Matt Andreko
29cb4b1008
Merge remote-tracking branch 'upstream/master' into xbmc
2013-02-21 15:25:37 -05:00
Royce Davis
ac50c32d51
Tested, works on server 2k8
2013-02-20 10:02:50 -06:00
David Maloney
0ae489b37b
last of revert-merge snaffu
2013-02-19 23:16:46 -06:00
sinn3r
92093cd7d8
There's no HttpClient, so it shouldn't be using normalize_uri
2013-02-19 15:04:18 -06:00
James Lee
4703278183
Move SMB mixins into their own directory
2013-02-19 12:55:06 -06:00
James Lee
ede804e6af
Make psexec mixin a bit better
...
* Removes copy-pasted code from psexec_command module and uses the mixin
instead
* Uses the SMB protocol to delete files rather than psexec'ing to call
cmd.exe and del
* Replaces several instances of "rescue StandardError" with better
exception handling so we don't accidentally swallow things like
NoMethodError
* Moves file reading and existence checking into the Exploit::SMB mixin
2013-02-19 12:33:19 -06:00
James Lee
49f00acc11
Fix nil deref when dnsdomain is empty
2013-02-19 11:24:05 -06:00
Chris John Riley
d49797267e
Correct SAP Table Name
2013-02-19 11:20:49 +01:00
Chris John Riley
358b2f5783
Added module credit as this has turned into a rewrite ;)
2013-02-19 11:15:04 +01:00
Chris John Riley
f3cf8ad1b9
Whitespace EOL
2013-02-19 11:13:33 +01:00
Chris John Riley
a75bae927d
Replaced report_note and table output with single function
...
Added proposed extract data function (HDM)
2013-02-19 11:12:12 +01:00
Chris John Riley
d4011227e3
Made suitable changes to original module also (only report on non empty response)
2013-02-19 09:43:36 +01:00
Chris John Riley
4170a85d8a
Added logic to only report when value is present
2013-02-19 09:42:13 +01:00
jvazquez-r7
ec5c8e3a88
Merge branch 'dlink-dir300-600-execution' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink-dir300-600-execution
2013-02-16 19:12:42 +01:00
jvazquez-r7
a19da61177
deleting trailing comma
2013-02-16 00:53:28 +01:00
jvazquez-r7
829cf0f076
name changed to dns_srv_enum
2013-02-15 16:20:55 +01:00
jvazquez-r7
d1ba860409
changing filename for dns_srv
2013-02-15 16:20:33 +01:00
jvazquez-r7
374faf9b02
cleanup for dns_srv
2013-02-15 16:19:48 +01:00
jvazquez-r7
9d4bd763a6
Merge branch 'darkoperator-dnsenum2dnssrv' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-dnsenum2dnssrv
2013-02-15 16:19:31 +01:00
jvazquez-r7
38f5fbced3
cleanup for dns_reverse_lookup
2013-02-15 12:56:01 +01:00
jvazquez-r7
f1e3dab45f
Merge branch 'darkoperator-dnsenum2dnsreverselookup' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-dnsenum2dnsreverselookup
2013-02-15 12:55:39 +01:00
jvazquez-r7
6aed858f80
cleanup for dns_bruteforce
2013-02-15 12:37:46 +01:00
jvazquez-r7
1be003a4d0
Merge branch 'darkoperator-dnsenum2dnsbruteforce' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-dnsenum2dnsbruteforce
2013-02-15 12:37:27 +01:00
jvazquez-r7
57e1d1baa5
cleanup for dns_info
2013-02-15 12:03:08 +01:00
jvazquez-r7
8a1874b4d1
Merge branch 'darkoperator-dnsenum2dnsinfo' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-dnsenum2dnsinfo
2013-02-15 12:02:48 +01:00
Carlos Perez
bcd59aa8fa
Typo word module does not go in the name.
2013-02-14 21:56:24 -04:00
Carlos Perez
1d64de6c11
Typo word module does not go in the name.
2013-02-14 21:55:38 -04:00
Carlos Perez
7f7b4e5a97
more changes to description and name
2013-02-14 21:49:57 -04:00
Carlos Perez
faf970cf1f
more changes to description and name
2013-02-14 21:47:43 -04:00
Carlos Perez
1b8610042a
more changes to description and name
2013-02-14 21:46:21 -04:00
Carlos Perez
0b9d4d976f
more changes to description and name
2013-02-14 21:44:31 -04:00
Carlos Perez
23320a5dde
Fix spelling problems
2013-02-14 15:48:11 -04:00
Carlos Perez
a7d4f5ff4a
Fix spelling problems
2013-02-14 15:46:36 -04:00
Carlos Perez
7f97ff271f
Fix spelling problems
2013-02-14 15:44:32 -04:00
Carlos Perez
1872b137f5
Fix spelling problems
2013-02-14 15:41:17 -04:00
Carlos Perez
e8ccfae048
Fix spelling problems
2013-02-14 15:38:17 -04:00
Jeff Jarmoc
c2f8e4adbd
Minor - Note Rails 3.1.11 patch in Description.
2013-02-13 22:30:54 -06:00
sinn3r
4eca6e5502
Merge branch 'feature/web_crawler_skip_paths' of github.com:tasos-r7/metasploit-framework into tasos-r7-feature/web_crawler_skip_paths
2013-02-13 14:07:20 -06:00
jvazquez-r7
d1784babea
little cleanup plus msftidy compliant
2013-02-13 20:24:49 +01:00
jvazquez-r7
0ae473b010
info updated with rails information
2013-02-13 09:52:17 +01:00
jvazquez-r7
f46eda2fa9
Merge branch 'rails_devise_pw_reset' of https://github.com/jjarmoc/metasploit-framework into jjarmoc-rails_devise_pw_reset
2013-02-13 09:51:37 +01:00
jvazquez-r7
799beb5adc
minor cleanup
2013-02-13 01:00:25 +01:00
jvazquez-r7
167f5970c1
minor cleanup for rails_json_yaml_scanner
2013-02-13 00:07:58 +01:00
jvazquez-r7
3e2a368823
Merge branch 'rails_json_yaml_scanner' of https://github.com/jjarmoc/metasploit-framework into jjarmoc-rails_json_yaml_scanner
2013-02-13 00:07:11 +01:00
Jeff Jarmoc
846052a34d
s/URIPATH/TARGETURI/g per @jvasquez-r7 comments on another pull.
2013-02-12 15:13:06 -06:00
Jeff Jarmoc
1d5d33f306
use normalize_uri()
2013-02-12 14:58:07 -06:00
Jeff Jarmoc
c6a7a4e68d
/URIPATH/TARGETURI/g
2013-02-12 14:50:10 -06:00
Tasos Laskos
f2cf4304d2
Merge remote-tracking branch 'upstream/master' into feature/web_crawler_skip_paths
2013-02-12 22:10:40 +02:00
Tasos Laskos
9efd3f6c5e
scanner/http/crawler: added ExcludePathPatterns opt
...
Option 'ExcludePathPatterns' allows users to specify which paths should
be excluded from the crawl (and which forms to ignore) by passing a
list of patterns (only allows '*' wildcards).
2013-02-12 21:47:12 +02:00
Jeff Jarmoc
c7719bf4cb
Verify response is non-nil.
2013-02-12 13:41:21 -06:00
Jeff Jarmoc
9e1f106a87
msftidy cleanup
2013-02-12 13:38:58 -06:00
Chris John Riley
3a6cd6f395
Added module for requesting RFC_SYSTEM_INFO via ICF web interface
2013-02-12 14:42:59 +01:00
Tod Beardsley
8ddc19e842
Unmerge #1476 and #1444
...
In that order. #1476 was an attempt to salvage the functionality, but
sinn3r found some more bugs. So, undoing that, and undoing #1444 as
well.
First, do no harm. It's obvious we cannot be making sweeping changes in
libraries like this without a minimum of testing available. #1478 starts
to address that, by the way.
FixRM #7752
2013-02-11 20:49:55 -06:00
Jeff Jarmoc
ddd7d307e6
Add a scanner aux module for Rails JSON/YAML vuln CVE-2013-0333
2013-02-11 16:48:44 -06:00
jvazquez-r7
766257d26a
pointed by @m-1-k-3 while working on #1472
2013-02-11 21:21:43 +01:00
Jeff Jarmoc
5f0a3c6b9e
Removes pry, oops.
2013-02-11 14:02:46 -06:00
Jeff Jarmoc
753fa2c853
Handles error when TARGETEMAIL is invalid.
2013-02-11 13:58:56 -06:00
David Maloney
a43b902b5c
Fix tomcat_mgr_login auth
2013-02-11 12:00:40 -06:00
Jeff Jarmoc
61ffcedbfd
Address HD's other comments, fixes mismatched var name in last commit.
2013-02-11 11:17:26 -06:00
Jeff Jarmoc
e72dc47448
Uses REXML for encoding of password.
2013-02-11 11:12:29 -06:00
Carlos Perez
6c85e5242e
change wildcard message to print_warning
2013-02-11 12:04:30 -04:00
Carlos Perez
431641fec9
added check for retry options
2013-02-11 12:02:15 -04:00
Carlos Perez
fd6f00f641
added report note for wildcard
2013-02-11 11:37:20 -04:00
Carlos Perez
5f10704697
applied fixes
2013-02-11 11:31:13 -04:00
Carlos Perez
55efe01bf7
Applied fixes
2013-02-11 11:23:06 -04:00
jvazquez-r7
24c3f1b99d
fix msftidy
2013-02-11 15:07:49 +01:00
jvazquez-r7
991e65770c
minor cleanup for word_unc_injector
2013-02-11 15:06:19 +01:00
jvazquez-r7
41564fd51d
Merge branch 'aux-word_unc_injector.rb' of https://github.com/SphaZ/metasploit-framework into SphaZ-aux-word_unc_injector.rb
2013-02-11 15:05:27 +01:00
Jeff Jarmoc
43a1fbb6f2
Make msftiday happy.
2013-02-10 21:13:18 -06:00
Jeff Jarmoc
55cba56591
Aux module for joernchen's devise vuln - CVE-2013-0233
2013-02-10 21:10:00 -06:00
m-1-k-3
63c6791473
return
2013-02-09 11:17:02 +01:00
m-1-k-3
6cccf86a00
Merge branch 'master' of git://github.com/rapid7/metasploit-framework into dlink-dir300-600-execution
2013-02-09 11:09:56 +01:00
Carlos Perez
fd15436a96
Added new line to end of file.
2013-02-08 20:52:49 -04:00
Carlos Perez
78f81843f6
Added new line to end of file.
2013-02-08 20:51:37 -04:00
Carlos Perez
eda3fc0715
Added new line to end of file.
2013-02-08 20:50:23 -04:00
Carlos Perez
166b59b61a
Added new line to end of file.
2013-02-08 20:48:57 -04:00
sinn3r
7370d7d31b
Final touchup
2013-02-08 18:21:06 -06:00
Spencer McIntyre
7522a87cf9
Adding an auxiliary scanner module for Titan FTP password disclosure.
2013-02-08 15:43:02 -05:00
James Lee
5b3b0a8b6d
Merge branch 'dmaloney-r7-http/auth_methods' into rapid7
2013-02-08 12:45:35 -06:00
Carlos Perez
ac8194ed07
Split of DNS SRV Record Enumeration from enum_dns
2013-02-08 10:09:34 -04:00
Carlos Perez
256ab7f737
Split of DNS Reverse Lookup from enum_dns
2013-02-08 09:50:21 -04:00
Carlos Perez
906585798d
Split of DNS General Info from enum_dns
2013-02-08 09:49:19 -04:00
Carlos Perez
2186db5295
Split of DNS Name Brutforce from enum_dns
2013-02-08 09:48:32 -04:00
SphaZ
66f0bddb54
fixed error check, a comment, manipulate_file all in memory now
2013-02-08 12:46:13 +01:00
sinn3r
25d8dac4c0
Merge branch 'bugs/linksys-fixes' of github.com:todb-r7/metasploit-framework into todb-r7-bugs/linksys-fixes
2013-02-07 19:10:36 -06:00
sinn3r
ce7da154a6
Merge branch 'master' of github.com:hmoore-r7/metasploit-framework into hmoore-r7-master
2013-02-07 17:35:28 -06:00
sinn3r
035e8b7100
Merge branch 'groupwise_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-groupwise_traversal
2013-02-07 17:33:34 -06:00
jvazquez-r7
e9912496d8
nice check learned from sinn3r
2013-02-07 22:05:39 +01:00
jvazquez-r7
0d3c32b0a4
Added module for CVE-2012-0419
2013-02-07 21:15:49 +01:00
sinn3r
7f746e1caa
That's what he said.
2013-02-07 11:13:18 -06:00
sinn3r
d554c3a56a
Don't really need the bottom comment
2013-02-07 10:46:42 -06:00
sinn3r
98559d4d51
Do a check and make sure this is Simple Web Server
2013-02-07 10:45:53 -06:00
sinn3r
b11f052746
Allow arbitrary depth
2013-02-07 10:32:29 -06:00
sinn3r
a3264e18e2
There aint no fail_with(), must use print_error
2013-02-07 10:30:17 -06:00
HD Moore
77390a5935
Fix a bug reported by Tom Liston
2013-02-06 23:34:55 -06:00
sinn3r
b09f819e4b
Add Simple Web Server dir traversal
2013-02-06 17:02:07 -06:00
James Lee
1095fe198b
Merge branch 'rapid7' into dmaloney-r7-http/auth_methods
2013-02-06 16:57:50 -06:00
HD Moore
f0ca4b2f08
Merge remote-tracking branch 'upstream/master'
2013-02-06 16:31:31 -06:00
Tod Beardsley
5357e23675
Fixups to the Linksys module
...
Professionalizes the description a little, but more importantly, handles
LANIP better, I think. Instead of faking a 1.1.1.1 address, just detect
if it's set or not in a method and return the right thing accordingly.
Please test this before landing, obviously. I think it's what's
intended.
2013-02-06 12:46:50 -06:00
Tod Beardsley
e175e2c9e9
typo in method name
2013-02-06 12:19:57 -06:00
HD Moore
22e3458cea
Fix multi-line output due to bad regex flag
2013-02-06 11:27:58 -06:00
Tod Beardsley
faeaa74a49
Msftidy whitespace
2013-02-06 11:06:13 -06:00
HD Moore
9af888c03b
Merge pull request #1433 from jjarmoc/jjarmoc-rails_xml_scan
...
rails_xml_yaml_scanner.rb improvements
2013-02-05 12:34:10 -08:00
Matt Andreko
2cdeca5422
Added reference & depth
...
Added reference to IOActive's release.
Added a depth option to allow user to specify how many folders to traverse.
2013-02-05 14:32:50 -05:00
m-1-k-3
43f3bb4fe6
small updates
2013-02-05 13:54:10 +01:00
SphaZ
0f46ed72e1
Using snake_case, fixed using tmp files, changed errorhandling
2013-02-05 12:00:04 +01:00
David Maloney
877fb017b6
remove negotiate requirements
...
winrm can support basic, and now these modules can too, for free
2013-02-04 16:50:43 -06:00
David Maloney
44d4e298dc
Attempting to cleanup winrm auth
2013-02-04 15:48:31 -06:00
Jeff Jarmoc
39cafd0cde
Use OptEnum instead of OptString
2013-02-04 15:08:34 -06:00
David Maloney
8d013d1034
Merge branch 'master' into http/auth_methods
2013-02-04 13:11:57 -06:00
David Maloney
4c1e630bf3
BasicAuth datastore cleanup
...
cleanup all the old BasicAuth datastore options
2013-02-04 13:02:26 -06:00
David Maloney
8b1febb4cf
add myself to the blame list for the module =P
2013-02-04 12:32:43 -06:00
David Maloney
9497e38ef7
Fix http login scanner
...
Fix the http_login scanner to use new buitin auth
2013-02-04 12:31:19 -06:00
David Maloney
2c3de43f4b
datastore opts cleanup
...
cleanuo digestauth datastore options in modules
2013-02-04 12:10:44 -06:00
SphaZ
fa1811ac38
changed SOURCE to be OptPath
2013-02-04 15:25:11 +01:00
SphaZ
3b528d7f6d
removed data files from docx
2013-02-04 14:00:13 +01:00
SphaZ
145cf618aa
msftidy
2013-02-04 13:51:01 +01:00
SphaZ
24de0d2274
Data files moved. Updated to use Rex::zip and Msf::Exploit::FILEFORMAT
2013-02-04 13:37:09 +01:00
m-1-k-3
5ca0e45388
initial commit
2013-02-04 08:44:12 +01:00
HD Moore
0660347fca
Explicit mult-line match
2013-02-03 21:06:57 -06:00
jvazquez-r7
2bf2d4d8a4
Merge branch 'netgear_sph200d_traversal' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-netgear_sph200d_traversal
2013-02-03 23:35:29 +01:00
Jeff Jarmoc
5e0c18af2f
adding self to credits
2013-02-03 16:14:42 -06:00
Jeff Jarmoc
57c8e41846
Re-order probes and checks.
...
This causes module to exit if error conditions are found, before sending unecessary probes.
2013-02-03 16:10:46 -06:00
Jeff Jarmoc
8dff427776
Allow 4xx codes, display codes in verbose output
2013-02-03 16:07:07 -06:00
Jeff Jarmoc
810470de3b
Make HTTP_METHOD Configurable
2013-02-03 16:05:45 -06:00
David Maloney
5814c59620
move httpauth to mixin
...
HttpAuth stuff gets it's own little mixin
mix it in to Exploit::Http::Client
mix in it to Auxiliary::Web::HTTP
2013-02-01 15:12:10 -06:00
HD Moore
d5ae005332
Rename with underscores
2013-02-01 14:39:01 -06:00
HD Moore
4e6c93ec7d
Various style fixes, fix ruby 1.8 compat
2013-02-01 14:38:20 -06:00
jvazquez-r7
c24c926ffa
add aditional check to detect valid device
2013-02-01 20:55:06 +01:00
jvazquez-r7
996ee06b0f
fix another print_ call
2013-02-01 20:43:54 +01:00
jvazquez-r7
152f397a1f
first module cleanup
2013-02-01 20:38:11 +01:00
m-1-k-3
988761a6de
more updates, BID, Exploit-DB
2013-02-01 20:18:53 +01:00
m-1-k-3
fdd5fe77c1
more updates ...
2013-02-01 19:59:19 +01:00
m-1-k-3
0e22ee73b5
updates ...
2013-02-01 19:26:34 +01:00
SphaZ
e71c2c5ece
added word_unc_injector auxiliary module
2013-02-01 08:03:41 +01:00
jvazquez-r7
70b252dc7b
Merge branch 'normalize_uri_update2' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-normalize_uri_update2
2013-01-31 22:32:50 +01:00
sinn3r
39cdb89831
Oh don't be so sensitive about it.
...
Fixnum vs String
2013-01-31 15:04:13 -06:00
egypt
5332e80ae9
Fix errant use of .to_s instead of .path
2013-01-31 14:18:42 -06:00
sinn3r
c174e6a208
Correctly use normalize_uri()
...
normalize_uri() should be used when you're joining URIs. Because if
you're merging URIs after it's normalized, you could get double
slashes again.
2013-01-30 23:23:41 -06:00
sinn3r
a68ad8f600
Merge branch 'bug/rm7021-MySQL-login-scanner-exception' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-bug/rm7021-MySQL-login-scanner-exception
2013-01-30 13:22:33 -06:00
jvazquez-r7
cf6aae7bb7
add checks for enabled services
2013-01-30 17:37:41 +01:00
jvazquez-r7
668520d8d9
added module for cve-2013-1391
2013-01-30 17:22:03 +01:00
Tod Beardsley
b1f8b87f14
Chmod -x the joomla modules. Also fix a title typo
...
joomla_pages was incorrectly titled as "Joomla Version Scanner," which
of course is actually joomla_version.
2013-01-29 17:02:43 -06:00
m-1-k-3
ea5e993bf3
initial
2013-01-29 22:02:29 +01:00
Tod Beardsley
6002e35460
Merge pull request #1397 from wchen-r7/target_uri_fix
...
normalize_uri fixes (double slashes and trailing slash)
2013-01-29 11:26:30 -08:00
Tod Beardsley
e618a2a347
Merge pull request #1405 from rapid7/add/upnp-scanner
...
Adds CVE reporting to the UPnP scanner
2013-01-28 23:10:14 -08:00
Tod Beardsley
f5eaa87c80
comment typo
2013-01-29 01:05:18 -06:00
Tod Beardsley
25ae49154a
Added author, vprint dressing-up
2013-01-29 00:55:45 -06:00
HD Moore
358f7cc62f
Adds CVE reporting to the UPnP scanner
2013-01-29 00:15:39 -06:00
sinn3r
1ea1ad3166
Fix the forgotten path()
2013-01-28 14:48:22 -06:00