Royce Davis
683bcd4b82
Added disconnect method to command.rb
2012-11-12 11:25:12 -06:00
Royce Davis
e57275d3f6
added check cleanup method to command.rb
2012-11-12 09:46:02 -06:00
Chris John Riley
cffedd0c97
Set back to target_uri.path
2012-11-11 12:04:31 +01:00
Royce Davis
6e257d5f57
Simplify main method
2012-11-09 08:50:09 -06:00
Chris John Riley
0dd4f4d03d
Formatting
2012-11-08 17:51:06 +01:00
Chris John Riley
f88ec5cbc8
Add normalize_uri to modules that may have
...
been missed by PULL 1045.
Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)
ref --> https://github.com/rapid7/metasploit-framework/pull/1045
2012-11-08 17:42:48 +01:00
HD Moore
4d2147f392
Adds normalize_uri() and fixes double-slash typos
2012-11-08 07:16:51 -06:00
Royce Davis
22ecd6afa9
Edit command.rb
2012-11-07 15:17:13 -06:00
Royce Davis
18aab8bcc7
Remove extrat comment lines from command.rb
2012-11-07 15:09:57 -06:00
Royce Davis
d159aa6f9f
Changed error handeling of command.rb module
2012-11-07 15:03:31 -06:00
Royce Davis
ac518f7091
Removed double lines in Author field and general URLs
2012-11-07 08:22:09 -06:00
Royce Davis
aec4d99549
ran msftidy on command.rb
2012-11-06 16:33:47 -06:00
Royce Davis
9f87b7b674
Removed smb_exec from this branch
2012-11-06 16:18:38 -06:00
Royce Davis
0b940d8087
New module command.rb
2012-11-05 12:03:51 -06:00
Royce Davis
aa6e8c7437
smb_exec
2012-11-05 11:46:39 -06:00
Royce Davis
a9db705b60
New module for submission smb_exec
2012-11-05 11:45:03 -06:00
sinn3r
2c4273e478
Correct some modules with res nil
2012-10-29 04:41:30 -05:00
sinn3r
f1423bf0b4
If a message is clearly a warning, then use print_warning
2012-10-24 00:44:53 -05:00
Michael Schierl
910644400d
References EDB cleanup
...
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
Michael Schierl
04a6021631
Privileged cleanup: auxiliary modules can't
2012-10-22 20:36:49 +02:00
Michael Schierl
39e81d3e53
Arch/Platform cleanup: aux modules need neither
2012-10-22 20:28:02 +02:00
sinn3r
ae690f5fd3
Remove that extra "," that breaks Ruby 1.8
2012-10-20 02:11:49 -05:00
jvazquez-r7
7b1c35624e
Merge branch 'mssql_ntlm_stealer' of https://github.com/nullbind/metasploit-framework into nullbind-mssql_ntlm_stealer
2012-10-17 22:50:54 +02:00
jvazquez-r7
1f55e02535
minor cleanup
2012-10-17 22:21:28 +02:00
jvazquez-r7
12e2ff9bb5
proposed cleanup
2012-10-17 19:03:28 +02:00
nullbind
c52b834f50
updated name and description
2012-10-16 14:37:02 -05:00
nullbind
d8c2aa9796
added mssql ntlm stealer for sqli
2012-10-16 14:26:10 -05:00
nullbind
fafa6e49ce
address comments from jvazquez
2012-10-16 12:10:37 -05:00
nullbind
553ce82e79
added mssql ntlm stealer
2012-10-15 13:29:51 -05:00
sinn3r
54ed60e24e
Forgot to remove the second require
2012-09-24 18:50:53 -05:00
sinn3r
6bd450e114
Make Ruby 1.8 happy
2012-09-24 18:49:41 -05:00
David Maloney
f75ff8987c
updated all my authour refs to use an alias
2012-09-19 21:46:14 -05:00
Tod Beardsley
c83b49ad58
Unix linefeeds, not windows
...
That's what I get for just committing willy-nilly with a fresh install
of Gvim for Windows.
Also, this is an experiment to see if linefeeds are being respected in
this editor Window. I doubt it will be, given GitHub's resistence to
50/72 as a sensible default.
2012-09-16 18:10:35 -05:00
Tod Beardsley
2fc34e0073
Auth successful, not successfully
...
Just fixing up some adverb versus adjective grammar.
2012-09-16 17:51:00 -05:00
jvazquez-r7
63d2d60c68
delete don't needed line
2012-09-15 23:56:38 +02:00
jvazquez-r7
ff2e9fc157
add changes proposed by sinn3r
2012-09-15 23:55:55 +02:00
jvazquez-r7
70ff7621d6
added module for CVE-2012-2983
2012-09-15 15:11:12 +02:00
jvazquez-r7
6771466cb7
Added module for CVE-2011-2750
2012-09-13 17:24:16 +02:00
Tod Beardsley
32e2232de3
Disambiguating hkm from hdm
...
Having an author name of "hkm" really looks like a typo for "hdm," but
it's not.
2012-09-11 11:13:20 -05:00
Tod Beardsley
aaf7fcd5e9
Closing bracket doh
2012-09-07 08:57:27 -05:00
Tod Beardsley
53e4818c2e
Humble-desser, not humble-dresser
2012-09-07 08:49:27 -05:00
Tod Beardsley
ff97b1da00
Whitespace EOL
2012-09-05 14:04:20 -05:00
Tod Beardsley
b8132cae5c
Add the redistribution comment splat
2012-09-04 15:58:43 -05:00
Tod Beardsley
15f1dd8525
Moving greetz to Author fields
2012-09-04 15:58:43 -05:00
Tod Beardsley
6e7cbe793c
Spamguard e-mail addresses, make auth name consistent
2012-09-04 15:58:43 -05:00
Tod Beardsley
f80abaf0d1
Dropping trailing whitespace
2012-09-04 15:58:42 -05:00
nullbind
114ade6bea
applied todb requested fixes, and added sql 2k support
2012-09-04 15:58:42 -05:00
nullbind
6cd6f9d5d1
minor comment updates
2012-09-04 15:58:42 -05:00
nullbind
7e168f2e5c
Modified module to write query results to a file with report/loot options
2012-09-04 15:58:42 -05:00
nullbind
522fb401e9
Find data on a SQL Server, sample it, and write it to a CSV file.
2012-09-04 15:58:42 -05:00
sinn3r
b4b860f356
Correct MC's name
2012-08-08 14:16:02 -05:00
sinn3r
b46fb260a6
Comply with msftidy
...
*Knock, knock!* Who's there? Me, the msftidy nazi!
2012-08-07 15:59:01 -05:00
sinn3r
f26053c2c3
Add vendor's name in there for easier searching
2012-08-07 12:16:52 -05:00
sinn3r
614ae02a26
Add CVE-2012-2626 Scrutinizer add-user aux mod
2012-08-07 12:13:25 -05:00
Tod Beardsley
d5b165abbb
Msftidy.rb cleanup on recent modules.
...
Notably, DisclosureDate is required for other module parsers, so let's
not ignore those, even if you have to guess at the disclosure or call
the module's publish date the disclosure date.
2012-08-04 12:18:00 -05:00
Rob Fuller
76fee330ee
Squashed commit of the following:
...
commit dadb717f5e17851a85183847f3fdb01e45e6caaa
Author: James Lee <egypt@metasploit.com>
Date: Fri Aug 3 18:48:53 2012 -0600
Rescue SMB errors
Prevents backtraces and gives the user some idea of what happened.
Specifically useful for STATUS_ACCESS_DENIED and STATUS_LOGON_FAILURE.
commit aba203ead75eec22606f52d7eb67f1581c44c4df
Author: Rob Fuller <jd.mubix@gmail.com>
Date: Fri Jul 20 03:24:26 2012 -0400
add SMB list directory module
[Closes #628 ]
2012-08-03 19:00:11 -06:00
sinn3r
981ba60fee
Fix exception handlings
...
Two things:
1. Make msftidy happy
2. Exception handling shouldn't be used to shut errors up.
2012-07-18 12:05:14 -05:00
Rory McCune
464df4ed1d
Oraenum - added error handling
...
The oraenum module has errror handling to catch instances where the user used to run the checks doesn't have the appropriate rights, however in one place (The default password check) the error handling code isn't included. This patch just adds the same check for that code.
2012-07-18 09:22:22 +01:00
sinn3r
78edf15a86
Improve module
2012-07-17 08:39:56 -05:00
sinn3r
dde2254f29
rename file
2012-07-17 08:36:02 -05:00
sinn3r
d5711efd26
Merge branch 'master' of https://github.com/j0hnf/metasploit-framework into j0hnf-master
2012-07-17 08:35:49 -05:00
sinn3r
e5dd6fc672
Update milw0rm references.
...
milw0rm.com is long gone, so all milw0rm references are just
a bunch of broken links. Change to exploit-db instead.
2012-06-28 14:27:12 -05:00
Tod Beardsley
97974d9241
Shorten title for display
2012-06-27 10:19:46 -05:00
j0hn__f
7d20f14525
exec SQL from file
2012-06-26 12:40:34 +01:00
j0hn__f
83260c9c89
module to exe SQL queries from a file
2012-06-26 12:15:30 +01:00
sinn3r
f93658b37a
Minor name change
2012-06-25 15:51:02 -05:00
sinn3r
637edc21ce
Add CVE-2010-2731
2012-06-25 15:48:36 -05:00
Tod Beardsley
302ab963d1
Adding ref for intersil module
2012-06-20 15:05:56 -05:00
James Lee
7c417fa977
Add a select command for the various SQL modules
2012-06-18 23:59:57 -06:00
sinn3r
e72303a922
Add Intersil HTTP Basic auth pass reset (originally #453 )
...
The modified version of pull request #453 . This addresses a couple
of things including:
* Change the description to better explain what the vulnerability is.
The advisory focuses the problem as an auth bypass, not DoS,
although it can end up dosing the server.
* The title and filename are changed as a result of matching that
advisory's description.
* Use 'TARGETURI' option instead of 'URI'.
* The reset attempt needs to check if the directory actually has
401 in place, otherwise this may result a false-positive.
* The last HTTP request needs to check a possible nil return value.
* More verbose outputs.
2012-06-16 21:14:57 -05:00
sinn3r
72cdd67cd0
Remove function cleanup()
...
There is no point of having this function, because there's nothing
in it.
2012-06-06 00:54:04 -05:00
sinn3r
3f0431cf51
Massive whitespace destruction
...
Remove whitespace found at the end of the line
2012-06-06 00:36:17 -05:00
sinn3r
c30af98b53
Massive whitespace destruction
...
Remove all the lines that have nothing but whitespace
2012-06-06 00:22:36 -05:00
sinn3r
0fcc53b0a2
Handle nil for get_once
2012-06-04 15:31:10 -05:00
sinn3r
01803c4a33
Fix possible nil res. Bug #6939 . Part 1.
2012-06-04 13:11:47 -05:00
Christian Mehlmauer
3752c10ccf
Adding FireFart's RPORT(80) cleanup
...
This was tested by creating a resource script to load every changed
module and displaying the options, like so:
````
use auxiliary/admin/2wire/xslt_password_reset
show options
use auxiliary/admin/http/contentkeeper_fileaccess
show options
````
...etc. This was run in both the master branch and FireFart's branch
while spooling out the results of msfconsole, then diffing those
results. All modules loaded successfully, and there were no changes to
the option sets, so it looks like a successful fix.
Thanks FireFart!
Squashed commit of the following:
commit 7c1eea53fe3743f59402e445cf34fab84cf5a4b7
Author: Christian Mehlmauer <FireFart@gmail.com>
Date: Fri May 25 22:09:42 2012 +0200
Cleanup Opt::RPORT(80) since it is already registered by Msf::Exploit::Remote::HttpClient
2012-06-02 09:53:19 -05:00
sinn3r
86ba759c07
Oops, I left one more anonymous out.
2012-05-26 15:30:20 -05:00
sinn3r
c606896122
Multiple fixes and improvements:
...
* Make session ID configurable based on feature #6894's suggestion.
* Fix a potential bug when res is nil.
* Use print_error() to make the error message more readable.
2012-05-24 02:16:29 -05:00
James Lee
22601180f3
Save the pilfered file as loot
2012-05-23 18:07:13 -06:00
Tod Beardsley
336a00bc54
Fixing CVE reference
2012-05-16 14:34:04 -05:00
Tod Beardsley
82885cc6e5
Fixing author tags
...
Ensuring a space between name and email.
2012-05-15 15:45:07 -05:00
James Lee
bc6ec537f9
Fix a ruby 1.8 compat error
...
Can't have commas at the end of argument lists.
2012-05-15 11:53:49 -06:00
sinn3r
8b06835109
Make changes to proper API usage, whitespace, and extra characters.
2012-05-15 01:26:42 -05:00
pyoor
a8b534ddec
Cisco Secure ACS Module - Updated error handling
2012-05-14 20:03:26 -04:00
pyoor
2e49e56126
Made suggested changes
2012-05-14 19:50:34 -04:00
pyoor
6b6dc60b25
Cisco Secure ACS Auth Bypass Module
2012-05-13 16:16:18 -04:00
Tod Beardsley
aa3930fcb9
Typo on fixed tftp module
2012-05-10 21:42:33 -05:00
Tod Beardsley
36c805c5ff
Move the context setting to the module
...
Apparently you can't hit the framework object before running the module
any more. Bummer.
[Fixes #6843 ]
2012-05-10 21:21:32 -05:00
HD Moore
5151a4c530
Cosmetic
2012-05-03 00:33:09 -05:00
HD Moore
99d7b2601c
Cosmetic
2012-05-03 00:31:50 -05:00
sinn3r
91763dd063
Fix 1.8 compatibility
2012-04-25 15:54:42 -05:00
sinn3r
b0a76a1aa1
Add wake-on-lan module
2012-04-21 03:29:49 -05:00
Tod Beardsley
dfe2bbc958
Use rport for modicon_password recovery, not 21.
2012-04-07 13:03:43 -05:00
Tod Beardsley
461352f24f
Don't need to require net/ftp anymore
...
Nothing actually used it anyway.
2012-04-06 10:35:28 -05:00
Tod Beardsley
9c8e6ac9da
Ruby 1.8 compat for the SCADA modules.
...
But really, you should be using Ruby 1.9 by now.
2012-04-05 17:05:03 -05:00
Tod Beardsley
14d9953634
Adding DigitalBond SCADA modules
2012-04-05 12:35:48 -05:00
Tod Beardsley
0df4a8a63d
Rogue period, DELETED.
2012-03-28 14:29:31 -06:00
Jonathan Cran
2c3e296b36
remove trailing comma, thanks troulouliou
2012-03-28 14:29:31 -06:00
Tod Beardsley
47493af103
Merge pull request #259 from todb-r7/edb-2
...
Convert Exploit-DB references to first-tier "EDB-12345" references
2012-03-23 12:09:07 -07:00
sinn3r
10733f6a1c
Update description
2012-03-23 13:05:40 -05:00
sinn3r
41bc8ded3d
Add HP Data Protector aux module for executing commands on Windows
2012-03-23 07:57:13 -05:00
Tod Beardsley
2f3bbdc00c
Sed replacement of exploit-db links with EDB refs
...
This is the result of:
find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/ \([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
sinn3r
aeb691bbee
Massive whitespace cleanup
2012-03-18 00:07:27 -05:00
sinn3r
7c77fe20cc
Some variables don't need to be in a double-quote.
2012-03-17 20:37:42 -05:00
David Maloney
6011da7db8
More Virtualisation SSL fixes
2012-03-15 19:06:48 -05:00
James Lee
2b9acb61ad
Clean up some incosistent verbosity
...
Modules should use `vprint_*` instead of `print... if
datastore["VERBOSE"]` or similar constructs
2012-03-06 12:01:20 -07:00
James Lee
3a33434867
Fix a couple of typos that throw off module authors
2012-03-05 13:28:46 -07:00
Tod Beardsley
302853f5a4
Unpolluting SVN Revision keyword
...
Sometimes Revision keywords get expanded, too. Fix those.
2012-03-02 10:18:32 -06:00
Tod Beardsley
3626d48db2
Un-polluting SVN Id keyword
...
Sometimes the SVN Id keyword sneaks back into the github repo already
expanded.
2012-03-02 10:18:32 -06:00
Efrain Torres
b608aeeeb7
Migrating modules to use report_web_vulns and minor fixes
2012-03-02 10:18:32 -06:00
Efrain Torres
a2e5a4d9d5
New wmap version 1.5. Plugin and mixin changes. Modules edited to adjust to naming convention
2012-03-02 10:18:31 -06:00
James Lee
464cf7f65f
Normalize service names
...
Downcases lots and standardizes a few. Notably, modules that reported a
service name of "TNS" are now "oracle". Modules that report http
now check for SSL and report https instead.
[Fixes #6437 ]
2012-02-21 22:59:20 -07:00
HD Moore
ceb4888772
Fix up the boilerplate comment to use a better url
2012-02-20 19:40:50 -06:00
James Lee
89e0842b1e
Add vim_soap to the mixins list.
...
Fixes an issue where a different module load order would result in one
of the vmware modules failing to load be cause vim_soap hadn't been
required yet. Thanks d0rm0us3 for having a weird system and spotting
stuff like this.
2012-02-20 13:17:45 -07:00
sinn3r
a8d56afda6
Use store_loot() to save data to local disk
2012-02-20 01:30:11 -06:00
Matt Buck
e0a75c1b2c
Merge branch 'release/4.2-stable'
...
Conflicts:
lib/msf/core/model/host.rb
2012-02-19 22:57:22 -06:00
David Maloney
36dc0fee50
Better dynamic soap generation for all the vmware stuff
2012-02-18 18:29:46 -06:00
sinn3r
bb5e4a1600
Modules don't need to register VERBOSE, because it's already there
2012-02-17 21:07:44 -06:00
David Maloney
8d7ddab2af
Some minor bug fixes
...
Added vm_tag module for 'flag planting'
2012-02-16 00:45:48 -06:00
David Maloney
a2778ea297
minor fixes to multi-session terminate
2012-02-15 16:50:12 -06:00
David Maloney
082b4acca8
Changed terminate session module to handle multiple sessions per run
2012-02-15 16:47:02 -06:00
David Maloney
c9cf47bd4c
Add Terminate Session module and some extra goodness to enum sessions
2012-02-15 16:39:13 -06:00
David Maloney
e67e9ab34f
Adds a power off vm aux module
2012-02-14 20:52:45 -06:00
David Maloney
a256a6fb0b
Adds a power on vm module
2012-02-14 20:44:11 -06:00
HD Moore
29b99aa7b4
Fix up titles/add boundary check for reporting external host
2012-02-08 12:23:46 -06:00
Tod Beardsley
fe22090a12
Correct e-mail format
2012-01-26 13:04:38 -06:00
Joshua J. Drake
31fb7e7b28
Fallback to writing a new file if resuming fails
2012-01-25 14:49:30 -06:00
Jon Hart
7ec5f98480
Adding jhart's natpimp libary and modules.
...
Made some minor corrections -- dropped the #vim splats, switched to msf
constants for service open etc, namely.
[See #106 ]
2012-01-24 10:32:30 -06:00
sinn3r
b202c29153
Correct e-mail format
2011-12-29 11:27:10 -06:00
David Maloney
5e1efdcd73
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-12-22 10:49:53 -05:00
David Maloney
30141f3008
Fix typo in the oracle enum aux module
...
The password grace time query was not checking the right value,
spotted by user bNull in the IRC channel.
2011-12-22 10:47:57 -05:00
Tod Beardsley
743a0546f1
Don't blow up if the user doesn't set a filename
...
Can't actually require FILENAME or REMOTE_FILENAME because I don't know
if you're going to upload or download. However, there shouldn't be a
stacktrace when you just try to go with neither.
2011-12-21 16:26:29 -06:00
Tod Beardsley
11a27a1e61
Renaming TFTP transfer util.
...
See #5291 . Just renaming the file.
2011-12-20 10:06:44 -06:00
Tod Beardsley
24d53efa7c
Final touches on TFTP client
...
See #5291 . Adds an option to mess with the block size in case someone
wants to write a fuzzer or exploit that leverages that. Adds a cleanup
method to the module (pretty much required, it turns out). Looking
nearly final, just need to rename the module and I think we're good to
push to master.
2011-12-20 10:03:04 -06:00
Tod Beardsley
677cb4b152
Handle empty data sends sanely for TFTP.
...
Don't just hang forever -- let the user know they just send empty data.
TFTP servers don't like this of course.
2011-12-19 21:56:03 -06:00
Tod Beardsley
2b3e3725ac
TFTP adding comment docs, ability to send w/out a file.
...
Commenting the tricksy parts a little better for general usage.
Adding the ability to set FILEDATA instead of FILENAME, in case
only short bits of data are desired and the user doesn't want
to go to the trouble of creating a source file to upload.
2011-12-19 18:15:19 -06:00
Tod Beardsley
431ef826c9
TFTP client now uses constants, preserves trailing spaces/nulls in data
...
See #5291 , just rediscovered the bug on this.
2011-12-19 16:33:25 -06:00
Tod Beardsley
5eaf2e7535
Adding download and loot functionality.
...
Still need to deal with the use case of not passing a block; blocks
should not be required, it should be okay to invoke and just wait for
the complete attribute to be true. You'll miss out on error messages but
eh, maybe those should be return values.
2011-12-19 15:50:50 -06:00
Tod Beardsley
aecde6fea4
Updating TFTP client. Now with grown-up thread handling.
...
No longer blocks on successful connections.
2011-12-19 12:14:40 -06:00
Tod Beardsley
902d7f5ea7
Adding more to TFTP. Still need a read tho
...
Adds error checking and some helpful messaging in the event of an error.
In the event of a failed transfer the module exits immediately, but in
success, I'm still hanging around for several seconds after. Not a deal
breaker but can be annoying.
Also, need to implement a read as well as a write and store it as loot,
to be actually useful for most TFTP checking.
2011-12-18 21:05:27 -06:00
Tod Beardsley
23aadd04f7
Fixing merge conflict cruft
...
Dangit teach me to merge quickly. TFTP module now loads again.
2011-12-18 13:28:52 -06:00
Tod Beardsley
1201d7fbf2
Merge branch 'tftp_client' of github_r7:rapid7/metasploit-framework into tftp_client
...
Conflicts:
modules/auxiliary/admin/tftp/tftp_upload_file.rb
2011-12-16 22:41:22 -06:00
Tod Beardsley
0b8914021c
Switch to vprint_status, also add skeletal cleanup def.
2011-12-16 21:06:10 -06:00
Tod Beardsley
50fa10679b
First draft of a TFTP client.
...
Could use some actual error checking and also needs to expose
more options.
2011-12-16 18:41:55 -06:00
Tod Beardsley
a6867ef128
First draft of a TFTP client.
...
Could use some actual error checking and also needs to expose
more options.
2011-12-16 18:39:09 -06:00
sinn3r
bb2ea62de8
Add CVE-2008-0926: Novell eDirectory eMBox Unauthenticated Access (Feature #2729 )
2011-12-15 23:09:26 -06:00
sinn3r
7b2a1dc791
Repair dead milw0rm link to exploit-db
2011-12-13 16:11:33 -06:00
Rob Fuller
c411c216c0
Solved most of msftidy issues with the /modules directory
2011-11-28 17:10:29 -06:00
James Lee
67120d4263
msftidy on aux modules, see #5749
2011-11-20 13:12:07 +11:00
HD Moore
d75e4aead3
Cosmetic changes
2011-11-10 15:45:02 -06:00
Steve Tornio
0c36915dae
add osvdb ref
2011-11-10 13:24:26 -06:00
wchen-r7
453082678f
Add CVE-2010-1871 (Feature #5922 )
2011-11-10 10:21:17 -06:00
Wei Chen
9ff5eabb4b
Fix #4915
...
git-svn-id: file:///home/svn/framework3/trunk@14201 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-09 08:51:47 +00:00
Wei Chen
7ffcf62a2e
Add #5364
...
git-svn-id: file:///home/svn/framework3/trunk@14181 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 17:34:42 +00:00
Tod Beardsley
e1ffdfdb18
Fixes #3199 , jduck caught the funky behavior of seek and ruby's "ab" and "wb" file mode. See also http://pastie.org/2789573
...
git-svn-id: file:///home/svn/framework3/trunk@14128 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 19:06:09 +00:00
Tod Beardsley
45d8c91929
Fixes #3199 . Note that hex notation (0x41) is okay for OptInt. Ruby integers can be 0x41, 0101, 0b01000001, which are all 65, so dropped that chunk and clarified the option instead of forcing a string and a conversion.
...
git-svn-id: file:///home/svn/framework3/trunk@14102 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-28 20:58:46 +00:00
Wei Chen
82e1b87a21
#5541
...
git-svn-id: file:///home/svn/framework3/trunk@14064 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 16:43:58 +00:00
Wei Chen
17f518897f
Moved from auxiliary/scanner/sap
...
git-svn-id: file:///home/svn/framework3/trunk@14030 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-22 21:33:53 +00:00
Wei Chen
975cc52bac
Fix spelling errors
...
git-svn-id: file:///home/svn/framework3/trunk@13983 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 00:54:05 +00:00
Tod Beardsley
e9461c766e
Msftidy run against a bunch of whitespace violations, a few line too longs.
...
git-svn-id: file:///home/svn/framework3/trunk@13962 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 02:42:01 +00:00
Wei Chen
6ffa61b314
Apply patch for bug #5212
...
git-svn-id: file:///home/svn/framework3/trunk@13815 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-04 19:10:33 +00:00
Patrick Webster
5c41385284
Added aux module trendmicro_dlp_traversal.
...
git-svn-id: file:///home/svn/framework3/trunk@13772 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-22 07:34:53 +00:00
Matt Weeks
acae5dcdc8
Killing puts.
...
Die, puts, die!!
git-svn-id: file:///home/svn/framework3/trunk@13715 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-11 02:42:39 +00:00
HD Moore
400afbadf8
Fixes #5392 by closing the listener after accepting the connection. Fixes a number of formatting and api issues
...
git-svn-id: file:///home/svn/framework3/trunk@13682 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-02 16:19:28 +00:00
HD Moore
5fa7ddf5f4
Move this aux module out of the exploits tree
...
git-svn-id: file:///home/svn/framework3/trunk@13657 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-29 15:30:13 +00:00
David Rude
cacc3f237c
Added improvements to this module to use a wordlist of known sensitive files
...
git-svn-id: file:///home/svn/framework3/trunk@13654 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-29 03:13:22 +00:00
Mario Ceballos
aef764de08
working on moving things referenced in Feature #653 . added different param for secure backup
...
git-svn-id: file:///home/svn/framework3/trunk@13591 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 18:35:29 +00:00
Patrick Webster
392684736d
Added aux module check_dir_file.
...
git-svn-id: file:///home/svn/framework3/trunk@13578 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-18 04:10:17 +00:00
James Lee
d50577066f
remove some silliness of registering UserAgent as an option since it's already an advanced option for HttpClient, make the default obvious
...
git-svn-id: file:///home/svn/framework3/trunk@13394 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-28 22:57:47 +00:00
Wei Chen
067f9bf053
Fix URL reference
...
git-svn-id: file:///home/svn/framework3/trunk@13329 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-24 19:36:37 +00:00
Wei Chen
e115e78f8d
Fix CVE
...
git-svn-id: file:///home/svn/framework3/trunk@13327 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-24 19:20:02 +00:00
Steve Tornio
46451acec5
add/fix some cve and osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@13270 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-21 01:10:40 +00:00
Carlos Perez
f3b404b971
Misspelled variable
...
git-svn-id: file:///home/svn/framework3/trunk@13196 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-17 14:30:06 +00:00
Wei Chen
a795dc7552
Added 2Wire Password Reset module by Travis
...
git-svn-id: file:///home/svn/framework3/trunk@13121 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-07 20:48:53 +00:00
HD Moore
6ccbaedd57
Add the CVE reference
...
git-svn-id: file:///home/svn/framework3/trunk@12972 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-18 17:52:21 +00:00
Carlos Perez
0ea7516e09
forgot to cover some checks for when no rows where returned.
...
git-svn-id: file:///home/svn/framework3/trunk@12864 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-06 01:45:55 +00:00
Mario Ceballos
3fedad5715
add matteo's patch.
...
git-svn-id: file:///home/svn/framework3/trunk@12666 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-19 19:02:58 +00:00
Patrick Webster
fb33b0cbfd
Added contentkeeper_fileaccess aux traversal module.
...
git-svn-id: file:///home/svn/framework3/trunk@12288 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-10 15:27:17 +00:00
Steve Tornio
8aff852f5a
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12218 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-02 13:41:19 +00:00
Mario Ceballos
cab7a1b3e4
added auxiliary module zend/java_bridge.rb
...
git-svn-id: file:///home/svn/framework3/trunk@12212 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-01 22:01:46 +00:00
Mario Ceballos
3f7e3ee93f
added auxiliary module igss_exec_17.rb
...
git-svn-id: file:///home/svn/framework3/trunk@12077 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 01:58:09 +00:00
Tod Beardsley
3f1ceea349
Fixes #3655 . Subbed out all the :proto's that were really :snames for all the note reporting. This was getting caught anyway in most cases, but it's better to have the modules themselves actually be correct for future copy-pasters.
...
git-svn-id: file:///home/svn/framework3/trunk@11707 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-04 01:54:32 +00:00
HD Moore
26aca9d6ba
Swap some module locations, add loot and cred reporting
...
git-svn-id: file:///home/svn/framework3/trunk@11271 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-10 05:47:33 +00:00
Joshua Drake
8f55c83ed0
clean up some oracle titles
...
git-svn-id: file:///home/svn/framework3/trunk@11128 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 19:43:49 +00:00
Joshua Drake
e9faf75503
fix some more titles with periods
...
git-svn-id: file:///home/svn/framework3/trunk@11127 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 19:35:38 +00:00
Joshua Drake
3bd3ea5724
carlos, plz use the ./tools/msftidy.rb script, see #3198
...
git-svn-id: file:///home/svn/framework3/trunk@11091 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 09:11:25 +00:00
Carlos Perez
a4e77c13cc
Applied patch by Manuel Schilt
...
git-svn-id: file:///home/svn/framework3/trunk@11059 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-18 01:58:46 +00:00
Joshua Drake
3992eb7ef8
Mass RE-update: fix all framework URL references
...
git-svn-id: file:///home/svn/framework3/trunk@10998 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:43:22 +00:00
Joshua Drake
9fc6f2f3a3
Mass update: fix all framework URL references
...
git-svn-id: file:///home/svn/framework3/trunk@10996 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:25:13 +00:00
James Lee
1384ba6620
fix a typo. see #2578
...
git-svn-id: file:///home/svn/framework3/trunk@10680 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-14 18:24:56 +00:00
Joshua Drake
4590844871
tons of indentation fixes, some other style tweaks
...
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 08:06:27 +00:00
HD Moore
e59ec467af
Quick SMB upload module for when you need to upload a file via PTH
...
git-svn-id: file:///home/svn/framework3/trunk@10387 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 04:03:26 +00:00
HD Moore
9b5d613563
Additional D-Link target from John Sawyer
...
git-svn-id: file:///home/svn/framework3/trunk@10219 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-02 14:34:18 +00:00
HD Moore
800812a1d0
This commit adds functional exploits for retrieving the Apple Airport Extreme password through the VxWorks debugger service and for setting the auto-answer flag to true for the D-Link i2Eye video conferencing system.
...
git-svn-id: file:///home/svn/framework3/trunk@10218 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-02 14:32:39 +00:00
cg
6b1eb27ab5
put scanner modules in the scanner directory
...
git-svn-id: file:///home/svn/framework3/trunk@10210 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-01 01:49:06 +00:00
cg
36bbd6e8b6
coldfusion directory traversal module
...
git-svn-id: file:///home/svn/framework3/trunk@10209 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-01 01:43:48 +00:00
Joshua Drake
aac956db50
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@10128 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-24 18:22:48 +00:00
Patrick Webster
bb9be48739
Added tomcat utf8 traversal aux module.
...
git-svn-id: file:///home/svn/framework3/trunk@10104 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-23 16:17:43 +00:00
Tod Beardsley
6d6a547b34
Fixes #2412 . Adds a creds table, modifies the db_report_auth API, adds the db_creds and db_add_cred commands.
...
git-svn-id: file:///home/svn/framework3/trunk@10034 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-18 00:58:20 +00:00
Steve Tornio
6f309d0351
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@9957 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-04 21:21:31 +00:00