6cdb1a80de
Remove app from fingerprint and blank line
2013-01-24 09:47:20 -05:00
bf2b01f8ef
Delete a file and strip space
2013-01-24 09:30:04 -05:00
8e09247703
Rename to match the OEM vendor
2013-01-23 21:10:25 -06:00
2c12666f4e
Update the vendor to match the OEM source
2013-01-23 21:10:05 -06:00
6e94c04a52
Code Corrections and Enhancements
2013-01-23 20:26:23 -05:00
3418457b9a
Small changes (extra comma + typo)
2013-01-23 16:29:25 -06:00
cfde24785c
Adds a password grabber module for Swann DVRs
2013-01-23 14:23:58 -06:00
3a5e92ba6f
hopefully all fixex included
2013-01-23 12:15:34 +01:00
5cfabb0443
Apply the changes I suggested before
2013-01-23 00:15:09 -06:00
1e39c31cc2
Merge branch 'feature/rm6822-coldfusion_locale_traversal' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-feature/rm6822-coldfusion_locale_traversal
2013-01-23 00:06:35 -06:00
c601ceba3c
Fixed error deleting ntds and sys files
2013-01-22 09:42:49 -06:00
20b36cdf7a
added extra checking for strict databases
2013-01-22 15:42:23 +00:00
ed3b886b61
working with psexec mixin
2013-01-22 09:36:43 -06:00
11c13500be
small fix
2013-01-21 13:41:42 +01:00
62ff52280a
initial linksys OS command injection
2013-01-21 13:19:29 +01:00
b2c7223108
Cleanup for mysql_file_enum.rb
2013-01-21 12:26:35 +01:00
5cfe58e8d5
General code review and corrections
2013-01-20 22:33:04 -05:00
4d5a7a3d4d
Brute force directory and file names with MySQL
2013-01-20 21:32:02 +00:00
e7604f80b2
added a warning and using optpath
2013-01-20 21:24:00 +00:00
6da4b72d85
added a warning and using optpath
2013-01-20 21:23:59 +00:00
ebb0635e0a
stopped using fixed table name
2013-01-20 21:23:59 +00:00
fce58ad96d
Fixed msftidy stuff
2013-01-20 21:23:58 +00:00
23d1eb7a80
File/dir brute forcer using MySQL
2013-01-20 21:23:58 +00:00
e613c860a5
Added Name and Emailadress
2013-01-17 23:17:14 +01:00
a43b218917
Line full of whitespace
2013-01-17 12:43:06 -08:00
ffd8890ba2
Merge branch 'smb_login_option' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-smb_login_option
2013-01-17 18:15:41 +01:00
0b61d28e0e
added Joomla scanner and url wordlist
2013-01-17 11:36:59 -05:00
a701b5eb79
fixed an error that occurred when patching.
2013-01-16 18:21:19 -05:00
ddd2dbc17b
Updated coldfusion_local_traversal as described in Redmine Feature #6822
2013-01-16 17:54:15 -05:00
481f2eb791
updated cold_fusion_version from Redmine Feature #6822
2013-01-16 17:23:35 -05:00
9dc42e93e7
Reduce unnecessary indent level
2013-01-15 14:36:41 -06:00
5109cc97fe
Add more verbs
...
[SeeRM: #7138 ] by jabra
2013-01-15 14:11:53 -06:00
6e6e90d733
Cosmetic changes
2013-01-15 11:36:49 -06:00
a06d49a8be
Return symbols
...
STOP_ON_SUCCESS is being ignored because the module's login function
doesn't pass a symbol to the mixin. This addresses that.
2013-01-15 11:25:02 -06:00
347cc3f879
Merge branch 'bug/rm7680-psexec_command-convert-nil-into-integer' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-bug/rm7680-psexec_command-convert-nil-into-integer
2013-01-14 15:12:43 -06:00
a89db93891
psexec_command - Unable to execute specified command: can't convert nil into Integer
...
Patched as described in Redmine bug #7680
2013-01-14 15:54:40 -05:00
702638a6a3
final cleanup
2013-01-14 17:36:24 +01:00
b11fd48b05
implemented juans feedback
2013-01-14 17:06:52 +01:00
8b85f7d977
fix msftidy
2013-01-14 14:55:53 +01:00
0acbcfd964
fix url path
2013-01-14 14:39:50 +01:00
c17ee70e66
Use target_uri for the wordpress url
2013-01-14 14:34:34 +01:00
0c95938b1d
Added a request to force db caching
2013-01-13 20:12:37 +01:00
27f100d37c
fix email
2013-01-12 14:24:29 +01:00
d36c966931
spaces
2013-01-12 14:22:38 +01:00
93b5980210
fix
2013-01-12 14:13:54 +01:00
0b8094eb5d
w3_total_cache
2013-01-12 14:09:59 +01:00
ef6eec949c
Move impersonate_ssl
...
To 'gather', because it grabs stuff, not scans.
2013-01-11 17:22:27 -06:00
8c5847a13c
Make output compatible with an scanner module
2013-01-11 00:10:15 +01:00
0e950997e6
Merge branch 'wordpress-pingback-access' of https://github.com/smilingraccoon/metasploit-framework into smilingraccoon-wordpress-pingback-access
2013-01-10 23:57:22 +01:00
0c58a118ff
Found the issue I believe, fixed two issues. One with 301/302 responses getting a bad URI due to switch from ip to dns in location header and other from res.to_s rather than res.body being passed to regex
2013-01-10 11:32:48 -05:00
fc5a0e22b2
stupid push, forgot to remove test puts
2013-01-10 10:43:57 -05:00
ed9d290a85
added status messages, made var blog_posts initalize as nil rather than empty string
2013-01-10 10:41:25 -05:00
5bafd6ddcc
added status message
2013-01-10 09:43:37 -05:00
2776047553
Merge branch 'smb_cap' of github.com:Meatballs1/metasploit-framework into Meatballs1-smb_cap
2013-01-09 16:09:35 -06:00
5fe2f967da
this rescue is done in the mixin
2013-01-09 21:28:06 +01:00
07f8eb6a07
Fix up a typo
2013-01-09 13:05:27 -06:00
adb4c89602
Add a scanner module for CVE-2013-0156
2013-01-09 12:50:38 -06:00
7a1a9985d5
Merge branch 'mysql_login_exceptions' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-mysql_login_exceptions
2013-01-09 18:21:03 +01:00
a0a4ef843b
added error msgs to rescue
2013-01-09 11:22:36 -05:00
4cadffc06a
msftidy
2013-01-09 10:37:40 +00:00
46139849a9
Move to .empty? over length
2013-01-09 10:36:06 +00:00
a8400030f8
Also correct outut of hash when length is 0
2013-01-09 10:26:57 +00:00
d36fcd5441
Fix smb capture error
2013-01-09 09:50:21 +00:00
4e70f7d888
Merge branch 'bug/rm7139-smtp_enum-false-positive' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-bug/rm7139-smtp_enum-false-positive
2013-01-09 01:13:43 -06:00
f45739933e
Update modules/auxiliary/scanner/http/wordpress_pingback_access.rb
...
Changed name var in initialize
2013-01-08 19:20:02 -05:00
69485ba261
made changes as specified in Redmine Bug #7139
2013-01-08 12:14:57 -05:00
8e80f5e82c
Public key size determined properly
2013-01-08 16:39:27 +01:00
3ceb313752
Fixes format string issue in smb_login - FixRM #7657
2013-01-07 22:17:49 -06:00
c74d258509
Revert "Fixes format string issue in smb_login - FixRM #7657"
...
Will replay on separate branch.
This reverts commit a12b628ccc
2013-01-07 22:03:57 -06:00
60987de854
Merge branch 'master' of github.com:rapid7/metasploit-framework
2013-01-07 21:20:20 -06:00
a12b628ccc
Fixes format string issue in smb_login - FixRM #7657
2013-01-07 21:20:09 -06:00
5bc1066c69
Change how modules use the mysql login functions
2013-01-07 16:12:10 -06:00
ff9ef80cc6
Fixed terrible tab issues that occured because of an evil vimrc filegit add ntdsgrab.rb
2013-01-07 12:49:58 -06:00
e4546b13f3
Creating new pull request to beat Travis build strange errors...
2013-01-07 12:21:59 -06:00
9f69dbbd30
update unless statements, targeturi, and resolve var
2013-01-07 13:17:49 -05:00
36adf86184
Various and sundry fixes for normalize_uri
2013-01-07 12:02:08 -06:00
c1f0e1172b
Still fighing with Travis build errors
2013-01-07 11:52:37 -06:00
6a9445966a
Caught missing paren
2013-01-07 11:21:55 -06:00
33751c7ce4
Merges and resolves CJR's normalize_uri fixes
...
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules
Note that this trips all kinds of msftidy warnings, but that's for another
day.
Conflicts:
modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
modules/exploits/windows/http/xampp_webdav_upload_php.rb
2013-01-07 11:16:58 -06:00
ac2182c69b
Edited to fix Travis build process
2013-01-07 11:10:21 -06:00
0de23a7edb
fixed description
2013-01-04 21:16:56 -05:00
e35afdce5d
added wordpress-pingback scanner
2013-01-04 20:59:33 -05:00
3936725958
added wordpress-pingback scanner
2013-01-04 20:44:40 -05:00
44e07c8577
Created psexec mixin to get rid of ugly copy-paste
2013-01-04 09:58:48 -06:00
6654faf55e
Msftidy fixes
2013-01-04 09:29:34 +01:00
6f50410e5f
Merge branch 'patch-1' of github.com:mubix/metasploit-framework into mubix-patch-1
2013-01-03 17:51:54 -06:00
9e912a23ff
Merge branch 'rapid7' into FireFart-msftidy_aux_1
2013-01-03 16:54:25 -06:00
39e81fb07f
Update modules/auxiliary/scanner/http/wordpress_login_enum.rb
...
Simple fix for msfconsole start error.
2013-01-03 21:52:10 +01:00
1406f7cb0a
Msftidy on sap_router_info_request
2013-01-03 10:55:11 -06:00
8cada447b2
msftidy: remove $Id$
2013-01-03 10:21:10 +01:00
e4a6669927
msftidy: remove $Revision$
2013-01-03 01:05:45 +01:00
4d8a2a0885
msftidy: remove $Revision$
2013-01-03 01:01:18 +01:00
95948b9d7c
msftidy: remove $Revision$
2013-01-03 00:58:09 +01:00
ca890369b1
msftidy: remove $Id$
2013-01-03 00:54:48 +01:00
88d12da3db
hilight positive results in WebDAV scanner
...
As suggested by Lee Baird
2013-01-02 13:27:25 -05:00
321a4ecb74
Escaped quotes in windows command
2012-12-29 13:46:22 -06:00
02bbcb5803
surrounded ntdspath in a space
2012-12-29 13:33:32 -06:00
174e6e8f17
Fixed array instantiation
2012-12-29 13:31:54 -06:00
33ea21e415
Merge branch '403labs-zgrace-wordpress_login_enum'
2012-12-28 17:47:05 -06:00
d92b3bd2e1
Apply fixes
2012-12-28 17:46:17 -06:00
e5eb8c6301
Fix connected in sap_router_info_request
...
See #1028 comments
2012-12-28 16:34:59 -06:00
2746a57093
Merge branch 'zgrace-wordpress_login_enum' of git://github.com/403labs/metasploit-framework into 403labs-zgrace-wordpress_login_enum
2012-12-28 15:42:09 -06:00
3daea913b1
Merge branch 'sap_router_info_request'
2012-12-28 15:22:44 -06:00
35604ac1aa
Normalizing caps and expanding description a bit
...
Be nice to have a couple more lines on the description
2012-12-28 15:12:40 -06:00
5d7197d8ba
Moved shout outs, organized includes
...
include Msf::Exploit::Remote::Tcp must precede the include for the
Scanner mixin -- otherwise you end up with some undesired effects, like
having an RHOST and RHOSTS on the datastore.
Also, took out the block of shout outs and gave references and credits
to the people / url's mentioned.
2012-12-28 14:51:23 -06:00
c2586d0907
Instead of raising, offer advice on BPF filtering
...
Many people don't know how to disable ICMP echo responses off the top of
their head. However, the problem is solvable with a decent BPF filter.
2012-12-27 15:18:18 -06:00
c6533621a0
Oops removing debug prints
2012-12-27 14:58:52 -06:00
c695f429d5
Mirror upstream PacketFu fix on ICMP size
2012-12-27 14:56:49 -06:00
121353b360
Fixing EOLs to unix
...
In vim:
:set fileformat=unix
:wq
ta-da
2012-12-27 13:54:50 -06:00
9fa6c9f4c4
Merge remote branch 'ChrisJohnRiley/icmp_exfil' into icmp_exfil
2012-12-27 13:52:19 -06:00
d4bdf1b6b4
Added user name enumeration based on author id enumeration
2012-12-24 16:09:03 -06:00
2c4d517e75
Merge branch 'useragent_cleanup' of git://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-useragent_cleanup
2012-12-21 11:14:06 -06:00
413b75cd8b
Fixed crash issues with unescape
...
Added better formatting to avoid pages of output
2012-12-21 12:07:14 +01:00
e237512bd7
Cleaned up the SAP modules as they are all sending double user-agent strings (also added OptEnum where appropriate)
2012-12-21 10:47:45 +01:00
cad8abef48
msftidy cleanup
2012-12-18 11:46:27 -06:00
860ebbcfb1
Merge branch 'master' into averagesecurityguy-master
2012-12-18 11:45:41 -06:00
0344c568fd
Merge branch 'smb_fixes' of git://github.com/alexmaloteaux/metasploit-framework into alexmaloteaux-smb_fixes
2012-12-18 11:38:14 -06:00
9825b07df8
Merge branch 'sap_soap_rfc_dbmcli_sxpg_command_exec' of git://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_dbmcli_sxpg_command_exec
2012-12-18 01:12:50 -06:00
37f7122006
NameError undefined local variable or method output - fixed
2012-12-17 19:34:36 +00:00
10511e8281
Merge remote branch 'origin/bug/fix-double-slashes'
...
Ran the new normalize_uri() specs, all passes, so I'm quite confident in
this change.
2012-12-17 13:29:19 -06:00
1714fa21b1
adjusted DOS part to use HttpClient
2012-12-17 15:46:39 +01:00
2eb01168c8
Cleaned build junk
2012-12-14 10:44:53 -06:00
82a6519dc4
cleaned up print_status and print_errors
2012-12-14 10:41:40 -06:00
1b26036028
removed junk
2012-12-14 09:23:26 -06:00
ae663b2a08
removed | from author section
2012-12-14 09:02:19 -06:00
27ca43c915
Added to create new pull request
2012-12-14 08:53:22 -06:00
3da4c4f743
Add author's email
2012-12-14 10:38:22 +01:00
d2885d9045
Correct US Cert references
2012-12-13 14:19:53 -06:00
a48c14124b
added CHECK functionality to the existing module
2012-12-13 16:54:50 +01:00
67b4675d01
comply to code conventions
2012-12-13 14:58:33 +01:00
94fdd4c6fe
fix typo
2012-12-13 14:42:16 +01:00
eea4770521
warns about key size and valid time
2012-12-13 14:40:43 +01:00
8f388eb226
fixing if typo
2012-12-11 23:28:21 +01:00
b5b5667539
Merge branch 'symantec_brightmail' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-symantec_brightmail
2012-12-11 23:27:56 +01:00
0ca1dbd14e
Account for the timeout condition
2012-12-11 16:24:42 -06:00
20ea56e4b9
fixed type @wchen-r7 found
...
hopefully didn't miss any others
2012-12-11 15:29:53 -05:00
717799cffd
fix typos
...
negotiate spelled wrong in a couple spots
and only 3 g's in loggging
2012-12-11 15:00:21 -05:00
461f057c95
Merge branch 'loggedin_users' of https://github.com/R3dy/metasploit-framework into R3dy-loggedin_users
2012-12-11 17:33:31 +01:00
25d888bebb
Add CVE-2012-4347 Symantec Messaging Gateway Log File Download
2012-12-10 18:09:29 -06:00
7ea188e02d
Merge pull request #1147 from wchen-r7/cve_text_consistency
...
Change CVE text format
2012-12-09 14:48:08 -08:00
64a8b59ff9
Change CVE forma
...
Although the original text should work perfectly, for better
consistency, it's best to remove the "CVE" part. This may not
be a big deal in framework, but stands out a lot in Pro.
2012-12-09 01:09:21 -06:00
69177105ab
Handle a null reply properly, small bug fix
2012-12-07 10:54:08 -08:00
f56ef52ffc
Fixed path error when BASE_PATH is nil.
2012-12-06 23:55:34 -05:00
761e735a55
Store wc.db file in loot. Add BASE_PATH option.
2012-12-06 23:38:03 -05:00
97c9dd0caf
Extra file got added by mistake, removed it
2012-12-06 16:31:28 -06:00
600121c36a
Fixed issue involing static path to Windows directory
2012-12-06 16:28:59 -06:00
8a149b3ea3
Removed Version.
2012-12-06 17:24:16 -05:00
4ce51fe889
Made changes requested by sinn3r.
2012-12-06 17:18:50 -05:00
4837ea38f5
Merge https://github.com/rapid7/metasploit-framework
2012-12-06 16:15:55 -06:00
c66777d028
Merge branch 'command' of git://github.com/R3dy/metasploit-framework into R3dy-command
2012-12-06 16:08:04 -06:00
205276c38f
Update modules/auxiliary/admin/smb/psexec_command.rb
...
Fixed static path to Windows directory. This causes problems with directory is 'WINNT' for example.
2012-12-06 16:03:44 -06:00
d938959e97
Module to find SVN wc.db files.
2012-12-06 16:30:23 -05:00
232eb7bf2d
Final cleanup plus name change
2012-12-05 00:32:42 +01:00
9cff72af72
Merge branch 'loggedin_users' of https://github.com/R3dy/metasploit-framework into R3dy-loggedin_users
2012-12-05 00:31:24 +01:00
3dada00f43
fix typo accor ding to redmine 7550
2012-12-04 22:37:08 +01:00
a1136be59e
Fixed last ip changed it to peer
2012-12-02 19:17:59 -06:00
2b171bb003
Added report_note functionality
2012-12-02 18:49:50 -06:00
e4e3ec8fdd
Fixed module to use clean psexec method
2012-12-02 18:35:23 -06:00
476a5dc58c
Fixed return without disconnect
2012-12-02 18:27:27 -06:00
4276279dd8
Fixed print_status to use peer instead of ip
2012-12-02 18:25:09 -06:00
1085357dbb
Talked to Todb, we like "." better
2012-11-30 14:53:57 -06:00
61a74bf257
Minor changes here and there
...
Changes include:
* Some corrections in metadata
* report_note()
* Removes connect(), usually don't need it in modules
2012-11-30 14:24:27 -06:00
a73d8792ee
Changed RPORT definition per egypt
2012-11-30 13:57:25 -05:00
40b8c93ef8
Added HSTS scanner for HTTPS sites
2012-11-30 09:30:11 -05:00
7d4982b47b
Fixed description area and authoer section
2012-11-29 14:21:27 -06:00
d6a3f6666d
Fixed simple return form get_output method
2012-11-29 14:15:57 -06:00
cf53588ab7
Removed Version
2012-11-29 14:14:41 -06:00
3ebbee5b1f
Removed generic URLs
2012-11-29 14:13:49 -06:00
bf41d3d0fd
Merge branch 'network_shutdown_creds' of git://github.com/wchen-r7/metasploit-framework into wchen-r7-network_shutdown_creds
2012-11-29 10:43:03 -06:00
b0e4931de8
When 'credentials' is empty, it is empty.......
2012-11-29 10:22:20 -06:00
93a69ea62e
Fix instances of invalid lower-case datastore use
2012-11-29 00:05:36 -06:00
b3a473aec0
Forgot to remove this option
2012-11-28 18:48:33 -06:00
0415d31c61
Update description
2012-11-28 16:07:21 -06:00
52c2437d5a
Add OSVDB-83199 as a cred collecting aux module
...
From #1102
2012-11-28 15:56:13 -06:00
c0c3dff4e6
Several fixes for smb, mainly win 8 compatibility
2012-11-28 22:49:40 +01:00
82dc8e8814
Added check for LOGONSERVER and HOMEPATH
2012-11-28 09:02:19 -06:00
a24ebde3e3
Fix syntax on @@loaded_msfrpc
2012-11-27 14:10:46 -06:00
84294655aa
Update the require, error handling, casing
2012-11-27 11:44:51 -08:00
b008eb93c9
Fix msgpack issue
2012-11-27 12:45:01 -06:00
0440708453
I missed this sucker: var in a quote
2012-11-27 11:57:51 -06:00
0a0195e6c8
Merge branch 'kost-aux-scan-nexpose'
2012-11-27 11:57:11 -06:00
24f44e7a82
Lots of small changes
...
Basically the same changes I've been correcting like the rest of
other modules.
2012-11-27 11:52:58 -06:00
6ccceedcb7
final cleanup for sip_deregister
2012-11-27 18:34:31 +01:00
496fb63fad
Merge branch 'sip_deregister' of https://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-sip_deregister
2012-11-27 18:34:05 +01:00
4dbb82d0bc
Merge branch 'aux-scan-nexpose' of git://github.com/kost/metasploit-framework into kost-aux-scan-nexpose
2012-11-27 11:25:44 -06:00
139c149583
This variable doesn't have to be in a quote
2012-11-27 11:19:04 -06:00
673c519fa3
msg() isn't needed, because it's already implemented in HttpClient
2012-11-27 11:18:27 -06:00
7c3e478070
Final changes
2012-11-27 11:16:12 -06:00
bb34fb8dec
Actually, this is the exact reason why res can be nil
2012-11-27 11:14:52 -06:00
eb30765509
Use vars_post instead of data
2012-11-27 11:13:21 -06:00
4796fb4415
These don't need to be in a quote
2012-11-27 11:12:15 -06:00
5b787406b9
Correct output messages
...
When HttpClient is used, it's actually not necessary to put the
target's IP/port and the module name in the output, because it's
already included in there.
2012-11-27 11:10:31 -06:00
46f86f46fa
Merge branch 'aux-scan-nessus' of git://github.com/kost/metasploit-framework into kost-aux-scan-nessus
2012-11-27 11:01:36 -06:00
319fa04c16
Fix Ruby 1.8 comma of death
2012-11-26 16:45:43 -06:00
9ccc69c4c1
Mostly cosmetic changes. Plus a nil token bug fix.
2012-11-26 16:32:49 -06:00
32ea36916c
Cosmetic changes
2012-11-26 16:28:16 -06:00
65ac56a7a7
Merge branch 'aux-scan-metasploit' of git://github.com/kost/metasploit-framework into kost-aux-scan-metasploit
2012-11-26 16:26:11 -06:00
472ec35adb
Merge branch 'kost-aux-scan-splunk-login'
2012-11-26 16:16:02 -06:00
af451df864
Lots of changes made
...
These changes include:
* More description
* Checks if auth is actually required.
* Collects the default credential on the webpage, and then tries it.
* Fixes possible nil 'Set-Cookie' header.
* Supports more options (USERPASS_FILE, USER_FILE, PASS_FILE)
* Removes the msg() function.
2012-11-26 16:12:11 -06:00
0ea63ca9c2
Merge branch 'web-modules' of git://github.com/tasos-r7/metasploit-framework into tasos-r7-web-modules
2012-11-26 12:59:29 -06:00
7795dc58f4
auxiliary/scanner/http/crawler#form_from_url: rescue => rescue URI::Error
2012-11-26 20:54:20 +02:00
541ecd49d6
Merge branch 'web-modules' of git://github.com/tasos-r7/metasploit-framework into tasos-r7-web-modules
2012-11-26 12:17:24 -06:00
c17cffdece
auxiliary/scanner/http: wrapped an exception-prone URL parse in a begin/rescue block
2012-11-26 18:58:06 +02:00
c22335a2f5
Remove spaces at EOL
2012-11-24 23:32:32 +01:00
7bafc97fec
Remove non needed and redundant checks
2012-11-24 23:01:08 +01:00
bbe3659093
Import of MSF web interface guesser
2012-11-24 22:56:38 +01:00
cdfe663675
initial import of splunk password guesser
2012-11-24 22:05:57 +01:00
860519099f
Removed space at EOL
2012-11-24 19:34:42 +01:00
414fd052c1
final cleanup
2012-11-24 15:03:14 +01:00
fab3427b25
Merge branch 'command' of https://github.com/R3dy/metasploit-framework into R3dy-command
2012-11-24 15:02:39 +01:00
4ad0907c29
Wrap description to 80 cols
2012-11-24 08:13:36 +01:00
14ec0c8a60
Fix http code check + be more verbose
2012-11-24 08:09:26 +01:00
83168e8b56
Correct placement of autofilter ports statement
2012-11-24 07:38:27 +01:00
d008fa0250
Make wrapping works and look better
2012-11-24 07:33:25 +01:00
f88c4491b5
Added autofilter_port to 3790(metasploit web intf)
2012-11-24 07:28:39 +01:00
8608bebbe7
Wrapped module info to col80
2012-11-24 07:27:10 +01:00
965efc9c8d
Last touch up
2012-11-23 18:51:51 -06:00
ddee88bb03
Merge branch 'aux-scan-openvas' of git://github.com/kost/metasploit-framework into kost-aux-scan-openvas
2012-11-23 18:47:33 -06:00
ec3ce499f1
Simplify variable assigment
2012-11-24 00:33:49 +01:00
17de7be1bf
Fix exception handling block
2012-11-24 00:31:32 +01:00
505de0bfc6
Use vars_post instead of direct body construction
2012-11-24 00:21:35 +01:00
a5db9331bc
Simplify rescue handler
2012-11-24 00:15:39 +01:00
d968a33e14
Simplify variable assigment
2012-11-24 00:13:28 +01:00
2978775335
change default RPORT
2012-11-23 12:14:08 +01:00
ca3240a83e
Merge branch 'SXPG_COMMAND_EXEC_DBMCLI' of https://github.com/nmonkee/metasploit-framework into nmonkee-SXPG_COMMAND_EXEC_DBMCLI
2012-11-23 12:13:22 +01:00
f7fb8bb862
change module filename
2012-11-23 11:43:34 +01:00
cb7e98ea29
Cleanup for command module
2012-11-23 11:42:59 +01:00
b04b3963d8
Fix missing parenthesis
2012-11-22 23:50:47 -06:00
d2cde0b294
Make error handling consistent in SNMP modules
2012-11-22 21:36:33 -06:00
b357d221fb
Fix stack trace/error handling in AIX snmp version
2012-11-22 21:28:49 -06:00
46f3b8f47d
Minor changes to get Travis to rerun (The Travis build failed)
2012-11-22 16:00:38 +01:00
564a32ce7c
Made requested changes
2012-11-21 17:33:15 +00:00
e16cea6db8
Fixed execerror, redundant if statement, and poor exception handling
2012-11-20 18:46:07 -06:00
064df7c537
Minor grammar touch on modbus_findunitid
2012-11-20 14:08:07 -06:00
6b4c131cf5
Avoiding a future conflict with release
2012-11-20 13:24:19 -06:00
8c60035a2d
Renamed functions to meet coding standards
...
Added client-side tool suggestion in description and references
(newlines in the description might help readability, if this is possible?)
Added some minor logic change to stop empty filenames
2012-11-20 18:48:18 +01:00
ff07e5d021
sap_soap_rfc_dbmcli_sxpg_command_exec
2012-11-20 15:34:53 +00:00
32373c1a6a
new filename
2012-11-20 16:01:58 +01:00
bb13c87aab
module filename changed
2012-11-20 16:01:26 +01:00
96024dc639
title updated
2012-11-20 16:00:50 +01:00
bfbab4526a
Merge branch 'sap_soap_rfc_sxpg_call_system' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_sxpg_call_system
2012-11-20 16:00:14 +01:00
217fa27abb
pcap to verify deleted
2012-11-20 15:55:56 +01:00
101238db35
Merge branch 'sap_soap_rfc_dbmcli_sxpg_call_system_command_exec' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_dbmcli_sxpg_call_system_command_exec
2012-11-20 15:55:32 +01:00
e16a51fcf9
author change
2012-11-20 14:23:29 +00:00
1bc62b8686
pcap for lin
2012-11-20 14:15:49 +00:00
838eb5154a
Merge branch 'sap_soap_rfc_dbmcli_sxpg_call_system_command_exec' of https://github.com/jvazquez-r7/metasploit-framework into sap_soap_rfc_dbmcli_sxpg_call_system_command_exec
2012-11-20 14:13:51 +00:00
be66ccdf00
pcap for lin
2012-11-20 13:59:49 +00:00
5f99b56688
up to date to test rapid7#1030
2012-11-20 12:13:14 +01:00
31ca077dd6
cleanup for sap_soap_rfc_sxpg_call_system.rb
2012-11-20 11:54:21 +01:00
5667cffb77
Fixed typos
2012-11-20 09:06:15 +01:00
8385b8314c
fix 1.8 warning about space before argument parenthesis
2012-11-19 22:55:44 +01:00
3d753e9690
Delete pcap used to verify
2012-11-19 22:47:07 +01:00
2f44bbaf21
Merge branch 'sap_soap_rfc_sxpg_command_exec' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_sxpg_command_exec
2012-11-19 22:46:38 +01:00
dcb5cfdbbd
pcap for lin
2012-11-19 21:06:05 +00:00
a3550fb91b
Merge branch 'sap_soap_rfc_sxpg_command_exec' of https://github.com/nmonkee/metasploit-framework into sap_soap_rfc_sxpg_command_exec
2012-11-19 21:01:00 +00:00
aaeb05725a
pcaps for lin and win
2012-11-19 21:00:11 +00:00
795ea5bec2
Fix randomize of dislayname and removed filename from command.rb
2012-11-19 14:34:06 -06:00
7fa8717860
Fixed cleanup method to report an Error on command.rb
2012-11-19 13:59:58 -06:00
6adbee13b3
Merge branch 'sap_soap_rfc_sxpg_command_exec' of https://github.com/jvazquez-r7/metasploit-framework into sap_soap_rfc_dbmcli_sxpg_call_system_command_exec
2012-11-19 17:18:21 +00:00
ee7bf42903
cleanup for last testing
2012-11-19 17:59:27 +01:00
430227a460
msftidy cleanup
2012-11-19 16:04:35 +01:00
082bba3342
Rewrite
...
Removed unrequired global vars
Added flexibility in start, continue, end responses
Added ability to set filename in BOF packet or not
Fixed BEGIN RESCUE blocks to not catch errors themselves
BEGIN ENSURE block still needed to trigger save to loot on CTRL+C
2012-11-19 16:02:53 +01:00
149704d918
deleting file sap_soap_rfc_sxpg_call_system_command_exec
2012-11-18 23:56:33 +00:00
3bf88e5884
final cleanup for sap_web_gui_brute_login
2012-11-18 22:39:05 +01:00
165e9c26da
Merge branch 'sap_web_gui_brute_login' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_web_gui_brute_login
2012-11-18 22:38:30 +01:00
3573d31d08
final cleanup
2012-11-18 21:37:24 +01:00
eddea29568
Merge branch 'sap_soap_rfc_brute_login' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_brute_login
2012-11-18 21:36:54 +01:00
9fa8204152
datastore parameters cleanup
2012-11-18 11:53:17 +01:00
5b55049610
module cleanup
2012-11-18 11:45:12 +01:00
ea6c3e9b69
Merge branch 'sap_soap_rfc_susr_user_interface' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_susr_user_interface
2012-11-18 11:44:26 +01:00
8a1a811844
Final cleanup
2012-11-18 01:41:10 +01:00
482526e978
Merge branch 'sap_soap_bapi_user_create1' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_bapi_user_create1
2012-11-18 01:40:11 +01:00
889124a439
final cleanup
2012-11-18 00:59:49 +01:00
eed0f92829
Merge branch 'sap_soap_rfc_ping' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_ping
2012-11-18 00:59:35 +01:00
22d4ccadea
description updated
2012-11-18 00:35:25 +01:00
a35c640acf
final cleanup
2012-11-18 00:32:20 +01:00
e72946303e
Merge branch 'sap_soap_rfc_system_info' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_system_info
2012-11-18 00:31:53 +01:00
59e96e5850
fix typo
2012-11-17 00:35:53 +01:00
8c0e4705f1
final cleanup
2012-11-17 00:18:35 +01:00
c511e58971
Merge branch 'sap_soap_rfc_read_table' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_read_table
2012-11-17 00:18:04 +01:00
c65f37782d
Merge branch 'rapid7' into tasos-r7-web-modules
2012-11-16 13:52:18 -06:00
0ef41ffcd4
added reporting to the module
2012-11-16 20:05:26 +01:00
d8d2bee6fb
Final cleanup
2012-11-16 19:20:58 +01:00
65c741b539
Merge branch 'sap_soap_th_saprel' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_th_saprel
2012-11-16 19:19:21 +01:00
e8fe6031e9
Let default timeout for send_request_cgi
2012-11-16 18:09:47 +01:00
51f238ec38
up to date
2012-11-16 16:03:09 +01:00
c0df3a0407
Remove curly braces
2012-11-15 23:27:25 +01:00
eea85cf2ca
Remove curly braces
2012-11-15 23:26:28 +01:00
836d83a253
Remove curly braces
2012-11-15 23:25:10 +01:00
854bfe09e2
remove curly braces
2012-11-15 23:23:46 +01:00
73d43beff3
Remove EOL spaces
2012-11-15 22:46:22 +01:00
afced2278d
Remove EOL spaces
2012-11-15 22:43:47 +01:00
e479399b5d
Initial import of OpenVAS aux scripts
2012-11-15 22:39:56 +01:00
f7f7c451d3
Initial import of Nexpose aux scripts
2012-11-15 22:35:35 +01:00
1956af7dc1
Initial import of Metasploit RPC aux scripts
2012-11-15 22:32:22 +01:00
bd03a2dcfd
Initial import of Nessus basic aux scripts
2012-11-15 22:28:56 +01:00
62f9766e63
made requested changes
2012-11-15 00:00:31 +00:00
99d145eb23
made requested changes
2012-11-14 23:50:47 +00:00
35a7999b4e
Merge branch 'rapid7' into tasos-r7-web-modules
2012-11-14 17:41:27 -06:00
b9a8791b87
made requested changes
2012-11-14 23:40:20 +00:00
047d6d350a
looks like I committed the wrong file first time round :(
2012-11-14 23:34:21 +00:00
a252dbc5d7
made requested changes
2012-11-14 23:25:25 +00:00
91b81bee4a
made requested changes
2012-11-14 23:19:09 +00:00
308eee7c4f
made requested changes
2012-11-14 23:00:45 +00:00
aa3cd500bb
made requested changes
2012-11-14 22:49:34 +00:00
83215edd8c
made requested changes
2012-11-14 22:38:32 +00:00
c5a017d054
made requested changes
2012-11-14 22:25:10 +00:00
833af3a347
made requested changes
2012-11-14 22:13:06 +00:00
e55e5d2796
made requested changes
2012-11-14 20:12:37 +00:00
4d633016aa
Merge remote branch 'Meatballs1/smb_login_update'
...
Thus ends our long national nightmare.
2012-11-14 10:13:34 -06:00
8a9f0a0890
Merge remote-tracking branch 'upstream/master' into web-modules
2012-11-14 18:10:41 +02:00
6b033fb1a8
Only store the password when there's one
2012-11-14 01:25:32 -06:00
212179b95e
change behavior to explicitly note when password is not set (or enhanced password supercedes it) as opposed to an empty string password
2012-11-13 23:49:45 -06:00
721cf41f47
fix nil class error on non-lantronix hosts
2012-11-13 23:46:59 -06:00
f9b4971fc3
Fixed hard coded paths in psexec on command.rb
2012-11-13 10:28:16 -06:00
ee7e502e89
Merge branch 'impersonate_ssl_tweak' of git://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-impersonate_ssl_tweak
2012-11-13 09:36:28 -06:00
f707a4774d
Merge branch 'esmnemon-modbus-aux'
2012-11-12 23:42:00 -06:00
aa6ac36abd
Cosmetic changes, mostly
2012-11-12 23:41:31 -06:00
66fe8ade52
Merge branch 'modbus-aux' of git://github.com/esmnemon/metasploit-framework into esmnemon-modbus-aux
2012-11-12 22:40:34 -06:00
5c10bc11a8
Fix spacing before -
2012-11-12 23:20:40 +00:00
dd1da88ff7
Make domain part less stupid looking
2012-11-12 16:54:52 -06:00
970869b3e4
Retry push
2012-11-12 22:28:44 +00:00
e30ab85549
Fix some outputting issues
2012-11-12 22:25:08 +00:00
72f0a5613f
Add more improvements
2012-11-12 15:40:12 -06:00
8fe3f289bf
Merge branch 'drupal_views_user_enum.rb' of git://github.com/zeknox/metasploit-framework into zeknox-drupal_views_user_enum.rb
2012-11-12 14:48:13 -06:00
683bcd4b82
Added disconnect method to command.rb
2012-11-12 11:25:12 -06:00
e57275d3f6
added check cleanup method to command.rb
2012-11-12 09:46:02 -06:00
94120604f2
Set back to target_uri.to_s per original module
2012-11-11 12:07:27 +01:00
cffedd0c97
Set back to target_uri.path
2012-11-11 12:04:31 +01:00
76ba770872
fixed target_uri.path vs target_uri.to_s issue
2012-11-11 11:59:10 +01:00
38b25f01f7
Corrected bad coding (sorry)
...
Added OptEnum and OptPath
Checks for nil and empty
Added reference
Made AlterSerial an advanced option instead of always on
2012-11-10 20:24:50 +01:00
6482de44e4
Added checks for Extension and Domain
...
Altered error handling on no response
2012-11-10 13:21:41 +01:00
1b9d45e106
Test for subdom_list existence first
...
Otherwise, you get
````
[11/09/2012 14:50:38] [e(0)] core: Error running against host
173.236.237.136: can't convert nil into String
````
Other than that, looks good.
[Fixes #851 ]
2012-11-09 15:01:36 -06:00
171ebe13cd
Whitespace fix for vhost_scanner
2012-11-09 14:48:46 -06:00
b1c35fdb24
Merge remote branch 'sempervictus/http_vhost_scanner_from_file'
2012-11-09 14:46:54 -06:00
9a94fef8d0
Merge branch 'llmnr-spoof'
2012-11-09 14:36:04 -06:00
a6fd0fee1c
Fix up notification to not spam or hide
...
Instead of hiding the success notification in vprint, it should print,
but not every time. This fix thottles the notification to ten seconds
per host.
[Fixes #731 ]
2012-11-09 14:31:28 -06:00
6cd5b79b60
Getting rid of Id and Revision
2012-11-09 13:30:14 -06:00
f6c565848e
Resolving conflicted smb_login
2012-11-09 12:55:18 -06:00
6e257d5f57
Simplify main method
2012-11-09 08:50:09 -06:00
a889c8ae99
error handling adjustments on loggedin_users.rb
2012-11-09 08:33:05 -06:00
7032ef0f6f
Merge remote-tracking branch 'upstream/master' into web-modules
2012-11-09 00:21:38 +02:00
08d56e31e1
recreated in new branch
...
removed space at EOL
2012-11-08 22:38:21 +01:00
b75ade746c
Removed EOL spaces
...
Removed unrequired udp_sock.close
2012-11-08 22:26:37 +01:00
0dd4f4d03d
Formatting
2012-11-08 17:51:06 +01:00
f88ec5cbc8
Add normalize_uri to modules that may have
...
been missed by PULL 1045.
Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)
ref --> https://github.com/rapid7/metasploit-framework/pull/1045
2012-11-08 17:42:48 +01:00
7ce3859e8c
Fixed a bunch of bull crap in loggedin_users.rb
2012-11-08 09:49:53 -06:00
0c0d5b10ec
changes loggedin_users.rb
2012-11-08 09:26:17 -06:00
3bf865456c
Better error handling in loggedin_users
2012-11-08 09:13:33 -06:00
6843aa3a6c
Added fix URL and a few more comments. Corrected date.
2012-11-08 10:09:28 -05:00
4d2147f392
Adds normalize_uri() and fixes double-slash typos
2012-11-08 07:16:51 -06:00
5ad2749cee
Rework ADDP modules to use the new mixin
2012-11-08 06:40:32 -06:00
0e8a3f0ea6
Merge branch 'master' into feature/udp-scanner-mixin
2012-11-08 06:09:22 -06:00
e008120c11
Bug fixes to the SSDP discovery module
2012-11-08 06:08:49 -06:00
da6bf29699
Display message when no response received
2012-11-08 11:59:13 +01:00
22ecd6afa9
Edit command.rb
2012-11-07 15:17:13 -06:00
18aab8bcc7
Remove extrat comment lines from command.rb
2012-11-07 15:09:57 -06:00
d159aa6f9f
Changed error handeling of command.rb module
2012-11-07 15:03:31 -06:00
04a80e0648
Fixes to the WMI setup
2012-11-07 11:26:48 -06:00
92679cd1c8
SAP Web GUI Brute Force
2012-11-07 16:18:00 +00:00
c13f8d8eba
SAP RFC TH_SAPREL
2012-11-07 16:10:09 +00:00
f618000d0d
SAP SOAP RFC SUSR_RFC_USER_INTERFACE (user creation)
2012-11-07 16:04:07 +00:00
2b973263b7
SAP SOAP RFC_Info
2012-11-07 15:17:56 +00:00
509e63268b
SAP SOAP RFC SXPG_CALL_SYSTEM
2012-11-07 15:06:28 +00:00
ac518f7091
Removed double lines in Author field and general URLs
2012-11-07 08:22:09 -06:00
ddcc0a9592
This module makes use of the SXPG_CALL_SYSTEM Remote Function Call (via SOAP) to execute OS commands as configured in SM69.
2012-11-07 12:48:08 +00:00
e053c4a0ad
This module makes use of the RFC_READ_TABLE Remote Function Call (via SOAP) to read data from tables.
2012-11-07 12:37:01 +00:00
fc03fbe881
Initial sip_deregister.rb
2012-11-07 13:35:33 +01:00
3be7ad06c4
Calls the RFC_PING RFC module via SOAP to test the availability of the function. The function simply tests connectivity to remote RFC destinations.
2012-11-07 11:35:53 +00:00
b86bc9f365
SAP SOAP RFC DBMCLI Command Injection (via SXPG_CALL_SYSTEM)
2012-11-07 11:29:16 +00:00
f82b51b2c4
This module calls the RFC BAPI_USER_CREATE1 module (via SOAP). The module can be used for creating/modifying users.
2012-11-07 11:16:31 +00:00
5d7414511a
SAPRouter Admin Request (display remote route information)
2012-11-07 11:06:03 +00:00
6b7b8f7265
Flipping OptString for OptEnum
2012-11-07 11:00:43 +00:00
d19be3024f
Flipping OptEnum for OptString
2012-11-07 10:58:07 +00:00
51a3aa514d
This module attempts to brute force the username | password via an RFC interface (over SOAP)
2012-11-07 10:45:25 +00:00
aec4d99549
ran msftidy on command.rb
2012-11-06 16:33:47 -06:00
9f87b7b674
Removed smb_exec from this branch
2012-11-06 16:18:38 -06:00
c4f35def81
fixed vprint_line
2012-11-06 14:58:14 -06:00
d835a046ed
fixed drupal_views_user_enum.rb so it displays to stdout and stores to loot
2012-11-06 14:53:11 -06:00
43ebec22b4
Silly typos
2012-11-06 13:14:07 -06:00
8c41aca091
Removed some non essential requires from loggedin_users.rb
2012-11-06 09:17:09 -06:00
e40ab4367a
removed other modules
2012-11-05 21:07:09 -06:00
74745bdad6
New Module loggedin-users
2012-11-05 21:04:27 -06:00
30088a410c
fixed junky spacings
2012-11-05 16:59:56 -06:00
1a4968e6a8
removed hashgrab.rb from this branch
2012-11-05 16:38:58 -06:00
d5b18114ac
New module loggedin_users.rb
2012-11-05 16:37:13 -06:00
b973927ab2
Msftidy on digi_addp_reboot and pgpass_creds
2012-11-05 16:19:38 -06:00
9166d12179
Merge branch 'WinRM_piecemeal' of https://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-WinRM_piecemeal
2012-11-05 23:08:59 +01:00
aa8549fb6b
Correct use of rport.
2012-11-05 15:57:59 -06:00
23cc2bd1a1
Merge remote branch 'origin/master'
2012-11-05 15:56:21 -06:00
6a4d398b5d
Merge remote branch 'origin/feature/addp-modules'
2012-11-05 15:55:30 -06:00
0f5f5f966b
Merge branch 'master' into feature/realport-modules
2012-11-05 22:52:38 +01:00
314026ed0e
Some error checking and fixups
2012-11-05 13:29:57 -06:00
3236b4c425
New module hashgrab.rb
2012-11-05 12:06:51 -06:00
a31606e196
New module ntdsgrab.rb
2012-11-05 12:05:16 -06:00
0b940d8087
New module command.rb
2012-11-05 12:03:51 -06:00
aa6e8c7437
smb_exec
2012-11-05 11:46:39 -06:00
a9db705b60
New module for submission smb_exec
2012-11-05 11:45:03 -06:00
b4872c1c48
Submiting module smb_exec to MSF
2012-11-05 11:37:10 -06:00
dccfb63bd6
Cleanup based on PR #1008 feedback
2012-11-04 22:47:56 -06:00
f8lerror
HD Moore
sinn3r
m-1-k-3
Royce Davis
Robin Wood
jvazquez-r7
Christian Mehlmauer
Tod Beardsley
lmercer
smilingraccoon
Meatballs
luh2
Joshua J. Drake
James Lee
Tonimir Kisasondi
Rob Fuller
Zach Grace
Chris John Riley
nmonkee
T0X1C-1
Tod Beardsley
Stephen Haywood
Royce Davis
Matt Andreko
Alexandre Maloteaux
Tasos Laskos
Vlatko Kosturjak
Chris John Riley
jgor
David Maloney
Brandon McCann