cdc82891d8
Fix the issue 7593 where I get a stacktrace when running module auxiliary/scanner/http/blind_sql_query
...
Add a guard against the case when opts['vars_get'] is nil
2016-11-21 17:39:09 -06:00
1644a1e20b
Change how we populate workgroup/domain data
2016-10-19 17:24:26 -05:00
95294b00d1
Whitespace
2016-10-19 17:13:07 -05:00
078496437f
Make sure that the ntlm blob data is pasrsed into UTF-8
2016-10-19 17:11:04 -05:00
fe36801918
Changed to convert hostnames and domains to UTF-8 rather than ANSI
...
after pulling them from the NTLM blob
2016-10-11 15:51:50 -05:00
332ba47356
refactored blob parsing to get unicode, but break everything else
2016-09-16 11:22:53 -05:00
b5ae287235
ensure that default_name, dns_host_name, and dns_domain_name are set
2016-09-13 18:32:59 -05:00
1d4b0de560
Land #6616 , Added an Outlook EWS NTLM login module.
2016-09-09 11:43:52 -05:00
a30711ddcd
Land #7279 , Use the rubyntlm gem (again)
2016-09-07 16:33:35 -05:00
1f5fbd4a67
Put remaining consts in exploit mixin...
2016-07-27 17:43:29 -05:00
bdf073516b
Switch errors over to windows_error gem...
2016-07-27 17:43:00 -05:00
01d0d1702b
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup
2016-07-14 09:48:28 -05:00
11685b7c6b
Set the server challenge key
2016-07-07 15:00:42 -05:00
cfb56211e7
Revert "Revert "Land #7009 , egypt's rubyntlm cleanup""
...
This reverts commit 1164c025a2
2016-07-07 15:00:41 -05:00
1164c025a2
Revert "Land #7009 , egypt's rubyntlm cleanup"
...
This reverts commit d90f0779f8e3e360cc83
2016-07-05 15:22:44 -05:00
ee2d1d4fdc
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup
2016-06-28 15:00:35 -05:00
6072697126
continued
2016-06-22 14:54:00 -05:00
4b3f6c5d29
Use rubyntlm for mssql login scanner
2016-06-22 10:15:22 -05:00
039e8f5899
Use rubyntlm for HTTP Negotiate auth
2016-06-22 10:15:22 -05:00
c2a063c8ae
Start using rubyntlm for ssp auth
2016-06-22 10:15:16 -05:00
fda4c62c1f
Respect SSLCipher in server mixins
...
This allows us to set a sane cipher spec for SSL-enabled server modules.
2016-05-20 16:59:36 -05:00
d4b89edf9c
Fix #6398 , Missing Content-Length header in HTTP POST
...
RFC-7230 states that a Content-Length header is normally sent in
a POST request even when the value (length) is 0, indicating an
empty payload body. Rex HTTP client failed to follow this spec,
and caused some modules to fail (such as winrm_login).
Fix #6398
2016-04-28 11:44:10 -05:00
5e36a3128c
Fix #5197 , Fixed yard doc errors
...
Fix #5197 Fixed issues that caused errors during yard doc generation
2016-04-21 13:06:00 -05:00
3e0f8d67c9
Use #strip to more correctly simulate #blank?
...
See f900d9cf26
2016-03-07 13:14:37 -06:00
289f43bb80
Land #4848 , remove some reliance on rails libraries from rex
2016-03-07 07:38:30 -06:00
4b10331cf0
style fixups
2016-03-01 10:18:25 -05:00
bff4b4d5fc
Fix #6609 and #6587 - Change Content-Length behavior in Rex HTTP
...
This patches changes two things:
1. If a module has a custom Content-Length, it will respect that
instead of forcing its own.
2. If a request does not have anything in the body, the
Content-Length header will not be set.
Fix #6609
Fix #6587
2016-02-29 10:50:21 -06:00
f735a904ff
create owa_ews_login module, modify HttpClient to accept preferred_auth option
2016-02-28 22:01:05 -05:00
3d1861b3f4
Land #6526 , integrate {peer} string into logging by default
2016-02-15 15:19:26 -06:00
ad026b3a7a
Add #peer to Tcp
2016-01-28 13:58:24 -06:00
d6facbe339
Land #6421 , ADB protocol and exploit
2016-01-22 20:45:44 -06:00
00f1511b46
Use the right op for the data checksum.
2016-01-03 01:48:25 -06:00
849857a418
Fix spacing issues in message.rb.
2016-01-02 22:57:26 -06:00
6668dbec41
Remove stray binding.pry.
2016-01-02 22:50:06 -06:00
dcd36b74db
Last mile polish and tweaks.
2016-01-02 22:41:38 -06:00
9c85c5d4fe
Add newline.
2016-01-02 01:17:28 -06:00
a88471dc8d
Add ADB client and module for obtaining shell.
2016-01-02 01:13:53 -06:00
e23b5c5435
Land #6179 , add NTP initial crypto nak spoofing module
2015-12-24 15:46:18 -06:00
d6921fa133
Add Atlassian HipChat for Jira Plugin Velocity Template Injection
...
CVE-2015-5603
Also fixes a bug in response.rb (Fix #6254 )
2015-11-18 11:34:25 -06:00
00d09744fb
Land #6118 , @wchen-r7's new methods for Rex HTTP response
2015-11-03 10:42:42 -06:00
ced20ba51c
Refactor NTP symmetric packet creation; add vuln detection to NAK to the future
2015-11-02 12:46:58 -08:00
1805774b16
Resolve #6020 , Better RPC exception handling
...
Resolve #6020 . Avoid trying to rescue RuntimeError.
2015-10-28 11:16:44 -05:00
f2b6d37630
Add WIP module for Cisco Talos' NTP 'NAK to the future'
2015-10-27 18:10:07 -07:00
f6b9f38326
This method is not needed because Nokogiri does that already
2015-10-23 19:38:17 -05:00
065d042ec4
Update doc a little bit
2015-10-21 16:29:27 -05:00
12cdd786a6
Add more Nokogiri and RKelly support for Rex::Proto::Http::Response
...
These new methods allow the module writer to being able to parse
HTML/XML/JSON responses properly without using regex first.
2015-10-21 16:26:31 -05:00
157bab4f0d
Land #5518 , TFTP::Client retransmit lost data blocks on upload
2015-09-23 21:58:42 -05:00
9e98385417
Fix #5716 by correctly setting the data length
2015-09-02 15:16:25 -05:00
407d701fd9
Remove unnecessary version_random_case option
2015-08-20 10:05:16 -07:00
2e4944b8ec
Remove unnecessary version_random_case option
2015-08-20 10:05:04 -07:00
Jin Qian
Brendan
Brent Cook
Pearce Barry
David Maloney
James Lee
Adam Cammack
wchen-r7
thao doan
William Vu
rwhitcroft
joev
jvazquez-r7
Jon Hart
HD Moore