Brent Cook
aa5b201427
Revert "revert ssl_login_pubkey for now"
...
This reverts commit 7d773b65b6
.
2016-03-07 13:19:33 -06:00
Christian Mehlmauer
7d773b65b6
revert ssl_login_pubkey for now
2016-03-07 14:44:23 +01:00
Christian Mehlmauer
3da9535e22
change Metasploit4 class names
2016-03-07 09:57:22 +01:00
Christian Mehlmauer
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
Brent Cook
eea8fa86dc
unify the SSLVersion fields between modules and mixins
...
Also actually handle the 'Auto' option that we had in the crawler and remove
hardcoded defaults in modules that do not need them.
2016-03-06 22:06:27 -06:00
Brent Cook
66c697d2e4
Land #6602 , update author info for dahua_dvr_auth_bypass
2016-03-06 15:13:01 -06:00
Brent Cook
4711191def
remove non-specific URL
2016-03-06 15:12:25 -06:00
Brent Cook
c7c0e12bb3
remove various module hacks for the datastore defaults not preserving types
2016-03-05 23:11:39 -06:00
Fakhri Zulkifli
b1e9f44ca2
IPv6 Neighbor Advertisement Enhancement
...
http://seclists.org/nmap-dev/2011/q2/79
1. Shorten router advertisement payload lifetime.
2. Randomize address prefix.
3. Prevent from getting into default router list.
2016-03-06 03:23:37 +08:00
rwhitcroft
ded5b58733
one more style fix
2016-03-01 10:20:39 -05:00
rwhitcroft
4b10331cf0
style fixups
2016-03-01 10:18:25 -05:00
William Vu
c5a9d59455
Land #6612 , one final missing change
2016-02-29 15:08:42 -06:00
William Vu
cb0493e5bb
Recreate Msf::Exploit::Remote::Fortinet
...
To match the path, even though it's kinda lame including it just for the
monkeypatch.
2016-02-29 15:04:02 -06:00
William Vu
a6a37b3089
Land #6612 , missing commits included
2016-02-29 14:06:21 -06:00
William Vu
300fdc87bb
Move Fortinet backdoor to module and library
2016-02-29 12:06:33 -06:00
wchen-r7
2950996cb8
Land #6612 , Add aux module for Fortinet backdoor
2016-02-29 12:02:49 -06:00
William Vu
53d703355f
Move Fortinet backdoor to module and library
2016-02-29 11:57:42 -06:00
rwhitcroft
f735a904ff
create owa_ews_login module, modify HttpClient to accept preferred_auth option
2016-02-28 22:01:05 -05:00
wchen-r7
051506694f
Land #6574 , add Linknat Vos Manager Traversal aux module
2016-02-25 22:02:56 -06:00
wchen-r7
2e268a25da
Land #6596 , Apache Karaf Login Utility
2016-02-25 14:39:51 -06:00
wchen-r7
aa7c3f01a8
Update name and description
2016-02-25 14:39:19 -06:00
wchen-r7
7e25c7b87b
Handle OpenSSL::Cipher::CipherError
...
Our current net/ssh is petty outdated, so it is possible not being
able to connect to certain SSH servers.
2016-02-25 14:35:37 -06:00
William Vu
7d20e26a35
Move to aux/scanner/ssh
2016-02-25 11:22:50 -06:00
William Vu
f52f44cde0
Remove session_setup, since we're not in a shell
...
A real shell. A real human bean.
2016-02-25 11:21:45 -06:00
Tyler Bennett
ff3a554b4d
added an unless to wrap around the print and report_creds func for nas module to only execute if ftpuser and ftppass is non-blank
2016-02-24 13:53:30 -05:00
Tyler Bennett
16d7b2e6ff
cleaned up unless code for nas module and setup ftpuser and ftppass to only if non blank
2016-02-23 17:37:47 -05:00
dmohanty-r7
6aa6280eff
Try USERNAME before DEFAULTCRED
2016-02-23 13:44:44 -06:00
Tyler Bennett
4eabe43273
fixed issues with capturing regex
2016-02-23 12:27:07 -05:00
Tyler Bennett
c191e5b8e1
corrected authors file and cleaned up debug statements
2016-02-23 11:41:12 -05:00
Jon Hart
c79eab2c7f
Land #6241 , @talos-arch3y's aux module for Dahua DVR CVE-2013-6117
2016-02-23 08:20:54 -08:00
dmohanty-r7
07ac13326e
Allow user to try other login credentials
2016-02-22 17:47:32 -06:00
dmohanty-r7
c0180b23fa
Update description
2016-02-19 13:39:13 -06:00
dmohanty-r7
33aaeb4ac9
Update authors
2016-02-19 11:53:17 -06:00
Brent Cook
3d1861b3f4
Land #6526 , integrate {peer} string into logging by default
2016-02-15 15:19:26 -06:00
nixawk
7ca0255ea1
Module should not be marked executable
2016-02-15 12:57:43 +08:00
nixawk
f35230b908
add Linknat Vos Manager Traversal
2016-02-15 12:39:40 +08:00
Spencer McIntyre
c9c4f49aca
Add get_file method and parse the server response
2016-02-13 17:20:37 -05:00
William Vu
5f0add2a8b
Land #6541 , typo fix for cisco_ssl_vpn
2016-02-09 17:13:24 -06:00
William Vu
240cbb91be
s/resp/res/
2016-02-09 17:12:09 -06:00
alexandrinetorrents
c0a8b01c2b
Addition of multiple read/write to auxiliary/scanner/scada/modbusclient.rb
2016-02-08 13:13:51 +01:00
wchen-r7
cd7046f233
Change method name "method" to "http_method" for http_traversal.rb
...
We accidentally override "#method", which is bad.
2016-02-07 23:15:46 -06:00
Brendan Coles
40633ea7cd
Check filepath length
2016-02-08 01:11:18 +00:00
Brendan Coles
df825913b8
Use default timeout
2016-02-07 07:11:47 +00:00
Brendan Coles
e0e67f5507
Remove unnecessary check for FILEPATH
2016-02-07 02:05:15 +00:00
wchen-r7
2171c344e5
Fix #6539 , correct a typo in report_cred
...
Fix #6539
2016-02-06 13:23:21 -06:00
Jon Hart
cd86db2734
Update ssh_identify_pubkeys to support symbolic path names
2016-02-03 14:21:54 -08:00
Jon Hart
53d4e31844
Allow OptPath to valid symbolic paths that need expansion
2016-02-03 14:12:03 -08:00
Jon Hart
49beca4e40
Fix ssh_identify_pubkeys to accept keyfiles with authorized commands
...
Previously, something like this would fail:
command="/some/script.sh" ssh-rsa adsfadfa root@whatever
This format is valid authorized_keys and should work here too. It does
now.
2016-02-03 13:50:17 -08:00
Jon Hart
dbcef2c755
Deregister unused options
2016-02-03 13:20:30 -08:00
James Lee
47c0a3b4a7
Get some stragglers that had a different format
2016-02-01 16:21:10 -06:00
James Lee
8094eb631b
Do the same for aux modules
2016-02-01 16:06:34 -06:00
wchen-r7
f5ee6ce2f3
Better service reporting for snmp_login
...
Report the snmp string and update the module title & description
to better clarify what the module really does.
2016-02-01 12:24:19 -06:00
Brent Cook
cd56470759
Land #6493 , move SSL to the default options, other fixes
2016-01-29 11:09:51 -06:00
Brent Cook
115c63e4ba
karaf default credential scanner PoC
2016-01-27 03:27:48 -05:00
wchen-r7
6187354392
Land #6226 , Add Wordpress XML-RPC system.multicall Credential BF
2016-01-23 00:12:46 -06:00
wchen-r7
064af0d670
Remove unwanted comment
2016-01-23 00:11:58 -06:00
KINGSABRI
ad3eed525b
Handing newer version of WP, fallback CHUNKSIE to 1
2016-01-23 08:06:27 +03:00
wchen-r7
53e9bd7f51
This line does nothing
2016-01-22 18:55:45 -06:00
wchen-r7
0f9cf812b7
Bring wordpress_xmlrpc_login back, make wordpress_multicall as new
2016-01-22 18:54:20 -06:00
wchen-r7
91db2597c7
normalize URIs
2016-01-22 11:27:26 -06:00
wchen-r7
b02c762b93
Grab zeroSteiner's module/jenkins-cmd branch
2016-01-22 10:17:32 -06:00
Christian Mehlmauer
484d57614a
remove re-registered ssl options
2016-01-22 09:54:52 +01:00
wchen-r7
216986f7af
Do API documentation, rspec, and other small changes
2016-01-21 17:22:14 -06:00
KINGSABRI
a8feb8cad5
make passwords faster for reading huge wordlest files
2016-01-21 03:32:50 +03:00
KINGSABRI
4cb19c75a6
Enhance the module and add version check
2016-01-21 03:19:31 +03:00
wchen-r7
fcaef76215
Do a version check
...
This attack is not suitable for newer versions due to the
mitigation in place.
2016-01-20 17:14:44 -06:00
nixawk
ad107a2d1c
Show - No Auth Required - Just Once
2016-01-19 08:29:33 +08:00
nixawk
0b78406d29
clear Metasploit::Framework::LoginScanner::REDIS.new
2016-01-16 13:12:04 +08:00
nixawk
b2983e1ee7
replace #{rhost}: #{rport} with #{peer}
2016-01-16 13:05:35 +08:00
nixawk
2abaca3f6b
include Msf::Auxiliary::Redis / Remove default RPORT option
2016-01-16 12:58:02 +08:00
Karim Reda Fakhir
d5dd5d55a6
modified: modules/auxiliary/scanner/voice/telisca_ips_lock_abuse.rb
...
modified: modules/auxiliary/voip/telisca_ips_lock_abuse.rb
2016-01-14 11:06:26 +00:00
Fakhir Karim Reda
aae86d8bc0
new file: modules/auxiliary/scanner/voice/telisca_ips_lock_abuse.rb
2016-01-14 00:12:55 +00:00
Fakhir Karim Reda
01b8302db1
delte modules/auxiliary/scanner/voice/telisca_ips_lock_abuse.rb
2016-01-13 23:19:35 +00:00
Karim Reda Fakhir
8b03b719e8
Adding auxialiary modules :
...
+ symantec_brightmail_ldapcreds.rb
+ telisca_ips_lock_abuse.rb
2016-01-13 15:19:07 +00:00
Jonathan Harms
5266860cec
Squashed more commits back into 1
2016-01-07 17:53:49 -06:00
Tyler Bennett
c245e64239
added peer to each print statement and rex table
2016-01-06 13:22:30 -05:00
wchen-r7
6e65d1d871
Land #6411 , chinese caidao asp/aspx/php backdoor bruteforce
2016-01-06 12:03:17 -06:00
nixawk
a54a7aeb02
redis only need password for authentication
2016-01-06 17:05:49 +08:00
wchen-r7
bdda8650a2
Do not support username, because the backdoor doesn't use one
2016-01-06 02:02:11 -06:00
Jon Hart
d626d7f0c9
Land #6416 , @all3g's rewrite/improvements to redis_server
2016-01-05 19:02:26 -08:00
Jon Hart
90ea88e5ba
Make command used configurable
2016-01-05 16:23:10 -08:00
Jon Hart
3ccdd12ecb
Put peer first in all prints
2016-01-05 16:09:50 -08:00
Jon Hart
1d997234cb
Remove unnecessary degistering of RHOST
2016-01-05 16:08:18 -08:00
Tyler Bennett
aa2922e6c3
added in verbose mode for ddns and fixed report_email_creds issue
2016-01-05 14:54:48 -05:00
nixawk
8a76bbafff
Add peer to vprint_error
2016-01-06 01:51:23 +08:00
Jon Hart
eef154420b
This is a scanner, so vprint things that occur frequently
2016-01-05 09:06:36 -08:00
Jon Hart
63324bd77d
Rescue correct exceptions
2016-01-05 09:05:32 -08:00
Jon Hart
1b48556456
Use cleaner hash syntax
2016-01-05 09:05:32 -08:00
nixawk
9714923824
ensure disconnect / remove self.class from register_options
2016-01-06 00:54:54 +08:00
William Vu
6cb9ad0d72
Land #6435 , unaligned def/end fix
2016-01-05 09:59:25 -06:00
nixawk
c3158497c0
rebuild / add check_setup / send_request
2016-01-05 15:10:26 +08:00
nixawk
cbbbd9a7e7
end is not aligned with def
2016-01-05 14:07:43 +08:00
nixawk
20cd156047
replace auxiliary/scanner/misc/redis_server with auxiliary/scanner/redis/redis_server
2016-01-05 13:14:40 +08:00
William Vu
3990c021c2
Land #6318 , updates for ssh_identify_pubkeys
2016-01-04 13:27:38 -06:00
William Vu
6f01df3f79
Clean up module
2016-01-04 13:26:03 -06:00
William Vu
58c047200d
Land #6305 , creds update for owa_login
2016-01-04 10:52:39 -06:00
nixawk
a6914df3e3
rename LOGIN_URL to TARGETURI
2015-12-31 22:21:34 +08:00
nixawk
370351ca88
chinese caidao asp/aspx/php backdoor bruteforce
2015-12-31 15:17:01 +08:00
nixawk
a929dc0e35
add redis_login
2015-12-30 18:54:25 +08:00
Brendan Coles
47261c27d4
Add EasyCafe Server Remote File Access module
2015-12-27 12:00:50 +00:00
Brent Cook
e23b5c5435
Land #6179 , add NTP initial crypto nak spoofing module
2015-12-24 15:46:18 -06:00
Jon Hart
283cf5b869
Update msftidy to catch more potential URL vs PACKETSTORM warnings
...
Fix the affected modules
2015-12-24 09:12:24 -08:00
Jon Hart
27a6aa0be1
Fix current msftidy warnings about PACKETSTORM vs URL
2015-12-24 09:05:02 -08:00
Jon Hart
cb752a4bcf
Remove peer; included via Exploit::Remote::Tcp in lib/msf/core/exploit/mysql.rb
2015-12-24 07:46:23 -08:00
Jon Hart
c55f61d2d7
Remove peer; included via Exploit::Remote::Tcp in lib/msf/core/exploit/smtp.rb
2015-12-24 07:44:36 -08:00
wchen-r7
cea3bc27b9
Fix #6362 , avoid overriding def peer repeatedly
...
def peer is a method that gets repeated a lot in modules, so we
should have it in the tcp mixin. This commit also clears a few
modules that use the HttpClient mixin with def peer.
2015-12-23 11:44:55 -06:00
wchen-r7
7d8ecf2341
Add Joomla mixin
2015-12-18 21:14:04 -06:00
Brent Cook
0c0219d7b7
Land #6357 , cleanup redis rdbcompression options
2015-12-17 10:45:11 -06:00
Jon Hart
f3ac8a2cc0
Land #6360 , @pyllyukko's reference cleanup for ipmi_dumphashes
2015-12-16 22:03:40 -08:00
Jon Hart
865e2a7c18
Only test/reset rdbcompression if told to and redis is configured that way
2015-12-16 11:20:13 -08:00
Jon Hart
f616ee14a8
Dont abort if compression can't be disabled
2015-12-16 11:11:00 -08:00
Jon Hart
12764660b2
Remove compression bits from description; remove unnecessary module options; require DISABLE_RDBCOMPRESSION
2015-12-16 11:07:27 -08:00
pyllyukko
d110c6cc73
Added few references to ipmi_dumphashes
2015-12-16 13:36:37 +02:00
nixawk
342ce05ff7
add a DISABLE_RDBCOMPRESSION option for redis file_upload
2015-12-16 04:28:52 +00:00
Tyler Bennett
5bb8dbcafc
added peer to users table
2015-12-15 16:45:45 -05:00
Tyler Bennett
797bd9e04d
added peer to each table and added each users groups to the users table
2015-12-15 16:31:25 -05:00
Jon Hart
b78f7b4d55
Land #6319 , @all3g's module for abusing redis to achieve file uploads
2015-12-14 18:00:44 -08:00
Tyler Bennett
bda6c940cf
fixed issues with printing of tables and cleaned up output a bit removed unecessary prints
2015-12-14 16:23:18 -05:00
Jon Hart
e448bc3e27
If saving fails, print_error and mention permissions
2015-12-14 10:47:05 -08:00
Jon Hart
19acd366d6
Rename redis file upload module; remove the 'auth' part
2015-12-14 10:40:28 -08:00
Vex Woo
dee23e4bda
Merge pull request #3 from jhart-r7/pr/fixup-6319
...
Cleanup redis unauth_file_upload, move redis stuff to mixin
2015-12-12 03:32:05 +00:00
Jon Hart
9ef46140c0
Improve output when success
2015-12-11 10:10:44 -08:00
Jon Hart
32a64c3d8e
Make auth easier, work automatically and on older redis versions
...
Also, improve check
2015-12-11 10:04:47 -08:00
Jon Hart
ac47c87af4
Move Password option to redis mixin
2015-12-11 08:53:11 -08:00
Jon Hart
38d0b0a0f2
Wire in @all3g's redis auth code
2015-12-11 08:42:59 -08:00
Tyler Bennett
c000e590d4
verified table values are correctly typed as Strs, but it still fails to print the tables
2015-12-10 15:51:59 -05:00
Jon Hart
555e52e416
Document the redis upload process more
2015-12-10 09:35:46 -08:00
Jon Hart
48a27170c2
Document process better, delete correct key
2015-12-10 09:13:13 -08:00
Jon Hart
d2f54af23f
Reset the dir and dbfilename back to their original settings
2015-12-10 08:56:24 -08:00
Jon Hart
21ab4e96e5
First pass at redis mixin
2015-12-10 08:29:59 -08:00
nixawk
0d8fc78257
make code more clear
2015-12-10 15:13:50 +00:00
nixawk
42013c18ba
add a password option - AUTH_KEY
2015-12-10 08:24:47 +00:00
nixawk
28bc5b4d4f
move it from exploit to auxiliary
2015-12-10 08:23:38 +00:00
Jon Hart
4cc7853ad8
Don't run_host unless check returns vulnerable; report_service
2015-12-09 18:33:40 -08:00
Jon Hart
624e5aeffa
First pass at converting redis module to aux; style cleanup
2015-12-09 17:59:48 -08:00
Tyler Bennett
c2ef7be217
cleaned up regex isseus and added the appropriate rex tables. Having issues with printing them due to type errors, but Im working on it
2015-12-09 17:49:38 -05:00
Tyler Bennett
e574c844de
added rex table for channels func, has an issues with TypeError no implicit conversion of String into Integer upon building the table
2015-12-08 18:19:30 -05:00
Tyler Bennett
48cd350711
updated authors list with contributors
2015-12-08 16:29:00 -05:00
Tyler Bennett
92d56cd050
cleaned up uncessary Rex Tables working on the rest of them for users, groups and channels
2015-12-08 16:24:47 -05:00
Tyler Bennett
75e31c252e
added rex table for nas settings, still working on users and hashes rex table
2015-12-07 14:48:28 -05:00
Tyler Bennett
3d892bd1d6
added rex table for grab_email func instead of printing out values
2015-12-07 10:37:36 -05:00
Tyler Bennett
069a50e1b8
Revert "fixed ddns_creds import issue, by using rhost and commenting why it needs to be used"
...
Reverting to hopefully force a fix for issue #3968
2015-12-07 09:41:46 -05:00
Stuart Morgan
ca023b6499
Simplified do_report() to comply with msftidy
2015-12-05 23:27:28 +00:00
Stuart Morgan
4f1f755c1d
msftidy
2015-12-05 22:49:40 +00:00
Stuart Morgan
4469e9b5ef
Finalised module
2015-12-05 22:45:08 +00:00
Stuart Morgan
bd1bf4aa72
Initial test, fixed noteswq
2015-12-05 21:19:34 +00:00
Stuart Morgan
09c58e4097
Massive rework of the storage/notes/reporting
2015-12-05 21:18:29 +00:00
Stuart Morgan
1101edbcd3
argh, forgot the comma!
2015-12-05 16:24:10 +00:00
Stuart Morgan
28202745ab
Removed EOL spaces (msftidy)
2015-12-05 15:33:04 +00:00
Stuart Morgan
12561e5cf9
Add delay/jitter to xmas scan
2015-12-05 15:32:47 +00:00
Stuart Morgan
e190dcb61a
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into add_delay_jitter_to_scan
2015-12-05 15:25:11 +00:00
Stuart Morgan
5965867fdc
Added 'milliseconds' unit description to JITTER parameter for clarity
2015-12-05 15:23:31 +00:00
Stuart Morgan
a46031a85c
Added delay/jitter to syn scan
2015-12-05 15:23:00 +00:00
Stuart Morgan
40d3ebbc94
Added delay/jitter to ftpbounce scan
2015-12-05 15:22:52 +00:00
Stuart Morgan
33563129c1
Added delay/jitter to ACK
2015-12-05 15:22:41 +00:00
Stuart Morgan
efa2f5aa1c
Added delay/jitter feature to ACK scan
2015-12-05 15:14:22 +00:00
Stuart Morgan
0e96a71232
Update
2015-12-05 15:12:40 +00:00
Stuart Morgan
cc770ab120
Removed unneeded comments
2015-12-05 14:59:33 +00:00
Stuart Morgan
734cb128e0
Changed jitter to be absolute, not relative, and put threads option back in
2015-12-05 14:57:47 +00:00
Stuart Morgan
ba13b88aad
Apparently rand(2) will give you 0 and 1....rand(1) exclusively gives 0. Must read the man pages more....
2015-12-05 14:25:30 +00:00
Stuart Morgan
d5e433df87
Removed THREADS option because it isn't used, and added DELAY and JITTER options
2015-12-05 14:23:33 +00:00
Tyler Bennett
385e5a9fe1
fixed more rubocop issues with the rex table for ddns
2015-12-04 15:28:01 -05:00
Tyler Bennett
4e0ab9b68f
fixed ddns_creds import issue, by using rhost and commenting why it needs to be used
2015-12-04 15:10:02 -05:00
Tyler Bennett
6ce54f15ee
added rex table for ddns func
2015-12-04 14:46:26 -05:00
Tyler Bennett
16e4d6a727
fixedd more rubocop errors, still needs work
2015-12-04 14:08:18 -05:00
Jon Hart
72f7efd042
Lots of style cleanup
2015-12-03 15:39:27 -08:00
Jon Hart
4b30a56f15
Add a few missing connects
2015-12-03 15:22:27 -08:00
Jon Hart
7346c528cd
Fix indentation
2015-12-03 15:21:06 -08:00
Jon Hart
6c31946995
Slightly simplify regex
2015-12-03 15:19:35 -08:00
Jon Hart
98096ab71c
Remove useless assignment
2015-12-03 15:16:54 -08:00
Jon Hart
504f6874f2
Convert to actions
2015-12-03 15:15:48 -08:00
Jon Hart
93cd3446db
Minor cleanup of some print_ lines
2015-12-03 15:01:27 -08:00
Jon Hart
753eddbbd6
Correct true/false for optional options, default values
2015-12-03 14:53:27 -08:00
Tyler Bennett
9d71ff6b9d
cleaned up a few misc prints and added in logic if mailport is empty
2015-12-03 15:51:49 -05:00
Tyler Bennett
3d617efa88
added code to parse mailport from config
2015-12-03 15:36:08 -05:00
Tyler Bennett
0d89dde4a6
changed sock.get to sock.get_once and fixed booleans hopefully. Still cleaning things up but its getting closer
2015-12-03 12:51:48 -05:00
r3naissance
db5c69226e
Add Usernames to Creds Database with owa_login.rb
2015-12-03 09:31:36 -07:00
Jon Hart
fdbd3cfc11
Fix minor style problems, call check() from run_host
2015-12-02 15:46:35 -08:00
Tyler Bennett
a8887e6b77
firts iteration of moving each payload to its own function and setting optional vars, cleaning up rubocop warnings as well
2015-12-02 16:33:09 -05:00
Tyler Bennett
ca496a376f
set username as a requirement and added note about randomly assinged password for user if not set
2015-12-02 14:16:36 -05:00
James Lee
98a0ddebda
Land #6298 , Advantech shellshock module
2015-12-01 11:37:09 -06:00
HD Moore
16d0d53150
Update Shellshock modules, add Advantech coverage
2015-12-01 10:40:46 -06:00
Tyler Bennett
36f48dc945
cleaned up required opts, only left needed vars to run the rest are optional based on user preference
2015-12-01 11:02:14 -05:00
Tyler Bennett
5e9a0ab3ff
removed version var in initialize method
2015-12-01 10:57:16 -05:00
Tyler Bennett
cb60b41d5d
added in fixes and missing typos, randomized the password for the user
2015-12-01 10:43:58 -05:00
Kyle Gray
bd8177bf6c
Merge remote-tracking branch 'origin/pr/6284'
...
Land #6284 , fix for false negatives found in #6281
@wvu found some false negatives while testing a server for #6281
2015-11-30 16:09:42 -06:00
Christian Mehlmauer
920d8c6ad7
Land #6278 , wrong default option for RHOST
2015-11-26 06:49:25 +01:00
Jon Hart
8fd2522a59
Land #6257 , @all3g's aux module for locating git repos over HTTP
2015-11-25 12:25:45 -08:00
Jon Hart
a56571479f
Remove WmapScanServer mixin; not needed
2015-11-25 11:38:32 -08:00
William Vu
2da9bb8578
Follow redirects in apache_userdir_enum
...
Found false negatives while testing a server for #6281 .
2015-11-25 13:27:06 -06:00
William Vu
8f459de064
Fix tomcat_enum for full_uri
2015-11-25 11:28:56 -06:00
William Vu
38a9efe4d6
Fix squiz_matrix_user_enum for full_uri
2015-11-25 11:28:53 -06:00
William Vu
7d17c5741b
Fix nginx_source_disclosure for full_uri
2015-11-25 11:19:27 -06:00
William Vu
035882702a
Fix barracuda_directory_traversal for full_uri
2015-11-25 11:18:17 -06:00
William Vu
7a5f6495d0
Fix axis_local_file_include for full_uri
2015-11-25 11:16:59 -06:00
William Vu
42d12a4d40
Fix apache_userdir_enum for full_uri
2015-11-25 11:16:22 -06:00
Waqas Ali
c09d8031c6
Remove default empty string
2015-11-25 12:19:16 +05:00
Jon Hart
eac4f02b66
Spelling and correct description
2015-11-24 17:57:56 -08:00
aushack
3ad7ef9814
Modify the printed URL to add https:// when SSL is used.
2015-11-25 12:46:56 +11:00
wchen-r7
b1abfe898d
Update wordpress_xmlrpc_login
...
Replace the wordpress_xmlrpc_login code with
wordpress_xmlrpc_massive_bruteforce.rb, which should run a lot
faster.
2015-11-24 16:30:34 -06:00