wchen-r7
14adcce8bf
Missed the HTTPUSERNAME fix
2016-05-27 18:37:04 -05:00
wchen-r7
61f9cc360b
Correct casing - should be HttpUsername and HttpPassword
2016-05-27 18:31:54 -05:00
wchen-r7
4dcddb2399
Fix #4885 , Support basic and form auth at the same time
...
When a module uses the HttpClient mixin but registers the USERNAME
and PASSWORD datastore options in order to perform a form auth,
it ruins the ability to also perform a basic auth (sometimes it's
possible to see both). To avoid option naming conflicts, basic auth
options are now HTTPUSERNAME and HTTPPASSWORD.
Fix #4885
2016-05-27 16:25:42 -05:00
Brent Cook
266d29ca4a
handle garbage better during probe
2016-05-23 22:28:31 -05:00
Brent Cook
a6020ca010
style fixes
2016-05-23 22:14:57 -05:00
Tijl Deneut
36a9ef83ab
Added phoenix_command.rb
2016-05-17 15:45:45 +02:00
wchen-r7
2edd6869fc
rm references key
2016-04-24 03:09:59 -05:00
wchen-r7
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
James Lee
1375600780
Land #6644 , datastore validation on assignment
2016-03-17 11:16:12 -05:00
James Lee
c21bad78e8
Fix some more String defaults
2016-03-16 14:13:18 -05:00
Christian Mehlmauer
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
Brent Cook
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
.
2016-03-07 13:19:55 -06:00
Brent Cook
44990e9721
Revert "change Metasploit4 class names"
...
This reverts commit 3da9535e22
.
2016-03-07 13:19:48 -06:00
Christian Mehlmauer
3da9535e22
change Metasploit4 class names
2016-03-07 09:57:22 +01:00
Christian Mehlmauer
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
Brent Cook
c7c0e12bb3
remove various module hacks for the datastore defaults not preserving types
2016-03-05 23:11:39 -06:00
wchen-r7
53ff3051e1
Land #6531 , NETGEAR ProSafe Network Management System 300 auth'd File Download
2016-02-26 10:53:16 -06:00
wchen-r7
bc050410a6
Allow max traversal depth as an option, and report cred
2016-02-26 10:52:30 -06:00
Pedro Ribeiro
5710c85a9e
Style changes
2016-02-23 15:15:57 +07:00
Brent Cook
3d1861b3f4
Land #6526 , integrate {peer} string into logging by default
2016-02-15 15:19:26 -06:00
Pedro Ribeiro
b64294abc9
Create file for CERT VU 777024 (auth download)
2016-02-04 07:57:48 +08:00
James Lee
47c0a3b4a7
Get some stragglers that had a different format
2016-02-01 16:21:10 -06:00
James Lee
8094eb631b
Do the same for aux modules
2016-02-01 16:06:34 -06:00
Christian Mehlmauer
484d57614a
remove re-registered ssl options
2016-01-22 09:54:52 +01:00
Jon Hart
283cf5b869
Update msftidy to catch more potential URL vs PACKETSTORM warnings
...
Fix the affected modules
2015-12-24 09:12:24 -08:00
Jon Hart
27a6aa0be1
Fix current msftidy warnings about PACKETSTORM vs URL
2015-12-24 09:05:02 -08:00
Jon Hart
3535cf3d18
Remove peer; included via HttpClient in lib/msf/core/exploit/mssql_sqli.rb
2015-12-24 07:51:12 -08:00
wchen-r7
cea3bc27b9
Fix #6362 , avoid overriding def peer repeatedly
...
def peer is a method that gets repeated a lot in modules, so we
should have it in the tcp mixin. This commit also clears a few
modules that use the HttpClient mixin with def peer.
2015-12-23 11:44:55 -06:00
wchen-r7
080ec26afb
Land #4489 , Update SMB admin modules to use Scanner & fixes
2015-12-08 14:49:26 -06:00
wchen-r7
7378e7b128
Do elog() when print_error()
2015-12-08 11:06:59 -06:00
wchen-r7
93a4fd0ee4
Minor edits
2015-12-02 15:43:11 -06:00
Christian Mehlmauer
581ea89f7f
fix nil error
2015-12-02 11:19:08 +01:00
Christian Mehlmauer
f06e4f3dbd
make this module work with other languages too
2015-12-02 11:14:10 +01:00
Christian Mehlmauer
1a4b91e33e
unzip backup file
2015-12-02 11:01:56 +01:00
Christian Mehlmauer
217374d1c0
add limesurvey file download
2015-12-02 00:06:13 +01:00
HD Moore
e107ec2d17
Change fail to fail_with, fix typo
2015-11-17 13:30:46 -06:00
HD Moore
74f6ff7752
Rename to atg_client to match conventions
2015-11-17 12:59:37 -06:00
Jon Hart
c914c7b22c
Completely remove SET_TIME
2015-11-13 12:28:23 -08:00
Jon Hart
ab3ae675ff
Hide TIME option since SET_TIME is not implemented
2015-11-13 12:26:42 -08:00
Jon Hart
ad22eb8444
More cleanup
2015-11-13 12:24:28 -08:00
Jon Hart
045bab052e
Add configurable timeout
2015-11-13 12:18:40 -08:00
Jon Hart
6e9afc38ee
print_good when we get something
2015-11-13 12:12:37 -08:00
Jon Hart
196a88c39a
Style nit
2015-11-13 12:06:00 -08:00
Jon Hart
0cfa67f58f
Stub out more of the set time, but disable it
2015-11-10 22:00:02 -08:00
Jon Hart
c98ab1dad4
update SET_TANK_NAME opt to mention necessary opts
2015-11-10 21:49:40 -08:00
Jon Hart
de570a1550
Improve output when setting tank names
2015-11-10 21:41:05 -08:00
Jon Hart
0762b9fa9b
Fix option formatting
2015-11-10 21:24:58 -08:00
Jon Hart
637e570b28
Add TLS-250 reference
2015-11-10 21:21:55 -08:00
Jon Hart
e67057a5c9
Add great TLS-350 resource
2015-11-10 21:19:37 -08:00
Jon Hart
8dd6003cc2
Add several untested but likely OK TLS-350 commands
2015-11-10 21:18:27 -08:00
Jon Hart
d00eba23f9
Update references
2015-11-10 21:02:37 -08:00
Jon Hart
143ac47484
Minor style cleanup
2015-11-10 14:47:12 -08:00
Jon Hart
dac7738f29
Clean up description; add more refs
2015-11-10 14:43:06 -08:00
Jon Hart
4f4e4c734a
Handle ATGs w/ > 10 tanks, more strict
2015-11-10 14:36:59 -08:00
Jon Hart
7c9b85551b
Support for setting ATG tank names
2015-11-10 14:24:11 -08:00
Jon Hart
9def67831c
Better printing
2015-11-10 13:20:45 -08:00
Jon Hart
97caf1d084
Add preliminary module for interacting with Veeder-Root ATGs
2015-11-10 13:15:08 -08:00
Jon Hart
15eb135295
Resolve merge conflicts
2015-11-09 18:15:40 -08:00
dmohanty-r7
a71d7ae2ae
Land #6089 , @jvazquez-r7 Fix HTTP mixins namespaces
2015-11-05 16:56:41 -06:00
William Vu
f8a39ecc21
Land #6145 , better RPC exception handling
2015-10-30 13:25:52 -05:00
wchen-r7
1805774b16
Resolve #6020 , Better RPC exception handling
...
Resolve #6020 . Avoid trying to rescue RuntimeError.
2015-10-28 11:16:44 -05:00
wchen-r7
e7d6493311
Replace links
2015-10-28 10:45:02 -05:00
wchen-r7
154fb585f4
Remove bad references (dead links)
...
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
jvazquez-r7
28ca34c40a
Fix conflicts
2015-10-16 15:38:59 -05:00
jvazquez-r7
4517270627
Fix modules using Msf::HTTP::JBoss
2015-10-15 11:49:15 -05:00
jvazquez-r7
cf9ddbb701
Update moduels using Msf::HTTP::Wordpress
2015-10-15 11:47:13 -05:00
jvazquez-r7
db5d83a40a
Move namespaces
2015-10-15 09:17:06 -05:00
Brent Cook
dea0142da1
catch network exceptions
2015-10-02 18:26:37 -05:00
William Vu
55895c6305
Fix nil bug in mssql_idf
2015-10-02 18:20:06 -05:00
jvazquez-r7
1f26ec1252
Land #6018 , @pedrib's module for Kaseya VSA ZDI-15-448
2015-10-02 08:58:43 -05:00
Pedro Ribeiro
d334dc237f
Update kaseya_master_admin.rb
2015-10-02 13:21:28 +01:00
jvazquez-r7
1b21cd9481
Do code cleanup
2015-10-01 13:37:18 -05:00
William Vu
2e2d27d53a
Land #5935 , final creds refactor
2015-10-01 00:25:14 -05:00
Pedro Ribeiro
8af5a8e310
Create exploit for Kaseya privilege escalation
2015-09-29 11:51:21 +01:00
jvazquez-r7
c85913fd12
Land #5983 , @jhart-r7's SOAP PortMapping UPnP auxiliary module
2015-09-26 15:47:04 -05:00
jvazquez-r7
f6f3efea75
print the body as verbose
2015-09-25 13:51:18 -05:00
jvazquez-r7
80c9cd4e6f
Restore required option
2015-09-25 13:41:27 -05:00
jvazquez-r7
e4e9609bc2
Use single quotes
2015-09-25 13:35:38 -05:00
jvazquez-r7
a5698ebce0
Fix metadata
2015-09-25 13:34:16 -05:00
Jon Hart
0113cbd353
Nokogiri::XML::Builder instead
2015-09-16 19:53:33 -07:00
wchen-r7
cf6d5fac2a
Use the latest cred API, no more report_auth_info
2015-09-04 13:43:15 -05:00
wchen-r7
d55757350d
Use the latest credential API, no more report_auth_info
2015-09-04 03:04:14 -05:00
Jon Hart
9a2696aed4
Add Reference
2015-08-31 12:03:17 -07:00
Jon Hart
c14cae1425
Make INTERNAL_PORT optional, allowing DELETE to work
2015-08-31 11:30:18 -07:00
Jon Hart
44813370d5
Better name, description and author
2015-08-31 10:42:50 -07:00
Jon Hart
8665134691
Add add/delete action. update logging. rename module again
2015-08-31 10:22:36 -07:00
Jon Hart
436910b25f
Clean up map description
2015-08-28 15:49:29 -07:00
Jon Hart
e6e05814d0
Use an OptAddress instead, revert back to client name
2015-08-28 15:43:04 -07:00
Jon Hart
66616eeb95
Remove unused
2015-08-28 15:38:23 -07:00
Jon Hart
35555f5f24
Make most everything configurable and provide useful output
2015-08-28 15:36:49 -07:00
Jon Hart
13dd8222ec
Expose lease duration as an option
2015-08-28 15:22:19 -07:00
Jon Hart
d57041136f
Use random port mapping description
2015-08-28 15:09:58 -07:00
Jon Hart
840be71683
Add support for specifying protocol
...
UDP is fun too. Are there others?
2015-08-28 14:53:41 -07:00
Jon Hart
45fde928fc
More minor style cleanup
2015-08-28 14:49:57 -07:00
Jon Hart
ba95a7d2ac
Convert to using HttpClient
2015-08-28 14:47:13 -07:00
Jon Hart
a0aaf93f27
Relocate module to more correct location
2015-08-28 14:20:33 -07:00
wchen-r7
91fc213ddf
More metasploit-credential update
2015-07-23 15:50:50 -05:00
wchen-r7
4561850055
Use metasploit-credential API instead of report_auth_info
2015-07-22 01:11:43 -05:00
Tod Beardsley
4cacbcc4f7
Minor fixups on sysaid modules
...
Edited modules/auxiliary/admin/http/sysaid_file_download.rb first landed
in #5472 , @pedrib's module for SysAid CVE-2015-2996 and CVE-2015-2997
Edited modules/auxiliary/admin/http/sysaid_sql_creds.rb first landed in
2015-07-20 16:19:21 -05:00
jvazquez-r7
29718ce4e1
Land #5474 , @pedrib's module for sysaid CVE-2015-2996 and CVE-2015-2998
...
* sysaid SQL database cred disclosure
2015-07-17 12:36:48 -05:00
jvazquez-r7
a54b58fc24
Fix port parsing and cleanup
2015-07-17 12:34:46 -05:00
jvazquez-r7
869ac87b64
Land #5472 , @pedrib's module for SysAid CVE-2015-2996 and CVE-2015-2997
...
* SysAid arbitrary file download
2015-07-17 11:46:00 -05:00
jvazquez-r7
9ac1688eb1
Do code cleanup
2015-07-17 11:45:28 -05:00
jvazquez-r7
ca38fc5518
Update description
2015-07-17 11:08:28 -05:00
Pedro Ribeiro
50a3a32bfd
Update sysaid_sql_creds.rb
2015-06-20 16:58:42 +01:00
Pedro Ribeiro
78c2f8a3a3
Update sysaid_sql_creds.rb
2015-06-20 16:57:34 +01:00
Pedro Ribeiro
11aca8b27a
Update sysaid_file_download.rb
2015-06-20 16:54:33 +01:00
Pedro Ribeiro
cf8008ed38
Update sysaid_admin_acct.rb
2015-06-20 16:52:13 +01:00
Pedro Ribeiro
7f35c3b4f5
Update sysaid_sql_creds.rb
2015-06-03 22:00:08 +01:00
Pedro Ribeiro
54bfe29527
Update and rename sysaid_file_ to sysaid_file_download.rb
2015-06-03 21:59:45 +01:00
Pedro Ribeiro
42e84cd7d5
Update sysaid_admin_acct.rb
2015-06-03 21:59:04 +01:00
Pedro Ribeiro
6683b86822
Create sysaid_sql_creds.rb
2015-06-03 21:46:48 +01:00
Pedro Ribeiro
72b7982e7a
Create sysaid_file_
2015-06-03 21:46:13 +01:00
Pedro Ribeiro
765077d741
Create sysaid_admin_acct.rb
2015-06-03 21:38:43 +01:00
Tod Beardsley
818dbf58f0
Adding an OSVDB number to the Netgear module
2015-05-28 14:37:39 -05:00
Tod Beardsley
95b5ff6bea
Minor fixups on recent modules.
...
Edited modules/auxiliary/admin/http/netgear_soap_password_extractor.rb
first landed in #5301 , @m-1-k-3's aux module to extract passwords from
Netgear soap interfaces
Edited modules/auxiliary/scanner/http/influxdb_enum.rb first landed in
Edited modules/auxiliary/scanner/http/title.rb first landed in #5333 ,
HTML Title Grabber
Edited modules/exploits/multi/browser/adobe_flash_uncompress_zlib_uaf.rb
first landed in #5401 , multi-platform CVE-2015-0311 - Flash uncompress()
UAF
Edited modules/exploits/unix/webapp/wp_revslider_upload_execute.rb first
landed in #5290 , Wordpress RevSlider Module
2015-05-26 17:00:10 -05:00
jvazquez-r7
04fa626eab
Save credentials as UNTRIED
2015-05-15 14:58:55 -05:00
jvazquez-r7
16c3bf91a1
Do code cleanup
2015-05-15 14:46:34 -05:00
m-1-k-3
0a4554a204
reporting included, extract device details
2015-04-28 13:01:51 +02:00
m-1-k-3
ce697ee44c
netgear soap password extractor
2015-04-27 17:56:30 +02:00
Christian Mehlmauer
0e186fa617
first fail_with fixes
2015-04-16 21:08:33 +02:00
Jon Cave
b2b7da2dc5
Fix spelling of Microsoft in module name
2015-04-10 11:09:16 +01:00
William Vu
831a59b10b
Fix whitespace
2015-04-08 16:09:28 -05:00
Tod Beardsley
52f1b95222
Add disclosure link
2015-04-08 16:07:33 -05:00
Tod Beardsley
7ed1655976
Adding module for R7-2015-01
...
Disclosure coming soon, will update this module with a pointer to the
correct reference.
2015-04-08 12:34:31 -05:00
jvazquez-r7
e729185804
Land #5051 , @nullbind's new options for mssql_enum_domain_accounts_sqli
2015-04-03 14:44:20 -05:00
jvazquez-r7
fe9fbfd157
Make calculations easier
2015-04-03 14:43:01 -05:00
root
4bd40fed7f
yard doc and comment corrections for auxiliary
2015-04-03 16:12:23 +05:00
nullbind
91aeef0a8a
added startrid and endrid
2015-04-01 10:09:13 -05:00
Tod Beardsley
d1318d1b48
Fixups for release
2015-03-31 11:02:12 -05:00
rastating
7a0fe05803
Add CVE-ID to module references
2015-03-24 22:30:43 +00:00
Christian Mehlmauer
7bf00f8f47
Land #4789 , @rastating WPLMS wordpress module
2015-03-24 20:46:38 +01:00
jvazquez-r7
8c3e39acf0
Land #4847 @rastating's module for WordPress WP EasyCart privilege escalation
2015-03-20 18:23:05 -05:00
jvazquez-r7
349d7cb9ee
Do minor cleanup
2015-03-20 18:20:45 -05:00
Scott Sutherland
00dbcc12ca
Removed imp_user var from escalate_privs func
2015-03-15 22:02:12 -07:00
nullbind
5bebabb005
fixed hardcoded username
2015-03-15 19:45:02 -05:00
rastating
3b21de3906
Add WPVDB reference
2015-02-26 13:37:23 +00:00
rastating
e2dfdd60c0
Update version range
2015-02-25 19:11:15 +00:00
rastating
242d3b8680
Add WP EasyCart privilege escalation module
2015-02-24 21:11:22 +00:00
rastating
61bdd58fbe
Fix required flag on options
2015-02-22 16:20:47 +00:00
rastating
37a55cce74
Abstracted version comparison code
2015-02-22 16:20:46 +00:00
rastating
31cdd757f6
Add WordPress WPLMS privilege escalation module
2015-02-22 16:20:46 +00:00
Tod Beardsley
71c5f622ca
Land #4775 , Kindle Fire TV Stick controller
2015-02-17 12:59:54 -06:00
William Vu
45b16c92b7
Prefer sleep
...
It's all the same, anyway.
2015-02-17 12:43:14 -06:00
Brent Cook
e08206d192
Land #4768 , jvazquez-r7 reorganizes the SMB mixins
2015-02-17 10:36:19 -06:00
William Vu
b4e2a50a6a
Really fix the bug
...
App is so slow. :(
2015-02-17 06:10:32 -06:00
William Vu
09239b37aa
Fix touchy YouTube app
...
It likes the previous video stopped before playing a new one.
2015-02-17 06:07:58 -06:00
William Vu
76e3539434
Add Amazon Fire TV YouTube remote control
2015-02-17 05:44:04 -06:00
William Vu
b3d301e960
Fix annoying double quotes
...
As much as I love them, the use here is inconsistent.
2015-02-17 05:12:28 -06:00
jvazquez-r7
0372b08d83
Fix mixin usage on modules
2015-02-13 17:17:59 -06:00
Tod Beardsley
1e8f98c285
Updated description, credit, and URL
2015-02-10 11:25:13 -06:00
Tod Beardsley
1b89242a75
Add module for R7-2015-02
2015-02-10 11:03:46 -06:00
Tod Beardsley
036cb77dd0
Land #4709 , fixed up some datastore mangling
2015-02-05 21:22:38 -06:00
Tod Beardsley
c633c710bc
Mostly caps/grammar/spelling, GoodRanking on MBAM
2015-02-05 12:36:47 -06:00
William Vu
c22865fb71
Fix nexpose_xxe_file_read datastore
2015-02-05 02:53:00 -06:00
jvazquez-r7
c0e1440572
Land #4685 , @FireFart's module for Wordpress Platform Theme RCE
2015-02-03 17:35:59 -06:00
jvazquez-r7
d0cf316758
Land #4659 , @pedrib's ManageEngine directory listing module
2015-02-01 14:19:46 -06:00
jvazquez-r7
128ca47aa7
Fix banner
2015-02-01 14:19:03 -06:00
jvazquez-r7
361aaa7551
Fix banner
2015-02-01 14:16:09 -06:00
Pedro Ribeiro
39a25fc549
Update manageengine_file_download.rb
2015-02-01 10:49:48 +00:00
Pedro Ribeiro
e9b5aa94c3
Add OSVDB id and full disclosure URL
2015-02-01 10:49:11 +00:00
Christian Mehlmauer
2c956c0a0f
add wordpress platform theme rce
2015-01-31 22:02:44 +01:00
jvazquez-r7
11502bad39
Clean code
2015-01-30 15:26:25 -06:00
jvazquez-r7
1916c92e3a
Clean metadata
2015-01-30 15:21:17 -06:00
jvazquez-r7
c9ac56442d
No modify datastore option
2015-01-30 15:05:46 -06:00
jvazquez-r7
bb640b90ef
Refactor login_it360
2015-01-30 15:02:23 -06:00
jvazquez-r7
d4359c4f1c
Rework login_it360 code
2015-01-30 15:00:34 -06:00
jvazquez-r7
c5db13fba9
Do minor style fixes
2015-01-30 14:13:11 -06:00
jvazquez-r7
89f760c94e
Clean metadata
2015-01-30 14:08:55 -06:00
Pedro Ribeiro
a806cb401a
Create manageengine_dir_listing.rb
2015-01-28 19:44:48 +00:00
Pedro Ribeiro
62ac536b7d
Create manageengine_file_download.rb
2015-01-28 19:42:17 +00:00
jvazquez-r7
bedbffa377
Land #3700 , @ringt fix for oracle_login
...
* Avoid retrying logins when connection cannot be stablished
2015-01-09 22:59:32 -06:00
jvazquez-r7
38c36b49fb
Report when nothing is rescued
2015-01-09 22:58:19 -06:00
jvazquez-r7
e7affb9048
Land #4493 , @pedrib's module for ManageEngine Central Desktop create admin
2015-01-04 23:46:31 -06:00
jvazquez-r7
c5e72fb324
Change module filename
2015-01-04 23:14:12 -06:00
jvazquez-r7
4798f2328d
Change module filename
2015-01-04 23:13:17 -06:00
jvazquez-r7
6bb3171328
Do minor cleanup
2015-01-04 23:12:42 -06:00
jvazquez-r7
711b97ecc5
Beautify metadata
2015-01-04 23:08:46 -06:00
Pedro Ribeiro
32d4bf03c3
Add OSVDB id and full disclosure URL
2015-01-04 12:36:51 +00:00
Tod Beardsley
264d3f9faa
Minor grammar fixes on modules
2014-12-31 11:45:14 -06:00
Pedro Ribeiro
e81e68bdaf
Create me_dc9_admin.rb
2014-12-31 02:02:52 +00:00
Jon Hart
6634fb3583
More consistent print_
2014-12-30 09:38:53 -08:00
Jon Hart
f8d432dfc1
Support reading a list of local/remote files for smb admin modules ( #3994 )
2014-12-30 09:21:29 -08:00
Jon Hart
6a61afcfad
Update smb upload/download/delete file modules to support RHOSTS
...
via Scanner
2014-12-29 18:02:40 -08:00
sinn3r
555713b6ae
Land #4456 - MS14-068, Kerberos Checksum (plus krb protocol support)
2014-12-29 16:09:28 -06:00
sinn3r
f2130311fa
Add the MSF blog reference
2014-12-29 16:08:35 -06:00
jvazquez-r7
85ab11cf52
Use print_warning consistently
2014-12-26 09:54:38 -06:00
jvazquez-r7
f31a2e070e
Use print_warning to print the Kerberos error
2014-12-26 09:22:09 -06:00
jvazquez-r7
d148848d31
Support Kerberos error codes
2014-12-24 18:05:48 -06:00
jvazquez-r7
89d0a0de8d
Delete unnecessary connect
2014-12-23 19:35:59 -06:00
jvazquez-r7
265e0a7744
Upper case domain
2014-12-23 19:16:50 -06:00
jvazquez-r7
ed2d0cd07b
Use USER_SID instead of DOMAIN_SID and USER_RID
2014-12-23 19:11:05 -06:00
jvazquez-r7
708cbd7b65
Allow to provide USER SID
2014-12-22 18:24:50 -06:00
jvazquez-r7
56eadc0d55
Delete default values from options
2014-12-22 18:11:43 -06:00
jvazquez-r7
787dab998d
Fix description
2014-12-22 17:51:44 -06:00
jvazquez-r7
a7faf798bf
Use explicit encryption algorithms
2014-12-22 15:51:17 -06:00
jvazquez-r7
f37cf555bb
Use random subkey
2014-12-22 15:39:08 -06:00
jvazquez-r7
b0a178e0a3
Delete blank line
2014-12-22 14:40:32 -06:00
jvazquez-r7
5a6c915123
Clean options
2014-12-22 14:37:37 -06:00
jvazquez-r7
20ab14d7a3
Clean module code
2014-12-22 14:29:02 -06:00
jvazquez-r7
dabc890b2f
Change module filename again
2014-12-22 12:35:15 -06:00
jvazquez-r7
2b46bdd929
Add references and authors
2014-12-22 12:34:31 -06:00
jvazquez-r7
4319dbaaef
Change module filename
2014-12-22 12:29:28 -06:00
jvazquez-r7
60d4525632
Add specs for Msf::Kerberos::Client::Pac
2014-12-21 17:49:36 -06:00
jvazquez-r7
9f1403a63e
Add initial specs for Msf::Kerberos::Client::TgsResponse
2014-12-20 20:29:00 -06:00
jvazquez-r7
b0ac68fbc3
Create build_subkey method
2014-12-19 19:46:57 -06:00
jvazquez-r7
4a106089b9
Move options to build_tgs_request_body
2014-12-19 19:12:17 -06:00
jvazquez-r7
e6781fcbea
Build AuthorizationData from the module
2014-12-19 18:59:39 -06:00
jvazquez-r7
9bd454d288
Build PAC extensions from the module
2014-12-19 18:47:41 -06:00
jvazquez-r7
def1695e80
Use options by call
2014-12-19 18:23:11 -06:00
jvazquez-r7
f332860c19
Clean creation of client and server principal names
2014-12-19 18:16:22 -06:00
jvazquez-r7
bd85723a9d
Build pre auth array out of the mixin
2014-12-19 18:10:14 -06:00
jvazquez-r7
d058bd5259
Refact extraction of kerberos cache credentials
2014-12-19 15:53:24 -06:00
jvazquez-r7
fad08d7fca
Add specs for Rex Kerberos client
2014-12-19 12:14:33 -06:00
jvazquez-r7
f325d2f60e
Add support for cache credentials in the mixin
2014-12-18 16:31:46 -06:00
Tod Beardsley
c15bad44a6
Be clearer on backslash usage.
...
See #4282
2014-12-18 16:16:02 -06:00
jvazquez-r7
9a58617387
Add dummy test module
2014-12-17 19:57:10 -06:00
jvazquez-r7
c683e7bc67
Fix banner
2014-12-12 13:01:51 -06:00
jvazquez-r7
047bc3d752
Make msftidi happy
2014-12-12 12:49:12 -06:00
jvazquez-r7
a1876ce6fc
Land #4282 , @pedrib's module for CVE-2014-5445, NetFlow Analyzer arbitrary download
2014-12-12 12:47:50 -06:00
jvazquez-r7
a0b181b698
Land #4335 , @us3r777 JBoss DeploymentFileRepository aux module
2014-12-12 10:40:03 -06:00
jvazquez-r7
3059cafbcb
Do minor cleanup
2014-12-12 10:37:50 -06:00
Christian Mehlmauer
0f27c63720
fix msftidy warnings
2014-12-12 13:16:21 +01:00
Christian Mehlmauer
544f75e7be
fix invalid URI scheme, closes #4362
2014-12-11 23:34:10 +01:00
Spencer McIntyre
86ae104580
Land #4325 , consistent mssql module names
2014-12-09 21:52:05 -05:00
sinn3r
87c83cbb1d
Another round of name corrections
2014-12-09 20:16:24 -06:00
sinn3r
bb8dfdb15f
Ensure consistency for mssql modules
2014-12-09 10:28:45 -06:00
us3r777
4abfb84cfc
Upload WAR through Jboss DeploymentFileRepository
2014-12-08 19:02:51 +01:00
Pedro Ribeiro
98e416f6ec
Correct OSVDB id
2014-12-07 17:54:31 +00:00
Pedro Ribeiro
e474ecc9cf
Add OSVDB id
2014-12-07 17:41:35 +00:00
jvazquez-r7
54705eee48
Fix option parsing
2014-12-06 21:50:54 -06:00
sinn3r
4b06334455
Minor title change for mssql_enum_domain_accounts_sqli
...
We don't really do "-" for naming
Kind of stands up on a list
2014-12-05 11:42:08 -06:00
Pedro Ribeiro
e5bdf225a9
Update netflow_file_download.rb
2014-12-04 21:32:19 +00:00
Tod Beardsley
79f2708a6e
Slight fixes to grammar/desc/whitespace
...
Note that the format_all_drives module had a pile of CRLFs that should
have been caught by msftidy. Not sure why it didn't.
2014-12-04 13:11:33 -06:00
jvazquez-r7
ff30a272f3
Windows paths need 2 backslashes
2014-11-30 18:54:41 -06:00
jvazquez-r7
223bc340e4
Prepend peer
2014-11-30 18:46:15 -06:00
jvazquez-r7
5ad3cc6296
Make FILEPATH mandatory
2014-11-30 18:45:23 -06:00
jvazquez-r7
b1b10cf4e5
Use Rex::ConnectionError
2014-11-30 18:44:25 -06:00
jvazquez-r7
a549cbbef8
Beautify metadata
2014-11-30 18:44:03 -06:00
Pedro Ribeiro
26d9ef4edd
Explain about Windows back slashes on option
2014-11-30 00:15:44 +00:00
Pedro Ribeiro
2fb38ec7bb
Create exploit for CVE-2014-5445
2014-11-30 00:12:37 +00:00
jvazquez-r7
5f4760c58e
Print final results in a table
2014-11-25 14:01:29 -06:00
jvazquez-r7
d998d97aaa
Refactor build_user_sid
2014-11-25 13:58:47 -06:00
jvazquez-r7
aad860a310
Make conditional easier
2014-11-25 13:54:08 -06:00
jvazquez-r7
ba57bc55b0
Don't report service
2014-11-25 13:52:22 -06:00
jvazquez-r7
059b0e91da
Don't report service
...
* The mssql could be in a third host, not rhost
2014-11-25 13:50:42 -06:00
jvazquez-r7
b467bda2d6
Reuse local variable
2014-11-25 13:49:24 -06:00
jvazquez-r7
31a84ef6ff
Make ternary operator more readable
2014-11-25 13:44:50 -06:00
jvazquez-r7
be566e5ad3
Use a lower fuzz number by default
2014-11-25 13:42:47 -06:00
jvazquez-r7
cd43f83cd7
Delete unnecessary comments
...
* No need to comment every step, just relevant
comments to undrestad code.
2014-11-25 13:40:57 -06:00