Commit Graph

4354 Commits (b06895b604f33b64314cc004c63c5227f47560c0)

Author SHA1 Message Date
William Vu 766e7b013d Once more, with feeling 2017-02-08 09:17:37 -06:00
William Vu a71b097e6b Revert status iteration, since it doesn't work
Also.
2017-02-08 09:13:42 -06:00
William Vu 6b2a995a7d Revert AutoPublish, since it doesn't work
Apparently.
2017-02-08 07:43:17 -06:00
William Vu df38a91fbd Be nice and parse JSON for the error 2017-02-08 07:37:09 -06:00
William Vu befe224c58 Use wordpress_and_online? before actions 2017-02-08 07:24:57 -06:00
William Vu 46ab03f528 Add SearchTerm to filter listed posts 2017-02-08 06:10:46 -06:00
William Vu 064420075f Update diagnostics and print better header 2017-02-08 04:54:25 -06:00
William Vu 6df55c9733 Gotta catch 'em (post statuses) all 2017-02-08 04:31:06 -06:00
William Vu 7583d050b7 Add AutoPublish to publish updated posts 2017-02-08 04:01:42 -06:00
William Vu e480107bd5 Add PostCount (default 100) to list more posts 2017-02-08 03:52:20 -06:00
William Vu 13f4b0d7ae Be more specific with invalid post ID 2017-02-08 02:18:52 -06:00
William Vu 6f4ff89218 Add WPVDB reference 2017-02-07 18:33:58 -06:00
William Vu b4056a110b Print diagnostics if no posts found/given 2017-02-07 04:37:05 -06:00
William Vu 8af966a132 Add WordPress content injection module 2017-02-06 04:40:26 -06:00
Brent Cook 3c9b1be649
Land #7883, Fix cisco_firepower_download to pass the username properly 2017-01-27 16:31:06 -06:00
Brent Cook 4480ea7877
Land #7827, Cisco Firepower Management Console LoginScanner 2017-01-27 16:26:40 -06:00
Brent Cook 171cc7d54e slight wording tweak 2017-01-27 16:26:23 -06:00
wchen-r7 e6de951e3e Fix cisco_firepower_download to pass the username properly 2017-01-27 16:25:34 -06:00
Brent Cook a4dd1fc846
Land #7805, Add CVE-2016-6435 - Cisco Firepower Management Console Dir Traversal 2017-01-27 16:09:14 -06:00
wchen-r7 781bc8420a Add Advantech WebAccess LoginScanner module 2017-01-26 13:54:50 -06:00
Brent Cook 836da6177f Cipher::Cipher is deprecated 2017-01-22 10:20:03 -06:00
Jin Qian b4d3e9da8d This closes #7849 on the confusing message.
Use result.proof which has the right message. Thanks to Wei for pointing it
2017-01-19 15:39:10 -06:00
wchen-r7 82ab4fc630 Update cisco_firepower_download module & documentation 2017-01-17 13:58:10 -06:00
wchen-r7 a687073416 Add Cisco Firepower Management Console LoginScanner 2017-01-13 16:59:20 -06:00
wchen-r7 18347a8de7
Land #7774, Fix pivoting of UDP sockets in scanners 2017-01-10 13:57:28 -06:00
wchen-r7 8194603725 Add CVE-2016-6435 - Cisco Firepower Management Console Dir Traversal 2017-01-09 14:39:37 -06:00
dmohanty-r7 5cba9b0034
Land #7747, Add LoginScanner module for BAVision IP cameras 2017-01-06 16:25:44 -06:00
Brent Cook 04a026e786 remove lies from module, this is a bound socket 2017-01-02 09:47:18 -06:00
Brent Cook fdca963b61 check if the socket exists before closing 2016-12-30 14:59:31 -06:00
wchen-r7 144f886e8b Add LoginScanner module for BAVision IP cameras 2016-12-23 16:22:17 -06:00
William Vu 0589948a73 Remove other rhost (oops) and fail_with 2016-12-23 16:10:21 -06:00
Jin Qian da9ea0b85c Change the PCRE. 2016-12-16 15:41:10 -06:00
dmohanty-r7 f74fd9e5dd
Land #7672, support LOCKED_OUT and DISABLED login status 2016-12-16 15:11:05 -06:00
jinq102030 378d8aea36 Merge pull request #7697 from h00die/fix_colorado
Fix ftp traversal error conditions
2016-12-16 13:51:15 -06:00
h00die b5beb2eb93 throw errors 2016-12-12 21:48:08 -05:00
h00die 2dca7c871b applying #7582 to all ftp aux traversals 2016-12-10 16:05:09 -05:00
William Vu f0dca7abbf
Land #7692, print_error for error_sql_injection 2016-12-09 17:09:52 -06:00
William Vu 2b0bce6459
Land #7690, drupal_views_user_enum user count fix 2016-12-09 16:55:01 -06:00
William Vu 4e235be484 Ensure a trailing slash for base_uri
Technically, the GET parameters should be in vars_get, but we don't want
to refactor the entire module right now.
2016-12-09 16:53:58 -06:00
Jin Qian 8780c325a7 Fixed issues #7691, silent exit.
Add a print statement to alert user what is missing, user could be confused that "show missing" is empty yet something is missing.
2016-12-09 16:20:44 -06:00
dmohanty-r7 77dd952370
Land #7592, check nil return value when using redis_command 2016-12-09 16:07:12 -06:00
Jin Qian 17c12a78f5 Fixed issue #7689, count of found users not accurate
In module drupal_views_user_enum, the count of found users is not accurate.
Fixed it by doing flatten before doing counting.
2016-12-09 15:19:43 -06:00
wchen-r7 7e0b224eb2 Make ABORT_ON_LOCKOUT non default 2016-12-08 15:07:53 -06:00
wchen-r7 0110b97fa2 Fix #7671, support LOCKED_OUT and DISABLED login status
This allows login scanner modules to skip a user if it is
locked out, or disabled.

Fix #7671
2016-12-07 16:49:16 -06:00
Rich Whitcroft d3a8409a49 prevent further lockouts in smb_login 2016-12-06 21:53:08 -05:00
Jin Qian 4a35f8449a Fixed issue #7650 by matching Server header using regex as Wei suggested
The suggestion by Wei is simpler than the one I checked in which checks for presence of Server header before calling include method.
2016-12-02 20:26:38 -06:00
Jin Qian 35fdf1473b Fixed issue #7650 where etherpad_duo_login module may crash
Add check for presence of Server header.
2016-12-02 18:07:18 -06:00
Jin Qian 11906eb540 Fix issue #7645 where dolibarr_login module crashed
Add "res" (http response) when trying to retrieve the cookie
2016-12-01 15:38:26 -06:00
William Vu 54684d31bd
Land #7641, check_conn? fix for cisco_ssl_vpn 2016-11-30 21:14:19 -06:00
William Vu 032312d40b Properly check res 2016-11-30 21:03:29 -06:00