Jon Hart
eef154420b
This is a scanner, so vprint things that occur frequently
2016-01-05 09:06:36 -08:00
Jon Hart
63324bd77d
Rescue correct exceptions
2016-01-05 09:05:32 -08:00
Jon Hart
1b48556456
Use cleaner hash syntax
2016-01-05 09:05:32 -08:00
nixawk
9714923824
ensure disconnect / remove self.class from register_options
2016-01-06 00:54:54 +08:00
William Vu
6cb9ad0d72
Land #6435 , unaligned def/end fix
2016-01-05 09:59:25 -06:00
nixawk
c3158497c0
rebuild / add check_setup / send_request
2016-01-05 15:10:26 +08:00
nixawk
cbbbd9a7e7
end is not aligned with def
2016-01-05 14:07:43 +08:00
nixawk
20cd156047
replace auxiliary/scanner/misc/redis_server with auxiliary/scanner/redis/redis_server
2016-01-05 13:14:40 +08:00
William Vu
3990c021c2
Land #6318 , updates for ssh_identify_pubkeys
2016-01-04 13:27:38 -06:00
William Vu
6f01df3f79
Clean up module
2016-01-04 13:26:03 -06:00
William Vu
58c047200d
Land #6305 , creds update for owa_login
2016-01-04 10:52:39 -06:00
nixawk
a6914df3e3
rename LOGIN_URL to TARGETURI
2015-12-31 22:21:34 +08:00
nixawk
370351ca88
chinese caidao asp/aspx/php backdoor bruteforce
2015-12-31 15:17:01 +08:00
Brent Cook
e23b5c5435
Land #6179 , add NTP initial crypto nak spoofing module
2015-12-24 15:46:18 -06:00
Brent Cook
04f755dd51
Land #6367 , MS15-134 Microsoft Windows Media Center MCL Information Disclosure
2015-12-24 15:24:42 -06:00
Jon Hart
283cf5b869
Update msftidy to catch more potential URL vs PACKETSTORM warnings
...
Fix the affected modules
2015-12-24 09:12:24 -08:00
Jon Hart
27a6aa0be1
Fix current msftidy warnings about PACKETSTORM vs URL
2015-12-24 09:05:02 -08:00
Jon Hart
efdb6a8885
Land #6392 , @wchen-r7's 'def peer' cleanup, fixing #6362
2015-12-24 08:53:32 -08:00
wchen-r7
e191bf8ac3
Update description, and fix a typo
2015-12-24 10:35:05 -06:00
Jon Hart
3535cf3d18
Remove peer; included via HttpClient in lib/msf/core/exploit/mssql_sqli.rb
2015-12-24 07:51:12 -08:00
Jon Hart
cb752a4bcf
Remove peer; included via Exploit::Remote::Tcp in lib/msf/core/exploit/mysql.rb
2015-12-24 07:46:23 -08:00
Jon Hart
c55f61d2d7
Remove peer; included via Exploit::Remote::Tcp in lib/msf/core/exploit/smtp.rb
2015-12-24 07:44:36 -08:00
Jon Hart
e3eafff7c9
Land #6237 , @jww519's aux module for Android CVE-2012-6301
2015-12-23 13:27:09 -08:00
wchen-r7
cea3bc27b9
Fix #6362 , avoid overriding def peer repeatedly
...
def peer is a method that gets repeated a lot in modules, so we
should have it in the tcp mixin. This commit also clears a few
modules that use the HttpClient mixin with def peer.
2015-12-23 11:44:55 -06:00
wchen-r7
08bddab568
File name should be the same as the datastore option
2015-12-18 21:22:55 -06:00
wchen-r7
7d8ecf2341
Add Joomla mixin
2015-12-18 21:14:04 -06:00
wchen-r7
5f5b3ec6a1
Add MS15-134 Microsoft Windows Media Center MCL Information Disclosure
...
CVE-2015-6127
2015-12-17 22:41:58 -06:00
Jon Hart
a8bb750db7
Address style/usability concerns in Android CVE-2012-6301 module
2015-12-17 13:45:32 -08:00
Brent Cook
0c0219d7b7
Land #6357 , cleanup redis rdbcompression options
2015-12-17 10:45:11 -06:00
Jon Hart
f3ac8a2cc0
Land #6360 , @pyllyukko's reference cleanup for ipmi_dumphashes
2015-12-16 22:03:40 -08:00
Jon Hart
865e2a7c18
Only test/reset rdbcompression if told to and redis is configured that way
2015-12-16 11:20:13 -08:00
Jon Hart
f616ee14a8
Dont abort if compression can't be disabled
2015-12-16 11:11:00 -08:00
Jon Hart
12764660b2
Remove compression bits from description; remove unnecessary module options; require DISABLE_RDBCOMPRESSION
2015-12-16 11:07:27 -08:00
pyllyukko
d110c6cc73
Added few references to ipmi_dumphashes
2015-12-16 13:36:37 +02:00
nixawk
342ce05ff7
add a DISABLE_RDBCOMPRESSION option for redis file_upload
2015-12-16 04:28:52 +00:00
Jon Hart
b78f7b4d55
Land #6319 , @all3g's module for abusing redis to achieve file uploads
2015-12-14 18:00:44 -08:00
Jon Hart
e448bc3e27
If saving fails, print_error and mention permissions
2015-12-14 10:47:05 -08:00
Jon Hart
19acd366d6
Rename redis file upload module; remove the 'auth' part
2015-12-14 10:40:28 -08:00
Spencer McIntyre
4e492a1b0c
Add an additional grammar change to the listener option
2015-12-13 12:04:20 -05:00
radekk
90a523fb0a
Typos inside parameters description.
2015-12-12 22:48:20 +01:00
Vex Woo
dee23e4bda
Merge pull request #3 from jhart-r7/pr/fixup-6319
...
Cleanup redis unauth_file_upload, move redis stuff to mixin
2015-12-12 03:32:05 +00:00
Jon Hart
9ef46140c0
Improve output when success
2015-12-11 10:10:44 -08:00
Jon Hart
32a64c3d8e
Make auth easier, work automatically and on older redis versions
...
Also, improve check
2015-12-11 10:04:47 -08:00
Jon Hart
ac47c87af4
Move Password option to redis mixin
2015-12-11 08:53:11 -08:00
Jon Hart
38d0b0a0f2
Wire in @all3g's redis auth code
2015-12-11 08:42:59 -08:00
Jon Hart
555e52e416
Document the redis upload process more
2015-12-10 09:35:46 -08:00
Jon Hart
48a27170c2
Document process better, delete correct key
2015-12-10 09:13:13 -08:00
Jon Hart
d2f54af23f
Reset the dir and dbfilename back to their original settings
2015-12-10 08:56:24 -08:00
Jon Hart
21ab4e96e5
First pass at redis mixin
2015-12-10 08:29:59 -08:00
nixawk
0d8fc78257
make code more clear
2015-12-10 15:13:50 +00:00
nixawk
42013c18ba
add a password option - AUTH_KEY
2015-12-10 08:24:47 +00:00
nixawk
28bc5b4d4f
move it from exploit to auxiliary
2015-12-10 08:23:38 +00:00
Jon Hart
4cc7853ad8
Don't run_host unless check returns vulnerable; report_service
2015-12-09 18:33:40 -08:00
Jon Hart
624e5aeffa
First pass at converting redis module to aux; style cleanup
2015-12-09 17:59:48 -08:00
wchen-r7
080ec26afb
Land #4489 , Update SMB admin modules to use Scanner & fixes
2015-12-08 14:49:26 -06:00
wchen-r7
7378e7b128
Do elog() when print_error()
2015-12-08 11:06:59 -06:00
Stuart Morgan
ca023b6499
Simplified do_report() to comply with msftidy
2015-12-05 23:27:28 +00:00
Stuart Morgan
4f1f755c1d
msftidy
2015-12-05 22:49:40 +00:00
Stuart Morgan
4469e9b5ef
Finalised module
2015-12-05 22:45:08 +00:00
Stuart Morgan
bd1bf4aa72
Initial test, fixed noteswq
2015-12-05 21:19:34 +00:00
Stuart Morgan
09c58e4097
Massive rework of the storage/notes/reporting
2015-12-05 21:18:29 +00:00
r3naissance
db5c69226e
Add Usernames to Creds Database with owa_login.rb
2015-12-03 09:31:36 -07:00
Jon Hart
fdbd3cfc11
Fix minor style problems, call check() from run_host
2015-12-02 15:46:35 -08:00
wchen-r7
93a4fd0ee4
Minor edits
2015-12-02 15:43:11 -06:00
Christian Mehlmauer
581ea89f7f
fix nil error
2015-12-02 11:19:08 +01:00
Christian Mehlmauer
f06e4f3dbd
make this module work with other languages too
2015-12-02 11:14:10 +01:00
Christian Mehlmauer
1a4b91e33e
unzip backup file
2015-12-02 11:01:56 +01:00
Christian Mehlmauer
217374d1c0
add limesurvey file download
2015-12-02 00:06:13 +01:00
James Lee
98a0ddebda
Land #6298 , Advantech shellshock module
2015-12-01 11:37:09 -06:00
HD Moore
16d0d53150
Update Shellshock modules, add Advantech coverage
2015-12-01 10:40:46 -06:00
Kyle Gray
bd8177bf6c
Merge remote-tracking branch 'origin/pr/6284'
...
Land #6284 , fix for false negatives found in #6281
@wvu found some false negatives while testing a server for #6281
2015-11-30 16:09:42 -06:00
Christian Mehlmauer
920d8c6ad7
Land #6278 , wrong default option for RHOST
2015-11-26 06:49:25 +01:00
Louis Sato
90fb3e0118
Land #6277 , jenkins domain cred recovery aux module
2015-11-25 22:58:43 -06:00
Jon Hart
8fd2522a59
Land #6257 , @all3g's aux module for locating git repos over HTTP
2015-11-25 12:25:45 -08:00
Jon Hart
a56571479f
Remove WmapScanServer mixin; not needed
2015-11-25 11:38:32 -08:00
William Vu
2da9bb8578
Follow redirects in apache_userdir_enum
...
Found false negatives while testing a server for #6281 .
2015-11-25 13:27:06 -06:00
William Vu
8f459de064
Fix tomcat_enum for full_uri
2015-11-25 11:28:56 -06:00
William Vu
38a9efe4d6
Fix squiz_matrix_user_enum for full_uri
2015-11-25 11:28:53 -06:00
William Vu
7d17c5741b
Fix nginx_source_disclosure for full_uri
2015-11-25 11:19:27 -06:00
William Vu
035882702a
Fix barracuda_directory_traversal for full_uri
2015-11-25 11:18:17 -06:00
William Vu
7a5f6495d0
Fix axis_local_file_include for full_uri
2015-11-25 11:16:59 -06:00
William Vu
42d12a4d40
Fix apache_userdir_enum for full_uri
2015-11-25 11:16:22 -06:00
Waqas Ali
c09d8031c6
Remove default empty string
2015-11-25 12:19:16 +05:00
Jon Hart
eac4f02b66
Spelling and correct description
2015-11-24 17:57:56 -08:00
aushack
3ad7ef9814
Modify the printed URL to add https:// when SSL is used.
2015-11-25 12:46:56 +11:00
wchen-r7
b1abfe898d
Update wordpress_xmlrpc_login
...
Replace the wordpress_xmlrpc_login code with
wordpress_xmlrpc_massive_bruteforce.rb, which should run a lot
faster.
2015-11-24 16:30:34 -06:00
Jon Hart
ccdf814688
Use correct URIs in report_note
2015-11-24 09:52:07 -08:00
Jon Hart
c66d56263a
Cleaner and more consistent print_ *
2015-11-24 09:43:05 -08:00
Jon Hart
1e90a8004d
Correct printing of URIs when provided TARGETURI doesn't end with /
2015-11-24 09:11:04 -08:00
Jon Hart
afa4d9e74d
Add legit git UserAgent
2015-11-24 08:57:19 -08:00
Jon Hart
d59c563ee3
Don't store index file
2015-11-24 08:51:43 -08:00
Jon Hart
e29a229336
Minor style cleanup
2015-11-24 08:50:21 -08:00
Waqas Ali
2152c310fe
Remove the default true option of RHOST
2015-11-24 14:54:54 +05:00
wchen-r7
74e1b8d5ac
Fix res nil
2015-11-24 00:15:05 -06:00
wchen-r7
95ca288f9d
Modify check
2015-11-23 20:33:14 -06:00
wchen-r7
09e6a54886
In case anonymous is not allowed for decryption
2015-11-23 20:26:41 -06:00
wchen-r7
20ba10d46c
Spaces, how dare you
2015-11-23 16:45:02 -06:00
wchen-r7
faab28f1d6
Add Jenkins Domain Credential Discovery Auxiliary Module
2015-11-23 16:23:59 -06:00
Louis Sato
493e476a43
Land #6243 , check nil for sock.read
2015-11-23 11:15:51 -06:00
Spencer McIntyre
dc5e9a1d0a
Support CSRF token in the Jenkins aux cmd module
2015-11-22 17:51:27 -05:00