jvazquez-r7
dd5060e08c
Land #5340 , @wchen-r7's change to the symantec_web_gateway_login writing style
2015-05-15 13:18:35 -05:00
jvazquez-r7
cf5fa6752e
Use parenthesis
2015-05-15 13:17:54 -05:00
jvazquez-r7
d05cae5faf
Land #5329 , @wchen-r7's add configurable options to jenkins_login
2015-05-15 11:38:21 -05:00
wchen-r7
24a989b8a3
Land #5249 , Add Module for Enum on InfluxDB database
2015-05-14 11:22:54 -05:00
wchen-r7
005c36b2a6
If data is empty, don't save (or even continue)
2015-05-14 11:22:10 -05:00
wchen-r7
ac0e4e747a
Change writing style of symantec_web_gateway_login
2015-05-13 00:23:37 -05:00
wchen-r7
202c5e0121
Land #5333 , HTML Title Grabber
2015-05-12 11:19:06 -05:00
wchen-r7
faec5844cb
Some fixes
2015-05-12 11:18:21 -05:00
jvazquez-r7
a5267ab77e
Land #4940 , @dnkolegov's modules for F5 BIG-IP devices
2015-05-12 09:59:21 -05:00
Stuart Morgan
f0048b9a6d
Apparently you don't quote the keys with the new syntax
2015-05-12 11:00:18 +01:00
Stuart Morgan
7c81adbd89
MSFTidy is now quiet and happy
2015-05-12 10:47:49 +01:00
Stuart Morgan
1f6bd3e2be
Updated to new ruby hash syntax and removed <> from title
2015-05-12 10:43:32 +01:00
Stuart Morgan
518e28674e
Removed CGI dependency (@hmoore-r7, @wchen-r7)
2015-05-11 21:10:18 +01:00
Stuart Morgan
78e310562b
Readability style change
2015-05-11 19:48:12 +01:00
Stuart Morgan
8e3d803e74
Updated style as per @void-in's comments
2015-05-11 19:46:10 +01:00
Stuart Morgan
62d67469da
Updated code style as per @hmoore-r7's instructions
2015-05-11 19:34:23 +01:00
Stuart Morgan
b8f7c80fd2
Rubocop
2015-05-11 18:50:03 +01:00
Stuart Morgan
8308c2a925
Added check for nonsensical options
2015-05-11 18:48:55 +01:00
Stuart Morgan
99133deabb
Reran tests, sorted out strip problem
2015-05-11 18:29:44 +01:00
Stuart Morgan
c25a5d3859
Fixed a bunch of rubocop errors
2015-05-11 18:14:37 +01:00
Stuart Morgan
34cf90af59
Removed unnecessary include
2015-05-11 17:31:31 +01:00
Stuart Morgan
c001f014ce
HTML Title Grabber
2015-05-11 17:29:22 +01:00
wchen-r7
d8cc2c19d3
Fix #5315 , User configurable options for jenkins_login
...
Fix #5315 . This patch allows the user to configure the HTTP method
for the login, as well as the URL.
2015-05-11 10:15:49 -05:00
Denis Kolegov
efb226a55c
Fixed some minor errors
2015-05-10 02:59:57 -04:00
jvazquez-r7
a8adcda941
Redo port checks
2015-05-08 15:29:30 -05:00
jvazquez-r7
156aac1dff
Use timeout options
2015-05-08 15:23:08 -05:00
jvazquez-r7
bf9ca1f88f
Change module filename
2015-05-08 15:08:59 -05:00
jvazquez-r7
f56115552f
Do code cleanup
2015-05-08 14:56:39 -05:00
jvazquez-r7
b73241882b
Use datastore option
2015-05-08 14:48:19 -05:00
jvazquez-r7
b5f5bacb8c
Use the connect/read timeout as used by the HTTPClient mixin
2015-05-08 14:46:08 -05:00
jvazquez-r7
9fdbfd7031
Use vprint_error
2015-05-08 14:21:36 -05:00
jvazquez-r7
017ae463ed
Fix description style
2015-05-08 14:18:29 -05:00
jvazquez-r7
2e01eb519d
Do minor fixes
2015-05-08 14:04:44 -05:00
jvazquez-r7
5588ad36b3
Print status message
2015-05-08 13:51:00 -05:00
jvazquez-r7
7e62ba85a1
Do code cleanup
2015-05-08 13:33:28 -05:00
jvazquez-r7
60c2c7a7cd
Delete unused variable
2015-05-08 13:19:39 -05:00
jvazquez-r7
c0f21c3ae1
Fix metadata
2015-05-08 13:19:23 -05:00
void-in
a7988f9e93
Change credentials to service:service
2015-05-08 22:52:59 +05:00
William Vu
508574970c
Land #5307 , Brocade login scanner resurrection
2015-05-07 22:43:39 -05:00
William Vu
8d3737d13c
Fix some stylistic issues
2015-05-07 22:43:23 -05:00
William Vu
c9cb9ad564
Fix extraneous comma
2015-05-07 15:32:48 -05:00
Tod Beardsley
4df622c76b
Oops, one last for #5312 .
2015-05-06 14:48:17 -05:00
Tod Beardsley
e8913e5620
Addressed most of @wvu's issues with #5312
2015-05-06 14:47:08 -05:00
Tod Beardsley
f423306b6f
Various post-commit fixups
...
Edited modules/auxiliary/dos/http/ms15_034_ulonglongadd.rb first landed
in #5150 , @wchen-r7's DOS module for CVE-2015-1635 HTTP.sys
Edited modules/auxiliary/gather/apple_safari_ftp_url_cookie_theft.rb
first landed in #5192 , @joevennix's module for Safari CVE-2015-1126
Edited modules/auxiliary/gather/java_rmi_registry.rb first landed in
Edited modules/auxiliary/gather/ssllabs_scan.rb first landed in #5016 ,
add SSL Labs scanner
Edited modules/auxiliary/scanner/http/goahead_traversal.rb first landed
in #5101 , Add Directory Traversal for GoAhead Web Server
Edited modules/auxiliary/scanner/http/owa_iis_internal_ip.rb first
landed in #5158 , OWA internal IP disclosure scanner
Edited modules/auxiliary/scanner/http/wp_mobileedition_file_read.rb
first landed in #5159 , WordPress Mobile Edition Plugin File Read Vuln
Edited modules/exploits/linux/http/multi_ncc_ping_exec.rb first landed
in #4924 , @m-1-k-3's DLink CVE-2015-1187 exploit
Edited modules/exploits/unix/webapp/wp_slideshowgallery_upload.rb first
landed in #5131 , WordPress Slideshow Upload
Edited modules/exploits/windows/local/run_as.rb first landed in #4649 ,
improve post/windows/manage/run_as and as an exploit
(These results courtesy of a delightful git alias, here:
```
cleanup-prs = !"for i in `git status | grep modules | sed
s/#.*modules/modules/`; do echo -n \"Edited $i first landed in \" && git
log --oneline --first-parent $i | tail -1 | sed 's/.*Land //' && echo
''; done"
```
So that's kind of fun.
2015-05-06 11:39:15 -05:00
Brent Cook
93c785560b
remove brocade_telnet scanner, extend telnet
...
Rather than duplicate the entire telnet scanner, add a pre-login hook that a
module can use to extend the behavior on connect. This also adds a local
pass-through print_error method like http has.
2015-05-05 21:19:46 -05:00
Mike
dc053aeb58
Spelling Fix
...
s/Brocde/Brocade/ as per bcook-r7
2015-05-05 21:16:24 -05:00
root
fc1c0028a8
moved array definition to avoid error
2015-05-05 21:16:23 -05:00
root
7949daf42b
brocade_enable_login msftidy success
2015-05-05 21:16:23 -05:00
root
6b5aaa5479
brocade enable command bruteforcer
2015-05-05 21:16:23 -05:00
Denis Kolegov
7fb99cdaaf
Merged fixed conflicts
2015-05-02 05:37:36 -04:00
Denis Kolegov
f95774c6b4
Fixed bugs
2015-05-02 05:09:03 -04:00
jvazquez-r7
93ac8b48e3
Land #5178 , @jboss_vulnscan check for console default admin
...
* And minor fixes
2015-05-01 17:38:20 -05:00
jvazquez-r7
697c6c20cb
Do minor cleanup
2015-05-01 17:37:45 -05:00
jvazquez-r7
04fa626eab
Save credentials as UNTRIED
2015-05-15 14:58:55 -05:00
jvazquez-r7
16c3bf91a1
Do code cleanup
2015-05-15 14:46:34 -05:00
jvazquez-r7
c6806b4e5f
Land #5102 , @wchen-r7's ManageEngine Desktop Central Login Utility
2015-05-01 15:20:21 -05:00
jvazquez-r7
b037560c90
Do minor style fixes
2015-05-01 15:01:13 -05:00
William Vu
83288ff391
Fix typo
2015-04-30 17:58:26 -05:00
James Lee
ee5dc1d6e4
Land #5277 , typo in telnet_encrypt_overflow
2015-04-30 10:44:55 -05:00
Brent Cook
4c9f44b00c
Revert "Land #4888 , @h00die's brocade credential bruteforcer"
...
There were some issues with this module that caused backtraces when run outside
of msfconsole. Reverting it for now so we can add some specs and ensure that it
works like the other login scanners.
2015-04-29 15:36:03 -05:00
William Vu
9b17191e48
Remove unnecessary {,dis}connect
2015-04-28 15:09:16 -05:00
William Vu
28e661e204
Fix false positive in POODLE scanner
...
If SSL is false somehow.
2015-04-28 14:19:48 -05:00
m-1-k-3
0a4554a204
reporting included, extract device details
2015-04-28 13:01:51 +02:00
Christian Mehlmauer
7523e592d2
Land #5198 , WordPress contus video gallery 2.7 scanner
2015-04-27 23:24:57 +02:00
m-1-k-3
ce697ee44c
netgear soap password extractor
2015-04-27 17:56:30 +02:00
Brandon Perry
7a2084cdc5
Rename wordpress_contus_video_gallery_sqli.rb to wp_contus_video_gallery_sqli.rb
2015-04-26 16:54:21 -05:00
m-1-k-3
b330b1d41c
typo in title of telnet_encrypt_overflow.rb
2015-04-26 02:32:14 +02:00
Roberto Soares
c41c7a1ba2
Rewrote the conditions of res.
2015-04-25 17:18:38 -03:00
Roberto Soares
d01da0c522
Changed if conditions and exception handling
2015-04-25 15:08:36 -03:00
Roberto Soares
3a84396f32
Removed authorization header.
2015-04-25 14:30:21 -03:00
Roberto Soares
b810a96dac
Add Module for Enum on InfluxDB database.
2015-04-25 04:41:33 -03:00
Brent Cook
ff96101dba
Land #5218 , fix #3816 , remove print_debug / DEBUG
2015-04-24 13:41:07 -05:00
jvazquez-r7
896d6e8cb7
Fix title
2015-04-24 11:09:39 -05:00
jvazquez-r7
1825b45ac3
Land #5242 , @espreto's module for GI-Media Library Plugin Directory Traversal
2015-04-24 11:08:52 -05:00
jvazquez-r7
7af6f31c3a
Fix message
2015-04-24 11:08:00 -05:00
jvazquez-r7
5ca6fe3cb0
Do code cleanup
2015-04-24 11:07:13 -05:00
Brent Cook
f457f36cdd
Land #5213 , improvements to MS15-035 DoS
2015-04-24 10:54:48 -05:00
kaospunk
bb0b2eee37
Fix missing . in SRV query
...
This update adds a missing . to the end of the
_ldap._tcp SRV record so that it properly forms
the DNS query.
2015-04-24 10:42:31 -04:00
Roberto Soares
e51897d64e
Filepath option
2015-04-24 04:35:59 -03:00
Roberto Soares
7b0b59b5f6
Add WordPress GI-Media Library Plugin File Read.
2015-04-24 04:24:16 -03:00
Brandon Perry
e9f8b25987
Update wordpress_contus_video_gallery_sqli.rb
...
Update to use the Wordpress mixin
2015-04-22 14:43:55 -05:00
Brandon Perry
26d208f089
Update wordpress_contus_video_gallery_sqli.rb
...
remove 'uri'
2015-04-22 14:42:03 -05:00
Brent Cook
3963289519
Land #4888 , @h00die's brocade credential bruteforcer
2015-04-21 18:27:03 -05:00
Mike
3a1778ef7c
Spelling Fix
...
s/Brocde/Brocade/ as per bcook-r7
2015-04-21 17:57:36 -04:00
jvazquez-r7
3db0e12b67
Modify autopwn comment
2015-04-21 14:19:15 -05:00
jvazquez-r7
ab94f15a60
Take care of modules using the 'DEBUG' option
2015-04-21 12:13:40 -05:00
jvazquez-r7
4224008709
Delete print_debug/vprint_debug
2015-04-21 11:14:03 -05:00
Brent Cook
073850c5ad
Land #5158 , OWA internal IP disclosure scanner
2015-04-21 11:10:39 -05:00
Brent Cook
5296c6507d
Land #5157 , OWA login scanner auth timing logs
2015-04-21 11:06:08 -05:00
wchen-r7
a44da8e6d7
URL refs
2015-04-21 09:29:08 -05:00
Brent Cook
9a49538c1a
Land #5016 , add SSL Labs scanner
2015-04-20 21:34:16 -05:00
Brent Cook
752c3243f6
wrap print* functions in report_* wrappers
...
Preserve the semantics in the code, but don't call functions like 'print_error'
unless there is an actual error running the module. Fix spelling of 'Overall'.
2015-04-20 21:13:43 -05:00
wchen-r7
ff32d6cee3
Improve MS15-034 DOS
2015-04-20 20:36:08 -05:00
jvazquez-r7
c6c7560aed
Land #4846 , @joevennix's android 4.3 uxss module
2015-04-20 18:43:24 -05:00
jvazquez-r7
9b240e1d8f
Use parenthesis
2015-04-20 18:42:34 -05:00
William Vu
79ca0a56f9
Land #4171 , Steam protocol support
2015-04-20 15:35:06 -05:00
jvazquez-r7
f762873a31
Land #5192 , @joevennix's module for Safari CVE-2015-1126
...
* Module to profit cross domain vulnerability on safari
2015-04-20 15:19:54 -05:00
jvazquez-r7
e2eaff6b3a
Don't modify datastore options
2015-04-20 15:16:21 -05:00
jvazquez-r7
88c52ae7ae
Delete second stop_service, the mixin should had done the job
2015-04-20 15:13:11 -05:00
jvazquez-r7
dc0549d2dd
Use #wait
2015-04-20 15:06:01 -05:00
jvazquez-r7
c1234e05e2
Delete parenthesis from condition
2015-04-20 14:56:37 -05:00
jvazquez-r7
0283ac05e5
Do minor style fixes
2015-04-20 14:54:39 -05:00
jvazquez-r7
69b8edda4a
Use single quotes
2015-04-20 14:53:38 -05:00
jvazquez-r7
16daa935dd
Do minor code cleanup
2015-04-20 13:08:51 -05:00
Brandon Perry
b622aae97f
Update wordpress_contus_video_gallery_sqli.rb
2015-04-19 18:24:12 -05:00
Brandon Perry
c393f7c398
add contus video gallery scanner
2015-04-19 17:58:08 -05:00
Christian Mehlmauer
ed9175d73f
Land #5167 , WordPress CP Multi-View Calendar SQLI Scanner
2015-04-19 23:36:23 +02:00
Brandon Perry
8c0bcd2e03
Update wordpress_cp_calendar_sqli.rb
...
Use the new WPVDB
2015-04-19 16:32:57 -05:00
joev
2010e966b3
Add non-httponly cookie theft module for ios/osx safari.
2015-04-19 11:32:37 -05:00
wchen-r7
4f903a604c
Fix #5103 , Revert unwanted URI encoding
...
Fix #5103 . By default, Httpclient will encode the URI but
we don't necessarily want that. These modules originally
didn't use URI encoding when they were written so we should
just keep them that way.
2015-04-17 13:59:49 -05:00
Christian Mehlmauer
6653c9e33d
Land #5162 , WordPress Dukapress File Read Vulnerability
2015-04-17 11:20:55 +02:00
Christian Mehlmauer
6c77b64dae
wrong method name
2015-04-17 11:20:14 +02:00
Christian Mehlmauer
aef464fc2e
Land #5159 , WordPress Mobile Edition Plugin File Read Vuln
2015-04-17 11:13:00 +02:00
William Vu
3422501d91
Land #5174 , deprecated module cleanup
2015-04-16 17:43:28 -05:00
Christian Mehlmauer
153344a1dd
fix Unkown typo
2015-04-16 23:59:28 +02:00
Christian Mehlmauer
2b9fd93729
remove deprecated modules
2015-04-16 22:49:22 +02:00
Roberto Soares
ed588e335b
Changed the print_error output.
2015-04-16 17:32:59 -03:00
Roberto Soares
bf3bdcffb4
Changed the deph value to 7.
2015-04-16 17:30:28 -03:00
Roberto Soares
dd474757fe
Changed the print_error output.
2015-04-16 17:26:44 -03:00
Roberto Soares
f50cedeafd
Changed the depth value to 7.
2015-04-16 17:22:49 -03:00
Christian Mehlmauer
352e170624
more failure reasons
2015-04-16 22:04:11 +02:00
Christian Mehlmauer
b4b8ac0849
moar fail_with's
2015-04-16 21:26:37 +02:00
Christian Mehlmauer
4dc402fd3c
moar fail_with's
2015-04-16 21:16:52 +02:00
Christian Mehlmauer
0e186fa617
first fail_with fixes
2015-04-16 21:08:33 +02:00
William Vu
1455d4e94d
Fix AUTH_TIME
2015-04-16 11:39:33 -05:00
William Vu
7c572777e1
Fix whitespace
2015-04-16 11:34:50 -05:00
William Vu
7a9167b235
Fix comments
2015-04-16 11:34:47 -05:00
Nate Power
9bcc988266
Update owa_login
2015-04-16 11:23:04 -05:00
Brandon Perry
75b88f199a
Create wordpress_cp_calendar_sqli.rb
2015-04-16 09:53:00 -05:00
Roberto Soares
ecc67b1a57
Fix loot name
2015-04-16 10:42:20 -03:00
Roberto Soares
d898af5513
Add check version and removed HttpClient
2015-04-16 10:40:35 -03:00
Roberto Soares
768294710b
Add check and removed HttpClient
2015-04-16 10:22:10 -03:00
Roberto Soares
890561bff3
Rewriting the condition 'if' for only one line
2015-04-16 09:23:56 -03:00
Roberto Soares
b90ff36ef4
Rewriting the condition 'if' for only one line
2015-04-16 09:15:17 -03:00
Roberto Soares
21e964e699
Add Author and references..
2015-04-16 07:20:48 -03:00
Roberto Soares
f6f4bd0746
Add WordPress Dukapress File Read Vulnerability
2015-04-16 07:17:46 -03:00
Roberto Soares
c8e1185a04
Included Wordpress mixin.
2015-04-16 05:02:39 -03:00
William Vu
42ff0decc7
Land #4722 , timing options for snmp_login
2015-04-16 02:25:29 -05:00
William Vu
88062a578d
Clean up PR
2015-04-16 02:25:06 -05:00
William Vu
bec6270f07
Fix regex
2015-04-15 23:47:03 -05:00
William Vu
0a4ab99aa5
Land #5149 , couchdb_enum cleanup
2015-04-15 21:50:30 -05:00
William Vu
4410f8da6e
Clean up module some more
2015-04-15 21:48:19 -05:00
Brent Cook
30d60975ba
Land #5144 , add missing report_note in apache_range_dos
2015-04-15 21:47:18 -05:00
William Vu
01ae7002cf
Fix EOF whitespace
2015-04-15 21:27:53 -05:00
William Vu
20d4d1ce3f
Move report_goods before the return
2015-04-15 21:22:41 -05:00
Roberto Soares
0031f09d60
Add author, EDB, WPVDB and fix loot.
2015-04-15 20:03:36 -03:00
Roberto Soares
0f1cf1d1b1
Add Module WP Mobile Edition Plugin File Read Vuln
2015-04-15 19:45:08 -03:00
William Vu
66b7179a97
Rename module to owa_iis_internal_ip
2015-04-15 17:10:01 -05:00
William Vu
a109dae033
Fix EOL whitespace
2015-04-15 16:58:59 -05:00
William Vu
cc422eeeea
Fix splat
2015-04-15 16:58:18 -05:00
Nate Power
34ce4edacb
Add exchange_iis_internal_ip
2015-04-15 16:55:19 -05:00
sinn3r
7cc80c418b
Correct a bad spelling in ms15_034_ulonglongadd.rb
2015-04-15 15:32:55 -05:00
sinn3r
76d36a46dc
Missing a checkcode
2015-04-15 14:04:18 -05:00
sinn3r
8a542b841c
Don't check Server header
2015-04-15 13:33:09 -05:00
sinn3r
90ed6ee0b6
No "vhost"
2015-04-15 13:32:11 -05:00
sinn3r
3aa8e6908d
Converted to a DOS module
2015-04-15 13:13:16 -05:00
sinn3r
19ab71aa43
Final update i swear
2015-04-15 10:20:15 -05:00
sinn3r
7a77dbc9f0
Update description
2015-04-15 10:15:40 -05:00
sinn3r
2206ae48a1
Match the PR title
2015-04-15 01:50:59 -05:00
sinn3r
63048a7385
Newline
...
-_-
2015-04-15 01:38:09 -05:00
sinn3r
6f874b81ff
Add MS15-034 check (CVE-2015-1635)
2015-04-15 01:37:43 -05:00
Roberto Soares
1d6300991c
Clean the code of the module couchdb_enum.
2015-04-15 02:58:51 -03:00
William Vu
3cdc84bf27
Fix missing type in report_note
2015-04-14 14:02:20 -05:00
Tod Beardsley
d87483b28d
Squashed commit of the following:
...
commit 49f480af8b9d27e676c02006ae8873a119e1aae6
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Mon Apr 13 10:42:13 2015 -0500
Fix funny punctuation on rootpipe exploit title
See #5119
commit 0b439671efd6dabcf1a69fd0b089c28badf5ccff
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Mon Apr 13 10:37:39 2015 -0500
Fix vendor caps
Trusting the github repo README at
https://github.com/embedthis/goahead
See #5101
2015-04-13 10:46:47 -05:00
sinn3r
284ef5bbbb
Land #5112 , Nessus REST Login Module
2015-04-10 13:32:53 -05:00
Jon Cave
b2b7da2dc5
Fix spelling of Microsoft in module name
2015-04-10 11:09:16 +01:00
root
7810f3d9a3
Add previous nessus_xmlrpc_login file
2015-04-10 12:32:42 +05:00
root
bbbd4d3634
change name to keep both XML and REST modules
2015-04-10 12:20:43 +05:00
root
b6e750d7eb
Nessus auxiliary scanner for updated REST API
2015-04-09 11:36:17 +05:00
William Vu
c9bf8f3140
Land #5105 , @joevennix's cable modem 0day
2015-04-08 16:09:46 -05:00
William Vu
831a59b10b
Fix whitespace
2015-04-08 16:09:28 -05:00
Tod Beardsley
52f1b95222
Add disclosure link
2015-04-08 16:07:33 -05:00
sinn3r
1bfda9e78f
Land #5101 , Add Directory Traversal for GoAhead Web Server
2015-04-08 15:30:23 -05:00
Brent Cook
e03f2df691
Land #5002 , RMI/JMX improvements
2015-04-08 15:23:29 -05:00
Tod Beardsley
7ed1655976
Adding module for R7-2015-01
...
Disclosure coming soon, will update this module with a pointer to the
correct reference.
2015-04-08 12:34:31 -05:00
sinn3r
5f389cf3c2
Add ManageEngine Desktop Central Login Utility
2015-04-08 02:05:56 -05:00
Roberto Soares
dc14c770be
Changed the traversal variable to just one line
2015-04-08 02:26:59 -03:00
Roberto Soares
441042ed37
Removed the segments variable
2015-04-08 01:29:45 -03:00
Roberto Soares
d399d05383
Add Directory Traversal for GoAhead Web Server
2015-04-07 20:22:06 -03:00
Zach Grace
42e82cc644
Rubocop fixes
2015-04-07 18:21:08 -05:00
Zach Grace
7275d5745f
Fixes, refactoring and adding JBoss AS default creds scanning
2015-04-07 17:40:25 -05:00
William Vu
e1af495d21
Add extra release fixes
2015-04-06 13:08:40 -05:00
William Vu
56dc7afea6
Land #5068 , @todb-r7's module author cleanup
2015-04-03 16:00:36 -05:00
jvazquez-r7
79b2a23dff
Land #5015 , @espreto file traversal scanner for RIPS
2015-04-03 15:35:58 -05:00
jvazquez-r7
ce6e5e12d8
Make depth an option
2015-04-03 15:33:27 -05:00
jvazquez-r7
70fad73092
Add metadata
2015-04-03 15:27:28 -05:00
jvazquez-r7
e3bbb7c297
Solve conflicts
2015-04-03 14:57:49 -05:00
jvazquez-r7
e729185804
Land #5051 , @nullbind's new options for mssql_enum_domain_accounts_sqli
2015-04-03 14:44:20 -05:00
jvazquez-r7
fe9fbfd157
Make calculations easier
2015-04-03 14:43:01 -05:00
root
452ebcf9ad
travis
2015-04-03 16:29:35 +05:00
root
be829e77ba
cravis error solve
2015-04-03 16:25:18 +05:00
root
4bd40fed7f
yard doc and comment corrections for auxiliary
2015-04-03 16:12:23 +05:00
Denis Kolegov
c9e8f9cbea
Add BigIP HTTP VS scanner and fix connection errors
2015-04-03 02:30:03 -04:00
Tod Beardsley
6532fad579
Remove credits to Alligator Security Team
...
All but one of these modules credits both a team name and individual
team members. We should just be crediting team members. The domain
persists in all the other credits.
The one that didn't was credited to dflah_ specifically, so merely
changed the author name.
Longer description, if needed, wrapped at 72 characters.
[See #5012 ]
2015-04-02 15:12:22 -05:00
sinn3r
a592f645f0
Land #5039 , Webdorado gallery wd 1.2.5 unauthenticated SQLi scanner
2015-04-01 14:34:58 -05:00
nullbind
91aeef0a8a
added startrid and endrid
2015-04-01 10:09:13 -05:00
Tod Beardsley
d1318d1b48
Fixups for release
2015-03-31 11:02:12 -05:00
Brandon Perry
e73286cfa5
update stale references
2015-03-30 17:17:48 -05:00
sinn3r
613f4777ce
Land #5024 , add joomla_ecommercewd_sqli_scanner.rb
2015-03-30 12:45:09 -05:00
jvazquez-r7
8ff54ff98d
Add msb reference
2015-03-30 10:58:08 -05:00
sinn3r
9af1e76bf7
Obfuscate js
2015-03-30 10:52:01 -05:00
sinn3r
c7fa01c5ae
Rename file
2015-03-30 10:39:33 -05:00
Denis Kolegov
9d78aa96d9
Add output of API errors to console
2015-03-30 02:42:09 -04:00
Brandon Perry
de2bf0181c
add first pass at gallerywd sqli scanner
2015-03-28 16:15:51 -05:00
Brandon Perry
9f0483248c
add TARGETURI datastore option
2015-03-28 15:46:41 -05:00
Brandon Perry
6ede476423
Update joomla_ecommercewd_sqli_scanner.rb
2015-03-28 08:38:12 -05:00
Brandon Perry
0dbd8544b4
Update joomla_ecommercewd_sqli_scanner.rb
2015-03-27 21:20:59 -05:00
Brandon Perry
31be47d5bc
Create joomla_ecommercewd_sqli_scanner.rb
2015-03-27 20:25:33 -05:00
Denis Kolegov
45f8738cfe
Fix stdout errors
2015-03-27 07:53:59 -04:00
Denis Kolegov
3515a0a71f
Initial commit for supporting SSL Labs API
2015-03-27 07:34:11 -04:00
Roberto Soares
3e104fd8e6
Add Directory Traversal for RIPS Scanner
2015-03-27 05:08:43 -03:00
sinn3r
f996c5a888
Update description
2015-03-27 02:31:36 -05:00
sinn3r
67dc46791d
Limit the module to IE 8 and IE9
2015-03-27 02:30:04 -05:00
sinn3r
f88d9651b6
I don't think it's worth putting the js in ie_addons.js
2015-03-27 02:26:50 -05:00
sinn3r
bd2763292a
Properly credit Soroush Dalili
2015-03-26 23:36:16 -05:00
sinn3r
560f31c34d
Minor changes
2015-03-26 23:29:44 -05:00
sinn3r
68624dd56e
Final for ie_files_disclosure.rb
2015-03-26 22:49:22 -05:00
sinn3r
b0b17775c2
First working version
2015-03-26 21:53:26 -05:00
jvazquez-r7
0540e25db2
Calculate the java/rmi/registry/RegistryImpl_Stub hash dinamically
2015-03-25 11:29:07 -05:00
dnkolegov
5d80ef9325
Fix minor issues
2015-03-25 02:53:36 -04:00
dnkolegov
040a1af9c5
Delete useless ecnryption cookie detection, fix minor issues
2015-03-25 02:34:33 -04:00
rastating
7a0fe05803
Add CVE-ID to module references
2015-03-24 22:30:43 +00:00
Christian Mehlmauer
7bf00f8f47
Land #4789 , @rastating WPLMS wordpress module
2015-03-24 20:46:38 +01:00
jvazquez-r7
39e87f927a
Make code consistent
2015-03-24 11:44:26 -05:00
Tod Beardsley
49a6057f74
Grammaring harder
2015-03-24 11:10:36 -05:00
dnkolegov
ee17d6e606
Deleted spaces at EOL
2015-03-23 04:34:38 -04:00
dnkolegov
2a0deaa6c8
Deleted default options and SYN scan
2015-03-23 04:31:08 -04:00
jvazquez-r7
8c3e39acf0
Land #4847 @rastating's module for WordPress WP EasyCart privilege escalation
2015-03-20 18:23:05 -05:00
jvazquez-r7
349d7cb9ee
Do minor cleanup
2015-03-20 18:20:45 -05:00
William Vu
6f51946aa0
Land #4969 , GitLab module references
2015-03-20 17:26:51 -05:00
William Vu
99f3de0843
Clean up info hash formatting
2015-03-20 17:26:21 -05:00
jvazquez-r7
1226b3656f
Land #4945 , @wchen-r7's login scanner for Symantec web gateway
2015-03-20 14:44:05 -05:00
jvazquez-r7
2f35fcff99
Fix require
2015-03-20 14:43:42 -05:00
Meatballs
8ee520e749
Add reference
2015-03-20 19:17:34 +00:00
sinn3r
b19f766728
Land #4942 , Gitlab Login Scanner
2015-03-20 13:02:12 -05:00
sinn3r
a2ce14a31e
Land #4941 , Gitlab Unauth User Enumeration
2015-03-20 12:28:35 -05:00
sinn3r
235124a40a
Fix typo
2015-03-20 12:27:23 -05:00
sinn3r
84164b44b2
Should also rescue JSON::ParserError for banner parsing
2015-03-20 12:27:02 -05:00
jvazquez-r7
b839547dc3
Add documentation for Registry modules and methods
2015-03-19 17:57:21 -05:00
jvazquez-r7
a7f1244251
Finish the java_rmi_registry gather module
2015-03-19 17:33:45 -05:00
sinn3r
94ab2f94fd
Remove symbols that aren't used
...
These symbols belong to the AuthBrute mixin, but we are not using
AuthBrute for login testing.
2015-03-19 14:14:01 -05:00
jvazquez-r7
5c3134a616
Add first support to gather information from RMI registries
2015-03-19 11:16:04 -05:00
OJ
e943cb550f
Land #4585 : CVE-2015-0975 XXE in OpenNMS
2015-03-18 22:34:52 +10:00
OJ
d1a2f58303
Fix of regex for file capture and format tweaks
2015-03-18 22:17:44 +10:00
OJ
fa7242388b
Move the module to the correct location
2015-03-18 18:18:54 +10:00
jvazquez-r7
14be07a2c4
Update java_rmi_server modules
2015-03-17 21:29:52 -05:00
James Lee
bd4738b93e
Land #4827 , capture and nbns fixups
2015-03-17 17:37:55 -05:00
James Lee
d7fa0ec669
Let IPAddr#hton do the calculating
2015-03-17 17:36:45 -05:00
jvazquez-r7
1242404085
Delete comment
2015-03-17 14:18:07 -05:00
William Vu
d1d6378179
Land #4566 , Misfortune Cookie scanner improvements
2015-03-17 12:32:35 -05:00