Nikita
c0285067c9
Add new module to test TNS poison
...
msf auxiliary(tnspoison_checker) > show options
Module options (auxiliary/scanner/oracle/tnspoison_checker1):
Name Current Setting Required Description
---- --------------- -------- -----------
RHOSTS 172.16.2.100, 172.16.2.24, 172.16.2.101 yes The target address range or CIDR identifier
RPORT 1521 yes The target port
THREADS 1 yes The number of concurrent threads
msf auxiliary(tnspoison_checker) > exploit
[+] 172.16.2.100:1521 is vulnerable
[*] Scanned 1 of 3 hosts (033% complete)
[-] 172.16.2.24:1521 is not vulnerable
[*] Scanned 2 of 3 hosts (066% complete)
[-] 172.16.2.101:1521 unable to connect to the server
[*] Scanned 3 of 3 hosts (100% complete)
[*] Auxiliary module execution completed
2014-11-11 17:29:27 +03:00
Nikita
621b9523b1
Update tnspoison_checker.rb
2014-10-13 22:05:08 +04:00
Nikita
1996886ae9
Update tnspoison_checker.rb
2014-10-13 12:53:39 +04:00
Nikita
22aabc7805
Add new module to test TNS poison
...
This module simply checks the server for vulnerabilities like TNS Poison
2014-10-13 12:21:07 +04:00
Tod Beardsley
aefd15c185
Land #3376 , ARRIS SNMP enumerator from @inokii
2014-10-09 15:28:06 -05:00
jvazquez-r7
520e1bccca
Land #3692 , @TomSellers's support for Metasploit Credential on enum_snmp
2014-10-09 15:18:44 -05:00
Spencer McIntyre
a535d236f6
Land #3947 , login scanner for jenkins by @nstarke
2014-10-09 12:59:02 -04:00
Spencer McIntyre
6ea530988e
Apply rubocop changes and remove multiline print
2014-10-09 12:57:39 -04:00
jvazquez-r7
3305b1e9c3
Land #3984 , @nullbind's MSSQL privilege escalation module
2014-10-09 11:39:15 -05:00
jvazquez-r7
10b160bedd
Do final cleanup
2014-10-09 11:38:45 -05:00
jvazquez-r7
bbe435f5c9
Don't rescue everything
2014-10-09 11:25:13 -05:00
jvazquez-r7
0cd7454a64
Use default value for doprint
2014-10-09 11:04:42 -05:00
jvazquez-r7
db6f6d4559
Reduce code complexity
2014-10-09 10:59:14 -05:00
jvazquez-r7
615b8e5f4a
Make easy method comments
2014-10-09 10:48:00 -05:00
jvazquez-r7
dd03e5fd7d
Make just one connection
2014-10-09 10:46:51 -05:00
jvazquez-r7
ccf677aad6
land #3978 , Fixes #3973 , Wrong datastore option URI in glassfish_login
2014-10-09 09:53:01 -05:00
sinn3r
df0d4f9fb2
Fix #3973 - Unneeded datastore option URI
...
When Glassfish is installed, the web root is always /, so there is
no point to make this arbitrary.
2014-10-09 00:06:15 -05:00
Christian Mehlmauer
1584c4781c
Add reference
2014-10-09 06:58:15 +02:00
nullbind
168f1e559c
fixed status
2014-10-08 21:19:50 -05:00
nullbind
3ebcaa16a1
removed scanner
2014-10-08 21:18:56 -05:00
nstarke
328be3cf34
Fine Tuning Jenkins Login Module
...
At the request of the maintainers, I have deregistered the
RHOST option and made the failure proof a verbose only
print.
2014-10-08 17:53:21 -05:00
jvazquez-r7
4f96d88a2f
Land #3949 , @us3r777's exploit for CVE-2014-6446, wordpress infusionsoft plugin php upload
2014-10-08 16:35:49 -05:00
jvazquez-r7
66a8e7481b
Fix description
2014-10-08 16:35:14 -05:00
jvazquez-r7
8ba8402be3
Update timeout
2014-10-08 16:32:05 -05:00
jvazquez-r7
bbf180997a
Do minor cleanup
2014-10-08 16:29:11 -05:00
William Vu
f86c0c2bb5
Land #3970 , rm jtr_unshadow
2014-10-08 14:55:15 -05:00
jvazquez-r7
411f6c8b2d
Land #3793 , @mfadzilr's exploit for CVE-2014-6287, HFS remote code execution
2014-10-08 12:16:09 -05:00
jvazquez-r7
98b69e095c
Use %TEMP% and update ranking
2014-10-08 12:12:00 -05:00
jvazquez-r7
d90fe4f724
Improve check method
2014-10-08 12:03:16 -05:00
jvazquez-r7
25344aeb6a
Change filename
2014-10-08 11:55:33 -05:00
jvazquez-r7
909f88680b
Make exploit aggressive
2014-10-08 11:08:01 -05:00
jvazquez-r7
d02f0dc4b9
Make minor cleanup
2014-10-08 10:36:56 -05:00
jvazquez-r7
d913bf1c35
Fix metadata
2014-10-08 10:29:59 -05:00
Tod Beardsley
a901916b0b
Remove nonfunctional jtr_unshadow
...
This module hasn't been doing anything but print_error a go away message
since June, so may as well get rid of it.
2014-10-08 10:23:29 -05:00
Brendan Coles
e0016d4af3
Remove hash rocket from refs array #3766
...
[SeeRM #8776 ]
2014-10-08 09:16:38 +00:00
Brendan Coles
3c7be9c4c5
Remove hash rockets from references #3766
...
[SeeRM #8776 ]
2014-10-08 09:01:19 +00:00
sinn3r
c5494e037d
Land #3900 - Add F5 iControl Remote Root Command Execution
2014-10-08 00:30:07 -05:00
nullbind
031fb19153
requested updates
2014-10-06 23:52:30 -05:00
William Vu
399a61d52e
Land #3946 , ntp_readvar updates
2014-10-06 21:57:57 -05:00
nstarke
e1b0ba5d3d
Removing 'require pry'
...
I accidentally left a reference to pry in my code.
Removing
2014-10-06 21:40:39 -05:00
nstarke
b8c2643d56
Converting Module to LoginScanner w/ Specs
...
The previous commits for this Jenkins CI module relied on an
obsolete pattern. Consequently, it was necessary to write
this module as a LoginScanner and incorporate the appropriate
specs so that the tests will run properly.
2014-10-06 21:14:10 -05:00
sinn3r
d3354d01f0
Fix #3808 - NoMethodError undefined method `map'
...
NoMethodError undefined method `map' due to an incorrect use of
load_password_vars
2014-10-06 15:42:51 -05:00
Jon Hart
8c8ccc1d54
Update Authors
2014-10-06 11:30:39 -07:00
us3r777
03888bc97b
Change the check function
...
Use regex based detection
2014-10-06 18:56:01 +02:00
us3r777
29111c516c
Wordpress Infusionsoft Gravity Forms CVE-2014-6446
...
The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for
WordPress does not properly restrict access, which allows remote
attackers to upload arbitrary files and execute arbitrary PHP
code via a request to utilities/code_generator.php.
2014-10-06 14:10:01 +02:00
nstarke
69400cf280
Fixing Author Declaration
...
I had accidentally listed myself three times as the author.
Fixing that issue so that I am only declaring myself once.
2014-10-05 23:17:28 -05:00
nstarke
c0a3691817
Adding Jenkins-CI Login Scanner
...
Per Github issue #3871 (RM8774), I have added a
login scanner module for Jenkins-CI installations.
2014-10-05 22:08:34 -05:00
James Lee
a65ee6cf30
Land #3373 , recog
...
Conflicts:
Gemfile
Gemfile.lock
data/js/detect/os.js
lib/msf/core/exploit/remote/browser_exploit_server.rb
modules/exploits/android/browser/webview_addjavascriptinterface.rb
2014-10-03 18:05:58 -05:00
Jon Hart
a341756e83
Support spoofing source IPs for NTP readvar, include status messages
2014-10-03 14:05:57 -07:00
Jon Hart
fa4414155a
Only include the exact readvar payload, not any padding
2014-10-03 13:58:13 -07:00