Commit Graph

7342 Commits (741c4b891670a16145daa84855759e6d5e420212)

Author SHA1 Message Date
wchen-r7 14adcce8bf Missed the HTTPUSERNAME fix 2016-05-27 18:37:04 -05:00
wchen-r7 61f9cc360b Correct casing - should be HttpUsername and HttpPassword 2016-05-27 18:31:54 -05:00
wchen-r7 7f643a7b8d Fix syntax error 2016-05-27 18:05:24 -05:00
wchen-r7 4dcddb2399 Fix #4885, Support basic and form auth at the same time
When a module uses the HttpClient mixin but registers the USERNAME
and PASSWORD datastore options in order to perform a form auth,
it ruins the ability to also perform a basic auth (sometimes it's
possible to see both). To avoid option naming conflicts, basic auth
options are now HTTPUSERNAME and HTTPPASSWORD.

Fix #4885
2016-05-27 16:25:42 -05:00
Bruno Morisson 01a691a46c Update sap_router_portscanner.rb
Added additional SAP TCP/IP ports for sap_port_info function.

ref: https://wiki.scn.sap.com/wiki/display/TCPIP/Services
2016-05-27 14:43:16 +01:00
William Vu 3dfdf1d936
Land #6528, tilde expansion and more for OptPath 2016-05-24 16:01:59 -05:00
Jon Hart 48c25dd863
Remove need for expand_path in this module; normalize handles it now 2016-05-24 13:30:12 -07:00
Jon Hart 3df4c38e82
Use correct key file var 2016-05-24 13:28:08 -07:00
Brent Cook 266d29ca4a handle garbage better during probe 2016-05-23 22:28:31 -05:00
Brent Cook a6020ca010 style fixes 2016-05-23 22:14:57 -05:00
Brent Cook b613dfefb4
Land #6896, fix spelling in caidao_bruteforce_login 2016-05-19 21:54:06 -05:00
h00die 706d51389e spelling fix 2016-05-19 19:30:18 -04:00
Tijl Deneut 36a9ef83ab Added phoenix_command.rb 2016-05-17 15:45:45 +02:00
William Vu 9c61490676 Fix some inconsistencies
Failed to catch these while editing. :(
2016-05-17 02:50:12 -05:00
Jon Hart 92d07f74ff
Remove unnecessary double expand_path 2016-05-16 17:34:12 -07:00
Jon Hart 8bccfef571
Fix merge conflict 2016-05-16 17:29:45 -07:00
sho-luv 5361aaadbd Update nbns_response.rb
Just correcting the description section of this module
2016-05-14 15:24:38 -07:00
Brent Cook c7cbaa08c8
Land #6576, add Search Engine Subdomains Collector (Bing / Yahoo / ..) 2016-05-14 10:50:53 -05:00
Adam Cammack 2e460a87dd
Remove extra assignment 2016-05-05 11:24:19 -05:00
Christian Mehlmauer 9357a30725
remove duplicate key 2016-05-04 22:15:33 +02:00
Brian Patterson be363411de
Land #6317, Add delay(with jitter) option to auxiliary scanner and portscan modules 2016-05-02 13:09:40 -05:00
wchen-r7 4a95e675ae Rm empty references 2016-04-24 11:46:08 -05:00
wchen-r7 2edd6869fc rm references key 2016-04-24 03:09:59 -05:00
wchen-r7 816bc91e45 Resolve #6807, remove all OSVDB references.
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.

Resolve #6807
2016-04-23 12:32:34 -05:00
join-us 81af4d2675 Fix: merge error 2016-04-23 23:19:08 +08:00
join-us 1d99d08ac8 rebuild 2016-04-23 23:15:19 +08:00
join-us de9ac28db1 class Metasploit4 -> class MetasploitModule 2016-04-23 23:03:48 +08:00
join-us e2fcfc8d09 fix index / space 2016-04-23 23:02:41 +08:00
join-us fca4d53a6f add yahoo_search / bing_search exception handler 2016-04-23 22:58:39 +08:00
join-us d9633078ec merge yahoo_search_domain[ip] / bing_search_domain[ip] 2016-04-23 22:45:47 +08:00
join-us 66c0832f27 add Rex::Socket.getaddresses exception handler 2016-04-23 20:09:12 +08:00
join-us b47b83dfaa add results.nil? / results.empty? check 2016-04-23 19:47:33 +08:00
join-us 7579abb34e report_note in a line 2016-04-23 19:43:44 +08:00
join-us 55e31bacee add exception handler 2016-04-23 19:01:55 +08:00
join-us 73121f7e2f add vprint_good 2016-04-23 18:50:48 +08:00
join-us bc1f829fe5 class Metasploit4 -> class MetasploitModule 2016-04-23 17:36:22 +08:00
Brent Cook 57ab974737 File.exists? must die 2016-04-21 00:47:07 -04:00
Fakhir Karim Reda zirsalem f0d403124c Update symantec_brightmail_ldapcreds.rb 2016-04-20 18:58:12 +02:00
Karim Reda Fakhir cda104920e delete telisca abuse 2016-04-20 17:09:13 +01:00
Karim Reda Fakhir c322a4b314 added modules/auxiliary/scanner/http/symantec_brightmail_ldapcreds.rb 2016-04-20 17:01:18 +01:00
Karim Reda Fakhir dc3a185519 delete modules/auxiliary/voip/telisca_ips_lock_abuse.rb 2016-04-20 16:48:37 +01:00
Karim Reda Fakhir 5adf5be983 add symantec bright mail ldap creds 2016-04-20 16:05:24 +01:00
Karim Reda Fakhir dfb2b95e46 Merge remote-tracking branch 'upstream/master'
Merge
2016-04-20 12:21:16 +01:00
join-us 815a918a72 deprecate auxiliary/gather/dns_srv_enum 2016-04-12 08:44:47 +08:00
join-us 2bbb58d57e deprecate auxiliary/gather/dns_reverse_lookup 2016-04-12 08:44:21 +08:00
join-us 5e1c540d31 deprecate auxiliary/gather/dns_info 2016-04-12 08:43:50 +08:00
join-us 67f8b309c6 deprecate auxiliary/gather/dns_cache_scraper 2016-04-12 08:43:23 +08:00
join-us 66ec001110 deprecate auxiliary/gather/dns_bruteforce 2016-04-12 08:42:56 +08:00
Jon Hart ca6beeb676
Land #6187, @join-us' cleanup for enum_dns 2016-04-11 09:50:12 -07:00
Brent Cook 99b4d0a2d5 remove more regex-style bool checks 2016-04-09 13:49:16 -05:00
Jon Hart a37f9c9eda
Clarify note type 2016-04-08 18:35:43 -07:00
Jon Hart 44a98cc36f
Correct overly aggressive style cleanup 2016-04-08 18:00:03 -07:00
Jon Hart 7ce5c07c03
Minor style cleanup 2016-04-08 17:39:32 -07:00
Jon Hart 7c70a554ea
Merge branch 'pr/6187' into pr/fixup-6187 for pre-master merge testing 2016-04-08 16:56:38 -07:00
Sonny Gonzalez fa5acba400
TTL setting honors TTL option
* change hard-coded ttl value to TTL option
* set TTL option default to 30
2016-04-07 10:59:05 -05:00
all3g 616bb8399f remove db_filter / format a json data 2016-04-06 18:39:34 +08:00
William Vu dcb6da306c
Land #6720, SSL scanner fixes 2016-04-04 23:37:52 -05:00
Brent Cook af7eef231c Fix a few issues with the SSL scanner
First, we need to handle public keys with strength not measured on the same bit
scale as RSA keys. This fixes handshakes for ECDSA and others.

Second, depending on the host we are talking to, we may not have a peer cert.
Handle this properly by checking first on the socket before using it.
2016-04-04 22:08:01 -05:00
wchen-r7 51b8b4a4d1
Bring #6404 up to date with upstream-master 2016-04-04 16:35:58 -05:00
wchen-r7 da3388248a Uses #blank? 2016-04-04 16:34:49 -05:00
wchen-r7 5a6d1ee0a9 Uses MetasploitModule class name 2016-04-04 16:30:55 -05:00
William Vu 41b802a8a2 Clean up module 2016-04-01 13:54:27 -05:00
wchen-r7 75ebd08153
Land #6731, Add CVE-2015-7755 juniper backdoor 2016-03-31 17:30:38 -05:00
wchen-r7 618f379488 Update auxiliary/scanner/redis/redis_server and mixin 2016-03-31 17:14:49 -05:00
wchen-r7 4d76b0e6a5 Rm auxiliary/scanner/misc/redis_server
Please use auxiliary/scanner/redis/redis_server or
auxiliary/scanner/redis/redis_login instead
2016-03-31 17:13:08 -05:00
wchen-r7 2e7d07ff53 Fix PASSWORD datastore option 2016-03-31 17:12:00 -05:00
wchen-r7 545cb11736
Bring #6409 up to date with upstream-master 2016-03-31 17:00:56 -05:00
wchen-r7 5fdea91e93 Change naming 2016-03-31 17:00:29 -05:00
wchen-r7 f33e994050 Delete anything related to configuring/saving username 2016-03-31 16:56:54 -05:00
wchen-r7 101775a5ba
Bring #6545 up to date with upstream-master 2016-03-30 16:07:24 -05:00
h00die 7fc2c860e9 remove comment 2016-03-29 21:26:36 -04:00
h00die d35b5e9c2a First add of CVE-2015-7755 2016-03-29 21:20:12 -04:00
Brendan Watters b84bf2290f Land #6707 Print Response fix for HTTP NTLM 2016-03-29 13:35:49 -05:00
Brendan Watters 824a7837a2
LAND #6707, Print Response Fix for HTTP NTLM 2016-03-29 13:08:43 -05:00
wchen-r7 57984706b8 Resolve merge conflict with Gemfile 2016-03-24 18:13:31 -05:00
dmohanty-r7 6a462d5f60
Land #6703, Make ms09_065_eot_integer passive 2016-03-23 13:39:41 -05:00
Adam Cammack 8fb55eeb6b
Land #6700, add aux module to gather browser info 2016-03-23 13:19:27 -05:00
wchen-r7 8c5c0086e6 Change cve_2012_6301 module path & make passive
This addresses two things:

1. The module is in the wrong directory. dos/http is for http
   servers, not browsers.
2. PassiveActions should not be a 2D array.
2016-03-23 11:10:23 -05:00
wchen-r7 53860bef1f Make ms09_065_eot_integer passive
MS-932
2016-03-23 10:50:24 -05:00
wchen-r7 8bf039a69e ignore_items! should not be used in a loop
because it's not necessary.
2016-03-22 15:56:38 -05:00
wchen-r7 8836393cb1 Add aux module to gather browser information. 2016-03-22 13:56:12 -05:00
Lexus89 8028a9b5ce Print response fix 2016-03-22 18:50:25 +01:00
James Lee 1375600780
Land #6644, datastore validation on assignment 2016-03-17 11:16:12 -05:00
James Lee 9e7a330ac8
OptInt -> OptPort 2016-03-16 15:47:29 -05:00
James Lee af642379e6
Fix some OptInts 2016-03-16 14:13:18 -05:00
James Lee c21bad78e8
Fix some more String defaults 2016-03-16 14:13:18 -05:00
Spencer McIntyre 4e3a188f75
Land #6401, EasyCafe server file retrieval module 2016-03-16 13:24:54 -04:00
Spencer McIntyre 9ac4ec4bfc Update the class name to MetasploitModule 2016-03-16 13:22:06 -04:00
Spencer McIntyre 53f1338ad0 Update module to remove references to print peer 2016-03-16 13:10:39 -04:00
Adam Cammack 05f585157d
Land #6646, add SSL SNI and unify SSLVersion opts 2016-03-15 16:35:22 -05:00
rwhitcroft c12cc10416 change class Metasploit to MetasploitModule 2016-03-14 17:57:29 -04:00
rwhitcroft dd53625f4a change Metasploit3 to Metasploit to satisfy travis 2016-03-14 16:52:02 -04:00
rwhitcroft a26c90fd41 fix RPORT option 2016-03-14 16:27:44 -04:00
wchen-r7 38153d227c Move apache_karaf_command_execution to the SSH directory
apache_karaf_command_execution does not gather data, therefore
it is not suitable to be in the gather directory.
2016-03-14 00:32:59 -05:00
William Vu 6323f7f872 Fix a couple overlooked issues 2016-03-13 23:35:05 -05:00
Brent Cook df0ff30468
Land #6642, make ipv6_neighbor_router_advertisement discovery smarter 2016-03-13 16:53:11 -05:00
Brent Cook 635e31961a generate valid prefixes 2016-03-13 16:44:57 -05:00
Brent Cook dabe5c8465
Land #6655, use MetasploitModule as module class name 2016-03-13 13:48:31 -05:00
Fakhri Zulkifli 45c7e4b6ae Update ipv6_neighbor_router_advertisement.rb 2016-03-09 11:21:24 +08:00
Fakhri Zulkifli e417909111 Update ipv6_neighbor_router_advertisement.rb 2016-03-09 11:21:07 +08:00
rwhitcroft f155477edf improve description and change behavior to keep trying on connection errors 2016-03-08 12:33:17 -05:00
Christian Mehlmauer 3123175ac7
use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
wchen-r7 c2f99b559c Add documentation for auxiliary/scanner/http/tomcat_enum
Also fix a typo in normalizer
2016-03-07 15:39:15 -06:00
Brent Cook f703fa21d6 Revert "change Metasploit3 class names"
This reverts commit 666ae14259.
2016-03-07 13:19:55 -06:00
Brent Cook 44990e9721 Revert "change Metasploit4 class names"
This reverts commit 3da9535e22.
2016-03-07 13:19:48 -06:00
Brent Cook aa5b201427 Revert "revert ssl_login_pubkey for now"
This reverts commit 7d773b65b6.
2016-03-07 13:19:33 -06:00
Christian Mehlmauer 7d773b65b6
revert ssl_login_pubkey for now 2016-03-07 14:44:23 +01:00
Christian Mehlmauer 3da9535e22
change Metasploit4 class names 2016-03-07 09:57:22 +01:00
Christian Mehlmauer 666ae14259
change Metasploit3 class names 2016-03-07 09:56:58 +01:00
Brent Cook bb36cd016e Fix #6643, Pcap.lookupaddrs does not exist 2016-03-06 22:15:39 -06:00
Brent Cook eea8fa86dc unify the SSLVersion fields between modules and mixins
Also actually handle the 'Auto' option that we had in the crawler and remove
hardcoded defaults in modules that do not need them.
2016-03-06 22:06:27 -06:00
Brent Cook 66c697d2e4
Land #6602, update author info for dahua_dvr_auth_bypass 2016-03-06 15:13:01 -06:00
Brent Cook 4711191def remove non-specific URL 2016-03-06 15:12:25 -06:00
Brent Cook c7c0e12bb3 remove various module hacks for the datastore defaults not preserving types 2016-03-05 23:11:39 -06:00
Fakhri Zulkifli b1e9f44ca2 IPv6 Neighbor Advertisement Enhancement
http://seclists.org/nmap-dev/2011/q2/79

1. Shorten router advertisement payload lifetime.
2. Randomize address prefix.
3. Prevent from getting into default router list.
2016-03-06 03:23:37 +08:00
rwhitcroft ded5b58733 one more style fix 2016-03-01 10:20:39 -05:00
rwhitcroft 4b10331cf0 style fixups 2016-03-01 10:18:25 -05:00
William Vu c5a9d59455
Land #6612, one final missing change 2016-02-29 15:08:42 -06:00
William Vu cb0493e5bb Recreate Msf::Exploit::Remote::Fortinet
To match the path, even though it's kinda lame including it just for the
monkeypatch.
2016-02-29 15:04:02 -06:00
Brent Cook 8c2ce9687a
Land #6620, fix typo in jtr_linux 2016-02-29 14:58:58 -06:00
William Vu a6a37b3089
Land #6612, missing commits included 2016-02-29 14:06:21 -06:00
wchen-r7 f5ad1286d2 Fix #6615, fix typo "format"
Fix #6615
2016-02-29 12:44:25 -06:00
William Vu 300fdc87bb Move Fortinet backdoor to module and library 2016-02-29 12:06:33 -06:00
wchen-r7 2950996cb8
Land #6612, Add aux module for Fortinet backdoor 2016-02-29 12:02:49 -06:00
William Vu 53d703355f Move Fortinet backdoor to module and library 2016-02-29 11:57:42 -06:00
rwhitcroft f735a904ff create owa_ews_login module, modify HttpClient to accept preferred_auth option 2016-02-28 22:01:05 -05:00
wchen-r7 53ff3051e1
Land #6531, NETGEAR ProSafe Network Management System 300 auth'd File Download 2016-02-26 10:53:16 -06:00
wchen-r7 bc050410a6 Allow max traversal depth as an option, and report cred 2016-02-26 10:52:30 -06:00
wchen-r7 051506694f
Land #6574, add Linknat Vos Manager Traversal aux module 2016-02-25 22:02:56 -06:00
wchen-r7 d14ec657e2
Land #6564, Add Apache Karaf Command Execution Module 2016-02-25 14:47:40 -06:00
wchen-r7 1d2ec7a239 Rescue OpenSSL::Cipher::CipherError
Our current net/ssh library is out of date, so we need to rescue
OpenSSL::Cipher::CipherError.
2016-02-25 14:46:53 -06:00
wchen-r7 2e268a25da
Land #6596, Apache Karaf Login Utility 2016-02-25 14:39:51 -06:00
wchen-r7 aa7c3f01a8 Update name and description 2016-02-25 14:39:19 -06:00
wchen-r7 7e25c7b87b Handle OpenSSL::Cipher::CipherError
Our current net/ssh is petty outdated, so it is possible not being
able to connect to certain SSH servers.
2016-02-25 14:35:37 -06:00
William Vu 7d20e26a35 Move to aux/scanner/ssh 2016-02-25 11:22:50 -06:00
William Vu f52f44cde0 Remove session_setup, since we're not in a shell
A real shell. A real human bean.
2016-02-25 11:21:45 -06:00
nixawk 6ef4026698 get_ptr - save_note(ip, 'get_ptr', records) 2016-02-25 21:43:13 +08:00
nixawk dfff94a243 save ip/domain relationships 2016-02-25 21:14:40 +08:00
Tyler Bennett ff3a554b4d added an unless to wrap around the print and report_creds func for nas module to only execute if ftpuser and ftppass is non-blank 2016-02-24 13:53:30 -05:00
Tyler Bennett 16d7b2e6ff cleaned up unless code for nas module and setup ftpuser and ftppass to only if non blank 2016-02-23 17:37:47 -05:00
dmohanty-r7 6aa6280eff
Try USERNAME before DEFAULTCRED 2016-02-23 13:44:44 -06:00
Tyler Bennett 4eabe43273 fixed issues with capturing regex 2016-02-23 12:27:07 -05:00
Tyler Bennett c191e5b8e1 corrected authors file and cleaned up debug statements 2016-02-23 11:41:12 -05:00
Jon Hart c79eab2c7f
Land #6241, @talos-arch3y's aux module for Dahua DVR CVE-2013-6117 2016-02-23 08:20:54 -08:00
nixawk f0da8e9adf bing_search - ConnectionTimeout 2016-02-23 18:56:34 +08:00
Pedro Ribeiro 5710c85a9e Style changes 2016-02-23 15:15:57 +07:00
dmohanty-r7 07ac13326e
Allow user to try other login credentials 2016-02-22 17:47:32 -06:00
dmohanty-r7 c0180b23fa
Update description 2016-02-19 13:39:13 -06:00
dmohanty-r7 33aaeb4ac9
Update authors 2016-02-19 11:53:17 -06:00
Vex Woo 91822f2861 Merge pull request #12 from jhart-r7/pr/fixup-6187
More fixup for #6187 (auxiliary/gather/enum_dns)
2016-02-19 19:12:17 +08:00
Jon Hart 1f5285bca7
Better handling of AXFR if ns records won't resolve on target NS 2016-02-18 22:15:06 -08:00
nixawk 0e185a34bf get_ns / notes nameservers 2016-02-19 14:03:05 +08:00
Jon Hart 42c64b51bb
Remove all report_host instances in enum_dns
the forced resolution of names won't fly
2016-02-18 21:41:51 -08:00
Jon Hart 65a3cc2921
Remove duplicated SIP SRV record lookup 2016-02-18 21:41:09 -08:00
nixawk da3c382869 add function domain2ip 2016-02-19 12:35:31 +08:00
nixawk 4ef5cf420c rename the module 2016-02-19 11:18:55 +08:00
nixawk a87c503ae4 merge bing/yahoo subdomains search 2016-02-19 11:17:08 +08:00
wchen-r7 a82ce40c40 Update ibm_tsm_dos name
For some reason I actually modified the name, but I didn't mean
to.
2016-02-18 16:07:46 -06:00
James Lee adb175136e Fix extra whitespace and unused vars in call 2016-02-18 15:18:29 -06:00
nixawk 9afe5517f7 return unless domains -> return if domains.empty? 2016-02-18 10:26:45 +08:00
nixawk 15f6992aec add yahoo_search_domain(domain) / yahoo_search_ip(ip) 2016-02-18 00:03:28 +08:00
nixawk 29185271a7 report domains/ips to (notes / hosts) 2016-02-17 11:41:59 +08:00
Brent Cook 3d1861b3f4 Land #6526, integrate {peer} string into logging by default 2016-02-15 15:19:26 -06:00
nixawk 2428d5127c add Yahoo Search Engine Subdomains Collector 2016-02-16 03:11:38 +08:00
nixawk 7ca0255ea1 Module should not be marked executable 2016-02-15 12:57:43 +08:00
nixawk f35230b908 add Linknat Vos Manager Traversal 2016-02-15 12:39:40 +08:00
Nicholas Starke 3416a24dda Adding vprint_status for loot path
Adding a vprint_status to show users the loot
path as per a comment on the pull request.
2016-02-14 11:19:20 -06:00
Spencer McIntyre c9c4f49aca Add get_file method and parse the server response 2016-02-13 17:20:37 -05:00
wchen-r7 b2765a296f
Land #6547, IBM Tivoli Storage Manager Fastback Denial of Service 2016-02-11 22:05:21 -06:00
wchen-r7 3121093898 Update metadata, plus other minor changes 2016-02-11 22:04:05 -06:00
Nicholas Starke cdaa2a8c43 Adding Apache Karaf Command Execution Module
This module establishes an SSH session using default
credentials and then executes a user defined operating system
command.  This is part of GitHub Issue #4358.
2016-02-10 16:48:08 -06:00
William Webb c874699b82 removed ranking 2016-02-10 11:45:09 -06:00
William Webb 4c6cb03548 more build errors 2016-02-10 11:40:21 -06:00
William Webb 72f5a33804 addressed CI errors 2016-02-10 11:34:05 -06:00
William Webb 51604fa24a made necessary inheritance changes 2016-02-10 10:59:11 -06:00
William Vu 5f0add2a8b
Land #6541, typo fix for cisco_ssl_vpn 2016-02-09 17:13:24 -06:00
William Vu 240cbb91be s/resp/res/ 2016-02-09 17:12:09 -06:00
William Webb eadbb6b582 moved module to modules/auxiliary/dos/misc 2016-02-09 11:44:01 -06:00
alexandrinetorrents c0a8b01c2b Addition of multiple read/write to auxiliary/scanner/scada/modbusclient.rb 2016-02-08 13:13:51 +01:00
wchen-r7 cd7046f233 Change method name "method" to "http_method" for http_traversal.rb
We accidentally override "#method", which is bad.
2016-02-07 23:15:46 -06:00
Brendan Coles 40633ea7cd Check filepath length 2016-02-08 01:11:18 +00:00
Brendan Coles df825913b8 Use default timeout 2016-02-07 07:11:47 +00:00
Brendan Coles e0e67f5507 Remove unnecessary check for FILEPATH 2016-02-07 02:05:15 +00:00
wchen-r7 2171c344e5 Fix #6539, correct a typo in report_cred
Fix #6539
2016-02-06 13:23:21 -06:00
Jon Hart 55c8d23e1f
Handle refused connections during axfr 2016-02-04 09:23:49 -08:00
Jon Hart 52d81f7e93
More/better status printing for big query types 2016-02-04 09:18:26 -08:00
Jon Hart c025458d22
More consistent record type printing 2016-02-04 09:12:36 -08:00
Jon Hart c630f791c3
Remove loot storage from enum_dns. Loot is appropriate for this use case 2016-02-04 09:10:08 -08:00
Jon Hart 4408742930
Fix storage of SRV record notes 2016-02-04 09:08:21 -08:00
Pedro Ribeiro b64294abc9 Create file for CERT VU 777024 (auth download) 2016-02-04 07:57:48 +08:00
Jon Hart cd86db2734
Update ssh_identify_pubkeys to support symbolic path names 2016-02-03 14:21:54 -08:00
Jon Hart 53d4e31844
Allow OptPath to valid symbolic paths that need expansion 2016-02-03 14:12:03 -08:00
Jon Hart 49beca4e40
Fix ssh_identify_pubkeys to accept keyfiles with authorized commands
Previously, something like this would fail:

command="/some/script.sh" ssh-rsa adsfadfa root@whatever

This format is valid authorized_keys and should work here too.  It does
now.
2016-02-03 13:50:17 -08:00
Jon Hart dbcef2c755
Deregister unused options 2016-02-03 13:20:30 -08:00
Jon Hart ef75845d01
Better fetching/saving of SRV records 2016-02-03 13:07:20 -08:00
James Lee 47c0a3b4a7
Get some stragglers that had a different format 2016-02-01 16:21:10 -06:00
James Lee 8094eb631b
Do the same for aux modules 2016-02-01 16:06:34 -06:00
wchen-r7 f5ee6ce2f3 Better service reporting for snmp_login
Report the snmp string and update the module title & description
to better clarify what the module really does.
2016-02-01 12:24:19 -06:00
Brent Cook cd56470759
Land #6493, move SSL to the default options, other fixes 2016-01-29 11:09:51 -06:00
Jon Hart 1749932bb4
Cleanup loot saving output 2016-01-28 14:16:47 -08:00
Jon Hart 6646785902
Don't enumerate other possible domains via TLD expansion by default 2016-01-28 14:09:09 -08:00
Jon Hart 86e7cd92c0
Minor style nit on printed NS records 2016-01-28 14:08:20 -08:00
Tod Beardsley 8af751be41
Land #6470, Telisca IPS Lock (and Unlock) 2016-01-27 16:41:25 -06:00
Tod Beardsley 86c025de25
Title and description fixes for #6470 2016-01-27 16:40:06 -06:00
Brent Cook 115c63e4ba karaf default credential scanner PoC 2016-01-27 03:27:48 -05:00
wchen-r7 6187354392
Land #6226, Add Wordpress XML-RPC system.multicall Credential BF 2016-01-23 00:12:46 -06:00
wchen-r7 064af0d670 Remove unwanted comment 2016-01-23 00:11:58 -06:00
KINGSABRI ad3eed525b Handing newer version of WP, fallback CHUNKSIE to 1 2016-01-23 08:06:27 +03:00
wchen-r7 53e9bd7f51 This line does nothing 2016-01-22 18:55:45 -06:00
wchen-r7 0f9cf812b7 Bring wordpress_xmlrpc_login back, make wordpress_multicall as new 2016-01-22 18:54:20 -06:00
wchen-r7 91db2597c7 normalize URIs 2016-01-22 11:27:26 -06:00
wchen-r7 b02c762b93 Grab zeroSteiner's module/jenkins-cmd branch 2016-01-22 10:17:32 -06:00
Christian Mehlmauer 484d57614a
remove re-registered ssl options 2016-01-22 09:54:52 +01:00
wchen-r7 216986f7af Do API documentation, rspec, and other small changes 2016-01-21 17:22:14 -06:00
KINGSABRI a8feb8cad5 make passwords faster for reading huge wordlest files 2016-01-21 03:32:50 +03:00
KINGSABRI 4cb19c75a6 Enhance the module and add version check 2016-01-21 03:19:31 +03:00
wchen-r7 fcaef76215 Do a version check
This attack is not suitable for newer versions due to the
mitigation in place.
2016-01-20 17:14:44 -06:00
nixawk ad107a2d1c Show - No Auth Required - Just Once 2016-01-19 08:29:33 +08:00
nixawk 0b78406d29 clear Metasploit::Framework::LoginScanner::REDIS.new 2016-01-16 13:12:04 +08:00
nixawk b2983e1ee7 replace #{rhost}: #{rport} with #{peer} 2016-01-16 13:05:35 +08:00
nixawk 2abaca3f6b include Msf::Auxiliary::Redis / Remove default RPORT option 2016-01-16 12:58:02 +08:00
nixawk 643ebfed7e format print_status output for get_srv/get_tld 2016-01-16 11:21:16 +08:00
kfr-ma 3d04f405b4 Update telisca_ips_lock_control.rb
commit the changes mad by sinn3r and replace headers on lock and unlock
2016-01-15 15:05:24 +00:00
wchen-r7 477dc64e1e Rename module 2016-01-14 19:45:00 -06:00
wchen-r7 eb6cff77bc Update the code to today's standards
Mainly making sure it is following the Ruby style guide, and
avoid unrecommended coding practices.
2016-01-14 19:38:59 -06:00
kfr-ma 46f06516ad Update /telisca_ips_lock_abuse
cleaning the code
2016-01-14 11:13:10 +00:00
Karim Reda Fakhir d5dd5d55a6 modified: modules/auxiliary/scanner/voice/telisca_ips_lock_abuse.rb
modified:   modules/auxiliary/voip/telisca_ips_lock_abuse.rb
2016-01-14 11:06:26 +00:00
Fakhir Karim Reda aae86d8bc0 new file: modules/auxiliary/scanner/voice/telisca_ips_lock_abuse.rb 2016-01-14 00:12:55 +00:00
Fakhir Karim Reda c18253d313 deleted: modules/auxiliary/scanner/http/symantec_brightmail_ldapcreds.rb 2016-01-14 00:03:25 +00:00
Fakhir Karim Reda 60ef1eae90 adding modules/auxiliary/voip/telisca_ips_lock_abuse.rb 2016-01-14 00:00:04 +00:00
Fakhir Karim Reda 25eb311518 readding modules/auxiliary/voip/telisca_ips_lock_abuse.rb 2016-01-13 23:53:02 +00:00
Fakhir Karim Reda 1e37ff9701 Merge branch 'master' of github:kfr-ma/metasploit-framework into test_telisca_ipslock
merge
2016-01-13 23:20:50 +00:00
Fakhir Karim Reda 01b8302db1 delte modules/auxiliary/scanner/voice/telisca_ips_lock_abuse.rb 2016-01-13 23:19:35 +00:00
Fakhir Karim Reda 1b9563b82a rm modules/auxiliary/voip/telisca_ips_lock_abuse 2016-01-13 23:09:35 +00:00
Fakhir Karim Reda c68d2a8e0a replace telisca_ips_lock_abuse.rb 2016-01-13 22:59:18 +00:00
Fakhir Karim Reda 457e569f3b replacing telisca-ips-lock 2016-01-13 22:50:58 +00:00
Karim Reda Fakhir 8b03b719e8 Adding auxialiary modules :
+ symantec_brightmail_ldapcreds.rb
+ telisca_ips_lock_abuse.rb
2016-01-13 15:19:07 +00:00
nixawk e491502023 handle exception - ResolverArgumentError 2016-01-12 00:48:02 +08:00
Jonathan Harms 5266860cec Squashed more commits back into 1 2016-01-07 17:53:49 -06:00
Tyler Bennett c245e64239 added peer to each print statement and rex table 2016-01-06 13:22:30 -05:00
wchen-r7 6e65d1d871
Land #6411, chinese caidao asp/aspx/php backdoor bruteforce 2016-01-06 12:03:17 -06:00
nixawk 408b8fa4fd handle exception - (get_tld - ArgumentError / get_mx - SocketError) 2016-01-07 00:54:03 +08:00
nixawk eecd75262c handle exception - (get_tld - ArgumentError / get_mx - SocketError) 2016-01-07 00:25:28 +08:00
nixawk 71acff5733 output scan results (set VERBOSE false) 2016-01-06 23:55:48 +08:00
nixawk a54a7aeb02 redis only need password for authentication 2016-01-06 17:05:49 +08:00
wchen-r7 bdda8650a2 Do not support username, because the backdoor doesn't use one 2016-01-06 02:02:11 -06:00
Jon Hart d626d7f0c9
Land #6416, @all3g's rewrite/improvements to redis_server 2016-01-05 19:02:26 -08:00
Jon Hart 90ea88e5ba
Make command used configurable 2016-01-05 16:23:10 -08:00
Jon Hart 3ccdd12ecb
Put peer first in all prints 2016-01-05 16:09:50 -08:00
Jon Hart 1d997234cb
Remove unnecessary degistering of RHOST 2016-01-05 16:08:18 -08:00