Carter
1f68a3bda6
Rename honeypot.rb to shodan_honeyscore.rb
2017-03-21 13:10:31 -04:00
James Lee
2e096be869
Remove debugging output
2017-03-21 11:26:02 -05:00
Carter
79c7b84f08
Create honeypot.rb
2017-03-21 11:15:12 -04:00
bwatters-r7
be41df6de0
Land #8036 , Fix run_as_psh with domain accounts
2017-03-21 09:05:50 -05:00
Pearce Barry
f397624a69
Land #7935 , HWBridge RF transceiver extension
2017-03-21 06:12:32 -05:00
Brent Cook
aa5e9cd702
Land #8058 , Allow the http_payload stager to sleep before retry
2017-03-21 00:07:10 -05:00
Pearce Barry
c4279a837a
Minor formatting/spelling/verbiage changes.
2017-03-20 17:37:12 -05:00
Craig Smith
2fde287424
Initial patch for rftransceiver (RfCat / YardstickOne)
2017-03-20 17:36:16 -05:00
Pearce Barry
2acd941b16
Merge branch 'master' into dtc_fix
2017-03-20 14:10:01 -05:00
Craig Smith
0be6b8c905
Fixes #8022
...
Adds detection for ELM327 chips reporting CAN ERROR when vehicle is off.
Addes some enhanced UDS Error codes.
Cleaned up reporting from getvinfo if the vehicle is off or not connected.
2017-03-20 13:49:39 -05:00
Pearce Barry
06ebb22a8f
Land #8065 , Zigbee Hardware Bridge Extension
2017-03-20 10:44:15 -05:00
Swiftb0y
ffe77c484e
fixed spacing
2017-03-20 16:37:35 +01:00
Swiftb0y
e51063aa56
added the python3 syntax to the web_delivery script
2017-03-20 16:08:08 +01:00
h00die
7bcd53d87d
Land #8079 , exploit and aux for dnaLims
2017-03-20 11:08:05 -04:00
h00die
fd5345a869
updates per pr
2017-03-20 10:40:43 -04:00
h00die
fe5167bf26
changes to file per pr
2017-03-20 10:16:42 -04:00
William Vu
f9ecefe465
Land #8031 , nil fixes for HWBridge
2017-03-19 22:37:28 -05:00
Brent Cook
aa1e76f28e
Land #8128 , ensure there is a response before deferencing
2017-03-19 22:17:31 -05:00
Brent Cook
e2c6f959f4
Land #8129 , s/colom/colon/g
2017-03-19 22:14:38 -05:00
Javier Godinez
534ca8c5cb
fix: URL encoding userdata
2017-03-18 21:52:49 -07:00
Javier Godinez
26d344a0ef
Initial checkin of launch instances module
2017-03-18 21:52:49 -07:00
Carter
ae883d7f02
Update multi_meterpreter_inject.rb
2017-03-19 00:27:28 -04:00
Carter
661bf6e492
Update multi_meterpreter_inject.rb
2017-03-19 00:27:03 -04:00
Carter
93a6614ab3
Update multi_meterpreter_inject.rb
2017-03-19 00:25:46 -04:00
h00die
f88a522bf5
fix #8121
2017-03-18 14:50:24 -04:00
h00die
06e6a973ce
land #7944 a scanner for Carlo Gavazzi energy meters
2017-03-18 10:35:43 -04:00
h00die
84e4b8d596
land #8115 which adds a CVE reference to IMSVA
2017-03-18 09:51:52 -04:00
alpiste
1d0024ee3c
tools/modules/update_payload_cached_sizes.rb update
2017-03-17 20:58:41 -03:00
Pearce Barry
d55b680394
Land #8088 , Add some binaries to enum_protections
2017-03-17 17:14:59 -05:00
Mehmet Ince
6aa42dcf08
Add solarwinds default ssh user rce
2017-03-17 21:54:35 +03:00
William Webb
1180bd6ed7
Land #8037 , priv_migrate improvements
2017-03-17 13:19:51 -05:00
Brent Cook
52cea93ea2
Merge remote-tracking branch 'upstream/master' into land-8118-
2017-03-17 12:39:30 -05:00
Brent Cook
e67c83e92c
Land #8119 , Updated rails_secret_deserialization to add '.' cookie regex
2017-03-17 12:34:25 -05:00
Brent Cook
ea4ca7ecc5
Land #8116 , Handle ::Errno::ECONNRESET in telnet_version
2017-03-17 12:32:02 -05:00
Pearce Barry
095a110e65
Code and doc tweaks (minor).
...
Only one behavior change in the scan loop of zstumbler.rb to, when doing a scan across all the channels, keep it from retrying channel 11 again one last time just before it exits.
2017-03-16 21:43:36 -05:00
William Vu
db6bc6c784
Land #8100 , msfcrawler improvements
...
Does anyone use this anymore??
2017-03-16 21:31:23 -05:00
Chris Higgins
7a12e446a0
Updated documentation and fixed module header. Whoops, copy/paste fail.
2017-03-16 21:28:24 -05:00
bwatters-r7
ab75794cd4
Land #8071 , Add API to send an MMS message to mobile devices
2017-03-16 11:57:34 -05:00
Craig Smith
78586f0dc9
Fixed an extra space at the EOL
2017-03-16 09:22:01 -07:00
Dallas Kaman
80c33fc27f
adding '-' to rails deserialization regex for cookie matching
2017-03-16 10:54:32 -05:00
Thomas Reburn
59c7de671e
Updated rails_secret_deserialization to add '.' regex for cookie matching.
2017-03-16 10:45:43 -05:00
Chris Higgins
f4bb1d6a37
Updated based on @wvu's comments
2017-03-15 19:15:12 -05:00
bwatters-r7
91a4657c36
Bumped the metasploit-payloads version and cache sizes with PR#8043
2017-03-15 19:02:21 -05:00
bwatters-r7
b2a7d18584
Update cached payload sizes
2017-03-15 18:43:48 -05:00
Mehmet Ince
f706c4d7f6
Removing prefix
2017-03-16 00:49:55 +03:00
wchen-r7
a1d7748d82
Fix #8061 , Handle ::Errno::ECONNRESET in telnet_version
...
Fix #8061
2017-03-15 16:33:37 -05:00
Mehmet Ince
60186f6046
Adding CVE number
2017-03-16 00:31:21 +03:00
wchen-r7
d4ee254057
Land #8076 , Add Easy File Sharing FTP Server Version 3.6 traversal
2017-03-15 16:17:13 -05:00
wchen-r7
8afe6a9061
Update easy_file_sharing_ftp and add documentation
2017-03-15 16:14:41 -05:00
William Vu
a0ba3f17e7
Land #8110 , process migration by name fix
2017-03-15 15:52:54 -05:00
William Vu
456ddcebc0
Remove nil values that are default already
...
There are four lights!
2017-03-15 15:51:22 -05:00
Brent Cook
8995629037
Land #7061 , allow chaining the service stub with other encoders
2017-03-15 13:56:09 -05:00
Brent Cook
b65919e7b1
Land #7956 , Add QNAP NAS/NVR administrator hash disclosure
2017-03-15 11:12:59 -05:00
William Vu
0a71e4a903
Update check with Exploit::CheckCode::Appears
2017-03-15 05:13:30 -05:00
William Vu
86d2217f4d
Fix whitespace and clarify options
2017-03-15 04:27:30 -05:00
William Vu
a0bff5c8c3
Bump RETRIES to 10
...
3 was a bit too low. I was using 10 and had more success with it.
2017-03-15 03:18:09 -05:00
Chris Higgins
b3fbbbee34
Spelling is hard
2017-03-14 23:34:00 -05:00
Chris Higgins
cc4f18e6c5
Add sysgauge_client_bof module and documentation
2017-03-14 23:29:19 -05:00
William Webb
e96013cd0f
Land #7781 , IBM Websphere Java Deserialization RCE
2017-03-14 17:21:18 -05:00
wchen-r7
cf8b4a78fa
Bring branch up to date with upstream-master
2017-03-14 16:48:33 -05:00
Rich Whitcroft
04f11b0bf7
fix migrate by process name
2017-03-14 17:27:46 -04:00
wchen-r7
1736332638
Land #8103 , Add CVE-2017-5638, Struts2 Content-Type OGNL injection
2017-03-14 16:10:49 -05:00
wchen-r7
9201f5039d
Use vprint for check because of rules
2017-03-14 15:02:54 -05:00
James Lee
f429b80c4e
Forgot to rm this when i combined
2017-03-14 12:18:11 -05:00
William Vu
01ea5262b8
Land #8070 , msftidy vars_get fixes
2017-03-14 12:05:24 -05:00
William Vu
5c436f2867
Appease msftidy in tr064_ntpserver_cmdinject
...
Also s/"/'/g.
2017-03-14 11:52:21 -05:00
William Vu
5d6a159ba9
Use query instead of uri in mvpower_dvr_shell_exec
...
I should have caught this in #7987 , @bcoles, but I forgot. Apologies.
This commit finishes what @itsmeroy2012 attempted to do in #8070 .
2017-03-14 11:51:55 -05:00
itsmeroy2012
79331191be
msftidy error updated 2.5
2017-03-14 22:02:59 +05:30
itsmeroy2012
67fc43a0a1
msftidy error updated 2.4
2017-03-14 21:33:53 +05:30
James Lee
53c9caa013
Allow native payloads
2017-03-13 20:10:02 -05:00
James Lee
2053b77b01
ARCH_CMD works
2017-03-13 18:37:50 -05:00
wchen-r7
bb4d6e17c8
Resolve #8026 , Add a plugin to notify new sessions via SMS
...
This plugin will notify you of a new session via SMS.
It also changes the SMS text format to MIME.
Resolve #8026
2017-03-13 16:13:59 -05:00
itsmeroy2012
fe4e2306b4
Reverting one step
2017-03-13 22:22:24 +05:30
Jon P
665adec298
Patching storedb function (adding host/port/ssl for correct report_web_page)
2017-03-13 17:37:47 +01:00
wizard32
78ff7a8865
Module renamed
...
Renamed from websphere_java_deserialize.rb to ibm_websphere_java_deserialize.rb
2017-03-13 08:22:24 +02:00
William Vu
9f76b4d99c
Change default RPORT to 443 with SSL
...
I never really tested port 80, so I wonder why I didn't change this.
Turns out 80 isn't even the vuln service. Welp. Hat tip @bcoles.
2017-03-12 21:03:31 -05:00
William Vu
e7c920db44
Remove DEBEUG/print_debeug :(
2017-03-12 21:01:48 -05:00
William Vu
d57b772ac9
Bump default RETRIES to 3
2017-03-12 21:00:38 -05:00
William Vu
8638f9ec7e
Update freesshd_authbypass to use CmdStager fully
2017-03-11 19:59:39 -06:00
Pearce Barry
4e32c80e8e
Use the Msf::Exploit::CmdStager mixin. Fixes #8092 .
2017-03-11 17:44:05 -06:00
William Vu
fe4f20c0cc
Land #7968 , NETGEAR R7000 exploit
2017-03-10 16:02:30 -06:00
dmohanty-r7
25bfa88c46
Land #7877 , Add mDNS query spoofing service
2017-03-10 15:44:57 -06:00
itsmeroy2012
1c54e0ba94
msftidy error updated 2.2
2017-03-10 23:59:38 +05:30
itsmeroy2012
6d8789a56e
Updated msftidy error 2.1
2017-03-10 23:03:37 +05:30
itsmeroy2012
c0f17cf6b8
msftidy error updated 2.0
2017-03-10 22:16:27 +05:30
jvoisin
84b9449137
Add some binaries to enum_protections
...
- gradm2 for grsec
- aa-status for apparmor
- getenforce for setlinux
2017-03-10 14:16:58 +01:00
Mehmet Ince
f6bac3ae31
Add iso link to md file and change CheckCode code
2017-03-10 13:00:49 +03:00
James Lee
e7b65587b4
Move to a more descriptive name
2017-03-09 14:19:06 -06:00
James Lee
e07d5332de
Don't step on the payload accessor
2017-03-09 13:54:00 -06:00
James Lee
d92ffe2d51
Grab the os.name when checking
2017-03-09 13:52:58 -06:00
James Lee
83f5f98bb0
Merge remote-tracking branch 'upstream/pr/8074' into land-8072
2017-03-09 11:08:29 -06:00
flakey-biscuits
0ab3ad86ee
change dnalims_file_retrieve module type
2017-03-09 10:06:31 -05:00
flakey-biscuits
95a01b9f5e
add dnaLIMS exploits
2017-03-09 09:46:18 -05:00
William Vu
081ca17ebf
Specify default resource in start_service
...
This eliminates the need to override resource_uri. Depends on #8078 .
2017-03-09 03:00:51 -06:00
wchen-r7
ed22902fd4
Support the subject field
2017-03-08 11:40:08 -06:00
Craig Smith
f60dae0917
Lots of syntax fixups from rubocop
2017-03-08 09:21:33 -08:00
Ahmed Elhady Mohamed
183be81ba8
Easy File Sharing FTP Server Directory Traversal
2017-03-08 17:59:27 +02:00
=
c52b0cba5e
msftidy error on master updated
2017-03-08 20:58:01 +05:30
William Vu
0f899fdb0b
Convert ARCH_CMD to CmdStager
2017-03-08 07:35:37 -06:00
Brent Cook
e18eb98e49
Land #8019 , fix issues from #7817 with post/multi/gather/firefox_creds
2017-03-08 05:46:21 -05:00
Koen Riepe
c8215e609a
pushing fixes again, something failed.
2017-03-08 10:16:06 +01:00
Koen Riepe
2546263d50
Improved error handling and general fixes
2017-03-08 10:11:05 +01:00
root
c5fb69bd89
Struts2 S2-045 Exploit 2017/03/08
2017-03-08 14:26:33 +08:00
root
b73a884c05
struts2_s2045_rce.rb
2017-03-08 13:38:18 +08:00
nixawk
75a1d979dc
Fix: Incorrect disclosure month forma
2017-03-07 20:28:29 -06:00
nixawk
fc0f63e774
exploit Apache Struts2 S2-045
2017-03-07 20:10:59 -06:00
wchen-r7
e327f9b330
Update other module descriptions
2017-03-07 16:55:06 -06:00
wchen-r7
dc13b84189
Bring mms branch up to date w/ master
2017-03-07 16:13:39 -06:00
Jin Qian
7e19486a97
Merge branch 'wchen-r7-sms' into upstream-master
...
Merged #8047
2017-03-07 15:56:00 -06:00
=
7976966ce9
Issue 7923 - msftidy errors on master
2017-03-08 03:12:41 +05:30
wchen-r7
fbde0d18f2
Add auxiliary/client/mms/send_mms
2017-03-07 12:53:17 -06:00
Craig Smith
4e9b8946d8
Fixed some small msftidy issues
2017-03-06 22:47:37 -08:00
Craig Smith
60cd04bc7b
Added module for zstumbler
2017-03-06 16:10:14 -08:00
juushya
0b5da60564
Added nil check + formatting edits
2017-03-07 02:17:21 +05:30
juushya
d99d81992f
Added nil check + formatting edits
2017-03-07 02:16:01 +05:30
juushya
05efb61d3b
Added nil check + formatting edits
2017-03-07 02:14:18 +05:30
juushya
62b0efd99d
Added nil check + formatting edits
2017-03-07 01:44:23 +05:30
juushya
9a5ab604e5
Added nil check + formatting edits
2017-03-07 01:21:07 +05:30
juushya
2d8e3c73f5
Minor edits
2017-03-07 00:20:05 +05:30
juushya
3ab214e758
Minor edits
2017-03-07 00:03:24 +05:30
wchen-r7
a466dc44c6
Do exception handling for sms client
2017-03-06 10:54:08 -06:00
Pearce Barry
b5afac6627
Per PR #8054 , we don't need the OUTPUTPATH option here.
2017-03-03 16:20:01 -06:00
Pearce Barry
4362c891b6
Land #8054 , Fix #8052 , remove forgotten OUTPUTPATH option
2017-03-03 15:36:30 -06:00
Brent Cook
bb140b9581
fix deprecated target ARCH
2017-03-03 13:38:16 -06:00
William Webb
d76e80bc44
Land #7424 , Ektron Webservices XSLT Remote Code Execution
2017-03-03 12:12:21 -06:00
wchen-r7
48e06e27b0
Fix #8052 , remove forgotten OUTPUTPATH option
...
Fix #8052
2017-03-03 12:00:07 -06:00
wchen-r7
6ad8afb8b3
Add API to send a text message (SMS) to mobile devices
2017-03-02 16:47:55 -06:00
juushya
e8460c3b94
Minor edit
2017-03-03 02:37:20 +05:30
juushya
fafd35330d
Add epmp1000 dump hashes module
2017-03-03 02:22:34 +05:30
juushya
c6e65b1521
Minor edits
2017-03-03 02:00:19 +05:30
juushya
6bd09c142f
Minor edits
2017-03-03 00:53:17 +05:30
juushya
c9a354b844
Added nil checks
2017-03-01 20:18:51 +05:30
Louis
759b67c565
Fix ru_as_psh with domain accounts
...
The current versions has too many escape backslashes, as a result, running run_as_psh for domain users does not work.
Also added support for DOMAIN\\User format in the USER parameter.
2017-03-01 13:38:15 +11:00
h00die
fb5e090f15
fixes from jvoisin
2017-02-28 20:09:26 -05:00
Mehmet Ince
e5636d6ce1
Adding logsign rce module and doc
2017-02-28 21:04:37 +03:00
Brent Cook
031285d49a
update payloads
2017-02-28 03:04:53 -06:00
Brent Cook
8c876f4a57
Land #7996 , Major rewrite and cleanup of reverse shell jcl payload
2017-02-28 02:12:40 -06:00
Craig Smith
d4e5cb7993
Fixes #8022
...
Adds detection for ELM327 chips reporting CAN ERROR when vehicle is off.
Addes some enhanced UDS Error codes.
Cleaned up reporting from getvinfo if the vehicle is off or not connected.
2017-02-27 21:09:57 -08:00
Josh Hale
def5088097
Change NOFAIL default to false
2017-02-27 20:37:58 -06:00
Josh Hale
2f5dd38957
Update Admin target list and module description
2017-02-27 20:19:59 -06:00
Craig Smith
dcb42a3e69
Initial zigbee support using killerbee. Core session setup portion
2017-02-27 17:29:54 -08:00
Josh Hale
3333019e5f
Check if current admin proc is in target list
2017-02-27 18:55:25 -06:00
Josh Hale
717879f3df
Downcase targets and current proc name
2017-02-27 18:28:46 -06:00
Josh Hale
8e8e7244f4
Add exit language
2017-02-27 18:07:15 -06:00
Josh Hale
e1d76b8ff6
Add more error handling
2017-02-27 17:06:16 -06:00
wchen-r7
69c7b0168c
Restore USERNAME and PASSWORD options for owa_login
...
Requested by our own pentesters, the username & password options
should be restored so users can more easily try one password but
multiple users.
2017-02-27 15:04:06 -06:00
Josh Hale
ffb54a13fe
Add NOFAIL datastore option
2017-02-27 12:41:18 -06:00
Koen Riepe
264cfc9bd4
Added OPTIONS to the module
2017-02-27 13:24:31 +01:00
Josh Hale
81efe096aa
Update Author Handle
2017-02-26 21:01:19 -06:00
h00die
e3e607a552
reword description
2017-02-26 15:24:22 -05:00