Commit Graph

1998 Commits (8f5759ac137f09d495162646b3e4f95fd5c9b331)

Author SHA1 Message Date
sinn3r 13f16daca7 Actually, that date is way off. Corrected. 2012-03-19 12:58:52 -05:00
sinn3r d8be328b89 Ported Daniel/Alex/jduck's MS12-020 PoC as a Metasploit module 2012-03-19 12:53:34 -05:00
sinn3r aeb691bbee Massive whitespace cleanup 2012-03-18 00:07:27 -05:00
sinn3r 7c77fe20cc Some variables don't need to be in a double-quote. 2012-03-17 20:37:42 -05:00
Gregory Man ba6928cbf1 sockso_traversal 1.8 compatibility fix 2012-03-16 18:12:09 +02:00
David Maloney 6011da7db8 More Virtualisation SSL fixes 2012-03-15 19:06:48 -05:00
David Maloney e4778c2ba4 Default SSL to true for esx_fingerprint module 2012-03-15 18:15:29 -05:00
sinn3r 46dbaf8283 Fix typos and output 2012-03-15 16:10:05 -05:00
sinn3r 81b3eaa482 Fix typo 2012-03-15 15:56:24 -05:00
sinn3r db4538389c Add sockso dir traversal 2012-03-15 15:55:54 -05:00
James Lee 74e40763d6 Fix syntax error in 1.8, thanks Jun Koi for the patch 2012-03-15 14:32:16 -06:00
sinn3r d5f83be2d0 Cosmetic changes 2012-03-15 11:21:41 -05:00
Gregory Man 9928b102b5 Added rails_mass_assignment module. 2012-03-15 16:56:38 +02:00
sinn3r 65bde7ec99 Add OSVDB-79863 NetDecision Directory Traversal 2012-03-14 16:50:54 -05:00
Tod Beardsley 81248f35c4 Changing H.323 constant for H323_STATUS_FACILITY
However, it's not actually being used in the module anywhere, so this
change appears cosmetic more than anything right now. However, I'm
inclined to believe Ricky's suggestions when it comes to H.323.

Corroborated by this 2003 post to the Ethereal mailing list:

http://www.ethereal.com/lists/ethereal-users/200311/msg00001.html

[See #6521]
2012-03-13 12:26:03 -05:00
Gregory Man b0ba10f79c Added afp_login module. 2012-03-13 10:01:42 +02:00
Gregory Man 5b13b7d1d9 Extracted common AFP functionality to mixin 2012-03-13 09:56:03 +02:00
Tod Beardsley ba2bf194fd Fixes descriptions on new modules.
Fixing up grammar and removing some editorial verbiage.
2012-03-07 09:17:22 -06:00
James Lee 2b9acb61ad Clean up some incosistent verbosity
Modules should use `vprint_*` instead of `print... if
datastore["VERBOSE"]` or similar constructs
2012-03-06 12:01:20 -07:00
sinn3r 003fa3e22c Apply patch for #6495 2012-03-06 11:43:28 -06:00
Willis Vandevanter 461a59e28d modified description and lowered the number of required requests 2012-03-06 00:48:54 -05:00
Willis Vandevanter 0f17bbdfdd squid pivot scanning module 2012-03-06 00:30:30 -05:00
James Lee 3a33434867 Fix a couple of typos that throw off module authors 2012-03-05 13:28:46 -07:00
sinn3r afd1af6377 Merge branch 'apf-info' of https://github.com/gregory-m/metasploit-framework into gregory-m-apf-info 2012-03-05 11:18:23 -06:00
sinn3r 1005de0523 Port should not contain a non-numeric value or even empty when assigned to :port 2012-03-05 11:10:16 -06:00
Gregory Man 6726f07dbc afp_server_info fixes and improvements
1.9 compatibility, timeouts, reporting
2012-03-05 14:57:59 +02:00
Gregory Man d9f0453ee9 Added auxiliary/scanner/afp/afp_server_info module 2012-03-02 21:58:40 +02:00
Tod Beardsley 7447052b38 Convert WMAP constant name to the new format. 2012-03-02 10:18:32 -06:00
Tod Beardsley 302853f5a4 Unpolluting SVN Revision keyword
Sometimes Revision keywords get expanded, too. Fix those.
2012-03-02 10:18:32 -06:00
Tod Beardsley 3626d48db2 Un-polluting SVN Id keyword
Sometimes the SVN Id keyword sneaks back into the github repo already
expanded.
2012-03-02 10:18:32 -06:00
Efrain Torres 36a3341acd Fix body cero. 2012-03-02 10:18:32 -06:00
Efrain Torres 6fba0698e5 Adding another detection method for blind sqli 2012-03-02 10:18:32 -06:00
Efrain Torres 02f6e3fcb2 Improving report on blind sqli module 2012-03-02 10:18:32 -06:00
Efrain Torres 126a6133cd Improving blind sql inj. detection 2012-03-02 10:18:32 -06:00
Efrain Torres b608aeeeb7 Migrating modules to use report_web_vulns and minor fixes 2012-03-02 10:18:32 -06:00
Efrain Torres 1a09a49f69 Starting getting rid of report_note to use report_web_vuln on all http aux modules 2012-03-02 10:18:32 -06:00
Efrain Torres 2ce7dc9331 One more module. 2012-03-02 10:18:32 -06:00
Efrain Torres 9c6fec3c33 First step on module cleaning. 2012-03-02 10:18:32 -06:00
Efrain Torres eaecdb487c Fix sname in report_ calls to check the use of ssl and report http or
https
2012-03-02 10:18:31 -06:00
Efrain Torres 6d80aa0a44 Renaming duh. 2012-03-02 10:18:31 -06:00
Efrain Torres 3cb65e24a1 Fix blind sqli module description and bug with http_method 2012-03-02 10:18:31 -06:00
Efrain Torres 6938b91d07 Execute tests agains a specific path and bug fix in blind sqli module 2012-03-02 10:18:31 -06:00
Efrain Torres a2e5a4d9d5 New wmap version 1.5. Plugin and mixin changes. Modules edited to adjust to naming convention 2012-03-02 10:18:31 -06:00
sinn3r e9df9d6c2c Increase default depth 2012-02-29 16:24:18 -06:00
Tod Beardsley 4369f73c7a Msftidy fixes on new modules
Dropped a cryptic year reference from jducks' java module, found a
spurious space in thelightcosine's telnet module.
2012-02-29 10:42:43 -06:00
sinn3r 6321ff7cb4 Change output message 2012-02-29 01:36:38 -06:00
sinn3r bc8480715f Add references to metadata. Do report_auth_info() when a credential is found. Plus other minor changes. 2012-02-29 01:32:21 -06:00
HD Moore 4c39cfd98a Small tweak to the format of the type 2012-02-28 23:52:48 -06:00
Gregory Man bf07a6a027 Added auxiliary/scanner/mongodb/mongodb_login module
MongoDB login utility + brute force attack
2012-02-28 16:06:30 +02:00
David Maloney a6b10862bd Adds a lantronix telnet discovery module 2012-02-23 17:22:32 -06:00
HD Moore 8d212849dc Fix typos that result in stack traces when matching the response codes 2012-02-22 16:04:24 -06:00
HD Moore 3fecda95be Fix 1.8 compatibility issue 2012-02-22 02:05:44 -06:00
James Lee 464cf7f65f Normalize service names
Downcases lots and standardizes a few.  Notably, modules that reported a
service name of "TNS" are now "oracle".  Modules that report http
now check for SSL and report https instead.

[Fixes #6437]
2012-02-21 22:59:20 -07:00
James Lee 02d6089893 Fix a stack trace when an unexpected response from the server
Caused by a typo
2012-02-21 18:57:27 -07:00
HD Moore acb4446e45 Fix #6407 by treating redirects as successful authentication 2012-02-21 16:02:21 -06:00
HD Moore bce1c08623 Update modules/auxiliary/server/capture/http_javascript_keylogger.rb 2012-02-21 04:46:56 -06:00
HD Moore 7c1d48d6aa Merge in MJC's javascript keylogger 2012-02-21 04:25:15 -06:00
HD Moore ceb4888772 Fix up the boilerplate comment to use a better url 2012-02-20 19:40:50 -06:00
HD Moore af56807668 Cleanup the titles of many exploit modules 2012-02-20 19:25:55 -06:00
James Lee 89e0842b1e Add vim_soap to the mixins list.
Fixes an issue where a different module load order would result in one
of the vmware modules failing to load be cause vim_soap hadn't been
required yet. Thanks d0rm0us3 for having a weird system and spotting
stuff like this.
2012-02-20 13:17:45 -07:00
sinn3r a8d56afda6 Use store_loot() to save data to local disk 2012-02-20 01:30:11 -06:00
Matt Buck fccb338e29 Merge branch 'master' of github-r7:rapid7/metasploit-framework 2012-02-19 23:01:14 -06:00
Matt Buck e0a75c1b2c Merge branch 'release/4.2-stable'
Conflicts:
	lib/msf/core/model/host.rb
2012-02-19 22:57:22 -06:00
sinn3r ea698864bd Add aux module to disclose IIS internal IP (Feature #6405) 2012-02-19 22:44:30 -06:00
sinn3r 95fa97cbd7 This module should be using store_loot() to save downloaded data 2012-02-19 20:48:00 -06:00
sinn3r 6037a2fc7a Correct type and name for store_loot 2012-02-19 20:20:44 -06:00
HD Moore f92ddb2475 Revert "Cleanup to the module output for vmware_http_login.rb"
This reverts commit 08d91aebdb.
2012-02-19 18:55:49 -06:00
HD Moore a25475fac0 Revert "Add a new vmauthd_version scanner (also pulls in the SSL cert if"
This reverts commit c4ea27d32b.
2012-02-19 18:53:03 -06:00
HD Moore d761265b93 Revert "Cosmetic cleanup to the module output for vmauthd_login"
This reverts commit 87e7bf4934.
2012-02-19 18:52:39 -06:00
HD Moore 648686002b Cosmetic cleanup of the vmware_http_login module 2012-02-19 18:51:16 -06:00
HD Moore 2521bd7b59 Add a new vmauthd_version scanner (also pulls in the SSL cert if
available)
2012-02-19 18:34:35 -06:00
HD Moore 00d2497a42 Cosmetic cleanup to the module output for vmauthd_login 2012-02-19 18:32:36 -06:00
HD Moore c4ea27d32b Add a new vmauthd_version scanner (also pulls in the SSL cert if
available)
2012-02-19 18:28:06 -06:00
HD Moore 87e7bf4934 Cosmetic cleanup to the module output for vmauthd_login 2012-02-19 18:16:54 -06:00
HD Moore 08d91aebdb Cleanup to the module output for vmware_http_login.rb 2012-02-19 18:16:05 -06:00
sinn3r 825ea01f79 Correct report_web_vuln 2012-02-19 16:37:42 -06:00
sinn3r 199e9c518b Add Generic HTTP Directory Traversal Utility (Feature #6338) 2012-02-19 00:30:18 -06:00
David Maloney 6ced540e0b Merge branch 'vmware-api' into vmware-stable 2012-02-18 18:38:20 -06:00
David Maloney 36dc0fee50 Better dynamic soap generation for all the vmware stuff 2012-02-18 18:29:46 -06:00
sinn3r ebd5438984 Add POST to method 2012-02-17 22:36:33 -06:00
sinn3r bb5e4a1600 Modules don't need to register VERBOSE, because it's already there 2012-02-17 21:07:44 -06:00
sinn3r 79ce43e3fe This condition should never trigger, because OptEnum should automatically take care of it 2012-02-17 19:16:07 -06:00
sinn3r e23f17cac2 Again, validate using OptEnum 2012-02-17 19:14:38 -06:00
sinn3r d58b8c7b69 Use OptEnum to validate enumeration method 2012-02-17 19:12:47 -06:00
sinn3r 3390bdf312 Validate METHOD with OptEnum 2012-02-17 18:54:53 -06:00
sinn3r 974aea3521 Validate 'METHOD' using OptEnum 2012-02-17 18:46:56 -06:00
sinn3r 36bc31d677 Damn, the indent level is nuts in this thing 2012-02-17 18:43:47 -06:00
sinn3r ec58b4669e This module only handles GET, so that's the only option we'll allow 2012-02-17 18:20:16 -06:00
sinn3r 9e17b09632 This module is only meant to handle GET and PUT, so let's be strict on that 2012-02-17 18:17:28 -06:00
sinn3r 7ae58bfd9d Make sure the HTTP method is always upper-case to make Apache happy 2012-02-17 18:15:23 -06:00
David Maloney ddb43774c9 Some metadata fixes 2012-02-17 12:21:38 -06:00
sinn3r ae57a8d9fd Make sure the HTTP method is always uppercase so we don't get a 501 2012-02-17 03:34:39 -06:00
David Maloney a0dac593bc Merge branch 'vmware-api' of github.com:rapid7/metasploit-framework into vmware-api 2012-02-16 02:22:31 -06:00
David Maloney e9b2e060d6 Permissions scanner for vmware
Fixed the way loot was getting stored to set a propper type
2012-02-16 02:19:33 -06:00
David Maloney 8d7ddab2af Some minor bug fixes
Added vm_tag module for 'flag planting'
2012-02-16 00:45:48 -06:00
David Maloney c5ae56a147 Adding User Enumeration Scanner for vmware 2012-02-15 22:55:11 -06:00
Tod Beardsley 95f54413d8 Create a stable branch of vmware-api
Just to pick up the soap library and the esx_fingerprint stuff.
2012-02-15 21:25:56 -06:00
Tod Beardsley bf9ed96155 Fixes up esx_fingerprint and the host model to ID vmware correctly
Uses the proper host.normalize_os methods to fix up the normalization of
ESX servers.
2012-02-15 20:31:51 -06:00
David Maloney a2778ea297 minor fixes to multi-session terminate 2012-02-15 16:50:12 -06:00
David Maloney 082b4acca8 Changed terminate session module to handle multiple sessions per run 2012-02-15 16:47:02 -06:00
David Maloney c9cf47bd4c Add Terminate Session module and some extra goodness to enum sessions 2012-02-15 16:39:13 -06:00
David Maloney 67ba39cc3e Adds a scanner to pull active login sessions off servers 2012-02-15 02:27:25 -06:00
David Maloney e0f11992af Gah screwed up that commit, accidentally chunked out the rescues. 2012-02-15 02:12:06 -06:00
David Maloney 6b539036c9 Fix fingerprinting in the vmware_http_login module 2012-02-15 01:54:34 -06:00
David Maloney e67e9ab34f Adds a power off vm aux module 2012-02-14 20:52:45 -06:00
David Maloney a256a6fb0b Adds a power on vm module 2012-02-14 20:44:11 -06:00
David Maloney bbca09458f Workaround for report_host/service issue
See #6370
2012-02-14 11:19:38 -06:00
David Maloney 03884ddb46 Fix to title from copy pasted init section. 2012-02-14 10:36:15 -06:00
Tod Beardsley ad0594ee5f Cleanup and add debug for fingerprint_vmware 2012-02-13 19:07:26 -06:00
Tod Beardsley 8c1581567c Cleanup on the vmware fingerprinting.
Add in some new OS constants and seperate out the fingerprinting
function from the connection function in order to avoid having errors
swallowed by a rescue.
2012-02-13 16:40:44 -06:00
Tod Beardsley 727cde00c6 Taking David's version of vmware_http_login over mine 2012-02-13 14:54:47 -06:00
sinn3r d036da627a Clear lots of whitespace 2012-02-13 14:13:43 -06:00
David Maloney 31f001ed54 Improved vmware enumerate vm modules
now with screenshots!
2012-02-13 12:07:28 -06:00
David Maloney 8c305e1a28 VMWare Web service finerprinting and OS detection.
VMWare Screenshot stealer
Improvemenets to the mixin
fix to check method for the login scanner
2012-02-13 12:05:32 -06:00
sinn3r a758462a32 Remove some whitespace 2012-02-13 11:01:26 -06:00
bperry-r7 abb1548d9a Fix extraneous print_status 2012-02-11 20:09:43 -06:00
David Maloney 676a0c53a0 Working Screenshot capability! 2012-02-11 03:51:18 -06:00
sinn3r fe69a27bf1 Fix indent level and type 2012-02-10 03:22:51 -06:00
sinn3r 4b47a9e66f Be gone, whitespace. 2012-02-10 03:16:37 -06:00
sinn3r 52e7743b41 Merge branch 'ipv6_logging' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-ipv6_logging 2012-02-10 03:13:18 -06:00
HD Moore 29b99aa7b4 Fix up titles/add boundary check for reporting external host 2012-02-08 12:23:46 -06:00
m-1-k-3 705c436ede added more multicast addresses from wikipedia 2012-02-07 11:45:20 +01:00
David Maloney e8aa624a16 Added todb's validator over to this working branch 2012-02-06 10:15:05 -06:00
Tod Beardsley 8ad9beef75 Removing javascript_keylogger from master. 2012-02-06 09:37:16 -06:00
m-1-k-3 91820ad1c3 logging to notes 2012-02-06 08:56:35 +01:00
sinn3r b2ae8a24dc Fix go cow art (tabs are bad to align chars) 2012-02-05 02:20:31 -06:00
sinn3r 0dd3ad0efb Remove naughty trailing commas 2012-02-05 02:03:49 -06:00
sinn3r 26f89f65bd Fix the bug that causes store_loot() to run twice. Also, other minor format changes. 2012-02-05 02:00:03 -06:00
sinn3r c2d1f64472 Merge branch 'master' of https://github.com/threatagent/metasploit-framework 2012-02-05 01:44:53 -06:00
sinn3r db1e400dff Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-02-05 01:27:21 -06:00
David Maloney df401f4c94 more fixes to backend stuff, plus updated vmware http login module to use
the correct mixin method now.
2012-02-03 15:44:41 -06:00
Tod Beardsley af506240cf http_fingerprint reports service info
Service info once again is reported when http_fingerprint is run against
a target, along with http status codes.
2012-02-03 12:15:11 -06:00
Tod Beardsley 786d75493c Fix up VMWware webscan to not false positive
Checks to see if a target is actually vmware based on the provided
cookie, using the http_fingerprint() function from HttpClient.

[Fixes #6340]
2012-02-02 22:19:57 -06:00
Marcus J. Carey c06b0f7e72 cleaning up an editor glitch. 2012-02-02 17:59:51 -06:00
Marcus J. Carey 1a278c55b5 a bit more cleanup 2012-02-02 16:19:21 -06:00
Marcus J. Carey 45b58bea06 got rid of bmp generation 2012-02-02 16:07:27 -06:00
Marcus J. Carey e96eceb145 Editing Javascript keylogger 2012-02-02 15:01:22 -06:00
Marcus J. Carey 7b3262958d Merge branch 'master' of github.com:threatagent/metasploit-framework
Conflicts:
	modules/auxiliary/server/capture/javascript_keylogger.rb
2012-02-02 14:58:23 -06:00
Marcus J. Carey 59a44f75ec Updated Javascript Keylogger 2012-02-02 14:42:13 -06:00
Marcus J. Carey f45528ec68 Update modules/auxiliary/server/capture/javascript_keylogger.rb 2012-02-02 10:33:33 -06:00
Marcus J. Carey 3bfb8b3c9d Adding Javascript Keylogger 2012-02-02 10:30:55 -06:00
Marcus J. Carey e70f9151e5 Merge remote-tracking branch 'upstream/master' 2012-02-02 07:13:03 -06:00
David Maloney 3f48e626a2 Adding a bunch of new VIM API auxiliary stuff
Work in progress.
2012-02-01 12:05:20 -06:00
Tod Beardsley e371f0f64c MSFTidy commits
Whitespace fixes, grammar fixes, and breaking up a multiline SOAP
request.

Squashed commit of the following:

commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:58:53 2012 -0600

    Break up the multiline SOAP thing

commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:48:16 2012 -0600

    More whitespace and indent

commit 12c42aa1efdbf633773096418172e60277162e22
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:39:36 2012 -0600

    Whitespace fixes

commit 32d57444132fef3306ba2bc42743bfa063e498df
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:35:37 2012 -0600

    Grammar fixes for new modules.
2012-02-01 10:59:58 -06:00
HD Moore 0b8987f2af Merge results initialization fix 2012-01-31 01:29:44 -06:00
sinn3r 1dec4c0c45 These modules should use vprint_xxx() instead of print_xxx() ... if datastore['VERBOSE'] 2012-01-30 13:08:35 -06:00
sinn3r a0ac4125cd Add aux module CMS400 default pass scanner (feature #6301) 2012-01-30 10:40:59 -06:00
sinn3r ce7f93f5d9 Merge pull request #138 from claudijd/master
Added Sequence Filters and MSF Exploit Capture to BNAT Scan
2012-01-29 22:07:25 -08:00
HD Moore dda3453ac7 Correct a typo 2012-01-28 23:33:26 -06:00
HD Moore 774862508e Handle another common error type 2012-01-28 23:31:20 -06:00
Jonathan Claudius 88298cf847 Added Sequence Filters and MSF Exploit Capture
-Sequence Filters (No More False Positives)
-Msf::Exploit::Capture (Use built-in MSF libs over manual threading)
-Immediate Feedback (Don't need to wait until complete to print results)
-Timeout (Includes user configurable timeout)
2012-01-28 22:44:12 -06:00
Jonathan Cran 54ffb01080 This module should use the default list of tomcat users 2012-01-28 18:13:34 -06:00
David Maloney ca7aa21202 Removed schema features from database hashdump modules
now that there are dedicated schemadump modules.
2012-01-28 16:55:39 -06:00
HD Moore 5a095e8ef5 Fixes for PCA modules 2012-01-28 14:35:07 -06:00
HD Moore c63c7393e3 Print status output 2012-01-28 13:52:38 -06:00
HD Moore f3eb78199b Add TCP-based PCA probe 2012-01-28 13:52:38 -06:00
HD Moore 2d7852ddef Merge PCA scans into udp_sweep/udp_probe 2012-01-28 13:05:24 -06:00
David Maloney 4cd38c5555 Adds login scanner module for VMware Server and ESX 2012-01-27 16:23:56 -06:00
HD Moore a2d20e25d3 Fix a regression in the workspace inclusion code (only affected
non-DB-connected instances). Add a PCA UDP scanner
2012-01-27 12:36:13 -06:00
Tod Beardsley fe22090a12 Correct e-mail format 2012-01-26 13:04:38 -06:00
David Maloney d0d964d8ab Adds an error message if the module couldn't conenct to the target.
Fixes #6278
2012-01-26 10:56:07 -06:00
Joshua J. Drake 31fb7e7b28 Fallback to writing a new file if resuming fails 2012-01-25 14:49:30 -06:00
Marcus J. Carey 49be9996bc Merge remote-tracking branch 'upstream/master' 2012-01-24 20:23:58 -06:00
Marcus J. Carey 35de6a593b Update modules/auxiliary/server/html_frame_payload.rb 2012-01-24 17:14:10 -06:00
Marcus J. Carey 2e2726c3c0 Update modules/auxiliary/server/html_frame_payload.rb 2012-01-24 17:06:49 -06:00
Marcus J. Carey 88b1cd6891 Update modules/auxiliary/server/html_frame_payload.rb 2012-01-24 17:03:33 -06:00
Marcus J. Carey 71648159a8 Update modules/auxiliary/server/html_frame_payload.rb 2012-01-24 17:00:47 -06:00
Marcus J. Carey a20bd78f75 Adding html_frame_payload.rb 2012-01-24 16:56:32 -06:00
Tod Beardsley f6a6963726 Msftidy run over the recent changed+added modules 2012-01-24 15:52:41 -06:00
Jon Hart 7ec5f98480 Adding jhart's natpimp libary and modules.
Made some minor corrections -- dropped the #vim splats, switched to msf
constants for service open etc, namely.

[See #106]
2012-01-24 10:32:30 -06:00
Tod Beardsley 2f3e976173 Actually fix ruby loop syntax on d20pass 2012-01-24 10:08:19 -06:00
sinn3r fc00398330 Yup, that's better 2012-01-23 16:02:35 -06:00
sinn3r 39a2a894ee Fix fh, trailing comma, and ruby loop syntax 2012-01-23 15:15:49 -06:00
James Lee 455bcda6e8 Print the port so we know which http service 2012-01-23 10:17:32 -07:00
David Maloney 34491970b3 Adds a new VMWare Authentication Daemon login scanner module. 2012-01-22 15:39:53 -06:00
David Maloney bcb19ab0a3 Fixes an issue with smb_login not properly dealing with abritrary guest access
on Samba.
2012-01-22 01:35:36 -06:00
David Maloney 06b1bffcea Addresses an issue with udp sweep module that recorded services
from non-specified hosts when they respond to broadcast probes.
2012-01-20 15:34:15 -06:00
sinn3r be906023dc one register_options() should be fine. 2012-01-20 13:02:54 -06:00
sinn3r d6566aa818 Add CVE-2011-4050 7-Technologies IGSS 9 IGSSdataServer.exe DoS module (Feature #6267) 2012-01-20 12:57:13 -06:00
sinn3r bbb4205683 Set default maxpage to 1, because it's faster. 2012-01-20 11:09:38 -06:00
sinn3r 5631774d92 Fix bug: NoMethodError undefined method `each' for nil:NilClass (line 155) 2012-01-20 10:58:02 -06:00
Tod Beardsley a75b373d7a Fixing e-mail format for antispam 2012-01-19 10:58:25 -06:00
Tod Beardsley ed3191bcfe Adding d20pass module 2012-01-19 10:58:16 -06:00
HD Moore bb035bfec2 Fix up API option names so they can be set globally 2012-01-18 15:05:39 -06:00
Tod Beardsley ad6f8257e1 MSFTidy fixes. 2012-01-18 15:01:32 -06:00
sinn3r 7d9ba6f5e9 Fix bug #6256: uninitialized class variable error 2012-01-17 17:58:53 -06:00
sinn3r d5443159d7 Merge pull request #110 from jhartftw/soap_xml_6249
Improvements to auxiiliary/scanner/http/soap_xml to (#6249)
2012-01-16 18:19:33 -08:00
Jon Hart fe901b3fb2 Clean up error messages when LOCALSIP isn't defined. Remove
now-duplicated code is_ipv4?, clarify SMAC error messages.
2012-01-16 14:32:15 -08:00
Jon Hart 6a057560fa Improvements to auxiiliary/scanner/http/soap_xml to:
* Detect additional SOAP faults to reduce false positives
* More obviously support SSL
* Report http/https
* Make it obvious when a SOAP endpoint falls over mid-scan
* Add a few more nouns/verbs
* Add an optional SLEEP to play nice with old/slow SOAP endpoints

https://dev.metasploit.com/redmine/issues/6249
2012-01-16 12:27:17 -08:00
Tod Beardsley 4ac6c0c3ee A great big pile of fixes to the ssh scanners
Not sure how this managed to fall out of master -- some of these fixes
are five days old, and should certianly have been merged in prior to
just now.
2012-01-13 13:49:21 -06:00
Tod Beardsley d52df50a77 Drop a spurious print_error line from smtp_version 2012-01-13 11:46:56 -06:00
David Maloney 6234d13f7c Added Schema Dump Module for Postgres 2012-01-12 15:20:46 -05:00
David Maloney 52be1c3a7a Add schemadump module for MySql 2012-01-11 12:16:22 -08:00
David Maloney 8c594798d7 Fix to the AIX jtr module title. 2012-01-11 09:11:23 -08:00
David Maloney 13069990eb Added module for dumping schema information from Microsoft SQL Server
and storing it as loot and notes.
2012-01-10 15:32:09 -08:00
Tod Beardsley 7e25f9a6cc Death to unicode
Apologies to the authors whose names I am now intentionally misspelling.
Maybe in another 10 years, we can guarantee that all terminals and
machine parsers are okay with unicode suddenly popping up in strings.

Also adds a check in msftidy for stray unicode.
2012-01-10 14:54:55 -06:00
David Maloney ed0dbad243 Fix to MSSQL Ping that returns ALL known isntances onstead of jsut the first one.
Fixes #6066
2012-01-10 12:32:47 -08:00
sinn3r b76767669c Update Nenad's author name and e-mail 2012-01-09 20:14:47 -06:00
sinn3r 8eee54d1d0 Add e-mail addr for corelanc0d3r (found it in auxiliary/fuzzers/ftp/client_ftp.rb) 2012-01-09 14:23:37 -06:00
Tod Beardsley eeb3a442de whitespace correctly smtp_version.rb 2012-01-09 14:11:10 -06:00