4ad7021336
give user option to turn on KoreLogic rules
...
the cracker modules in framework now have a datastore option
to allow the user to select the KoreLogicRules
2015-01-07 12:32:26 -06:00
5480cb81f5
add updated KoreLogic rules to john.conf
...
updated our shipped john.conf to include a
more up to date version of the KoreLogic JtR rules.
They add overhead to the cracking time but are
probably some of the best/most effective JtR
rules out there.
2015-01-07 12:25:04 -06:00
ef97d15158
Fix msftidy and make sure all print_*s in check() are vprint_*s
2015-01-07 12:12:25 -06:00
5d68d48ca5
Land #4385 , fixes bruteforce_speed validator
...
bruteforce_speed validator now accepts nil
2015-01-07 12:09:25 -06:00
702511dbc5
respect DB_ALL_USERS & DB_ALL_PASS
...
fix last few things in authbrute
and make the CredentialCollections understand the
additional seperate components
MSP-11986
2015-01-07 11:41:41 -06:00
7ff2ba0725
first pass on fixing DB_ALL authbrute stuff
...
DB_ALL_CREDS worked but DB_ALL_USER and DB_ALL_PASS
did not. working on fixing that.
This commit also does some nice DRY work in the auth_brute mixin
MSP-11986
2015-01-07 11:30:39 -06:00
aef8c702d7
Filter creds by type
2015-01-07 17:19:31 +00:00
3e80efb5a8
Land #4521 , Pandora FMS upload
2015-01-07 11:13:57 -06:00
1ccef7dc3c
Shorter timeout so we get shell sooner
...
The request to execute our payload will never return, so waiting for the
default timeout (20 seconds) is pointless.
2015-01-07 11:11:33 -06:00
4c240e8959
Fix #4098 - False negative check for script_mvel_rce
...
Fix #4098 , thanks @arnaudsoullie
2015-01-07 10:40:58 -06:00
c60b6969bc
Oh so that's it
2015-01-07 10:39:46 -06:00
efe83a4f31
Whitespace
2015-01-07 10:19:17 -06:00
3ba3465afb
Ensure logging in ~/.msf4/log
...
Fix #4511
2015-01-07 09:37:07 -06:00
09bd0465cf
fix regex
2015-01-07 11:54:55 +01:00
b3def856fd
Applied changes recommended by jlee-r7
...
used Rex::ConnectionError
refactor begin/rescue blocks
removed ::URI::InvalidURIError
changed @peer with peer
used Exploit::CheckCode:Appears instead of Exploit::CheckCode::Vulnerable
2015-01-07 18:38:19 +08:00
eaad4e0bea
fix check method
2015-01-07 11:01:08 +01:00
8c23e8c2e8
ruby 2.2 compatibility
...
Fix circular argument reference warnings for ruby 2.2
2015-01-07 12:00:50 +02:00
478505c17a
ruby 2.2 compatibility
...
https://bugs.ruby-lang.org/issues/10314
2015-01-07 11:41:34 +02:00
862af074e9
fix bug
2015-01-07 09:10:50 +01:00
d007b72ab3
favor include? over =~
2015-01-07 07:33:16 +01:00
4277c20a83
use include?
2015-01-07 06:51:28 +01:00
39e33739ea
support for anonymous login
2015-01-07 00:08:04 +01:00
bf0bdd00df
added some links, use the res variable
2015-01-06 23:25:11 +01:00
fee49b0b85
Land #4531 , Msf::Exploit::PDF method name fix
2015-01-06 14:26:58 -06:00
a626c45813
update gemspec for newest credential
...
we need the latest metasploit-credential to migrate
over any old style creds still lingering around in the
database.
MSP-11919
2015-01-06 14:25:55 -06:00
609c490b3c
I missed nobfu
2015-01-06 12:49:39 -06:00
2ed05869b8
Make Msf::Exploit::PDF follow the Ruby method naming convention
...
Just changing method names.
It will actually also fix #4520
2015-01-06 12:42:06 -06:00
f9f2bc07ac
some improvements to the mantis module
2015-01-06 11:33:45 +01:00
0bece137c1
Land #4494 , Object.class.to_s fix
2015-01-06 02:27:35 -06:00
f2710f6ba7
Land #4443 , BulletProof FTP client exploit
2015-01-06 02:10:42 -06:00
482cfb8d59
Clean up some stuff
2015-01-06 02:10:25 -06:00
46aa165ca5
Land #4481 , enum_users_history improvements
2015-01-06 01:52:38 -06:00
745bfb2f35
Clean things up
2015-01-06 01:48:18 -06:00
42b6c5425f
Update tests
2015-01-05 22:25:14 +00:00
dd5c638ab0
Merge remote-tracking branch 'upstream/master' into extapi_service_post
2015-01-05 22:18:44 +00:00
fc91244252
insert deprecation error message
...
report_auth_info will now issue an error message
stating that the method is deprecated along with the module name
that called it
MSP-11919
2015-01-05 14:02:16 -06:00
db8f260557
add some YARD docs to report_auth_info
...
add yard docs for the modified report_auth_info
MSP-11919
2015-01-05 13:58:25 -06:00
71d600e829
make report_auth_info create new creds and logins
...
report_auth_info coerces old data into the new credential
types as best as it is able
MSP-11919
2015-01-05 13:41:30 -06:00
a69609fe04
Land #4523 : wchen-r7's #inspect->to_s conversions
...
Keep custom object display behavior the same between Ruby 1.9 and 2.1.
2015-01-05 13:26:08 -06:00
e73ff61f42
Land #4512 , OJ's removal of superfluous path expansion
2015-01-05 13:14:59 -06:00
44dfa746eb
Resolve #4513 - Change #inspect to #to_s
...
Resolve #4513
2015-01-05 11:50:51 -06:00
4257fef91b
Land #4101 - Konica MFP FTP and SMB credential gathering module
2015-01-05 10:31:28 -06:00
547b7f2752
Syntax and File Upload BugFix
...
Fix unexpected ) in line 118
Fix file cleanup missing _
Fix more robust version check script
Fix file upload
2015-01-05 19:23:22 +08:00
1f4d62aff3
Land #4514 , invalid splat URL fix
2015-01-05 03:44:40 -06:00
e7affb9048
Land #4493 , @pedrib's module for ManageEngine Central Desktop create admin
2015-01-04 23:46:31 -06:00
c5e72fb324
Change module filename
2015-01-04 23:14:12 -06:00
4798f2328d
Change module filename
2015-01-04 23:13:17 -06:00
6bb3171328
Do minor cleanup
2015-01-04 23:12:42 -06:00
711b97ecc5
Beautify metadata
2015-01-04 23:08:46 -06:00
4653e48dba
Land #4515 , @bcook-r7's linux meterpreter binaries update
2015-01-04 16:59:24 -06:00
David Maloney
sinn3r
Meatballs
James Lee
Trevor Rosen
Christian Mehlmauer
rcnunez
dmooray
William Vu
Brent Cook
jvazquez-r7