jvazquez-r7
2150d9efb0
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-22 12:06:18 -05:00
sinn3r
64cfda8dad
Final
2013-06-20 13:28:12 -05:00
sinn3r
bfb78e001a
Add HP System Management Homepage Login Utility
2013-06-20 12:54:03 -05:00
Cristiano Maruti
f78b4d8874
modified according to jvazquez-r7 feedback
2013-06-20 16:29:42 +02:00
Cristiano Maruti
4846a680db
modified according to jvazquez-r7 feedback
2013-06-20 16:19:43 +02:00
Cristiano Maruti
8e64bf3d16
modified according to jvazquez-r7 feedback
2013-06-20 16:15:28 +02:00
jvazquez-r7
6319f041df
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-20 08:21:40 -05:00
Cristiano Maruti
a5332e5ed2
Module was updated to support WebSphere AS running seam-2.
...
msf auxiliary(jboss_seam_exec) > run
[*] Found right index at [0] - getRuntime
[*] Index [1]
[*] Index [2]
[*] Index [3]
[*] Index [4]
[*] Index [5]
[*] Found right index at [6] - exec
[*] Index [7]
[*] Index [8]
[*] Index [9]
[*] Index [10]
[*] Index [11]
[*] Index [12]
[*] Index [13]
[*] Index [14]
[*] Index [15]
[*] Index [16]
[*] Index [17]
[*] Index [18]
[*] Index [19]
[*] Index [20]
[*] Index [21]
[*] Index [22]
[*] Index [23]
[*] Index [24]
[*] Target appears VULNERABLE!
[*] Sending remote command:pwd
[*] Exploited successfully
[*] Auxiliary module execution completed
2013-06-20 12:17:07 +02:00
Steve Tornio
55312529d2
add osvdb ref 94417
2013-06-19 23:13:45 -05:00
jvazquez-r7
a01f0c4671
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-19 09:34:51 -05:00
sinn3r
90cad4b7fb
Land #1980 - Canon Printer Wireless Configuration Disclosure
2013-06-18 19:09:38 -05:00
sinn3r
abc3951ca2
Final touchup
2013-06-18 19:08:42 -05:00
sinn3r
6168eb7590
Land #1981 - Canon Wireless Printer Denial of Service
2013-06-18 19:04:48 -05:00
sinn3r
7d15dc379d
Make msftidy happy
2013-06-18 19:04:03 -05:00
Matt Andreko
0533ca68dc
Added DoS result checking
...
Lowered the http timeout
2013-06-18 19:48:21 -04:00
Matt Andreko
8c28631d4b
Fixed the date format
...
Removed the rport option
These are items that were code-review for my other related module, so
I figured they should be done here too
2013-06-18 12:17:50 -04:00
Matt Andreko
7f1a913bdc
Code Review Feedback from wchen
...
Fixed the disclosure date format
Removed the rport option
Added a call to report_note to store the data
2013-06-18 12:13:19 -04:00
jvazquez-r7
9e3053f24d
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-18 10:00:44 -05:00
jvazquez-r7
aa134b0bcc
Land #1973 , @wchen-r7's fix to handle ftp auth correctly
2013-06-18 09:34:55 -05:00
jvazquez-r7
2b46828d9c
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-18 08:27:18 -05:00
jvazquez-r7
6c2d99c2bc
Land #1972 , @wchen-r7's patch for [FixRM:#4704]
2013-06-17 23:17:22 -05:00
jvazquez-r7
ae1a3e3ca1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-17 20:39:31 -05:00
Tod Beardsley
4ca9a88324
Tidying up grammar and titles
2013-06-17 16:49:14 -05:00
Matt Andreko
d877e4d489
Added CVE and disclosure date
2013-06-17 17:41:50 -04:00
Matt Andreko
df8c80e3d1
Added CVE and disclosure date
2013-06-17 17:40:36 -04:00
sinn3r
163d3e771b
Handle connect_login return value properly
...
Some modules ignore connect_login's return value, which may result
an EOF if send_cmd() is used later on. All the modules fixed are
the ones require auth according to the module description, or
CVE/vendor/OSVDB info.
2013-06-17 15:48:34 -05:00
sinn3r
8bdd89f68b
[FixRM:#4704] - Fix EOFError in filezilla_server_port
...
If login fails, the module shouldn't continue sending commands to
the server, otherwise this causes an EOF.
2013-06-17 14:24:01 -05:00
jvazquez-r7
1b456ab511
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-17 08:46:16 -05:00
jvazquez-r7
fed6427f16
Land #1884 , @morrisson's saprouter port scanner module
2013-06-17 08:38:10 -05:00
jvazquez-r7
2e201bb2a3
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-16 15:19:36 -05:00
jvazquez-r7
d20f72a9fd
Fix indentation
2013-06-16 15:18:19 -05:00
jvazquez-r7
3cd94f5025
Do final cleanup for infovista_enum
2013-06-16 11:50:40 -05:00
Matt Andreko
fd026c5b34
Added References and Disclosure Date
2013-06-15 18:31:20 -04:00
Matt Andreko
3923bbeee9
Update
2013-06-15 18:28:58 -04:00
Matt Andreko
0494ac9218
Added Canon Wireless Printer DoS module
2013-06-15 18:23:04 -04:00
jvazquez-r7
11bf17b0d6
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-15 11:55:22 -05:00
Bruno Morisson
852fc33c13
Added feedback, cleanup, and simplified modes
2013-06-15 17:16:10 +01:00
KarnGaneshen
ba59434261
added infovista module
2013-06-15 17:16:26 +05:30
jvazquez-r7
7a11077834
Land #1923 , @juushya's module for rfcode brute forcing
2013-06-14 13:36:14 -05:00
jvazquez-r7
ae027a9efb
Final cleanup for rfcode_reader_enum
2013-06-14 13:09:48 -05:00
jvazquez-r7
1172b59bb7
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-13 18:22:41 -05:00
jvazquez-r7
fd74390952
Clean monkey_headers
2013-06-13 18:07:35 -05:00
sinn3r
73aff97053
Land #1950 - Monkey HTTPD Header Parsing Denial-of-Service
...
This is the reviewed/updated version of pull request #1950 . We're
landing this one instead because the other one has a lot of
unnecessary commit messages.
2013-06-13 15:56:34 -05:00
jvazquez-r7
6fbb782ada
Clean sap_router_portscanner
2013-06-13 10:08:44 -05:00
KarnGaneshen
6188df1b3a
added note :type - Info. This is mandatory field for report_note. also, vprint statements seem to be adding an extra space with a hyphen. kinda make print dis-aligned than other regular print_* statements. changed -> to -, removed ' from '#{user/pass}'. works fine. msftidy check. module load check. pcap taken.
2013-06-13 14:03:55 +05:30
jvazquez-r7
0b9cf213df
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-12 12:03:10 -05:00
KarnGaneshen
871f1b7c1f
updated prints with ip-port reference. msftidy check. module load check. go rf reader..
2013-06-12 00:53:58 +05:30
KarnGaneshen
736bf120d9
added sname in report data, corrected :host to rhost, :port to rport. msftidy check. module load check. upping it.
2013-06-12 00:25:50 +05:30
jvazquez-r7
0578572d98
Change sevone_enum because it's an Scanner
2013-06-11 08:51:15 -05:00
KarnGaneshen
5c078f5139
added report_note to store collected info. removed register rport for 80t. msftidy & module load checked. pushing it up.
2013-06-11 12:57:26 +05:30
jvazquez-r7
c641184e37
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-10 13:30:36 -05:00
jvazquez-r7
0c6dbe9885
Add final cleanup for sevone_enum
2013-06-10 13:16:22 -05:00
jvazquez-r7
6765a911a4
Land #1921 , @juushya brute force login module for SevOne
2013-06-10 13:15:14 -05:00
sinn3r
622dc27d95
Land #1925 - fix SNMP enum module failing to catch some fail cases
...
[FixRM:#7945]
2013-06-10 12:51:02 -05:00
KarnGaneshen
72a9c8612b
setting rfcode_reader_enum straight. more updates.
2013-06-10 22:57:00 +05:30
jvazquez-r7
b20a38add4
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-10 12:22:52 -05:00
KarnGaneshen
5c988d99fe
more updates to sevone.rb. hopefully all is covered..
2013-06-10 21:59:18 +05:30
KarnGaneshen
04171c46ec
more updates to sevone.rb. hopefully all is covered.
2013-06-10 21:47:56 +05:30
Tod Beardsley
f58e279066
Cleanup on module names, descriptions.
2013-06-10 10:52:22 -05:00
jvazquez-r7
51a2bb77b0
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-10 09:33:19 -05:00
jvazquez-r7
3fbbe3e7b3
Make msftidy happy
2013-06-10 08:16:15 -05:00
jvazquez-r7
3c05cf4382
Land #1842 , @viris DoS module for cve-2013-0229
2013-06-10 08:15:45 -05:00
Dejan Lukan
154894bda6
Added comments and merged jvazquez-r7-miniupnp_dos_clean branch.
2013-06-10 10:18:26 +02:00
Karn Ganeshen
ffa18d413f
Updated rfcode_reader_enum.rb ...
...
Updated as per review comments.
Removed loot of network configuration.
Used JSON.parse to bring cleaner loot output
Changed some print_goods to vprint_status
Changed if not to unless
2013-06-08 03:21:43 +05:30
Karn Ganeshen
74bddcf339
Update sevone_enum.rb
...
New updates as per review comments
2013-06-08 02:28:09 +05:30
Karn Ganeshen
1ca8fd2cf1
Update sevone_enum.rb
...
Updated as per initial review comments.
2013-06-08 01:14:43 +05:30
Karn Ganeshen
eb0ae6ed27
Update rfcode_reader_enum.rb
...
Updated as per review comments
2013-06-08 01:00:18 +05:30
Thomas Ring
2bb0bd504c
Makign changes recommended in redmine 7945 to fix SNMP enum module failing to catch some fail cases
2013-06-07 13:55:59 -05:00
Karn Ganeshen
6b8e6b3f0c
Create rfcode_reader_enum.rb
...
Adding new aux - RFCode Reader Web interface Login Brute Force & Config Capture Utility
2013-06-07 23:53:09 +05:30
Karn Ganeshen
fcc600aa3e
Create sevone_enum.rb
...
Adding new aux - SevOne Network Performance Management System application version enumeration and brute force login Utility
2013-06-07 23:39:22 +05:30
jvazquez-r7
9c27a294cb
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-07 13:01:37 -05:00
James Lee
0302437c2b
Land #1915 , smtp user enumeration enhancements
2013-06-07 11:42:41 -05:00
Thomas Ring
8cf5b548c3
make recommended changes
2013-06-06 14:23:25 -05:00
Thomas Ring
067899341e
fix a number of issues with the existing module (slowness, false positives, false negatives, stack traces, enumering unix users on windows systems, etc)
2013-06-06 13:26:04 -05:00
jvazquez-r7
ec52795182
Clean for miniupnp_dos.rb
2013-06-06 11:19:26 -05:00
jvazquez-r7
e5a17ba227
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-05 09:41:23 -05:00
sinn3r
a3b25fd7c9
Land #1909 - Novell Zenworks Mobile Device Managment exploit & auxiliary
2013-06-05 02:45:45 -05:00
sinn3r
307773b6a1
Extra space - die!
2013-06-05 02:44:56 -05:00
sinn3r
0c1d46c465
Add more references
2013-06-05 02:43:43 -05:00
sinn3r
5d90c6cd71
Make msftidy happy
2013-06-05 02:11:23 -05:00
sinn3r
ca5155f01d
Final touchup novell_mdm_creds
2013-06-05 02:08:55 -05:00
sinn3r
a5a3f40394
Report auth info
2013-06-05 02:06:32 -05:00
steponequit
ed4766dc46
initial commit of novell mdm modules
2013-06-04 09:20:10 -07:00
Dejan Lukan
2fe704ce38
Deleted undeeded comments and spaces.
2013-06-04 09:00:53 +02:00
jvazquez-r7
4079484968
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-03 15:27:36 -05:00
William Vu
055e0a222c
Land #1902 , OSVDB reference for memcached
2013-06-03 14:57:43 -05:00
Tod Beardsley
4cf682691c
New module title and description fixes
2013-06-03 14:40:38 -05:00
sinn3r
b087951118
Add OSVDB reference 92867 for Memcached DoS module
2013-06-03 12:41:33 -05:00
sinn3r
116e2bb418
Landing #1782 - Added Memcached Remote Denial of Service module
2013-06-03 12:30:37 -05:00
sinn3r
3d9dcbf5bd
Add a check to see if the host is down
2013-06-03 12:26:57 -05:00
Dejan Lukan
217b263af7
Moved the module to different location and make it msftidy.rb compliant.
2013-06-03 10:35:10 +02:00
CG
571b62d19d
svn scanner added print_good and rport
2013-06-02 18:05:11 -04:00
jvazquez-r7
3a360caba1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-31 19:03:21 -05:00
Bruno Morisson
d318c1cd22
included feedback
2013-06-01 00:31:06 +01:00
sinn3r
e99401ea82
Landing #1817 - couchdb login module
2013-05-31 16:04:10 -05:00
sinn3r
a88321c700
Final touchup
2013-05-31 16:03:30 -05:00
sinn3r
483b5e204f
Missing the header
2013-05-31 16:00:36 -05:00
sinn3r
e398025a7f
I don't think what fails really matters.
2013-05-31 15:59:40 -05:00
Bruno Morisson
d03379f1c6
changed 2 vprint_error to print_error
2013-05-30 11:54:42 +01:00
Roberto Soares Espreto
07203568bd
Performed changes to the correct operation of the module.
2013-05-29 20:50:28 -03:00
Bruno Morisson
612eabd21a
added sap_router_portscanner module
2013-05-29 23:36:53 +01:00
jvazquez-r7
9d91596e46
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-29 16:21:32 -05:00
Tod Beardsley
10d8bebe73
Start with a random username to test 401 codes
...
SeeRM #7991
While this fixes the specific case of tomcat_mgr_login, it doesn't
address the general case where modules are attempting to test code 401
responses in order to determine if bruteforcing should continue.
2013-05-29 12:36:28 -05:00
jvazquez-r7
aa688c4313
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-29 10:47:04 -05:00
Samuel Huckins
f0e3b0c124
Merge pull request #1836 from dmaloney-r7/bug/anyuser_anypass_http
...
Verified MSF specs passing, Pro on develop functional tests working (ran Bruteforce, saw normal and verbose output concerning that bruteforce was skipped for such a case and why, verified no cred saved with 'anyuser' user).
2013-05-29 07:44:18 -07:00
jvazquez-r7
6401d557fd
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-28 19:57:16 -05:00
jvazquez-r7
a486fff9a4
Land #1872 , @wchen-r7's improvement of cold_fusion_version
2013-05-28 16:35:45 -05:00
jvazquez-r7
96888455a7
Add new signature for CF9
2013-05-28 16:04:08 -05:00
jvazquez-r7
66ea59b03f
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-28 15:22:46 -05:00
sinn3r
deea66b76f
Landing #1871 - fix an undefined variable bug in the DTP module
2013-05-28 15:13:20 -05:00
sinn3r
b9969a8b2b
Landing #1855 - Updates for coldfusion_pwd_props for CF9 by ringt
2013-05-28 14:43:09 -05:00
sinn3r
0ecffea66f
Updates fingerprint() for CF10
2013-05-28 14:42:11 -05:00
sinn3r
a6a46f82bb
Updates the description a little bit
2013-05-28 14:31:56 -05:00
sinn3r
e4e5edc619
Looks like we don't need to check MD5, let's keep it that way then.
2013-05-28 14:31:15 -05:00
sinn3r
8ab90e657c
Adds a check for Cold Fusion 10
2013-05-28 14:21:29 -05:00
Spencer McIntyre
3857507d73
fix an undefined variable bug in the DTP module
2013-05-28 14:52:58 -04:00
sinn3r
d16d316658
Fixes mssql_findandsampledata & ms11_006_creat esizeddibsection
...
[FixRM:7987]
[FixRM:7986]
2013-05-28 11:15:17 -05:00
Matt Andreko
5695994432
Added module to enumerate Canon printer Wifi settings
2013-05-27 18:02:37 -04:00
jvazquez-r7
094a5f1b18
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-26 16:03:33 -05:00
darknight007
6f2ddb3704
Update mssql_findandsampledata.rb
2013-05-25 11:33:57 +05:00
Matt Andreko
ea7805d3c8
Fixed a bug in the HSTS module around null headers
2013-05-23 15:02:39 -04:00
jvazquez-r7
8e41ae3454
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-23 10:59:40 -05:00
sinn3r
8680aa8952
Landing #1857 - MS12-020 off-by-one fix
2013-05-22 22:57:08 -05:00
jvazquez-r7
0dee5ae94d
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-22 12:54:44 -05:00
John Sherwood
d028f52dbd
Fix broken ms12-020 vulnerability detection
...
The previous version of the script had an off-by-one error that prevented
proper detection of the vulnerability. Changes made in this revision
include:
- Correction of the off-by-one error
- Use of match instead of == to check for valid RDP connection
- Change of the channel requests to use IDs actually provided by
the responses from the server
2013-05-22 00:08:25 -04:00
ringt
54eeb8f000
Adding new version...old version does not work in windows, doesnt fingerprint, and a few other minor things
2013-05-21 13:13:21 -05:00
dmaloney-r7
ee28a3a8d7
Update http_login.rb
...
add parens around conditional to make bikeshed prettier
2013-05-21 11:28:23 -05:00
James Lee
f4498c3916
Remove $Id tags
...
Also adds binary coding magic comment to a few files
2013-05-20 16:21:03 -05:00
jvazquez-r7
0f3b13e21d
up to date
2013-05-16 15:02:41 -05:00
jvazquez-r7
d9bdf3d52e
Do final cleanup for sap_smb_relay
2013-05-16 14:25:10 -05:00
jvazquez-r7
9dd582c526
Land #1656 , @nmonkee's module for SMB Relay attacks against SAP
2013-05-16 14:23:39 -05:00
jvazquez-r7
947735bd25
up to date
2013-05-16 11:26:50 -05:00
jvazquez-r7
c21035c0b9
Add final cleanup for sap_ctc_verb_tampering_user_mgmt
2013-05-16 10:42:09 -05:00
jvazquez-r7
7823df0478
Change module filename
2013-05-16 10:41:25 -05:00
jvazquez-r7
f3f0272395
Land #1652 , @nmonkee's SAP CTC Verb Tampering for User Mgmt module
2013-05-16 10:40:17 -05:00
David Maloney
4503a7af50
Don't save creds of anyuser:anypass
...
If http accepts any user and any pass, it's not a real auth
there is no reason to create cred objects for this.
These creds have been confusing our users
2013-05-16 10:25:32 -05:00
nmonkee
11286630d5
modifications to CLBA_ SOAP requests to fix XML kernel processor error
2013-05-16 11:24:29 +01:00
jvazquez-r7
8a18853dfa
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-15 21:35:59 -05:00
jvazquez-r7
c82bb73347
Avoid super verbose output
2013-05-15 17:45:37 -05:00
jvazquez-r7
011b0bb741
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-15 09:07:47 -05:00
jvazquez-r7
649a8829d3
Add modules for Mutiny vulnerabilities
2013-05-15 09:02:25 -05:00
jvazquez-r7
c410a54d44
Merge SAP SMB Relay abuses in just one module
2013-05-14 20:53:08 -05:00
jvazquez-r7
357ef001cc
Change module filename
2013-05-14 20:52:33 -05:00
jvazquez-r7
83f1418f28
up to date
2013-05-14 14:48:58 -05:00
jvazquez-r7
07b3355a17
Merge branch 'sap_ctc_verb_tampering_add_user_and_add_role' of https://github.com/nmonkee/metasploit-framework
2013-05-14 13:47:39 -05:00
jvazquez-r7
b9caa23b30
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-14 12:26:23 -05:00
Roberto Soares Espreto
3d7c9a9a06
Changed the path from TARGETURI
2013-05-14 00:11:40 -03:00
sinn3r
5e997aaf80
Landing #1816 - lists essential information about CouchDB
2013-05-13 16:46:20 -05:00
sinn3r
cba045a604
Make additional changes to the module
2013-05-13 16:42:33 -05:00
Tod Beardsley
e3384439ed
64-bit, not '64 bits'
2013-05-13 15:40:17 -05:00
jvazquez-r7
1d755eb705
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-13 12:49:32 -05:00
jvazquez-r7
e71e0c1c28
Land #1822 , @wchen-r7's module for Coldfusion HTP disclosed exploit
2013-05-13 12:41:54 -05:00
jvazquez-r7
f04ca17bb9
Fix default action
2013-05-13 11:56:02 -05:00
jvazquez-r7
5b64379553
Add Coldfusion 9 target, OSVDB ref and review
2013-05-13 11:55:11 -05:00
sinn3r
60299c2adb
Add EDB-25305 - That ColdFusion 10 sub0 0day stuff
...
This is just an aux module that extract passwords from
password.properties. Yes, this can leverage a shell too, but
obviously that's best implemented in #1737 , or as a new exploit.
We'll see.
2013-05-12 21:23:53 -05:00
jvazquez-r7
51a532e8b4
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-12 17:39:58 -05:00
jvazquez-r7
feac292d85
Clean up for dlink_dsl320b_password_extractor
2013-05-12 17:35:59 -05:00
jvazquez-r7
ee46771de5
Land #1799 , @m-1-k-3's auth bypass module for Dlink DSL320
2013-05-12 17:34:08 -05:00
Roberto Soares Espreto
a94d078bfd
Added the statement return to condition: if res.nil?
2013-05-11 00:59:05 -03:00
Roberto Soares Espreto
18ee9af59f
Added couchdb_enum.rb to list essential information about CouchDB
2013-05-10 23:18:48 -03:00
Roberto Soares Espreto
7a7f4a1727
Added couchdb_login.rb to try to brute-force credentials of CouchDB
2013-05-10 23:16:11 -03:00
jvazquez-r7
891e36c947
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-09 17:47:35 -05:00
jvazquez-r7
d37d211ecc
Fix short escape sequences error
2013-05-09 17:29:55 -05:00
jvazquez-r7
cf05602c6f
Land #1661 , @nmonkee's sap_soap_rfc_eps_get_directory_listing module
2013-05-09 16:46:13 -05:00
jvazquez-r7
b18a98259b
Modify default rport
2013-05-09 16:24:54 -05:00
jvazquez-r7
3e1d1a3f98
Land #1659 , @nmonkee's sap_soap_rfc_eps_delete_file module
2013-05-09 16:22:54 -05:00
nmonkee
53c08cd60f
fix incorrect printing typo
2013-05-09 21:37:04 +01:00
jvazquez-r7
ca41d859a9
up to date
2013-05-09 13:00:10 -05:00
jvazquez-r7
e711474654
Merge branch 'sap_soap_xmla_bw_smb_relay_' of https://github.com/nmonkee/metasploit-framework
2013-05-09 12:37:46 -05:00
jvazquez-r7
866fa167ab
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-08 16:29:52 -05:00
Tod Beardsley
4c75354a6a
Land #1786 , request_cgi instead of request_raw
...
Also some other small changes to modules, such as sensible defaults for
options.
2013-05-08 14:58:04 -05:00
m-1-k-3
e3582887cf
OSVDB, Base64
2013-05-07 08:28:48 +02:00
jvazquez-r7
a1d2680a17
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-06 23:24:21 -05:00
jvazquez-r7
fff8593795
Fix author name
2013-05-06 17:34:37 -05:00
jvazquez-r7
ad21a107ec
up to date
2013-05-06 15:48:59 -05:00
jvazquez-r7
fcb9dc1384
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-06 15:40:22 -05:00
jvazquez-r7
c84febb81a
Fix extra character
2013-05-06 15:19:15 -05:00
jvazquez-r7
92b4d23c09
Add Mariano as Author because of the abuse disclosure
2013-05-06 15:15:15 -05:00
jvazquez-r7
db243e78c8
Land #1682 , sap_router_info_request fix from @nmonkee
2013-05-06 15:13:57 -05:00
jvazquez-r7
85581a0b6f
Clean up sap_soap_rfc_eps_get_directory_listing
2013-05-06 13:21:42 -05:00
jvazquez-r7
1fc0bfa165
Change module filename
2013-05-06 13:20:07 -05:00
m-1-k-3
0f2a3fc2d4
dsl320b authentication bypass - password extract
2013-05-06 14:31:47 +02:00
jvazquez-r7
7b960a4f18
Add OSVDB reference
2013-05-06 00:54:00 -05:00
jvazquez-r7
a17062405d
Clean up for sap_soap_rfc_eps_delete_file
2013-05-06 00:53:07 -05:00
jvazquez-r7
5adc2879bf
Change module filename
2013-05-06 00:51:23 -05:00
jvazquez-r7
66a5eb74c5
Move file to auxiliary/dos/sap
2013-05-06 00:50:50 -05:00
jvazquez-r7
425a16c511
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-05 22:00:07 -05:00
HD Moore
63b0eace32
Add a missing require
2013-05-04 22:39:57 -05:00
jvazquez-r7
2384f34ada
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-03 15:39:16 -05:00
jvazquez-r7
589be270bf
Land #1658 , @nmonkee's SAP module for PFL_CHECK_OS_FILE_EXISTENCE
2013-05-03 14:19:36 -05:00
jvazquez-r7
9e1037bce0
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-02 16:15:28 -05:00
jvazquez-r7
b096449a97
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-02 15:12:19 -05:00
Tod Beardsley
7579b574cb
Rework parse_xml
...
We try to avoid using Nokogiri in modules due to the sometimes
uncomfortable dependencies it creates with particular compiled libxml
versions. Also, the previous parse_xml doesn't seem to be correctly
skipping item entries with blank names.
I will paste the test XML in the PR proper, but do check against a live
target to make sure I'm not screwing it up.
2013-05-02 14:43:30 -05:00
Tod Beardsley
902cd7ec85
Revert removal of the SAP module
...
This reverts commit 26da7a6ee7
.
2013-05-02 14:42:35 -05:00
Tod Beardsley
26da7a6ee7
Removing this from master due to test problems
...
This module was moved over to the unstable branch in commit
7106afdf7d
, working up a fix now. Stay
tuned.
2013-05-02 13:43:02 -05:00
jvazquez-r7
132c09af82
Add BID reference
2013-05-02 10:21:09 -05:00
jvazquez-r7
6e68f3cf34
Clean up sap_soap_rfc_pfl_check_os_file_existence
2013-05-02 10:19:15 -05:00
jvazquez-r7
244bf71d4a
Change module filename
2013-05-02 10:15:50 -05:00
jvazquez-r7
29d4e378aa
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-02 09:27:51 -05:00
jvazquez-r7
d9cdb6a138
Fix more feedback provided by @nmonkee: CMD vs COMMAND
2013-05-02 09:08:48 -05:00
jvazquez-r7
c6c7998e3b
Fix feedback provided by @nmonkee
2013-05-02 09:06:51 -05:00
jvazquez-r7
4db81923bf
Update description
2013-05-02 08:45:01 -05:00
jvazquez-r7
4054d91955
Land #1657 , @nmonkee's RZL_READ_DIR_LOCAL SAP dir listing module
2013-05-02 08:38:50 -05:00
jvazquez-r7
e25057b64a
Fix indent level
2013-05-01 22:01:36 -05:00
jvazquez-r7
c406271921
Cleanup sap_soap_rfc_rzl_read_dir
2013-05-01 21:51:06 -05:00
jvazquez-r7
98dd96c57d
Change module filename
2013-05-01 21:50:24 -05:00
jvazquez-r7
6b6b53240b
Fix SAP modules, mainly to make a better use of send_request_cgi
2013-05-01 14:06:53 -05:00
Gregory Man
76e70adcff
Added Memcached Remote Denial of Service module
...
https://code.google.com/p/memcached/issues/detail?id=192
2013-04-30 17:45:09 +03:00
jvazquez-r7
a7e4ba5015
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-30 08:32:24 -05:00
Meatballs
a2e59f79ad
Change table.print
2013-04-29 22:28:16 +01:00
Tod Beardsley
4227c23133
Add a reference for Safari module
2013-04-29 14:07:55 -05:00
Joe Vennix
431cba8f36
Update print_status labels.
2013-04-29 11:13:53 -05:00
Joe Vennix
c2a1d296a2
Rename DOWNLOAD_URI -> DOWNLOAD_PATH.
...
Conflicts:
modules/auxiliary/gather/apple_safari_webarchive_uxss.rb
2013-04-29 11:11:06 -05:00
Joe Vennix
55e0ec3187
Add support for DOWNLOAD_URI option.
...
* Fixes some comments that were no longer accurate.
Conflicts:
modules/auxiliary/gather/apple_safari_webarchive_uxss.rb
2013-04-29 11:10:19 -05:00
jvazquez-r7
a4632b773a
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-28 12:59:16 -05:00
Tod Beardsley
c27245e092
Touch descriptions for module and options
2013-04-26 13:05:16 -05:00
Joe Vennix
b4606ba60a
Remove unnecessary puts call.
2013-04-26 12:55:02 -05:00
Tod Beardsley
ca6d6fbc84
msftidy for whitespace
2013-04-26 12:44:11 -05:00
Tod Beardsley
16769a9260
Fixing path normalization
2013-04-26 12:40:24 -05:00
Joe Vennix
2fa16f4d36
Rewrite relative script URLs to be absolute.
...
* Adds rescue clauses around URI parsing/pulling
* Actually use the URI_PATH datastore option.
2013-04-26 11:25:20 -05:00
jvazquez-r7
2a41422276
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-25 20:24:17 -05:00
Meatballs
d0f2717b43
Fix single file
2013-04-26 00:55:10 +01:00
Meatballs
e2bf4882f0
Add domain join parse
2013-04-26 00:20:10 +01:00
Meatballs
235887ccb5
Finished
2013-04-25 23:25:05 +01:00
Meatballs
ba49252e45
Initial
2013-04-25 23:01:19 +01:00
Joe Vennix
993356c73e
Add safari webarchive uxss to framework as an aux module.
2013-04-25 11:14:16 -05:00
jvazquez-r7
7bf4aa317f
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-25 10:31:51 -05:00
jvazquez-r7
b67fcd3219
Add OSVDB ref to sap_configservlet_exec_noauth
2013-04-25 08:13:32 -05:00
jvazquez-r7
38e41f20fe
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-24 13:24:13 -05:00
sinn3r
cae30bec23
Clean up all the whitespace found
2013-04-23 18:27:11 -05:00
jvazquez-r7
96b66d3856
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-22 21:49:59 -05:00
jvazquez-r7
1529dff3f3
Do final cleanup for sap_configservlet_exec_noauth
2013-04-22 21:43:41 -05:00
jvazquez-r7
8c9715c2ed
Land #1751 , @andrewkabai's SAP Portal remote OS command exec
2013-04-22 21:41:53 -05:00
jvazquez-r7
5f5e772f7c
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-22 21:31:16 -05:00
sinn3r
a09b3b8023
Lands #1169 - Adds a check
...
[Closes #1169 ]
Conflicts:
modules/auxiliary/dos/http/apache_range_dos.rb
2013-04-22 15:50:15 -05:00
sinn3r
882b084cba
Changes the default action
2013-04-22 15:47:38 -05:00
sinn3r
7e28a4ddb0
Uses "ACTIONS" keys instead of datastore options
...
It's better to use ACTIONS instead of datastore in this case. Also,
did some cleanup.
2013-04-22 15:41:47 -05:00
Andras Kabai
79eb2ff62d
add EDB ID to references
2013-04-22 18:37:28 +02:00
Andras Kabai
15b06c43aa
sap_configservlet_exec_noauth auxiliary module
...
the final module was moved from my master branch to here because of the
pull request needs
2013-04-22 17:40:27 +02:00
Andras Kabai
b4f1f3efbb
remove aux module from master branch
2013-04-22 17:34:01 +02:00
Antoine
0115833724
SyntaxError fixes
2013-04-21 20:22:41 +00:00
jvazquez-r7
d1c5179b83
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-19 17:48:12 -05:00
Andras Kabai
49b055e5fd
make msftidy happy
2013-04-20 00:26:04 +02:00
Andras Kabai
e4d9c45ce9
remove unnecessary rank rating
2013-04-20 00:23:55 +02:00
jvazquez-r7
c7fcd6931a
Use vprint_error
2013-04-19 16:22:07 -05:00
Christian Mehlmauer
eaff87879e
added text
2013-04-19 22:03:05 +02:00
Christian Mehlmauer
a6be72b019
fixes for mediawiki aux module
2013-04-19 21:43:12 +02:00
Andras Kabai
763d1ac2f1
remove unnecessary option declaration
2013-04-19 21:42:28 +02:00
Andras Kabai
85932a2445
improve URI path and parameter handling
...
switch from PATH to TARGETURI datastore;
use normalize_uri to build uri;
use query in send_request_cgi to to prepare query string (instead of
vars_get that escapes the necessary semicolons)
2013-04-19 21:37:39 +02:00
jvazquez-r7
d4fa2ba96d
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-19 14:14:36 -05:00
Andras Kabai
c52588f579
remove Scanner mixin
...
remove Scanner mixin because this module is not a scanner modul
2013-04-19 20:28:44 +02:00
sinn3r
7fdf84ac45
Landing #1744 - Checks nil before using resp.headers['Server']
...
[Closes #1744 ]
2013-04-19 10:37:05 -05:00
jvazquez-r7
31586770a0
Added module for OSVDB 92490
2013-04-18 14:34:02 -05:00
Andras Kabai
8f76c436d6
SAP ConfigServlet OS Command Execution module
...
This module allows execution of operating system commands throug the
SAP ConfigServlet without any authentication.
2013-04-18 20:26:48 +02:00
RageLtMan
15c6df1482
Check for nil before calling on value
2013-04-18 00:32:37 -04:00
jvazquez-r7
cc35591723
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-15 17:43:15 -05:00
Tod Beardsley
a36c6d2434
Lands #1730 , adds a VERBOSE option checker
...
Also removes VERBOSE options from extant modules. There were only 5 of
them, and one was a commented option.
2013-04-15 15:32:56 -05:00
Tod Beardsley
29101bad41
Removing VERBOSE offenders
2013-04-15 15:29:56 -05:00
jvazquez-r7
ba7603e66c
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-09 17:34:23 +02:00
sinn3r
76d4538d2a
Merge branch 'master' of github.com:rapid7/metasploit-framework
2013-04-09 10:24:54 -05:00
sinn3r
1e258170dc
It's a filename, so not trying to match any single char
2013-04-09 10:20:52 -05:00
sinn3r
50cf039170
Merge branch 'cve-2013-1899-not-auth' of github.com:jhart-r7/metasploit-framework into jhart-r7-cve-2013-1899-not-auth
2013-04-09 10:19:15 -05:00
jvazquez-r7
79620ed660
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-09 17:12:16 +02:00
Tod Beardsley
ba86e14d43
Whitespace and caps fixes
2013-04-09 08:57:53 -05:00
jvazquez-r7
ef63a4f5cf
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-08 21:29:01 +02:00
jvazquez-r7
225342ce8f
final cleanup for sysax_sshd_kexchange
2013-04-08 20:28:37 +02:00
jvazquez-r7
5bc454035c
Merge remote-tracking branch 'origin/pr/1710' into landing-pr1710
2013-04-08 20:20:11 +02:00
Jon Hart
b1152d1567
Improve Postgres CVE-2013-1899 to detect unauthorized connections
2013-04-08 09:55:23 -07:00
jvazquez-r7
d65bf8bab9
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-08 18:19:41 +02:00
sinn3r
d24371eaff
Merge branch 'hp_imc_reportimgservlt_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_reportimgservlt_traversal
2013-04-08 10:18:30 -05:00
sinn3r
1b5c34db1a
Merge branch 'hp_imc_ictdownloadservlet_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_ictdownloadservlet_traversal
2013-04-08 10:17:19 -05:00
sinn3r
11253c8f3e
Merge branch 'hp_imc_faultdownloadservlet_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_faultdownloadservlet_traversal
2013-04-08 10:16:52 -05:00
Matt Andreko
f96baa7e7e
Code Review Feedback
...
made the CLIENTVERSION always include the "SSH-2.0-OpenSSH_5.1p1 " to trigger DoS
2013-04-08 10:58:35 -04:00
Matt Andreko
4c8e19ad1a
Added reference
...
Removed final debug print statement
2013-04-08 08:28:53 -04:00
jvazquez-r7
daba48035d
fix DEPTH description and basename
2013-04-05 11:05:46 +02:00
jvazquez-r7
b6edad1f1d
fix DEPTH description and basename
2013-04-05 11:04:43 +02:00
jvazquez-r7
d163e96d6a
fix DEPTH description and basename
2013-04-05 11:02:59 +02:00
jvazquez-r7
d823f724cd
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-04 22:16:35 +02:00
jvazquez-r7
30f44c3a24
final cleanup for dlink_dir_615h_http_login
2013-04-04 22:02:45 +02:00
jvazquez-r7
8f60d12e46
Merge branch 'dlink_login_dir_615H' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink_login_dir_615H
2013-04-04 22:01:49 +02:00
jvazquez-r7
b75d038fc2
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-04 21:54:36 +02:00
jvazquez-r7
7d1e9af728
final cleanup for dlink_dir_session_cgi_http_login
2013-04-04 21:41:42 +02:00
jvazquez-r7
0b9fe53919
module filename changed
2013-04-04 21:41:10 +02:00
jvazquez-r7
6ec6638568
Merge branch 'dlink_login_dir_300B_600B' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink_login_dir_300B_600B
2013-04-04 21:40:21 +02:00
jvazquez-r7
498a0dc309
final cleanup for dlink_dir_300_615_http_login
2013-04-04 21:15:22 +02:00
jvazquez-r7
cff70e41be
Merge branch 'dlink_login' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink_login
2013-04-04 21:14:56 +02:00
HD Moore
fe2b598503
Add the advisory URL
2013-04-04 10:22:31 -05:00
HD Moore
c8a6dfbda2
Add scanner module for the new PostgreSQL flaw
2013-04-04 10:19:47 -05:00
m-1-k-3
7b4cdf4671
make msftidy happy
2013-04-04 13:22:01 +02:00
m-1-k-3
78c492da20
is_dlink, more feedback included, msftidy
2013-04-04 13:18:32 +02:00
m-1-k-3
2f96a673cd
is_dlink, more feedback included
2013-04-04 13:17:45 +02:00
m-1-k-3
64f3e68310
is_dlink and some more feedback included
2013-04-04 13:01:18 +02:00
jvazquez-r7
89de9fdf22
cleanup for dlink_dir_300_615_http_login
2013-04-03 10:04:01 +02:00
jvazquez-r7
b4b3c82c86
delete space
2013-04-03 00:31:00 +02:00
jvazquez-r7
54120a2d3a
delete space
2013-04-03 00:30:24 +02:00
jvazquez-r7
85d9e3e9ee
delete space
2013-04-03 00:29:38 +02:00
jvazquez-r7
0b4eab2499
added module for ZDI-13-053
2013-04-03 00:24:11 +02:00
jvazquez-r7
018e147063
added module for ZDI-13-052
2013-04-03 00:22:38 +02:00
jvazquez-r7
dc17b4931c
added module for ZDI-13-051
2013-04-03 00:21:01 +02:00
jvazquez-r7
070fd399f2
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-03-31 20:23:08 +02:00