Commit Graph

30582 Commits (bc65d2f5263b887e6833c1eb69b37676d0b3fe95)

Author SHA1 Message Date
sinn3r ee922d141c Fix #4646 - get_module_resource should check nil before using get_resource
Fix #4646. The get_module_resource needs to check nil first before
using the get_resource method (from HttpServer)
2015-01-27 00:21:43 -06:00
sinn3r 9e3388df34 Use BES for MS13-037 and default to ntdll 2015-01-27 00:18:36 -06:00
William Vu 515b125192
Land #4645, for real
Conflicts:
	modules/post/multi/gather/rubygems_api_key.rb
2015-01-26 23:46:04 -06:00
William Vu fd4812fbab
Land #4645, @claudijd's RubyGems API key stealer
Dedicating this merge to @todb-r7. :-)
2015-01-26 23:29:36 -06:00
William Vu d53f4e1178
Fix bugs and make final changes 2015-01-26 23:29:10 -06:00
Jonathan Claudius f0bcf27110 Missing ? 2015-01-27 00:15:43 -05:00
Jonathan Claudius a3cf524162 Remove copy pasta 2015-01-27 00:13:51 -05:00
Jonathan Claudius 2bb9314b4b Switch to unless conditional 2015-01-27 00:10:33 -05:00
sinn3r 7b4fd2f618
Land #4642, Allow 'creds -u "" ' to return blank usernames 2015-01-26 23:01:03 -06:00
Jonathan Claudius 1f9286da69 Undo logic reversage 2015-01-26 23:54:41 -05:00
Jonathan Claudius a9e480e44a Fixed tilde 2015-01-26 23:53:08 -05:00
Jonathan Claudius eed9fbe024 Lose assignment in conditional 2015-01-26 23:48:08 -05:00
Jonathan Claudius c496d2c987 Remove nil check 2015-01-26 23:43:31 -05:00
Jonathan Claudius c29b7488b2 Fix double new line 2015-01-26 23:40:19 -05:00
Jonathan Claudius d77f112e82 Minor Formatting 2015-01-26 23:31:36 -05:00
Jonathan Claudius 06485d8c89 Fix naming of things 2015-01-26 23:17:44 -05:00
Jonathan Claudius 685c4804e5 Add trailing return 2015-01-26 23:15:00 -05:00
Jonathan Claudius 6b6e47a237 Fix sessiontypes, again 2015-01-26 23:13:17 -05:00
Jonathan Claudius 747349a57a Fix sessiontypes 2015-01-26 23:11:48 -05:00
Jonathan Claudius ee7ecb349d Fix description 2015-01-26 23:10:08 -05:00
Jonathan Claudius 106170eddc Add multi to name 2015-01-26 23:08:43 -05:00
Jonathan Claudius a3c7cf70f8 Make MSF Tidy more happy 2015-01-26 22:30:26 -05:00
Jonathan Claudius d37b3cf0c3 Use next instead of return 2015-01-26 22:26:56 -05:00
Jonathan Claudius f58dc2789f Remove creds 2015-01-26 22:13:15 -05:00
Jonathan Claudius a27c376ae7 Add service port and host 2015-01-26 22:06:07 -05:00
Jonathan Claudius dd34b58e49 Add add loot 2015-01-26 22:01:38 -05:00
Jonathan Claudius 3889ed5784 Add cred login 2015-01-26 21:50:10 -05:00
James Lee 964d37dbc5
Add a simple spec for -u
Need lots more
2015-01-26 20:37:17 -06:00
James Lee f2e0bd364a
Always include Service and Host
See #4643
2015-01-26 20:22:11 -06:00
James Lee 8dd56bb759
Do all the filtering in SQL instead of Ruby
This also has the advantage of reducing the number of queries from at
least 3 for every Core we find to more like a total of 3.
2015-01-26 20:21:55 -06:00
Jonathan Claudius eead063375 Add RubyGems API Post Gather Module 2015-01-26 20:53:39 -05:00
Tod Beardsley 63c3832d7d
Also test for nonmatching passwords 2015-01-26 17:02:58 -06:00
Tod Beardsley 1410477fe9
Use the blank password/username variables 2015-01-26 17:00:45 -06:00
Tod Beardsley 2294ea0e93
Squash commit for blank creds search and test
This should fix up #4642 with respect to #4504.

Squashed commit of the following:

commit 124d53ccb00cd200bede092e893dda7e033d3e17
Merge: cb2bef8 ccad159
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Mon Jan 26 16:23:03 2015 -0600

    Merge branch 'feature/creds-blank-finders' into temp

commit ccad159222eaa949d76e22b588d1ac7709fb2f27
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Mon Jan 26 15:58:02 2015 -0600

    Clean out whitespace, make vars more meaningful

commit 266b45dff26e2778e43d8e4750d212b5aee5a009
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Mon Jan 26 15:54:32 2015 -0600

    Add some specs for regular users and blank users

commit 2e51503f76e9a2f6921c57e86a2f98527f80c874
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Mon Jan 26 15:04:03 2015 -0600

    Users should be able to find blank user/pass
2015-01-26 16:26:30 -06:00
Jon Hart cb2bef878b
Land #4504, @disenchant's get/getg improvement 2015-01-26 12:49:34 -08:00
Tod Beardsley 2ba0f8264e
Land #4632, reverting #4473, too noisy errors
Fixes #4630 as well.

See also #4122 and #4552.
2015-01-26 13:05:19 -06:00
William Vu 776af2b96a
Land #4640, for real 2015-01-26 12:07:12 -06:00
William Vu 1e728ca00f
Land #4640, @todb-r7's module cleanup 2015-01-26 12:06:17 -06:00
William Vu 46210a4963
Fix punctuation 2015-01-26 12:05:54 -06:00
Tod Beardsley bae19405a7
Various grammar, spelling, word choice fixes 2015-01-26 11:00:07 -06:00
William Vu 8ad80f1e3f
Land #4637, deprecated module cleanup 2015-01-26 01:32:48 -06:00
sinn3r d7375e84ea Move modules/post/windows/escalate/net_runtime_modify.rb
This module was scheduled to be removed on 01/08/2015.
Please use exploit/windows/local/service_permissions instead.
2015-01-26 00:29:43 -06:00
sinn3r f5916eba6d Move modules/exploits/windows/misc/psh_web_delivery.rb
This module was scheduled to be removed on 10/23/2014.
Please use exploit/multi/script/web_delivery instead.
2015-01-26 00:28:40 -06:00
sinn3r bbcc2eb07d Move modules/exploits/windows/misc/pxecploit.rb
This module was scheduled to be removed on 10/31/2014.
Please use exploits/windows/local/pxeexploit instead.
2015-01-26 00:25:02 -06:00
jvazquez-r7 b4419afc64
Land #3019, @aczire's module for Huawei info disclosure
* Module for CVE-2013-6031
2015-01-24 10:16:35 -06:00
jvazquez-r7 c6901caf39 Change module location 2015-01-24 10:14:46 -06:00
sinn3r c62beacd31 Revert #4473 - Log backtraces by default 2015-01-24 02:44:29 -06:00
aczire 6ec3e6545e Merge pull request #1 from jvazquez-r7/rebase_3019
Clean Huawei SOHO router information disclosure
2015-01-24 10:44:28 +05:30
jvazquez-r7 23c9d4f0fb Do final cleanup 2015-01-23 17:54:58 -06:00
jvazquez-r7 05e803f85b Rewrite get_wifi_info 2015-01-23 17:50:52 -06:00