d4fa2ba96d
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-19 14:14:36 -05:00
c52588f579
remove Scanner mixin
...
remove Scanner mixin because this module is not a scanner modul
2013-04-19 20:28:44 +02:00
7fdf84ac45
Landing #1744 - Checks nil before using resp.headers['Server']
...
[Closes #1744 ]
2013-04-19 10:37:05 -05:00
31586770a0
Added module for OSVDB 92490
2013-04-18 14:34:02 -05:00
8f76c436d6
SAP ConfigServlet OS Command Execution module
...
This module allows execution of operating system commands throug the
SAP ConfigServlet without any authentication.
2013-04-18 20:26:48 +02:00
15c6df1482
Check for nil before calling on value
2013-04-18 00:32:37 -04:00
cc35591723
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-15 17:43:15 -05:00
a36c6d2434
Lands #1730 , adds a VERBOSE option checker
...
Also removes VERBOSE options from extant modules. There were only 5 of
them, and one was a commented option.
2013-04-15 15:32:56 -05:00
29101bad41
Removing VERBOSE offenders
2013-04-15 15:29:56 -05:00
ba7603e66c
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-09 17:34:23 +02:00
76d4538d2a
Merge branch 'master' of github.com:rapid7/metasploit-framework
2013-04-09 10:24:54 -05:00
1e258170dc
It's a filename, so not trying to match any single char
2013-04-09 10:20:52 -05:00
50cf039170
Merge branch 'cve-2013-1899-not-auth' of github.com:jhart-r7/metasploit-framework into jhart-r7-cve-2013-1899-not-auth
2013-04-09 10:19:15 -05:00
79620ed660
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-09 17:12:16 +02:00
ba86e14d43
Whitespace and caps fixes
2013-04-09 08:57:53 -05:00
ef63a4f5cf
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-08 21:29:01 +02:00
225342ce8f
final cleanup for sysax_sshd_kexchange
2013-04-08 20:28:37 +02:00
5bc454035c
Merge remote-tracking branch 'origin/pr/1710' into landing-pr1710
2013-04-08 20:20:11 +02:00
b1152d1567
Improve Postgres CVE-2013-1899 to detect unauthorized connections
2013-04-08 09:55:23 -07:00
d65bf8bab9
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-08 18:19:41 +02:00
d24371eaff
Merge branch 'hp_imc_reportimgservlt_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_reportimgservlt_traversal
2013-04-08 10:18:30 -05:00
1b5c34db1a
Merge branch 'hp_imc_ictdownloadservlet_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_ictdownloadservlet_traversal
2013-04-08 10:17:19 -05:00
11253c8f3e
Merge branch 'hp_imc_faultdownloadservlet_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_faultdownloadservlet_traversal
2013-04-08 10:16:52 -05:00
f96baa7e7e
Code Review Feedback
...
made the CLIENTVERSION always include the "SSH-2.0-OpenSSH_5.1p1 " to trigger DoS
2013-04-08 10:58:35 -04:00
4c8e19ad1a
Added reference
...
Removed final debug print statement
2013-04-08 08:28:53 -04:00
daba48035d
fix DEPTH description and basename
2013-04-05 11:05:46 +02:00
b6edad1f1d
fix DEPTH description and basename
2013-04-05 11:04:43 +02:00
d163e96d6a
fix DEPTH description and basename
2013-04-05 11:02:59 +02:00
d823f724cd
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-04 22:16:35 +02:00
30f44c3a24
final cleanup for dlink_dir_615h_http_login
2013-04-04 22:02:45 +02:00
8f60d12e46
Merge branch 'dlink_login_dir_615H' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink_login_dir_615H
2013-04-04 22:01:49 +02:00
b75d038fc2
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-04 21:54:36 +02:00
7d1e9af728
final cleanup for dlink_dir_session_cgi_http_login
2013-04-04 21:41:42 +02:00
0b9fe53919
module filename changed
2013-04-04 21:41:10 +02:00
6ec6638568
Merge branch 'dlink_login_dir_300B_600B' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink_login_dir_300B_600B
2013-04-04 21:40:21 +02:00
498a0dc309
final cleanup for dlink_dir_300_615_http_login
2013-04-04 21:15:22 +02:00
cff70e41be
Merge branch 'dlink_login' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink_login
2013-04-04 21:14:56 +02:00
fe2b598503
Add the advisory URL
2013-04-04 10:22:31 -05:00
c8a6dfbda2
Add scanner module for the new PostgreSQL flaw
2013-04-04 10:19:47 -05:00
7b4cdf4671
make msftidy happy
2013-04-04 13:22:01 +02:00
78c492da20
is_dlink, more feedback included, msftidy
2013-04-04 13:18:32 +02:00
2f96a673cd
is_dlink, more feedback included
2013-04-04 13:17:45 +02:00
64f3e68310
is_dlink and some more feedback included
2013-04-04 13:01:18 +02:00
89de9fdf22
cleanup for dlink_dir_300_615_http_login
2013-04-03 10:04:01 +02:00
b4b3c82c86
delete space
2013-04-03 00:31:00 +02:00
54120a2d3a
delete space
2013-04-03 00:30:24 +02:00
85d9e3e9ee
delete space
2013-04-03 00:29:38 +02:00
0b4eab2499
added module for ZDI-13-053
2013-04-03 00:24:11 +02:00
018e147063
added module for ZDI-13-052
2013-04-03 00:22:38 +02:00
dc17b4931c
added module for ZDI-13-051
2013-04-03 00:21:01 +02:00
070fd399f2
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-03-31 20:23:08 +02:00
587170ae52
fixed author details - next try
2013-03-30 12:43:55 +01:00
1d6184cd63
fixed author details
2013-03-30 12:41:31 +01:00
8032a33cd5
report_auth_info - proof
2013-03-29 22:06:25 +01:00
1156194a6b
feedback included, server fingerprinting
2013-03-29 22:04:22 +01:00
2b4d6eb455
feedback included, server header check
2013-03-29 21:30:45 +01:00
b6a50da394
feedback included, server header check
2013-03-29 21:20:51 +01:00
5616b8245b
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-03-29 11:59:33 +01:00
9086c53751
Not an HttpClient, so doesn't have normalize_uri
...
[FixRM #7851 ]
2013-03-28 13:16:21 -05:00
5b30115336
vprint_status changed to vprint_error as requested
2013-03-28 14:27:51 +00:00
0f147dcf47
vprint_status changed to vprint_error as requested
2013-03-28 14:24:57 +00:00
eee702a329
vprint_status changed to vprint_error as requested
2013-03-28 14:23:21 +00:00
e2212ca8c9
vprint_status changed to vprint_error as requested
2013-03-28 14:22:01 +00:00
9594693ecb
vprint_status changed to vprint_error as requested
2013-03-28 14:16:19 +00:00
9d87db6831
vprint_status changed to vprint_error as requested
2013-03-28 14:08:24 +00:00
aae1d5933e
removed socket print, left over from debugging
2013-03-28 10:49:23 +00:00
376ca7b107
fixed issue with access denied condition thanks to @pho_bos
2013-03-28 10:41:37 +00:00
aa981cc991
DIR-645 also working
2013-03-27 12:11:14 +01:00
615aa57399
Dlink DIR615 HW rev B login module
2013-03-27 09:26:23 +01:00
680b551215
default to user admin
2013-03-27 08:59:19 +01:00
032214fb1d
default to user admin
2013-03-27 08:49:04 +01:00
e1a719a6c0
http login module for DLink DIR300revB, DIR600revB, DIR815
2013-03-26 20:57:24 +01:00
c4fe21865c
user fix
2013-03-26 20:15:19 +01:00
bcc26427c0
EPS_GET_DIRECTORY_LISTING (List Directory abd SMB Relay)
2013-03-25 20:26:56 +00:00
d8086a27a6
vprint_status mod
2013-03-25 20:20:29 +00:00
121c75f646
vprint_status mod
2013-03-25 20:18:14 +00:00
da6a99defb
vprint_status mod
2013-03-25 20:16:11 +00:00
f66ffbfa81
vprint_status mod
2013-03-25 20:13:45 +00:00
95e7d55313
remove sap_soap_rfc_eps_delete_file_smb_relay.rb
2013-03-25 20:09:59 +00:00
f7ccfa634e
This module exploits an authentication bypass vulnerability in SAP NetWeaver CTC service
2013-03-25 19:59:16 +00:00
3c12459703
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-03-25 19:33:36 +01:00
9717a8c3b4
cleanup for tplink_traversal_noauth
2013-03-25 19:20:18 +01:00
543b401a55
Merge branch 'tplink-traversal' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-tplink-traversal
2013-03-25 19:18:53 +01:00
393d5d8bf5
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-03-25 19:09:42 +01:00
f92f59bfad
EPS_DELETE_FILE (File deletion and SMB Relay)
2013-03-25 17:23:27 +00:00
dcce23d23d
Merge branch 'bugs/tomcat_enum-double_check' of github.com:neinwechter/metasploit-framework into neinwechter-bugs/tomcat_enum-double_check
2013-03-25 12:19:52 -05:00
01ee30e389
PFL_CHECK_OS_FILE_EXISTENCE (file existence and SMB relay)
2013-03-25 17:11:23 +00:00
fdd06c923a
cleanup for dlink_dir_645_password_extractor
2013-03-25 18:04:12 +01:00
a9a5a3f64f
Merge branch 'dlink-dir645-password-extractor' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink-dir645-password-extractor
2013-03-25 18:02:51 +01:00
aad0eed485
Fix whitespace EOL
2013-03-25 13:00:37 -04:00
5be98593a9
RZL_READ_DIR_LOCAL (directory listing and SMB relay)
2013-03-25 16:59:37 +00:00
3f79b2fd3b
Use :abort for scanner mixin
2013-03-25 12:59:18 -04:00
e840578ea2
SAP /sap/bw/xml/soap/xmla XMLA service (XML DOCTYPE) SMB relay
2013-03-25 16:57:12 +00:00
0d56da0511
Merge branch 'netgear-sph200d' of github.com:m-1-k-3/metasploit-framework into m-1-k-3-netgear-sph200d
2013-03-25 11:45:40 -05:00
99fe2a33d7
Deregister USER_AS_PASS and stop on connect error
2013-03-25 12:35:52 -04:00
53b862300e
cleanup for linksys_e1500_traversal
2013-03-25 17:33:38 +01:00
ea804d433e
change file name
2013-03-25 17:33:16 +01:00
660d3d5388
Merge branch 'linksys-traversal' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-linksys-traversal
2013-03-25 17:31:11 +01:00
2d5a0d6916
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-03-25 17:08:23 +01:00
e57498190b
dlink dir 300/600 login module - initial commit
2013-03-25 08:48:24 +01:00
98ac6e8090
feedback included
2013-03-24 21:01:30 +01:00
d90de54891
reporting and feedback
2013-03-24 15:00:18 +01:00
9f8ec37060
store loot
2013-03-24 11:48:49 +01:00
71708c4bc3
dir 645 password extractor - initial commit
2013-03-24 11:44:24 +01:00
49ac3ac1a3
cleanup for linksys_e1500_e2500_exec
2013-03-23 23:30:49 +01:00
98be5d97b8
Merge branch 'linksys-e1500-e2500-exec' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-linksys-e1500-e2500-exec
2013-03-23 23:30:14 +01:00
b2bf1df098
fixed encoding and set telnetd as default cmd
2013-03-23 22:56:15 +01:00
7ff9c70e38
10 to 0 is good :)
2013-03-23 22:46:26 +01:00
47d458a294
replacement of the netgear-sph200d module
2013-03-23 22:40:32 +01:00
bd522a03e3
replace module to the scanner directory
2013-03-23 22:29:44 +01:00
b1ae2f7bf4
replace module to the scanner directory
2013-03-23 22:29:31 +01:00
8f59999f82
replace module to the scanner directory
2013-03-23 22:25:04 +01:00
f58554bb57
replace module to the scanner directory
2013-03-23 22:24:50 +01:00
965ec34368
check of the server on the first try
2013-03-23 22:13:01 +01:00
aacd14ae45
version removed, encode params removed
2013-03-23 21:31:08 +01:00
b01959ea70
tplink traversal - initial commit
2013-03-23 20:30:32 +01:00
cb56b2de4b
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-03-23 20:06:05 +01:00
36d1746c0d
linksys traversal module - initial commit
2013-03-23 17:01:02 +01:00
270f64acc2
feedback included
2013-03-23 15:54:34 +01:00
f22c18e026
Merge branch 'module-psexec_command-file_prefix' of github.com:kn0/metasploit-framework into kn0-module-psexec_command-file_prefix
2013-03-22 13:08:13 -05:00
b30a5aa6e8
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-03-21 09:07:41 +01:00
dcd2aebdcd
feedback included
2013-03-20 21:34:30 +01:00
011b6899b0
Merge 'neinwechter/browser_autopwn-updates'
...
Brings in neinwechter's BAP fixes. Seems to not only be a more sane
strategy, but in practice, ends up with tons more shells for at least
MSIE which is what most people are using it for anyway.
[Closes #1612 ]
2013-03-20 15:26:09 -05:00
e377e30873
unscrewing syntax error
2013-03-20 15:04:31 -05:00
fd20eba35e
Expanding the title and desc for external_ip
...
Also allowing the capitalization on "via" to be small.
2013-03-20 14:42:12 -05:00
44f07cef19
Merge branch 'linksys-e1500-e2500-exec' of https://github.com/m-1-k-3/metasploit-framework
2013-03-20 00:47:31 +01:00
80d218b284
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-03-19 19:55:51 +01:00
9fc0f9a927
initial commit
2013-03-19 17:31:01 +01:00
116f5b87f0
Merge branch 'axigen_file_access' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-axigen_file_access
2013-03-19 08:33:58 -05:00
fd5bd52e6d
Added some error handling if the connection dies.
2013-03-18 17:26:40 -04:00
66dcbca562
Sysax Multi-Server SSHD DoS
...
This exploit affects Sysax Multi-Server version 6.10. It causes a
Denial of Service by sending a specially crafted Key Exchange, which
causes the service to crash.
2013-03-18 17:16:12 -04:00
3eb4505f6f
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-03-14 16:01:40 +01:00
02f90b5bbd
cleanup for dopewars
2013-03-14 15:53:19 +01:00
4d9f2bbb06
Merge branch 'master' of https://github.com/dougsko/metasploit-framework into dougsko-master
2013-03-14 15:51:47 +01:00
d3a78db77a
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-03-14 14:12:11 +01:00
7403239de7
cleanup for psexec_ntdsgrab
2013-03-14 13:40:45 +01:00
9ae2c8e718
Merge branch 'ntdsgrab4' of https://github.com/R3dy/metasploit-framework into R3dy-ntdsgrab4
2013-03-14 13:39:41 +01:00
97023413cb
Added advanced option for temp filenames prefix
2013-03-14 01:50:52 -05:00
abbb3b248d
methods that use @ip now reference it directly instead of being passed in as paramaters
2013-03-13 19:35:53 -05:00
462ffb78c1
Simplified copy_ntds & copy_sys check on line 91
2013-03-13 19:31:36 -05:00
4e9af74763
All print statements now use #{peer}
2013-03-13 19:28:09 -05:00
edf2804bb5
Added simple.disconnect to end of cleanup_after method
2013-03-13 19:23:22 -05:00
8eba71ebe2
Added simple.disconnect to end of download_sys_hive method
2013-03-13 19:20:58 -05:00
2f11796dfa
Fix typo
...
[SeeRM #7800 ]
2013-03-13 16:10:20 -05:00
e5f7c08d6f
Added module for CVE-2012-4940
2013-03-13 11:52:54 +01:00
22133ba8ff
removed version number
2013-03-12 16:36:14 -04:00
70da739666
fixed errors in dopewars.rb shown by msftidy
2013-03-12 15:47:31 -04:00
c8c50a6407
cleaned up dopewars module
2013-03-12 12:56:12 -04:00
91fbeda062
up to date
2013-03-12 17:04:27 +01:00
6055438476
up to date
2013-03-12 17:04:27 +01:00
jvazquez-r7
Andras Kabai
sinn3r
RageLtMan
Tod Beardsley
sinn3r
Jon Hart
Matt Andreko
HD Moore
m-1-k-3
James Lee
nmonkee
Nathan Einwechter
Trenton Ivey
Royce Davis
Doug P