12935 Commits (da50bf90d8eaa9f9e78f1515ec393f72711f1ed3)

All Branches

Search

Author	SHA1	Message	Date
James Lee	409ba3139b	Add bap checks for blackice exploit	2012-04-09 00:50:04 -06:00
sinn3r	5fefb47b7f	Some cosmetic changes	2012-04-09 01:43:20 -05:00
sinn3r	95dbb8a818	Merge branch 'snort-dce-rpc' of https://github.com/carmaa/metasploit-framework into carmaa-snort-dce-rpc	2012-04-09 00:17:44 -05:00
James Lee	da1cb2b81d	ActiveX controls require IE	2012-04-08 22:07:09 -06:00
sinn3r	9cec9639c7	Add an aux module to brute force Dolibarr's login interface	2012-04-08 18:16:38 -05:00
James Lee	f520af036f	Move next_exploit() onto window object so it's accessible everywhere ... I swear I committed this before, not sure what happened.	2012-04-08 17:11:15 -06:00
James Lee	b58a87b7a8	Skip ::1 as well as 127.0.0.1 for session_host ... Thanks rsmudge for pointing this out. [Fixes #6599]	2012-04-08 14:58:39 -06:00
Carsten Maartmann-Moe	ce0de02a2a	Modified for 8-space tabs	2012-04-08 16:09:28 -04:00
Carsten Maartmann-Moe	89c1894e07	Minor formatting changes, tabs etc. and comments for clarity	2012-04-08 15:45:23 -04:00
sinn3r	51bdfe14fd	2012, not 2011, oops	2012-04-08 13:21:37 -05:00
sinn3r	24478e9eb5	Add Dolibarr ERP & CRM Command Injection Exploit	2012-04-08 13:20:22 -05:00
James Lee	9ae9509cfe	More fingerprints from browsershots	2012-04-08 11:12:32 -06:00
sinn3r	c6162bbe08	I've changed my mind. Default to "/" anyway even if it's nil.	2012-04-07 19:47:28 -05:00
sinn3r	cfb34739f9	Actually, let's default to "/" only if the TARGETURI option is empty. If it's nil, we prefer to throw the exception at the user.	2012-04-07 19:44:34 -05:00
sinn3r	9a229dfcff	Make target_uri default to "/" in case the TARGETURI option is nil or empty	2012-04-07 19:43:19 -05:00
sinn3r	05eba0ab4c	Cosmetic changes, mostly :-)	2012-04-07 14:47:23 -05:00
sinn3r	00ff2e3dc1	Merge branch 'CVE-2012-1195_thinkmanagement' of https://github.com/juanvazquez/metasploit-framework into juanvazquez-CVE-2012-1195_thinkmanagement	2012-04-07 14:41:19 -05:00
juan	938d5d0a75	added references for cve-2012-1196	2012-04-07 20:22:59 +02:00
juan	ee7bce5995	deletion of the ASP script	2012-04-07 20:19:45 +02:00
Tod Beardsley	dfe2bbc958	Use rport for modicon_password recovery, not 21.	2012-04-07 13:03:43 -05:00
juan	8761d39190	exploit module added for CVE-2012-1195	2012-04-07 19:04:17 +02:00
andurin	9201840d65	Fix broken nessus_safe ... Kudohs to 'freaky clown' for the initial patch IssueID #6597	2012-04-07 10:20:55 +02:00
Carsten Maartmann-Moe	b2e0acd92a	Tidied up the exploit	2012-04-06 20:41:54 -04:00
James Lee	bac6bcd6f1	More fingerprints from browsershots	2012-04-06 18:41:14 -06:00
James Lee	31e3eb7d91	Merge branch 'rapid7' into bap-refactor	2012-04-06 18:12:49 -06:00
James Lee	bb4e37b7aa	Add a few fingerprints. Thanks browsershots.org!	2012-04-06 18:09:19 -06:00
andurin	4e955e5870	replace spaces with tabs	2012-04-06 10:45:10 -05:00
andurin	67e6c7b850	tomcat_mgr_deploy may report successful creds ... Using following code for 'check' as 'exploit': report_auth_info( :host => rhost, :port => rport, :sname => (ssl ? "https" : "http"), :user => datastore['BasicAuthUser'], :pass => datastore['BasicAuthPass'], :proof => "WEBAPP=\"Tomcat Manager App\", VHOST=#{vhost}, PATH=#{datastore['PATH']}", :active => true ) Resulting in: Credentials =========== host port user pass type active? ---- ---- ---- ---- ---- ------- 192.168.x.xxx 8080 tomcat s3cret password true	2012-04-06 10:45:10 -05:00
Tod Beardsley	461352f24f	Don't need to require net/ftp anymore ... Nothing actually used it anyway.	2012-04-06 10:35:28 -05:00
andurin	274404716f	Show vuln.info on db_vuln command ... IssueID #5837	2012-04-06 14:47:36 +02:00
sinn3r	56b10d4d23	Merge branch 'CVE-2012-0270_csound_getnum_bof' of https://github.com/juanvazquez/metasploit-framework into juanvazquez-CVE-2012-0270_csound_getnum_bof	2012-04-06 02:28:26 -05:00
sinn3r	68c81e3ae0	Add OSVDB-80661 TRENDnet SecurView ActiveX BoF	2012-04-06 02:26:04 -05:00
Carsten Maartmann-Moe	b184a6dc5c	Exploit for Snort CVE-2006-5276 on Windows	2012-04-05 19:46:56 -04:00
Tod Beardsley	9c8e6ac9da	Ruby 1.8 compat for the SCADA modules. ... But really, you should be using Ruby 1.9 by now.	2012-04-05 17:05:03 -05:00
Tod Beardsley	14e3cd75dc	Revert "tomcat_mgr_deploy may report successful creds" ... This reverts commit 937f8f035a.	2012-04-05 16:17:06 -05:00
juan	5c6856539e	.idea dir deleted	2012-04-05 22:46:43 +02:00
juan	955de5a68c	comment fixed	2012-04-05 22:46:13 +02:00
juan	c5f73d3d7a	added module for CVE-2012-0270_csound_getnum_bof	2012-04-05 22:35:42 +02:00
HD Moore	0f7b08781f	Fix regular expression match number	2012-04-05 12:55:54 -05:00
James Lee	585245501a	Print an error when trying to open a dir as a file ... Prevents unnecessary stack traces	2012-04-05 11:49:03 -06:00
James Lee	0c3f1aab77	Tell the user what actually went wrong when migrate.rb fails	2012-04-05 11:49:03 -06:00
sinn3r	03543560b3	Merge pull request #308 from aczid/wmap_autotest_rc_targeting ... Also adding wmap targets by ip	2012-04-05 10:41:47 -07:00
Tod Beardsley	14d9953634	Adding DigitalBond SCADA modules	2012-04-05 12:35:48 -05:00
James Lee	2c992c976d	Cut session info at 80 columns ... Prevents a long "id" line from destroying the layout	2012-04-05 11:07:42 -06:00
Aram Verstegen	b54d786374	Also adding wmap targets by ip in case no websites/vhosts were discovered prior to running the script	2012-04-05 18:20:46 +02:00
Tod Beardsley	eb39b5f6aa	Msftidy on netop	2012-04-05 10:33:57 -05:00
sinn3r	8628991b1d	Merge pull request #305 from jlee-r7/bap-refactor ... Bap refactor	2012-04-05 08:02:43 -07:00
sinn3r	57b8279c36	Merge pull request #306 from andurin/small_fixes ... tomcat_mgr_deploy may report successful creds	2012-04-05 08:00:58 -07:00
andurin	175d6650a9	Added new pass for tomcat ... Have seen this in the wild as a example users.xml	2012-04-05 11:18:41 +02:00
andurin	937f8f035a	tomcat_mgr_deploy may report successful creds	2012-04-05 11:09:56 +02:00