7522a87cf9
Adding an auxiliary scanner module for Titan FTP password disclosure.
2013-02-08 15:43:02 -05:00
6d6e43859f
Re-Merging 'dmaloney-r7/http/auth_methods'
...
Picking up the http auth methods for real in an attempt to close PR
something.
2013-02-08 14:06:23 -06:00
fea84cad10
Fix additional typos per recomendation
2013-02-08 14:47:16 -04:00
5b3b0a8b6d
Merge branch 'dmaloney-r7-http/auth_methods' into rapid7
2013-02-08 12:45:35 -06:00
2b3c8a68ad
Merge remote-tracking branch 'tasos-r7/feature/web_http_request_opts_override' into rapid7
2013-02-08 12:45:02 -06:00
b8f0a94c3f
Fixed typos mentioned by Egypt
2013-02-08 14:42:10 -04:00
d2c7dbe160
Merge remote-tracking branch 'wchen-r7/type_error_dir_scanner' into rapid7
2013-02-08 12:39:08 -06:00
917282c33b
Merge branch 'master' of github.com:rapid7/metasploit-framework
2013-02-08 12:27:19 -06:00
98457c0a4d
Merge branch 'sonicwall_gms' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-sonicwall_gms
2013-02-08 19:18:57 +01:00
9b6f2fcd1d
Use the install path to tell us the separator
...
Fixes the java target on windows victims
2013-02-08 12:10:42 -06:00
8798567d79
Fix bug: TypeError can't convert Fixnum into String
...
wmap_target_port is retrieved from datastore['RPORT'], and that's a
Fixnum. But wmap_base_url is treating that like a String, so when a
module uses that function, it's doomed.
See:
http://dev.metasploit.com/redmine/issues/7748
2013-02-08 12:05:27 -06:00
5b398076ae
Couple of fixes for windows
...
* Catch IOError when chmod doesn't exist (i.e. Windows)
* Proper escaping for paths
2013-02-08 11:52:50 -06:00
e3ee0d7913
Don't try to download '.' or '..' as files
2013-02-08 11:25:17 -06:00
ac8194ed07
Split of DNS SRV Record Enumeration from enum_dns
2013-02-08 10:09:34 -04:00
256ab7f737
Split of DNS Reverse Lookup from enum_dns
2013-02-08 09:50:21 -04:00
906585798d
Split of DNS General Info from enum_dns
2013-02-08 09:49:19 -04:00
2186db5295
Split of DNS Name Brutforce from enum_dns
2013-02-08 09:48:32 -04:00
66f0bddb54
fixed error check, a comment, manipulate_file all in memory now
2013-02-08 12:46:13 +01:00
071df7241b
Merge branch 'rapid7' into sonicwall_gms
...
Conflicts:
modules/exploits/multi/http/sonicwall_gms_upload.rb
Adds a loop around triggering the WAR payload, which was causing some
unreliability with the Java target.
2013-02-07 21:53:49 -06:00
e535a3e93f
Guard against running broken method on non-windows
...
This just puts a bandaid around the issue and makes it so FileDropper
doesn't completely break java and posix meterpreter sessions.
[SeeRM #7721 ]
2013-02-07 21:10:27 -06:00
1f9a09d5dd
Add a method to upload and exec in one step
2013-02-07 21:09:32 -06:00
0ad548a777
I expect people to know what a share is.
2013-02-07 19:16:44 -06:00
9415e55211
Merge branch 'feature/rm5455-patch-smb_relay' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-feature/rm5455-patch-smb_relay
2013-02-07 19:12:58 -06:00
25d8dac4c0
Merge branch 'bugs/linksys-fixes' of github.com:todb-r7/metasploit-framework into todb-r7-bugs/linksys-fixes
2013-02-07 19:10:36 -06:00
c131b7ef0e
Added exception handing and return checking as requested by Sinn3r
2013-02-07 21:06:05 -04:00
16a0ab1933
Fix comment link and some whitespace
2013-02-07 18:37:11 -06:00
bf28be7cff
Fix some comments that yard parsed incorrectly
2013-02-07 18:36:04 -06:00
ce7da154a6
Merge branch 'master' of github.com:hmoore-r7/metasploit-framework into hmoore-r7-master
2013-02-07 17:35:28 -06:00
035e8b7100
Merge branch 'groupwise_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-groupwise_traversal
2013-02-07 17:33:34 -06:00
19e989dff9
Initial commit fo the migrated module
2013-02-07 19:11:44 -04:00
13d1045989
Works for java and native linux targets
2013-02-07 16:56:38 -06:00
e9912496d8
nice check learned from sinn3r
2013-02-07 22:05:39 +01:00
0d3c32b0a4
Added module for CVE-2012-0419
2013-02-07 21:15:49 +01:00
7f746e1caa
That's what he said.
2013-02-07 11:13:18 -06:00
d554c3a56a
Don't really need the bottom comment
2013-02-07 10:46:42 -06:00
98559d4d51
Do a check and make sure this is Simple Web Server
2013-02-07 10:45:53 -06:00
b11f052746
Allow arbitrary depth
2013-02-07 10:32:29 -06:00
a3264e18e2
There aint no fail_with(), must use print_error
2013-02-07 10:30:17 -06:00
e13f16c5f5
Merge pull request #5 from jlee-r7/dmaloney-r7-http/auth_methods
...
Return a Request object
2013-02-07 07:06:03 -08:00
77390a5935
Fix a bug reported by Tom Liston
2013-02-06 23:34:55 -06:00
b6c6397da3
typo
2013-02-06 19:21:20 -06:00
a15889305a
Return a Request object
...
Still changes the return type, but now at least .to_s will give you the
right thing and at least a Request object is a logical thing to return.
2013-02-06 18:56:06 -06:00
b09f819e4b
Add Simple Web Server dir traversal
2013-02-06 17:02:07 -06:00
1095fe198b
Merge branch 'rapid7' into dmaloney-r7-http/auth_methods
2013-02-06 16:57:50 -06:00
24cb9e5ff8
Merge branch 'http/auth_methods' of git://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-http/auth_methods
2013-02-06 16:55:51 -06:00
f0ca4b2f08
Merge remote-tracking branch 'upstream/master'
2013-02-06 16:31:31 -06:00
d5b0482127
Note linking strat in comment docs
2013-02-06 14:19:18 -06:00
7d9982f6ac
Add pcaprub to gem deps
2013-02-06 14:07:20 -06:00
5357e23675
Fixups to the Linksys module
...
Professionalizes the description a little, but more importantly, handles
LANIP better, I think. Instead of faking a 1.1.1.1 address, just detect
if it's set or not in a method and return the right thing accordingly.
Please test this before landing, obviously. I think it's what's
intended.
2013-02-06 12:46:50 -06:00
e175e2c9e9
typo in method name
2013-02-06 12:19:57 -06:00
Spencer McIntyre
Tod Beardsley
Carlos Perez
James Lee
sinn3r
jvazquez-r7
SphaZ
dmaloney-r7
HD Moore