Brent Cook
f35fdfcd5f
Added documentation for auxiliary/scanner/http/owa_ews_login
2016-09-09 11:50:25 -05:00
Brent Cook
1d4b0de560
Land #6616 , Added an Outlook EWS NTLM login module.
2016-09-09 11:43:52 -05:00
Justin Steven
6bafad44f2
drop 'require uri', tweak option text
2016-09-09 20:31:23 +10:00
Justin Steven
0b012c2496
Combine Unix and Windows modules
2016-09-09 20:28:13 +10:00
Agora Security
00f09d19b1
SMTP Typo
...
Correct SMTP Type (before SMPT)
2016-09-09 01:36:37 -05:00
Agora Security
1c598cd15d
SMTP Type
...
Change SMPT for SMTP
2016-09-09 01:36:08 -05:00
Pearce Barry
4495b27e67
Land #7254 , Rex::SSLScan Gemification
2016-09-08 13:20:56 -05:00
Pearce Barry
e5e57366ac
Land #7280 , use the new rex-nop gem
2016-09-08 13:03:49 -05:00
David Maloney
1b9c37ff78
Merge branch 'master' into feature/MS-1711/rex-nop
2016-09-08 10:48:07 -05:00
David Maloney
1b69d163cc
push rex-text back to previous version
2016-09-08 10:41:33 -05:00
William Vu
92dba8ff9d
Land #7290 , env var check for WinSCP module
2016-09-07 21:08:12 -05:00
Brendan
a30711ddcd
Land #7279 , Use the rubyntlm gem (again)
2016-09-07 16:33:35 -05:00
wchen-r7
a9c3c5d391
Fix typos
2016-09-07 15:40:10 -05:00
wchen-r7
831c7a08a8
Check environment variables before using for winscp module
2016-09-07 15:24:22 -05:00
dmohanty-r7
24bb6b18ea
Land #7246 Rex::Socket Gemification
...
MS-1715
2016-09-07 13:14:45 -05:00
David Maloney
17ab04829c
missed the lib/rex/socket.rb file
...
failed to delete this rather important bigt
2016-09-07 11:38:28 -05:00
David Maloney
7857c58655
remove all the left voer cruft
...
remove all the files that got xfered out to the gems
MS-1715
2016-09-07 11:38:28 -05:00
David Maloney
43942e6029
refactor pem parser to use the rex-socket gem version
...
use rex-socket's pem aprser instead of the old one we used
to have in rex::parser
MS-1715
2016-09-07 11:38:27 -05:00
David Maloney
cd90ff7c24
pull in rex-socket gem
...
pull rex-socket gem in as a dep
MS-1715
2016-09-07 11:38:26 -05:00
David Maloney
1a913da08c
pull in rex-core as a dep
2016-09-07 11:38:26 -05:00
David Maloney
405c59b8b8
move bidirectional pipe into rex/ui/text
...
this didn't really fit with the rest of rex::io and it inherits
from inside rex/ui/text so just put it there
MS-1715
2016-09-07 11:34:04 -05:00
Tim
6cb331e74d
Land 7281, add vagrant default password to wordlist
2016-09-07 13:01:01 +01:00
Tim
96f81b4817
add root:vagrant to root_userpass
2016-09-07 12:59:12 +01:00
Pedro Ribeiro
31cd81d060
Merge pull request #32 from rapid7/master
...
aaa
2016-09-07 10:41:48 +01:00
William Vu
5cca776bc1
Land #7289 , minor module fixes
2016-09-06 23:31:39 -05:00
William Vu
7d44bd5ba4
Clean up module
2016-09-06 23:30:58 -05:00
aushack
015b790295
Added default rport.
2016-09-07 14:24:07 +10:00
aushack
7632c74aba
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2016-09-07 14:15:57 +10:00
aushack
6e21684ff7
Fix typo.
2016-09-07 14:08:46 +10:00
james-otten
dcf0d74428
Adding module to scan for Octopus Deploy server
...
This module tries to log into one or more Octopus Deploy servers.
More information about Octopus Deploy:
https://octopus.com
2016-09-06 20:52:49 -05:00
catatonic
c06ee991ed
Adding WiFi pineapple command injection via authenticaiton bypass.
2016-09-06 17:22:25 -07:00
catatonic
8d40dddc17
Adding WiFi pineapple preconfig command injection module.
2016-09-06 17:18:36 -07:00
EgiX
df5fdbff41
Add module for KIS-2016-07: SugarCRM REST PHP Object Injection
...
This PR contains a module to exploit KIS-2016-07, a PHP Object Injection vulnerability in SugarCRM CE before version 6.5.24 that allows unauthenticated users to execute arbitrary PHP code with the permissions of the webserver. Successful exploitation of this vulnerability should require SugarCRM to be running on PHP before version 5.6.25 or 7.0.10, which fix CVE-2016-7124.
2016-09-07 01:58:41 +02:00
Christian Mehlmauer
c6012e7947
add jsp payload generator
2016-09-06 22:17:21 +02:00
Pearce Barry
0f30d3a720
Land #7208 , use new rex-bin_tools gem
2016-09-06 13:19:35 -05:00
Pearce Barry
a1a7fde31a
Land #7208 , use new rex-bin_tools gem
2016-09-06 13:12:59 -05:00
Pearce Barry
9d5a276e91
Fix recent metasploit-framework.gemspec conflict.
2016-09-06 13:10:28 -05:00
wchen-r7
23a5d737fc
Add password "vagrant" to wordlists
...
The password "vagrant" is often used in Metasploitable3.
2016-09-06 12:36:02 -05:00
David Maloney
881effbae9
use the new rex-nop gem
...
transfer the opty2 library to rex-nop
MS-1711
2016-09-06 11:27:06 -05:00
William Vu
b701048ce2
Fix data_disconnect to shutdown only if datasocket
...
Seeing people use this with ensure when their data channel was never set
up. This breaks things. :)
2016-09-05 15:54:26 -05:00
Tim
f75b5569e5
fix android clipboard tlv usage
2016-09-05 17:24:32 +01:00
William Vu
fed2ed444f
Remove deprecated modules
...
psexec_psh is undeprecated because users have been reporting
idiosyncrasies between it and psexec in the field.
2016-09-03 12:43:01 -05:00
Justin Steven
ea220091ea
add metasploit_webui_console_command_execution
...
These modules target the Metasploit Community/Express/Pro Web UI on
Unix and Windows via the diagnostic console feature
2016-09-03 09:12:09 +10:00
Metasploit
58112d7b4d
Bump version of framework to 4.12.24
2016-09-02 10:02:44 -07:00
Mehmet Ince
ba6c2117cf
Fix msftidy issues
2016-09-02 18:18:43 +03:00
Mehmet Ince
144fb22c32
Add Kaltura PHP Remote Code Execution module
2016-09-02 18:09:53 +03:00
David Maloney
668d60567f
Land #7265 , rex-mime gemification
...
lands dev's PR for use of the new rex-mime gem
2016-09-02 09:34:30 -05:00
Brendan
81bc6bd672
Land #7228 , Create zabbix_toggleids_sqli auxiliary module
2016-09-01 16:33:17 -05:00
dmohanty-r7
e36cfa54b1
Use rex-mime gem
...
MS-1710
2016-09-01 11:38:07 -05:00
Tim
9ebe18d096
automatically generate keystore for apk signing
2016-09-01 10:19:58 +01:00