a5332e5ed2
Module was updated to support WebSphere AS running seam-2.
...
msf auxiliary(jboss_seam_exec) > run
[*] Found right index at [0] - getRuntime
[*] Index [1]
[*] Index [2]
[*] Index [3]
[*] Index [4]
[*] Index [5]
[*] Found right index at [6] - exec
[*] Index [7]
[*] Index [8]
[*] Index [9]
[*] Index [10]
[*] Index [11]
[*] Index [12]
[*] Index [13]
[*] Index [14]
[*] Index [15]
[*] Index [16]
[*] Index [17]
[*] Index [18]
[*] Index [19]
[*] Index [20]
[*] Index [21]
[*] Index [22]
[*] Index [23]
[*] Index [24]
[*] Target appears VULNERABLE!
[*] Sending remote command:pwd
[*] Exploited successfully
[*] Auxiliary module execution completed
2013-06-20 12:17:07 +02:00
55312529d2
add osvdb ref 94417
2013-06-19 23:13:45 -05:00
a01f0c4671
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-19 09:34:51 -05:00
90cad4b7fb
Land #1980 - Canon Printer Wireless Configuration Disclosure
2013-06-18 19:09:38 -05:00
abc3951ca2
Final touchup
2013-06-18 19:08:42 -05:00
6168eb7590
Land #1981 - Canon Wireless Printer Denial of Service
2013-06-18 19:04:48 -05:00
7d15dc379d
Make msftidy happy
2013-06-18 19:04:03 -05:00
0533ca68dc
Added DoS result checking
...
Lowered the http timeout
2013-06-18 19:48:21 -04:00
8c28631d4b
Fixed the date format
...
Removed the rport option
These are items that were code-review for my other related module, so
I figured they should be done here too
2013-06-18 12:17:50 -04:00
7f1a913bdc
Code Review Feedback from wchen
...
Fixed the disclosure date format
Removed the rport option
Added a call to report_note to store the data
2013-06-18 12:13:19 -04:00
9e3053f24d
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-18 10:00:44 -05:00
aa134b0bcc
Land #1973 , @wchen-r7's fix to handle ftp auth correctly
2013-06-18 09:34:55 -05:00
2b46828d9c
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-18 08:27:18 -05:00
6c2d99c2bc
Land #1972 , @wchen-r7's patch for [FixRM:#4704]
2013-06-17 23:17:22 -05:00
ae1a3e3ca1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-17 20:39:31 -05:00
4ca9a88324
Tidying up grammar and titles
2013-06-17 16:49:14 -05:00
d877e4d489
Added CVE and disclosure date
2013-06-17 17:41:50 -04:00
df8c80e3d1
Added CVE and disclosure date
2013-06-17 17:40:36 -04:00
163d3e771b
Handle connect_login return value properly
...
Some modules ignore connect_login's return value, which may result
an EOF if send_cmd() is used later on. All the modules fixed are
the ones require auth according to the module description, or
CVE/vendor/OSVDB info.
2013-06-17 15:48:34 -05:00
8bdd89f68b
[FixRM:#4704] - Fix EOFError in filezilla_server_port
...
If login fails, the module shouldn't continue sending commands to
the server, otherwise this causes an EOF.
2013-06-17 14:24:01 -05:00
1b456ab511
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-17 08:46:16 -05:00
fed6427f16
Land #1884 , @morrisson's saprouter port scanner module
2013-06-17 08:38:10 -05:00
2e201bb2a3
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-16 15:19:36 -05:00
d20f72a9fd
Fix indentation
2013-06-16 15:18:19 -05:00
3cd94f5025
Do final cleanup for infovista_enum
2013-06-16 11:50:40 -05:00
fd026c5b34
Added References and Disclosure Date
2013-06-15 18:31:20 -04:00
3923bbeee9
Update
2013-06-15 18:28:58 -04:00
0494ac9218
Added Canon Wireless Printer DoS module
2013-06-15 18:23:04 -04:00
11bf17b0d6
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-15 11:55:22 -05:00
852fc33c13
Added feedback, cleanup, and simplified modes
2013-06-15 17:16:10 +01:00
ba59434261
added infovista module
2013-06-15 17:16:26 +05:30
7a11077834
Land #1923 , @juushya's module for rfcode brute forcing
2013-06-14 13:36:14 -05:00
ae027a9efb
Final cleanup for rfcode_reader_enum
2013-06-14 13:09:48 -05:00
1172b59bb7
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-13 18:22:41 -05:00
fd74390952
Clean monkey_headers
2013-06-13 18:07:35 -05:00
73aff97053
Land #1950 - Monkey HTTPD Header Parsing Denial-of-Service
...
This is the reviewed/updated version of pull request #1950 . We're
landing this one instead because the other one has a lot of
unnecessary commit messages.
2013-06-13 15:56:34 -05:00
6fbb782ada
Clean sap_router_portscanner
2013-06-13 10:08:44 -05:00
6188df1b3a
added note :type - Info. This is mandatory field for report_note. also, vprint statements seem to be adding an extra space with a hyphen. kinda make print dis-aligned than other regular print_* statements. changed -> to -, removed ' from '#{user/pass}'. works fine. msftidy check. module load check. pcap taken.
2013-06-13 14:03:55 +05:30
0b9cf213df
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-12 12:03:10 -05:00
871f1b7c1f
updated prints with ip-port reference. msftidy check. module load check. go rf reader..
2013-06-12 00:53:58 +05:30
736bf120d9
added sname in report data, corrected :host to rhost, :port to rport. msftidy check. module load check. upping it.
2013-06-12 00:25:50 +05:30
0578572d98
Change sevone_enum because it's an Scanner
2013-06-11 08:51:15 -05:00
5c078f5139
added report_note to store collected info. removed register rport for 80t. msftidy & module load checked. pushing it up.
2013-06-11 12:57:26 +05:30
c641184e37
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-10 13:30:36 -05:00
0c6dbe9885
Add final cleanup for sevone_enum
2013-06-10 13:16:22 -05:00
6765a911a4
Land #1921 , @juushya brute force login module for SevOne
2013-06-10 13:15:14 -05:00
622dc27d95
Land #1925 - fix SNMP enum module failing to catch some fail cases
...
[FixRM:#7945]
2013-06-10 12:51:02 -05:00
72a9c8612b
setting rfcode_reader_enum straight. more updates.
2013-06-10 22:57:00 +05:30
b20a38add4
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-10 12:22:52 -05:00
5c988d99fe
more updates to sevone.rb. hopefully all is covered..
2013-06-10 21:59:18 +05:30
04171c46ec
more updates to sevone.rb. hopefully all is covered.
2013-06-10 21:47:56 +05:30
f58e279066
Cleanup on module names, descriptions.
2013-06-10 10:52:22 -05:00
51a2bb77b0
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-10 09:33:19 -05:00
3fbbe3e7b3
Make msftidy happy
2013-06-10 08:16:15 -05:00
3c05cf4382
Land #1842 , @viris DoS module for cve-2013-0229
2013-06-10 08:15:45 -05:00
154894bda6
Added comments and merged jvazquez-r7-miniupnp_dos_clean branch.
2013-06-10 10:18:26 +02:00
ffa18d413f
Updated rfcode_reader_enum.rb ...
...
Updated as per review comments.
Removed loot of network configuration.
Used JSON.parse to bring cleaner loot output
Changed some print_goods to vprint_status
Changed if not to unless
2013-06-08 03:21:43 +05:30
74bddcf339
Update sevone_enum.rb
...
New updates as per review comments
2013-06-08 02:28:09 +05:30
1ca8fd2cf1
Update sevone_enum.rb
...
Updated as per initial review comments.
2013-06-08 01:14:43 +05:30
eb0ae6ed27
Update rfcode_reader_enum.rb
...
Updated as per review comments
2013-06-08 01:00:18 +05:30
2bb0bd504c
Makign changes recommended in redmine 7945 to fix SNMP enum module failing to catch some fail cases
2013-06-07 13:55:59 -05:00
6b8e6b3f0c
Create rfcode_reader_enum.rb
...
Adding new aux - RFCode Reader Web interface Login Brute Force & Config Capture Utility
2013-06-07 23:53:09 +05:30
fcc600aa3e
Create sevone_enum.rb
...
Adding new aux - SevOne Network Performance Management System application version enumeration and brute force login Utility
2013-06-07 23:39:22 +05:30
9c27a294cb
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-07 13:01:37 -05:00
0302437c2b
Land #1915 , smtp user enumeration enhancements
2013-06-07 11:42:41 -05:00
8cf5b548c3
make recommended changes
2013-06-06 14:23:25 -05:00
067899341e
fix a number of issues with the existing module (slowness, false positives, false negatives, stack traces, enumering unix users on windows systems, etc)
2013-06-06 13:26:04 -05:00
ec52795182
Clean for miniupnp_dos.rb
2013-06-06 11:19:26 -05:00
e5a17ba227
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-05 09:41:23 -05:00
a3b25fd7c9
Land #1909 - Novell Zenworks Mobile Device Managment exploit & auxiliary
2013-06-05 02:45:45 -05:00
307773b6a1
Extra space - die!
2013-06-05 02:44:56 -05:00
0c1d46c465
Add more references
2013-06-05 02:43:43 -05:00
5d90c6cd71
Make msftidy happy
2013-06-05 02:11:23 -05:00
ca5155f01d
Final touchup novell_mdm_creds
2013-06-05 02:08:55 -05:00
a5a3f40394
Report auth info
2013-06-05 02:06:32 -05:00
ed4766dc46
initial commit of novell mdm modules
2013-06-04 09:20:10 -07:00
2fe704ce38
Deleted undeeded comments and spaces.
2013-06-04 09:00:53 +02:00
4079484968
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-03 15:27:36 -05:00
055e0a222c
Land #1902 , OSVDB reference for memcached
2013-06-03 14:57:43 -05:00
4cf682691c
New module title and description fixes
2013-06-03 14:40:38 -05:00
b087951118
Add OSVDB reference 92867 for Memcached DoS module
2013-06-03 12:41:33 -05:00
116e2bb418
Landing #1782 - Added Memcached Remote Denial of Service module
2013-06-03 12:30:37 -05:00
3d9dcbf5bd
Add a check to see if the host is down
2013-06-03 12:26:57 -05:00
217b263af7
Moved the module to different location and make it msftidy.rb compliant.
2013-06-03 10:35:10 +02:00
571b62d19d
svn scanner added print_good and rport
2013-06-02 18:05:11 -04:00
3a360caba1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-31 19:03:21 -05:00
d318c1cd22
included feedback
2013-06-01 00:31:06 +01:00
e99401ea82
Landing #1817 - couchdb login module
2013-05-31 16:04:10 -05:00
a88321c700
Final touchup
2013-05-31 16:03:30 -05:00
483b5e204f
Missing the header
2013-05-31 16:00:36 -05:00
e398025a7f
I don't think what fails really matters.
2013-05-31 15:59:40 -05:00
d03379f1c6
changed 2 vprint_error to print_error
2013-05-30 11:54:42 +01:00
07203568bd
Performed changes to the correct operation of the module.
2013-05-29 20:50:28 -03:00
612eabd21a
added sap_router_portscanner module
2013-05-29 23:36:53 +01:00
9d91596e46
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-29 16:21:32 -05:00
10d8bebe73
Start with a random username to test 401 codes
...
SeeRM #7991
While this fixes the specific case of tomcat_mgr_login, it doesn't
address the general case where modules are attempting to test code 401
responses in order to determine if bruteforcing should continue.
2013-05-29 12:36:28 -05:00
aa688c4313
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-29 10:47:04 -05:00
f0e3b0c124
Merge pull request #1836 from dmaloney-r7/bug/anyuser_anypass_http
...
Verified MSF specs passing, Pro on develop functional tests working (ran Bruteforce, saw normal and verbose output concerning that bruteforce was skipped for such a case and why, verified no cred saved with 'anyuser' user).
2013-05-29 07:44:18 -07:00
6401d557fd
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-28 19:57:16 -05:00
a486fff9a4
Land #1872 , @wchen-r7's improvement of cold_fusion_version
2013-05-28 16:35:45 -05:00
96888455a7
Add new signature for CF9
2013-05-28 16:04:08 -05:00
66ea59b03f
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-28 15:22:46 -05:00
deea66b76f
Landing #1871 - fix an undefined variable bug in the DTP module
2013-05-28 15:13:20 -05:00
b9969a8b2b
Landing #1855 - Updates for coldfusion_pwd_props for CF9 by ringt
2013-05-28 14:43:09 -05:00
0ecffea66f
Updates fingerprint() for CF10
2013-05-28 14:42:11 -05:00
a6a46f82bb
Updates the description a little bit
2013-05-28 14:31:56 -05:00
e4e5edc619
Looks like we don't need to check MD5, let's keep it that way then.
2013-05-28 14:31:15 -05:00
8ab90e657c
Adds a check for Cold Fusion 10
2013-05-28 14:21:29 -05:00
3857507d73
fix an undefined variable bug in the DTP module
2013-05-28 14:52:58 -04:00
d16d316658
Fixes mssql_findandsampledata & ms11_006_creat esizeddibsection
...
[FixRM:7987]
[FixRM:7986]
2013-05-28 11:15:17 -05:00
5695994432
Added module to enumerate Canon printer Wifi settings
2013-05-27 18:02:37 -04:00
094a5f1b18
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-26 16:03:33 -05:00
6f2ddb3704
Update mssql_findandsampledata.rb
2013-05-25 11:33:57 +05:00
ea7805d3c8
Fixed a bug in the HSTS module around null headers
2013-05-23 15:02:39 -04:00
8e41ae3454
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-23 10:59:40 -05:00
8680aa8952
Landing #1857 - MS12-020 off-by-one fix
2013-05-22 22:57:08 -05:00
0dee5ae94d
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-22 12:54:44 -05:00
d028f52dbd
Fix broken ms12-020 vulnerability detection
...
The previous version of the script had an off-by-one error that prevented
proper detection of the vulnerability. Changes made in this revision
include:
- Correction of the off-by-one error
- Use of match instead of == to check for valid RDP connection
- Change of the channel requests to use IDs actually provided by
the responses from the server
2013-05-22 00:08:25 -04:00
54eeb8f000
Adding new version...old version does not work in windows, doesnt fingerprint, and a few other minor things
2013-05-21 13:13:21 -05:00
ee28a3a8d7
Update http_login.rb
...
add parens around conditional to make bikeshed prettier
2013-05-21 11:28:23 -05:00
f4498c3916
Remove $Id tags
...
Also adds binary coding magic comment to a few files
2013-05-20 16:21:03 -05:00
0f3b13e21d
up to date
2013-05-16 15:02:41 -05:00
d9bdf3d52e
Do final cleanup for sap_smb_relay
2013-05-16 14:25:10 -05:00
9dd582c526
Land #1656 , @nmonkee's module for SMB Relay attacks against SAP
2013-05-16 14:23:39 -05:00
947735bd25
up to date
2013-05-16 11:26:50 -05:00
c21035c0b9
Add final cleanup for sap_ctc_verb_tampering_user_mgmt
2013-05-16 10:42:09 -05:00
7823df0478
Change module filename
2013-05-16 10:41:25 -05:00
f3f0272395
Land #1652 , @nmonkee's SAP CTC Verb Tampering for User Mgmt module
2013-05-16 10:40:17 -05:00
4503a7af50
Don't save creds of anyuser:anypass
...
If http accepts any user and any pass, it's not a real auth
there is no reason to create cred objects for this.
These creds have been confusing our users
2013-05-16 10:25:32 -05:00
11286630d5
modifications to CLBA_ SOAP requests to fix XML kernel processor error
2013-05-16 11:24:29 +01:00
8a18853dfa
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-15 21:35:59 -05:00
c82bb73347
Avoid super verbose output
2013-05-15 17:45:37 -05:00
011b0bb741
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-15 09:07:47 -05:00
649a8829d3
Add modules for Mutiny vulnerabilities
2013-05-15 09:02:25 -05:00
c410a54d44
Merge SAP SMB Relay abuses in just one module
2013-05-14 20:53:08 -05:00
357ef001cc
Change module filename
2013-05-14 20:52:33 -05:00
83f1418f28
up to date
2013-05-14 14:48:58 -05:00
07b3355a17
Merge branch 'sap_ctc_verb_tampering_add_user_and_add_role' of https://github.com/nmonkee/metasploit-framework
2013-05-14 13:47:39 -05:00
b9caa23b30
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-14 12:26:23 -05:00
3d7c9a9a06
Changed the path from TARGETURI
2013-05-14 00:11:40 -03:00
5e997aaf80
Landing #1816 - lists essential information about CouchDB
2013-05-13 16:46:20 -05:00
cba045a604
Make additional changes to the module
2013-05-13 16:42:33 -05:00
e3384439ed
64-bit, not '64 bits'
2013-05-13 15:40:17 -05:00
1d755eb705
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-13 12:49:32 -05:00
e71e0c1c28
Land #1822 , @wchen-r7's module for Coldfusion HTP disclosed exploit
2013-05-13 12:41:54 -05:00
f04ca17bb9
Fix default action
2013-05-13 11:56:02 -05:00
5b64379553
Add Coldfusion 9 target, OSVDB ref and review
2013-05-13 11:55:11 -05:00
60299c2adb
Add EDB-25305 - That ColdFusion 10 sub0 0day stuff
...
This is just an aux module that extract passwords from
password.properties. Yes, this can leverage a shell too, but
obviously that's best implemented in #1737 , or as a new exploit.
We'll see.
2013-05-12 21:23:53 -05:00
51a532e8b4
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-12 17:39:58 -05:00
feac292d85
Clean up for dlink_dsl320b_password_extractor
2013-05-12 17:35:59 -05:00
Cristiano Maruti
Steve Tornio
jvazquez-r7
sinn3r
Matt Andreko
Tod Beardsley
Bruno Morisson
KarnGaneshen
Dejan Lukan
Thomas Ring
James Lee
steponequit
William Vu
CG
Roberto Soares Espreto
Samuel Huckins
Spencer McIntyre
darknight007
John Sherwood
dmaloney-r7
nmonkee