David Maloney
4ad7021336
give user option to turn on KoreLogic rules
...
the cracker modules in framework now have a datastore option
to allow the user to select the KoreLogicRules
2015-01-07 12:32:26 -06:00
David Maloney
5480cb81f5
add updated KoreLogic rules to john.conf
...
updated our shipped john.conf to include a
more up to date version of the KoreLogic JtR rules.
They add overhead to the cracking time but are
probably some of the best/most effective JtR
rules out there.
2015-01-07 12:25:04 -06:00
sinn3r
ef97d15158
Fix msftidy and make sure all print_*s in check() are vprint_*s
2015-01-07 12:12:25 -06:00
David Maloney
5d68d48ca5
Land #4385 , fixes bruteforce_speed validator
...
bruteforce_speed validator now accepts nil
2015-01-07 12:09:25 -06:00
David Maloney
702511dbc5
respect DB_ALL_USERS & DB_ALL_PASS
...
fix last few things in authbrute
and make the CredentialCollections understand the
additional seperate components
MSP-11986
2015-01-07 11:41:41 -06:00
David Maloney
7ff2ba0725
first pass on fixing DB_ALL authbrute stuff
...
DB_ALL_CREDS worked but DB_ALL_USER and DB_ALL_PASS
did not. working on fixing that.
This commit also does some nice DRY work in the auth_brute mixin
MSP-11986
2015-01-07 11:30:39 -06:00
rastating
a5f48b23df
Add use of Msf::ThreadManager
2015-01-07 17:27:06 +00:00
Meatballs
aef8c702d7
Filter creds by type
2015-01-07 17:19:31 +00:00
James Lee
3e80efb5a8
Land #4521 , Pandora FMS upload
2015-01-07 11:13:57 -06:00
James Lee
1ccef7dc3c
Shorter timeout so we get shell sooner
...
The request to execute our payload will never return, so waiting for the
default timeout (20 seconds) is pointless.
2015-01-07 11:11:33 -06:00
rastating
e90e98547b
Add configurable timeout to WordPress login
2015-01-07 17:06:31 +00:00
sinn3r
4c240e8959
Fix #4098 - False negative check for script_mvel_rce
...
Fix #4098 , thanks @arnaudsoullie
2015-01-07 10:40:58 -06:00
sinn3r
c60b6969bc
Oh so that's it
2015-01-07 10:39:46 -06:00
James Lee
efe83a4f31
Whitespace
2015-01-07 10:19:17 -06:00
Trevor Rosen
3ba3465afb
Ensure logging in ~/.msf4/log
...
Fix #4511
2015-01-07 09:37:07 -06:00
m7x
89699d1549
Typo workspace_id
2015-01-07 10:58:59 +00:00
Christian Mehlmauer
09bd0465cf
fix regex
2015-01-07 11:54:55 +01:00
rcnunez
b3def856fd
Applied changes recommended by jlee-r7
...
used Rex::ConnectionError
refactor begin/rescue blocks
removed ::URI::InvalidURIError
changed @peer with peer
used Exploit::CheckCode:Appears instead of Exploit::CheckCode::Vulnerable
2015-01-07 18:38:19 +08:00
Christian Mehlmauer
eaad4e0bea
fix check method
2015-01-07 11:01:08 +01:00
dmooray
8c23e8c2e8
ruby 2.2 compatibility
...
Fix circular argument reference warnings for ruby 2.2
2015-01-07 12:00:50 +02:00
dmooray
478505c17a
ruby 2.2 compatibility
...
https://bugs.ruby-lang.org/issues/10314
2015-01-07 11:41:34 +02:00
Christian Mehlmauer
862af074e9
fix bug
2015-01-07 09:10:50 +01:00
Christian Mehlmauer
d007b72ab3
favor include? over =~
2015-01-07 07:33:16 +01:00
Christian Mehlmauer
4277c20a83
use include?
2015-01-07 06:51:28 +01:00
Christian Mehlmauer
39e33739ea
support for anonymous login
2015-01-07 00:08:04 +01:00
Christian Mehlmauer
bf0bdd00df
added some links, use the res variable
2015-01-06 23:25:11 +01:00
William Vu
fee49b0b85
Land #4531 , Msf::Exploit::PDF method name fix
2015-01-06 14:26:58 -06:00
David Maloney
a626c45813
update gemspec for newest credential
...
we need the latest metasploit-credential to migrate
over any old style creds still lingering around in the
database.
MSP-11919
2015-01-06 14:25:55 -06:00
sinn3r
609c490b3c
I missed nobfu
2015-01-06 12:49:39 -06:00
sinn3r
2ed05869b8
Make Msf::Exploit::PDF follow the Ruby method naming convention
...
Just changing method names.
It will actually also fix #4520
2015-01-06 12:42:06 -06:00
Christian Mehlmauer
f9f2bc07ac
some improvements to the mantis module
2015-01-06 11:33:45 +01:00
William Vu
0bece137c1
Land #4494 , Object.class.to_s fix
2015-01-06 02:27:35 -06:00
William Vu
f2710f6ba7
Land #4443 , BulletProof FTP client exploit
2015-01-06 02:10:42 -06:00
William Vu
482cfb8d59
Clean up some stuff
2015-01-06 02:10:25 -06:00
William Vu
46aa165ca5
Land #4481 , enum_users_history improvements
2015-01-06 01:52:38 -06:00
William Vu
745bfb2f35
Clean things up
2015-01-06 01:48:18 -06:00
Meatballs
42b6c5425f
Update tests
2015-01-05 22:25:14 +00:00
Meatballs
dd5c638ab0
Merge remote-tracking branch 'upstream/master' into extapi_service_post
2015-01-05 22:18:44 +00:00
David Maloney
fc91244252
insert deprecation error message
...
report_auth_info will now issue an error message
stating that the method is deprecated along with the module name
that called it
MSP-11919
2015-01-05 14:02:16 -06:00
David Maloney
db8f260557
add some YARD docs to report_auth_info
...
add yard docs for the modified report_auth_info
MSP-11919
2015-01-05 13:58:25 -06:00
David Maloney
71d600e829
make report_auth_info create new creds and logins
...
report_auth_info coerces old data into the new credential
types as best as it is able
MSP-11919
2015-01-05 13:41:30 -06:00
Brent Cook
a69609fe04
Land #4523 : wchen-r7's #inspect->to_s conversions
...
Keep custom object display behavior the same between Ruby 1.9 and 2.1.
2015-01-05 13:26:08 -06:00
Brent Cook
e73ff61f42
Land #4512 , OJ's removal of superfluous path expansion
2015-01-05 13:14:59 -06:00
sinn3r
44dfa746eb
Resolve #4513 - Change #inspect to #to_s
...
Resolve #4513
2015-01-05 11:50:51 -06:00
sinn3r
4257fef91b
Land #4101 - Konica MFP FTP and SMB credential gathering module
2015-01-05 10:31:28 -06:00
rcnunez
547b7f2752
Syntax and File Upload BugFix
...
Fix unexpected ) in line 118
Fix file cleanup missing _
Fix more robust version check script
Fix file upload
2015-01-05 19:23:22 +08:00
William Vu
1f4d62aff3
Land #4514 , invalid splat URL fix
2015-01-05 03:44:40 -06:00
jvazquez-r7
e7affb9048
Land #4493 , @pedrib's module for ManageEngine Central Desktop create admin
2015-01-04 23:46:31 -06:00
jvazquez-r7
c5e72fb324
Change module filename
2015-01-04 23:14:12 -06:00
jvazquez-r7
4798f2328d
Change module filename
2015-01-04 23:13:17 -06:00