Brendan Coles
b82051757d
Add SurgeNews User Credentials scanner module
2017-06-17 01:49:47 +00:00
Metasploit
9ce0bb9345
Bump version of framework to 4.14.28
2017-06-16 10:02:07 -07:00
Brent Cook
55b71e115f
Land #8535 , MSGRPC module minor fixes
2017-06-15 21:44:34 -05:00
Brent Cook
53253bfa37
Land #8558 , Fix AMT scanner when parsing mangled HTML
2017-06-15 20:42:33 -05:00
OJ
f4158eeac9
Land #8568 : Move php_preamble before $ipaddr and $port
2017-06-16 11:16:30 +10:00
William Vu
5f74da9023
Move php_preamble before $ipaddr and $port
...
php_preamble contains a <?php tag now, so we need to move it to the top.
2017-06-15 19:50:57 -05:00
Pearce Barry
9d57197736
Land #8551 , Update processmaker_exec module with workspace support
2017-06-15 17:12:35 -05:00
Pearce Barry
cab64fc8b2
Land #8564 , Fix cryptolog desc
2017-06-15 13:39:56 -05:00
Tod Beardsley
49383f8f3a
Update and fix grammar to the CryptoLog module
...
After talking to the vendor, it appears that the PHP version of CryptoLog has been EOL'ed since 2009. It has since been replaced with an ASP.NET version, which, obviously, is no longer vulnerable to these PHP exposures.
2017-06-15 13:00:44 -05:00
Tod Beardsley
b6fd0ce5e3
Merge pull request #16 from rapid7/master
...
Resync with upstream
2017-06-15 12:55:18 -05:00
William Vu
549f9e74d8
Fix AMT scanner for mangled HTML (no </p>)
...
Also stores proof using the correct :info for report_vuln (not :proof).
2017-06-14 16:54:32 -05:00
James Lee
c1372456e2
Land #8326 , support LLMNR ANY responses
2017-06-14 14:01:44 -05:00
Pearce Barry
e64fcfc6f1
Land #8534 , Fix nessus_template_list command argument parsing
2017-06-14 08:29:30 -05:00
James Lee
55f0edb732
Land #8491 , fixes for service_persistence
2017-06-13 17:17:53 -05:00
Brendan Coles
0766f92013
Add option for workspace
2017-06-13 12:46:36 +00:00
Jeffrey Martin
cbbb57d1a5
Land #8526 , Refactor QNAP and airOS modules for creds
2017-06-12 14:46:11 -05:00
William Vu
a40e7164d8
Refactor QNAP module for traditional creds
2017-06-12 14:41:58 -05:00
William Vu
bb9d1a6768
Land #8507 , Riverbed SteelHead VCX file read
2017-06-12 10:39:48 -05:00
Pearce Barry
704a1218fa
Land #8498 , store more specific credential wordpress_directory_traversal_dos
2017-06-12 10:13:52 -05:00
Pearce Barry
80e91e9de2
Minor fixups.
2017-06-12 09:51:30 -05:00
Metasploit
0515980138
Bump version of framework to 4.14.27
2017-06-12 07:39:14 -07:00
h00die
a349eb9a0d
fixes per peer review
2017-06-10 14:29:53 -04:00
Brent Cook
bf674263f3
Land #8533 , record vulnerability attempts
2017-06-09 17:52:49 -05:00
Mykhailo Danylenko
d5a7b292c1
Fix nessus_list_templates command argument parsing
2017-06-10 01:24:10 +03:00
TheNaterz
40fafaa270
dereference the service from the service manager
2017-06-09 16:24:01 -06:00
Jeffrey Martin
2b6f823a1b
store vuln attempt when reported
2017-06-09 12:46:39 -05:00
TheNaterz
adfd6ff978
fixed warnings created by load->unload->load msgrpc
2017-06-09 11:41:46 -06:00
Metasploit
77b1125e77
Bump version of framework to 4.14.26
2017-06-09 10:03:35 -07:00
David Maloney
c89fee89db
Land #8529 , RPC Session Arch
...
Lands pr adding Session arch to info
returned by rpc
2017-06-09 11:58:19 -05:00
William Vu
56fbf4c339
Land #8532 , metasploit-credential version bump
2017-06-09 02:08:01 -05:00
Brent Cook
153611e9fa
bump metasploit-credential to allow handling string addresses gracefully
2017-06-09 01:43:45 -05:00
Brent Cook
06a789f777
Land #8530 , Update ms17_010_eternalblue description and ranking
2017-06-09 01:30:33 -05:00
Stephen Shkardoon (ss23)
a968a74ae0
Update ms17_010_eternalblue description and ranking.
...
The module has been noted to cause crashes, reboots, BSOD, etc, on
some systems.
2017-06-09 11:01:48 +12:00
TheNaterz
c3b2476a51
add arch to rpc session details
2017-06-08 16:26:13 -06:00
Brent Cook
aa00661fd0
Land #8518 , update CVE references where modules report_vuln
2017-06-08 13:38:12 -05:00
William Vu
3e20296cf5
Add service_details for SSH
2017-06-08 13:28:29 -05:00
William Vu
e22334343e
Use store_valid_credential in my modules
...
I used report_note because using the creds API was a pain in the ass.
2017-06-08 00:57:51 -05:00
William Vu
4198efa41f
Remove pry from CommandDispatcher::Creds...
...
My bad. Should have been caught in #8517 .
2017-06-08 00:18:46 -05:00
bwatters-r7
99fa52e660
Land #8434 , Add Windows 10 Bypassuac fodhelper module
2017-06-07 11:15:01 -05:00
William Vu
3e27fd3db4
Land #8517 , CommandDispatcher::Common
...
Also fixes jobs -i.
2017-06-07 03:20:45 -05:00
William Vu
596924552e
Fix literal \n in jobs -i
...
Regression from #4063 .
2017-06-07 03:19:30 -05:00
Spencer McIntyre
a052ee4064
Use the opts hash not the datastore
2017-06-06 20:02:06 -04:00
OJ
6131e4bd82
Fix download lambda function to take correct param count
...
This is an emergency fix as a result of something being broken in
master. This is also being pushed straight to master because github is
down and the PR process isn't possible. This commit was reviewed by
@wvu-r7 prior to being pushed.
2017-06-07 09:37:24 +10:00
Spencer McIntyre
834e0eba95
Land #8340 , add exception handling for rev_tcp_ssl
2017-06-06 19:09:15 -04:00
Spencer McIntyre
a953d94f61
Minor white space cleanups for PR #8340
2017-06-06 19:07:55 -04:00
Alexandre Maloteaux
e5e3be3046
Merge pull request #3 from bwatters-r7/land-8434
...
Rubocop readability changes
2017-06-06 22:09:53 +01:00
Jeffrey Martin
b932aae82e
reference typo fix
2017-06-06 11:50:07 -05:00
Brent Cook
bac17a8e80
Land #8053 , Add DC/OS Marathon UI Exploit
2017-06-06 09:29:26 -05:00
Brent Cook
3ded57e1cd
Land #8516 , add verbose debug to ntds dumper
2017-06-06 07:26:54 -05:00
Brent Cook
0830e4aaa5
Land #8503 , Linux x86 reverse_tcp error handling
2017-06-06 06:36:55 -05:00