infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
45,750 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

1296 Commits (cf33f482a1fae6fff98978be21326beeccd7fd57)

Author SHA1 Message Date
g0tmi1k 4720d1a31e OCD fixes - Spaces 2017-07-14 08:46:59 +01:00
g0tmi1k 9309115627 OCD - Banner clean up 2017-07-14 08:19:50 +01:00
g0tmi1k fd843f364b Removed extra lines 2017-07-14 08:17:16 +01:00
g0tmi1k 67310fa96c print_status -> print_good. [When it is successful, show it!] 2017-07-14 00:09:35 +01:00
Pearce Barry 59de7d3635
Land #8671, Add a module for CVE-2017-7615 2017-07-12 14:58:02 -05:00
Pearce Barry 580219695a
Oof, missed the parens... 2017-07-12 13:52:59 -05:00
Pearce Barry aa22651340
Few style/spelling tweaks, nothing to see here... 2017-07-12 13:41:20 -05:00
Brent Cook 345407b0a4 Rex::Encoder::XDR conflicts with the XDR gem 2017-07-12 11:52:10 -05:00
jvoisin 263a42707e Fix a typo 2017-07-09 16:34:51 +02:00
jvoisin 8510cda5ae Implement @bcoles advices 2017-07-09 16:34:10 +02:00
jvoisin f10cf75ae0 Fix some stuff 2017-07-09 10:45:15 +02:00
jvoisin 5fe805aaca s/\t/ /g 2017-07-09 02:29:37 +02:00
jvoisin 968fa0c244 Add even more references 2017-07-09 02:27:54 +02:00
jvoisin ae930ae7c1 Add a module for CVE-2017-7615 2017-07-09 02:14:21 +02:00
Roman 38b1e56bbd negated wording regarding legacy auth 
According to the docs this variable means the opposite:
https://dev.mysql.com/doc/refman/5.5/en/mysql-command-options.html#option_mysql_secure-auth
OFF     ->      insecure
ON      ->      secure
 2017-07-03 14:29:07 +02:00
Brent Cook 07e7baebb8 sign my name 2017-06-25 14:59:01 -05:00
Brent Cook 7bc0dcea42 add ipv6 support for CHOST 2017-06-25 14:57:15 -05:00
Brent Cook 269597f994 add initial CHOST support 2017-06-24 18:57:43 -05:00
Brent Cook eee1eff034 improve resolve / add / delete logic 2017-06-24 18:36:01 -05:00
Brent Cook b36d56bed3 handle RXDomain on lookup failure 2017-06-24 18:10:50 -05:00
Brent Cook c8755a3a7a add pre-flight checks, log a lot more info 2017-06-24 12:32:15 -05:00
Brent Cook 8f3c470bb3 make usage more intuitive, remove weird defaults 2017-06-24 11:52:52 -05:00
Brent Cook 24c43b1822 reregister rhost 2017-06-22 18:33:19 -05:00
Brent Cook ca813e7a5c fix message formatting 2017-06-22 18:21:33 -05:00
Brent Cook 823260cc04 fix error message 2017-06-22 18:11:07 -05:00
Brent Cook 3cf722a45d use correct preqrequisites 2017-06-22 18:08:20 -05:00
Brent Cook 5e48a11e60 handle specific exceptions, update docs 2017-06-22 18:01:52 -05:00
Brent Cook 6a261b172f move from scanner to admin 2017-06-22 17:47:04 -05:00
Brendan Coles c811c6a8c0 Add PASS_FILE option 2017-05-28 23:26:51 +00:00
Brendan Coles 8fce94b3cd Add ScadaBR Credentials Dumper module 2017-05-28 01:24:53 +00:00
James Lee 4def7ce6cc
Land #8327, Simplify storing credentials 2017-05-18 16:49:01 -05:00
wchen-r7 8025eb573a Enforce check 
Because we are not able to get our hands on the hardware for testing,
and that this module may trigger a backtrace if the UDP server isn't
Moxa, we force check to make sure that doesn't happen.
 2017-05-16 16:43:22 -05:00
wchen-r7 2d7f7f9aec Pass msftidy 2017-05-16 15:05:12 -05:00
Patrick DeSantis 4a0535c2d0 add moxa credential recovery module 2017-05-16 10:21:44 -04:00
William Vu bee36ca90f Fix edge case 2017-05-11 16:22:21 -05:00
William Vu 68f13808e7 Fix msftidy warnings for the WNR2000 module 2017-05-11 16:16:10 -05:00
Jeffrey Martin a1efa30fa2
comments adjustments & enum better 2017-05-08 11:57:06 -05:00
Jeffrey Martin e2fe70d531
convert store_valid_credential to named params 2017-05-05 18:23:15 -05:00
Jeffrey Martin 63b6ab5355
simplify valid credential storage 2017-05-04 22:51:40 -05:00
darkbushido 81bcf2ca70 updating all LHOST to use the new opt type 2017-05-04 12:57:50 -05:00
William Vu 64452de06d Fix msf/core and self.class msftidy warnings 
Also fixed rex requires.
 2017-05-03 15:44:51 -05:00
Brent Cook a9857eb1c2
Land #8099, Aux module to launch instances in AWS 2017-04-14 14:12:10 -05:00
Javier Godinez 68e4b8a855 Updated user data param to load aggregator 2017-03-24 22:58:04 -07:00
William Webb e04f01ed6b
Land #7778, RCE on Netgear WNR2000v5 2017-03-23 15:34:16 -05:00
Javier Godinez 534ca8c5cb fix: URL encoding userdata 2017-03-18 21:52:49 -07:00
Javier Godinez 26d344a0ef Initial checkin of launch instances module 2017-03-18 21:52:49 -07:00
James Barnett 2631259919 Land #7973, Enable cert validation for Nexpose 
This PR enables connection to a Nexpose console using the
nexpose client gem.

It also allows you to connect using a trusted certificate
instead of simply overriding the SSL validation.
 2017-02-24 14:27:24 -06:00
Brent Cook 24151a9c27
Land #7753, Add auxiliary RomPager misfortune cookie authentication bypass 2017-02-17 18:07:15 -06:00
Jeffrey Martin cbfe18e4d7
use certificates in nexpose 2017-02-16 14:34:02 -06:00
Pedro Ribeiro d5845343bd Fix whitespace, thanks msftidy! 2017-01-30 10:15:20 +00:00
Pedro Ribeiro fd6e10bf26 Add CVE numbers 2017-01-30 10:03:13 +00:00
Louis Sato 1c6d7ee33e
additional changes for Nexpose XXE Arbitrary File Read 2017-01-25 10:29:58 -06:00
Brent Cook 836da6177f Cipher::Cipher is deprecated 2017-01-22 10:20:03 -06:00
Brent Cook f69b4a330e handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations 2017-01-22 10:20:03 -06:00
wchen-r7 b5f41b2915 Update advantech_webaccess_dbvisitor_sqli name 2017-01-18 11:09:52 -06:00
h00die c31d398549 more description 2017-01-16 09:46:56 -05:00
Pedro Ribeiro 6004caa475 fix whitespace 2017-01-05 01:58:16 +00:00
Pedro Ribeiro d95a3ff2ac made changes suggested 2017-01-04 23:02:10 +00:00
Pedro Ribeiro 9d3e90e8e5 cleanup 2017-01-02 17:32:38 +00:00
Pedro Ribeiro 4c29d23c8a further cleaning 2016-12-31 17:02:34 +00:00
Pedro Ribeiro 956602cbfe add final wnr2000 sploits 2016-12-31 16:49:05 +00:00
j91321 6c9e43f2ad Add fingerprinting of devices, change documentation 2016-12-30 23:52:29 +01:00
Pedro Ribeiro 870e8046b5 add sploits 2016-12-27 21:12:35 +00:00
William Vu a7debd09fd
Fix broken YouTube link in firetv_youtube 
Guess it's back to Epic Sax Guy. :-)
 2016-12-25 20:22:07 -06:00
William Vu 6bb0f3207d Add reboot action to chromecast_reset 2016-12-25 15:20:46 -06:00
wchen-r7 9325ef8d8f
Land #7573, Add WP Symposium Plugin SQLI aux mod to steal credentials 2016-12-01 14:56:30 -06:00
wchen-r7 6b5dba72d4 Update description 2016-12-01 14:55:16 -06:00
wchen-r7 64bc029106 Fix Ruby style 2016-12-01 14:53:55 -06:00
wchen-r7 90ec367a99 Add method to save creds to database 2016-12-01 14:52:51 -06:00
Cantoni Matteo f0b5b5a153 call store_loot once at the end 2016-11-28 20:28:36 +01:00
Brent Cook 60210f57e9
Land #7505, fixed some targets for cisco_asa_extrabacon 2016-11-27 22:19:45 -06:00
jjarmoc 8824cc990a Use Auxilliary Actions for different behaviors. 2016-11-26 13:04:04 -06:00
Cantoni Matteo fd11e7c4df modified it as recommended (@brandonprry) and added Module Documentation 2016-11-24 10:36:32 +01:00
Cantoni Matteo b3b89a57b5 Add WordPress Symposium Plugin SQL Injection module 2016-11-17 15:04:53 +01:00
wchen-r7 f50e609d12
Land #7556, Prevent psexec_command from dying when one host errors 2016-11-15 12:17:01 -06:00
wchen-r7 e5d3289c18 Fix name for exception 2016-11-15 12:14:58 -06:00
j91321 3fd3bbdfb6 Added comments, removed uneccesary code 2016-11-13 23:22:15 +01:00
j91321 b377cd8fa3 Allegrosoft rompager auth bypass auxiliary module 2016-11-13 10:39:26 +01:00
Dylan Davis a8a09261e1 Use files for rescue error, because left is not available 2016-11-11 21:49:06 -07:00
Jenna Magius db32c5fdcc msftidy whitespace fixes 2016-11-11 10:28:37 -07:00
Dylan Davis fddc2c221f Catch the specific exception. Include the error code in the error message. 2016-11-11 10:24:05 -07:00
Dylan Davis 69a4a327b8 Add begin-rescue blocks that prevent individual hosts from bailing out a threaded multi-host execution 2016-11-11 10:15:36 -07:00
William Vu 4eb42a9171
Fix broken ternary in phoenix_command 2016-11-07 00:12:04 -06:00
Tijl Deneut 92964c1f95 Update phoenix_command.rb 2016-11-06 21:22:54 +01:00
Tijl Deneut 2c2729f0b2 Update phoenix_command.rb 
Coded was messed up by MS Edge, don't use it :)
 2016-11-06 21:21:20 +01:00
Tijl Deneut 1b4409f950 Update phoenix_command.rb 
Style fix: replace "ractionport == nil ?" with "ractionport.nil?"

Is it OK? Did not find time to install and run rubocop ...
 2016-11-06 21:15:31 +01:00
Tijl Deneut 4ea9214466 Fixed a small bug 2016-11-06 16:20:55 +01:00
Jon Hart 5b810fae41
Update atg_client to identify responses that indicate the command was not understood 2016-11-04 10:12:02 -07:00
William Vu a651985b4f
Land #7498, Joomla account creation and privesc 2016-11-01 22:46:36 -05:00
William Vu f414db5d6d Clean up module 2016-11-01 22:46:28 -05:00
Pearce Barry 991a3fe448
Markdown docs added. 2016-10-28 17:38:00 -05:00
Jan Rude 971c8207bd Update telpho10_credential_dump.rb 
Code improvements suggested by @h00die
 2016-10-28 16:45:14 -05:00
Jan Rude c9574a4707 Update telpho10_credential_dump.rb 
output correction
 2016-10-28 16:44:52 -05:00
Jan Rude 05ee51a832 Update telpho10_credential_dump.rb 
do not write to stdout
 2016-10-28 16:44:40 -05:00
Jan Rude fb534a9e85 add telpho10_exploit 
telpho10 credential dump exploit
 2016-10-28 16:44:27 -05:00
Jeff 5eca6866f2 Fix failing versions, specify version explicitly 2016-10-28 16:24:06 -05:00
Filipe Reis 88a2a770a3 Update to have checks in place 
Add: added checks to the code
 2016-10-28 11:24:39 +01:00
Filipe Reis 88beea0c56 updating code 
Fix: changing to seggested fixes
 2016-10-27 14:30:59 +01:00
Filipe Reis 2851faefe8 Update module info 
Fix: removed info that didn't belong
 2016-10-27 03:11:38 +01:00
Filipe Reis e522d7f5a4 Fixing issues regarding travis checks 
Fix: EOL spaces;
 2016-10-27 02:50:20 +01:00