infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
36,219 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

3849 Commits (99a74fd4d20f455cc77c83408d6d15c5df5ba716)

Author SHA1 Message Date
wchen-r7 f0da09090d
Land #6233, Konica Minolta FTP Utility 1.00 Directory Traversal 2015-11-16 13:55:29 -06:00
wchen-r7 740cacb4c0 Check nil 2015-11-16 13:54:36 -06:00
William Vu 4401c6f1fd
Land #6178, rsync modules_list improvements 2015-11-13 10:46:24 -06:00
JT 44948a2ace Add konica_ftp_traversal.rb ( CVE-2015-7603 ) 
This module exploits a directory traversal vulnerability found in Konica Minolta FTP Utility 1.0. This vulnerability allows an attacker to download arbitrary files from the server by crafting a RETR command that includes file system traversal strings such as '..//
 2015-11-13 07:51:42 +08:00
William Vu e8dacf32fd
Land #6182, Heartbleed scanner improvements 2015-11-11 16:59:20 -06:00
William Vu ce3f9e2fab Fix minor style issues 2015-11-11 16:58:20 -06:00
wchen-r7 99607e6e4d
Land #6205, BisonWare BisonFTP Server Directory Traversal 
CVE-2015-7602
 2015-11-11 11:47:45 -06:00
wchen-r7 40bdd2bd01 Do module cleanup for auxiliary/scanner/ftp/bison_ftp_traversal 2015-11-11 11:46:37 -06:00
wchen-r7 c79a66be02
Land #6204, directory traversal for PCMan FTP server 
CVE-2015-7601
 2015-11-11 11:07:34 -06:00
wchen-r7 e6e5bde492 Do module cleanup for auxiliary/scanner/ftp/pcman_ftp_traversal 2015-11-11 11:06:54 -06:00
JT 75a0472db8 Update bison_ftp_traversal.rb 
made some changes
 2015-11-11 14:01:39 +08:00
JT 4716e2e16b Update pcman_ftp_traversal.rb 
made some changes
 2015-11-11 14:00:04 +08:00
Jon Hart 8f86b2519f
Resolve 'duplicate key warning' for some modules 2015-11-09 18:40:32 -08:00
JT e019aa12a0 Update pcman_ftp_traversal.rb 2015-11-08 13:40:23 +08:00
JT f60f2336e3 Update bison_ftp_traversal.rb 2015-11-08 13:39:32 +08:00
JT be85e85d40 Create bison_ftp_traversal.rb 2015-11-08 13:34:10 +08:00
JT bb78025dde Update pcman_ftp_traversal.rb 2015-11-08 13:27:45 +08:00
JT bf362be0a4 Update pcman_ftp_traversal.rb 2015-11-08 13:17:57 +08:00
JT bb9e820372 Create pcman_ftp_traversal.rb 
Adding CVE-2015-7601
 2015-11-08 13:08:23 +08:00
Jon Hart 43229c16e7
Correct some authors with unbalanced angle brackets 2015-11-06 13:24:58 -08:00
Jon Hart f408bca3f0
More correct exception handling 2015-11-06 12:25:27 -08:00
Jon Hart 1473f2cfa7
More consistent printing 2015-11-06 10:03:06 -08:00
Jon Hart 7101ff2ecc
Better handling of motd printing 2015-11-06 09:52:12 -08:00
Jon Hart 55e224b7e7
Improve auth handling 2015-11-06 09:50:39 -08:00
Jon Hart fc97266588
Handle errors more carefully 2015-11-06 09:44:05 -08:00
Jon Hart d3ebb8ae93
Style cleanup of auth checking 2015-11-06 08:34:17 -08:00
dmohanty-r7 a71d7ae2ae
Land #6089, @jvazquez-r7 Fix HTTP mixins namespaces 2015-11-05 16:56:41 -06:00
Jon Hart e96596e8eb
Credit Nixawk/all3g for some of the module review/improvements/ideas 
From:
  https://github.com/rapid7/metasploit-framework/pull/6191
  https://github.com/jhart-r7/metasploit-framework/pull/5
 2015-11-05 09:22:30 -08:00
Jon Hart 0ae2e64bc5
Only mark rsync as req'ing auth true/false if we are sure, otherwise vprint and unknown 2015-11-05 09:20:02 -08:00
Jon Hart f1a79bd207
Make motd printing optional, off by default 2015-11-04 10:11:00 -08:00
Jon Hart 8f497faa09
Make read timeout configurable and shorter by default 
This makes the time spent handling motd almost a non-issue
 2015-11-04 10:01:38 -08:00
Jon Hart 3528bb2fa7
Remove optional motd handling; this is always necessary 
without it, detecting authentication on systems w/ a motd does not work
 2015-11-04 09:43:10 -08:00
Jon Hart 0d3232f93a
break if we get the rsync exit 2015-11-04 09:12:02 -08:00
Jon Hart ba5a8e4806
style 2015-11-04 09:11:07 -08:00
Jon Hart 2cab70294e
sprinkle in peer 2015-11-04 09:05:33 -08:00
Jon Hart 9bcdd19e0a
Correct table 2015-11-04 09:01:07 -08:00
Jon Hart 8f4f187c70
More usable format for module metadata in notes 2015-11-04 08:47:37 -08:00
Jon Hart b7ccee949e
Improve name and description; update authors 2015-11-04 08:42:29 -08:00
Jon Hart c0993c3797
Appease rubocop 
You have 20 seconds to comply
 2015-11-04 08:28:35 -08:00
Jon Hart c265a371d8
Make testing the rsync module for authentication optional, 
but on by default
 2015-11-04 08:25:38 -08:00
Tom Spencer 557dffd8d2 Fixed extra space at end of line 2015-11-02 21:50:39 -08:00
Tom Spencer 4d97e33bc5 Dramatic speed-up in bleeding, improved verbose output of leaked data. 2015-11-02 16:07:21 -08:00
Jon Hart 3c92b109d7
Don't wait for motd when testing for auth 2015-11-02 10:49:48 -08:00
Jon Hart 6c0034fba6
get_once for negotiation and trailing motd_lines 
This feels hacky.
 2015-11-02 09:32:54 -08:00
Jon Hart a120dd1ea9
Return nil when no motd lines 2015-11-02 09:18:10 -08:00
Jon Hart 962cf77873
Not all modules have comments 2015-11-02 09:14:41 -08:00
Jon Hart 4effd3aa81
Handle case where motd comes after negotiation 2015-11-02 09:12:57 -08:00
Jon Hart d18b6ff9cd
More doc, error handling 2015-10-30 13:13:44 -07:00
Jon Hart ff1d0709e0
vprint if the thing isn't rsync 2015-10-30 12:39:06 -07:00
Jon Hart eb99aaa216
Print out modules before building/reporting table 2015-10-30 09:49:07 -07:00