove to_s
2014-07-11 17:14:45 -05:00
7e9eb84531
http_header report_note remove brackets, move rport
2014-07-11 17:14:45 -05:00
a8ec733a3a
Interpolate all the things!
2014-07-11 17:14:09 -05:00
4abe856fc1
Rescue http_header notes from getting truncated
...
Seems that only one header line gets added to host notes, and the rest are thrown away. This adds the counter number to the type string, so that each header line entry is unique and correctly saved. I also added port in case you want headers from several ports on one host without the previous getting overwritten.
(scanning shodanhq.com)
----BEFORE----
msf auxiliary(http_header) > run -j
[*] Auxiliary module running as background job
msf auxiliary(http_header) >
[*] 162.159.245.38:80: requesting / via HEAD
[*] 162.159.245.38:80: deleted header Expires
[*] 162.159.245.38:80: CF-RAY: 1485d013ca880773-EWR
[*] 162.159.245.38:80: CACHE-CONTROL: max-age=15
[*] 162.159.245.38:80: CONNECTION: keep-alive
[*] 162.159.245.38:80: CONTENT-TYPE: text/html; charset=UTF-8
[*] 162.159.245.38:80: DATE: Fri, 11 Jul 2014 14:50:20 GMT
[*] 162.159.245.38:80: SERVER: cloudflare-nginx
[*] 162.159.245.38:80: SET-COOKIE: __cfduid=d3914e07fc681306bb53129adb3e6b1d41405090220122; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; HttpOnly
[+] 162.159.245.38:80: detected 7 headers
[*] Scanned 1 of 1 hosts (100% complete)
msf auxiliary(http_header) > notes
[*] Time: 2014-07-11 14:50:19 UTC Note: host=162.159.245.38 type=HTTP header data="SET-COOKIE: __cfduid=d3914e07fc681306bb53129adb3e6b1d41405090220122; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; HttpOnly"
msf auxiliary(http_header) >
----AFTER----
msf auxiliary(http_header) > run -j
[*] Auxiliary module running as background job
msf auxiliary(http_header) >
[*] 162.159.245.38:80: requesting / via HEAD
[*] 162.159.245.38:80: CF-RAY: 14869ad5c0970f57-FRA
[*] 162.159.245.38:80: CACHE-CONTROL: max-age=15
[*] 162.159.245.38:80: CONNECTION: keep-alive
[*] 162.159.245.38:80: CONTENT-TYPE: text/html; charset=UTF-8
[*] 162.159.245.38:80: DATE: Fri, 11 Jul 2014 17:08:45 GMT
[*] 162.159.245.38:80: EXPIRES: Fri, 11 Jul 2014 17:09:00 GMT
[*] 162.159.245.38:80: SERVER: cloudflare-nginx
[*] 162.159.245.38:80: SET-COOKIE: __cfduid=db2918126c4b49780b4669e88b72580521405098525082; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; HttpOnly
[+] 162.159.245.38:80: detected 8 headers
[*] Scanned 1 of 1 hosts (100% complete)
msf auxiliary(http_header) > notes
[*] Time: 2014-07-11 17:08:44 UTC Note: host=162.159.245.38 type=http.80.header.0 data="CF-RAY: 14869ad5c0970f57-FRA"
[*] Time: 2014-07-11 17:08:44 UTC Note: host=162.159.245.38 type=http.80.header.1 data="CACHE-CONTROL: max-age=15"
[*] Time: 2014-07-11 17:08:44 UTC Note: host=162.159.245.38 type=http.80.header.2 data="CONNECTION: keep-alive"
[*] Time: 2014-07-11 17:08:44 UTC Note: host=162.159.245.38 type=http.80.header.3 data="CONTENT-TYPE: text/html; charset=UTF-8"
[*] Time: 2014-07-11 17:08:44 UTC Note: host=162.159.245.38 type=http.80.header.4 data="DATE: Fri, 11 Jul 2014 17:08:45 GMT"
[*] Time: 2014-07-11 17:08:44 UTC Note: host=162.159.245.38 type=http.80.header.5 data="EXPIRES: Fri, 11 Jul 2014 17:09:00 GMT"
[*] Time: 2014-07-11 17:08:44 UTC Note: host=162.159.245.38 type=http.80.header.6 data="SERVER: cloudflare-nginx"
[*] Time: 2014-07-11 17:08:44 UTC Note: host=162.159.245.38 type=http.80.header.7 data="SET-COOKIE: __cfduid=db2918126c4b49780b4669e88b72580521405098525082; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; HttpOnly"
msf auxiliary(http_header) >
2014-07-11 17:14:09 -05:00
6ef69b4014
scraper report_note, remove eol whitespace
2014-07-11 21:21:56 +02:00
ad46c37988
scraper report_note, remove unnecessary to_s
2014-07-11 21:08:35 +02:00
7a7d149dc5
scraper report_note, change note type string
2014-07-11 21:01:20 +02:00
e5d7dae016
Land #3513 , Author name fixups from @jvazquez-r7
2014-07-11 13:58:38 -05:00
b09fab13f0
Fix one flubbed author address
2014-07-11 13:50:37 -05:00
8b302cd472
Add report_note to scraper.rb
...
Just a suggestion. I always personally modify this. I use it to scrape titles often, and i prefer it to be saved in notes rather than wmap results, because i find it easier to search and automatically add results to rhosts.
2014-07-11 20:31:46 +02:00
b834e7d3cb
Update scraper.rb
2014-07-11 20:20:40 +02:00
da67a63ad0
Add report_note to scraper.rb
...
Just a suggestion. I always personally modify this. I use it to scrape titles often, and i prefer it to be saved in notes rather than wmap results, because i find it easier to search and automatically add results to rhosts.
2014-07-11 20:07:48 +02:00
8937fbb2f5
Fix email format
2014-07-11 12:45:23 -05:00
79603c9a73
Land #3505 , a bunch o' Linux post module fixes
2014-07-11 12:39:31 -05:00
eb9d2f130c
Change title
2014-07-11 12:03:09 -05:00
a356a0e818
Code cleanup
2014-07-11 12:00:31 -05:00
6fd1ff6870
Merge master
2014-07-11 11:40:39 -05:00
d637171ac0
Change module filename
2014-07-11 11:39:32 -05:00
c55117d455
Some cleanup
2014-07-11 11:39:01 -05:00
a7a700c70d
Land #3502 , @m-1-k-3's DLink devices HNAP Buffer Overflow CVE-2014-3936
2014-07-11 11:25:03 -05:00
b9cda5110c
Add target info to message
2014-07-11 11:24:33 -05:00
dea68c66f4
Update title and description
2014-07-11 10:38:53 -05:00
f238c2a93f
change module filename
2014-07-11 10:30:50 -05:00
f7d60bebdc
Do clean up
2014-07-11 10:28:31 -05:00
43f41de124
Land #3508 , CVE-2014-4671 Flash JSONP disclosure
2014-07-11 10:11:48 -05:00
8f3197c192
Land #3496 , @m-1-k-3's switch to CmdStager on dlink_upnp_exec_noauth
2014-07-11 09:50:57 -05:00
4ea2daa96a
Minor cleanup
2014-07-11 09:50:22 -05:00
51cfa168b1
Fix deprecation information
2014-07-11 09:47:30 -05:00
46f5282fd3
Land #3455 , @m-1-k-3's exploit for DLink UPNP M-Search Command Injection
2014-07-11 09:39:05 -05:00
611b8a1b6d
Modify title and ranking
2014-07-11 09:35:21 -05:00
a9b92ee581
Change module filename
2014-07-11 09:17:56 -05:00
36c6e74221
Do minor fixes
2014-07-11 09:17:34 -05:00
b8225ae2dc
Remove unnecessary ||= and ivars.
2014-07-10 16:06:28 -05:00
e0389dfbc3
Update code as per @wvu's code review.
2014-07-10 15:03:40 -05:00
109201a5da
little auto detect fix
2014-07-10 20:45:49 +02:00
781149f13f
little auto detect fix
2014-07-10 20:40:39 +02:00
dd439066ca
Patch rhost to display hostname of JSONP_URL.
2014-07-10 12:02:22 -05:00
bcec2df0a4
Fix Meterpreter PHP hop description
2014-07-10 11:35:48 -05:00
841cb6a590
STEAL_URL -> STEAL_URLS.
2014-07-10 09:14:32 -05:00
fad30bc874
Add flash rosetta exploit module for stealing URLs.
2014-07-10 09:09:10 -05:00
f068006f05
auto target
2014-07-09 21:53:11 +02:00
6a765ae3b0
small cleanup
2014-07-09 21:16:29 +02:00
0674314c74
auto target included
2014-07-09 20:56:04 +02:00
b4812c1b7d
auto target included
2014-07-09 20:53:24 +02:00
David Bloom
Michael Messner
William Vu
nodeofgithub
Tod Beardsley
jvazquez-r7
joev