Commit Graph

821 Commits (8ce10ac5916efa3f1bcd1a983ed1ad275ccefa3a)

Author SHA1 Message Date
Gabor Seljan bda464fd6b Increase output 2017-01-21 10:51:58 +01:00
Gabor Seljan e3043b0889 Use random string as egg 2017-01-21 10:28:47 +01:00
Gabor Seljan c47f087c83 Fix check code 2017-01-21 09:39:09 +01:00
Gabor Seljan 905213cc41 Add module for DiskSavvy Enterprise (EDB-40854) 2017-01-19 20:34:00 +01:00
Gabor Seljan 483865b815 Fix reference 2017-01-11 23:28:23 +01:00
Gabor Seljan 24014d8465 Minor code formatting 2017-01-10 22:59:42 +01:00
Gabor Seljan 9162374ae3 Add automatic targeting 2017-01-08 11:23:18 +01:00
Gabor Seljan d2472712f3 Add module for DiskBoss Enterprise (EDB-40869) 2017-01-07 19:44:38 +01:00
Brent Cook f313389be4 Merge remote-tracking branch 'upstream/master' into land-7507-uuid-arch 2016-11-20 19:08:56 -06:00
Chris Higgins 4e9802786c Removed spaces causing build to fail 2016-11-13 21:46:24 -06:00
OJ 57eabda5dc
Merge upstream/master 2016-10-29 13:54:31 +10:00
Chris Higgins c153686465 Added Disk Pulse Enterprise Login Buffer Overflow 2016-10-27 21:49:17 -05:00
OJ 1d617ae389
Implement first pass of architecture/platform refactor 2016-10-28 07:16:05 +10:00
Brent Cook ed35bf5011 remove unneeded badchars from payload specification 2016-10-26 04:47:33 -05:00
David Maloney 6b77f509ba
fixes bad file refs for cmdstagers
when moving to the rex-exploitation gem some of the
file references were missed, partially due to silly differences
between how each file was referenced

Fixes #7466
2016-10-21 12:31:18 -05:00
Pearce Barry 226ded8d7e
Land #6921, Support basic and form auth at the same time 2016-08-25 16:31:26 -05:00
James Lee d46c3a1d8c
Collector looks like hex, store it as a string 2016-07-29 21:57:51 -05:00
Brent Cook b08d1ad8d8
Revert "Land #6812, remove broken OSVDB references"
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
2016-07-15 12:00:31 -05:00
Brent Cook 2b016e0216
Land #6812, remove broken OSVDB references 2016-07-11 22:59:11 -05:00
wchen-r7 14adcce8bf Missed the HTTPUSERNAME fix 2016-05-27 18:37:04 -05:00
wchen-r7 61f9cc360b Correct casing - should be HttpUsername and HttpPassword 2016-05-27 18:31:54 -05:00
wchen-r7 4dcddb2399 Fix #4885, Support basic and form auth at the same time
When a module uses the HttpClient mixin but registers the USERNAME
and PASSWORD datastore options in order to perform a form auth,
it ruins the ability to also perform a basic auth (sometimes it's
possible to see both). To avoid option naming conflicts, basic auth
options are now HTTPUSERNAME and HTTPPASSWORD.

Fix #4885
2016-05-27 16:25:42 -05:00
wchen-r7 99a573a013 Do unless instead "if !" to follow the Ruby guideline 2016-05-19 19:21:45 -05:00
Vex Woo b5284375a7 osb_uname_jlist - NoMethodError undefined method 'empty?' for nil:NilClass 2016-05-18 00:16:53 -05:00
Vex Woo 11fedd7353 ca_totaldefense_regeneratereports - NoMethodError undefined method 'empty?' for nil:NilClass 2016-05-18 00:15:28 -05:00
wchen-r7 816bc91e45 Resolve #6807, remove all OSVDB references.
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.

Resolve #6807
2016-04-23 12:32:34 -05:00
Brent Cook 57cb8e49a2 remove overwritten keys from hashes 2016-04-20 07:43:57 -04:00
wchen-r7 f3336c7003 Update windows/http/easyfilesharing_seh 2016-03-31 19:24:06 -05:00
wchen-r7 dd83757966
Bring #6488 up to date with upstream-master 2016-03-31 19:11:11 -05:00
l0gan e29fc5987f Add missing stream.raw for hp_sitescope_dns_tool
This adds the missing stream.raw.
2016-03-15 11:06:06 -05:00
Christian Mehlmauer 3123175ac7
use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook f703fa21d6 Revert "change Metasploit3 class names"
This reverts commit 666ae14259.
2016-03-07 13:19:55 -06:00
Brent Cook 44990e9721 Revert "change Metasploit4 class names"
This reverts commit 3da9535e22.
2016-03-07 13:19:48 -06:00
Christian Mehlmauer 3da9535e22
change Metasploit4 class names 2016-03-07 09:57:22 +01:00
Christian Mehlmauer 666ae14259
change Metasploit3 class names 2016-03-07 09:56:58 +01:00
wchen-r7 7731fbf48f
Land #6530, NETGEAR ProSafe Network Management System 300 File Upload 2016-02-26 10:39:09 -06:00
Pedro Ribeiro 044b12d3a4 Made style changes requested by OJ and others 2016-02-23 15:14:04 +07:00
Starwarsfan2099 ffce1cc321 Update easyfilesharing_seh.rb 2016-02-15 22:43:28 -05:00
Brent Cook 3d1861b3f4 Land #6526, integrate {peer} string into logging by default 2016-02-15 15:19:26 -06:00
wchen-r7 8a3bc83c4d Resolve #6553, remove unnecessary content-length header
Rex will always generate a content-length header, so the module
doesn't have to do this anymore.

Resolve #6553
2016-02-09 21:25:56 -06:00
Pedro Ribeiro 1f4324f686 Create file for CERT VU 777024 2016-02-04 07:54:16 +08:00
James Lee 12256a6423
Remove now-redundant peer
These all include either Msf::Exploit::Remote:Tcp or Msf::Exploit::Remote:HttpClient
2016-02-01 15:12:03 -06:00
Starwarsfan2099 45c88d3189 Create easyfilesharing_seh.rb 2016-01-22 13:04:03 -05:00
Jon Hart 283cf5b869
Update msftidy to catch more potential URL vs PACKETSTORM warnings
Fix the affected modules
2015-12-24 09:12:24 -08:00
Tod Beardsley b25aae3602
Add refs to module
See rapid7#6344.
2015-12-14 12:05:46 -06:00
wchen-r7 5ffc80dc20 Add ManageEngine ConnectionId Arbitrary File Upload Vulnerability 2015-12-14 10:51:59 -06:00
jvazquez-r7 0f24ca7d13
Land #6280, @wchen-r7's module for Oracle Beehive processEvaluation Vulnerability 2015-12-01 21:38:09 -06:00
wchen-r7 ea363dd495 priv to true 2015-12-01 10:23:36 -06:00
wchen-r7 2621753417 priv to true 2015-12-01 10:21:56 -06:00
wchen-r7 d5d4a4acdc Register the correct jsp to cleanup 2015-12-01 10:21:15 -06:00