wchen-r7
4dcddb2399
Fix #4885 , Support basic and form auth at the same time
...
When a module uses the HttpClient mixin but registers the USERNAME
and PASSWORD datastore options in order to perform a form auth,
it ruins the ability to also perform a basic auth (sometimes it's
possible to see both). To avoid option naming conflicts, basic auth
options are now HTTPUSERNAME and HTTPPASSWORD.
Fix #4885
2016-05-27 16:25:42 -05:00
Brent Cook
c7cbaa08c8
Land #6576 , add Search Engine Subdomains Collector (Bing / Yahoo / ..)
2016-05-14 10:50:53 -05:00
wchen-r7
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
join-us
81af4d2675
Fix: merge error
2016-04-23 23:19:08 +08:00
join-us
1d99d08ac8
rebuild
2016-04-23 23:15:19 +08:00
join-us
de9ac28db1
class Metasploit4 -> class MetasploitModule
2016-04-23 23:03:48 +08:00
join-us
e2fcfc8d09
fix index / space
2016-04-23 23:02:41 +08:00
join-us
fca4d53a6f
add yahoo_search / bing_search exception handler
2016-04-23 22:58:39 +08:00
join-us
d9633078ec
merge yahoo_search_domain[ip] / bing_search_domain[ip]
2016-04-23 22:45:47 +08:00
join-us
66c0832f27
add Rex::Socket.getaddresses exception handler
2016-04-23 20:09:12 +08:00
join-us
b47b83dfaa
add results.nil? / results.empty? check
2016-04-23 19:47:33 +08:00
join-us
7579abb34e
report_note in a line
2016-04-23 19:43:44 +08:00
join-us
55e31bacee
add exception handler
2016-04-23 19:01:55 +08:00
join-us
73121f7e2f
add vprint_good
2016-04-23 18:50:48 +08:00
join-us
bc1f829fe5
class Metasploit4 -> class MetasploitModule
2016-04-23 17:36:22 +08:00
join-us
815a918a72
deprecate auxiliary/gather/dns_srv_enum
2016-04-12 08:44:47 +08:00
join-us
2bbb58d57e
deprecate auxiliary/gather/dns_reverse_lookup
2016-04-12 08:44:21 +08:00
join-us
5e1c540d31
deprecate auxiliary/gather/dns_info
2016-04-12 08:43:50 +08:00
join-us
67f8b309c6
deprecate auxiliary/gather/dns_cache_scraper
2016-04-12 08:43:23 +08:00
join-us
66ec001110
deprecate auxiliary/gather/dns_bruteforce
2016-04-12 08:42:56 +08:00
Jon Hart
a37f9c9eda
Clarify note type
2016-04-08 18:35:43 -07:00
Jon Hart
44a98cc36f
Correct overly aggressive style cleanup
2016-04-08 18:00:03 -07:00
Jon Hart
7ce5c07c03
Minor style cleanup
2016-04-08 17:39:32 -07:00
Jon Hart
7c70a554ea
Merge branch 'pr/6187' into pr/fixup-6187 for pre-master merge testing
2016-04-08 16:56:38 -07:00
all3g
616bb8399f
remove db_filter / format a json data
2016-04-06 18:39:34 +08:00
wchen-r7
51b8b4a4d1
Bring #6404 up to date with upstream-master
2016-04-04 16:35:58 -05:00
wchen-r7
da3388248a
Uses #blank?
2016-04-04 16:34:49 -05:00
wchen-r7
5a6d1ee0a9
Uses MetasploitModule class name
2016-04-04 16:30:55 -05:00
wchen-r7
8bf039a69e
ignore_items! should not be used in a loop
...
because it's not necessary.
2016-03-22 15:56:38 -05:00
wchen-r7
8836393cb1
Add aux module to gather browser information.
2016-03-22 13:56:12 -05:00
James Lee
1375600780
Land #6644 , datastore validation on assignment
2016-03-17 11:16:12 -05:00
Adam Cammack
05f585157d
Land #6646 , add SSL SNI and unify SSLVersion opts
2016-03-15 16:35:22 -05:00
wchen-r7
38153d227c
Move apache_karaf_command_execution to the SSH directory
...
apache_karaf_command_execution does not gather data, therefore
it is not suitable to be in the gather directory.
2016-03-14 00:32:59 -05:00
Christian Mehlmauer
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
Brent Cook
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
.
2016-03-07 13:19:55 -06:00
Brent Cook
44990e9721
Revert "change Metasploit4 class names"
...
This reverts commit 3da9535e22
.
2016-03-07 13:19:48 -06:00
Christian Mehlmauer
3da9535e22
change Metasploit4 class names
2016-03-07 09:57:22 +01:00
Christian Mehlmauer
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
Brent Cook
eea8fa86dc
unify the SSLVersion fields between modules and mixins
...
Also actually handle the 'Auto' option that we had in the crawler and remove
hardcoded defaults in modules that do not need them.
2016-03-06 22:06:27 -06:00
Brent Cook
c7c0e12bb3
remove various module hacks for the datastore defaults not preserving types
2016-03-05 23:11:39 -06:00
wchen-r7
d14ec657e2
Land #6564 , Add Apache Karaf Command Execution Module
2016-02-25 14:47:40 -06:00
wchen-r7
1d2ec7a239
Rescue OpenSSL::Cipher::CipherError
...
Our current net/ssh library is out of date, so we need to rescue
OpenSSL::Cipher::CipherError.
2016-02-25 14:46:53 -06:00
nixawk
6ef4026698
get_ptr - save_note(ip, 'get_ptr', records)
2016-02-25 21:43:13 +08:00
nixawk
dfff94a243
save ip/domain relationships
2016-02-25 21:14:40 +08:00
nixawk
f0da8e9adf
bing_search - ConnectionTimeout
2016-02-23 18:56:34 +08:00
Vex Woo
91822f2861
Merge pull request #12 from jhart-r7/pr/fixup-6187
...
More fixup for #6187 (auxiliary/gather/enum_dns)
2016-02-19 19:12:17 +08:00
Jon Hart
1f5285bca7
Better handling of AXFR if ns records won't resolve on target NS
2016-02-18 22:15:06 -08:00
nixawk
0e185a34bf
get_ns / notes nameservers
2016-02-19 14:03:05 +08:00
Jon Hart
42c64b51bb
Remove all report_host instances in enum_dns
...
the forced resolution of names won't fly
2016-02-18 21:41:51 -08:00
Jon Hart
65a3cc2921
Remove duplicated SIP SRV record lookup
2016-02-18 21:41:09 -08:00
nixawk
da3c382869
add function domain2ip
2016-02-19 12:35:31 +08:00
nixawk
4ef5cf420c
rename the module
2016-02-19 11:18:55 +08:00
nixawk
a87c503ae4
merge bing/yahoo subdomains search
2016-02-19 11:17:08 +08:00
nixawk
9afe5517f7
return unless domains -> return if domains.empty?
2016-02-18 10:26:45 +08:00
nixawk
15f6992aec
add yahoo_search_domain(domain) / yahoo_search_ip(ip)
2016-02-18 00:03:28 +08:00
nixawk
29185271a7
report domains/ips to (notes / hosts)
2016-02-17 11:41:59 +08:00
Brent Cook
3d1861b3f4
Land #6526 , integrate {peer} string into logging by default
2016-02-15 15:19:26 -06:00
nixawk
2428d5127c
add Yahoo Search Engine Subdomains Collector
2016-02-16 03:11:38 +08:00
Nicholas Starke
3416a24dda
Adding vprint_status for loot path
...
Adding a vprint_status to show users the loot
path as per a comment on the pull request.
2016-02-14 11:19:20 -06:00
Nicholas Starke
cdaa2a8c43
Adding Apache Karaf Command Execution Module
...
This module establishes an SSH session using default
credentials and then executes a user defined operating system
command. This is part of GitHub Issue #4358 .
2016-02-10 16:48:08 -06:00
Jon Hart
55c8d23e1f
Handle refused connections during axfr
2016-02-04 09:23:49 -08:00
Jon Hart
52d81f7e93
More/better status printing for big query types
2016-02-04 09:18:26 -08:00
Jon Hart
c025458d22
More consistent record type printing
2016-02-04 09:12:36 -08:00
Jon Hart
c630f791c3
Remove loot storage from enum_dns. Loot is appropriate for this use case
2016-02-04 09:10:08 -08:00
Jon Hart
4408742930
Fix storage of SRV record notes
2016-02-04 09:08:21 -08:00
Jon Hart
ef75845d01
Better fetching/saving of SRV records
2016-02-03 13:07:20 -08:00
James Lee
8094eb631b
Do the same for aux modules
2016-02-01 16:06:34 -06:00
Jon Hart
1749932bb4
Cleanup loot saving output
2016-01-28 14:16:47 -08:00
Jon Hart
6646785902
Don't enumerate other possible domains via TLD expansion by default
2016-01-28 14:09:09 -08:00
Jon Hart
86e7cd92c0
Minor style nit on printed NS records
2016-01-28 14:08:20 -08:00
Christian Mehlmauer
484d57614a
remove re-registered ssl options
2016-01-22 09:54:52 +01:00
nixawk
643ebfed7e
format print_status output for get_srv/get_tld
2016-01-16 11:21:16 +08:00
nixawk
e491502023
handle exception - ResolverArgumentError
2016-01-12 00:48:02 +08:00
nixawk
408b8fa4fd
handle exception - (get_tld - ArgumentError / get_mx - SocketError)
2016-01-07 00:54:03 +08:00
nixawk
eecd75262c
handle exception - (get_tld - ArgumentError / get_mx - SocketError)
2016-01-07 00:25:28 +08:00
nixawk
71acff5733
output scan results (set VERBOSE false)
2016-01-06 23:55:48 +08:00
nixawk
a477868efb
add ENUM_BRT switch to def get_a(domain)
2015-12-30 13:15:43 +08:00
nixawk
5bd380c7bd
remove vprint_status / zone transfer - Handle Errno::ETIMEDOUT Exception
2015-12-30 12:06:54 +08:00
nixawk
e172d60e8e
rename STOP_STORE_LOOT to STORE_LOOT
2015-12-30 10:13:05 +08:00
nixawk
3edd00f2ec
(description) dns MX to DNS MX / change default options from false to true
2015-12-30 10:07:38 +08:00
nixawk
7d3978b146
Fix: save_root - Auxiliary failed: ArgumentError wrong number of arguments (5 for 7)
2015-12-29 19:59:56 +08:00
nixawk
8830a0630d
Review - add options / threads / report_service / STORE_LOOT / ...
2015-12-29 19:43:52 +08:00
Brendan Coles
9bed78701d
Replace module actions with REG_DUMP_* options
2015-12-28 21:10:43 +00:00
Brendan Coles
ceef02e8b2
Add Snare Lite for Windows Registry Access module
2015-12-28 15:16:21 +00:00
wchen-r7
74e1b8d5ac
Fix res nil
2015-11-24 00:15:05 -06:00
wchen-r7
95ca288f9d
Modify check
2015-11-23 20:33:14 -06:00
wchen-r7
09e6a54886
In case anonymous is not allowed for decryption
2015-11-23 20:26:41 -06:00
wchen-r7
20ba10d46c
Spaces, how dare you
2015-11-23 16:45:02 -06:00
wchen-r7
faab28f1d6
Add Jenkins Domain Credential Discovery Auxiliary Module
2015-11-23 16:23:59 -06:00
aushack
1410d03386
Fixed msftidy capitalisation.
2015-11-22 14:32:51 +11:00
aushack
fc46ce0ced
Bring module title in line with other WP modules.
2015-11-22 13:39:45 +11:00
William Vu
32faf7a8d4
Fix #6183 , hard tabs fix
2015-11-10 16:48:03 -06:00
William Vu
a9fe09497e
Fix hard tabs
...
Mixing tabs and spaces? Seriously?
2015-11-10 16:47:29 -06:00
William Vu
8dc636507b
Land #6183 , dns_srv_enum updates
2015-11-10 16:44:27 -06:00
William Vu
e98570cbd1
Clean up module
2015-11-10 16:44:10 -06:00
fraf0
970c5da9a6
Update dns_srv_enum.rb
2015-11-07 20:01:26 +01:00
fraf0
730f6b2326
Update dns_srv_enum.rb
...
Remove some comment following message on pull-request.
2015-11-07 15:23:32 +01:00
nixawk
2adcd0a0d2
add references
2015-11-05 23:45:29 +00:00
dmohanty-r7
a71d7ae2ae
Land #6089 , @jvazquez-r7 Fix HTTP mixins namespaces
2015-11-05 16:56:41 -06:00
nixawk
d63f7c843e
enum_dns - review
2015-11-05 10:09:54 +00:00
fraf0
3739a2fb72
Update dns_srv_enum.rb
2015-11-03 16:59:55 +01:00
fraf0
f1feccfd7c
Update dns_srv_enum.rb
2015-11-03 16:53:26 +01:00
Louis Sato
57304a30a8
Land #6139 , remove bad ref links
2015-10-29 16:00:43 -05:00
wchen-r7
93df45eff1
Land #6138 , Land joomla plugin com_realestatemanager Error Based SQLi
2015-10-28 13:36:14 -05:00
wchen-r7
09b79414ee
Report hash
2015-10-28 13:33:00 -05:00
wchen-r7
154fb585f4
Remove bad references (dead links)
...
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
William Vu
9041f95511
Perform final cleanup
2015-10-27 11:21:17 -05:00
nixawk
132cbf0cd7
joomla plugin com_realestatemanager Error Based SQL Ijnection
2015-10-27 15:18:17 +00:00
Brandon Perry
c7fe014854
remove global variables
2015-10-26 17:13:51 -05:00
Brandon Perry
8b4f2290ed
no more session ids in desc
2015-10-25 11:01:17 -05:00
nixawk
f738dd2acb
replace print_* with vprint_* / fix check method
2015-10-25 06:57:56 +00:00
nixawk
a6628110f6
rebuild joomla_contenthistory_sqli (cve-2015-7297)
2015-10-25 03:56:36 +00:00
Brandon Perry
949a4c797b
Update joomla_contenthistory_sqli.rb
2015-10-23 09:33:12 -05:00
Brandon Perry
07d549d783
Update joomla_contenthistory_sqli.rb
...
Remove sessions for now
2015-10-23 09:32:15 -05:00
Brandon Perry
e4281dd1fb
Create joomla_contenthistory_sqli.rb
2015-10-22 15:05:02 -05:00
fraf0
4e50f3ebde
Update dns_srv_enum.rb
...
Patch for :
- Split record srvrcd one entry by line for readability.
- Add record for Default-First-Site-Name :
(according to https://technet.microsoft.com/en-us/library/cc759550%28v=ws.10%29.aspx )
'_gc._tcp.Default-First-Site-Name._sites.',
'_kerberos._tcp.Default-First-Site-Name._sites.',
'_kerberos.tcp.Default-First-Site-Name._sites.dc._msdcs.',
'_ldap._tcp.Default-First-Site-Name._sites.',
'_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.',
'_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.',
- Remove double entry '_kerberos.tcp.dc._msdcs.'
- Add fqdn query in logs.
- Add report_note to store and preserve the fqdn query.
Ps : I'm not very familiar with the code and patch rules for modules. Thank you to excuse my eventual errors.
2015-10-21 18:27:14 +02:00
jvazquez-r7
cf9ddbb701
Update moduels using Msf::HTTP::Wordpress
2015-10-15 11:47:13 -05:00
HD Moore
cd2e9d4232
Move Msf::Java to the normal Msf::Exploit::Remote namespace
2015-10-09 13:24:34 -07:00
William Vu
2e2d27d53a
Land #5935 , final creds refactor
2015-10-01 00:25:14 -05:00
HD Moore
cddf72cd57
Show errors when no results are found
2015-09-10 14:05:40 -07:00
wchen-r7
5646f2e0c4
successful status should include last_attempted_at
2015-09-04 13:45:44 -05:00
wchen-r7
cf6d5fac2a
Use the latest cred API, no more report_auth_info
2015-09-04 13:43:15 -05:00
wchen-r7
d55757350d
Use the latest credential API, no more report_auth_info
2015-09-04 03:04:14 -05:00
wchen-r7
0c7d2af6bc
Land #5750 , Add WP All In One Migration Export Module
2015-08-28 14:12:14 -05:00
wchen-r7
837b6a4f71
Update description
2015-08-28 14:11:51 -05:00
wchen-r7
d2e758ac8b
Better failure handling
2015-08-28 14:08:29 -05:00
jvazquez-r7
1558fabdb2
Land #5844 , @joevennix updates apple_safari_webarchive_uxss to use the webarchive mixin
2015-08-21 17:27:56 -05:00
jvazquez-r7
a560496455
Do minor ruby style fixes
2015-08-14 14:50:03 -05:00
jvazquez-r7
82193f11e7
Minor js fixes
2015-08-14 14:45:48 -05:00
Tod Beardsley
e4cb6872f2
Add exploit for CVE-2015-4495, Firefox PDF.js
2015-08-14 12:07:15 -05:00
joev
0615d908c4
Update description to explain quarantine effects.
2015-08-13 23:46:37 -05:00
joev
84144bf6cf
Update webarchive_uxss to use the webarchive mixin.
...
- Fixes extension installation to use a new window, not an iframe
- Steals the entire cookie file
- Removes cache poisoning scripts, which no longer seem to work
2015-08-13 23:41:27 -05:00
Tod Beardsley
50041fad2a
Pre-Bloggery cleanup
...
Edited modules/auxiliary/gather/lansweeper_collector.rb first landed in
and minor description word choice changes.
Edited modules/auxiliary/server/browser_autopwn2.rb first landed in
options. Also removed from the description the missing options of
'WhiteList' and 'RealList' -- those don't appear to be available
according to `show options` and `show advanced`, @wchen-r7.
Edited modules/post/multi/recon/local_exploit_suggester.rb first landed
in #5823 , mv local_exploit_{suggestor,suggester} for minor description
cleanup and axing the description of the SHOWDESCRIPTION option (it's
already described identically on the option itself).
2015-08-13 12:33:04 -05:00
jvazquez-r7
67f661823a
Land #5614 , @cldrn's module to collect lansweeper credentials
2015-08-04 16:55:49 -05:00
jvazquez-r7
ed3f993b75
Do some style fixes
2015-08-04 16:41:15 -05:00
jvazquez-r7
0e3434ebad
Fix metadata
2015-08-04 16:28:50 -05:00
HD Moore
7681d73e01
Relocate Webarchive into the Exploit namespace, fixes #5717
2015-07-28 04:11:17 -07:00
Tod Beardsley
e32b3c71f4
Fix ZDI ref on sandbox escape module
2015-07-23 17:11:19 -05:00
rastating
d3f31fb56a
Fix msftidy results
2015-07-21 21:29:44 +01:00
rastating
55be2eff06
Replace return with fail_with
2015-07-21 21:25:42 +01:00
rastating
c63fdad1f1
Add URL reference
2015-07-20 18:15:17 +01:00
rastating
f1a909c292
Add WP All In One Migration export module
2015-07-20 18:13:32 +01:00
William Vu
53bcee011b
Land #5709 , s/Filed/Failed/ typo fixes
2015-07-13 18:37:46 +00:00
wchen-r7
884b779b36
Land #5593 , CVE-2015-1155 Safari file:// Redirection Sandbox Escape
2015-07-13 11:28:39 -05:00
Mo Sadek
d1f23c54c7
Changed Filed to Failed on line 43 in java_rmi_registry.rb
2015-07-13 10:33:15 -05:00
cldrn
d3902771b6
Fixes call to the credentials API and adds version info
2015-07-07 13:48:16 -05:00
Donny Maasland
a9edfa1b4b
Fix a small typo
2015-07-06 13:37:36 +02:00
joev
b577f79845
Fix some bugs in the safari file navigation module.
2015-07-05 16:46:18 -05:00
cldrn
355738909a
Fixes typo
2015-06-28 09:32:16 -05:00
cldrn
5c18fc82f2
Stores credentials using create_credential_login
2015-06-28 09:24:31 -05:00
cldrn
b332b25795
Stores credentials in DB, fixes loop variable and nil dereference bug
2015-06-27 19:06:15 -05:00
jvazquez-r7
52b49503a0
Land #5498 , @hmoore-r7's patch for a number of Net::DNS/enum_dns issues
2015-06-26 18:25:03 -05:00
cldrn
2968f52ca4
Removes debug sql output
2015-06-26 12:22:34 -05:00
cldrn
a338920cb3
lansweeper_collector retrieves and decrypts credentials store in the database of Lansweeper
2015-06-26 12:21:35 -05:00
cldrn
7f4a96f3dc
Fixes coding style issues
2015-06-26 03:29:17 -05:00
cldrn
3da3595181
MSF module to download and decrypt credentials stored in Lansweeper's database
2015-06-25 19:29:30 -05:00
joev
8b6fba4988
Tweak and fix some things in Safari file URL module.
2015-06-24 02:08:06 -05:00
Tod Beardsley
18a9585f7a
Add safari module for CVE-2015-1155
2015-06-23 16:15:50 -05:00
Brent Cook
bf170a195d
the API sometimes returns negative percents - treat these as 0
2015-06-19 11:38:36 -05:00
Brent Cook
5a277389f2
remove some trailing commas
2015-06-19 11:38:22 -05:00
Denis Kolegov
c3d2797f10
Fixed Info fields
2015-06-16 04:22:22 -04:00
Denis Kolegov
2778274e47
Added new SSL Labs API fields and fixed minor errors
2015-06-16 02:59:12 -04:00
Tod Beardsley
0d979f61ae
Minor fixups on newish modules
2015-06-10 11:09:42 -05:00
HD Moore
c80017992a
A dirty patch for a number of Net::DNS/dns_enum issues
2015-06-06 13:48:52 -05:00
jvazquez-r7
843572df6d
Change module filename
2015-05-29 16:14:16 -05:00
jvazquez-r7
acb0af3826
Update description
2015-05-29 16:13:43 -05:00
jvazquez-r7
39ae6263e9
Use Rex::Text.encode_base64
2015-05-29 16:12:21 -05:00
jvazquez-r7
8338b21f6c
Make some code cleanup
2015-05-29 16:04:29 -05:00
Nicholas Starke
a3ff9859c8
Adding Credentials Capabilities
...
This commit adds the ability for credentials
to be retrieved via the 'creds' command. It
also contains a few miscellaneous stylistic
syntax changes.
2015-05-24 15:03:06 -05:00
Nicholas Starke
9430d38a09
Adding AVTECH744_DVR Module
...
This module retrieves account information from
an AVTECH 744 DVR, including username, cleartext
password, account role, and the device PIN.
2015-05-21 16:33:06 -05:00
jvazquez-r7
a5267ab77e
Land #4940 , @dnkolegov's modules for F5 BIG-IP devices
2015-05-12 09:59:21 -05:00
Denis Kolegov
efb226a55c
Fixed some minor errors
2015-05-10 02:59:57 -04:00
jvazquez-r7
2e01eb519d
Do minor fixes
2015-05-08 14:04:44 -05:00
Tod Beardsley
4df622c76b
Oops, one last for #5312 .
2015-05-06 14:48:17 -05:00
Tod Beardsley
f423306b6f
Various post-commit fixups
...
Edited modules/auxiliary/dos/http/ms15_034_ulonglongadd.rb first landed
in #5150 , @wchen-r7's DOS module for CVE-2015-1635 HTTP.sys
Edited modules/auxiliary/gather/apple_safari_ftp_url_cookie_theft.rb
first landed in #5192 , @joevennix's module for Safari CVE-2015-1126
Edited modules/auxiliary/gather/java_rmi_registry.rb first landed in
Edited modules/auxiliary/gather/ssllabs_scan.rb first landed in #5016 ,
add SSL Labs scanner
Edited modules/auxiliary/scanner/http/goahead_traversal.rb first landed
in #5101 , Add Directory Traversal for GoAhead Web Server
Edited modules/auxiliary/scanner/http/owa_iis_internal_ip.rb first
landed in #5158 , OWA internal IP disclosure scanner
Edited modules/auxiliary/scanner/http/wp_mobileedition_file_read.rb
first landed in #5159 , WordPress Mobile Edition Plugin File Read Vuln
Edited modules/exploits/linux/http/multi_ncc_ping_exec.rb first landed
in #4924 , @m-1-k-3's DLink CVE-2015-1187 exploit
Edited modules/exploits/unix/webapp/wp_slideshowgallery_upload.rb first
landed in #5131 , WordPress Slideshow Upload
Edited modules/exploits/windows/local/run_as.rb first landed in #4649 ,
improve post/windows/manage/run_as and as an exploit
(These results courtesy of a delightful git alias, here:
```
cleanup-prs = !"for i in `git status | grep modules | sed
s/#.*modules/modules/`; do echo -n \"Edited $i first landed in \" && git
log --oneline --first-parent $i | tail -1 | sed 's/.*Land //' && echo
''; done"
```
So that's kind of fun.
2015-05-06 11:39:15 -05:00
Denis Kolegov
7fb99cdaaf
Merged fixed conflicts
2015-05-02 05:37:36 -04:00
William Vu
83288ff391
Fix typo
2015-04-30 17:58:26 -05:00
Brent Cook
ff96101dba
Land #5218 , fix #3816 , remove print_debug / DEBUG
2015-04-24 13:41:07 -05:00
kaospunk
bb0b2eee37
Fix missing . in SRV query
...
This update adds a missing . to the end of the
_ldap._tcp SRV record so that it properly forms
the DNS query.
2015-04-24 10:42:31 -04:00
jvazquez-r7
4224008709
Delete print_debug/vprint_debug
2015-04-21 11:14:03 -05:00
Brent Cook
9a49538c1a
Land #5016 , add SSL Labs scanner
2015-04-20 21:34:16 -05:00
Brent Cook
752c3243f6
wrap print* functions in report_* wrappers
...
Preserve the semantics in the code, but don't call functions like 'print_error'
unless there is an actual error running the module. Fix spelling of 'Overall'.
2015-04-20 21:13:43 -05:00
jvazquez-r7
c6c7560aed
Land #4846 , @joevennix's android 4.3 uxss module
2015-04-20 18:43:24 -05:00
jvazquez-r7
9b240e1d8f
Use parenthesis
2015-04-20 18:42:34 -05:00
jvazquez-r7
f762873a31
Land #5192 , @joevennix's module for Safari CVE-2015-1126
...
* Module to profit cross domain vulnerability on safari
2015-04-20 15:19:54 -05:00
jvazquez-r7
e2eaff6b3a
Don't modify datastore options
2015-04-20 15:16:21 -05:00
jvazquez-r7
88c52ae7ae
Delete second stop_service, the mixin should had done the job
2015-04-20 15:13:11 -05:00
jvazquez-r7
dc0549d2dd
Use #wait
2015-04-20 15:06:01 -05:00
jvazquez-r7
c1234e05e2
Delete parenthesis from condition
2015-04-20 14:56:37 -05:00
jvazquez-r7
0283ac05e5
Do minor style fixes
2015-04-20 14:54:39 -05:00
jvazquez-r7
69b8edda4a
Use single quotes
2015-04-20 14:53:38 -05:00
jvazquez-r7
16daa935dd
Do minor code cleanup
2015-04-20 13:08:51 -05:00
joev
2010e966b3
Add non-httponly cookie theft module for ios/osx safari.
2015-04-19 11:32:37 -05:00
Christian Mehlmauer
352e170624
more failure reasons
2015-04-16 22:04:11 +02:00
Christian Mehlmauer
b4b8ac0849
moar fail_with's
2015-04-16 21:26:37 +02:00
Christian Mehlmauer
4dc402fd3c
moar fail_with's
2015-04-16 21:16:52 +02:00
Christian Mehlmauer
0e186fa617
first fail_with fixes
2015-04-16 21:08:33 +02:00
Brent Cook
e03f2df691
Land #5002 , RMI/JMX improvements
2015-04-08 15:23:29 -05:00
William Vu
e1af495d21
Add extra release fixes
2015-04-06 13:08:40 -05:00
jvazquez-r7
e3bbb7c297
Solve conflicts
2015-04-03 14:57:49 -05:00
root
452ebcf9ad
travis
2015-04-03 16:29:35 +05:00
root
be829e77ba
cravis error solve
2015-04-03 16:25:18 +05:00
root
4bd40fed7f
yard doc and comment corrections for auxiliary
2015-04-03 16:12:23 +05:00
Tod Beardsley
d1318d1b48
Fixups for release
2015-03-31 11:02:12 -05:00
jvazquez-r7
8ff54ff98d
Add msb reference
2015-03-30 10:58:08 -05:00
sinn3r
9af1e76bf7
Obfuscate js
2015-03-30 10:52:01 -05:00
sinn3r
c7fa01c5ae
Rename file
2015-03-30 10:39:33 -05:00
Denis Kolegov
9d78aa96d9
Add output of API errors to console
2015-03-30 02:42:09 -04:00
Denis Kolegov
45f8738cfe
Fix stdout errors
2015-03-27 07:53:59 -04:00
Denis Kolegov
3515a0a71f
Initial commit for supporting SSL Labs API
2015-03-27 07:34:11 -04:00
sinn3r
f996c5a888
Update description
2015-03-27 02:31:36 -05:00
sinn3r
67dc46791d
Limit the module to IE 8 and IE9
2015-03-27 02:30:04 -05:00
sinn3r
f88d9651b6
I don't think it's worth putting the js in ie_addons.js
2015-03-27 02:26:50 -05:00
sinn3r
bd2763292a
Properly credit Soroush Dalili
2015-03-26 23:36:16 -05:00
sinn3r
560f31c34d
Minor changes
2015-03-26 23:29:44 -05:00
sinn3r
68624dd56e
Final for ie_files_disclosure.rb
2015-03-26 22:49:22 -05:00
sinn3r
b0b17775c2
First working version
2015-03-26 21:53:26 -05:00
dnkolegov
5d80ef9325
Fix minor issues
2015-03-25 02:53:36 -04:00
dnkolegov
040a1af9c5
Delete useless ecnryption cookie detection, fix minor issues
2015-03-25 02:34:33 -04:00
jvazquez-r7
39e87f927a
Make code consistent
2015-03-24 11:44:26 -05:00
dnkolegov
2a0deaa6c8
Deleted default options and SYN scan
2015-03-23 04:31:08 -04:00
jvazquez-r7
b839547dc3
Add documentation for Registry modules and methods
2015-03-19 17:57:21 -05:00
jvazquez-r7
a7f1244251
Finish the java_rmi_registry gather module
2015-03-19 17:33:45 -05:00
jvazquez-r7
5c3134a616
Add first support to gather information from RMI registries
2015-03-19 11:16:04 -05:00
OJ
e943cb550f
Land #4585 : CVE-2015-0975 XXE in OpenNMS
2015-03-18 22:34:52 +10:00
OJ
d1a2f58303
Fix of regex for file capture and format tweaks
2015-03-18 22:17:44 +10:00
OJ
fa7242388b
Move the module to the correct location
2015-03-18 18:18:54 +10:00
dnkolegov
dd751a3371
Add ssl/tls support, change default parameters
2015-03-17 02:23:13 -04:00
sinn3r
0d36115112
Update MS15-018 MSB reference
2015-03-12 10:13:37 -05:00
Tod Beardsley
df80d56fda
Land #4898 , prefer URI to open-uri
2015-03-09 09:14:10 -05:00
joev
ccd0712d43
Use ===, doh.
2015-03-06 12:29:34 -06:00
joev
fefd4e271a
Don't hardcode the hex.
2015-03-06 12:16:03 -06:00
joev
3fb4fbe8e6
Add 'not allowed' check instead of magic check.
2015-03-06 00:01:31 -06:00
joev
7db3277731
Actually hide the iframe.
2015-03-05 23:52:29 -06:00
joev
d7295959ca
Remove open-uri usage in msf.
2015-03-05 23:45:28 -06:00
joev
3c5d7b3ef0
Okay, putting source code in a quoted string is horrible.
2015-03-05 23:25:37 -06:00
sinn3r
5f3ed83922
Land #4836 , Solarwinds Core Orion Service SQL injection
2015-03-02 11:44:26 -06:00
Brandon Perry
f8e3874203
add nil check
2015-02-28 20:43:19 -06:00
Brandon Perry
ceb92cdf5e
update login method
2015-02-26 07:33:51 -06:00
joev
c4b85603d2
Fix encoding, oops.
2015-02-25 22:56:33 -06:00
joev
d486d17302
Add reference to 2014 fix.
2015-02-25 21:04:01 -06:00
joev
a410d2ec25
Add android 4.3 stock browser cookie/password theft.
2015-02-25 21:02:15 -06:00
Tod Beardsley
6feae9524b
Fix up funny indent on description
...
[See #4770 ]
2015-02-24 12:25:48 -06:00
Brandon Perry
1134b0a6fa
fix dataastore to datastore
2015-02-24 10:34:33 -06:00
Brandon Perry
c9439addf8
fix url
2015-02-23 16:50:58 -06:00
Brandon Perry
3d82c7755b
add solarwinds module
2015-02-22 15:35:42 -06:00
Christian Mehlmauer
c820431879
Land #4770 , Wordpress Ultimate CSV Importer user extract module
2015-02-22 08:52:45 +01:00
rastating
f9dbff8a6c
Add store path output
2015-02-21 23:41:26 +00:00
William Vu
c9ddd0dac9
Land #4795 , f5_bigip_cookie_disclosure update
2015-02-20 13:11:42 -06:00
William Vu
b676f5a07e
Clean up #4795
2015-02-20 13:10:31 -06:00