39aecb140a
Use the datastore option
2014-04-08 16:55:08 -05:00
496dd944e6
Add support for datastore TLSVERSION
2014-04-08 16:51:50 -05:00
d51aa34437
Use Random generation Time as pointed by @Firefart
2014-04-08 16:46:15 -05:00
d964243cc4
Move heartbeat length to a variable
2014-04-08 16:33:05 -05:00
3d6c553efd
Fix endianess
2014-04-08 16:29:31 -05:00
373b05c5aa
Minimize extensions in the Hello
2014-04-08 16:21:38 -05:00
3254cce832
Align comment
2014-04-08 16:04:38 -05:00
c20b71e7b6
Switch to vprint unless success
2014-04-08 16:03:38 -05:00
7dbd690c99
Add new references
2014-04-08 16:01:06 -05:00
a55579dd4a
Fix references
2014-04-08 15:56:56 -05:00
4004cd8f9a
Allow hello data to grow dinamically
2014-04-08 15:52:39 -05:00
b8e2c9fe42
Clean and fix @Firefart's code
2014-04-08 15:32:13 -05:00
80bdbbed92
Solve conflict
2014-04-08 15:18:38 -05:00
8c7debb81d
Added some comments and modified JABBER
2014-04-08 22:13:02 +02:00
021da84459
Add authors and switch and's format
2014-04-08 15:10:27 -05:00
9c053a5b91
Added additional protocols
2014-04-08 21:56:05 +02:00
5f29026cb2
Complete @Firefart's module
2014-04-08 14:13:56 -05:00
ac0cafcca6
Initial commit for openssl Heartbleed bug
2014-04-07 21:15:54 +02:00
7572d6612e
Spelling and grammar on new release modules
2014-04-07 12:18:13 -05:00
0c883723ba
Land #3149 - Oracle Demantra Arbitrary File Retrieval with auth bypass
2014-04-07 11:11:55 -05:00
31dfae3a01
Follow the 100 columns per line guideline
2014-04-07 11:10:20 -05:00
de242ecc00
Correct date format
...
Hmm weird, msftidy didn't pick this up
2014-04-07 11:09:27 -05:00
395f5beef8
Land #3178 , http header scan module
2014-04-04 11:36:35 -04:00
2b6ae68cbf
Minor modifications for http_header
2014-04-04 10:46:03 -04:00
e2cbcf3c5d
Land #3179 , @brandonprry AlienVault sqli aux module
2014-04-04 09:17:11 -05:00
ff6105e55d
Add check codes
2014-04-04 09:13:43 -05:00
44db611845
defaultoptions, not option
2014-04-04 05:55:35 -07:00
6f14cd225d
Do minor clean up
2014-04-03 23:22:44 -05:00
253a1c1f87
Land #3180 , EMC Cloud Tiering Appliance Unauthed XXE with root perms
2014-04-03 22:02:13 +02:00
a57da00932
fix refs line
2014-04-03 14:07:00 -07:00
51f83fccde
add some checks in vase the file wasn't retrievable
2014-04-03 14:04:05 -07:00
03559dedcd
Land #3187 - Changed OptString to OptRegexp
2014-04-03 14:52:59 -05:00
d995d84e91
Changed OptString to OptRegexp
2014-04-03 19:40:07 +02:00
b4aa08251f
changed option from string to regex
2014-04-03 19:34:40 +02:00
e2ded663a6
make more robust
2014-04-03 06:15:09 -07:00
53b8148438
make more random
2014-04-03 05:52:35 -07:00
77b64ee77d
make more random
2014-04-03 05:41:00 -07:00
a4adfac312
Added feedback for http_header module
2014-04-02 23:01:23 +02:00
75dc4c459b
msftidy
2014-04-02 13:22:21 -07:00
bb82277a41
msftidy
2014-04-02 13:20:13 -07:00
abc0b31f26
exploithub wat
2014-04-02 13:18:48 -07:00
765657d55a
alienvault module
2014-04-02 13:09:46 -07:00
d3f353118a
edb update
2014-04-02 13:06:54 -07:00
32cd846fe4
emc cta xxe module
2014-04-02 13:05:53 -07:00
69192edd4b
Added new http_header module
2014-04-02 22:04:54 +02:00
149948485a
Add CVE-2013-5877+CVE-2013-5880 for Oracle Demantra fixed issues
2014-04-01 12:28:41 -07:00
c37dbd104a
Clean up perms and whitespace for owa_login
2014-04-02 01:45:15 -05:00
2972220f60
Land #3047 for real.
...
Merge branch 'land-3047-really' into upstream-master
2014-04-01 13:16:13 -05:00
dfec2eb53f
Cleanup an expression and avoid fail_with
2014-03-31 18:05:20 -04:00
07e04717c2
Allow using a single URI and/or a list of URIs
2014-03-31 18:05:20 -04:00
b21d5c1801
use TARGET_URI if given, otherwise TARGET_URIS_FILE
2014-03-31 18:05:20 -04:00
5e9e7e15c8
Return whether result is nil or not.
2014-03-31 18:05:20 -04:00
0ac112b5e7
Support checking a single URI for ntlm information.
2014-03-31 18:05:19 -04:00
6474c7be5c
Land #3166 and also #3167
...
[Closes #3167 ]
2014-03-31 16:21:07 -05:00
3b6d73420e
Fix syntax error in dns_amp
2014-03-31 16:18:49 -05:00
d9df2fbf08
Land #3158 , msftidy rank check for aux modules
2014-03-31 15:17:30 -05:00
159bc264a4
unretards the uri normalize loop
2014-03-31 15:58:21 -04:00
2290249a42
uses fail_with to bomb out on datastore probs
2014-03-31 15:52:05 -04:00
4f121e3e03
fixes if-logic for error condition
2014-03-31 15:38:05 -04:00
894bbcae97
More fix-up on the DNS amplication scanner
2014-03-31 14:37:10 -05:00
4d597174d0
Merge up from upstream/master
2014-03-31 14:33:28 -05:00
387da26f8d
Land #3159 , HP LaserJet printer SNMP enumeration
2014-03-31 12:48:23 -05:00
c6ceb8cdfd
Land #2929 , DNS recursion amplification scanner
2014-03-31 12:47:46 -05:00
aaa15d13d9
Land #2928 , extended SMTP open relay checks
2014-03-31 12:47:10 -05:00
ffdca3bf42
Fixup on some modules for release
...
There may be more coming, but if not, this should cover
this week's minor style changes.
2014-03-31 12:42:19 -05:00
2530fb9741
adds the return back in (forgot in prev commit)
2014-03-28 19:27:04 -04:00
dc4b8461e8
unbreaks & DRYs my previous change.
2014-03-28 19:15:38 -04:00
c559a6b39f
fix description
...
(cherry picked from commit 7c860b9553
2014-03-28 17:36:21 -05:00
ae53d75cdb
Module to HP LaserJet Printer SNMP Enumeration
...
(cherry picked from commit f18fef1864
2014-03-28 17:36:21 -05:00
2344a9368e
Fix warnings generated by #3158
...
Keeping ManualRanking for DoS modules.
2014-03-31 12:35:15 -05:00
9374777da1
Land #2996 , @mcantoni's jboss status aux module
2014-03-28 16:07:08 -05:00
7689751c10
Module module location
2014-03-28 16:05:37 -05:00
e3ec0e7624
Clean up jboss_status module
2014-03-28 16:04:43 -05:00
5458200434
Fix a couple minor annoyances in PJL
2014-03-28 02:19:30 -05:00
c1fdc4d945
Fix a couple things that were bugging me
2014-03-28 02:15:38 -05:00
107901b481
Add CVE-2013-5877+CVE-2013-5880 for Oracle Demantra msftidy fix
2014-03-26 22:37:21 -07:00
30da3575e8
Add CVE-2013-5877+CVE-2013-5880 for Oracle Demantra
2014-03-26 21:53:12 -07:00
5b8d8d8009
Get Pro and Framework back in sync.
2014-03-26 09:25:19 -05:00
cd448ba46c
Land #3132 , ntp_monlist improvements
2014-03-25 15:19:45 -05:00
1c4797337f
Clean up rapid7/metasploit-framework#3132
2014-03-25 14:04:43 -05:00
d83f665466
Delete commas
2014-03-25 13:34:02 -05:00
e27adf6366
Fix msftidy warnings
2014-03-25 10:39:40 -03:00
473f745c3c
Add katello_satellite_priv_esc.rb
...
This module exploits a missing authorization vulnerability in the
"update_roles" action of "users" controller of Katello and Red Hat
Satellite (Katello 1.5.0-14 and earlier) by changing the specified
account to an administrator account.
2014-03-24 23:44:44 -03:00
460a1f551c
Fix for R7-2014-05
2014-03-24 14:12:12 -05:00
cd9182c77f
Msftidy warning fix on Joomla module.
...
Pre-commit hooks people.
2014-03-24 12:03:12 -05:00
312f117262
updates file read to close file more quickly
2014-03-21 14:53:15 -04:00
4b2a2d4dea
Improve NTP monlist auxiliary module
2014-03-21 16:39:53 +01:00
fbcd661504
removed snmp_enum_hp_laserjet from this pull request
2014-03-21 15:58:53 +01:00
aa26405c23
Cleanup an expression and avoid fail_with
2014-03-20 17:33:09 -04:00
0c4b71c8bf
Land #3094 - Joomla weblinks-categories Unauth SQLI Arbitrary File Read
2014-03-20 12:08:18 -05:00
93ad818358
Fix header and e-mail format for author
2014-03-20 12:07:50 -05:00
74398c4b6e
Allow using a single URI and/or a list of URIs
2014-03-20 09:54:02 -04:00
a8d919feb0
use TARGET_URI if given, otherwise TARGET_URIS_FILE
2014-03-19 23:32:04 -05:00
9b2cfb6c84
change default targeturi to something more universal
2014-03-19 21:03:50 -05:00
b52a535609
add official url
2014-03-19 20:41:32 -05:00
ab42cb1bff
better error handling for the user
2014-03-19 18:46:57 -05:00
b79920ba8f
Land #3089 , InvalidWordCount fix for smb_login
...
[FixRM #8730 ]
2014-03-19 16:12:56 -05:00
fe0b76e24e
Land #2994 - OWA 2013 support
2014-03-19 13:16:37 -05:00
2ef2f9b47c
use vars_get
2014-03-19 07:51:34 -07:00
920b2da720
Merge branch 'master' into joomla_sqli
2014-03-19 07:43:32 -07:00
jvazquez-r7
Christian Mehlmauer
Tod Beardsley
sinn3r
Spencer McIntyre
Brandon Perry
coma
William Vu
Joshua Smith
Matteo Cantoni
Ramon de C Valle
Brandon Turner
Brandon Perry