infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,157 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

1063 Commits (8909ad12ba83b22b90c196815991817f70530ae5)

Author SHA1 Message Date
David Maloney 06b1bffcea Addresses an issue with udp sweep module that recorded services 
from non-specified hosts when they respond to broadcast probes.
 2012-01-20 15:34:15 -06:00
HD Moore bb035bfec2 Fix up API option names so they can be set globally 2012-01-18 15:05:39 -06:00
Tod Beardsley ad6f8257e1 MSFTidy fixes. 2012-01-18 15:01:32 -06:00
sinn3r 7d9ba6f5e9 Fix bug #6256: uninitialized class variable error 2012-01-17 17:58:53 -06:00
Jon Hart 6a057560fa Improvements to auxiiliary/scanner/http/soap_xml to: 
* Detect additional SOAP faults to reduce false positives
* More obviously support SSL
* Report http/https
* Make it obvious when a SOAP endpoint falls over mid-scan
* Add a few more nouns/verbs
* Add an optional SLEEP to play nice with old/slow SOAP endpoints

https://dev.metasploit.com/redmine/issues/6249
 2012-01-16 12:27:17 -08:00
Tod Beardsley 4ac6c0c3ee A great big pile of fixes to the ssh scanners 
Not sure how this managed to fall out of master -- some of these fixes
are five days old, and should certianly have been merged in prior to
just now.
 2012-01-13 13:49:21 -06:00
Tod Beardsley d52df50a77 Drop a spurious print_error line from smtp_version 2012-01-13 11:46:56 -06:00
David Maloney 6234d13f7c Added Schema Dump Module for Postgres 2012-01-12 15:20:46 -05:00
David Maloney 52be1c3a7a Add schemadump module for MySql 2012-01-11 12:16:22 -08:00
David Maloney 13069990eb Added module for dumping schema information from Microsoft SQL Server 
and storing it as loot and notes.
 2012-01-10 15:32:09 -08:00
Tod Beardsley 7e25f9a6cc Death to unicode 
Apologies to the authors whose names I am now intentionally misspelling.
Maybe in another 10 years, we can guarantee that all terminals and
machine parsers are okay with unicode suddenly popping up in strings.

Also adds a check in msftidy for stray unicode.
 2012-01-10 14:54:55 -06:00
David Maloney ed0dbad243 Fix to MSSQL Ping that returns ALL known isntances onstead of jsut the first one. 
Fixes #6066
 2012-01-10 12:32:47 -08:00
sinn3r b76767669c Update Nenad's author name and e-mail 2012-01-09 20:14:47 -06:00
Tod Beardsley eeb3a442de whitespace correctly smtp_version.rb 2012-01-09 14:11:10 -06:00
Tod Beardsley 15990efd85 Removing useless (?) begin/rescue from smtp_version 
Let the scanner mixin handle the exceptions.
 2012-01-09 14:11:10 -06:00
David Maloney e12d5588c6 Set data on webdav scanner notes to include webdav path. 
'Enabled' in the data field was useless since the note existing
already tells you webdav is enabled.
The path that webdav was running on wasn't kept anywhere though.
 2012-01-09 08:33:45 -08:00
Tod Beardsley a1668f2b23 Adds SSHKey gem and some other ssh goodies 
Pubkeys are now stored as loot, and the Cred model has new and exciting
ways to discover which pubkeys match which privkeys.

Squashed commit of the following:

commit 036d2eb61500da7e161f50d348a44fbf615f6e17
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 22:23:32 2012 -0600

    Updates ssh credentials to easily find common keys

    Instead of making the modules do all the work of cross-checking keys,
    this introduces a few new methods to the Cred model to make this more
    universal.

    Also includes the long-overdue workspace() method for credentials.

    So far, nothing actually implements it, but it's nice that it's there
    now.

commit c28430a721fc6272e48329bed902dd5853b4a75a
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 20:10:40 2012 -0600

    Adding back cross-checking for privkeys.

    Needs to test to see if anything depends on order, but should
    be okay to mark up the privkey proof with this as well.

commit dd3563995d4d3c015173e730eebacf471c671b4f
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 16:49:56 2012 -0600

    Add SSHKey gem, convert PEM pubkeys to SSH pubkeys

commit 11fc363ebda7bda2c3ad6d940299bf4cbafac6fd
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 13:51:55 2012 -0600

    Store pubkeys as loot for reuse.

    Yanked cross checking for now, will drop back in before pushing.

commit aad12b31a897db2952999f7be0161df1f59b6000
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 02:10:12 2012 -0600

    Fixes up a couple typos in ssh_identify_pubkeys

commit 48937728a92b9ae52d0b93cdcd20bb83f15f8803
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sat Jan 7 17:18:33 2012 -0600

    Updates to ssh_identify_pubkeys and friends

    Switches reporting to cred-based rather than note-based, accurately deal
    with DSA keys, adds disable_agent option to other ssh modules, and
    reports successful ssh_login attempts pubkey fingerprints as well.

    This last thing Leads to some double accounting of creds, so I'm not
    super-thrilled, but it sure makes searching for ssh_pubkey types a lot
    easier.... maybe a better solution is to just have a special method for
    the cred model, though.
 2012-01-08 22:28:37 -06:00
HD Moore b12baccc49 Quick update, added a research option 2012-01-07 01:13:23 -06:00
sinn3r 6d401b48d1 Fix typo 2012-01-07 00:02:51 -06:00
sinn3r b7e29191f5 Add Drupal 'Views' module username enumeration (Feature #6194) 2012-01-06 23:51:32 -06:00
David Maloney 40a1d8bcc8 Fixed issue with a missing nil check in ftp_login 2012-01-06 20:51:58 -08:00
David Maloney 8e017fd4db Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-01-06 20:30:25 -08:00
David Maloney bf425a6744 Fixed bug that prevented telnet sessions from opening with good creds 2012-01-06 16:59:08 -08:00
sinn3r 6ceb2f04a3 Add CVE-2011-2474 Sybase EAServer directory traversal vulnerability 2012-01-06 14:24:49 -06:00
HD Moore 7b26e33e19 Initial version 2012-01-06 00:53:50 -06:00
David Maloney ba86e8a04f Added PROPFIND support to http_login 
This allows http_login to test against WebDAV.
Also added XAMPP default usernames and passwords to default wordlists
 2012-01-05 12:10:53 -08:00
sinn3r b202c29153 Correct e-mail format 2011-12-29 11:27:10 -06:00
David Maloney 9e1e87508f Fix to boundary validation for when no db is present 
Fixes #6171
 2011-12-28 08:47:22 -08:00
HD Moore 2ad5c56d48 Typo in comment 2011-12-27 19:11:09 -06:00
HD Moore 617f3250cf Handle patched systems accurately (requires actually triggering the bug) 2011-12-27 19:04:34 -06:00
HD Moore f8e3119215 Add references 2011-12-27 17:50:06 -06:00
David Maloney 9b995bc0a5 Adds boundary validation to the framework 
enforces boudnary checking on netbios probes
 2011-12-27 11:33:52 -08:00
sinn3r ce6b1d6b8c Improve: 
- Use 'Actions' to configure which OWA version to try
- Fix a bug where the USER_AS_PASS option might overwrite PASSWORD (and not restoring it) even though a password is already set.
- Increase timeout to 25
- Update description
 2011-12-22 16:26:02 -06:00
Tod Beardsley 2f55f08ebe Actually describe the module in the title/description 2011-12-22 11:10:24 -06:00
sinn3r d439390aa2 Fix typo 2011-12-20 12:19:34 -06:00
sinn3r c2d59f0307 Fix issue #6133 2011-12-20 11:32:33 -06:00
sinn3r 0200b6367a Add OKI Scanner (Feature #6125) 2011-12-20 03:09:09 -06:00
HD Moore 4736cb1cbe Merge pull request #48 from swtornio/master 
add osvdb ref
 2011-12-11 20:37:43 -08:00
HD Moore a9db05e53b Fix regular expression 2011-12-10 13:24:58 -06:00
Steve Tornio 25685c4c74 add osvdb ref 2011-12-10 08:07:21 -06:00
Tod Beardsley e52436e7ad Drop the incorrect Id keyword from h323_version 2011-12-09 14:29:55 -06:00
sinn3r d6d9ac17d2 use store_loot() instead of store_local() 2011-12-08 11:10:31 -06:00
sinn3r c366e652b9 Revert "Using store_local() to store stuff for dir traversal bugs feels much better than store_loot()" 
This reverts commit d37daa4934.
 2011-12-08 10:11:09 -06:00
sinn3r d37daa4934 Using store_local() to store stuff for dir traversal bugs feels much better than store_loot() 2011-12-07 19:08:24 -06:00
sinn3r aa5c0c46b6 Fix indent level 2011-12-07 18:44:49 -06:00
sinn3r feab7f5077 Add CVE-2011-4350 2011-12-07 18:42:52 -06:00
sinn3r b7ccbcd6b5 Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-12-07 12:23:23 -06:00
sinn3r 84682b3615 Apply patch #6072 2011-12-07 12:22:58 -06:00
HD Moore b8767d5f57 Fix typo on 1.8.7 2011-12-07 10:45:23 -06:00
Tod Beardsley 84af4647db Merge branch 'issue_1083_oracle' 2011-12-05 17:39:46 -06:00
Tod Beardsley 4da2c32734 Minor update to xdb_side_brute, see #1083 
Adds a typo fix and adds an explicit VERBOSE option.
 2011-12-05 15:11:09 -06:00
HD Moore 97087d88fa Mark portscan modules as v6 incompatible 2011-12-05 13:07:36 -06:00
HD Moore cf28713f9a Mark specific modules as incompatible due to use of quad-dot code 2011-12-05 13:07:36 -06:00
sinn3r 3cd2caca1a Fix #6052 2011-12-04 13:49:13 -06:00
Steve Tornio f63a616739 add osvdb ref 2011-12-04 07:48:48 -06:00
sinn3r 2720572a37 Add IPSwitch Whatsup Gold TFTP directory traversal module 2011-12-03 18:46:34 -06:00
HD Moore dbe7e6aecf Remove a leftover debugging statement 2011-12-02 00:06:04 -06:00
HD Moore 9f99cfc757 Convert the h323 module to MSF_LICENSE (backport from Pro) 2011-12-01 16:01:01 -06:00
HD Moore 3e5e9a910e Add h323 scanner 2011-12-01 16:01:01 -06:00
David Maloney 40ab37fa10 Merge branch 'iss5979' 2011-11-30 12:16:33 -08:00
sinn3r 897731f3a5 Check creds (feature #6025). Also bringing the 'Inbox' regex back 2011-11-29 11:01:39 -06:00
Rob Fuller c411c216c0 Solved most of msftidy issues with the /modules directory 2011-11-28 17:10:29 -06:00
sinn3r 3a84c31326 Using a better regex for a successful login. Thanks Borys. 2011-11-28 14:29:42 -06:00
sinn3r bc541c118d Apply patch #6020 2011-11-28 14:16:24 -06:00
sinn3r 5165865560 Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-28 14:07:19 -06:00
sinn3r 59ab0c3a18 Fix bug #6021, Thanks Borys 2011-11-28 14:06:56 -06:00
Tod Beardsley 44a47f9913 Fixing up OWA bruteforce module to conform with the usual print_status 
messages.
 2011-11-28 13:31:54 -06:00
sinn3r a578db7f56 Apply fix for #6019 2011-11-28 01:12:18 -06:00
sinn3r ebfe269698 Apply patch for #5824 2011-11-26 16:52:12 -06:00
sinn3r 5e08c93ac9 Apply patch #5580 2011-11-26 15:32:43 -06:00
David Maloney c61d02686a HTTP login scanners need to set duplicate_ok to true 
or different web applications on the same server
may wipe eachother's creds out.
 2011-11-22 13:04:10 -08:00
David Maloney 9d7f7b1f0e Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-22 11:53:14 -08:00
David Maloney 9e40fac8b1 Added a check to the Axis login scanner to ensure 
that the supplied url is valid.
Need this because we don't currently have a way to fingerprint
for Axis2 so we are relying on Tomcat fingerpinting.
 2011-11-22 11:52:06 -08:00
sinn3r 25f4b45bd1 Apply patch #6004 2011-11-22 13:07:46 -06:00
David Maloney f81567fb6f Fix to typo in the tables being pushed. 2011-11-21 15:49:57 -08:00
James Lee 67120d4263 msftidy on aux modules, see #5749 2011-11-20 13:12:07 +11:00
David Maloney ff22246119 Attempt to fix #5979 2011-11-18 12:53:35 -08:00
David Maloney c8142043e9 Fixes to credential handling to downcase usernames whenever they are not case sensitive. 
Also report_auth_info now checks to see if a non-case sensitive version of the cred
may already exist.
 2011-11-14 22:50:52 -08:00
Tod Beardsley 96d2209ca2 Minor fixups for trace report_note patch 2011-11-14 10:40:11 -06:00
andurin 5d5c9464cc Do some report_note while TRACE detection 2011-11-14 12:10:53 +01:00
Andurin 71599f5ef9 Fix sqlmap aux to work with actual sqlmap.py 
Commit relates to IssueID #5807
 2011-11-13 09:18:33 +01:00
sinn3r e4ebb890d8 Apply patch for bug #5963 2011-11-12 13:17:26 -06:00
sinn3r 62fdbd549c no need to register VERBOSE, because it's already a standard option in all modules. Thanks egyp7 for the reminder. 2011-11-11 15:37:47 -06:00
sinn3r 2d940e2c91 Apply patch #5952 2011-11-11 14:58:17 -06:00
sinn3r 35f84f5e42 yo, ruby 1.8 fix 2011-11-11 11:38:28 -06:00
sinn3r e972234629 yo, owa bruteforce utility in the house (Feature #4725) 2011-11-11 11:23:35 -06:00
David Maloney c984ea41d1 Quick fix to cred sourcing to eliminate spaces in the source type 2011-11-10 20:39:13 -08:00
Wei Chen 9ff5eabb4b Fix #4915 
git-svn-id: file:///home/svn/framework3/trunk@14201 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-09 08:51:47 +00:00
David Maloney a88f954640 More Cred Sourcing 
git-svn-id: file:///home/svn/framework3/trunk@14197 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-09 01:49:57 +00:00
David Maloney aa4f6c1cae More cred sourcing fixes 
git-svn-id: file:///home/svn/framework3/trunk@14193 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-08 18:45:47 +00:00
David Maloney cdbe7bc587 Multiple fixes to cred reporting on this module 
git-svn-id: file:///home/svn/framework3/trunk@14192 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-08 17:25:39 +00:00
Wei Chen 16fc275853 whitespace cleanup 
git-svn-id: file:///home/svn/framework3/trunk@14191 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-08 16:09:31 +00:00
Patrick Webster 77a3edbb4f Added squiz_matrix_user_enum aux module. 
git-svn-id: file:///home/svn/framework3/trunk@14185 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-08 03:14:39 +00:00
Wei Chen ad94bae78f Fix bug #5923 
git-svn-id: file:///home/svn/framework3/trunk@14182 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-07 17:52:02 +00:00
Wei Chen 12378b45d6 Fix #5502 
git-svn-id: file:///home/svn/framework3/trunk@14180 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-07 07:44:02 +00:00
HD Moore f6cc9eade7 Replace my crufty old ASN.1 parser with OpenSSL::ASN1 
git-svn-id: file:///home/svn/framework3/trunk@14165 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-05 05:12:28 +00:00
David Maloney 585a7cc4a2 Adding the HTTP Trace scanner from CG 
Fixes #3390


git-svn-id: file:///home/svn/framework3/trunk@14150 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-03 20:09:11 +00:00
Wei Chen ae9e8b7821 Syntax fix for ruby 1.8 
git-svn-id: file:///home/svn/framework3/trunk@14139 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-01 21:48:24 +00:00
Wei Chen d5cee2dedf Apply patch #5411 to allow user-specified path 
git-svn-id: file:///home/svn/framework3/trunk@14137 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-01 17:57:11 +00:00
Wei Chen 8750c3aac5 Add feature #4849 (Redis module) 
git-svn-id: file:///home/svn/framework3/trunk@14133 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-31 21:47:15 +00:00
Mario Ceballos d55dc551b6 syntax issue 
git-svn-id: file:///home/svn/framework3/trunk@14131 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-31 20:22:02 +00:00
Wei Chen e14668ece9 Add ColdFusion version scanner - feature #4079 
git-svn-id: file:///home/svn/framework3/trunk@14127 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-31 18:18:11 +00:00
Wei Chen fb56e23197 Apply fix for bug #5516 to correct a possible false positive on Apache Tomcat 
(yup, tomcats are tricky like that)


git-svn-id: file:///home/svn/framework3/trunk@14124 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-31 16:39:03 +00:00
HD Moore 55e6672e6b Revert a well-intentioned but design-violating change 
git-svn-id: file:///home/svn/framework3/trunk@14116 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-29 18:40:49 +00:00
Tod Beardsley 467df77a50 Fixes #5170. Enforces a max width, avoids negative widths. Thanks Oliver! 
Related to r13769



git-svn-id: file:///home/svn/framework3/trunk@14093 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-27 22:07:41 +00:00
Wei Chen 63a926a6ee Do a report_host() on OS default name. Request #5865 
git-svn-id: file:///home/svn/framework3/trunk@14090 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-27 04:50:01 +00:00
Wei Chen dd72e1ce9d Longer timeout. #5851 
git-svn-id: file:///home/svn/framework3/trunk@14074 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-26 19:35:03 +00:00
Wei Chen ab4f9d65c7 Add PATH option. Feature #5412 
git-svn-id: file:///home/svn/framework3/trunk@14067 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-25 18:32:02 +00:00
Joshua Drake 62c8c6ea9f big msftidy pass, ping me if there are issues 
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-23 11:56:13 +00:00
Wei Chen 14cf0deb29 Add feature #5398 
git-svn-id: file:///home/svn/framework3/trunk@14032 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-22 22:20:55 +00:00
Wei Chen 1e7c197d8e git-svn-id: file:///home/svn/framework3/trunk@14029 4d416f70-5f16-0410-b530-b9f4589650da 2011-10-22 21:32:36 +00:00
Wei Chen a62a236ad0 Add feature #5541 
git-svn-id: file:///home/svn/framework3/trunk@14027 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-22 20:03:25 +00:00
Wei Chen 2a3f430c8e SAP ICM URLscan module (Feature #5620) by Chris 
git-svn-id: file:///home/svn/framework3/trunk@14026 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-22 08:41:54 +00:00
Wei Chen 389be65dff Attempt number 2 to fix #5579 
git-svn-id: file:///home/svn/framework3/trunk@14014 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-20 16:29:15 +00:00
Wei Chen dd2623dba9 For bug #5579 
git-svn-id: file:///home/svn/framework3/trunk@14012 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-20 01:07:08 +00:00
Steve Tornio 1f698e09c9 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@14004 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-19 11:19:59 +00:00
Wei Chen 0a661ec227 Add CVE-2011-3305 (#5673) 
git-svn-id: file:///home/svn/framework3/trunk@13985 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-18 04:40:21 +00:00
Wei Chen 975cc52bac Fix spelling errors 
git-svn-id: file:///home/svn/framework3/trunk@13983 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-18 00:54:05 +00:00
Tod Beardsley 30ac88694f More msftidy fixes. Now I'm going to get a little more surgical to get this to move faster. 
git-svn-id: file:///home/svn/framework3/trunk@13963 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 02:58:53 +00:00
Tod Beardsley e9461c766e Msftidy run against a bunch of whitespace violations, a few line too longs. 
git-svn-id: file:///home/svn/framework3/trunk@13962 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 02:42:01 +00:00
Tod Beardsley ea2c9d1a46 Adding missing Id and Rev SVN keywords. 
git-svn-id: file:///home/svn/framework3/trunk@13961 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 01:27:28 +00:00
HD Moore cf8524b1b4 Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types 
git-svn-id: file:///home/svn/framework3/trunk@13949 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-16 09:53:53 +00:00
Carlos Perez 7ae1bbbb3f typo 
git-svn-id: file:///home/svn/framework3/trunk@13904 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-13 01:49:36 +00:00
Carlos Perez a0c34d1c73 Sets a session platform when using ssh_login 
git-svn-id: file:///home/svn/framework3/trunk@13903 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-13 01:48:42 +00:00
HD Moore cce4aafd9b Tweak the snmp_login code to actually only poll response packets every 10 sent and break out of infinite loop in the case of a target going crazy and continuously replying 
git-svn-id: file:///home/svn/framework3/trunk@13891 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-12 20:14:58 +00:00
Chao Mu 53b807abee Adding the "this file is part of" comment to the top of the module and proper comment formatting 
git-svn-id: file:///home/svn/framework3/trunk@13886 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-12 00:36:55 +00:00
Chao Mu df56110dd9 Fixing $Id so that it is prefaced by a comment. 
git-svn-id: file:///home/svn/framework3/trunk@13885 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-12 00:32:14 +00:00
Chao Mu 667c00161d Remembering to Propset and include $Id: $ this time. Also, switching from BSD_LICENSE to MSF_LICENSE. 
git-svn-id: file:///home/svn/framework3/trunk@13884 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-12 00:30:25 +00:00
HD Moore 558894e100 Test cases don't live in the module directory 
git-svn-id: file:///home/svn/framework3/trunk@13871 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-11 15:51:22 +00:00
Chao Mu 9414747945 jruby was barfing on super(a, b, c,), so I changed the syntax and wrote a very simple unit test for rewrite_proxy_bypass. 
git-svn-id: file:///home/svn/framework3/trunk@13870 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-11 13:52:39 +00:00
Chao Mu dcb6de2b58 Fixes #5667 this module scans for reverse proxy servers that exhibit a misconfiguration like the one detailed in www.contextis.com/research/blog/reverseproxybypass/. By default it requests a URI of @... and checks for a 502 
git-svn-id: file:///home/svn/framework3/trunk@13864 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-10 22:34:50 +00:00
Tod Beardsley 568bde7aa4 Fixes #5404 
See #5350
See #5246
See #5241
See #5173

Adds password hash dumping as loot for Postgres, MSSQL, MySQL, and several Oracle flavors of RDBMS. Thanks TheLightCosine!



git-svn-id: file:///home/svn/framework3/trunk@13854 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-10 17:05:01 +00:00
Wei Chen 612cdc8c73 No need to check if version is 'unknown' if nothing else (other than default) is assigned to it 
git-svn-id: file:///home/svn/framework3/trunk@13799 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-27 19:12:31 +00:00
Wei Chen 8d1763484d Fix metadata format 
git-svn-id: file:///home/svn/framework3/trunk@13792 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-26 03:21:37 +00:00
Wei Chen 5d4b562e62 Add GlassFish BruteForce auxiliary module by Josh (See #5515) 
git-svn-id: file:///home/svn/framework3/trunk@13790 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-25 19:24:53 +00:00
Tod Beardsley d437c99919 Fixing what looks like a versioning mismatch for the XMAS scan (readreply vs probereply methods). 
git-svn-id: file:///home/svn/framework3/trunk@13786 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-24 13:39:42 +00:00
James Lee 2cb5dbdb10 fix a silly output bug, thanks mezzendo for noticing 
git-svn-id: file:///home/svn/framework3/trunk@13785 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-23 22:28:11 +00:00
James Lee cdead3da54 whitespace cleanup and fix some ArgumentErrors when a field is wide, fixes #5518, thanks Joshua Taylor 
git-svn-id: file:///home/svn/framework3/trunk@13783 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-23 17:51:11 +00:00
amaloteaux 2d0d48a820 remove an Argument Error, Negative Number bug faced at Brucon 
git-svn-id: file:///home/svn/framework3/trunk@13769 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-21 14:52:52 +00:00
James Lee 7163710bcf fix a typo and some whitespace, fixes #5480. Thanks Kurt! 
git-svn-id: file:///home/svn/framework3/trunk@13764 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-20 17:17:20 +00:00
Wei Chen f9d74b0701 Printing res code for DELETE should be optional. It's not like we can always trust it anyway. 
git-svn-id: file:///home/svn/framework3/trunk@13763 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-20 00:41:42 +00:00
Joshua Drake 7c74954461 remove silly comma 
git-svn-id: file:///home/svn/framework3/trunk@13762 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-19 23:06:35 +00:00
Wei Chen 7f80ba939a Apparently I can't speaks engrish 
git-svn-id: file:///home/svn/framework3/trunk@13760 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-19 21:18:48 +00:00
Wei Chen ec530955ce Checking response codes is a terrible way for HTTP modules. #5470. 
git-svn-id: file:///home/svn/framework3/trunk@13759 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-19 20:36:09 +00:00
Jonathan Cran a1675bfbc6 replaced by http_put 
git-svn-id: file:///home/svn/framework3/trunk@13758 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-19 20:14:26 +00:00
Jonathan Cran 8b1fd95f66 Add a module to check HTTP PUT / DELETE file access. Thanks CG! Resolves 5089. 
git-svn-id: file:///home/svn/framework3/trunk@13755 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-19 01:18:23 +00:00
et 3dffd09875 Generic HTML data scraper 
git-svn-id: file:///home/svn/framework3/trunk@13736 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-16 02:36:32 +00:00
HD Moore 85eb581c16 Quick fix to match service changes 
git-svn-id: file:///home/svn/framework3/trunk@13726 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-13 06:48:07 +00:00
Joshua Drake f8eb9e5dd4 extraneous space typo 
git-svn-id: file:///home/svn/framework3/trunk@13722 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-12 19:21:21 +00:00
Matt Weeks acae5dcdc8 Killing puts. 
Die, puts, die!!



git-svn-id: file:///home/svn/framework3/trunk@13715 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-11 02:42:39 +00:00