KINGSABRI
530a7bb613
Fix peer, naming, and add resp check to the code check
2015-11-12 08:42:00 +03:00
KINGSABRI
2abfa1f241
Fix exceptions and XML parsing
2015-11-12 05:30:07 +03:00
William Vu
e8dacf32fd
Land #6182 , Heartbleed scanner improvements
2015-11-11 16:59:20 -06:00
William Vu
ce3f9e2fab
Fix minor style issues
2015-11-11 16:58:20 -06:00
wchen-r7
99607e6e4d
Land #6205 , BisonWare BisonFTP Server Directory Traversal
...
CVE-2015-7602
2015-11-11 11:47:45 -06:00
wchen-r7
40bdd2bd01
Do module cleanup for auxiliary/scanner/ftp/bison_ftp_traversal
2015-11-11 11:46:37 -06:00
wchen-r7
c79a66be02
Land #6204 , directory traversal for PCMan FTP server
...
CVE-2015-7601
2015-11-11 11:07:34 -06:00
wchen-r7
e6e5bde492
Do module cleanup for auxiliary/scanner/ftp/pcman_ftp_traversal
2015-11-11 11:06:54 -06:00
wchen-r7
7ad42c2ba1
Land #6216 , remove duplicate keys for LoginScanner modules
2015-11-11 10:12:12 -06:00
JT
75a0472db8
Update bison_ftp_traversal.rb
...
made some changes
2015-11-11 14:01:39 +08:00
JT
4716e2e16b
Update pcman_ftp_traversal.rb
...
made some changes
2015-11-11 14:00:04 +08:00
Jon Hart
0cfa67f58f
Stub out more of the set time, but disable it
2015-11-10 22:00:02 -08:00
Jon Hart
c98ab1dad4
update SET_TANK_NAME opt to mention necessary opts
2015-11-10 21:49:40 -08:00
Jon Hart
de570a1550
Improve output when setting tank names
2015-11-10 21:41:05 -08:00
Jon Hart
0762b9fa9b
Fix option formatting
2015-11-10 21:24:58 -08:00
Jon Hart
637e570b28
Add TLS-250 reference
2015-11-10 21:21:55 -08:00
Jon Hart
e67057a5c9
Add great TLS-350 resource
2015-11-10 21:19:37 -08:00
Jon Hart
8dd6003cc2
Add several untested but likely OK TLS-350 commands
2015-11-10 21:18:27 -08:00
Jon Hart
d00eba23f9
Update references
2015-11-10 21:02:37 -08:00
KINGSABRI
b37fb3f34d
Add TARGETURI option
2015-11-11 06:25:20 +03:00
KINGSABRI
cf0cb2df9e
Add TARGETURI option
2015-11-11 06:24:52 +03:00
KINGSABRI
9894fe15bd
Remove unused advanced options
2015-11-11 06:02:37 +03:00
KINGSABRI
136fa12ac9
Remove unused advanced options
2015-11-11 06:02:13 +03:00
KINGSABRI
67ad5452e7
Merge branch 'msfdev'
2015-11-11 02:14:14 +03:00
KINGSABRI
7b3cfa79f3
Remove ip2location module
2015-11-11 02:13:34 +03:00
KINGSABRI
57cf535ec6
Fix the comment
2015-11-11 02:06:49 +03:00
KINGSABRI
137c2e214e
Fix the comment
2015-11-11 02:01:01 +03:00
William Vu
32faf7a8d4
Fix #6183 , hard tabs fix
2015-11-10 16:48:03 -06:00
William Vu
a9fe09497e
Fix hard tabs
...
Mixing tabs and spaces? Seriously?
2015-11-10 16:47:29 -06:00
Jon Hart
143ac47484
Minor style cleanup
2015-11-10 14:47:12 -08:00
William Vu
8dc636507b
Land #6183 , dns_srv_enum updates
2015-11-10 16:44:27 -06:00
William Vu
e98570cbd1
Clean up module
2015-11-10 16:44:10 -06:00
Jon Hart
dac7738f29
Clean up description; add more refs
2015-11-10 14:43:06 -08:00
Jon Hart
4f4e4c734a
Handle ATGs w/ > 10 tanks, more strict
2015-11-10 14:36:59 -08:00
Jon Hart
7c9b85551b
Support for setting ATG tank names
2015-11-10 14:24:11 -08:00
Jon Hart
9def67831c
Better printing
2015-11-10 13:20:45 -08:00
Jon Hart
97caf1d084
Add preliminary module for interacting with Veeder-Root ATGs
2015-11-10 13:15:08 -08:00
KINGSABRI
91867d344b
Refactoring..
2015-11-10 23:07:13 +03:00
KINGSABRI
d19942eae3
Add wordpress masive bruteforce using XMLRPC (wordpress API) fix
2015-11-10 23:07:12 +03:00
KINGSABRI
745738f065
Add wordpress masive bruteforce using XMLRPC (wordpress API)
2015-11-10 23:07:12 +03:00
KINGSABRI
b571a79b69
Add wordpress masive bruteforce using XMLRPC (wordpress API)
2015-11-10 23:07:12 +03:00
KINGSABRI
d498dc46a1
Add wordpress masive bruteforce using XMLRPC (wordpress API)
2015-11-10 23:07:12 +03:00
KINGSABRI
fffbb4106f
Refactoring..
2015-11-10 22:33:37 +03:00
Jon Hart
8f86b2519f
Resolve 'duplicate key warning' for some modules
2015-11-09 18:40:32 -08:00
Jon Hart
15eb135295
Resolve merge conflicts
2015-11-09 18:15:40 -08:00
KINGSABRI
46e7c53950
Add wordpress masive bruteforce using XMLRPC (wordpress API) fix
2015-11-09 19:04:33 +03:00
KINGSABRI
2bf57a3cf3
Add wordpress masive bruteforce using XMLRPC (wordpress API)
2015-11-09 18:23:15 +03:00
KINGSABRI
9586f416a1
Add wordpress masive bruteforce using XMLRPC (wordpress API)
2015-11-09 17:37:06 +03:00
KINGSABRI
9f4f478d2d
Add wordpress masive bruteforce using XMLRPC (wordpress API)
2015-11-09 17:28:58 +03:00
JT
e019aa12a0
Update pcman_ftp_traversal.rb
2015-11-08 13:40:23 +08:00
JT
f60f2336e3
Update bison_ftp_traversal.rb
2015-11-08 13:39:32 +08:00
JT
be85e85d40
Create bison_ftp_traversal.rb
2015-11-08 13:34:10 +08:00
JT
bb78025dde
Update pcman_ftp_traversal.rb
2015-11-08 13:27:45 +08:00
JT
bf362be0a4
Update pcman_ftp_traversal.rb
2015-11-08 13:17:57 +08:00
JT
bb9e820372
Create pcman_ftp_traversal.rb
...
Adding CVE-2015-7601
2015-11-08 13:08:23 +08:00
fraf0
970c5da9a6
Update dns_srv_enum.rb
2015-11-07 20:01:26 +01:00
fraf0
730f6b2326
Update dns_srv_enum.rb
...
Remove some comment following message on pull-request.
2015-11-07 15:23:32 +01:00
Jon Hart
43229c16e7
Correct some authors with unbalanced angle brackets
2015-11-06 13:24:58 -08:00
Jon Hart
f408bca3f0
More correct exception handling
2015-11-06 12:25:27 -08:00
Jon Hart
f84e9a88b0
Credit for original vuln discovery
2015-11-06 10:40:07 -08:00
Jon Hart
1473f2cfa7
More consistent printing
2015-11-06 10:03:06 -08:00
Jon Hart
7101ff2ecc
Better handling of motd printing
2015-11-06 09:52:12 -08:00
Jon Hart
55e224b7e7
Improve auth handling
2015-11-06 09:50:39 -08:00
Jon Hart
fc97266588
Handle errors more carefully
2015-11-06 09:44:05 -08:00
Jon Hart
d3ebb8ae93
Style cleanup of auth checking
2015-11-06 08:34:17 -08:00
dmohanty-r7
a71d7ae2ae
Land #6089 , @jvazquez-r7 Fix HTTP mixins namespaces
2015-11-05 16:56:41 -06:00
Jon Hart
e96596e8eb
Credit Nixawk/all3g for some of the module review/improvements/ideas
...
From:
https://github.com/rapid7/metasploit-framework/pull/6191
https://github.com/jhart-r7/metasploit-framework/pull/5
2015-11-05 09:22:30 -08:00
Jon Hart
0ae2e64bc5
Only mark rsync as req'ing auth true/false if we are sure, otherwise vprint and unknown
2015-11-05 09:20:02 -08:00
Jon Hart
f1a79bd207
Make motd printing optional, off by default
2015-11-04 10:11:00 -08:00
Jon Hart
8f497faa09
Make read timeout configurable and shorter by default
...
This makes the time spent handling motd almost a non-issue
2015-11-04 10:01:38 -08:00
Jon Hart
3528bb2fa7
Remove optional motd handling; this is always necessary
...
without it, detecting authentication on systems w/ a motd does not work
2015-11-04 09:43:10 -08:00
Jon Hart
0d3232f93a
break if we get the rsync exit
2015-11-04 09:12:02 -08:00
Jon Hart
ba5a8e4806
style
2015-11-04 09:11:07 -08:00
Jon Hart
2cab70294e
sprinkle in peer
2015-11-04 09:05:33 -08:00
Jon Hart
9bcdd19e0a
Correct table
2015-11-04 09:01:07 -08:00
Jon Hart
8f4f187c70
More usable format for module metadata in notes
2015-11-04 08:47:37 -08:00
Jon Hart
b7ccee949e
Improve name and description; update authors
2015-11-04 08:42:29 -08:00
Jon Hart
c0993c3797
Appease rubocop
...
You have 20 seconds to comply
2015-11-04 08:28:35 -08:00
Jon Hart
c265a371d8
Make testing the rsync module for authentication optional,
...
but on by default
2015-11-04 08:25:38 -08:00
fraf0
3739a2fb72
Update dns_srv_enum.rb
2015-11-03 16:59:55 +01:00
fraf0
f1feccfd7c
Update dns_srv_enum.rb
2015-11-03 16:53:26 +01:00
Tom Spencer
557dffd8d2
Fixed extra space at end of line
2015-11-02 21:50:39 -08:00
Tom Spencer
4d97e33bc5
Dramatic speed-up in bleeding, improved verbose output of leaked data.
2015-11-02 16:07:21 -08:00
Jon Hart
dd91956c4a
ooops, puts
2015-11-02 15:07:26 -08:00
Jon Hart
de959ed62b
Remove actions; check and run_* will suffice
2015-11-02 13:54:42 -08:00
Jon Hart
1c3e4d2cbf
Refactor to use Scanner; add check; add beginnings of actions
2015-11-02 13:39:09 -08:00
Jon Hart
ced20ba51c
Refactor NTP symmetric packet creation; add vuln detection to NAK to the future
2015-11-02 12:46:58 -08:00
Jon Hart
17c4aa2348
Fill in description; style
2015-11-02 12:18:35 -08:00
Jon Hart
8fb0596888
Add more refs
2015-11-02 12:07:18 -08:00
Jon Hart
3c92b109d7
Don't wait for motd when testing for auth
2015-11-02 10:49:48 -08:00
Jon Hart
6c0034fba6
get_once for negotiation and trailing motd_lines
...
This feels hacky.
2015-11-02 09:32:54 -08:00
Jon Hart
a120dd1ea9
Return nil when no motd lines
2015-11-02 09:18:10 -08:00
Jon Hart
962cf77873
Not all modules have comments
2015-11-02 09:14:41 -08:00
Jon Hart
4effd3aa81
Handle case where motd comes after negotiation
2015-11-02 09:12:57 -08:00
Jon Hart
d18b6ff9cd
More doc, error handling
2015-10-30 13:13:44 -07:00
Jon Hart
ff1d0709e0
vprint if the thing isn't rsync
2015-10-30 12:39:06 -07:00
William Vu
f8a39ecc21
Land #6145 , better RPC exception handling
2015-10-30 13:25:52 -05:00
Jon Hart
eb99aaa216
Print out modules before building/reporting table
2015-10-30 09:49:07 -07:00
Jon Hart
86b48490f0
Merge branch 'master' into poc/rsunk
2015-10-30 09:42:41 -07:00
Louis Sato
57304a30a8
Land #6139 , remove bad ref links
2015-10-29 16:00:43 -05:00
wchen-r7
93df45eff1
Land #6138 , Land joomla plugin com_realestatemanager Error Based SQLi
2015-10-28 13:36:14 -05:00
wchen-r7
09b79414ee
Report hash
2015-10-28 13:33:00 -05:00
wchen-r7
1805774b16
Resolve #6020 , Better RPC exception handling
...
Resolve #6020 . Avoid trying to rescue RuntimeError.
2015-10-28 11:16:44 -05:00
wchen-r7
e7d6493311
Replace links
2015-10-28 10:45:02 -05:00
Jon Hart
b5d0804442
Detect if an rsync module requires authentication
2015-10-27 18:15:18 -07:00
Jon Hart
4a3848cc4f
Handle rsync motd
2015-10-27 18:15:18 -07:00
Jon Hart
73a6b47606
Split out negotiation and listing
2015-10-27 18:15:18 -07:00
Jon Hart
6dd40ec063
Better reporting
2015-10-27 18:15:18 -07:00
Jon Hart
caf848ddf4
Store table better
2015-10-27 18:15:18 -07:00
Jon Hart
3e7f7f2eec
Remove unnecessary table options, as these are the default
2015-10-27 18:15:18 -07:00
Jon Hart
4f468dbcd7
Usability improvements for rsync modules_list
2015-10-27 18:15:18 -07:00
Jon Hart
6781dfa6ee
Style cleanup for rsync modules_list
2015-10-27 18:15:18 -07:00
Jon Hart
78ad9908d2
Doc
2015-10-27 18:10:18 -07:00
Jon Hart
f2b6d37630
Add WIP module for Cisco Talos' NTP 'NAK to the future'
2015-10-27 18:10:07 -07:00
wchen-r7
154fb585f4
Remove bad references (dead links)
...
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
William Vu
a65172bbcb
Land #6125 , Joomla SQLi creds gather module
2015-10-27 11:21:30 -05:00
William Vu
9041f95511
Perform final cleanup
2015-10-27 11:21:17 -05:00
nixawk
132cbf0cd7
joomla plugin com_realestatemanager Error Based SQL Ijnection
2015-10-27 15:18:17 +00:00
Brandon Perry
c7fe014854
remove global variables
2015-10-26 17:13:51 -05:00
Brandon Perry
8b4f2290ed
no more session ids in desc
2015-10-25 11:01:17 -05:00
nixawk
f738dd2acb
replace print_* with vprint_* / fix check method
2015-10-25 06:57:56 +00:00
nixawk
a6628110f6
rebuild joomla_contenthistory_sqli (cve-2015-7297)
2015-10-25 03:56:36 +00:00
Brandon Perry
949a4c797b
Update joomla_contenthistory_sqli.rb
2015-10-23 09:33:12 -05:00
Brandon Perry
07d549d783
Update joomla_contenthistory_sqli.rb
...
Remove sessions for now
2015-10-23 09:32:15 -05:00
William Vu
f00f90532a
Fix SSH_DEBUG for ssh_login{,_pubkey}
2015-10-22 15:14:45 -05:00
Brandon Perry
e4281dd1fb
Create joomla_contenthistory_sqli.rb
2015-10-22 15:05:02 -05:00
fraf0
4e50f3ebde
Update dns_srv_enum.rb
...
Patch for :
- Split record srvrcd one entry by line for readability.
- Add record for Default-First-Site-Name :
(according to https://technet.microsoft.com/en-us/library/cc759550%28v=ws.10%29.aspx )
'_gc._tcp.Default-First-Site-Name._sites.',
'_kerberos._tcp.Default-First-Site-Name._sites.',
'_kerberos.tcp.Default-First-Site-Name._sites.dc._msdcs.',
'_ldap._tcp.Default-First-Site-Name._sites.',
'_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.',
'_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.',
- Remove double entry '_kerberos.tcp.dc._msdcs.'
- Add fqdn query in logs.
- Add report_note to store and preserve the fqdn query.
Ps : I'm not very familiar with the code and patch rules for modules. Thank you to excuse my eventual errors.
2015-10-21 18:27:14 +02:00
William Vu
88159edf9f
Fix double raise in vnc_none_auth
...
Not necessary for what it's trying to accomplish, being a scanner.
2015-10-19 18:22:06 -05:00
jvazquez-r7
28ca34c40a
Fix conflicts
2015-10-16 15:38:59 -05:00
wchen-r7
896099b297
Land #6082 , Directory Traversal for Elasticsearch
2015-10-16 11:00:27 -05:00
wchen-r7
e59a4e36b7
Fix check
2015-10-16 10:59:04 -05:00
Roberto Soares
41e9f8a91b
Some code changes from Roberto
2015-10-16 10:47:19 -05:00
jvazquez-r7
67820f8b61
Fix Packetstorm references
2015-10-15 12:42:59 -05:00
jvazquez-r7
4517270627
Fix modules using Msf::HTTP::JBoss
2015-10-15 11:49:15 -05:00
jvazquez-r7
d4cf9a4eb9
Update moduels using Msf::HTTP::Typo3
2015-10-15 11:48:27 -05:00
jvazquez-r7
cf9ddbb701
Update moduels using Msf::HTTP::Wordpress
2015-10-15 11:47:13 -05:00
jvazquez-r7
db5d83a40a
Move namespaces
2015-10-15 09:17:06 -05:00
William Vu
2a2d8d941d
Land #6054 , HTTP Host header injection module
2015-10-13 23:37:31 -05:00
jaguasch
d933962ff9
Last fix, including espreto minor changes
2015-10-13 18:41:51 +01:00
William Vu
c642057fa0
Clean up module
2015-10-13 12:03:41 -05:00
jaguasch
772f9d8742
Changes based on espreto recommendations
2015-10-13 16:06:26 +01:00
jaguasch
7790f14af2
Auxiliary module to exploit CVE-2015-5531 (Directory traversal) in Elasticsearch before 1.6.1
2015-10-13 13:05:58 +01:00
Tod Beardsley
185e947ce5
Spell 'D-Link' correctly
2015-10-12 17:12:01 -05:00
jvazquez-r7
ed0b9b0721
Land #6072 , @hmoore-r7's lands Fix #6050 and moves RMI/JMX mixin namespace
2015-10-10 00:24:12 -05:00
HD Moore
cd2e9d4232
Move Msf::Java to the normal Msf::Exploit::Remote namespace
2015-10-09 13:24:34 -07:00
William Vu
b95d5790f6
Improve output
2015-10-09 11:13:50 -05:00
William Vu
6d2a89e9a6
Be more descriptive about EOFError
...
There are other modules that could be updated, surely.
2015-10-09 11:05:17 -05:00
jvazquez-r7
5fab1cc71a
Add loop timeout
2015-10-09 11:05:05 -05:00
wchen-r7
3a0f7ce699
Land #6044 , ManageEngine ServiceDesk Plus Arbitrary File Download
2015-10-07 15:24:14 -05:00
wchen-r7
f0b6d3c68e
Change error message to avoid an undef method bug
2015-10-07 15:23:29 -05:00
wchen-r7
a2c9e2549d
Land #6014 , support TCP advanced options for loginscanner mods
2015-10-07 14:26:25 -05:00
William Vu
ddea0ea708
Fix #5797 , extraneous nil fix
2015-10-07 01:11:51 -05:00
William Vu
0182f394b4
Remove extraneous nil
...
Didn't need it, forgot to remove it.
2015-10-07 01:10:33 -05:00
JT
205b175a95
Update host_header_injection.rb
2015-10-07 13:20:06 +08:00
JT
6b3da7f7d8
Update host_header_injection.rb
...
made some changes as suggested by @espreto
2015-10-07 13:01:49 +08:00
JT
a1e0e0cdd9
Add HTTP Host-Header Injection Detection
2015-10-07 11:19:00 +08:00
wchen-r7
5fac0a6ae5
Land #5995 , advanced options on Metasploit::Framework::LoginScanner::SMB
2015-10-06 16:36:18 -05:00
William Vu
3f2d5d7f06
Add newline back in
2015-10-05 11:42:58 -05:00
xistence
41b07eeef6
Small changes to servicedesk_plus_traversal
2015-10-05 08:56:00 +07:00
Roberto Soares
ed8f5456a4
Fix bugs in drupal_views_user_enum.
2015-10-04 05:53:54 -03:00
xistence
e6a57d5317
Add ManageEngine ServiceDesk Plus Path Traversal module
2015-10-03 15:54:44 +07:00
Brent Cook
dea0142da1
catch network exceptions
2015-10-02 18:26:37 -05:00
William Vu
55895c6305
Fix nil bug in mssql_idf
2015-10-02 18:20:06 -05:00
jvazquez-r7
1f26ec1252
Land #6018 , @pedrib's module for Kaseya VSA ZDI-15-448
2015-10-02 08:58:43 -05:00
Pedro Ribeiro
d334dc237f
Update kaseya_master_admin.rb
2015-10-02 13:21:28 +01:00
jvazquez-r7
1b21cd9481
Do code cleanup
2015-10-01 13:37:18 -05:00
William Vu
2ab779ad3d
Land #6010 , capture_sendto fixes
2015-10-01 10:54:24 -05:00
William Vu
2e2d27d53a
Land #5935 , final creds refactor
2015-10-01 00:25:14 -05:00
William Vu
494b9cf75f
Clean up module
...
Prefer TARGETURI and full_uri.
2015-09-30 22:37:03 -05:00
Jake Yamaki
2e5999a119
Missed colon for output standardization
2015-09-30 16:41:46 -04:00
Jake Yamaki
3d41b4046c
Standardize output and include full uri
2015-09-30 16:33:15 -04:00
Jake Yamaki
1bfa087518
Add IP to testing results
...
When specifying multiple hosts the resulting output is useless because you don't know which bypass goes to what IP address
2015-09-30 15:22:24 -04:00
Pedro Ribeiro
8af5a8e310
Create exploit for Kaseya privilege escalation
2015-09-29 11:51:21 +01:00
jvazquez-r7
269641a0ff
Update vmauthd_login to have into account advanced TCP options
2015-09-28 14:38:35 -05:00
jvazquez-r7
2f46335c90
Update brocade_enbale_login to have into account advanced TCP options
2015-09-28 14:36:23 -05:00
jvazquez-r7
adb76a9223
Update telnet_login to have into account advanced TCP options
2015-09-28 14:35:58 -05:00
jvazquez-r7
0eed30ce05
Update pop3_login to have into account advanced TCP options
2015-09-28 14:29:50 -05:00
jvazquez-r7
d02193aaeb
Update mysql_login to have into account advanced TCP options
2015-09-28 14:28:32 -05:00
jvazquez-r7
0abb387c1a
Update mssql_login to have into account advanced TCP options
2015-09-28 14:22:19 -05:00
jvazquez-r7
df3e4e8afd
Update ftp_login to have into account advanced TCP options
2015-09-28 14:18:05 -05:00
jvazquez-r7
a99e44b43a
Update vnc_login to have into account advanced TCP options
2015-09-28 14:13:08 -05:00
jvazquez-r7
4d8f0a6ec4
Update db2_auth to have into account advanced Tcp options
2015-09-28 14:10:55 -05:00
jvazquez-r7
07b44fccb9
Update AFP login scanner to have into account advanced options
2015-09-28 14:03:55 -05:00
jvazquez-r7
1e4e5c5bae
Update ACPP login scanner to have into account advanced options
2015-09-28 13:50:20 -05:00
Jon Hart
989fe49750
Fix #6008 for synflood
2015-09-27 14:50:59 -07:00
Jon Hart
7ad7db7442
Fix #6008 for rogue_send. Correctly.
2015-09-27 14:48:58 -07:00
Jon Hart
7b026676f1
Fix #6008 for avahi_portzero
2015-09-27 14:47:05 -07:00
Jon Hart
20ddb65ff8
Fix #6008 for bnat_scan
2015-09-27 14:18:51 -07:00
Jon Hart
06a10e136a
Fix #6008 for rogue_send
2015-09-27 14:12:23 -07:00
Jon Hart
d3a41323b8
Fix #6008 for ipidseq.rb
2015-09-27 14:05:05 -07:00
Jon Hart
5b1ee8c8ca
Fix #6008 for syn.rb
2015-09-27 13:54:11 -07:00
Jon Hart
3888b793bd
Fix #6008 for ack.rb
2015-09-27 13:53:47 -07:00
Jon Hart
766829c939
Fix #6008 for xmas.rb
2015-09-27 13:46:00 -07:00
jvazquez-r7
c85913fd12
Land #5983 , @jhart-r7's SOAP PortMapping UPnP auxiliary module
2015-09-26 15:47:04 -05:00
jvazquez-r7
f6f3efea75
print the body as verbose
2015-09-25 13:51:18 -05:00
jvazquez-r7
80c9cd4e6f
Restore required option
2015-09-25 13:41:27 -05:00
jvazquez-r7
e4e9609bc2
Use single quotes
2015-09-25 13:35:38 -05:00
jvazquez-r7
a5698ebce0
Fix metadata
2015-09-25 13:34:16 -05:00
William Vu
44fa188e71
Land #5984 , android_mercury_parseuri module
2015-09-23 02:44:53 -05:00
jvazquez-r7
2b7ffdc312
Use datastore advanced options used by smb_login
2015-09-21 17:48:05 -05:00
wchen-r7
060acbc496
newline
2015-09-17 11:39:39 -05:00
wchen-r7
08b5b8ebb2
Add ADDITIONAL_FILES option
2015-09-17 11:30:58 -05:00
joevennix
0d94b8a48f
Make andorid_mercury_parseuri better
2015-09-17 09:59:31 -05:00
Jon Hart
0113cbd353
Nokogiri::XML::Builder instead
2015-09-16 19:53:33 -07:00
jvazquez-r7
adab9f9548
Do final cleanup
2015-09-16 20:59:32 -05:00
jvazquez-r7
4d0d806e1d
Do minor cleanup
2015-09-16 19:30:40 -05:00
jvazquez-r7
46168e816b
Merge for retab
2015-09-16 17:13:08 -05:00
jvazquez-r7
688a5c9123
Land #5972 , @xistence's portmapper amplification scanner
2015-09-16 14:58:19 -05:00
jvazquez-r7
8ae884c1fc
Do code cleanup
2015-09-16 14:46:27 -05:00
wchen-r7
b4aab70d18
Fix another typo
2015-09-16 11:34:22 -05:00
wchen-r7
bef658f699
typo
2015-09-16 11:32:09 -05:00
wchen-r7
63bb0cd0ec
Add Android Mercury Browser Intent URI Scheme & Traversal
2015-09-16 00:48:57 -05:00
xistence
0657fdbaa7
Replaced RPORT
2015-09-13 09:19:05 +07:00
xistence
521636a016
Small changes
2015-09-13 08:31:19 +07:00
xistence
79e3a7f84b
Portmap amplification scanner
2015-09-12 16:25:06 +07:00
HD Moore
cddf72cd57
Show errors when no results are found
2015-09-10 14:05:40 -07:00
HD Moore
421fb4dcb8
Rework of the jenkins_command module
2015-09-04 16:56:44 -07:00
wchen-r7
5646f2e0c4
successful status should include last_attempted_at
2015-09-04 13:45:44 -05:00
wchen-r7
cf6d5fac2a
Use the latest cred API, no more report_auth_info
2015-09-04 13:43:15 -05:00
HD Moore
04d622b69b
Cleanup Jenkins-CI module titles and option descriptions
2015-09-04 10:25:51 -07:00
wchen-r7
d55757350d
Use the latest credential API, no more report_auth_info
2015-09-04 03:04:14 -05:00
Alton Johnson
5d59e8190e
Added OS detection.
2015-09-03 13:12:07 -05:00
HD Moore
6e4ae1238b
Land #5791 , show the VHOST in module output
2015-09-03 11:36:19 -05:00
HD Moore
b8eee4a9e4
Show the IP address if it doesn't match the VHOST
2015-09-03 11:35:38 -05:00
HD Moore
1b021464fe
Land #5919 , remove deprecated VMware modules & update resource script.
2015-09-03 10:23:48 -05:00
altjx
4b8dc143ec
Fixed output
2015-09-02 23:50:03 -04:00
altjx
255c8b63b3
Modified output
2015-09-02 23:33:06 -04:00
Alton Johnson
40176b9e3f
Updated.
2015-09-02 19:36:18 -05:00
Alton Johnson
f78f6d0a0c
Updated.
2015-09-02 19:03:07 -05:00
HD Moore
9f9bbce034
Land #5840 , add LLMNR & mDNS modules
2015-09-02 18:30:29 -05:00
HD Moore
0120e5c443
Cosmetic tweaks, don't report duplicate responses
2015-09-02 18:30:03 -05:00
Alton Johnson
59aa3975be
Updated.
2015-09-02 18:27:44 -05:00
Jon Hart
42a2a86f32
Back out all changes to ms11_030_dnsapi
2015-09-02 13:53:10 -07:00
Jon Hart
6d1ab101ed
Back out all changes to llmnr_response
2015-09-02 13:52:38 -07:00
altjx
284edbe4b0
Update jenkins_command.rb
2015-09-02 16:47:23 -04:00
altjx
bde4f40c53
Update jenkins_command.rb
2015-09-02 16:39:49 -04:00
altjx
becc599aca
Created Jenkins RCE module
...
This module simply automates the same procedures documented by Royce Davis at https://www.pentestgeek.com/penetration-testing/hacking-jenkins-servers-with-no-password/ .
2015-09-02 16:12:05 -04:00
HD Moore
126fc9881e
Cleanup and tweaks
2015-09-02 12:48:53 -05:00
Jon Hart
3d04d53e3a
first pass at better output and report_service
2015-09-02 10:31:46 -07:00
JT
b89b6b653a
Update trace.rb
2015-09-03 01:26:45 +08:00
JT
73bf812dfd
Update trace.rb
...
removed the cookie
2015-09-03 00:35:23 +08:00
JT
5ecee6aaba
Update trace.rb
...
removed some spaces so that msftidy will be happy
2015-09-03 00:27:22 +08:00
JT
34e0819a6e
Modified the HTTP Trace Detection to XST Checker
...
This was suggested by HD Moore in https://github.com/rapid7/metasploit-framework/pull/5612
2015-09-03 00:19:08 +08:00
Waqas Ali
8e993d7793
Remove deprecated vmware modules
2015-09-02 13:00:15 +05:00
wchen-r7
0c4b020089
Land #5913 , Add WP NextGEN Gallery Directory Traversal Vuln
2015-09-02 00:01:35 -05:00
HD Moore
381297ba93
Fix the regex flags
2015-09-01 23:07:48 -05:00
Roberto Soares
626704079d
Changed output store_loot
2015-09-02 00:18:10 -03:00
Roberto Soares
96600a96ab
Changed html parse by @wchen-r7
2015-09-01 22:03:21 -03:00
Alexander Salmin
3c72467b7d
Fixes bug where "cert.rb:47: warning: flags ignored" happens due to some issuer patterns.
2015-09-02 01:02:46 +02:00
Brent Cook
9dd14eb747
Merge branch 'upstream-master' into land-5899-android
2015-09-01 17:11:58 -05:00
Roberto Soares
35661d0182
Add WP NextGEN Gallery Directory Traversal Vuln
2015-09-01 13:28:04 -03:00
Jon Hart
9a2696aed4
Add Reference
2015-08-31 12:03:17 -07:00
Jon Hart
c14cae1425
Make INTERNAL_PORT optional, allowing DELETE to work
2015-08-31 11:30:18 -07:00
Jon Hart
44813370d5
Better name, description and author
2015-08-31 10:42:50 -07:00
Jon Hart
8665134691
Add add/delete action. update logging. rename module again
2015-08-31 10:22:36 -07:00
Jon Hart
436910b25f
Clean up map description
2015-08-28 15:49:29 -07:00
Jon Hart
e6e05814d0
Use an OptAddress instead, revert back to client name
2015-08-28 15:43:04 -07:00
Jon Hart
66616eeb95
Remove unused
2015-08-28 15:38:23 -07:00
Jon Hart
35555f5f24
Make most everything configurable and provide useful output
2015-08-28 15:36:49 -07:00
Jon Hart
13dd8222ec
Expose lease duration as an option
2015-08-28 15:22:19 -07:00
Jon Hart
d57041136f
Use random port mapping description
2015-08-28 15:09:58 -07:00
Jon Hart
840be71683
Add support for specifying protocol
...
UDP is fun too. Are there others?
2015-08-28 14:53:41 -07:00
Jon Hart
45fde928fc
More minor style cleanup
2015-08-28 14:49:57 -07:00
Jon Hart
ba95a7d2ac
Convert to using HttpClient
2015-08-28 14:47:13 -07:00
Jon Hart
a0aaf93f27
Relocate module to more correct location
2015-08-28 14:20:33 -07:00
Jon Hart
45c2422981
First pass at style cleanup
2015-08-28 14:19:28 -07:00
Jon Hart
cba3650488
report_service for mdns/llmnr query
2015-08-28 14:04:52 -07:00
wchen-r7
0c7d2af6bc
Land #5750 , Add WP All In One Migration Export Module
2015-08-28 14:12:14 -05:00
wchen-r7
837b6a4f71
Update description
2015-08-28 14:11:51 -05:00
wchen-r7
d2e758ac8b
Better failure handling
2015-08-28 14:08:29 -05:00
wchen-r7
3d4cb06c67
Land #5807 , Added Module WP Mobile Pack Vuln
2015-08-28 13:43:00 -05:00
wchen-r7
9e7f6d6500
Typos
2015-08-28 13:42:37 -05:00
wchen-r7
29e92aaabe
Land #5806 , WordPress Subscribe Comments File Read Vuln
2015-08-28 11:52:59 -05:00
wchen-r7
62e6b23b4c
Typo
2015-08-28 11:52:13 -05:00
wchen-r7
e82bd10817
Add aux module to be able to open android meterpreter from a browser
2015-08-27 14:36:55 -05:00
jvazquez-r7
8785083722
Ensure disconnect
2015-08-24 12:36:15 -05:00
HD Moore
1e6c53b430
Correct the storage of ssh banners in service.info
2015-08-22 01:21:15 -05:00
jvazquez-r7
1558fabdb2
Land #5844 , @joevennix updates apple_safari_webarchive_uxss to use the webarchive mixin
2015-08-21 17:27:56 -05:00
jvazquez-r7
182c1bc7fe
Disconnect socket when login fails
2015-08-17 18:20:04 -05:00
Brent Cook
b17d8f8d49
Land #5768 , update modules to use metasploit-credential
2015-08-17 17:08:58 -05:00
jvazquez-r7
a560496455
Do minor ruby style fixes
2015-08-14 14:50:03 -05:00
jvazquez-r7
82193f11e7
Minor js fixes
2015-08-14 14:45:48 -05:00
Tod Beardsley
e4cb6872f2
Add exploit for CVE-2015-4495, Firefox PDF.js
2015-08-14 12:07:15 -05:00
joev
0615d908c4
Update description to explain quarantine effects.
2015-08-13 23:46:37 -05:00
joev
84144bf6cf
Update webarchive_uxss to use the webarchive mixin.
...
- Fixes extension installation to use a new window, not an iframe
- Steals the entire cookie file
- Removes cache poisoning scripts, which no longer seem to work
2015-08-13 23:41:27 -05:00
Jon Hart
61e23ad23e
Switch back to ::Net::DNS::Packet.new
2015-08-13 11:29:56 -07:00
Jon Hart
9f2c62d4ce
Use query_name instead of datastore
2015-08-13 11:17:27 -07:00
Tod Beardsley
50041fad2a
Pre-Bloggery cleanup
...
Edited modules/auxiliary/gather/lansweeper_collector.rb first landed in
and minor description word choice changes.
Edited modules/auxiliary/server/browser_autopwn2.rb first landed in
options. Also removed from the description the missing options of
'WhiteList' and 'RealList' -- those don't appear to be available
according to `show options` and `show advanced`, @wchen-r7.
Edited modules/post/multi/recon/local_exploit_suggester.rb first landed
in #5823 , mv local_exploit_{suggestor,suggester} for minor description
cleanup and axing the description of the SHOWDESCRIPTION option (it's
already described identically on the option itself).
2015-08-13 12:33:04 -05:00
Jon Hart
3a7cea51b4
Merge master and fix Net::DNS::RR merge conflicts
2015-08-13 08:53:25 -07:00
jvazquez-r7
a611fff7bf
Use Rex::ThreadSafe.select on CVE-2015-1793
2015-08-08 07:43:39 -07:00
jvazquez-r7
c8ba5bb90c
Land #5513 , @rcvalle's exploit for incomplete internal state distinction in JSSE
2015-08-08 07:41:53 -07:00
jvazquez-r7
2707b3b402
Use Rex::ThreadSafe.select
2015-08-08 07:40:19 -07:00
jvazquez-r7
a0eef3880a
Initialize version local variable
2015-08-08 07:35:37 -07:00
jvazquez-r7
bb74b6fecb
Fix data reading
2015-08-08 07:18:01 -07:00
jvazquez-r7
6fe7672732
Improve Rex sockets usage
2015-08-07 00:11:58 -07:00
Josh Abraham
e96717950c
refactored
2015-08-06 08:18:26 -04:00
jvazquez-r7
67f661823a
Land #5614 , @cldrn's module to collect lansweeper credentials
2015-08-04 16:55:49 -05:00
jvazquez-r7
ed3f993b75
Do some style fixes
2015-08-04 16:41:15 -05:00
jvazquez-r7
0e3434ebad
Fix metadata
2015-08-04 16:28:50 -05:00
Roberto Soares
7bb4f9479f
Added new reference and removed empty line.
2015-08-04 03:58:57 -03:00