89753a6390
Fix undefined method error
...
[FixRM #8323 ]
2013-08-21 01:22:27 -05:00
92752de651
Fix undefined method error
...
[FixRM #8324 ]
2013-08-21 01:20:57 -05:00
77942f0d29
Fix undefined method error
...
[FixRM #8325 ]
2013-08-21 01:20:03 -05:00
2fa75e0133
Fix undefined method error
...
[FixRM #8325 ]
2013-08-21 01:16:49 -05:00
be29e44788
Fix undefined method error
...
[FixRM #8328 ]
2013-08-21 01:15:07 -05:00
ae8c40c8f7
Fix undefined method error
...
[FixRM #8329 ]
2013-08-21 01:10:46 -05:00
42a7766f1b
Fix undefined method error
...
[FixRM #8330 ]
2013-08-21 01:09:24 -05:00
0f85fa21b4
Fix undefined method error
...
[FixRM #8331 ]
2013-08-21 01:08:19 -05:00
8eeb66f96d
Fix undefined method error
...
[FixRM #8332 ]
2013-08-21 01:06:54 -05:00
785f633d1d
Fix undefined method error
...
[FixRM #8334 ]
[FixRM #8333 ]
2013-08-21 01:01:53 -05:00
0561928b92
Fix undefined method error
...
[FixRM #8336 ]
2013-08-21 00:54:08 -05:00
2597c71831
Fix undefined method error
...
[FixRM #8338 ]
[FixRM #8337 ]
2013-08-21 00:52:33 -05:00
092b43cbfa
Fix undefined method error
...
[FixRM #8339 ]
2013-08-21 00:50:37 -05:00
32a190f1bd
Fix undefined method error
...
[FixRM #8340 ]
2013-08-21 00:49:13 -05:00
217d89fa7c
Fix undefined method error
...
[FixRM #8341 ]
2013-08-21 00:47:31 -05:00
3a271e7cc7
Fix undefined method error
...
[FixRM #8342 ]
2013-08-21 00:45:48 -05:00
8806e76e4d
Fix undefined method error
...
[FixRM #8343 ]
2013-08-21 00:44:10 -05:00
37eaa62096
Fix undefined method error
...
[FixRM #8346 ]
2013-08-21 00:42:33 -05:00
9ca7a727e1
Fix undefined method error
...
[FixRM #8347 ]
2013-08-21 00:41:49 -05:00
5993cbe3a8
Fix undefined method error
...
[FixRM #8348 ]
2013-08-21 00:40:38 -05:00
9f98d4afe6
Fix undefined method error
...
[FixRM #8349 ]
2013-08-21 00:38:35 -05:00
35b15b6809
Fix undefined method error
...
[FixRM #8322 ]
2013-08-21 00:37:22 -05:00
ea78e8309d
Fix undefined method error
...
[FixRM #8350 ]
2013-08-21 00:35:36 -05:00
fe089030d4
Land #2257 , @wchen-r7's patch for [SeeRM #8317 ]
2013-08-20 13:43:37 -05:00
ceb0f56f42
Land #2258 , @wchen-r7's patch for [SeeRM #8318 ]
2013-08-20 13:26:34 -05:00
1702cf2af9
Use TARGETURI
2013-08-20 13:23:32 -05:00
3ac59fede7
Land #2251 , @wchen-r7's patch to use OptRegexp
2013-08-20 12:55:30 -05:00
202b31d869
Better fix based on feedback
...
Tell daddy how you want it.
2013-08-20 12:52:04 -05:00
42f774a064
Fix check method
2013-08-20 12:02:09 -05:00
533d98bd1b
Adding module for CVE 2013-5093, Graphite Web Exploit
2013-08-20 12:56:30 -04:00
546c523ed8
Land #2252 , @wchen-r7's patch for print_line vs print
2013-08-20 11:17:38 -05:00
8adc4f05dd
Land #2250 , @wchen-r7's clean up for mssql_ping
2013-08-20 10:38:01 -05:00
586ae8ded3
Land #2249 , @wchen-r7's patch for [SeeRM #8314 ]
2013-08-20 10:32:47 -05:00
277fc69a19
Land #2246 , @wchen-r7's patch for [SeeRM #8313 ]
2013-08-20 10:15:15 -05:00
f68d581b7a
[FixRM #8319 ] - Properly disable BLANK_PASSWORDS for ektron_cms400net
...
In module ektron_cms400net.rb, datastore option "BLANK_PASSWORDS" is
set to false by default, because according to the original author, a
blank password will result in account lockouts. Since the user should
never set "BLANK_PASSWORDS" to true, this option should never be
presented as an option (when issuing the "show options").
While fixing #8319 , I also noticed another bug at line 108, where
res.code is used when res could be nil due to a timeout, so I ended
up fixing it, too.
2013-08-20 01:20:52 -05:00
4790d8de50
Land #2256 , @wchen-r7's patch for [FixRM #8316 ]
2013-08-19 23:23:57 -05:00
246c2d82f9
[FixRM #8318 ] - Use normalize_uri properly
...
normalize_uri should be used when paths are being merged, not after.
2013-08-19 18:04:12 -05:00
3c27520e10
[FixRM #8317 ] - Fix possible double slash in file path
...
It is possible to have a double slash in the base path, shouldn't
happen.
2013-08-19 17:55:14 -05:00
268a3e769e
Missed this one
2013-08-19 17:45:05 -05:00
5366453031
[FixRM #8316 ] - Escape characters correctly
...
dots need to be escaped
2013-08-19 16:51:19 -05:00
7fc37231e0
Fix email format
...
Correct email format
2013-08-19 16:34:14 -05:00
a8ca32ab34
Oh yeah, need to do this too
2013-08-19 16:28:58 -05:00
154b1e8888
Remove comments
2013-08-19 16:27:35 -05:00
cf10a0ca91
Use print_line instead of print
...
These modules should be using print_line instead of print
2013-08-19 16:25:44 -05:00
8eb9266bff
Use the correct var
2013-08-19 16:19:03 -05:00
58d5cf6faa
Module should use OptRegexp for regex pattern option
...
Instead of using OptString, OptRegexp should be used because this
datastore option is a regex pattern.
2013-08-19 16:16:34 -05:00
8c03e905de
Get rid of function that's never used
...
RPORT datastore option is deregistered, and is never used anywhere
in the module, so I don't why we need this rport() function here.
2013-08-19 16:09:10 -05:00
a815d9277e
Merge pull request #2245 from todb-r7/grammar-and-such
...
Trivial grammar and word choice fixes for modules
2013-08-19 13:45:18 -07:00
17b5e57280
Typo
2013-08-19 15:32:19 -05:00
fb5ded1472
[FixRM #8314 ] - Use OptPath instead of OptString
...
These modules need to use OptPath to make sure the path is validated.
2013-08-19 15:30:33 -05:00
2e74c50880
[SeeRM #8313 ] - Print where files are stored
...
As an user, I want to be able to see where my file is stored when the
module I'm using runs a store_loot().
2013-08-19 15:02:15 -05:00
d0b56e1650
Use the correct variable
2013-08-19 14:38:40 -05:00
d89932bfd8
Use the correct variable
2013-08-19 14:33:01 -05:00
ca313806ae
Trivial grammar and word choice fixes for modules
2013-08-19 13:24:42 -05:00
4cef4e88a6
If exception hits, make sure it's closed.
2013-08-19 13:21:53 -05:00
11ef366818
Properly close hashlist
2013-08-19 13:14:13 -05:00
89d4f0180d
Make sure we close hashlist
2013-08-19 12:54:27 -05:00
abaec32ad6
What Luke said.
...
"You cannot, in general, place a variable declaration in a begin
scope and use it in the ensure scope unless you use nil?. It is
better to swap line 35 and line 34."
2013-08-18 23:54:04 -05:00
86d6bce8c4
[FixRM #8312 ] - Fix file handle leaks
...
Fix file handle leaks for [SeeRM #8312 ]
2013-08-18 20:31:13 -05:00
f843743294
Adds fixes from @wchen-r7.
2013-08-18 18:46:51 -05:00
017309d02d
Minor fixes to keylogger.
2013-08-18 16:29:34 -05:00
1cdf77df7d
OSX keylogger module finally working.
2013-08-18 16:21:38 -05:00
abd4fb778f
add osvdb ref for chasys overflow
2013-08-18 06:35:28 -05:00
0037ccceed
add osvdb ref for openx backdoor
2013-08-18 06:34:50 -05:00
02e394e1c3
php_include - fix check
2013-08-17 17:36:43 +01:00
98b4c653c0
php_include - uses verbose
2013-08-17 17:35:09 +01:00
c5d426fc70
Land #2235 , @wchen-r7's patch for [SeeRM #6264 ]
2013-08-17 10:05:41 -05:00
a75a4906f2
Description update
2013-08-16 23:28:24 -05:00
780293d817
Minor changes
2013-08-16 23:24:40 -05:00
a8cc15db20
Add module for ZDI-13-178
2013-08-16 18:13:18 -05:00
a94c6aa72b
[FixRM 6264] Check required vulnerable component before testing
...
tomcat_enum requires the admin web app package for it to work, but
by default many Apache Tomcat don't actually have this. The module
should check that first before trying usernames.
[FixRM 6264], see:
http://dev.metasploit.com/redmine/issues/6264
I also made changes to do_login in order to verify successful/bad
attempts more specific.
2013-08-16 15:45:23 -05:00
e50ef209b2
Land #2233 , @bperry-r7's module for nexpose
2013-08-16 14:21:22 -05:00
f42797fc5c
Fix indentation
2013-08-16 14:19:37 -05:00
f7339f4f77
Cleanup various style issues
...
* Unset default username and password
* Register SSL as a DefaultOption instead of redefining it
* Use the HttpClient mixin `ssl` instead of datastore.
* Unless is better than if !
* Try to store loot even if you can't cleanup the site ID.
2013-08-16 14:03:59 -05:00
dfa1310304
Commas in the author array
2013-08-16 13:54:46 -05:00
24b8fb0d7b
Whitespace retab, add rport 3780 as default
2013-08-16 13:31:05 -05:00
85b050112a
Land #2231 , @wchen-r7's patch for [SeeRM #8114 ]
2013-08-16 12:52:10 -05:00
a86b247077
Land #2224 - Add brute force module for Cisco IronPort
2013-08-16 12:07:14 -05:00
bbe57dbf3a
Some cleanup, also remove TARGETURI because not registered by default
2013-08-16 12:06:24 -05:00
d4dbea5594
Check 200
2013-08-16 11:34:32 -05:00
e436d31d23
Use SSL by defailt
2013-08-16 11:32:10 -05:00
60a229c71a
Use rhost and rport, not local host and port
2013-08-16 11:12:39 -05:00
646d55b638
Description should be present tense
2013-08-16 11:06:34 -05:00
f0237f07d6
Correct author and references
2013-08-16 11:04:51 -05:00
46d6fb3b42
Add module for xxe
2013-08-16 10:51:05 -05:00
0063d4e06c
Extend description & add Win2k3 section to WinXP section.
2013-08-16 14:44:08 +03:00
e4885b2017
updated module
...
removed the csrfkey parameter from login uri.
2013-08-16 13:04:02 +05:30
1a3b4eebdb
Fix directory name on ruby
2013-08-15 22:54:31 -05:00
795ad70eab
Change directory names
2013-08-15 22:52:42 -05:00
c5c2aebf15
Update references
2013-08-15 22:04:15 -05:00
8602e744da
Add support for Win2k3
2013-08-16 02:46:16 +03:00
cc5804f5f3
Add Port for OSVDB 96277
2013-08-15 18:34:51 -05:00
79acc96e9a
Land #2230 , enum_shares nil deref
...
[FixRM #8224 ]
2013-08-15 16:55:39 -05:00
462ccc3d36
Missed these little devils
2013-08-15 16:50:13 -05:00
cd734acf3e
[See RM 8114] - Reduce false positive if traffic is redirected
...
Fix complaint for hitting this false positive when the user has
all the traffic redirected.
2013-08-15 16:33:10 -05:00
83a179ff08
[Fix RM 8224] - undefined method `include?' for nil:NilClass
...
Bug due to registry_enumkeys returning nil.
2013-08-15 16:04:35 -05:00
6c1ba9c9c9
Switch to Failure vs Exploit::Failure
2013-08-15 14:14:46 -05:00
a65181d51b
new revision - cisco_ironport_enum
...
Added code to check successful conn first, so now if there is no connectivity on target port, script aborts run.
New check to ensure 'set-cookie' is set by the app as expected, before any further fingerprinting & b-f starts.
If the app is not Ironport, 'set-cookie' will not be set & remains null, and so script aborts run.
De-registered 'TARGETURI.'
Registered 'username' and 'password' with default value.
Changed some run messages.
And lastly, changed the csrf key piece cos I miss a cold beer right now.
2013-08-15 04:06:30 +05:30
23c5f02e9a
Land #2225 - Fix dlink_dir300_exec_telnet
2013-08-14 13:11:42 -05:00
98e0053dc6
Fix indent level
2013-08-14 13:07:01 -05:00
178a7b0dbb
Fix author's email format
2013-08-14 11:56:47 -05:00
2a4b8e4a64
Add useful comment
2013-08-14 11:49:32 -05:00
e6c36864c4
Fix telnet related stuff
2013-08-14 11:47:57 -05:00
d526663a53
Add module to brute force the Cisco IronPort application
2013-08-14 09:16:49 -07:00
7145a85fb4
Add MiniWeb (Build 300) Arbitrary File Upload
2013-08-15 01:01:46 +09:30
1d82ed176f
Update joomla_media_upload_exec references
2013-08-13 23:27:01 -05:00
bce50d1b05
Land #2220 - OSX Password Prompt Spoof
2013-08-13 22:15:14 -05:00
919e0d1901
MSF license, make use of print_good
2013-08-13 22:14:35 -05:00
e1856651bc
Incorporate the suggested edits from the PR review.
...
* Rewrites helpers to just use cmd_exec, since that works in meterpreter and shell.
* Changes _EOF_ to EOF, since that threw a harmless error in shell
commits
* Prefer using Post mixin API instead of rolling-own implementation
* Fixes whitespace
[SeeRM #5940 ]
2013-08-13 19:35:55 -05:00
99ef714d00
Updates pps description.
2013-08-13 19:35:55 -05:00
52fa000211
Get password_prompt_spoof module working. [RM #5940 ]
2013-08-13 19:35:55 -05:00
54cffdb27d
Land #2219 - OSVDB-95933: Joomla Media Manager File Upload Vulnerability
2013-08-13 19:04:57 -05:00
e912a64ccc
Description change
2013-08-13 19:04:25 -05:00
c9799c1ee6
Land #2212 - Change migrate order & print target_pid
2013-08-13 18:56:54 -05:00
312ff1a20e
Delete period from regular expressions
2013-08-13 17:50:26 -05:00
04eed49310
Add support for FileDropper
2013-08-13 16:47:24 -05:00
e4a570d36b
Update metadata according to OSVDB
2013-08-13 16:42:53 -05:00
2086c51b67
Add module for Joomla Upload Exploit in the wild
2013-08-13 16:27:27 -05:00
73e9bf9fa8
Merge branch 'bug/smart_migrate' of github.com:/dmaloney-r7/metasploit-framework into bug/smart_migrate
...
Conflicts:
modules/post/windows/manage/smart_migrate.rb
2013-08-13 13:56:01 -05:00
6be4d9e583
missing interpolation
2013-08-13 13:52:44 -05:00
31cbc270fd
Favor unless over if for negative condition
2013-08-13 08:46:12 -05:00
bc9a26d4ee
Fix condition
2013-08-12 23:05:26 -05:00
568181de84
Add sthetic spaces
2013-08-12 22:33:34 -05:00
6d70d4924e
Land #2206 , @PsychoSpy module for OSVDB 94097
2013-08-12 22:27:03 -05:00
7981601eb8
Do final cleanup on intrasrv_bof
2013-08-12 22:24:53 -05:00
ebd485349f
Retab smart_migrate.rb module
...
Retabs completely for PR #2212
2013-08-12 20:23:33 -05:00
2d3c2c1c87
Set default target to 0 because there's only one
2013-08-12 20:01:23 -05:00
c0335cee26
Land #2214 - CVE-2013-3928: Chasys Draw IES Buffer Overflow
2013-08-12 19:16:02 -05:00
7562324d96
Land #2210 - CVE-2013-5019: Ultra Mini HTTPD Stack Buffer Overflow
2013-08-12 19:13:58 -05:00
51d9c59dcd
Extra tabs, bye
2013-08-12 19:13:20 -05:00
db78ffcc46
...
2013-08-12 18:21:10 -04:00
49bcec5c92
Additional cleanup
2013-08-12 18:20:03 -04:00
b3f229ff59
Add module for CVE-2013-3928
2013-08-12 17:18:30 -05:00
7014322dfd
Code cleanup
2013-08-12 18:16:00 -04:00
264fe32705
Added new badchars
2013-08-12 18:08:49 -04:00
bbc93b2a58
msftidy
2013-08-12 15:14:01 -04:00
28f030494e
Use tcp mixin/clean corrupt bytes
2013-08-12 15:12:15 -04:00
4480dc3bec
Land #2213 , @todb-r7's deletion of deprecated modules
2013-08-12 11:36:24 -05:00
b1fc8308c1
Land #2211 , @bcoles exploit for CVE-201-2620
2013-08-12 11:23:20 -05:00
bfb5040dbf
Remove deprecated modules
...
These three modules are well over their deprecation dates. Making good
on that threat now.
* service_permissions: Marked for removal on 2013-01-10
* bypassuac: Marked for removal on 2013-01-04
* ms10_092_schelevator: Marked for removal on 2013-06-01
2013-08-12 11:21:45 -05:00
8ac01d3b8e
Fix description and make it aggressive
2013-08-12 11:19:25 -05:00
c9bd791ff6
fix smart_migrate choice order
...
was trying winlogon first
should do explorer first
2013-08-12 11:02:27 -05:00
7854c452d2
Added more payload padding
2013-08-12 11:10:10 -04:00
9f33a59dc2
Fix target ret
2013-08-12 11:04:55 -04:00
6f96445b42
Change target ret/cleanup
2013-08-12 10:13:48 -04:00
a35d548979
Use HttpClient
2013-08-12 10:01:01 -04:00
d63d7bc7da
Add Open-FTPD 1.2 Writable Directory Traversal Execution
2013-08-12 08:49:49 +09:30
896320ed42
fix typo
2013-08-11 16:48:43 -04:00
4b14fa53e0
tidy debugs
2013-08-11 16:39:41 -04:00
90ef224c46
Implement CVE-2012-5019
2013-08-11 16:33:40 -04:00
sinn3r
jvazquez-r7
Charlie Eriksen
Brandon Turner
Tod Beardsley
Joe Vennix
Steve Tornio
g0tmi1k
Brandon Perry
jiuweigui
Karn Ganeshen
James Lee
HD Moore
bcoles
Joff Thyer
David Maloney
Tab Assassin
Nathan Einwechter