e969cbb0bb
added INSTANCES option, and support for it on PORTS
2013-06-22 23:09:59 +01:00
1b456ab511
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-17 08:46:16 -05:00
852fc33c13
Added feedback, cleanup, and simplified modes
2013-06-15 17:16:10 +01:00
6fbb782ada
Clean sap_router_portscanner
2013-06-13 10:08:44 -05:00
d318c1cd22
included feedback
2013-06-01 00:31:06 +01:00
d03379f1c6
changed 2 vprint_error to print_error
2013-05-30 11:54:42 +01:00
612eabd21a
added sap_router_portscanner module
2013-05-29 23:36:53 +01:00
0f3b13e21d
up to date
2013-05-16 15:02:41 -05:00
d9bdf3d52e
Do final cleanup for sap_smb_relay
2013-05-16 14:25:10 -05:00
9dd582c526
Land #1656 , @nmonkee's module for SMB Relay attacks against SAP
2013-05-16 14:23:39 -05:00
947735bd25
up to date
2013-05-16 11:26:50 -05:00
c21035c0b9
Add final cleanup for sap_ctc_verb_tampering_user_mgmt
2013-05-16 10:42:09 -05:00
7823df0478
Change module filename
2013-05-16 10:41:25 -05:00
f3f0272395
Land #1652 , @nmonkee's SAP CTC Verb Tampering for User Mgmt module
2013-05-16 10:40:17 -05:00
11286630d5
modifications to CLBA_ SOAP requests to fix XML kernel processor error
2013-05-16 11:24:29 +01:00
8a18853dfa
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-15 21:35:59 -05:00
c82bb73347
Avoid super verbose output
2013-05-15 17:45:37 -05:00
c410a54d44
Merge SAP SMB Relay abuses in just one module
2013-05-14 20:53:08 -05:00
357ef001cc
Change module filename
2013-05-14 20:52:33 -05:00
83f1418f28
up to date
2013-05-14 14:48:58 -05:00
07b3355a17
Merge branch 'sap_ctc_verb_tampering_add_user_and_add_role' of https://github.com/nmonkee/metasploit-framework
2013-05-14 13:47:39 -05:00
891e36c947
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-09 17:47:35 -05:00
cf05602c6f
Land #1661 , @nmonkee's sap_soap_rfc_eps_get_directory_listing module
2013-05-09 16:46:13 -05:00
53c08cd60f
fix incorrect printing typo
2013-05-09 21:37:04 +01:00
ca41d859a9
up to date
2013-05-09 13:00:10 -05:00
e711474654
Merge branch 'sap_soap_xmla_bw_smb_relay_' of https://github.com/nmonkee/metasploit-framework
2013-05-09 12:37:46 -05:00
4c75354a6a
Land #1786 , request_cgi instead of request_raw
...
Also some other small changes to modules, such as sensible defaults for
options.
2013-05-08 14:58:04 -05:00
fff8593795
Fix author name
2013-05-06 17:34:37 -05:00
c84febb81a
Fix extra character
2013-05-06 15:19:15 -05:00
92b4d23c09
Add Mariano as Author because of the abuse disclosure
2013-05-06 15:15:15 -05:00
db243e78c8
Land #1682 , sap_router_info_request fix from @nmonkee
2013-05-06 15:13:57 -05:00
85581a0b6f
Clean up sap_soap_rfc_eps_get_directory_listing
2013-05-06 13:21:42 -05:00
1fc0bfa165
Change module filename
2013-05-06 13:20:07 -05:00
589be270bf
Land #1658 , @nmonkee's SAP module for PFL_CHECK_OS_FILE_EXISTENCE
2013-05-03 14:19:36 -05:00
7579b574cb
Rework parse_xml
...
We try to avoid using Nokogiri in modules due to the sometimes
uncomfortable dependencies it creates with particular compiled libxml
versions. Also, the previous parse_xml doesn't seem to be correctly
skipping item entries with blank names.
I will paste the test XML in the PR proper, but do check against a live
target to make sure I'm not screwing it up.
2013-05-02 14:43:30 -05:00
902cd7ec85
Revert removal of the SAP module
...
This reverts commit 26da7a6ee7
2013-05-02 14:42:35 -05:00
26da7a6ee7
Removing this from master due to test problems
...
This module was moved over to the unstable branch in commit
7106afdf7d
2013-05-02 13:43:02 -05:00
132c09af82
Add BID reference
2013-05-02 10:21:09 -05:00
6e68f3cf34
Clean up sap_soap_rfc_pfl_check_os_file_existence
2013-05-02 10:19:15 -05:00
244bf71d4a
Change module filename
2013-05-02 10:15:50 -05:00
d9cdb6a138
Fix more feedback provided by @nmonkee: CMD vs COMMAND
2013-05-02 09:08:48 -05:00
c6c7998e3b
Fix feedback provided by @nmonkee
2013-05-02 09:06:51 -05:00
4db81923bf
Update description
2013-05-02 08:45:01 -05:00
e25057b64a
Fix indent level
2013-05-01 22:01:36 -05:00
c406271921
Cleanup sap_soap_rfc_rzl_read_dir
2013-05-01 21:51:06 -05:00
98dd96c57d
Change module filename
2013-05-01 21:50:24 -05:00
6b6b53240b
Fix SAP modules, mainly to make a better use of send_request_cgi
2013-05-01 14:06:53 -05:00
5b30115336
vprint_status changed to vprint_error as requested
2013-03-28 14:27:51 +00:00
0f147dcf47
vprint_status changed to vprint_error as requested
2013-03-28 14:24:57 +00:00
eee702a329
vprint_status changed to vprint_error as requested
2013-03-28 14:23:21 +00:00
e2212ca8c9
vprint_status changed to vprint_error as requested
2013-03-28 14:22:01 +00:00
9d87db6831
vprint_status changed to vprint_error as requested
2013-03-28 14:08:24 +00:00
aae1d5933e
removed socket print, left over from debugging
2013-03-28 10:49:23 +00:00
376ca7b107
fixed issue with access denied condition thanks to @pho_bos
2013-03-28 10:41:37 +00:00
bcc26427c0
EPS_GET_DIRECTORY_LISTING (List Directory abd SMB Relay)
2013-03-25 20:26:56 +00:00
d8086a27a6
vprint_status mod
2013-03-25 20:20:29 +00:00
121c75f646
vprint_status mod
2013-03-25 20:18:14 +00:00
da6a99defb
vprint_status mod
2013-03-25 20:16:11 +00:00
95e7d55313
remove sap_soap_rfc_eps_delete_file_smb_relay.rb
2013-03-25 20:09:59 +00:00
f7ccfa634e
This module exploits an authentication bypass vulnerability in SAP NetWeaver CTC service
2013-03-25 19:59:16 +00:00
f92f59bfad
EPS_DELETE_FILE (File deletion and SMB Relay)
2013-03-25 17:23:27 +00:00
01ee30e389
PFL_CHECK_OS_FILE_EXISTENCE (file existence and SMB relay)
2013-03-25 17:11:23 +00:00
5be98593a9
RZL_READ_DIR_LOCAL (directory listing and SMB relay)
2013-03-25 16:59:37 +00:00
e840578ea2
SAP /sap/bw/xml/soap/xmla XMLA service (XML DOCTYPE) SMB relay
2013-03-25 16:57:12 +00:00
2160718250
Fix file header comment
...
[See #1555 ]
2013-03-07 17:53:19 -06:00
8f58c7b25e
cleanup for sap_icf_public_info
2013-02-28 18:47:48 +01:00
0dcfb51071
cleanup for sap_soap_rfc_system_info
2013-02-28 18:46:18 +01:00
d49797267e
Correct SAP Table Name
2013-02-19 11:20:49 +01:00
358b2f5783
Added module credit as this has turned into a rewrite ;)
2013-02-19 11:15:04 +01:00
f3cf8ad1b9
Whitespace EOL
2013-02-19 11:13:33 +01:00
a75bae927d
Replaced report_note and table output with single function
...
Added proposed extract data function (HDM)
2013-02-19 11:12:12 +01:00
d4011227e3
Made suitable changes to original module also (only report on non empty response)
2013-02-19 09:43:36 +01:00
4170a85d8a
Added logic to only report when value is present
2013-02-19 09:42:13 +01:00
3a6cd6f395
Added module for requesting RFC_SYSTEM_INFO via ICF web interface
2013-02-12 14:42:59 +01:00
9e912a23ff
Merge branch 'rapid7' into FireFart-msftidy_aux_1
2013-01-03 16:54:25 -06:00
1406f7cb0a
Msftidy on sap_router_info_request
2013-01-03 10:55:11 -06:00
95948b9d7c
msftidy: remove $Revision$
2013-01-03 00:58:09 +01:00
ca890369b1
msftidy: remove $Id$
2013-01-03 00:54:48 +01:00
e5eb8c6301
Fix connected in sap_router_info_request
...
See #1028 comments
2012-12-28 16:34:59 -06:00
3daea913b1
Merge branch 'sap_router_info_request'
2012-12-28 15:22:44 -06:00
35604ac1aa
Normalizing caps and expanding description a bit
...
Be nice to have a couple more lines on the description
2012-12-28 15:12:40 -06:00
5d7197d8ba
Moved shout outs, organized includes
...
include Msf::Exploit::Remote::Tcp must precede the include for the
Scanner mixin -- otherwise you end up with some undesired effects, like
having an RHOST and RHOSTS on the datastore.
Also, took out the block of shout outs and gave references and credits
to the people / url's mentioned.
2012-12-28 14:51:23 -06:00
2c4d517e75
Merge branch 'useragent_cleanup' of git://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-useragent_cleanup
2012-12-21 11:14:06 -06:00
413b75cd8b
Fixed crash issues with unescape
...
Added better formatting to avoid pages of output
2012-12-21 12:07:14 +01:00
e237512bd7
Cleaned up the SAP modules as they are all sending double user-agent strings (also added OptEnum where appropriate)
2012-12-21 10:47:45 +01:00
9825b07df8
Merge branch 'sap_soap_rfc_dbmcli_sxpg_command_exec' of git://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_dbmcli_sxpg_command_exec
2012-12-18 01:12:50 -06:00
37f7122006
NameError undefined local variable or method output - fixed
2012-12-17 19:34:36 +00:00
10511e8281
Merge remote branch 'origin/bug/fix-double-slashes'
...
Ran the new normalize_uri() specs, all passes, so I'm quite confident in
this change.
2012-12-17 13:29:19 -06:00
2978775335
change default RPORT
2012-11-23 12:14:08 +01:00
ca3240a83e
Merge branch 'SXPG_COMMAND_EXEC_DBMCLI' of https://github.com/nmonkee/metasploit-framework into nmonkee-SXPG_COMMAND_EXEC_DBMCLI
2012-11-23 12:13:22 +01:00
564a32ce7c
Made requested changes
2012-11-21 17:33:15 +00:00
ff07e5d021
sap_soap_rfc_dbmcli_sxpg_command_exec
2012-11-20 15:34:53 +00:00
32373c1a6a
new filename
2012-11-20 16:01:58 +01:00
bb13c87aab
module filename changed
2012-11-20 16:01:26 +01:00
96024dc639
title updated
2012-11-20 16:00:50 +01:00
bfbab4526a
Merge branch 'sap_soap_rfc_sxpg_call_system' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_sxpg_call_system
2012-11-20 16:00:14 +01:00
217fa27abb
pcap to verify deleted
2012-11-20 15:55:56 +01:00
101238db35
Merge branch 'sap_soap_rfc_dbmcli_sxpg_call_system_command_exec' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_dbmcli_sxpg_call_system_command_exec
2012-11-20 15:55:32 +01:00
e16a51fcf9
author change
2012-11-20 14:23:29 +00:00
1bc62b8686
pcap for lin
2012-11-20 14:15:49 +00:00
838eb5154a
Merge branch 'sap_soap_rfc_dbmcli_sxpg_call_system_command_exec' of https://github.com/jvazquez-r7/metasploit-framework into sap_soap_rfc_dbmcli_sxpg_call_system_command_exec
2012-11-20 14:13:51 +00:00
be66ccdf00
pcap for lin
2012-11-20 13:59:49 +00:00
5f99b56688
up to date to test rapid7#1030
2012-11-20 12:13:14 +01:00
31ca077dd6
cleanup for sap_soap_rfc_sxpg_call_system.rb
2012-11-20 11:54:21 +01:00
8385b8314c
fix 1.8 warning about space before argument parenthesis
2012-11-19 22:55:44 +01:00
3d753e9690
Delete pcap used to verify
2012-11-19 22:47:07 +01:00
2f44bbaf21
Merge branch 'sap_soap_rfc_sxpg_command_exec' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_sxpg_command_exec
2012-11-19 22:46:38 +01:00
dcb5cfdbbd
pcap for lin
2012-11-19 21:06:05 +00:00
a3550fb91b
Merge branch 'sap_soap_rfc_sxpg_command_exec' of https://github.com/nmonkee/metasploit-framework into sap_soap_rfc_sxpg_command_exec
2012-11-19 21:01:00 +00:00
aaeb05725a
pcaps for lin and win
2012-11-19 21:00:11 +00:00
6adbee13b3
Merge branch 'sap_soap_rfc_sxpg_command_exec' of https://github.com/jvazquez-r7/metasploit-framework into sap_soap_rfc_dbmcli_sxpg_call_system_command_exec
2012-11-19 17:18:21 +00:00
ee7bf42903
cleanup for last testing
2012-11-19 17:59:27 +01:00
149704d918
deleting file sap_soap_rfc_sxpg_call_system_command_exec
2012-11-18 23:56:33 +00:00
3bf88e5884
final cleanup for sap_web_gui_brute_login
2012-11-18 22:39:05 +01:00
165e9c26da
Merge branch 'sap_web_gui_brute_login' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_web_gui_brute_login
2012-11-18 22:38:30 +01:00
3573d31d08
final cleanup
2012-11-18 21:37:24 +01:00
eddea29568
Merge branch 'sap_soap_rfc_brute_login' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_brute_login
2012-11-18 21:36:54 +01:00
9fa8204152
datastore parameters cleanup
2012-11-18 11:53:17 +01:00
5b55049610
module cleanup
2012-11-18 11:45:12 +01:00
ea6c3e9b69
Merge branch 'sap_soap_rfc_susr_user_interface' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_susr_user_interface
2012-11-18 11:44:26 +01:00
8a1a811844
Final cleanup
2012-11-18 01:41:10 +01:00
482526e978
Merge branch 'sap_soap_bapi_user_create1' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_bapi_user_create1
2012-11-18 01:40:11 +01:00
889124a439
final cleanup
2012-11-18 00:59:49 +01:00
eed0f92829
Merge branch 'sap_soap_rfc_ping' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_ping
2012-11-18 00:59:35 +01:00
22d4ccadea
description updated
2012-11-18 00:35:25 +01:00
a35c640acf
final cleanup
2012-11-18 00:32:20 +01:00
e72946303e
Merge branch 'sap_soap_rfc_system_info' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_system_info
2012-11-18 00:31:53 +01:00
59e96e5850
fix typo
2012-11-17 00:35:53 +01:00
8c0e4705f1
final cleanup
2012-11-17 00:18:35 +01:00
c511e58971
Merge branch 'sap_soap_rfc_read_table' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_read_table
2012-11-17 00:18:04 +01:00
0ef41ffcd4
added reporting to the module
2012-11-16 20:05:26 +01:00
d8d2bee6fb
Final cleanup
2012-11-16 19:20:58 +01:00
62f9766e63
made requested changes
2012-11-15 00:00:31 +00:00
99d145eb23
made requested changes
2012-11-14 23:50:47 +00:00
b9a8791b87
made requested changes
2012-11-14 23:40:20 +00:00
047d6d350a
looks like I committed the wrong file first time round :(
2012-11-14 23:34:21 +00:00
a252dbc5d7
made requested changes
2012-11-14 23:25:25 +00:00
91b81bee4a
made requested changes
2012-11-14 23:19:09 +00:00
308eee7c4f
made requested changes
2012-11-14 23:00:45 +00:00
aa3cd500bb
made requested changes
2012-11-14 22:49:34 +00:00
83215edd8c
made requested changes
2012-11-14 22:38:32 +00:00
c5a017d054
made requested changes
2012-11-14 22:25:10 +00:00
833af3a347
made requested changes
2012-11-14 22:13:06 +00:00
e55e5d2796
made requested changes
2012-11-14 20:12:37 +00:00
4d2147f392
Adds normalize_uri() and fixes double-slash typos
2012-11-08 07:16:51 -06:00
92679cd1c8
SAP Web GUI Brute Force
2012-11-07 16:18:00 +00:00
c13f8d8eba
SAP RFC TH_SAPREL
2012-11-07 16:10:09 +00:00
f618000d0d
SAP SOAP RFC SUSR_RFC_USER_INTERFACE (user creation)
2012-11-07 16:04:07 +00:00
2b973263b7
SAP SOAP RFC_Info
2012-11-07 15:17:56 +00:00
509e63268b
SAP SOAP RFC SXPG_CALL_SYSTEM
2012-11-07 15:06:28 +00:00
Bruno Morisson
jvazquez-r7
nmonkee
Tod Beardsley
James Lee
Chris John Riley
Tod Beardsley
Christian Mehlmauer
sinn3r
HD Moore