6bd56ac225
Update any modules that deregistered NETMASK
2014-12-04 13:22:06 -08:00
3aecd3a10e
added DLSw v1 and v2 check, added check for \x00 in leak segment
2014-12-03 23:27:11 -07:00
3a978e1147
Land #4280 , frontpage_login improvements
2014-12-02 14:56:57 -06:00
0ab2e99419
Delete version from title
2014-12-01 10:24:12 -06:00
f4e20284a4
Change mixin include order
2014-12-01 10:22:20 -06:00
d85aabfed9
Use vprint by default
2014-12-01 10:20:12 -06:00
e0cb0f7966
Fix description
2014-12-01 10:19:14 -06:00
fa07b466d6
Use single quote and minor cosmetic changes
2014-12-01 09:57:29 -06:00
d5888a7f6f
Fix module options
2014-12-01 09:55:36 -06:00
47acf3487d
Do minor cleanup
...
* Prepend peer
* Use print_good when file downloaded
2014-12-01 09:53:00 -06:00
e4b3ee2811
Changed the module name.
2014-12-01 01:00:14 -02:00
ecbce679a8
Remove timeout on line 59.
2014-12-01 00:51:12 -02:00
f3957ea428
FILEPATH changed from false to true.
2014-12-01 00:48:47 -02:00
97ee975235
Deleted checking on line 48.
2014-12-01 00:46:58 -02:00
84ce573227
Deleted line 61 which returns the server status code.
2014-12-01 00:39:05 -02:00
6f6274735f
Update frontpage_login.rb
...
Vhost is now used if specified.
Added X-Vermeer-Content-Type header, which seems to be required for the RPC service otherwise server responds with:
method=
status=
status=262147
osstatus=0
msg=No "CONTENT_TYPE" on CGI environment.
osmsg=
2014-11-28 17:21:47 +00:00
d75ffc36da
Changed the description of FILEPATH
2014-11-27 00:50:34 -02:00
f8dc366f42
Add CVE-2014-7816 Directory Traversal for WildFly 8 Application
2014-11-27 00:13:29 -02:00
79b2b5e231
RPORT is required by UDPScanner; deregister instead
2014-11-26 07:39:14 -08:00
d4e5cd25e1
Report credentials for new login level 15
2014-11-25 16:35:16 -06:00
dc253efa19
Use Rex::Text.rand_text*
2014-11-25 16:35:06 -06:00
f20afff1a8
Do return instead of abort
2014-11-25 16:34:57 -06:00
d876efaa0f
Delete ssh_socket attribute
2014-11-25 16:34:47 -06:00
5091bc76ad
Do minor cleanup
2014-11-25 16:34:22 -06:00
c92a26e967
Update from upstream master
2014-11-25 16:30:45 -06:00
0ed356f71c
Move Kademlia stuff to a more OO model, etc, per reviews
...
All of the work is done in rex. The msf mixin just prevents the
desire to call rex directly from the module
2014-11-24 14:03:43 -08:00
77b1f2d2f0
Fixup for release
...
Fixes the grammar on the SMTP enumeration module and the Cisco CDP
module, and adds a more informative description and reference for the
CDP module introduced on PR #4061 .
2014-11-24 10:50:43 -06:00
e9750e2df8
Minor style/usability cleanups
2014-11-24 06:57:31 -08:00
57419bb0fc
Fix #4253 - Print access level for snmp_login
...
Fix #4253 - module should print the access level
2014-11-22 23:09:15 -06:00
9828598cb7
removing timeout method and option
2014-11-22 00:28:56 -07:00
57b04f96a7
working with DLSw protocol check
2014-11-21 23:54:00 -07:00
b9a274f869
improving DLSw detection
2014-11-21 18:58:02 -07:00
3ac1f7d4fb
Land #4242 , @Meatballs1 fix for sap_service_discovery report_note
...
* I cannot reproduce @Meatballs1 issue
* But I noticed report_note should :update with :unique_data
* Fixed the :update
2014-11-21 10:16:08 -06:00
e30ee9fee2
Update with :unique_data
2014-11-21 10:14:39 -06:00
99a23ada5c
Module cleanup, error handling, and reporting
2014-11-20 16:18:20 -06:00
e255db9429
Partial commit
2014-11-20 13:49:36 -08:00
94e5ba13a4
YARD and spec cleanup
2014-11-20 13:28:01 -08:00
df36ac910d
Mostly complete Kademlia PING / BOOTSTRAP scanner
2014-11-20 13:28:01 -08:00
ab49d01a1b
Add beginnings of Kademlia gather module and protocol support
2014-11-20 13:28:00 -08:00
2f6c4a9ba4
Slight tweak to description/author email formatting
2014-11-20 14:53:52 -06:00
ee15179441
Fix service discovery errors
2014-11-20 18:22:33 +00:00
8306d739e3
add scanner module to extract domain from NTLM challenge
2014-11-20 11:02:21 -05:00
a4a1048f95
modified to get data collection off sock working
2014-11-19 11:17:58 -07:00
7d6e7a6bfa
Minor Ruby style and module usability cleanup
2014-11-18 16:33:05 -08:00
6b8b49ff98
improving metasploit module based on feedback
2014-11-18 15:03:18 -07:00
542eb6e301
Handle exception in brute force exploits
2014-11-18 12:17:10 -08:00
82f89e620b
Clean up nfs mount scanner to *print_* better
2014-11-18 12:17:10 -08:00
b2f9307e0a
vprint # of RPC programs, since the table comes right after
2014-11-18 12:17:10 -08:00
a9f9a8b116
Introduce new ::Rex::Proto::SunRPC::RPCError, making run_host cleaner
2014-11-18 12:17:10 -08:00
c7794a7ed9
Clean up Ruby style in sunrpc_portmapper
2014-11-18 12:17:09 -08:00
059d84e4ca
More consistent *print_* and Rex::Ui::Text::Table for sunrpc_portmapper
2014-11-18 12:17:09 -08:00
703e0486fb
Add DLSw leak capture module for CVE-2014-7992
2014-11-17 20:35:54 -07:00
9fe4994492
Chris McNab has been working with MITRE to add these CVEs
...
These CVEs are not live yet, but have been confirmed by cve-assign
t
2014-11-16 18:42:53 -06:00
a521d469ed
Land #4194 , Quake protocol support
2014-11-15 17:44:19 -06:00
57aef9a6f5
Land #4177 , @hmoore-r7's fix for #4169
2014-11-13 18:29:57 -08:00
ebf6fe4e56
Minor style cleanup
2014-11-12 16:44:43 -08:00
07a1653e57
Add gather module for Quake servers
2014-11-12 13:32:56 -08:00
54158c8662
Land #4005 , TNS poison checker
2014-11-12 13:29:59 -06:00
d242bc220b
Minor fixups and disclosure date for TNS module
2014-11-12 13:25:10 -06:00
955a5142ca
Edit e-mail address for antispam
2014-11-12 13:19:04 -06:00
7e05f88399
Reapply PR #4113 (removed via #4175 )
2014-11-11 15:06:43 -06:00
6b4eb9a8e2
Differentiate failed binds from connects, closes #4169
...
This change adds two new Rex exceptions and changes the local comm to raise the right one depending on the circumstances. The problem with the existing model is
that failed binds and failed connections both raised the same exception. This change is backwards compatible with modules that rescue Rex::AddressInUse in additi
on to Rex::ConnectionError. There were two corner cases that rescued Rex::AddressInUse specifically:
1. The 'r'-services mixin and modules caught the old exception when handling bind errors. These have been updated to use BindFailed
2. The meterpreter client had a catch for the old exception when the socket reports a bad destination (usually a network connection dropped). This has been updat
ed to use InvalidDestination as that was the intention prior to this change.
Since AddressInUse was part of ConnectionError, modules and mixins which caught both in the same rescue have been updated to just catch ConnectionError.
2014-11-11 14:59:41 -06:00
017a44c0ae
Revert errored merge of deea30d
...
Revert "Merge branch 'master' of https://github.com/farias-r7/metasploit-framework into upstream-master"
This reverts commit deea30ddb414514d7b8b
2014-11-11 14:38:47 -06:00
96ba6da697
Add the UDP scanner template, lands #4113 .
...
There is some additional work to do regarding CHOST/CPORT, but this is not tied to the udp template changes.
2014-11-11 11:59:30 -06:00
c0285067c9
Add new module to test TNS poison
...
msf auxiliary(tnspoison_checker) > show options
Module options (auxiliary/scanner/oracle/tnspoison_checker1):
Name Current Setting Required Description
---- --------------- -------- -----------
RHOSTS 172.16.2.100, 172.16.2.24, 172.16.2.101 yes The target address range or CIDR identifier
RPORT 1521 yes The target port
THREADS 1 yes The number of concurrent threads
msf auxiliary(tnspoison_checker) > exploit
[+] 172.16.2.100:1521 is vulnerable
[*] Scanned 1 of 3 hosts (033% complete)
[-] 172.16.2.24:1521 is not vulnerable
[*] Scanned 2 of 3 hosts (066% complete)
[-] 172.16.2.101:1521 unable to connect to the server
[*] Scanned 3 of 3 hosts (100% complete)
[*] Auxiliary module execution completed
2014-11-11 17:29:27 +03:00
cca30b536f
Land #4094 , fixes for OWA brute forcer
...
Fixes #4083
Thanks TONS to @jhart-r7 for doing most of the work on this!
2014-11-05 14:00:26 -06:00
ff8d481eec
Update description to remove comments about defaults. Default to 2013
2014-11-04 21:21:19 -08:00
2c028ca7a6
Move redirect check before body check -- a redirect won't have a body
2014-11-04 14:19:21 -08:00
7855ede2de
Move userpass emptiness checking into setup
2014-11-04 14:07:39 -08:00
5fb268bbdf
Updates to better OWA fix
2014-11-04 14:32:54 -06:00
b0e388f4c3
Land #3516 , @midnitesnake's snmp_enumusers fix for Solaris, OS X
2014-11-04 08:23:16 -08:00
51b96cb85b
Cosmetic title/desc updates
2014-11-03 13:37:45 -06:00
8f197d4918
Move to build_probe
2014-11-03 08:41:51 -08:00
121ebdfef6
update_info
2014-10-31 13:17:50 -07:00
b99e71dcdd
Example UDPScanner style cleanup, move most to UDPScanner
2014-10-31 12:14:04 -07:00
ff0b52cffb
Example per-batch vprint, a useful default
2014-10-31 10:31:31 -07:00
94d4388af9
Improvements to example UDPScanner
2014-10-31 09:53:10 -07:00
d9f0a10737
Add new example template for scanning UDP services
2014-10-31 08:06:31 -07:00
15e1c253fa
Numerous cleanups for snmp_enumusers
...
* Bring in line with Ruby standards
* More sane format for adding new OSs
* Better logging for use on larger networks
* Better error handling
2014-10-29 23:54:32 -07:00
ba5035c7ef
Prevent calling match when there is no WWW-auth header
2014-10-28 17:13:57 -07:00
a5d883563d
Abort if 2013 desired but redirect didn't happen
2014-10-28 15:59:22 -07:00
7ca4ba26b0
Show more helpful vprint messages when login fails
2014-10-28 15:48:04 -07:00
bce8f34a71
Set proper Cookie header from built cookie string
2014-10-28 15:41:36 -07:00
a3e1e11987
Ensure necessary cookies are present in OWA 2010 login response
2014-10-28 15:40:15 -07:00
9c028c1435
Fixes #4083 , make the split nil-safe
...
In the reported case, the expected cookies were not present on the
response, thus, the second split was trying to split a `nil`. This
solves the immediately problem by a) splitting up the splits into
discrete sections, and b) `NilClass#to_s`'ing the result of the first
split.
This makes the split safe. Now, there may be a larger issue here where
you're not getting the expected cookies -- it sounds like the target in
this case is responding differently, which implies that the module isn't
going to be effective against that particular target. But, at least it
won't crash. It may merely try fruitlessly the entire run, though. I
can't know without looking at a pcap, and in the reported case, a pcap
seems unlikely since this was a bug found in the field.
2014-10-28 14:59:20 -05:00
e31c9f579d
Land #3987 - Buffalo Linkstation NAS Login Scanner
2014-10-28 01:45:57 -05:00
d799625507
Switch to vprint_good for verbose good things
2014-10-28 01:53:54 -04:00
0fa461737e
Fix null arguments syntax
2014-10-28 01:49:54 -04:00
7a727f9bff
Make msftidy happy
2014-10-28 01:48:13 -04:00
595b4d2bbd
Clean up aux check review comments
2014-10-28 01:44:52 -04:00
b8c9ef96ca
Land #4003 , @nstarke's Login Scanner for WD MyBook Live NAS
2014-10-27 09:57:43 -07:00
83df08aaa7
Properly encode body and catch invalid configs
2014-10-22 22:43:06 -07:00
0ea03c00a5
Use print_brute instead of print_good for format consistency
2014-10-22 16:14:45 -05:00
ce8a9941ea
Cleanup. Sanity check in setup. vprint
2014-10-22 10:36:24 -07:00
46acf08e2d
Merge remote-tracking branch 'upstream/master' into bug/msp-11497/loginscanner-tcp-evasions
2014-10-22 09:09:34 -05:00
ee3dd3a2ac
More Fixes for WD MyBook Live Scanner
...
Fixes include removing deregistered options
from credentials collection object and adding proof
when there is no response
2014-10-22 03:06:21 +00:00
0fcd1ac4f6
Restore tcp evasions to smb_login
2014-10-21 18:59:11 -05:00
e1a7e902d6
Re-enable tcp evasions for more LoginScanners
...
Untested since I don't have targets for these.
2014-10-21 18:58:28 -05:00
6d11ec8477
These mods support Proxies, so make the option visible for the user
2014-10-21 15:39:24 -05:00
db7c420d8d
Merge the latest changes
2014-10-21 13:49:42 -05:00
f9f8c413a8
Derp, ssh modules don't include Tcp for #proxies
2014-10-21 13:28:13 -05:00
79d393c5aa
Resolve merge conflicts
...
Conflicts:
lib/msf/core/exploit/smb.rb
lib/msf/core/exploit/tcp.rb
modules/auxiliary/scanner/http/axis_login.rb
2014-10-21 13:06:35 -05:00
4705aeb762
Restore tcp evasions to ftp, pop3, vnc
2014-10-21 11:06:55 -05:00
7d150ce0dd
Add tcp evasions to mysql
2014-10-21 10:05:18 -05:00
e76ee294a1
Restore tcp evasions to telnet
2014-10-21 09:44:55 -05:00
82b74d5f3c
Fixes to MyBook Live Module
...
This commit contains three fixes as requested on PR
#4003 . Those include:
+ Removing extraneous puts statement
+ Checking for valid response
+ SSL support.
2014-10-21 00:50:40 +00:00
70b13819d9
Adding Login Scanner for MyBook Live
...
This is a LoginScanner auxiliary module for Western
Digital MyBook Live NAS devices as well as the spec
for testing.
2014-10-21 00:50:40 +00:00
d6f4c02c2a
Land #3979 , @wchen-r7 fixes #3976 , http_login not using TARGETURI, neither uri normalization
2014-10-20 18:10:57 -05:00
74ac16081f
Land #3981 , @wchen-r7 Fixes #3974 , axis_login.rb does not normalize URI
2014-10-20 17:51:13 -05:00
935a23296d
Updates to NAT-PMP, lands #4041
2014-10-20 11:26:26 -05:00
3051b6c5ba
Clean up exceptions
...
Of particular note is mysql, who was rescuing Rex::ConnectionTimeout
*after* Rex::ConnectionError, which never would have fired anyway.
2014-10-20 10:27:02 -05:00
b7d69bec83
Restore proxies to ssh scanners
2014-10-20 10:19:06 -05:00
2985b39267
Land #3980 , @wchen-r7 fixed #3975
2014-10-19 17:11:06 -07:00
c2174c7910
return if no version response received
2014-10-19 00:29:36 +02:00
329a600b84
Add tcp evasion options to mssql_login
2014-10-17 17:40:21 -05:00
10f3969079
Land #4043 , s/http/http:/ splat
...
What is a splat?
2014-10-17 13:41:07 -05:00
367ea5d3db
Add disclosure date
2014-10-17 12:35:28 -05:00
ccdaf2b576
Fix the banner
...
Turns out these will be broken in outstanding PRs for a while. At least
they won't be merge conflicts.
2014-10-17 12:23:23 -05:00
35d3bbf74d
Fix up comment splats with the correct URI
...
See the complaint on #4039 . This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
ad501b25e4
Filename move to be less redundant
2014-10-17 11:25:14 -05:00
8fdae8fbfb
Move protocol and lifetime to mixin, use correct map_target if CHOST
2014-10-16 13:24:17 -07:00
40b360555f
Make the error message a little more useful
2014-10-16 12:47:13 -05:00
8cf10be779
Don't assume SSLv3 is set (kill FP+s)
2014-10-16 10:43:58 -05:00
0b67efd51e
Add a POODLE scanner and general SSL version scan
2014-10-16 10:27:37 -05:00
41a57b7ba5
Re-enable proxies for HTTP-based login scanners
2014-10-15 17:00:44 -05:00
07f2d4dafe
Further improvements to NAT-PMP. Faster, more useful, less not useful
2014-10-15 06:39:38 -07:00
592f1e9893
Land #3999 , errors on login suppressed by default
...
This also solved the merge conflict on:
modules/auxiliary/scanner/http/jenkins_login.rb
Fixes #3995 .
2014-10-14 16:35:09 -05:00
ea6824c46f
WIP of NAT-PMP rework
2014-10-14 14:20:24 -07:00
bdbad5a81d
Fix misaligned bracket
2014-10-14 13:43:59 -05:00
9f6008e275
A couple OSVDB updates for recent modules
2014-10-14 13:39:36 -05:00
56534e7ad3
Changed a login failed to vprint instead of print
...
People often like to supress failed attempts. Note that this change may
or may not have any effect, given the status of #3995 .
This module was introduced in PR #3947 .
2014-10-14 12:01:09 -05:00
621b9523b1
Update tnspoison_checker.rb
2014-10-13 22:05:08 +04:00
1996886ae9
Update tnspoison_checker.rb
2014-10-13 12:53:39 +04:00
22aabc7805
Add new module to test TNS poison
...
This module simply checks the server for vulnerabilities like TNS Poison
2014-10-13 12:21:07 +04:00
9500038695
Fix #3995 - Make negative messages less verbose
...
As an user testing against a large network, I only want to see
good news, not bad news.
2014-10-11 11:11:09 -05:00
260aa8dc22
Fix #3984 - Fix broken check for drupal_views_user_enum
2014-10-10 10:23:20 -05:00
472985a8a8
Adding Buffalo Linkstation NAS Login Scanner
...
I have added a login scanner for the Buffalo Linkstation
NAS. I have been testing against version 1.68 of the
firmware. Also included are some specs for this module.
2014-10-10 03:16:48 +00:00
aefd15c185
Land #3376 , ARRIS SNMP enumerator from @inokii
2014-10-09 15:28:06 -05:00
7d8eadada6
Fix #3974 - Validate and normalize URI for axis_login
2014-10-09 14:33:39 -05:00
c9c34beafa
Fix #3975 - Register TARGETURI, not URI
...
The module should register TARGETURI and call #target_uri for
URI validation.
2014-10-09 14:10:29 -05:00
d366cdcd6e
Fix #3976 - validate and normalize user-supplied URI for http_login.rb
...
URI should be validated and normalized before being used in an HTTP
request.
2014-10-09 12:14:33 -05:00
a535d236f6
Land #3947 , login scanner for jenkins by @nstarke
2014-10-09 12:59:02 -04:00
6ea530988e
Apply rubocop changes and remove multiline print
2014-10-09 12:57:39 -04:00
df0d4f9fb2
Fix #3973 - Unneeded datastore option URI
...
When Glassfish is installed, the web root is always /, so there is
no point to make this arbitrary.
2014-10-09 00:06:15 -05:00
328be3cf34
Fine Tuning Jenkins Login Module
...
At the request of the maintainers, I have deregistered the
RHOST option and made the failure proof a verbose only
print.
2014-10-08 17:53:21 -05:00
399a61d52e
Land #3946 , ntp_readvar updates
2014-10-06 21:57:57 -05:00
e1b0ba5d3d
Removing 'require pry'
...
I accidentally left a reference to pry in my code.
Removing
2014-10-06 21:40:39 -05:00
b8c2643d56
Converting Module to LoginScanner w/ Specs
...
The previous commits for this Jenkins CI module relied on an
obsolete pattern. Consequently, it was necessary to write
this module as a LoginScanner and incorporate the appropriate
specs so that the tests will run properly.
2014-10-06 21:14:10 -05:00
d3354d01f0
Fix #3808 - NoMethodError undefined method `map'
...
NoMethodError undefined method `map' due to an incorrect use of
load_password_vars
2014-10-06 15:42:51 -05:00
8c8ccc1d54
Update Authors
2014-10-06 11:30:39 -07:00
69400cf280
Fixing Author Declaration
...
I had accidentally listed myself three times as the author.
Fixing that issue so that I am only declaring myself once.
2014-10-05 23:17:28 -05:00
c0a3691817
Adding Jenkins-CI Login Scanner
...
Per Github issue #3871 (RM8774), I have added a
login scanner module for Jenkins-CI installations.
2014-10-05 22:08:34 -05:00
a65ee6cf30
Land #3373 , recog
...
Conflicts:
Gemfile
Gemfile.lock
data/js/detect/os.js
lib/msf/core/exploit/remote/browser_exploit_server.rb
modules/exploits/android/browser/webview_addjavascriptinterface.rb
2014-10-03 18:05:58 -05:00
a341756e83
Support spoofing source IPs for NTP readvar, include status messages
2014-10-03 14:05:57 -07:00
fa4414155a
Only include the exact readvar payload, not any padding
2014-10-03 13:58:13 -07:00
65c1a8230a
Address most Rubocop complaints
2014-10-03 13:47:29 -07:00
0715c671c6
Update NTP readvar module to detect DRDoS, UDPScanner to be faster
2014-10-03 13:28:30 -07:00
77bb2df215
Adds support for both CVEs, lands #3931
2014-10-01 17:06:59 -05:00
51bc5f52c1
Add CVE-2014-6278 support
...
Going with an OptEnum to simplify the code for now...
2014-10-01 16:40:55 -05:00
7e05ff343e
Fix smbdirect
...
Also some whitespace and a typo in output message
2014-10-01 16:02:59 -05:00
be1df68563
Remove auxiliary/scanner/elasticsearch/indeces_enum.rb
...
Time is up, so good bye.
2014-09-30 17:24:21 -05:00
5ea968f3ee
Update description to prefer the exploit module
2014-09-30 11:34:28 -05:00
162e42080a
Update title to reflect scanner status
2014-09-30 11:04:17 -05:00
12d7073086
Use idiomatic Ruby for the marker
2014-09-29 22:32:07 -05:00
71d6b37088
Fix bad header error from pure Bash CGI script
2014-09-29 22:25:42 -05:00
df44dfb01a
Add OSVDB and EDB references to Shellshock modules
2014-09-29 21:39:07 -05:00
64dbc396dd
Add header specification to check module, lands #3902
2014-09-27 12:58:29 -05:00
044eeb87a0
Add variable HTTP header
...
Also switch from OptEnum to OptString for flexibility.
2014-09-27 12:39:24 -05:00
c75a0185ec
Land #3897 - Fix check for apache_mod_cgi_bash_env & apache_mod_cgi_bash_env_exec
2014-09-26 17:06:23 -05:00
80d9af9b49
Fix spacing in description
2014-09-26 17:03:28 -05:00
9e540637ba
Add module for CVE-2014-5377 ManageEngine DeviceExpert User Credentials
2014-09-26 17:02:27 -05:00
3259509a9c
Use return
2014-09-26 16:04:15 -05:00
0a3735fab4
Make it better
2014-09-26 16:01:10 -05:00
3538b84693
Try to make a better check
2014-09-26 15:55:26 -05:00
f66c854ad6
Fix description to be less lulzy
2014-09-25 07:09:08 -05:00
9ed28408e1
Favor check_host for a scanner
2014-09-25 07:06:12 -05:00
62b74aeaed
Reimplement old check code I was testing before
...
I would like to credit @wchen-r7 for providing advice and feedback.
@jvazquez-r7, too! :)
2014-09-25 06:38:25 -05:00
d9120cd586
Fix typo in description
...
Running on fumes here...
2014-09-25 01:22:08 -05:00
790df96396
Fix missed var
2014-09-25 01:19:14 -05:00
e051cf020d
Add missed mixin
2014-09-25 01:14:58 -05:00
27b8580f8d
Add protip to description
...
This gets you lots of shells.
2014-09-25 01:10:22 -05:00
b1e9b3664e
Improve false positive check
2014-09-25 01:01:11 -05:00
8daf8d4339
Report vuln for apache_mod_cgi_bash_env
...
Now with fewer false positives! It's kinda like a check method.
2014-09-25 00:42:14 -05:00
5a59b7cd89
Fix formatting
2014-09-24 23:12:11 -05:00
e6f0736797
Add peer
2014-09-24 22:48:51 -05:00
8b6519b5b4
Revert shortened reference
...
But it's so long. :(
2014-09-24 22:43:33 -05:00
ecb10ebe28
Add variable HTTP method and other stuff
2014-09-24 22:41:01 -05:00
a600a0655d
Scannerify the module
2014-09-24 18:58:39 -05:00
5f6e84580c
Clean up and use Metasploit::Credential
2014-09-24 01:00:23 +00:00
259a368577
Land #3841 , @jabra-'s modifications to ssdp_amp to support spoofing
2014-09-22 12:28:46 -07:00
fc4c1907d3
Land #3839 , @jabra-'s updates to dns_amp to support spoofing
2014-09-22 12:14:39 -07:00
8f63075da4
Land #3837 , @jabra-'s update to chargen scanner to support spoofing
2014-09-22 12:02:01 -07:00
4e9f1282de
Land #3834 , @jabra-'s updates to UDPscanner to support spoofing
2014-09-22 11:49:53 -07:00
b7a0847114
SRC IP spoofing added to the SSDP amplification module
2014-09-20 21:37:01 -04:00
bb018de3a1
chargen src IP spoofing
2014-09-20 16:08:52 -04:00
3fb00ece9e
refactored the code based on PR feedback
2014-09-20 14:10:00 -04:00
405ac34a16
Fix author name
2014-09-19 13:56:13 -05:00
79d5fb56d4
Land #3829 , @jhart-r7's UDP emtpy probe scanner
2014-09-19 13:54:35 -05:00
737f77d31a
Cleaner output when PORTS is invalid
2014-09-19 11:12:14 -07:00
3493987300
report_service when we find something this way
2014-09-19 10:45:06 -07:00
Jon Hart
tate
William Vu
jvazquez-r7
Roberto Soares Espreto
Tiago Sintra
Tod Beardsley
sinn3r
HD Moore
Meatballs
Rich Whitcroft
Nikita
Jonathan Claudius
James Lee
nstarke
ikkini
URI Assassin
Spencer McIntyre
Brendan Coles
Josh Abraham