sinn3r
92093cd7d8
There's no HttpClient, so it shouldn't be using normalize_uri
2013-02-19 15:04:18 -06:00
sinn3r
e9f4900beb
Merge branch 'fixgenericcustom' of github.com:rsmudge/metasploit-framework into rsmudge-fixgenericcustom
2013-02-19 14:47:18 -06:00
James Lee
f5d9887a06
Merge branch 'rapid7' into R3dy-psexec-mixin2
2013-02-19 12:58:03 -06:00
James Lee
4703278183
Move SMB mixins into their own directory
2013-02-19 12:55:06 -06:00
sinn3r
37634a9e60
Merge branch 'hp_vsa_exec_9' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_vsa_exec_9
2013-02-19 12:36:39 -06:00
James Lee
ede804e6af
Make psexec mixin a bit better
...
* Removes copy-pasted code from psexec_command module and uses the mixin
instead
* Uses the SMB protocol to delete files rather than psexec'ing to call
cmd.exe and del
* Replaces several instances of "rescue StandardError" with better
exception handling so we don't accidentally swallow things like
NoMethodError
* Moves file reading and existence checking into the Exploit::SMB mixin
2013-02-19 12:33:19 -06:00
sinn3r
189558b862
Merge branch 'openemr_upload_exec' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-openemr_upload_exec
2013-02-19 12:25:00 -06:00
sinn3r
5108e8ef1c
Correct tab
2013-02-19 11:44:41 -06:00
sinn3r
b2664e04fb
Merge branch 'bigant_server_dupf_upload' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-bigant_server_dupf_upload
2013-02-19 11:42:04 -06:00
sinn3r
9813c815ef
Minor changes
2013-02-19 11:40:06 -06:00
sinn3r
553d7abe43
Merge branch 'bigant_server_sch_dupf_bof' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-bigant_server_sch_dupf_bof
2013-02-19 11:26:47 -06:00
James Lee
49f00acc11
Fix nil deref when dnsdomain is empty
2013-02-19 11:24:05 -06:00
Chris John Riley
d49797267e
Correct SAP Table Name
2013-02-19 11:20:49 +01:00
Chris John Riley
358b2f5783
Added module credit as this has turned into a rewrite ;)
2013-02-19 11:15:04 +01:00
Chris John Riley
f3cf8ad1b9
Whitespace EOL
2013-02-19 11:13:33 +01:00
Chris John Riley
a75bae927d
Replaced report_note and table output with single function
...
Added proposed extract data function (HDM)
2013-02-19 11:12:12 +01:00
Chris John Riley
d4011227e3
Made suitable changes to original module also (only report on non empty response)
2013-02-19 09:43:36 +01:00
Chris John Riley
4170a85d8a
Added logic to only report when value is present
2013-02-19 09:42:13 +01:00
jvazquez-r7
416a7aeaa3
make msftidy happy for s4u_persistence
2013-02-18 15:23:06 +01:00
jvazquez-r7
be0feecf8f
Merge branch 's4u_persistence' of https://github.com/smilingraccoon/metasploit-framework into smilingraccoon-s4u_persistence
2013-02-18 15:22:37 +01:00
Thomas McCarthy
25f8a7dcb9
Fix expire tag logic and slight clean up
...
Was a dumbass again and didn't fully understand how Optints worked when left blank at run time. If not 0 the expire tag will be inserted now. Also made it print the xpath if used because I believe it will be of value to the user for trouble shooting.
2013-02-17 22:35:52 -05:00
Raphael Mudge
06ba2ef791
Allow generic/custom payload to generate an exe
...
The datastore value of ARCH has no effect on the array of
architectures the generic/custom payload is compatible with.
This commit forces the payload to update its list of compatible
architectures on generation if the ARCH value is set in the
datastore.
See:
http://dev.metasploit.com/redmine/issues/7755
2013-02-17 20:39:54 -05:00
jvazquez-r7
322fa53d49
fix typo
2013-02-17 20:29:41 +01:00
jvazquez-r7
31a3a374c3
Added module for CVE-2012-6274
2013-02-17 20:25:39 +01:00
jvazquez-r7
1a2a0bc38e
Added module for CVE-2012-6275
2013-02-17 20:21:45 +01:00
Thomas McCarthy
a8d574e4ce
Updated one print_status
2013-02-17 14:08:33 -05:00
m-1-k-3
3ab5585107
make msftidy happy
2013-02-16 20:49:32 +01:00
m-1-k-3
121a736e28
initial commit
2013-02-16 20:42:02 +01:00
jvazquez-r7
ec5c8e3a88
Merge branch 'dlink-dir300-600-execution' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink-dir300-600-execution
2013-02-16 19:12:42 +01:00
jvazquez-r7
6b1bb9e1e8
Added module for OSVDB 90222
2013-02-16 13:11:46 +01:00
jvazquez-r7
a19da61177
deleting trailing comma
2013-02-16 00:53:28 +01:00
jvazquez-r7
221ce22f53
make msftidy happy
2013-02-15 19:01:58 +01:00
jvazquez-r7
829cf0f076
name changed to dns_srv_enum
2013-02-15 16:20:55 +01:00
jvazquez-r7
d1ba860409
changing filename for dns_srv
2013-02-15 16:20:33 +01:00
jvazquez-r7
374faf9b02
cleanup for dns_srv
2013-02-15 16:19:48 +01:00
jvazquez-r7
9d4bd763a6
Merge branch 'darkoperator-dnsenum2dnssrv' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-dnsenum2dnssrv
2013-02-15 16:19:31 +01:00
jvazquez-r7
38f5fbced3
cleanup for dns_reverse_lookup
2013-02-15 12:56:01 +01:00
jvazquez-r7
f1e3dab45f
Merge branch 'darkoperator-dnsenum2dnsreverselookup' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-dnsenum2dnsreverselookup
2013-02-15 12:55:39 +01:00
jvazquez-r7
6aed858f80
cleanup for dns_bruteforce
2013-02-15 12:37:46 +01:00
jvazquez-r7
1be003a4d0
Merge branch 'darkoperator-dnsenum2dnsbruteforce' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-dnsenum2dnsbruteforce
2013-02-15 12:37:27 +01:00
jvazquez-r7
57e1d1baa5
cleanup for dns_info
2013-02-15 12:03:08 +01:00
jvazquez-r7
8a1874b4d1
Merge branch 'darkoperator-dnsenum2dnsinfo' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-dnsenum2dnsinfo
2013-02-15 12:02:48 +01:00
Carlos Perez
bcd59aa8fa
Typo word module does not go in the name.
2013-02-14 21:56:24 -04:00
Carlos Perez
1d64de6c11
Typo word module does not go in the name.
2013-02-14 21:55:38 -04:00
Carlos Perez
7f7b4e5a97
more changes to description and name
2013-02-14 21:49:57 -04:00
Carlos Perez
faf970cf1f
more changes to description and name
2013-02-14 21:47:43 -04:00
Carlos Perez
1b8610042a
more changes to description and name
2013-02-14 21:46:21 -04:00
Carlos Perez
0b9d4d976f
more changes to description and name
2013-02-14 21:44:31 -04:00
kernelsmith
8a91f0d7ec
rescue ENOENT as well
2013-02-14 14:04:45 -06:00
Carlos Perez
23320a5dde
Fix spelling problems
2013-02-14 15:48:11 -04:00
Carlos Perez
a7d4f5ff4a
Fix spelling problems
2013-02-14 15:46:36 -04:00
Carlos Perez
7f97ff271f
Fix spelling problems
2013-02-14 15:44:32 -04:00
Carlos Perez
1872b137f5
Fix spelling problems
2013-02-14 15:41:17 -04:00
Carlos Perez
e8ccfae048
Fix spelling problems
2013-02-14 15:38:17 -04:00
Jeff Jarmoc
ade2c9ef56
msftidy - fix line endings.
2013-02-14 11:42:02 -06:00
Jeff Jarmoc
4c90cacffe
Send iframe when URIPATH isnt '/'
2013-02-14 11:23:08 -06:00
Jeff Jarmoc
947aa24d44
MS13-009 / CVE-2013-0025 ie_slayout_uaf.rb by Scott Bell
2013-02-14 11:18:19 -06:00
Thomas McCarthy
7b2c1afadb
I'm an idiot, fix logon xpath
2013-02-14 09:16:47 -05:00
Jeff Jarmoc
c2f8e4adbd
Minor - Note Rails 3.1.11 patch in Description.
2013-02-13 22:30:54 -06:00
smilingraccoon
e78cbdd14d
missed one line
2013-02-13 18:17:38 -05:00
smilingraccoon
bbf8fe0213
Use Post::File methods and fail_with
2013-02-13 18:10:05 -05:00
sinn3r
1f881d7c21
Merge branch 'tasos-r7-feature/web_crawler_skip_paths'
2013-02-13 14:35:14 -06:00
sinn3r
4074a12fd7
Randomize some gadgets
2013-02-13 14:12:52 -06:00
sinn3r
4eca6e5502
Merge branch 'feature/web_crawler_skip_paths' of github.com:tasos-r7/metasploit-framework into tasos-r7-feature/web_crawler_skip_paths
2013-02-13 14:07:20 -06:00
sinn3r
323a58b9cb
Merge branch 'foxit_reader_plugin_url_bof' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-foxit_reader_plugin_url_bof
2013-02-13 14:01:25 -06:00
jvazquez-r7
d1784babea
little cleanup plus msftidy compliant
2013-02-13 20:24:49 +01:00
jvazquez-r7
0ae473b010
info updated with rails information
2013-02-13 09:52:17 +01:00
jvazquez-r7
f46eda2fa9
Merge branch 'rails_devise_pw_reset' of https://github.com/jjarmoc/metasploit-framework into jjarmoc-rails_devise_pw_reset
2013-02-13 09:51:37 +01:00
jvazquez-r7
799beb5adc
minor cleanup
2013-02-13 01:00:25 +01:00
jvazquez-r7
167f5970c1
minor cleanup for rails_json_yaml_scanner
2013-02-13 00:07:58 +01:00
jvazquez-r7
3e2a368823
Merge branch 'rails_json_yaml_scanner' of https://github.com/jjarmoc/metasploit-framework into jjarmoc-rails_json_yaml_scanner
2013-02-13 00:07:11 +01:00
Jeff Jarmoc
846052a34d
s/URIPATH/TARGETURI/g per @jvasquez-r7 comments on another pull.
2013-02-12 15:13:06 -06:00
Jeff Jarmoc
1d5d33f306
use normalize_uri()
2013-02-12 14:58:07 -06:00
Jeff Jarmoc
c6a7a4e68d
/URIPATH/TARGETURI/g
2013-02-12 14:50:10 -06:00
Tasos Laskos
f2cf4304d2
Merge remote-tracking branch 'upstream/master' into feature/web_crawler_skip_paths
2013-02-12 22:10:40 +02:00
Tasos Laskos
9efd3f6c5e
scanner/http/crawler: added ExcludePathPatterns opt
...
Option 'ExcludePathPatterns' allows users to specify which paths should
be excluded from the crawl (and which forms to ignore) by passing a
list of patterns (only allows '*' wildcards).
2013-02-12 21:47:12 +02:00
Jeff Jarmoc
c7719bf4cb
Verify response is non-nil.
2013-02-12 13:41:21 -06:00
Jeff Jarmoc
9e1f106a87
msftidy cleanup
2013-02-12 13:38:58 -06:00
jvazquez-r7
f58cc6a2e0
more fix version info
2013-02-12 18:51:04 +01:00
jvazquez-r7
96b1cb3cfb
fix version info
2013-02-12 18:50:36 +01:00
jvazquez-r7
69267b82b0
Make stable #1318 foxit reader exploit
2013-02-12 18:44:19 +01:00
Chris John Riley
3a6cd6f395
Added module for requesting RFC_SYSTEM_INFO via ICF web interface
2013-02-12 14:42:59 +01:00
Tod Beardsley
8ddc19e842
Unmerge #1476 and #1444
...
In that order. #1476 was an attempt to salvage the functionality, but
sinn3r found some more bugs. So, undoing that, and undoing #1444 as
well.
First, do no harm. It's obvious we cannot be making sweeping changes in
libraries like this without a minimum of testing available. #1478 starts
to address that, by the way.
FixRM #7752
2013-02-11 20:49:55 -06:00
jvazquez-r7
9040fcd5ae
Merge branch 'darkoperator-post2localexploit' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-post2localexploit
2013-02-12 01:52:05 +01:00
jvazquez-r7
42a6d96ff4
using Post::File methods plus little more cleanup
2013-02-12 01:33:07 +01:00
jvazquez-r7
97edbb7868
using always a vbs file to drop exe
2013-02-12 00:58:26 +01:00
Jeff Jarmoc
ddd7d307e6
Add a scanner aux module for Rails JSON/YAML vuln CVE-2013-0333
2013-02-11 16:48:44 -06:00
jvazquez-r7
766257d26a
pointed by @m-1-k-3 while working on #1472
2013-02-11 21:21:43 +01:00
jvazquez-r7
d4d41f36d4
Merge branch 'bug/basic_auth' of https://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-bug/basic_auth
2013-02-11 21:16:35 +01:00
Jeff Jarmoc
5f0a3c6b9e
Removes pry, oops.
2013-02-11 14:02:46 -06:00
Jeff Jarmoc
753fa2c853
Handles error when TARGETEMAIL is invalid.
2013-02-11 13:58:56 -06:00
David Maloney
a43b902b5c
Fix tomcat_mgr_login auth
2013-02-11 12:00:40 -06:00
Jeff Jarmoc
61ffcedbfd
Address HD's other comments, fixes mismatched var name in last commit.
2013-02-11 11:17:26 -06:00
Jeff Jarmoc
e72dc47448
Uses REXML for encoding of password.
2013-02-11 11:12:29 -06:00
sinn3r
f3a1339a4c
Merge branch 'jvazquez-r7-novell_groupwise_gwcls1_actvx'
2013-02-11 10:40:33 -06:00
Carlos Perez
6c85e5242e
change wildcard message to print_warning
2013-02-11 12:04:30 -04:00
Carlos Perez
431641fec9
added check for retry options
2013-02-11 12:02:15 -04:00
Carlos Perez
5edb138a8f
fixed nil issue
2013-02-11 11:51:33 -04:00
Carlos Perez
fd6f00f641
added report note for wildcard
2013-02-11 11:37:20 -04:00
Carlos Perez
5f10704697
applied fixes
2013-02-11 11:31:13 -04:00
Carlos Perez
55efe01bf7
Applied fixes
2013-02-11 11:23:06 -04:00
jvazquez-r7
24c3f1b99d
fix msftidy
2013-02-11 15:07:49 +01:00
jvazquez-r7
991e65770c
minor cleanup for word_unc_injector
2013-02-11 15:06:19 +01:00
jvazquez-r7
41564fd51d
Merge branch 'aux-word_unc_injector.rb' of https://github.com/SphaZ/metasploit-framework into SphaZ-aux-word_unc_injector.rb
2013-02-11 15:05:27 +01:00
Jeff Jarmoc
43a1fbb6f2
Make msftiday happy.
2013-02-10 21:13:18 -06:00
Jeff Jarmoc
55cba56591
Aux module for joernchen's devise vuln - CVE-2013-0233
2013-02-10 21:10:00 -06:00
smilingraccoon
3a499b1a6d
added s4u_persistence.rb
2013-02-10 14:22:36 -05:00
jvazquez-r7
17b349ab50
added crash to comments
2013-02-09 17:49:57 +01:00
jvazquez-r7
5b576c1ed0
fix ident and make happy msftidy
2013-02-09 17:40:45 +01:00
m-1-k-3
63c6791473
return
2013-02-09 11:17:02 +01:00
m-1-k-3
6cccf86a00
Merge branch 'master' of git://github.com/rapid7/metasploit-framework into dlink-dir300-600-execution
2013-02-09 11:09:56 +01:00
Carlos Perez
fd15436a96
Added new line to end of file.
2013-02-08 20:52:49 -04:00
Carlos Perez
78f81843f6
Added new line to end of file.
2013-02-08 20:51:37 -04:00
Carlos Perez
eda3fc0715
Added new line to end of file.
2013-02-08 20:50:23 -04:00
Carlos Perez
166b59b61a
Added new line to end of file.
2013-02-08 20:48:57 -04:00
sinn3r
7370d7d31b
Final touchup
2013-02-08 18:21:06 -06:00
Spencer McIntyre
7522a87cf9
Adding an auxiliary scanner module for Titan FTP password disclosure.
2013-02-08 15:43:02 -05:00
Carlos Perez
fea84cad10
Fix additional typos per recomendation
2013-02-08 14:47:16 -04:00
James Lee
5b3b0a8b6d
Merge branch 'dmaloney-r7-http/auth_methods' into rapid7
2013-02-08 12:45:35 -06:00
Carlos Perez
b8f0a94c3f
Fixed typos mentioned by Egypt
2013-02-08 14:42:10 -04:00
sinn3r
917282c33b
Merge branch 'master' of github.com:rapid7/metasploit-framework
2013-02-08 12:27:19 -06:00
jvazquez-r7
98457c0a4d
Merge branch 'sonicwall_gms' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-sonicwall_gms
2013-02-08 19:18:57 +01:00
James Lee
9b6f2fcd1d
Use the install path to tell us the separator
...
Fixes the java target on windows victims
2013-02-08 12:10:42 -06:00
James Lee
5b398076ae
Couple of fixes for windows
...
* Catch IOError when chmod doesn't exist (i.e. Windows)
* Proper escaping for paths
2013-02-08 11:52:50 -06:00
James Lee
e3ee0d7913
Don't try to download '.' or '..' as files
2013-02-08 11:25:17 -06:00
Carlos Perez
ac8194ed07
Split of DNS SRV Record Enumeration from enum_dns
2013-02-08 10:09:34 -04:00
Carlos Perez
256ab7f737
Split of DNS Reverse Lookup from enum_dns
2013-02-08 09:50:21 -04:00
Carlos Perez
906585798d
Split of DNS General Info from enum_dns
2013-02-08 09:49:19 -04:00
Carlos Perez
2186db5295
Split of DNS Name Brutforce from enum_dns
2013-02-08 09:48:32 -04:00
SphaZ
66f0bddb54
fixed error check, a comment, manipulate_file all in memory now
2013-02-08 12:46:13 +01:00
James Lee
071df7241b
Merge branch 'rapid7' into sonicwall_gms
...
Conflicts:
modules/exploits/multi/http/sonicwall_gms_upload.rb
Adds a loop around triggering the WAR payload, which was causing some
unreliability with the Java target.
2013-02-07 21:53:49 -06:00
James Lee
1f9a09d5dd
Add a method to upload and exec in one step
2013-02-07 21:09:32 -06:00
sinn3r
0ad548a777
I expect people to know what a share is.
2013-02-07 19:16:44 -06:00
sinn3r
9415e55211
Merge branch 'feature/rm5455-patch-smb_relay' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-feature/rm5455-patch-smb_relay
2013-02-07 19:12:58 -06:00
sinn3r
25d8dac4c0
Merge branch 'bugs/linksys-fixes' of github.com:todb-r7/metasploit-framework into todb-r7-bugs/linksys-fixes
2013-02-07 19:10:36 -06:00
Carlos Perez
c131b7ef0e
Added exception handing and return checking as requested by Sinn3r
2013-02-07 21:06:05 -04:00
sinn3r
ce7da154a6
Merge branch 'master' of github.com:hmoore-r7/metasploit-framework into hmoore-r7-master
2013-02-07 17:35:28 -06:00
sinn3r
035e8b7100
Merge branch 'groupwise_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-groupwise_traversal
2013-02-07 17:33:34 -06:00
Carlos Perez
19e989dff9
Initial commit fo the migrated module
2013-02-07 19:11:44 -04:00
James Lee
13d1045989
Works for java and native linux targets
2013-02-07 16:56:38 -06:00
jvazquez-r7
e9912496d8
nice check learned from sinn3r
2013-02-07 22:05:39 +01:00
jvazquez-r7
0d3c32b0a4
Added module for CVE-2012-0419
2013-02-07 21:15:49 +01:00
sinn3r
7f746e1caa
That's what he said.
2013-02-07 11:13:18 -06:00
sinn3r
d554c3a56a
Don't really need the bottom comment
2013-02-07 10:46:42 -06:00
sinn3r
98559d4d51
Do a check and make sure this is Simple Web Server
2013-02-07 10:45:53 -06:00
sinn3r
b11f052746
Allow arbitrary depth
2013-02-07 10:32:29 -06:00
sinn3r
a3264e18e2
There aint no fail_with(), must use print_error
2013-02-07 10:30:17 -06:00
HD Moore
77390a5935
Fix a bug reported by Tom Liston
2013-02-06 23:34:55 -06:00
James Lee
b6c6397da3
typo
2013-02-06 19:21:20 -06:00
sinn3r
b09f819e4b
Add Simple Web Server dir traversal
2013-02-06 17:02:07 -06:00
James Lee
1095fe198b
Merge branch 'rapid7' into dmaloney-r7-http/auth_methods
2013-02-06 16:57:50 -06:00
HD Moore
f0ca4b2f08
Merge remote-tracking branch 'upstream/master'
2013-02-06 16:31:31 -06:00
Tod Beardsley
5357e23675
Fixups to the Linksys module
...
Professionalizes the description a little, but more importantly, handles
LANIP better, I think. Instead of faking a 1.1.1.1 address, just detect
if it's set or not in a method and return the right thing accordingly.
Please test this before landing, obviously. I think it's what's
intended.
2013-02-06 12:46:50 -06:00
Tod Beardsley
e175e2c9e9
typo in method name
2013-02-06 12:19:57 -06:00
HD Moore
22e3458cea
Fix multi-line output due to bad regex flag
2013-02-06 11:27:58 -06:00
Tod Beardsley
faeaa74a49
Msftidy whitespace
2013-02-06 11:06:13 -06:00
sinn3r
0186e290d3
Merge branch 'ovftool_format_string_fileformat' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-ovftool_format_string_fileformat
2013-02-05 15:13:51 -06:00
sinn3r
ebd49eb534
Merge branch 'master' of github.com:rapid7/metasploit-framework
2013-02-05 15:13:09 -06:00
sinn3r
b706af54a0
Merge branch 'ovftool_format_string_browser' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-ovftool_format_string_browser
2013-02-05 15:12:24 -06:00
HD Moore
9af888c03b
Merge pull request #1433 from jjarmoc/jjarmoc-rails_xml_scan
...
rails_xml_yaml_scanner.rb improvements
2013-02-05 12:34:10 -08:00
Matt Andreko
2cdeca5422
Added reference & depth
...
Added reference to IOActive's release.
Added a depth option to allow user to specify how many folders to traverse.
2013-02-05 14:32:50 -05:00
HD Moore
80a8bab02f
Correct the CVE reference
2013-02-05 10:37:24 -06:00
m-1-k-3
43f3bb4fe6
small updates
2013-02-05 13:54:10 +01:00
SphaZ
0f46ed72e1
Using snake_case, fixed using tmp files, changed errorhandling
2013-02-05 12:00:04 +01:00
David Maloney
877fb017b6
remove negotiate requirements
...
winrm can support basic, and now these modules can too, for free
2013-02-04 16:50:43 -06:00
sinn3r
42912bf286
Merge branch 'jjarmoc-rails_methods' of github.com:jjarmoc/metasploit-framework into jjarmoc-jjarmoc-rails_methods
2013-02-04 16:50:01 -06:00
David Maloney
44d4e298dc
Attempting to cleanup winrm auth
2013-02-04 15:48:31 -06:00
Jeff Jarmoc
9b30e354ea
Updates HTTP_METHOD option to use OptEnum.
2013-02-04 15:32:36 -06:00
Jeff Jarmoc
39cafd0cde
Use OptEnum instead of OptString
2013-02-04 15:08:34 -06:00
sinn3r
45db43d2b3
Merge branch 'msftidy/no-twitter-handles' of github.com:todb-r7/metasploit-framework into todb-r7-msftidy/no-twitter-handles
2013-02-04 14:21:40 -06:00
David Maloney
8d013d1034
Merge branch 'master' into http/auth_methods
2013-02-04 13:11:57 -06:00
David Maloney
4c1e630bf3
BasicAuth datastore cleanup
...
cleanup all the old BasicAuth datastore options
2013-02-04 13:02:26 -06:00
David Maloney
8b1febb4cf
add myself to the blame list for the module =P
2013-02-04 12:32:43 -06:00
David Maloney
9497e38ef7
Fix http login scanner
...
Fix the http_login scanner to use new buitin auth
2013-02-04 12:31:19 -06:00
David Maloney
2c3de43f4b
datastore opts cleanup
...
cleanuo digestauth datastore options in modules
2013-02-04 12:10:44 -06:00
jvazquez-r7
9ce5f39bc6
added migrate as initial script
2013-02-04 16:42:56 +01:00
jvazquez-r7
e0d4bb5799
Added module for cve-2012-3569, browser version
2013-02-04 16:37:42 +01:00
jvazquez-r7
135718a97b
Added module for cve-2012-3569, fileformat version
2013-02-04 16:36:33 +01:00
SphaZ
fa1811ac38
changed SOURCE to be OptPath
2013-02-04 15:25:11 +01:00
SphaZ
3b528d7f6d
removed data files from docx
2013-02-04 14:00:13 +01:00
SphaZ
145cf618aa
msftidy
2013-02-04 13:51:01 +01:00
SphaZ
24de0d2274
Data files moved. Updated to use Rex::zip and Msf::Exploit::FILEFORMAT
2013-02-04 13:37:09 +01:00
m-1-k-3
5ca0e45388
initial commit
2013-02-04 08:44:12 +01:00
HD Moore
4c8811bb8a
Add a debug target
2013-02-03 23:24:44 -06:00
HD Moore
191eed88bc
Fix liberal matching expression on target
2013-02-03 21:50:03 -06:00
HD Moore
9379c68e51
Fix typo, auto-fingerprint, unconnected sockets
2013-02-03 21:23:05 -06:00
HD Moore
0660347fca
Explicit mult-line match
2013-02-03 21:06:57 -06:00
HD Moore
42c8a2d265
Add VU and blog references
2013-02-03 18:17:51 -06:00
HD Moore
c24da99104
Update authors, add Richard (thanks!)
2013-02-03 18:13:28 -06:00
HD Moore
9e491f0b1c
Add a fingerprint string and more comments
2013-02-03 18:03:32 -06:00
HD Moore
1f227243b8
Make it clear BadChars are ignored
2013-02-03 17:54:25 -06:00
HD Moore
214a60aa01
iFix spacing
2013-02-03 17:52:33 -06:00
HD Moore
94953d0450
Fix idents from copypasta
2013-02-03 17:48:13 -06:00
HD Moore
975230c9e7
Add the first module for unique_service_name()
2013-02-03 17:46:20 -06:00
HD Moore
47f3c09616
Fix typo that snuck in during merge
2013-02-03 17:38:19 -06:00
HD Moore
5be4d41420
This is redundant/less-reliable than reverse_openssl
2013-02-03 17:35:14 -06:00
HD Moore
6146aeb03b
Merge pull request #1432 from sempervictus/hdm_add_openssl_payloads
...
Add SSL payloads and handler
2013-02-03 15:34:06 -08:00
jvazquez-r7
2bf2d4d8a4
Merge branch 'netgear_sph200d_traversal' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-netgear_sph200d_traversal
2013-02-03 23:35:29 +01:00
Jeff Jarmoc
5e0c18af2f
adding self to credits
2013-02-03 16:14:42 -06:00
Jeff Jarmoc
57c8e41846
Re-order probes and checks.
...
This causes module to exit if error conditions are found, before sending unecessary probes.
2013-02-03 16:10:46 -06:00
Jeff Jarmoc
8dff427776
Allow 4xx codes, display codes in verbose output
2013-02-03 16:07:07 -06:00
Jeff Jarmoc
810470de3b
Make HTTP_METHOD Configurable
2013-02-03 16:05:45 -06:00
RageLtMan
ffb88baf4a
initial module import from SV rev_ssl branch
2013-02-03 15:06:24 -05:00
HD Moore
c3801ad083
This adds an openssl CMD payload and handler
2013-02-03 04:44:25 -06:00
Tod Beardsley
e8def29b4f
Dropping all twitter handles
...
Also adds "pbot" as an accepted lowercase word. This will come up pretty
routinley for functions and stuff.
2013-02-01 16:33:52 -06:00
sinn3r
027ba28e70
Merge branch 'jvazquez-r7-datalife_template'
2013-02-01 16:27:18 -06:00
David Maloney
5814c59620
move httpauth to mixin
...
HttpAuth stuff gets it's own little mixin
mix it in to Exploit::Http::Client
mix in it to Auxiliary::Web::HTTP
2013-02-01 15:12:10 -06:00
HD Moore
a63cf6977c
Fix 1.8 support
2013-02-01 14:39:32 -06:00
HD Moore
d5ae005332
Rename with underscores
2013-02-01 14:39:01 -06:00
HD Moore
4e6c93ec7d
Various style fixes, fix ruby 1.8 compat
2013-02-01 14:38:20 -06:00
jvazquez-r7
c24c926ffa
add aditional check to detect valid device
2013-02-01 20:55:06 +01:00
jvazquez-r7
996ee06b0f
fix another print_ call
2013-02-01 20:43:54 +01:00
jvazquez-r7
152f397a1f
first module cleanup
2013-02-01 20:38:11 +01:00
m-1-k-3
988761a6de
more updates, BID, Exploit-DB
2013-02-01 20:18:53 +01:00
m-1-k-3
fdd5fe77c1
more updates ...
2013-02-01 19:59:19 +01:00
m-1-k-3
0e22ee73b5
updates ...
2013-02-01 19:26:34 +01:00
jvazquez-r7
bf7bb9952e
added template stuff improve
2013-02-01 11:53:42 +01:00
SphaZ
e71c2c5ece
added word_unc_injector auxiliary module
2013-02-01 08:03:41 +01:00
sinn3r
de8572d934
Use normalize_uri for URI
2013-01-31 16:57:48 -06:00
jvazquez-r7
70b252dc7b
Merge branch 'normalize_uri_update2' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-normalize_uri_update2
2013-01-31 22:32:50 +01:00
sinn3r
39cdb89831
Oh don't be so sensitive about it.
...
Fixnum vs String
2013-01-31 15:04:13 -06:00
sinn3r
1a01d6d033
Fix scrutinizer checks
2013-01-31 14:48:54 -06:00
egypt
5332e80ae9
Fix errant use of .to_s instead of .path
2013-01-31 14:18:42 -06:00
sinn3r
4d7daacfb4
I wanna know where it's stored
2013-01-31 11:55:11 -06:00
sinn3r
13da4181c5
Merge branch 'feature/rm7605-version-for-MSCACHE-v1-and-v2' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-feature/rm7605-version-for-MSCACHE-v1-and-v2
2013-01-31 11:51:55 -06:00
jvazquez-r7
b2ce9302c6
uri normalization in the old way
2013-01-31 16:59:49 +01:00
jvazquez-r7
365e1b0557
added module for cve-2013-1412
2013-01-31 16:09:14 +01:00
sinn3r
4de5e475c3
Fix check
2013-01-31 02:15:50 -06:00
sinn3r
66ca906bfb
This is a string, not a variable
2013-01-31 01:56:05 -06:00
sinn3r
c174e6a208
Correctly use normalize_uri()
...
normalize_uri() should be used when you're joining URIs. Because if
you're merging URIs after it's normalized, you could get double
slashes again.
2013-01-30 23:23:41 -06:00
kernelsmith
345c5f32cc
keep it from migrating more than once into explorer.exe
...
thanks for noticing egypt
we should add a migrate_explorer to the post api
2013-01-30 15:40:02 -06:00
jvazquez-r7
1e1cbd7445
Merge branch 'wldap32_railgun' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-wldap32_railgun
2013-01-30 21:01:31 +01:00
sinn3r
a68ad8f600
Merge branch 'bug/rm7021-MySQL-login-scanner-exception' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-bug/rm7021-MySQL-login-scanner-exception
2013-01-30 13:22:33 -06:00
sinn3r
368a7a7c64
Merge branch 'dvr_config' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-dvr_config
2013-01-30 12:39:59 -06:00
sinn3r
ec0db66fcb
Merge branch 'patch-2' of github.com:jjarmoc/metasploit-framework into jjarmoc-patch-2
2013-01-30 12:36:53 -06:00
sinn3r
09fd224763
Merge branch 'patch-1' of github.com:jjarmoc/metasploit-framework into jjarmoc-patch-1
2013-01-30 12:33:40 -06:00
jvazquez-r7
38a6402bf3
Merge branch 'chap_secrets' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-chap_secrets
2013-01-30 19:20:29 +01:00
kernelsmith
e1c037e523
Better error handling
2013-01-30 12:06:57 -06:00
kernelsmith
f649cd53ad
removed commented out code (again)
...
thanks egypt
2013-01-30 11:31:10 -06:00
kernelsmith
32a5a009d6
change loot type to image/jpg
...
thanks egypt
2013-01-30 11:28:47 -06:00
sinn3r
de544dc3d4
Handle multiple IPs
2013-01-30 11:25:43 -06:00
kernelsmith
6659459de5
del Version ref and change platform windows -> win
...
per sinner's comments, thanks sinner.
2013-01-30 10:56:49 -06:00
jvazquez-r7
cf6aae7bb7
add checks for enabled services
2013-01-30 17:37:41 +01:00
jvazquez-r7
668520d8d9
added module for cve-2013-1391
2013-01-30 17:22:03 +01:00
kernelsmith
80a0f0694d
add 'auto' & 'none' VIEW_CMD, fixed looting, ch defaults
2013-01-30 00:49:48 -06:00
sinn3r
c5ab059a1a
Really fix the :host key
2013-01-29 18:24:11 -06:00
Tod Beardsley
b1f8b87f14
Chmod -x the joomla modules. Also fix a title typo
...
joomla_pages was incorrectly titled as "Joomla Version Scanner," which
of course is actually joomla_version.
2013-01-29 17:02:43 -06:00
sinn3r
8a9dba2ffe
Updates host info
2013-01-29 16:35:36 -06:00
m-1-k-3
ea5e993bf3
initial
2013-01-29 22:02:29 +01:00
Tod Beardsley
aaf18f0257
EOL whitespace, yo.
2013-01-29 14:22:30 -06:00