4c036e70c1
Fix http://seclists.org links to https://
...
I have no idea how this happened in my own code. I was seeing https://.
2018-09-15 18:54:45 -05:00
bd7ea1f90d
more updates, 465 more pages to go
2017-08-26 21:01:10 -04:00
e3265c4b1b
Land #8697 , fix oracle_hashdump and jtr_oracle_fast modules
2017-08-14 17:36:18 -04:00
6300758c46
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
772bec23a1
Fix various typos
2017-07-21 07:40:08 -07:00
ef826b3f2c
OCD - print_good & print_error
2017-07-19 12:48:52 +01:00
df9b642746
More print_status -> print_good
2017-07-19 11:39:15 +01:00
b8d80d87f1
Remove last newline after class - Make @wvu-r7 happy
2017-07-19 11:19:49 +01:00
4720d1a31e
OCD fixes - Spaces
2017-07-14 08:46:59 +01:00
67310fa96c
print_status -> print_good. [When it is successful, show it!]
2017-07-14 00:09:35 +01:00
6d7a066477
fixes oracle_hashdump and jtr_oracle_fast modules
...
fixes functionality in the oracle database hashdumper
and the oracle hash cracker modules
2017-07-10 16:57:57 -05:00
1558db375d
update CVE reference in where modules report_vuln
2017-06-05 16:36:44 -05:00
64452de06d
Fix msf/core and self.class msftidy warnings
...
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
2668a4a1cd
Fix #6993 , tnspoison_checker cleanup
2016-10-19 00:53:33 -05:00
3fd806b87f
Merge remote-tracking branch 'upstream/pr/6993' into land-6993
2016-10-11 09:33:26 -05:00
3e01dbfded
Fixed Space-Tab mixed indent warning
2016-10-01 15:13:26 +05:30
4227cb76a8
Fixed stack trace bug & verified logic
...
- Fixed stack trace bug when value of "packet" is nill.
- Verified logic of Oracle TNS Listener poisoning which requires an ACCEPT response to be marked as vulnerable.
2016-10-01 15:01:02 +05:30
eb73a6914d
replace old rex::ui::text::table refs
...
everywhere we called the class we have now rewritten it
to use the new namespace
MS-1875
2016-08-10 13:30:09 -05:00
0fa1fc50f8
Fixed false positive bug
...
Checking for "(ERROR_STACK=(ERROR=" is not enough to mark a target as vulnerable. TNS response packet bytes for "Accept" and "Refuse" are required to be sure.
Reference: https://thesprawl.org/research/oracle-tns-protocol/
2016-06-19 17:33:05 +05:30
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
2016-03-07 13:19:55 -06:00
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
17a1f2ee8a
Fix #6242 , Check nil for sock.read
...
Fix #6242
2015-11-16 14:24:46 -06:00
d55757350d
Use the latest credential API, no more report_auth_info
2015-09-04 03:04:14 -05:00
8785083722
Ensure disconnect
2015-08-24 12:36:15 -05:00
4bd40fed7f
yard doc and comment corrections for auxiliary
2015-04-03 16:12:23 +05:00
65b316cd8c
Land #4372
2014-12-11 18:48:16 -08:00
544f75e7be
fix invalid URI scheme, closes #4362
2014-12-11 23:34:10 +01:00
de88908493
code style
2014-12-11 23:30:20 +01:00
54158c8662
Land #4005 , TNS poison checker
2014-11-12 13:29:59 -06:00
d242bc220b
Minor fixups and disclosure date for TNS module
2014-11-12 13:25:10 -06:00
955a5142ca
Edit e-mail address for antispam
2014-11-12 13:19:04 -06:00
c0285067c9
Add new module to test TNS poison
...
msf auxiliary(tnspoison_checker) > show options
Module options (auxiliary/scanner/oracle/tnspoison_checker1):
Name Current Setting Required Description
---- --------------- -------- -----------
RHOSTS 172.16.2.100, 172.16.2.24, 172.16.2.101 yes The target address range or CIDR identifier
RPORT 1521 yes The target port
THREADS 1 yes The number of concurrent threads
msf auxiliary(tnspoison_checker) > exploit
[+] 172.16.2.100:1521 is vulnerable
[*] Scanned 1 of 3 hosts (033% complete)
[-] 172.16.2.24:1521 is not vulnerable
[*] Scanned 2 of 3 hosts (066% complete)
[-] 172.16.2.101:1521 unable to connect to the server
[*] Scanned 3 of 3 hosts (100% complete)
[*] Auxiliary module execution completed
2014-11-11 17:29:27 +03:00
35d3bbf74d
Fix up comment splats with the correct URI
...
See the complaint on #4039 . This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
621b9523b1
Update tnspoison_checker.rb
2014-10-13 22:05:08 +04:00
1996886ae9
Update tnspoison_checker.rb
2014-10-13 12:53:39 +04:00
22aabc7805
Add new module to test TNS poison
...
This module simply checks the server for vulnerabilities like TNS Poison
2014-10-13 12:21:07 +04:00
bebf11c969
Resolves some Login::Status migration issues
...
MSP-10730
2014-07-16 21:52:08 -05:00
aeda74f394
Merge branch 'master' into staging/electro-release
...
Conflicts:
Gemfile
Gemfile.lock
2014-07-07 16:41:23 -05:00
68ba79aa16
Remove access_level, since we don't have access
2014-07-01 17:53:18 -05:00
5fa0981026
Add login and move print_status
2014-07-01 17:48:42 -05:00
864f0f1bbc
Update description, loot -> creds
2014-07-01 11:46:21 -05:00
3079c47d41
Refactor oracle_hashdump creds
2014-07-01 01:07:22 -05:00
cf720a88e8
Be verbose about error codes
2014-06-30 19:10:03 +01:00
7f59cf5035
Ora XID HTTP needn't edit DBUSER (@cellabosm)
...
Looks like copypasta artifacts. DBUSER and DBPASS aren't ever set as
options in the module, and the module doesn't include MC's
Exploit::ORACLE mixin. It's also from four years ago and doesn't
report_auth or anything useful like that, but that's out of scope for
this branch.
2014-05-23 15:20:46 -05:00
2c485c509e
Fix caps on module titles (first pass)
2013-11-15 00:03:42 -06:00
032da9be10
Land #2426 - make use of Msf::Config.data_directory
2013-10-21 13:07:33 -05:00
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
7ba846ca24
Find and replace
2013-09-26 20:34:48 +01:00
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
William Vu
h00die
Brent Cook
g0tmi1k
David Maloney
Jeffrey Martin
Sonny Gonzalez
Interference Security
Christian Mehlmauer
wchen-r7
jvazquez-r7
root
Jon Hart
Tod Beardsley
Nikita
URI Assassin
Trevor Rosen
Meatballs