090566610a
Make sure @shares is initialized
...
Fixes a stack trace when the target isn't Windows
2012-04-10 15:00:47 -06:00
a9d733f9fe
Fix pack order
2012-04-09 21:21:42 -05:00
2c473e3cdd
Fix up koyo login
2012-04-09 15:07:47 -05:00
a26e844ce5
Merge pull request #318 from wchen-r7/dolibarr_login
...
Add an aux module to brute force Dolibarr's login interface
2012-04-09 09:20:48 -07:00
bef12478fc
Merge branch 'bap-refactor' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-bap-refactor
2012-04-09 09:58:22 -05:00
b38933328f
Send exploits that are not assocated with any browser to all of them
2012-04-09 01:53:57 -06:00
9cec9639c7
Add an aux module to brute force Dolibarr's login interface
2012-04-08 18:16:38 -05:00
f520af036f
Move next_exploit() onto window object so it's accessible everywhere
...
I swear I committed this before, not sure what happened.
2012-04-08 17:11:15 -06:00
dfe2bbc958
Use rport for modicon_password recovery, not 21.
2012-04-07 13:03:43 -05:00
461352f24f
Don't need to require net/ftp anymore
...
Nothing actually used it anyway.
2012-04-06 10:35:28 -05:00
9c8e6ac9da
Ruby 1.8 compat for the SCADA modules.
...
But really, you should be using Ruby 1.9 by now.
2012-04-05 17:05:03 -05:00
14d9953634
Adding DigitalBond SCADA modules
2012-04-05 12:35:48 -05:00
40ab362e1c
Store host details in the target cache
...
This allows us to maintain a connection between the client and the
operating system/host where it's running.
Also fixes a counting problem for modules actually started.
2012-04-05 01:33:07 -06:00
0ddfa79a34
Move javascriptosdetect out to its own file
...
Allows editors to easily highlight correctly which makes editing a
little nicer. Also makes it easier to debug because line numbers are
only off by the length of the custom_js argument.
2012-04-04 17:07:17 -06:00
6ad0f41479
Add the client to output
2012-04-03 18:27:16 -06:00
893430894e
Tell the user how many sploits we've picked
2012-04-03 18:22:56 -06:00
9cf896ffa1
Pre-release fixups on titles and grammar
...
Fixing squid_pivot_scanning and enum_xchat
2012-04-02 11:24:49 -05:00
7b0ee58d9f
Fixing bug spotted by troulouliou in ipv6_neighbor
...
Just check for nilness, not the :symbol.
2012-04-02 10:02:59 -05:00
220ad7875f
Merge pull request #285 from wvandevanter-r7/squid_pivot_scanning
...
Squid pivot scanning
2012-03-29 05:02:05 -07:00
f5e05461f6
changed the false positive check IP to a user set variable
2012-03-28 22:18:56 -04:00
0fcab521d2
fixed print_bad
2012-03-28 02:32:03 -04:00
fb9163caf9
Merge pull request #278 from wchen-r7/manageengine_deviceexpert
...
Add OSVDB-80262 ManageEngine DeviceExpert
2012-03-26 14:42:36 -07:00
d95d60670e
Fix up desc again on enum_dns
2012-03-26 16:20:00 -05:00
14b45f9fb1
More fixes to enum_dns.rb
...
* Should use 'and', not & (bitwise AND)
* Made capitalization sane for Anglophones. See: http://owl.english.purdue.edu/owl/resource/592/1/
2012-03-26 16:14:04 -05:00
dc6f76eb20
Style fixes for enum_dns.rb
...
* Use a dotted.notation for note types
* Changed title to something more descriptive
* Expanded description
* Other trivial changes
2012-03-26 16:08:39 -05:00
79d74b8768
ADD OSVDB-80262
2012-03-26 12:58:18 -05:00
19fc8d9883
Add OSVDB-80262
2012-03-26 12:42:24 -05:00
507dd423ce
Rogue period, DELETED.
2012-03-26 10:54:26 -05:00
135cf7ba04
remove trailing comma, thanks troulouliou
2012-03-23 17:00:04 -05:00
47493af103
Merge pull request #259 from todb-r7/edb-2
...
Convert Exploit-DB references to first-tier "EDB-12345" references
2012-03-23 12:09:07 -07:00
6f0f9041c8
Merge pull request #267 from wchen-r7/hp_data_protector_win_cmd
...
Add HP Data Protector aux module for executing commands on Windows
2012-03-23 11:06:52 -07:00
10733f6a1c
Update description
2012-03-23 13:05:40 -05:00
41bc8ded3d
Add HP Data Protector aux module for executing commands on Windows
2012-03-23 07:57:13 -05:00
3dc0e97998
Updating description and refs to Patrick's module
...
There was some weirdness with the commit log on this module but it
should all be kosher now.
[Closes #260 ]
2012-03-22 10:30:25 -05:00
2f3bbdc00c
Sed replacement of exploit-db links with EDB refs
...
This is the result of:
find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/ \([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
8f17cc3f5c
MS12-020 not MS12-002
2012-03-21 13:58:18 -05:00
b09d91d1c7
Removing enum_bing_url
...
Moving this over to unstable until the described http request problem
gets resolved.
2012-03-21 09:33:31 -05:00
056985625d
damn comma
2012-03-21 04:06:54 -05:00
ed542e2b6c
Change dns_enum to enum_dns for naming style consistency
2012-03-20 14:11:04 -05:00
b8b5c79957
No need for net/http
2012-03-20 14:09:40 -05:00
777e221232
Add Bing URL enumerator by Royce (Feature #6499 )
2012-03-20 14:07:42 -05:00
bff860c62d
s/brute force/bruteforce
...
This is the preferred spelling in Metasploit, at least, according to
grep consensus:
./metasploit-framework$ grep -ri "brute force" . | wc -l
111
./metasploit-framework$ grep -ri "bruteforce" . | wc -l
183
2012-03-19 16:14:00 -05:00
4391c24d2f
Trivial touchups on RDP DoS module.
...
Dropping a line about what it can't do, adding freenode comment.
2012-03-19 14:27:27 -05:00
3a851ef2c2
Fix typo
2012-03-19 13:20:59 -05:00
3d72d52625
Add reporting to MS12-020
2012-03-19 13:18:51 -05:00
fa4504e1f6
Let's make this clear, it's just a DoS
2012-03-19 13:00:29 -05:00
13f16daca7
Actually, that date is way off. Corrected.
2012-03-19 12:58:52 -05:00
d8be328b89
Ported Daniel/Alex/jduck's MS12-020 PoC as a Metasploit module
2012-03-19 12:53:34 -05:00
aeb691bbee
Massive whitespace cleanup
2012-03-18 00:07:27 -05:00
7c77fe20cc
Some variables don't need to be in a double-quote.
2012-03-17 20:37:42 -05:00
James Lee
HD Moore
sinn3r
sinn3r
Tod Beardsley
Tod Beardsley
Willis Vandevanter
Jonathan Cran
Patrick Webster