181606e7cc
Single byte description update. Adds a period.
2013-10-11 15:04:25 -05:00
63349e4664
Add OSVDB and BID references
2013-10-11 09:14:59 -05:00
b26085457f
Trying to prevent @jvazquez-r7 from crying when reading my code:
...
- Documented fields in the several tables;
- Fixed the "remote" field location on the fs_table (changed due to REXML parsing);
- Fixed Total Memory field on os_table (bug?);
2013-10-11 11:29:27 +01:00
9ca9b4ab29
Merge branch 'master' into data_dir
...
Conflicts:
lib/msf/core/auxiliary/jtr.rb
2013-10-10 19:55:26 +01:00
09f0db7fdf
Switch to rexml parsing, add some comments and cleanup
2013-10-10 13:19:10 -05:00
9516bc5cf7
Retab changes for PR #2142
2013-10-10 11:02:51 -05:00
cdc7b75a78
Merge for retab
2013-10-10 11:02:16 -05:00
c264480651
Code cleanup, tried to implement suggestions from @jvazquez-r7. Hopefully is much more readable.
2013-10-10 11:58:33 +01:00
813013fef5
Make defaults sane for the lockoutable smb_login
...
See #2376
2013-10-04 15:53:16 -05:00
db11e88255
Land #2321 , @juushya's aux module for Sentry CDU enumeration
2013-10-04 08:35:54 -05:00
37e1e6533c
changed default options
...
Updated these default options to false:
'DB_ALL_CREDS' => false
'BLANK_PASSWORDS' => false
2013-10-04 02:48:42 +05:30
8aac3922f3
add radware_appdirector_enum
...
This module scans for Radware AppDirector's web login portal, and performs login brute force to identify valid credentials.
- mstidy.tb & retab.rb run done
- stop_on_success is set to true. Important, otherwise the app starts dropping bf source.
- slowing down brute force speed seems to work though, but can take a long time if more creds to check &| more targets
- better to run bf with 2-3 creds against range, & then come back with more creds if needed
2013-10-03 20:15:52 +05:30
773abf0567
Pow, tab assassinated.
2013-10-02 17:16:38 -05:00
c460f943f7
Merge branch 'master' into data_dir
...
Conflicts:
modules/exploits/windows/local/always_install_elevated.rb
plugins/sounds.rb
scripts/meterpreter/powerdump.rb
scripts/shell/spawn_meterpreter.rb
2013-10-02 20:17:11 +01:00
7118f7dc4c
Land #2422 - rm methods peer & rport
...
Because they're already defined in the HttpClient mixin
2013-09-30 16:01:59 -05:00
9ada96ac51
Fix sqlmap accidental codepoint
...
See http://www.ruby-doc.org/core-1.9.3/String.html#method-i-3C-3C
Apparently, String#<< uses Integer#chr, not Integer#to_s. News to me.
Fixed originally by @TsCl in PR #2435 , but fixing seperately in order to
avoid screwing up his downstream tracking. Note, this isn't a merge, so
using Closes tag on the commit message.
[Closes #2435 ]
2013-09-30 11:23:17 -05:00
7ba846ca24
Find and replace
2013-09-26 20:34:48 +01:00
8696b5d2dc
Fix bug on missing hosts for SunRPC Portmap
...
Also cleans up and normalizes the print messages to follow the
conventions of "host:port - proto - message"
[FixRM #8409 ], reported by Chris F.
2013-09-26 09:42:38 -05:00
09fa7b7692
remove rport methods since it is already defined in Msf::Exploit::Remote::HttpClient
2013-09-25 23:50:34 +02:00
84ec2cbf11
remove peer methods since it is already defined in Msf::Exploit::Remote::HttpClient
2013-09-25 23:42:44 +02:00
58d4096e0f
Resolv conflicts on #2267
2013-09-25 13:06:14 -05:00
34b829abef
bugfix
2013-09-25 09:15:07 +02:00
aeb663a5d4
fix output
2013-09-24 10:48:38 +02:00
dc8f94bac1
Added wordpress version detection
2013-09-24 08:59:56 +02:00
dff26ac9ff
Used default timeout
...
forgot an additional default timeout in my previous commit
2013-09-17 11:28:46 -04:00
4aeb754112
Minor Changes
...
changed print calls to print_line
removed trailing \n's
used default timeout for send_request_cgi
2013-09-17 11:20:45 -04:00
ea367d218c
dded Jenkins vulnerability scanner
2013-09-17 10:47:59 -04:00
b4b7cecaf4
Various minor desc fixes, also killed some tabs.
2013-09-16 15:50:00 -05:00
299860b09d
Land #2329 , @kaospunk auxiliary module to enumerate ntlm info
2013-09-16 08:16:30 -05:00
4040fe4b6b
Fix style
2013-09-16 08:15:46 -05:00
149312a4c0
Correct wordpress_login_enum for #2301
...
tabassassin created a mess and I failed to resolve it properly.
Attempt #2 . See #2301 .
2013-09-12 14:56:46 -05:00
91b8ca8f22
Merge branch 'pr2301' into upstream-master
...
Conflicts:
modules/auxiliary/scanner/http/wordpress_login_enum.rb
2013-09-12 14:52:34 -05:00
f73c18ccd9
Store the Array, not human-readable version
...
[SeeRM #8389 ]
2013-09-09 16:44:47 -05:00
94cc3f0e49
Retab changes
2013-09-06 09:51:14 -05:00
73a66819ea
Merge for retab
2013-09-06 09:50:37 -05:00
7ce9d38eba
Fix module
2013-09-06 09:49:52 -05:00
8bc83f4922
Retab changes for PR #1420
2013-09-05 16:21:26 -05:00
d6a7ce5328
Merge for retab
2013-09-05 16:21:13 -05:00
f5a4c05dbc
Retab changes for PR #2267
2013-09-05 14:11:03 -05:00
4703a10b64
Merge for retab
2013-09-05 14:10:58 -05:00
015ac6d92c
Retab changes for PR #2273
2013-09-05 14:09:44 -05:00
e25ec2d2f9
Merge for retab
2013-09-05 14:09:39 -05:00
abb52a086c
Retab changes for PR #2316
2013-09-05 13:33:59 -05:00
8665de0261
Merge for retab
2013-09-05 13:33:49 -05:00
0a1a202fb5
Retab changes for PR #2329
2013-09-05 13:04:23 -05:00
760943af2f
Merge for retab
2013-09-05 13:02:51 -05:00
c44be42cf5
Merge the check for Sentry in just one request
2013-09-05 10:41:20 -05:00
d280d45964
Revert "Updated module - 1 req action"
...
This reverts commit f85b9aa780
2013-09-05 10:35:13 -05:00
f85b9aa780
Updated module - 1 req action
...
Modified the code to have it work with 1 request instead of 3. Thanks Meatballs1!
2013-09-05 20:04:02 +05:30
9f628b8b63
Add URI where information was discovered
...
This adds the URI where the information was enumerated from to the
scanner output.
One more place where target_uri was being used was also corrected.
2013-09-05 10:06:11 -04:00
afaab5e0a6
Fixes issues raised by jvazquez-r7
...
This commit fixes the following issues raised by jvazquez-r7:
* The local target_uri variable has been renamed to test_uri
* Logic to prepend a "/" to the uri has been removed
* The timeout of 10 for send_request_cgi has been removed to use the
default
2013-09-05 09:34:35 -04:00
533643fe2c
Host Information Enumeration via NTLM Authentication
...
This aux module makes requests to resources on the target server in
an attempt to find resources which permit NTLM authentication. For
resources which permit NTLM authentication a blank NTLM type 1 message
is sent to enumerate a a type 2 message from the target server. The type
2 message is then parsed for information such as the Active Directory
domain and NetBIOS name.
The user can provide their own TARGETURIS file which contains URIs
to request to attempt to get a 401 with NTLM. This PR also includes
a list of URLs that can be used as the default.
2013-09-04 21:39:02 -04:00
3786376b42
Aux module for Sentry CDU enum
2013-09-03 14:44:03 +05:30
560d384633
Do first modification to Auxiliary::Login and Auxiliary::AuthBrute
2013-08-31 23:38:04 -05:00
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
a574b548b2
Updated wordpress_login_enum auxilary module.
...
Update wordoress_login_enum to work when the wordpress site redirects
to /author/[authorname]/ rather than displaying the author's name in
the page contents.
2013-08-29 15:28:46 +01:00
b9360b9de6
Land #2286 , @wchen-r7's patch for undefined method errors
2013-08-26 20:46:05 -05:00
85ed9167f2
Print target endpoint
...
If a module consistently print the target endpoint in all its print
functions, then we'll follow that.
2013-08-26 17:51:43 -05:00
9f8051161f
Properly implement normalize_uri
2013-08-26 17:18:00 -05:00
c660279963
Land #2259 , @wchen-r7's patch for [SeeRM #8319 ]
2013-08-26 16:36:45 -05:00
3769da2722
Better fixes
2013-08-26 14:02:45 -05:00
8c7f4b3e1f
Avoid using inline rescue
2013-08-26 13:54:06 -05:00
035258389f
use feed first before trying to bruteforce
2013-08-25 10:16:43 +02:00
5f7ccf1cbe
naming..again
2013-08-24 18:58:00 +02:00
7cd150b850
another module
2013-08-24 18:42:22 +02:00
c40252e0b3
bugfixing
2013-08-24 00:04:16 +02:00
a863005d33
Removed blanks at EOL
...
Fixed blanks at EOL per msftidy messages
2013-08-22 14:20:42 -04:00
7e098e4d6b
Domain enumeration put in own function
...
The code to enumerate the AD domain is now in its own function
Additionally, a new advanced option has been added which controls
whether or not the domain enumeration will occur so that if it is
not wanted the user can disabled it. By default this is set to
enumerate the AD domain.
If AD_DOMAIN is already specified then this will be used and no
auto enumeration will occur.
2013-08-22 14:16:00 -04:00
7e0b26e932
Minor fixes to syntax and error handling
2013-08-22 13:23:39 -04:00
cdcfa88fa3
Enumerate AD Domain via NTLM Authentication
...
Add functionality to attempt an NTLM auth against common directories
to try to enumerate the AD domain. If a domain is found this will be
prepended to the authentication requests, otherwise it's business as
usual.
2013-08-22 12:26:14 -04:00
556f17c47e
Move modules
2013-08-22 17:33:35 +02:00
8456d2c0ec
remove target_uri
2013-08-22 00:48:42 +02:00
959553583f
-) revert last commit
...
-) split into seperate modules
2013-08-22 00:45:22 +02:00
009d8796f6
wordpress is now a module, not a mixin
2013-08-22 00:05:58 +02:00
2e9a579a08
implement @limhoff-r7 feedback
2013-08-21 21:05:52 +02:00
ffdd057f10
-) Documentation
...
-) Added Wordpress checks
2013-08-21 14:27:11 +02:00
655e2dcf6c
more methods
2013-08-21 13:13:41 +02:00
11ef8d077c
-) added wordpress mixin
...
-) fixed typo in web mixin
2013-08-21 12:45:15 +02:00
89753a6390
Fix undefined method error
...
[FixRM #8323 ]
2013-08-21 01:22:27 -05:00
92752de651
Fix undefined method error
...
[FixRM #8324 ]
2013-08-21 01:20:57 -05:00
77942f0d29
Fix undefined method error
...
[FixRM #8325 ]
2013-08-21 01:20:03 -05:00
2fa75e0133
Fix undefined method error
...
[FixRM #8325 ]
2013-08-21 01:16:49 -05:00
be29e44788
Fix undefined method error
...
[FixRM #8328 ]
2013-08-21 01:15:07 -05:00
ae8c40c8f7
Fix undefined method error
...
[FixRM #8329 ]
2013-08-21 01:10:46 -05:00
42a7766f1b
Fix undefined method error
...
[FixRM #8330 ]
2013-08-21 01:09:24 -05:00
0f85fa21b4
Fix undefined method error
...
[FixRM #8331 ]
2013-08-21 01:08:19 -05:00
8eeb66f96d
Fix undefined method error
...
[FixRM #8332 ]
2013-08-21 01:06:54 -05:00
785f633d1d
Fix undefined method error
...
[FixRM #8334 ]
[FixRM #8333 ]
2013-08-21 01:01:53 -05:00
0561928b92
Fix undefined method error
...
[FixRM #8336 ]
2013-08-21 00:54:08 -05:00
2597c71831
Fix undefined method error
...
[FixRM #8338 ]
[FixRM #8337 ]
2013-08-21 00:52:33 -05:00
092b43cbfa
Fix undefined method error
...
[FixRM #8339 ]
2013-08-21 00:50:37 -05:00
32a190f1bd
Fix undefined method error
...
[FixRM #8340 ]
2013-08-21 00:49:13 -05:00
217d89fa7c
Fix undefined method error
...
[FixRM #8341 ]
2013-08-21 00:47:31 -05:00
3a271e7cc7
Fix undefined method error
...
[FixRM #8342 ]
2013-08-21 00:45:48 -05:00
35b15b6809
Fix undefined method error
...
[FixRM #8322 ]
2013-08-21 00:37:22 -05:00
fe089030d4
Land #2257 , @wchen-r7's patch for [SeeRM #8317 ]
2013-08-20 13:43:37 -05:00
ceb0f56f42
Land #2258 , @wchen-r7's patch for [SeeRM #8318 ]
2013-08-20 13:26:34 -05:00
1702cf2af9
Use TARGETURI
2013-08-20 13:23:32 -05:00
3ac59fede7
Land #2251 , @wchen-r7's patch to use OptRegexp
2013-08-20 12:55:30 -05:00
202b31d869
Better fix based on feedback
...
Tell daddy how you want it.
2013-08-20 12:52:04 -05:00
Tod Beardsley
jvazquez-r7
Bruno Morisson
Meatballs
James Lee
Karn Ganeshen
Tabassassin
sinn3r
FireFart
jamcut
kaospunk
rbsec