1fee3ce952
Land #2584 , reporting for energizer_duo_detect
2013-10-28 10:48:20 -05:00
efcfc9eef7
Land #2273 , @kaospunk's enum domain feature for owa_login
2013-10-28 09:47:54 -05:00
71a1ccf771
Clean owa_login enum_domain feature
2013-10-28 09:46:41 -05:00
e0aec13ce1
[FixRM #4397 ] Add reporting for energizer_duo_detect
2013-10-25 16:51:44 -05:00
7d788fbf76
Land #2571 - HP Intelligent Management SOM FileDownloadServlet Arbitrary Download
2013-10-24 14:15:26 -05:00
ea80c15c3b
Land #2383 , @jamcut's aux module for jenkins enum
2013-10-24 11:31:36 -05:00
8428671f32
Land #2455 , @juushya's aux module for radware
2013-10-24 10:54:02 -05:00
1673b66cbe
Delete some white lines
2013-10-24 10:50:14 -05:00
b589e9aa6e
Use the peer method
2013-10-24 10:45:02 -05:00
255cd18868
Use peer helper
2013-10-23 16:08:40 -05:00
55e3f36589
Add module for ZDI-13-242
2013-10-23 11:24:29 -05:00
a4dd53f650
Chane module filename
2013-10-22 11:16:14 -05:00
cdd183f43a
Add reporting
2013-10-22 11:15:16 -05:00
0d73275c3f
Delete not necessary check
2013-10-22 10:39:54 -05:00
c50e7c73b6
Make parsing easier
2013-10-22 10:30:03 -05:00
0cc7be0138
Use snake_case
2013-10-22 10:04:32 -05:00
e4a340b7f1
Fix small issues
2013-10-22 10:02:32 -05:00
a425e2be78
Fix typo
2013-10-22 09:28:43 -05:00
111c12ef0d
Do cosmetic changes
2013-10-22 09:28:15 -05:00
f46cdb8970
Add the correct plate
2013-10-22 09:27:37 -05:00
de0d09886c
Retab changes for PR #2383
2013-10-22 09:26:44 -05:00
0214501891
Merge for retab
2013-10-22 09:22:10 -05:00
5613cfb249
Retab changes for PR #2455
2013-10-21 15:57:23 -05:00
39d38e598d
Merge for retab
2013-10-21 15:55:48 -05:00
2aed8a3aea
Update modules to use new ZDI reference
2013-10-21 15:13:46 -05:00
58a43e87dd
Added fixes suggested by jlee-r7
...
additional code clean up
2013-10-21 14:18:12 -04:00
032da9be10
Land #2426 - make use of Msf::Config.data_directory
2013-10-21 13:07:33 -05:00
09c9cba3d5
Updated code
2013-10-21 19:29:05 +05:30
183116c81f
Make module work, and final cleanup
2013-10-20 18:39:41 -05:00
aa6a24da1b
Add module template
2013-10-19 00:27:57 -05:00
ba2c52c5de
Fixed up some more weird splat formatting.
2013-10-16 16:25:48 -05:00
cc42fbc59e
Added ext .rb
...
... ext .rb why you no save.
2013-10-17 01:40:05 +05:30
f3d4229ed4
Updated code
...
msftidy compliant now. Have run it thru retab.rb, hence the indent like this.
2013-10-17 01:36:26 +05:30
ed0b84b7f7
Another round of re-splatting.
2013-10-15 14:14:15 -05:00
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
d0b1479d5b
Use the real timeout option for DCERPC
2013-10-14 17:41:51 -05:00
e8d0292118
Use read_response class method
...
Looks like this was never implemented in other modules, but it collects
data from the socket in the usual get_once sort of way.
2013-10-14 17:24:22 -05:00
14be85ea5d
Land #2511 , fix up NoMethodError and hanging connx
2013-10-14 16:30:19 -05:00
a3af5d681b
Ensure TCP connection is closed
2013-10-14 21:53:22 +01:00
63e40f9fba
Release time fixes to modules
...
* Period at the end of a description.
* Methods shouldn't be meth_name! unless the method is destructive.
* "Setup" is a noun, "set up" is a verb.
* Use the clunky post module naming convention.
2013-10-14 15:17:39 -05:00
4b4804538f
Fixes issues based on feedback
...
This commit addresses comments made by @jvazquez-r7.
2013-10-14 16:02:29 -04:00
2a1ade2541
Add disclosure date and some explanation about it
2013-10-13 19:29:51 -05:00
e2c5e6c19f
Fix email format
2013-10-13 18:28:35 -05:00
008f787627
Add module for the dlink user-agent backdoor
2013-10-13 14:42:45 -05:00
988ac68074
Dont define the NDR syntax
2013-10-12 19:56:52 +01:00
765b55182e
Randomize client variables
...
Also tidyup indents and use predefined UUID syntax.
2013-10-12 19:52:15 +01:00
cad717a186
Use NDR 32bit syntax.
...
Compatible with both x86 and x64 systems.
Tidy up the module...
2013-10-12 18:52:45 +01:00
876d4e0aa8
Land #1420 , WDS scanner
2013-10-11 16:53:25 -05:00
a1cf9619d9
Be clear this is 64-bit only in the desc.
2013-10-11 16:52:50 -05:00
181606e7cc
Single byte description update. Adds a period.
2013-10-11 15:04:25 -05:00
63349e4664
Add OSVDB and BID references
2013-10-11 09:14:59 -05:00
b26085457f
Trying to prevent @jvazquez-r7 from crying when reading my code:
...
- Documented fields in the several tables;
- Fixed the "remote" field location on the fs_table (changed due to REXML parsing);
- Fixed Total Memory field on os_table (bug?);
2013-10-11 11:29:27 +01:00
9ca9b4ab29
Merge branch 'master' into data_dir
...
Conflicts:
lib/msf/core/auxiliary/jtr.rb
2013-10-10 19:55:26 +01:00
09f0db7fdf
Switch to rexml parsing, add some comments and cleanup
2013-10-10 13:19:10 -05:00
9516bc5cf7
Retab changes for PR #2142
2013-10-10 11:02:51 -05:00
cdc7b75a78
Merge for retab
2013-10-10 11:02:16 -05:00
c264480651
Code cleanup, tried to implement suggestions from @jvazquez-r7. Hopefully is much more readable.
2013-10-10 11:58:33 +01:00
813013fef5
Make defaults sane for the lockoutable smb_login
...
See #2376
2013-10-04 15:53:16 -05:00
db11e88255
Land #2321 , @juushya's aux module for Sentry CDU enumeration
2013-10-04 08:35:54 -05:00
37e1e6533c
changed default options
...
Updated these default options to false:
'DB_ALL_CREDS' => false
'BLANK_PASSWORDS' => false
2013-10-04 02:48:42 +05:30
8aac3922f3
add radware_appdirector_enum
...
This module scans for Radware AppDirector's web login portal, and performs login brute force to identify valid credentials.
- mstidy.tb & retab.rb run done
- stop_on_success is set to true. Important, otherwise the app starts dropping bf source.
- slowing down brute force speed seems to work though, but can take a long time if more creds to check &| more targets
- better to run bf with 2-3 creds against range, & then come back with more creds if needed
2013-10-03 20:15:52 +05:30
773abf0567
Pow, tab assassinated.
2013-10-02 17:16:38 -05:00
c460f943f7
Merge branch 'master' into data_dir
...
Conflicts:
modules/exploits/windows/local/always_install_elevated.rb
plugins/sounds.rb
scripts/meterpreter/powerdump.rb
scripts/shell/spawn_meterpreter.rb
2013-10-02 20:17:11 +01:00
7118f7dc4c
Land #2422 - rm methods peer & rport
...
Because they're already defined in the HttpClient mixin
2013-09-30 16:01:59 -05:00
9ada96ac51
Fix sqlmap accidental codepoint
...
See http://www.ruby-doc.org/core-1.9.3/String.html#method-i-3C-3C
Apparently, String#<< uses Integer#chr, not Integer#to_s. News to me.
Fixed originally by @TsCl in PR #2435 , but fixing seperately in order to
avoid screwing up his downstream tracking. Note, this isn't a merge, so
using Closes tag on the commit message.
[Closes #2435 ]
2013-09-30 11:23:17 -05:00
7ba846ca24
Find and replace
2013-09-26 20:34:48 +01:00
8696b5d2dc
Fix bug on missing hosts for SunRPC Portmap
...
Also cleans up and normalizes the print messages to follow the
conventions of "host:port - proto - message"
[FixRM #8409 ], reported by Chris F.
2013-09-26 09:42:38 -05:00
09fa7b7692
remove rport methods since it is already defined in Msf::Exploit::Remote::HttpClient
2013-09-25 23:50:34 +02:00
84ec2cbf11
remove peer methods since it is already defined in Msf::Exploit::Remote::HttpClient
2013-09-25 23:42:44 +02:00
58d4096e0f
Resolv conflicts on #2267
2013-09-25 13:06:14 -05:00
34b829abef
bugfix
2013-09-25 09:15:07 +02:00
aeb663a5d4
fix output
2013-09-24 10:48:38 +02:00
dc8f94bac1
Added wordpress version detection
2013-09-24 08:59:56 +02:00
dff26ac9ff
Used default timeout
...
forgot an additional default timeout in my previous commit
2013-09-17 11:28:46 -04:00
4aeb754112
Minor Changes
...
changed print calls to print_line
removed trailing \n's
used default timeout for send_request_cgi
2013-09-17 11:20:45 -04:00
ea367d218c
dded Jenkins vulnerability scanner
2013-09-17 10:47:59 -04:00
b4b7cecaf4
Various minor desc fixes, also killed some tabs.
2013-09-16 15:50:00 -05:00
299860b09d
Land #2329 , @kaospunk auxiliary module to enumerate ntlm info
2013-09-16 08:16:30 -05:00
4040fe4b6b
Fix style
2013-09-16 08:15:46 -05:00
149312a4c0
Correct wordpress_login_enum for #2301
...
tabassassin created a mess and I failed to resolve it properly.
Attempt #2 . See #2301 .
2013-09-12 14:56:46 -05:00
91b8ca8f22
Merge branch 'pr2301' into upstream-master
...
Conflicts:
modules/auxiliary/scanner/http/wordpress_login_enum.rb
2013-09-12 14:52:34 -05:00
f73c18ccd9
Store the Array, not human-readable version
...
[SeeRM #8389 ]
2013-09-09 16:44:47 -05:00
94cc3f0e49
Retab changes
2013-09-06 09:51:14 -05:00
73a66819ea
Merge for retab
2013-09-06 09:50:37 -05:00
7ce9d38eba
Fix module
2013-09-06 09:49:52 -05:00
8bc83f4922
Retab changes for PR #1420
2013-09-05 16:21:26 -05:00
d6a7ce5328
Merge for retab
2013-09-05 16:21:13 -05:00
f5a4c05dbc
Retab changes for PR #2267
2013-09-05 14:11:03 -05:00
4703a10b64
Merge for retab
2013-09-05 14:10:58 -05:00
015ac6d92c
Retab changes for PR #2273
2013-09-05 14:09:44 -05:00
e25ec2d2f9
Merge for retab
2013-09-05 14:09:39 -05:00
abb52a086c
Retab changes for PR #2316
2013-09-05 13:33:59 -05:00
8665de0261
Merge for retab
2013-09-05 13:33:49 -05:00
0a1a202fb5
Retab changes for PR #2329
2013-09-05 13:04:23 -05:00
760943af2f
Merge for retab
2013-09-05 13:02:51 -05:00
c44be42cf5
Merge the check for Sentry in just one request
2013-09-05 10:41:20 -05:00
d280d45964
Revert "Updated module - 1 req action"
...
This reverts commit f85b9aa780
2013-09-05 10:35:13 -05:00
f85b9aa780
Updated module - 1 req action
...
Modified the code to have it work with 1 request instead of 3. Thanks Meatballs1!
2013-09-05 20:04:02 +05:30
9f628b8b63
Add URI where information was discovered
...
This adds the URI where the information was enumerated from to the
scanner output.
One more place where target_uri was being used was also corrected.
2013-09-05 10:06:11 -04:00
William Vu
jvazquez-r7
sinn3r
jamcut
Karn Ganeshen
Tod Beardsley
Meatballs
kaospunk
Bruno Morisson
James Lee
Tabassassin
FireFart