infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,620 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

616 Commits (b09f819e4bd49c9683a7c261a3a65599bcc9e42f)

Author SHA1 Message Date
sinn3r 6f50410e5f Merge branch 'patch-1' of github.com:mubix/metasploit-framework into mubix-patch-1 2013-01-03 17:51:54 -06:00
James Lee 9e912a23ff Merge branch 'rapid7' into FireFart-msftidy_aux_1 2013-01-03 16:54:25 -06:00
Tonimir Kisasondi 39e81fb07f Update modules/auxiliary/scanner/http/wordpress_login_enum.rb 
Simple fix for msfconsole start error.
 2013-01-03 21:52:10 +01:00
Christian Mehlmauer e4a6669927 msftidy: remove $Revision$ 2013-01-03 01:05:45 +01:00
Christian Mehlmauer 4d8a2a0885 msftidy: remove $Revision$ 2013-01-03 01:01:18 +01:00
Christian Mehlmauer 95948b9d7c msftidy: remove $Revision$ 2013-01-03 00:58:09 +01:00
Christian Mehlmauer ca890369b1 msftidy: remove $Id$ 2013-01-03 00:54:48 +01:00
Rob Fuller 88d12da3db hilight positive results in WebDAV scanner 
As suggested by Lee Baird
 2013-01-02 13:27:25 -05:00
sinn3r d92b3bd2e1 Apply fixes 2012-12-28 17:46:17 -06:00
sinn3r 2746a57093 Merge branch 'zgrace-wordpress_login_enum' of git://github.com/403labs/metasploit-framework into 403labs-zgrace-wordpress_login_enum 2012-12-28 15:42:09 -06:00
Zach Grace d4bdf1b6b4 Added user name enumeration based on author id enumeration 2012-12-24 16:09:03 -06:00
Chris John Riley e237512bd7 Cleaned up the SAP modules as they are all sending double user-agent strings (also added OptEnum where appropriate) 2012-12-21 10:47:45 +01:00
sinn3r cad8abef48 msftidy cleanup 2012-12-18 11:46:27 -06:00
sinn3r 860ebbcfb1 Merge branch 'master' into averagesecurityguy-master 2012-12-18 11:45:41 -06:00
Tod Beardsley 10511e8281 Merge remote branch 'origin/bug/fix-double-slashes' 
Ran the new normalize_uri() specs, all passes, so I'm quite confident in
this change.
 2012-12-17 13:29:19 -06:00
jvazquez-r7 8f388eb226 fixing if typo 2012-12-11 23:28:21 +01:00
sinn3r 0ca1dbd14e Account for the timeout condition 2012-12-11 16:24:42 -06:00
sinn3r 25d888bebb Add CVE-2012-4347 Symantec Messaging Gateway Log File Download 2012-12-10 18:09:29 -06:00
sinn3r 64a8b59ff9 Change CVE forma 
Although the original text should work perfectly, for better
consistency, it's best to remove the "CVE" part. This may not
be a big deal in framework, but stands out a lot in Pro.
 2012-12-09 01:09:21 -06:00
Stephen Haywood f56ef52ffc Fixed path error when BASE_PATH is nil. 2012-12-06 23:55:34 -05:00
Stephen Haywood 761e735a55 Store wc.db file in loot. Add BASE_PATH option. 2012-12-06 23:38:03 -05:00
Stephen Haywood 8a149b3ea3 Removed Version. 2012-12-06 17:24:16 -05:00
Stephen Haywood 4ce51fe889 Made changes requested by sinn3r. 2012-12-06 17:18:50 -05:00
Stephen Haywood d938959e97 Module to find SVN wc.db files. 2012-12-06 16:30:23 -05:00
sinn3r 1085357dbb Talked to Todb, we like "." better 2012-11-30 14:53:57 -06:00
sinn3r 61a74bf257 Minor changes here and there 
Changes include:
* Some corrections in metadata
* report_note()
* Removes connect(), usually don't need it in modules
 2012-11-30 14:24:27 -06:00
Matt Andreko a73d8792ee Changed RPORT definition per egypt 2012-11-30 13:57:25 -05:00
Matt Andreko 40b8c93ef8 Added HSTS scanner for HTTPS sites 2012-11-30 09:30:11 -05:00
sinn3r 472ec35adb Merge branch 'kost-aux-scan-splunk-login' 2012-11-26 16:16:02 -06:00
sinn3r af451df864 Lots of changes made 
These changes include:
* More description
* Checks if auth is actually required.
* Collects the default credential on the webpage, and then tries it.
* Fixes possible nil 'Set-Cookie' header.
* Supports more options (USERPASS_FILE, USER_FILE, PASS_FILE)
* Removes the msg() function.
 2012-11-26 16:12:11 -06:00
Tasos Laskos 7795dc58f4 auxiliary/scanner/http/crawler#form_from_url: rescue => rescue URI::Error 2012-11-26 20:54:20 +02:00
Tasos Laskos c17cffdece auxiliary/scanner/http: wrapped an exception-prone URL parse in a begin/rescue block 2012-11-26 18:58:06 +02:00
Vlatko Kosturjak 7bafc97fec Remove non needed and redundant checks 2012-11-24 23:01:08 +01:00
Vlatko Kosturjak cdfe663675 initial import of splunk password guesser 2012-11-24 22:05:57 +01:00
Tod Beardsley 6b4c131cf5 Avoiding a future conflict with release 2012-11-20 13:24:19 -06:00
James Lee c65f37782d Merge branch 'rapid7' into tasos-r7-web-modules 2012-11-16 13:52:18 -06:00
jvazquez-r7 e8fe6031e9 Let default timeout for send_request_cgi 2012-11-16 18:09:47 +01:00
jvazquez-r7 51f238ec38 up to date 2012-11-16 16:03:09 +01:00
Tasos Laskos 8a9f0a0890 Merge remote-tracking branch 'upstream/master' into web-modules 2012-11-14 18:10:41 +02:00
sinn3r ee7e502e89 Merge branch 'impersonate_ssl_tweak' of git://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-impersonate_ssl_tweak 2012-11-13 09:36:28 -06:00
sinn3r 72f0a5613f Add more improvements 2012-11-12 15:40:12 -06:00
sinn3r 8fe3f289bf Merge branch 'drupal_views_user_enum.rb' of git://github.com/zeknox/metasploit-framework into zeknox-drupal_views_user_enum.rb 2012-11-12 14:48:13 -06:00
Chris John Riley 94120604f2 Set back to target_uri.to_s per original module 2012-11-11 12:07:27 +01:00
Chris John Riley 76ba770872 fixed target_uri.path vs target_uri.to_s issue 2012-11-11 11:59:10 +01:00
Chris John Riley 38b25f01f7 Corrected bad coding (sorry) 
Added OptEnum and OptPath
Checks for nil and empty
Added reference
Made AlterSerial an advanced option instead of always on
 2012-11-10 20:24:50 +01:00
Tod Beardsley 1b9d45e106 Test for subdom_list existence first 
Otherwise, you get

````
[11/09/2012 14:50:38] [e(0)] core: Error running against host
173.236.237.136: can't convert nil into String
````

Other than that, looks good.

[Fixes #851]
 2012-11-09 15:01:36 -06:00
Tod Beardsley 171ebe13cd Whitespace fix for vhost_scanner 2012-11-09 14:48:46 -06:00
Tod Beardsley b1c35fdb24 Merge remote branch 'sempervictus/http_vhost_scanner_from_file' 2012-11-09 14:46:54 -06:00
Tasos Laskos 7032ef0f6f Merge remote-tracking branch 'upstream/master' into web-modules 2012-11-09 00:21:38 +02:00
Chris John Riley f88ec5cbc8 Add normalize_uri to modules that may have 
been missed by PULL 1045.

Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)

ref --> https://github.com/rapid7/metasploit-framework/pull/1045
 2012-11-08 17:42:48 +01:00
HD Moore 4d2147f392 Adds normalize_uri() and fixes double-slash typos 2012-11-08 07:16:51 -06:00
Brandon McCann c4f35def81 fixed vprint_line 2012-11-06 14:58:14 -06:00
Brandon McCann d835a046ed fixed drupal_views_user_enum.rb so it displays to stdout and stores to loot 2012-11-06 14:53:11 -06:00
jvazquez-r7 9576d26299 Merge branch 'bitweaver_traversal' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-bitweaver_traversal 2012-11-03 18:25:46 +01:00
sinn3r 10cccb34d8 Uh... I don't want that print_line(). Forgot to remove it. 2012-11-03 05:18:17 -05:00
sinn3r 4415849009 Another attempt to fix the regex 2012-11-03 05:17:32 -05:00
sinn3r d449052472 Make <br /> tag optional 2012-11-02 18:25:48 -05:00
sinn3r 45dce9ff76 Modify regex 2012-11-02 16:44:27 -05:00
sinn3r 1d26491b77 Ok... last fix, really 2012-11-02 15:09:30 -05:00
sinn3r a161c1faa0 Final changes 2012-11-02 15:06:51 -05:00
sinn3r ea5dc940d2 Move module to the correct directory 2012-11-02 14:52:28 -05:00
sinn3r 00d0dc3e4d Add CVE-2012-5192 - Bitweaver overlay_type module 2012-11-02 14:20:20 -05:00
Tasos Laskos 37a9c13c34 updated auxiliary/scanner/http/crawler to accept a callback for each page 2012-11-01 21:20:56 +02:00
jvazquez-r7 357fd1b955 add peer info to print_error message 2012-10-30 17:47:17 +01:00
jvazquez-r7 201f7766d8 Merge branch 'clansphere_lfi_read' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-clansphere_lfi_read 2012-10-30 17:45:45 +01:00
sinn3r a636971b71 Change error message 2012-10-30 11:39:25 -05:00
sinn3r 3f3e6814a3 Make sure no extra '/' in there 2012-10-30 10:40:56 -05:00
jvazquez-r7 26808093d8 Merge branch 'nil_res_bug_fixes' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-nil_res_bug_fixes 2012-10-30 16:18:05 +01:00
jvazquez-r7 5e873d0697 adding peer information to error message 2012-10-30 12:15:01 +01:00
sinn3r c878b9077b Rename the DeviceExpert module to avoid confusion 2012-10-29 12:25:07 -05:00
sinn3r 2a202e9035 Add OSVDB-86563 ManageEngine SecurityManager dir traversal 2012-10-29 12:23:48 -05:00
sinn3r 2c4273e478 Correct some modules with res nil 2012-10-29 04:41:30 -05:00
sinn3r 34731c3e0a Add OSVDB-86720 - Clansphere dir traversarl 2012-10-29 03:44:22 -05:00
Michael Schierl 910644400d References EDB cleanup 
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
 2012-10-23 21:02:09 +02:00
sinn3r 33ce74fe8c Merge branch 'msftidy-1' of git://github.com/schierlm/metasploit-framework into schierlm-msftidy-1 2012-10-23 02:10:56 -05:00
Rob Fuller 7437d9844b standardizing author info 2012-10-22 17:01:58 -04:00
Michael Schierl e9f7873afc Version cleanup 
Remove all values that are neither 0 nor $Revision$.
 2012-10-22 20:57:02 +02:00
Rob Fuller 49948faa9b remove non-functional enum_delicious module 2012-10-22 14:46:52 -04:00
jvazquez-r7 4ad6fcc30e osvdb added 2012-10-19 17:04:47 +02:00
jvazquez-r7 16e2a2e050 fix title for the apache activemq source disclosure mod 2012-10-17 17:23:56 +02:00
jvazquez-r7 29299b29a5 Added modules for CVE-2012-4933 2012-10-15 16:03:19 +02:00
sinn3r e00dbfcc0d You mean.. FILEPATH. 2012-10-14 18:18:11 -05:00
sinn3r 2f04fdd71a Merge branch 'apache_activemq_traversal' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-apache_activemq_traversal 2012-10-14 18:16:41 -05:00
jvazquez-r7 d971abaeb9 deleted extra comma 2012-10-14 22:39:07 +02:00
jvazquez-r7 14bd0373d3 deleted extra space 2012-10-14 22:38:14 +02:00
jvazquez-r7 ac6a4c9283 Added module for CVE-2010-1587 2012-10-14 22:36:02 +02:00
jvazquez-r7 2b644dbc45 added module for Apache ActiveMQ directory traversal 2012-10-14 22:30:38 +02:00
HD Moore 286b86949b Prefix with host:port for readability 2012-10-08 15:23:26 -05:00
RageLtMan c0d746a36a remove ternary assignment 2012-10-03 23:34:41 -04:00
RageLtMan 94f8a41b57 Add subdomain input file for VHOST scanner 
This commit allows the vhost scanner to take subdomains from a
text file, one subdomain per line. Lines are stripped of the top
level domain name if present before testing.
 2012-10-03 03:51:58 -04:00
sinn3r f6baf824b6 The USER_FILE path is wrong. 2012-09-27 01:33:11 -05:00
sinn3r 75d40d4d82 Make msftidy happy 2012-09-27 01:33:11 -05:00
Cristiano Maruti 99ec988485 Updated with wordlist path registered options 2012-09-27 01:33:11 -05:00
Cristiano Maruti 75f5e24178 Dell iDrac login aux scanner 2012-09-27 01:33:11 -05:00
jvazquez-r7 270fa1b87b updated descriptions for hp sitescope modules tested over linux 2012-09-05 23:25:08 +02:00
sinn3r bed3c7bbac Merge branch 'hp_sitescope_loadfilecontent_fileaccess' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_sitescope_loadfilecontent_fileaccess 2012-09-05 13:59:49 -05:00
sinn3r 598fdb5c50 Merge branch 'hp_sitescope_getsitescopeconfiguration' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_sitescope_getsitescopeconfiguration 2012-09-05 13:58:39 -05:00
jvazquez-r7 20655232d7 cleanup, tested and added osvdb reference 2012-09-05 20:03:46 +02:00
jvazquez-r7 c6f5b1f072 cleanup, test, osvdb reference 2012-09-05 19:56:04 +02:00
jvazquez-r7 ea2eb046c3 cleanup, final test, osvdb reference 2012-09-05 19:45:50 +02:00