sinn3r
7f746e1caa
That's what he said.
2013-02-07 11:13:18 -06:00
sinn3r
d554c3a56a
Don't really need the bottom comment
2013-02-07 10:46:42 -06:00
sinn3r
98559d4d51
Do a check and make sure this is Simple Web Server
2013-02-07 10:45:53 -06:00
sinn3r
b11f052746
Allow arbitrary depth
2013-02-07 10:32:29 -06:00
sinn3r
a3264e18e2
There aint no fail_with(), must use print_error
2013-02-07 10:30:17 -06:00
sinn3r
b09f819e4b
Add Simple Web Server dir traversal
2013-02-06 17:02:07 -06:00
Jeff Jarmoc
39cafd0cde
Use OptEnum instead of OptString
2013-02-04 15:08:34 -06:00
Jeff Jarmoc
5e0c18af2f
adding self to credits
2013-02-03 16:14:42 -06:00
Jeff Jarmoc
57c8e41846
Re-order probes and checks.
...
This causes module to exit if error conditions are found, before sending unecessary probes.
2013-02-03 16:10:46 -06:00
Jeff Jarmoc
8dff427776
Allow 4xx codes, display codes in verbose output
2013-02-03 16:07:07 -06:00
Jeff Jarmoc
810470de3b
Make HTTP_METHOD Configurable
2013-02-03 16:05:45 -06:00
egypt
5332e80ae9
Fix errant use of .to_s instead of .path
2013-01-31 14:18:42 -06:00
sinn3r
c174e6a208
Correctly use normalize_uri()
...
normalize_uri() should be used when you're joining URIs. Because if
you're merging URIs after it's normalized, you could get double
slashes again.
2013-01-30 23:23:41 -06:00
Tod Beardsley
b1f8b87f14
Chmod -x the joomla modules. Also fix a title typo
...
joomla_pages was incorrectly titled as "Joomla Version Scanner," which
of course is actually joomla_version.
2013-01-29 17:02:43 -06:00
sinn3r
1ea1ad3166
Fix the forgotten path()
2013-01-28 14:48:22 -06:00
sinn3r
690ef85ac1
Fix trailing slash problem
...
These modules require the target URI to be a directory path. So
if you remove the trailing slash, the web server might return a
301 or 404 instead of 200.
Related to: [SeeRM: #7727 ]
2013-01-28 13:19:31 -06:00
jvazquez-r7
01b7e3554e
fix issue found by newpid0
2013-01-25 22:05:09 +01:00
jvazquez-r7
d0ecb617c3
Merge branch 'joomla-scanner' of https://github.com/Newpid0/metasploit-framework into Newpid0-joomla-scanner
2013-01-25 21:47:05 +01:00
jvazquez-r7
d6e9f891ea
Proposal for joomla-scanner
2013-01-25 20:44:49 +01:00
f8lerror
dd1ce34ecc
Made recommended changes removed short timeout added returns and other small changes
2013-01-24 17:04:22 -05:00
sinn3r
af3a1db4c1
Make better use of ruby regex
2013-01-24 14:16:01 -06:00
sinn3r
077c04d13a
Merge branch 'feature/rm6822-cold_fusion_version' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-feature/rm6822-cold_fusion_version
2013-01-24 13:51:27 -06:00
f8lerror
6cdb1a80de
Remove app from fingerprint and blank line
2013-01-24 09:47:20 -05:00
f8lerror
bf2b01f8ef
Delete a file and strip space
2013-01-24 09:30:04 -05:00
f8lerror
6e94c04a52
Code Corrections and Enhancements
2013-01-23 20:26:23 -05:00
sinn3r
5cfabb0443
Apply the changes I suggested before
2013-01-23 00:15:09 -06:00
sinn3r
1e39c31cc2
Merge branch 'feature/rm6822-coldfusion_locale_traversal' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-feature/rm6822-coldfusion_locale_traversal
2013-01-23 00:06:35 -06:00
f8lerror
5cfe58e8d5
General code review and corrections
2013-01-20 22:33:04 -05:00
Christian Mehlmauer
e613c860a5
Added Name and Emailadress
2013-01-17 23:17:14 +01:00
Tod Beardsley
a43b218917
Line full of whitespace
2013-01-17 12:43:06 -08:00
f8lerror
0b61d28e0e
added Joomla scanner and url wordlist
2013-01-17 11:36:59 -05:00
lmercer
a701b5eb79
fixed an error that occurred when patching.
2013-01-16 18:21:19 -05:00
lmercer
ddd2dbc17b
Updated coldfusion_local_traversal as described in Redmine Feature #6822
2013-01-16 17:54:15 -05:00
lmercer
481f2eb791
updated cold_fusion_version from Redmine Feature #6822
2013-01-16 17:23:35 -05:00
sinn3r
9dc42e93e7
Reduce unnecessary indent level
2013-01-15 14:36:41 -06:00
sinn3r
5109cc97fe
Add more verbs
...
[SeeRM: #7138 ] by jabra
2013-01-15 14:11:53 -06:00
sinn3r
ef6eec949c
Move impersonate_ssl
...
To 'gather', because it grabs stuff, not scans.
2013-01-11 17:22:27 -06:00
jvazquez-r7
8c5847a13c
Make output compatible with an scanner module
2013-01-11 00:10:15 +01:00
jvazquez-r7
0e950997e6
Merge branch 'wordpress-pingback-access' of https://github.com/smilingraccoon/metasploit-framework into smilingraccoon-wordpress-pingback-access
2013-01-10 23:57:22 +01:00
smilingraccoon
0c58a118ff
Found the issue I believe, fixed two issues. One with 301/302 responses getting a bad URI due to switch from ip to dns in location header and other from res.to_s rather than res.body being passed to regex
2013-01-10 11:32:48 -05:00
smilingraccoon
fc5a0e22b2
stupid push, forgot to remove test puts
2013-01-10 10:43:57 -05:00
smilingraccoon
ed9d290a85
added status messages, made var blog_posts initalize as nil rather than empty string
2013-01-10 10:41:25 -05:00
smilingraccoon
5bafd6ddcc
added status message
2013-01-10 09:43:37 -05:00
jvazquez-r7
5fe2f967da
this rescue is done in the mixin
2013-01-09 21:28:06 +01:00
HD Moore
07f8eb6a07
Fix up a typo
2013-01-09 13:05:27 -06:00
HD Moore
adb4c89602
Add a scanner module for CVE-2013-0156
2013-01-09 12:50:38 -06:00
smilingraccoon
a0a4ef843b
added error msgs to rescue
2013-01-09 11:22:36 -05:00
Thomas McCarthy
f45739933e
Update modules/auxiliary/scanner/http/wordpress_pingback_access.rb
...
Changed name var in initialize
2013-01-08 19:20:02 -05:00
smilingraccoon
9f69dbbd30
update unless statements, targeturi, and resolve var
2013-01-07 13:17:49 -05:00
Tod Beardsley
36adf86184
Various and sundry fixes for normalize_uri
2013-01-07 12:02:08 -06:00