Commit Graph

3411 Commits (c4485b127cb9063bcf4052daa876582c0ff38a7e)

Author SHA1 Message Date
jvazquez-r7 d37d211ecc Fix short escape sequences error 2013-05-09 17:29:55 -05:00
jvazquez-r7 cf05602c6f Land #1661, @nmonkee's sap_soap_rfc_eps_get_directory_listing module 2013-05-09 16:46:13 -05:00
jvazquez-r7 b18a98259b Modify default rport 2013-05-09 16:24:54 -05:00
jvazquez-r7 3e1d1a3f98 Land #1659, @nmonkee's sap_soap_rfc_eps_delete_file module 2013-05-09 16:22:54 -05:00
nmonkee 53c08cd60f fix incorrect printing typo 2013-05-09 21:37:04 +01:00
jvazquez-r7 ca41d859a9 up to date 2013-05-09 13:00:10 -05:00
jvazquez-r7 e711474654 Merge branch 'sap_soap_xmla_bw_smb_relay_' of https://github.com/nmonkee/metasploit-framework 2013-05-09 12:37:46 -05:00
jvazquez-r7 866fa167ab Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-08 16:29:52 -05:00
Tod Beardsley 4c75354a6a Land #1786, request_cgi instead of request_raw
Also some other small changes to modules, such as sensible defaults for
options.
2013-05-08 14:58:04 -05:00
m-1-k-3 e3582887cf OSVDB, Base64 2013-05-07 08:28:48 +02:00
jvazquez-r7 a1d2680a17 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-06 23:24:21 -05:00
jvazquez-r7 fff8593795 Fix author name 2013-05-06 17:34:37 -05:00
jvazquez-r7 ad21a107ec up to date 2013-05-06 15:48:59 -05:00
jvazquez-r7 fcb9dc1384 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-06 15:40:22 -05:00
jvazquez-r7 c84febb81a Fix extra character 2013-05-06 15:19:15 -05:00
jvazquez-r7 92b4d23c09 Add Mariano as Author because of the abuse disclosure 2013-05-06 15:15:15 -05:00
jvazquez-r7 db243e78c8 Land #1682, sap_router_info_request fix from @nmonkee 2013-05-06 15:13:57 -05:00
jvazquez-r7 85581a0b6f Clean up sap_soap_rfc_eps_get_directory_listing 2013-05-06 13:21:42 -05:00
jvazquez-r7 1fc0bfa165 Change module filename 2013-05-06 13:20:07 -05:00
m-1-k-3 0f2a3fc2d4 dsl320b authentication bypass - password extract 2013-05-06 14:31:47 +02:00
jvazquez-r7 7b960a4f18 Add OSVDB reference 2013-05-06 00:54:00 -05:00
jvazquez-r7 a17062405d Clean up for sap_soap_rfc_eps_delete_file 2013-05-06 00:53:07 -05:00
jvazquez-r7 5adc2879bf Change module filename 2013-05-06 00:51:23 -05:00
jvazquez-r7 66a5eb74c5 Move file to auxiliary/dos/sap 2013-05-06 00:50:50 -05:00
jvazquez-r7 425a16c511 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-05 22:00:07 -05:00
HD Moore 63b0eace32 Add a missing require 2013-05-04 22:39:57 -05:00
jvazquez-r7 2384f34ada Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-03 15:39:16 -05:00
jvazquez-r7 589be270bf Land #1658, @nmonkee's SAP module for PFL_CHECK_OS_FILE_EXISTENCE 2013-05-03 14:19:36 -05:00
jvazquez-r7 9e1037bce0 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-02 16:15:28 -05:00
jvazquez-r7 b096449a97 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-02 15:12:19 -05:00
Tod Beardsley 7579b574cb Rework parse_xml
We try to avoid using Nokogiri in modules due to the sometimes
uncomfortable dependencies it creates with particular compiled libxml
versions. Also, the previous parse_xml doesn't seem to be correctly
skipping item entries with blank names.

I will paste the test XML in the PR proper, but do check against a live
target to make sure I'm not screwing it up.
2013-05-02 14:43:30 -05:00
Tod Beardsley 902cd7ec85 Revert removal of the SAP module
This reverts commit 26da7a6ee7.
2013-05-02 14:42:35 -05:00
Tod Beardsley 26da7a6ee7 Removing this from master due to test problems
This module was moved over to the unstable branch in commit
7106afdf7d , working up a fix now. Stay
tuned.
2013-05-02 13:43:02 -05:00
jvazquez-r7 132c09af82 Add BID reference 2013-05-02 10:21:09 -05:00
jvazquez-r7 6e68f3cf34 Clean up sap_soap_rfc_pfl_check_os_file_existence 2013-05-02 10:19:15 -05:00
jvazquez-r7 244bf71d4a Change module filename 2013-05-02 10:15:50 -05:00
jvazquez-r7 29d4e378aa Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-02 09:27:51 -05:00
jvazquez-r7 d9cdb6a138 Fix more feedback provided by @nmonkee: CMD vs COMMAND 2013-05-02 09:08:48 -05:00
jvazquez-r7 c6c7998e3b Fix feedback provided by @nmonkee 2013-05-02 09:06:51 -05:00
jvazquez-r7 4db81923bf Update description 2013-05-02 08:45:01 -05:00
jvazquez-r7 4054d91955 Land #1657, @nmonkee's RZL_READ_DIR_LOCAL SAP dir listing module 2013-05-02 08:38:50 -05:00
jvazquez-r7 e25057b64a Fix indent level 2013-05-01 22:01:36 -05:00
jvazquez-r7 c406271921 Cleanup sap_soap_rfc_rzl_read_dir 2013-05-01 21:51:06 -05:00
jvazquez-r7 98dd96c57d Change module filename 2013-05-01 21:50:24 -05:00
jvazquez-r7 6b6b53240b Fix SAP modules, mainly to make a better use of send_request_cgi 2013-05-01 14:06:53 -05:00
Gregory Man 76e70adcff Added Memcached Remote Denial of Service module
https://code.google.com/p/memcached/issues/detail?id=192
2013-04-30 17:45:09 +03:00
jvazquez-r7 a7e4ba5015 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-30 08:32:24 -05:00
Tod Beardsley 4227c23133 Add a reference for Safari module 2013-04-29 14:07:55 -05:00
Joe Vennix 431cba8f36 Update print_status labels. 2013-04-29 11:13:53 -05:00
Joe Vennix c2a1d296a2 Rename DOWNLOAD_URI -> DOWNLOAD_PATH.
Conflicts:
	modules/auxiliary/gather/apple_safari_webarchive_uxss.rb
2013-04-29 11:11:06 -05:00
Joe Vennix 55e0ec3187 Add support for DOWNLOAD_URI option.
* Fixes some comments that were no longer accurate.

Conflicts:
	modules/auxiliary/gather/apple_safari_webarchive_uxss.rb
2013-04-29 11:10:19 -05:00
jvazquez-r7 a4632b773a Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-28 12:59:16 -05:00
Tod Beardsley c27245e092 Touch descriptions for module and options 2013-04-26 13:05:16 -05:00
Joe Vennix b4606ba60a Remove unnecessary puts call. 2013-04-26 12:55:02 -05:00
Tod Beardsley ca6d6fbc84 msftidy for whitespace 2013-04-26 12:44:11 -05:00
Tod Beardsley 16769a9260 Fixing path normalization 2013-04-26 12:40:24 -05:00
Joe Vennix 2fa16f4d36 Rewrite relative script URLs to be absolute.
* Adds rescue clauses around URI parsing/pulling
* Actually use the URI_PATH datastore option.
2013-04-26 11:25:20 -05:00
jvazquez-r7 2a41422276 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-25 20:24:17 -05:00
Joe Vennix 993356c73e Add safari webarchive uxss to framework as an aux module. 2013-04-25 11:14:16 -05:00
jvazquez-r7 7bf4aa317f Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-25 10:31:51 -05:00
jvazquez-r7 b67fcd3219 Add OSVDB ref to sap_configservlet_exec_noauth 2013-04-25 08:13:32 -05:00
jvazquez-r7 38e41f20fe Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-24 13:24:13 -05:00
sinn3r cae30bec23 Clean up all the whitespace found 2013-04-23 18:27:11 -05:00
jvazquez-r7 96b66d3856 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-22 21:49:59 -05:00
jvazquez-r7 1529dff3f3 Do final cleanup for sap_configservlet_exec_noauth 2013-04-22 21:43:41 -05:00
jvazquez-r7 8c9715c2ed Land #1751, @andrewkabai's SAP Portal remote OS command exec 2013-04-22 21:41:53 -05:00
jvazquez-r7 5f5e772f7c Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-22 21:31:16 -05:00
sinn3r a09b3b8023 Lands #1169 - Adds a check
[Closes #1169]

Conflicts:
	modules/auxiliary/dos/http/apache_range_dos.rb
2013-04-22 15:50:15 -05:00
sinn3r 882b084cba Changes the default action 2013-04-22 15:47:38 -05:00
sinn3r 7e28a4ddb0 Uses "ACTIONS" keys instead of datastore options
It's better to use ACTIONS instead of datastore in this case. Also,
did some cleanup.
2013-04-22 15:41:47 -05:00
Andras Kabai 79eb2ff62d add EDB ID to references 2013-04-22 18:37:28 +02:00
Andras Kabai 15b06c43aa sap_configservlet_exec_noauth auxiliary module
the final module was moved from my master branch to here because of the
pull request needs
2013-04-22 17:40:27 +02:00
Andras Kabai b4f1f3efbb remove aux module from master branch 2013-04-22 17:34:01 +02:00
Antoine 0115833724 SyntaxError fixes 2013-04-21 20:22:41 +00:00
jvazquez-r7 d1c5179b83 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-19 17:48:12 -05:00
Andras Kabai 49b055e5fd make msftidy happy 2013-04-20 00:26:04 +02:00
Andras Kabai e4d9c45ce9 remove unnecessary rank rating 2013-04-20 00:23:55 +02:00
jvazquez-r7 c7fcd6931a Use vprint_error 2013-04-19 16:22:07 -05:00
Christian Mehlmauer eaff87879e added text 2013-04-19 22:03:05 +02:00
Christian Mehlmauer a6be72b019 fixes for mediawiki aux module 2013-04-19 21:43:12 +02:00
Andras Kabai 763d1ac2f1 remove unnecessary option declaration 2013-04-19 21:42:28 +02:00
Andras Kabai 85932a2445 improve URI path and parameter handling
switch from PATH to TARGETURI datastore;
use normalize_uri to build uri;
use query in send_request_cgi to to prepare query string (instead of
vars_get that escapes the necessary semicolons)
2013-04-19 21:37:39 +02:00
jvazquez-r7 d4fa2ba96d Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-19 14:14:36 -05:00
Andras Kabai c52588f579 remove Scanner mixin
remove Scanner mixin because this module is not a scanner modul
2013-04-19 20:28:44 +02:00
sinn3r 7fdf84ac45 Landing #1744 - Checks nil before using resp.headers['Server']
[Closes #1744]
2013-04-19 10:37:05 -05:00
jvazquez-r7 31586770a0 Added module for OSVDB 92490 2013-04-18 14:34:02 -05:00
Andras Kabai 8f76c436d6 SAP ConfigServlet OS Command Execution module
This module allows execution of operating system commands throug the
SAP ConfigServlet without any authentication.
2013-04-18 20:26:48 +02:00
RageLtMan 15c6df1482 Check for nil before calling on value 2013-04-18 00:32:37 -04:00
jvazquez-r7 cc35591723 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-15 17:43:15 -05:00
Tod Beardsley a36c6d2434 Lands #1730, adds a VERBOSE option checker
Also removes VERBOSE options from extant modules. There were only 5 of
them, and one was a commented option.
2013-04-15 15:32:56 -05:00
Tod Beardsley 29101bad41 Removing VERBOSE offenders 2013-04-15 15:29:56 -05:00
jvazquez-r7 ba7603e66c Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-09 17:34:23 +02:00
sinn3r 76d4538d2a Merge branch 'master' of github.com:rapid7/metasploit-framework 2013-04-09 10:24:54 -05:00
sinn3r 1e258170dc It's a filename, so not trying to match any single char 2013-04-09 10:20:52 -05:00
sinn3r 50cf039170 Merge branch 'cve-2013-1899-not-auth' of github.com:jhart-r7/metasploit-framework into jhart-r7-cve-2013-1899-not-auth 2013-04-09 10:19:15 -05:00
jvazquez-r7 79620ed660 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-09 17:12:16 +02:00
Tod Beardsley ba86e14d43 Whitespace and caps fixes 2013-04-09 08:57:53 -05:00
jvazquez-r7 ef63a4f5cf Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-08 21:29:01 +02:00
jvazquez-r7 225342ce8f final cleanup for sysax_sshd_kexchange 2013-04-08 20:28:37 +02:00
jvazquez-r7 5bc454035c Merge remote-tracking branch 'origin/pr/1710' into landing-pr1710 2013-04-08 20:20:11 +02:00
Jon Hart b1152d1567 Improve Postgres CVE-2013-1899 to detect unauthorized connections 2013-04-08 09:55:23 -07:00
jvazquez-r7 d65bf8bab9 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-08 18:19:41 +02:00
sinn3r d24371eaff Merge branch 'hp_imc_reportimgservlt_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_reportimgservlt_traversal 2013-04-08 10:18:30 -05:00
sinn3r 1b5c34db1a Merge branch 'hp_imc_ictdownloadservlet_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_ictdownloadservlet_traversal 2013-04-08 10:17:19 -05:00
sinn3r 11253c8f3e Merge branch 'hp_imc_faultdownloadservlet_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_faultdownloadservlet_traversal 2013-04-08 10:16:52 -05:00
Matt Andreko f96baa7e7e Code Review Feedback
made the CLIENTVERSION always include the "SSH-2.0-OpenSSH_5.1p1 " to trigger DoS
2013-04-08 10:58:35 -04:00
Matt Andreko 4c8e19ad1a Added reference
Removed final debug print statement
2013-04-08 08:28:53 -04:00
jvazquez-r7 daba48035d fix DEPTH description and basename 2013-04-05 11:05:46 +02:00
jvazquez-r7 b6edad1f1d fix DEPTH description and basename 2013-04-05 11:04:43 +02:00
jvazquez-r7 d163e96d6a fix DEPTH description and basename 2013-04-05 11:02:59 +02:00
jvazquez-r7 d823f724cd Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-04 22:16:35 +02:00
jvazquez-r7 30f44c3a24 final cleanup for dlink_dir_615h_http_login 2013-04-04 22:02:45 +02:00
jvazquez-r7 8f60d12e46 Merge branch 'dlink_login_dir_615H' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink_login_dir_615H 2013-04-04 22:01:49 +02:00
jvazquez-r7 b75d038fc2 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-04 21:54:36 +02:00
jvazquez-r7 7d1e9af728 final cleanup for dlink_dir_session_cgi_http_login 2013-04-04 21:41:42 +02:00
jvazquez-r7 0b9fe53919 module filename changed 2013-04-04 21:41:10 +02:00
jvazquez-r7 6ec6638568 Merge branch 'dlink_login_dir_300B_600B' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink_login_dir_300B_600B 2013-04-04 21:40:21 +02:00
jvazquez-r7 498a0dc309 final cleanup for dlink_dir_300_615_http_login 2013-04-04 21:15:22 +02:00
jvazquez-r7 cff70e41be Merge branch 'dlink_login' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink_login 2013-04-04 21:14:56 +02:00
HD Moore fe2b598503 Add the advisory URL 2013-04-04 10:22:31 -05:00
HD Moore c8a6dfbda2 Add scanner module for the new PostgreSQL flaw 2013-04-04 10:19:47 -05:00
m-1-k-3 7b4cdf4671 make msftidy happy 2013-04-04 13:22:01 +02:00
m-1-k-3 78c492da20 is_dlink, more feedback included, msftidy 2013-04-04 13:18:32 +02:00
m-1-k-3 2f96a673cd is_dlink, more feedback included 2013-04-04 13:17:45 +02:00
m-1-k-3 64f3e68310 is_dlink and some more feedback included 2013-04-04 13:01:18 +02:00
jvazquez-r7 89de9fdf22 cleanup for dlink_dir_300_615_http_login 2013-04-03 10:04:01 +02:00
jvazquez-r7 b4b3c82c86 delete space 2013-04-03 00:31:00 +02:00
jvazquez-r7 54120a2d3a delete space 2013-04-03 00:30:24 +02:00
jvazquez-r7 85d9e3e9ee delete space 2013-04-03 00:29:38 +02:00
jvazquez-r7 0b4eab2499 added module for ZDI-13-053 2013-04-03 00:24:11 +02:00
jvazquez-r7 018e147063 added module for ZDI-13-052 2013-04-03 00:22:38 +02:00
jvazquez-r7 dc17b4931c added module for ZDI-13-051 2013-04-03 00:21:01 +02:00
jvazquez-r7 070fd399f2 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-31 20:23:08 +02:00
m-1-k-3 587170ae52 fixed author details - next try 2013-03-30 12:43:55 +01:00
m-1-k-3 1d6184cd63 fixed author details 2013-03-30 12:41:31 +01:00
m-1-k-3 8032a33cd5 report_auth_info - proof 2013-03-29 22:06:25 +01:00
m-1-k-3 1156194a6b feedback included, server fingerprinting 2013-03-29 22:04:22 +01:00
m-1-k-3 2b4d6eb455 feedback included, server header check 2013-03-29 21:30:45 +01:00
m-1-k-3 b6a50da394 feedback included, server header check 2013-03-29 21:20:51 +01:00
jvazquez-r7 5616b8245b Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-29 11:59:33 +01:00
James Lee 9086c53751 Not an HttpClient, so doesn't have normalize_uri
[FixRM #7851]
2013-03-28 13:16:21 -05:00
nmonkee 5b30115336 vprint_status changed to vprint_error as requested 2013-03-28 14:27:51 +00:00
nmonkee 0f147dcf47 vprint_status changed to vprint_error as requested 2013-03-28 14:24:57 +00:00
nmonkee eee702a329 vprint_status changed to vprint_error as requested 2013-03-28 14:23:21 +00:00
nmonkee e2212ca8c9 vprint_status changed to vprint_error as requested 2013-03-28 14:22:01 +00:00
nmonkee 9594693ecb vprint_status changed to vprint_error as requested 2013-03-28 14:16:19 +00:00
nmonkee 9d87db6831 vprint_status changed to vprint_error as requested 2013-03-28 14:08:24 +00:00
nmonkee aae1d5933e removed socket print, left over from debugging 2013-03-28 10:49:23 +00:00
nmonkee 376ca7b107 fixed issue with access denied condition thanks to @pho_bos 2013-03-28 10:41:37 +00:00
m-1-k-3 aa981cc991 DIR-645 also working 2013-03-27 12:11:14 +01:00
m-1-k-3 615aa57399 Dlink DIR615 HW rev B login module 2013-03-27 09:26:23 +01:00
m-1-k-3 680b551215 default to user admin 2013-03-27 08:59:19 +01:00
m-1-k-3 032214fb1d default to user admin 2013-03-27 08:49:04 +01:00
m-1-k-3 e1a719a6c0 http login module for DLink DIR300revB, DIR600revB, DIR815 2013-03-26 20:57:24 +01:00
m-1-k-3 c4fe21865c user fix 2013-03-26 20:15:19 +01:00
nmonkee bcc26427c0 EPS_GET_DIRECTORY_LISTING (List Directory abd SMB Relay) 2013-03-25 20:26:56 +00:00
nmonkee d8086a27a6 vprint_status mod 2013-03-25 20:20:29 +00:00
nmonkee 121c75f646 vprint_status mod 2013-03-25 20:18:14 +00:00
nmonkee da6a99defb vprint_status mod 2013-03-25 20:16:11 +00:00
nmonkee f66ffbfa81 vprint_status mod 2013-03-25 20:13:45 +00:00
nmonkee 95e7d55313 remove sap_soap_rfc_eps_delete_file_smb_relay.rb 2013-03-25 20:09:59 +00:00
nmonkee f7ccfa634e This module exploits an authentication bypass vulnerability in SAP NetWeaver CTC service 2013-03-25 19:59:16 +00:00
jvazquez-r7 3c12459703 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-25 19:33:36 +01:00
jvazquez-r7 9717a8c3b4 cleanup for tplink_traversal_noauth 2013-03-25 19:20:18 +01:00
jvazquez-r7 543b401a55 Merge branch 'tplink-traversal' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-tplink-traversal 2013-03-25 19:18:53 +01:00
jvazquez-r7 393d5d8bf5 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-25 19:09:42 +01:00
nmonkee f92f59bfad EPS_DELETE_FILE (File deletion and SMB Relay) 2013-03-25 17:23:27 +00:00
sinn3r dcce23d23d Merge branch 'bugs/tomcat_enum-double_check' of github.com:neinwechter/metasploit-framework into neinwechter-bugs/tomcat_enum-double_check 2013-03-25 12:19:52 -05:00
nmonkee 01ee30e389 PFL_CHECK_OS_FILE_EXISTENCE (file existence and SMB relay) 2013-03-25 17:11:23 +00:00
jvazquez-r7 fdd06c923a cleanup for dlink_dir_645_password_extractor 2013-03-25 18:04:12 +01:00
jvazquez-r7 a9a5a3f64f Merge branch 'dlink-dir645-password-extractor' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink-dir645-password-extractor 2013-03-25 18:02:51 +01:00
Nathan Einwechter aad0eed485 Fix whitespace EOL 2013-03-25 13:00:37 -04:00
nmonkee 5be98593a9 RZL_READ_DIR_LOCAL (directory listing and SMB relay) 2013-03-25 16:59:37 +00:00
Nathan Einwechter 3f79b2fd3b Use :abort for scanner mixin 2013-03-25 12:59:18 -04:00
nmonkee e840578ea2 SAP /sap/bw/xml/soap/xmla XMLA service (XML DOCTYPE) SMB relay 2013-03-25 16:57:12 +00:00
sinn3r 0d56da0511 Merge branch 'netgear-sph200d' of github.com:m-1-k-3/metasploit-framework into m-1-k-3-netgear-sph200d 2013-03-25 11:45:40 -05:00
Nathan Einwechter 99fe2a33d7 Deregister USER_AS_PASS and stop on connect error 2013-03-25 12:35:52 -04:00
jvazquez-r7 53b862300e cleanup for linksys_e1500_traversal 2013-03-25 17:33:38 +01:00
jvazquez-r7 ea804d433e change file name 2013-03-25 17:33:16 +01:00
jvazquez-r7 660d3d5388 Merge branch 'linksys-traversal' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-linksys-traversal 2013-03-25 17:31:11 +01:00
jvazquez-r7 2d5a0d6916 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-25 17:08:23 +01:00
m-1-k-3 e57498190b dlink dir 300/600 login module - initial commit 2013-03-25 08:48:24 +01:00
m-1-k-3 98ac6e8090 feedback included 2013-03-24 21:01:30 +01:00
m-1-k-3 d90de54891 reporting and feedback 2013-03-24 15:00:18 +01:00
m-1-k-3 9f8ec37060 store loot 2013-03-24 11:48:49 +01:00
m-1-k-3 71708c4bc3 dir 645 password extractor - initial commit 2013-03-24 11:44:24 +01:00
jvazquez-r7 49ac3ac1a3 cleanup for linksys_e1500_e2500_exec 2013-03-23 23:30:49 +01:00
jvazquez-r7 98be5d97b8 Merge branch 'linksys-e1500-e2500-exec' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-linksys-e1500-e2500-exec 2013-03-23 23:30:14 +01:00
m-1-k-3 b2bf1df098 fixed encoding and set telnetd as default cmd 2013-03-23 22:56:15 +01:00
m-1-k-3 7ff9c70e38 10 to 0 is good :) 2013-03-23 22:46:26 +01:00
m-1-k-3 47d458a294 replacement of the netgear-sph200d module 2013-03-23 22:40:32 +01:00
m-1-k-3 bd522a03e3 replace module to the scanner directory 2013-03-23 22:29:44 +01:00
m-1-k-3 b1ae2f7bf4 replace module to the scanner directory 2013-03-23 22:29:31 +01:00
m-1-k-3 8f59999f82 replace module to the scanner directory 2013-03-23 22:25:04 +01:00
m-1-k-3 f58554bb57 replace module to the scanner directory 2013-03-23 22:24:50 +01:00
m-1-k-3 965ec34368 check of the server on the first try 2013-03-23 22:13:01 +01:00
m-1-k-3 aacd14ae45 version removed, encode params removed 2013-03-23 21:31:08 +01:00
m-1-k-3 b01959ea70 tplink traversal - initial commit 2013-03-23 20:30:32 +01:00
jvazquez-r7 cb56b2de4b Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-23 20:06:05 +01:00
m-1-k-3 36d1746c0d linksys traversal module - initial commit 2013-03-23 17:01:02 +01:00
m-1-k-3 270f64acc2 feedback included 2013-03-23 15:54:34 +01:00
sinn3r f22c18e026 Merge branch 'module-psexec_command-file_prefix' of github.com:kn0/metasploit-framework into kn0-module-psexec_command-file_prefix 2013-03-22 13:08:13 -05:00
jvazquez-r7 b30a5aa6e8 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-21 09:07:41 +01:00
m-1-k-3 dcd2aebdcd feedback included 2013-03-20 21:34:30 +01:00
Tod Beardsley 011b6899b0 Merge 'neinwechter/browser_autopwn-updates'
Brings in neinwechter's BAP fixes. Seems to not only be a more sane
strategy, but in practice, ends up with tons more shells for at least
MSIE which is what most people are using it for anyway.

[Closes #1612]
2013-03-20 15:26:09 -05:00
Tod Beardsley e377e30873 unscrewing syntax error 2013-03-20 15:04:31 -05:00
Tod Beardsley fd20eba35e Expanding the title and desc for external_ip
Also allowing the capitalization on "via" to be small.
2013-03-20 14:42:12 -05:00
jvazquez-r7 44f07cef19 Merge branch 'linksys-e1500-e2500-exec' of https://github.com/m-1-k-3/metasploit-framework 2013-03-20 00:47:31 +01:00
jvazquez-r7 80d218b284 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-19 19:55:51 +01:00
m-1-k-3 9fc0f9a927 initial commit 2013-03-19 17:31:01 +01:00
sinn3r 116f5b87f0 Merge branch 'axigen_file_access' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-axigen_file_access 2013-03-19 08:33:58 -05:00
Matt Andreko fd5bd52e6d Added some error handling if the connection dies. 2013-03-18 17:26:40 -04:00
Matt Andreko 66dcbca562 Sysax Multi-Server SSHD DoS
This exploit affects Sysax Multi-Server version 6.10. It causes a
Denial of Service by sending a specially crafted Key Exchange, which
causes the service to crash.
2013-03-18 17:16:12 -04:00
jvazquez-r7 3eb4505f6f Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-14 16:01:40 +01:00
jvazquez-r7 02f90b5bbd cleanup for dopewars 2013-03-14 15:53:19 +01:00
jvazquez-r7 4d9f2bbb06 Merge branch 'master' of https://github.com/dougsko/metasploit-framework into dougsko-master 2013-03-14 15:51:47 +01:00
jvazquez-r7 d3a78db77a Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-14 14:12:11 +01:00
jvazquez-r7 7403239de7 cleanup for psexec_ntdsgrab 2013-03-14 13:40:45 +01:00
jvazquez-r7 9ae2c8e718 Merge branch 'ntdsgrab4' of https://github.com/R3dy/metasploit-framework into R3dy-ntdsgrab4 2013-03-14 13:39:41 +01:00
Trenton Ivey 97023413cb Added advanced option for temp filenames prefix 2013-03-14 01:50:52 -05:00
Royce Davis abbb3b248d methods that use @ip now reference it directly instead of being passed in as paramaters 2013-03-13 19:35:53 -05:00
Royce Davis 462ffb78c1 Simplified copy_ntds & copy_sys check on line 91 2013-03-13 19:31:36 -05:00
Royce Davis 4e9af74763 All print statements now use #{peer} 2013-03-13 19:28:09 -05:00
Royce Davis edf2804bb5 Added simple.disconnect to end of cleanup_after method 2013-03-13 19:23:22 -05:00
Royce Davis 8eba71ebe2 Added simple.disconnect to end of download_sys_hive method 2013-03-13 19:20:58 -05:00
James Lee 2f11796dfa Fix typo
[SeeRM #7800]
2013-03-13 16:10:20 -05:00
jvazquez-r7 e5f7c08d6f Added module for CVE-2012-4940 2013-03-13 11:52:54 +01:00
Doug P 22133ba8ff removed version number 2013-03-12 16:36:14 -04:00
Doug P 70da739666 fixed errors in dopewars.rb shown by msftidy 2013-03-12 15:47:31 -04:00
Doug P c8c50a6407 cleaned up dopewars module 2013-03-12 12:56:12 -04:00
jvazquez-r7 91fbeda062 up to date 2013-03-12 17:04:27 +01:00
jvazquez-r7 6055438476 up to date 2013-03-12 17:04:27 +01:00
jvazquez-r7 ee98f28017 up to date 2013-03-12 16:58:48 +01:00
jvazquez-r7 1331952515 up to date 2013-03-12 16:55:06 +01:00
jvazquez-r7 6bd995f37e up to date 2013-03-12 16:53:37 +01:00
jvazquez-r7 9891650c30 up to date 2013-03-12 16:51:00 +01:00
jvazquez-r7 b498bf9b71 up to date 2013-03-12 16:50:35 +01:00
Royce Davis 9a970415bc Module uses store_loot now instead of logdir which has been removed 2013-03-11 20:05:23 -05:00
doug a199c397e4 ... 2013-03-11 17:09:17 -04:00
doug 4d6e19b40b small edits to dopewars.rb 2013-03-11 17:07:05 -04:00
doug 0e607f8252 added dopewars module 2013-03-11 16:52:49 -04:00
jvazquez-r7 2684e6103c use of send_request_cgi 2013-03-11 20:36:47 +01:00
jvazquez-r7 9c89599737 cleanup before merge external_ip 2013-03-11 20:35:25 +01:00
jvazquez-r7 546e24a9c6 Merge branch 'external_ip_discovery' of https://github.com/sempervictus/metasploit-framework into sempervictus-external_ip_discovery 2013-03-11 20:35:07 +01:00
Royce Davis aa4cc11640 Removed Scanner class running as stand-alone single target module now 2013-03-11 13:39:47 -05:00
jvazquez-r7 074ea7dee4 Merge branch 'ssl' of https://github.com/luh2/metasploit-framework into luh2-ssl 2013-03-11 15:36:20 +01:00
Royce Davis a96753e9df Added licensing stuff at the top 2013-03-10 20:07:04 -05:00
Royce Davis bf9a2e4f52 Fixed module to use psexec mixin 2013-03-10 15:15:50 -05:00
Royce Davis 907983db4a updating with r7-msf 2013-03-10 14:19:20 -05:00
James Lee 2160718250 Fix file header comment
[See #1555]
2013-03-07 17:53:19 -06:00