Commit Graph

1014 Commits (f49acae86ad494a816784a8280bccca1bc1cec52)

Author SHA1 Message Date
wchen-r7 4dcddb2399 Fix #4885, Support basic and form auth at the same time
When a module uses the HttpClient mixin but registers the USERNAME
and PASSWORD datastore options in order to perform a form auth,
it ruins the ability to also perform a basic auth (sometimes it's
possible to see both). To avoid option naming conflicts, basic auth
options are now HTTPUSERNAME and HTTPPASSWORD.

Fix #4885
2016-05-27 16:25:42 -05:00
Brent Cook c7cbaa08c8
Land #6576, add Search Engine Subdomains Collector (Bing / Yahoo / ..) 2016-05-14 10:50:53 -05:00
wchen-r7 816bc91e45 Resolve #6807, remove all OSVDB references.
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.

Resolve #6807
2016-04-23 12:32:34 -05:00
join-us 81af4d2675 Fix: merge error 2016-04-23 23:19:08 +08:00
join-us 1d99d08ac8 rebuild 2016-04-23 23:15:19 +08:00
join-us de9ac28db1 class Metasploit4 -> class MetasploitModule 2016-04-23 23:03:48 +08:00
join-us e2fcfc8d09 fix index / space 2016-04-23 23:02:41 +08:00
join-us fca4d53a6f add yahoo_search / bing_search exception handler 2016-04-23 22:58:39 +08:00
join-us d9633078ec merge yahoo_search_domain[ip] / bing_search_domain[ip] 2016-04-23 22:45:47 +08:00
join-us 66c0832f27 add Rex::Socket.getaddresses exception handler 2016-04-23 20:09:12 +08:00
join-us b47b83dfaa add results.nil? / results.empty? check 2016-04-23 19:47:33 +08:00
join-us 7579abb34e report_note in a line 2016-04-23 19:43:44 +08:00
join-us 55e31bacee add exception handler 2016-04-23 19:01:55 +08:00
join-us 73121f7e2f add vprint_good 2016-04-23 18:50:48 +08:00
join-us bc1f829fe5 class Metasploit4 -> class MetasploitModule 2016-04-23 17:36:22 +08:00
join-us 815a918a72 deprecate auxiliary/gather/dns_srv_enum 2016-04-12 08:44:47 +08:00
join-us 2bbb58d57e deprecate auxiliary/gather/dns_reverse_lookup 2016-04-12 08:44:21 +08:00
join-us 5e1c540d31 deprecate auxiliary/gather/dns_info 2016-04-12 08:43:50 +08:00
join-us 67f8b309c6 deprecate auxiliary/gather/dns_cache_scraper 2016-04-12 08:43:23 +08:00
join-us 66ec001110 deprecate auxiliary/gather/dns_bruteforce 2016-04-12 08:42:56 +08:00
Jon Hart a37f9c9eda
Clarify note type 2016-04-08 18:35:43 -07:00
Jon Hart 44a98cc36f
Correct overly aggressive style cleanup 2016-04-08 18:00:03 -07:00
Jon Hart 7ce5c07c03
Minor style cleanup 2016-04-08 17:39:32 -07:00
Jon Hart 7c70a554ea
Merge branch 'pr/6187' into pr/fixup-6187 for pre-master merge testing 2016-04-08 16:56:38 -07:00
all3g 616bb8399f remove db_filter / format a json data 2016-04-06 18:39:34 +08:00
wchen-r7 51b8b4a4d1
Bring #6404 up to date with upstream-master 2016-04-04 16:35:58 -05:00
wchen-r7 da3388248a Uses #blank? 2016-04-04 16:34:49 -05:00
wchen-r7 5a6d1ee0a9 Uses MetasploitModule class name 2016-04-04 16:30:55 -05:00
wchen-r7 8bf039a69e ignore_items! should not be used in a loop
because it's not necessary.
2016-03-22 15:56:38 -05:00
wchen-r7 8836393cb1 Add aux module to gather browser information. 2016-03-22 13:56:12 -05:00
James Lee 1375600780
Land #6644, datastore validation on assignment 2016-03-17 11:16:12 -05:00
Adam Cammack 05f585157d
Land #6646, add SSL SNI and unify SSLVersion opts 2016-03-15 16:35:22 -05:00
wchen-r7 38153d227c Move apache_karaf_command_execution to the SSH directory
apache_karaf_command_execution does not gather data, therefore
it is not suitable to be in the gather directory.
2016-03-14 00:32:59 -05:00
Christian Mehlmauer 3123175ac7
use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook f703fa21d6 Revert "change Metasploit3 class names"
This reverts commit 666ae14259.
2016-03-07 13:19:55 -06:00
Brent Cook 44990e9721 Revert "change Metasploit4 class names"
This reverts commit 3da9535e22.
2016-03-07 13:19:48 -06:00
Christian Mehlmauer 3da9535e22
change Metasploit4 class names 2016-03-07 09:57:22 +01:00
Christian Mehlmauer 666ae14259
change Metasploit3 class names 2016-03-07 09:56:58 +01:00
Brent Cook eea8fa86dc unify the SSLVersion fields between modules and mixins
Also actually handle the 'Auto' option that we had in the crawler and remove
hardcoded defaults in modules that do not need them.
2016-03-06 22:06:27 -06:00
Brent Cook c7c0e12bb3 remove various module hacks for the datastore defaults not preserving types 2016-03-05 23:11:39 -06:00
wchen-r7 d14ec657e2
Land #6564, Add Apache Karaf Command Execution Module 2016-02-25 14:47:40 -06:00
wchen-r7 1d2ec7a239 Rescue OpenSSL::Cipher::CipherError
Our current net/ssh library is out of date, so we need to rescue
OpenSSL::Cipher::CipherError.
2016-02-25 14:46:53 -06:00
nixawk 6ef4026698 get_ptr - save_note(ip, 'get_ptr', records) 2016-02-25 21:43:13 +08:00
nixawk dfff94a243 save ip/domain relationships 2016-02-25 21:14:40 +08:00
nixawk f0da8e9adf bing_search - ConnectionTimeout 2016-02-23 18:56:34 +08:00
Vex Woo 91822f2861 Merge pull request #12 from jhart-r7/pr/fixup-6187
More fixup for #6187 (auxiliary/gather/enum_dns)
2016-02-19 19:12:17 +08:00
Jon Hart 1f5285bca7
Better handling of AXFR if ns records won't resolve on target NS 2016-02-18 22:15:06 -08:00
nixawk 0e185a34bf get_ns / notes nameservers 2016-02-19 14:03:05 +08:00
Jon Hart 42c64b51bb
Remove all report_host instances in enum_dns
the forced resolution of names won't fly
2016-02-18 21:41:51 -08:00
Jon Hart 65a3cc2921
Remove duplicated SIP SRV record lookup 2016-02-18 21:41:09 -08:00
nixawk da3c382869 add function domain2ip 2016-02-19 12:35:31 +08:00
nixawk 4ef5cf420c rename the module 2016-02-19 11:18:55 +08:00
nixawk a87c503ae4 merge bing/yahoo subdomains search 2016-02-19 11:17:08 +08:00
nixawk 9afe5517f7 return unless domains -> return if domains.empty? 2016-02-18 10:26:45 +08:00
nixawk 15f6992aec add yahoo_search_domain(domain) / yahoo_search_ip(ip) 2016-02-18 00:03:28 +08:00
nixawk 29185271a7 report domains/ips to (notes / hosts) 2016-02-17 11:41:59 +08:00
Brent Cook 3d1861b3f4 Land #6526, integrate {peer} string into logging by default 2016-02-15 15:19:26 -06:00
nixawk 2428d5127c add Yahoo Search Engine Subdomains Collector 2016-02-16 03:11:38 +08:00
Nicholas Starke 3416a24dda Adding vprint_status for loot path
Adding a vprint_status to show users the loot
path as per a comment on the pull request.
2016-02-14 11:19:20 -06:00
Nicholas Starke cdaa2a8c43 Adding Apache Karaf Command Execution Module
This module establishes an SSH session using default
credentials and then executes a user defined operating system
command.  This is part of GitHub Issue #4358.
2016-02-10 16:48:08 -06:00
Jon Hart 55c8d23e1f
Handle refused connections during axfr 2016-02-04 09:23:49 -08:00
Jon Hart 52d81f7e93
More/better status printing for big query types 2016-02-04 09:18:26 -08:00
Jon Hart c025458d22
More consistent record type printing 2016-02-04 09:12:36 -08:00
Jon Hart c630f791c3
Remove loot storage from enum_dns. Loot is appropriate for this use case 2016-02-04 09:10:08 -08:00
Jon Hart 4408742930
Fix storage of SRV record notes 2016-02-04 09:08:21 -08:00
Jon Hart ef75845d01
Better fetching/saving of SRV records 2016-02-03 13:07:20 -08:00
James Lee 8094eb631b
Do the same for aux modules 2016-02-01 16:06:34 -06:00
Jon Hart 1749932bb4
Cleanup loot saving output 2016-01-28 14:16:47 -08:00
Jon Hart 6646785902
Don't enumerate other possible domains via TLD expansion by default 2016-01-28 14:09:09 -08:00
Jon Hart 86e7cd92c0
Minor style nit on printed NS records 2016-01-28 14:08:20 -08:00
Christian Mehlmauer 484d57614a
remove re-registered ssl options 2016-01-22 09:54:52 +01:00
nixawk 643ebfed7e format print_status output for get_srv/get_tld 2016-01-16 11:21:16 +08:00
nixawk e491502023 handle exception - ResolverArgumentError 2016-01-12 00:48:02 +08:00
nixawk 408b8fa4fd handle exception - (get_tld - ArgumentError / get_mx - SocketError) 2016-01-07 00:54:03 +08:00
nixawk eecd75262c handle exception - (get_tld - ArgumentError / get_mx - SocketError) 2016-01-07 00:25:28 +08:00
nixawk 71acff5733 output scan results (set VERBOSE false) 2016-01-06 23:55:48 +08:00
nixawk a477868efb add ENUM_BRT switch to def get_a(domain) 2015-12-30 13:15:43 +08:00
nixawk 5bd380c7bd remove vprint_status / zone transfer - Handle Errno::ETIMEDOUT Exception 2015-12-30 12:06:54 +08:00
nixawk e172d60e8e rename STOP_STORE_LOOT to STORE_LOOT 2015-12-30 10:13:05 +08:00
nixawk 3edd00f2ec (description) dns MX to DNS MX / change default options from false to true 2015-12-30 10:07:38 +08:00
nixawk 7d3978b146 Fix: save_root - Auxiliary failed: ArgumentError wrong number of arguments (5 for 7) 2015-12-29 19:59:56 +08:00
nixawk 8830a0630d Review - add options / threads / report_service / STORE_LOOT / ... 2015-12-29 19:43:52 +08:00
Brendan Coles 9bed78701d Replace module actions with REG_DUMP_* options 2015-12-28 21:10:43 +00:00
Brendan Coles ceef02e8b2 Add Snare Lite for Windows Registry Access module 2015-12-28 15:16:21 +00:00
wchen-r7 74e1b8d5ac Fix res nil 2015-11-24 00:15:05 -06:00
wchen-r7 95ca288f9d Modify check 2015-11-23 20:33:14 -06:00
wchen-r7 09e6a54886 In case anonymous is not allowed for decryption 2015-11-23 20:26:41 -06:00
wchen-r7 20ba10d46c Spaces, how dare you 2015-11-23 16:45:02 -06:00
wchen-r7 faab28f1d6 Add Jenkins Domain Credential Discovery Auxiliary Module 2015-11-23 16:23:59 -06:00
aushack 1410d03386 Fixed msftidy capitalisation. 2015-11-22 14:32:51 +11:00
aushack fc46ce0ced Bring module title in line with other WP modules. 2015-11-22 13:39:45 +11:00
William Vu 32faf7a8d4 Fix #6183, hard tabs fix 2015-11-10 16:48:03 -06:00
William Vu a9fe09497e Fix hard tabs
Mixing tabs and spaces? Seriously?
2015-11-10 16:47:29 -06:00
William Vu 8dc636507b
Land #6183, dns_srv_enum updates 2015-11-10 16:44:27 -06:00
William Vu e98570cbd1 Clean up module 2015-11-10 16:44:10 -06:00
fraf0 970c5da9a6 Update dns_srv_enum.rb 2015-11-07 20:01:26 +01:00
fraf0 730f6b2326 Update dns_srv_enum.rb
Remove some comment following message on pull-request.
2015-11-07 15:23:32 +01:00
nixawk 2adcd0a0d2 add references 2015-11-05 23:45:29 +00:00
dmohanty-r7 a71d7ae2ae
Land #6089, @jvazquez-r7 Fix HTTP mixins namespaces 2015-11-05 16:56:41 -06:00
nixawk d63f7c843e enum_dns - review 2015-11-05 10:09:54 +00:00
fraf0 3739a2fb72 Update dns_srv_enum.rb 2015-11-03 16:59:55 +01:00
fraf0 f1feccfd7c Update dns_srv_enum.rb 2015-11-03 16:53:26 +01:00
Louis Sato 57304a30a8
Land #6139, remove bad ref links 2015-10-29 16:00:43 -05:00
wchen-r7 93df45eff1
Land #6138, Land joomla plugin com_realestatemanager Error Based SQLi 2015-10-28 13:36:14 -05:00
wchen-r7 09b79414ee Report hash 2015-10-28 13:33:00 -05:00
wchen-r7 154fb585f4 Remove bad references (dead links)
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
William Vu 9041f95511 Perform final cleanup 2015-10-27 11:21:17 -05:00
nixawk 132cbf0cd7 joomla plugin com_realestatemanager Error Based SQL Ijnection 2015-10-27 15:18:17 +00:00
Brandon Perry c7fe014854 remove global variables 2015-10-26 17:13:51 -05:00
Brandon Perry 8b4f2290ed no more session ids in desc 2015-10-25 11:01:17 -05:00
nixawk f738dd2acb replace print_* with vprint_* / fix check method 2015-10-25 06:57:56 +00:00
nixawk a6628110f6 rebuild joomla_contenthistory_sqli (cve-2015-7297) 2015-10-25 03:56:36 +00:00
Brandon Perry 949a4c797b Update joomla_contenthistory_sqli.rb 2015-10-23 09:33:12 -05:00
Brandon Perry 07d549d783 Update joomla_contenthistory_sqli.rb
Remove sessions for now
2015-10-23 09:32:15 -05:00
Brandon Perry e4281dd1fb Create joomla_contenthistory_sqli.rb 2015-10-22 15:05:02 -05:00
fraf0 4e50f3ebde Update dns_srv_enum.rb
Patch for :
	- Split record srvrcd one entry by line for readability.
	- Add record for Default-First-Site-Name :
	(according to https://technet.microsoft.com/en-us/library/cc759550%28v=ws.10%29.aspx)
		'_gc._tcp.Default-First-Site-Name._sites.',
		'_kerberos._tcp.Default-First-Site-Name._sites.',
		'_kerberos.tcp.Default-First-Site-Name._sites.dc._msdcs.',
		'_ldap._tcp.Default-First-Site-Name._sites.',
		'_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.',
		'_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.',
	- Remove double entry '_kerberos.tcp.dc._msdcs.'
	- Add fqdn query in logs.
	- Add report_note to store and preserve the fqdn query.

Ps : I'm not very familiar with the code and patch rules for modules. Thank you to excuse my eventual errors.
2015-10-21 18:27:14 +02:00
jvazquez-r7 cf9ddbb701
Update moduels using Msf::HTTP::Wordpress 2015-10-15 11:47:13 -05:00
HD Moore cd2e9d4232 Move Msf::Java to the normal Msf::Exploit::Remote namespace 2015-10-09 13:24:34 -07:00
William Vu 2e2d27d53a
Land #5935, final creds refactor 2015-10-01 00:25:14 -05:00
HD Moore cddf72cd57 Show errors when no results are found 2015-09-10 14:05:40 -07:00
wchen-r7 5646f2e0c4 successful status should include last_attempted_at 2015-09-04 13:45:44 -05:00
wchen-r7 cf6d5fac2a Use the latest cred API, no more report_auth_info 2015-09-04 13:43:15 -05:00
wchen-r7 d55757350d Use the latest credential API, no more report_auth_info 2015-09-04 03:04:14 -05:00
wchen-r7 0c7d2af6bc
Land #5750, Add WP All In One Migration Export Module 2015-08-28 14:12:14 -05:00
wchen-r7 837b6a4f71 Update description 2015-08-28 14:11:51 -05:00
wchen-r7 d2e758ac8b Better failure handling 2015-08-28 14:08:29 -05:00
jvazquez-r7 1558fabdb2
Land #5844, @joevennix updates apple_safari_webarchive_uxss to use the webarchive mixin 2015-08-21 17:27:56 -05:00
jvazquez-r7 a560496455 Do minor ruby style fixes 2015-08-14 14:50:03 -05:00
jvazquez-r7 82193f11e7 Minor js fixes 2015-08-14 14:45:48 -05:00
Tod Beardsley e4cb6872f2
Add exploit for CVE-2015-4495, Firefox PDF.js 2015-08-14 12:07:15 -05:00
joev 0615d908c4 Update description to explain quarantine effects. 2015-08-13 23:46:37 -05:00
joev 84144bf6cf Update webarchive_uxss to use the webarchive mixin.
- Fixes extension installation to use a new window, not an iframe
- Steals the entire cookie file
- Removes cache poisoning scripts, which no longer seem to work
2015-08-13 23:41:27 -05:00
Tod Beardsley 50041fad2a
Pre-Bloggery cleanup
Edited modules/auxiliary/gather/lansweeper_collector.rb first landed in
and minor description word choice changes.

Edited modules/auxiliary/server/browser_autopwn2.rb first landed in
options. Also removed from the description the missing options of
'WhiteList' and 'RealList' -- those don't appear to be available
according to `show options` and `show advanced`, @wchen-r7.

Edited modules/post/multi/recon/local_exploit_suggester.rb first landed
in #5823, mv local_exploit_{suggestor,suggester} for minor description
cleanup and axing the description of the SHOWDESCRIPTION option (it's
already described identically on the option itself).
2015-08-13 12:33:04 -05:00
jvazquez-r7 67f661823a
Land #5614, @cldrn's module to collect lansweeper credentials 2015-08-04 16:55:49 -05:00
jvazquez-r7 ed3f993b75
Do some style fixes 2015-08-04 16:41:15 -05:00
jvazquez-r7 0e3434ebad
Fix metadata 2015-08-04 16:28:50 -05:00
HD Moore 7681d73e01 Relocate Webarchive into the Exploit namespace, fixes #5717 2015-07-28 04:11:17 -07:00
Tod Beardsley e32b3c71f4
Fix ZDI ref on sandbox escape module 2015-07-23 17:11:19 -05:00
rastating d3f31fb56a Fix msftidy results 2015-07-21 21:29:44 +01:00
rastating 55be2eff06 Replace return with fail_with 2015-07-21 21:25:42 +01:00
rastating c63fdad1f1 Add URL reference 2015-07-20 18:15:17 +01:00
rastating f1a909c292 Add WP All In One Migration export module 2015-07-20 18:13:32 +01:00
William Vu 53bcee011b
Land #5709, s/Filed/Failed/ typo fixes 2015-07-13 18:37:46 +00:00
wchen-r7 884b779b36
Land #5593, CVE-2015-1155 Safari file:// Redirection Sandbox Escape 2015-07-13 11:28:39 -05:00
Mo Sadek d1f23c54c7 Changed Filed to Failed on line 43 in java_rmi_registry.rb 2015-07-13 10:33:15 -05:00
cldrn d3902771b6 Fixes call to the credentials API and adds version info 2015-07-07 13:48:16 -05:00
Donny Maasland a9edfa1b4b Fix a small typo 2015-07-06 13:37:36 +02:00
joev b577f79845 Fix some bugs in the safari file navigation module. 2015-07-05 16:46:18 -05:00
cldrn 355738909a Fixes typo 2015-06-28 09:32:16 -05:00
cldrn 5c18fc82f2 Stores credentials using create_credential_login 2015-06-28 09:24:31 -05:00
cldrn b332b25795 Stores credentials in DB, fixes loop variable and nil dereference bug 2015-06-27 19:06:15 -05:00
jvazquez-r7 52b49503a0
Land #5498, @hmoore-r7's patch for a number of Net::DNS/enum_dns issues 2015-06-26 18:25:03 -05:00
cldrn 2968f52ca4 Removes debug sql output 2015-06-26 12:22:34 -05:00
cldrn a338920cb3 lansweeper_collector retrieves and decrypts credentials store in the database of Lansweeper 2015-06-26 12:21:35 -05:00
cldrn 7f4a96f3dc Fixes coding style issues 2015-06-26 03:29:17 -05:00
cldrn 3da3595181 MSF module to download and decrypt credentials stored in Lansweeper's database 2015-06-25 19:29:30 -05:00
joev 8b6fba4988 Tweak and fix some things in Safari file URL module. 2015-06-24 02:08:06 -05:00
Tod Beardsley 18a9585f7a
Add safari module for CVE-2015-1155 2015-06-23 16:15:50 -05:00
Brent Cook bf170a195d the API sometimes returns negative percents - treat these as 0 2015-06-19 11:38:36 -05:00
Brent Cook 5a277389f2 remove some trailing commas 2015-06-19 11:38:22 -05:00
Denis Kolegov c3d2797f10 Fixed Info fields 2015-06-16 04:22:22 -04:00
Denis Kolegov 2778274e47 Added new SSL Labs API fields and fixed minor errors 2015-06-16 02:59:12 -04:00
Tod Beardsley 0d979f61ae
Minor fixups on newish modules 2015-06-10 11:09:42 -05:00
HD Moore c80017992a A dirty patch for a number of Net::DNS/dns_enum issues 2015-06-06 13:48:52 -05:00
jvazquez-r7 843572df6d
Change module filename 2015-05-29 16:14:16 -05:00
jvazquez-r7 acb0af3826
Update description 2015-05-29 16:13:43 -05:00
jvazquez-r7 39ae6263e9
Use Rex::Text.encode_base64 2015-05-29 16:12:21 -05:00
jvazquez-r7 8338b21f6c
Make some code cleanup 2015-05-29 16:04:29 -05:00
Nicholas Starke a3ff9859c8 Adding Credentials Capabilities
This commit adds the ability for credentials
to be retrieved via the 'creds' command.  It
also contains a few miscellaneous stylistic
syntax changes.
2015-05-24 15:03:06 -05:00
Nicholas Starke 9430d38a09 Adding AVTECH744_DVR Module
This module retrieves account information from
an AVTECH 744 DVR, including username, cleartext
password, account role, and the device PIN.
2015-05-21 16:33:06 -05:00
jvazquez-r7 a5267ab77e
Land #4940, @dnkolegov's modules for F5 BIG-IP devices 2015-05-12 09:59:21 -05:00
Denis Kolegov efb226a55c Fixed some minor errors 2015-05-10 02:59:57 -04:00
jvazquez-r7 2e01eb519d
Do minor fixes 2015-05-08 14:04:44 -05:00
Tod Beardsley 4df622c76b
Oops, one last for #5312. 2015-05-06 14:48:17 -05:00
Tod Beardsley f423306b6f
Various post-commit fixups
Edited modules/auxiliary/dos/http/ms15_034_ulonglongadd.rb first landed
in #5150, @wchen-r7's DOS module for CVE-2015-1635 HTTP.sys

Edited modules/auxiliary/gather/apple_safari_ftp_url_cookie_theft.rb
first landed in #5192, @joevennix's module for Safari CVE-2015-1126

Edited modules/auxiliary/gather/java_rmi_registry.rb first landed in

Edited modules/auxiliary/gather/ssllabs_scan.rb first landed in #5016,
add SSL Labs scanner

Edited modules/auxiliary/scanner/http/goahead_traversal.rb first landed
in #5101, Add Directory Traversal for GoAhead Web Server

Edited modules/auxiliary/scanner/http/owa_iis_internal_ip.rb first
landed in #5158, OWA internal IP disclosure scanner

Edited modules/auxiliary/scanner/http/wp_mobileedition_file_read.rb
first landed in #5159, WordPress Mobile Edition Plugin File Read Vuln

Edited modules/exploits/linux/http/multi_ncc_ping_exec.rb first landed
in #4924, @m-1-k-3's DLink CVE-2015-1187 exploit

Edited modules/exploits/unix/webapp/wp_slideshowgallery_upload.rb first
landed in #5131, WordPress Slideshow Upload

Edited modules/exploits/windows/local/run_as.rb first landed in #4649,
improve post/windows/manage/run_as and as an exploit

(These results courtesy of a delightful git alias, here:

```
  cleanup-prs = !"for i in `git status | grep modules | sed
s/#.*modules/modules/`; do echo -n \"Edited $i first landed in \" && git
log --oneline --first-parent $i | tail -1 | sed 's/.*Land //' && echo
''; done"

```

So that's kind of fun.
2015-05-06 11:39:15 -05:00
Denis Kolegov 7fb99cdaaf Merged fixed conflicts 2015-05-02 05:37:36 -04:00
William Vu 83288ff391 Fix typo 2015-04-30 17:58:26 -05:00
Brent Cook ff96101dba
Land #5218, fix #3816, remove print_debug / DEBUG 2015-04-24 13:41:07 -05:00
kaospunk bb0b2eee37 Fix missing . in SRV query
This update adds a missing . to the end of the
_ldap._tcp SRV record so that it properly forms
the DNS query.
2015-04-24 10:42:31 -04:00
jvazquez-r7 4224008709
Delete print_debug/vprint_debug 2015-04-21 11:14:03 -05:00
Brent Cook 9a49538c1a
Land #5016, add SSL Labs scanner 2015-04-20 21:34:16 -05:00
Brent Cook 752c3243f6 wrap print* functions in report_* wrappers
Preserve the semantics in the code, but don't call functions like 'print_error'
unless there is an actual error running the module. Fix spelling of 'Overall'.
2015-04-20 21:13:43 -05:00
jvazquez-r7 c6c7560aed
Land #4846, @joevennix's android 4.3 uxss module 2015-04-20 18:43:24 -05:00
jvazquez-r7 9b240e1d8f Use parenthesis 2015-04-20 18:42:34 -05:00
jvazquez-r7 f762873a31
Land #5192, @joevennix's module for Safari CVE-2015-1126
* Module to profit cross domain vulnerability on safari
2015-04-20 15:19:54 -05:00
jvazquez-r7 e2eaff6b3a
Don't modify datastore options 2015-04-20 15:16:21 -05:00
jvazquez-r7 88c52ae7ae
Delete second stop_service, the mixin should had done the job 2015-04-20 15:13:11 -05:00
jvazquez-r7 dc0549d2dd
Use #wait 2015-04-20 15:06:01 -05:00
jvazquez-r7 c1234e05e2
Delete parenthesis from condition 2015-04-20 14:56:37 -05:00
jvazquez-r7 0283ac05e5
Do minor style fixes 2015-04-20 14:54:39 -05:00
jvazquez-r7 69b8edda4a
Use single quotes 2015-04-20 14:53:38 -05:00
jvazquez-r7 16daa935dd
Do minor code cleanup 2015-04-20 13:08:51 -05:00
joev 2010e966b3 Add non-httponly cookie theft module for ios/osx safari. 2015-04-19 11:32:37 -05:00
Christian Mehlmauer 352e170624
more failure reasons 2015-04-16 22:04:11 +02:00
Christian Mehlmauer b4b8ac0849
moar fail_with's 2015-04-16 21:26:37 +02:00
Christian Mehlmauer 4dc402fd3c
moar fail_with's 2015-04-16 21:16:52 +02:00
Christian Mehlmauer 0e186fa617
first fail_with fixes 2015-04-16 21:08:33 +02:00
Brent Cook e03f2df691
Land #5002, RMI/JMX improvements 2015-04-08 15:23:29 -05:00
William Vu e1af495d21 Add extra release fixes 2015-04-06 13:08:40 -05:00
jvazquez-r7 e3bbb7c297 Solve conflicts 2015-04-03 14:57:49 -05:00
root 452ebcf9ad travis 2015-04-03 16:29:35 +05:00
root be829e77ba cravis error solve 2015-04-03 16:25:18 +05:00
root 4bd40fed7f yard doc and comment corrections for auxiliary 2015-04-03 16:12:23 +05:00
Tod Beardsley d1318d1b48
Fixups for release 2015-03-31 11:02:12 -05:00
jvazquez-r7 8ff54ff98d
Add msb reference 2015-03-30 10:58:08 -05:00
sinn3r 9af1e76bf7 Obfuscate js 2015-03-30 10:52:01 -05:00
sinn3r c7fa01c5ae Rename file 2015-03-30 10:39:33 -05:00
Denis Kolegov 9d78aa96d9 Add output of API errors to console 2015-03-30 02:42:09 -04:00
Denis Kolegov 45f8738cfe Fix stdout errors 2015-03-27 07:53:59 -04:00
Denis Kolegov 3515a0a71f Initial commit for supporting SSL Labs API 2015-03-27 07:34:11 -04:00
sinn3r f996c5a888 Update description 2015-03-27 02:31:36 -05:00
sinn3r 67dc46791d Limit the module to IE 8 and IE9 2015-03-27 02:30:04 -05:00
sinn3r f88d9651b6 I don't think it's worth putting the js in ie_addons.js 2015-03-27 02:26:50 -05:00
sinn3r bd2763292a Properly credit Soroush Dalili 2015-03-26 23:36:16 -05:00
sinn3r 560f31c34d Minor changes 2015-03-26 23:29:44 -05:00
sinn3r 68624dd56e Final for ie_files_disclosure.rb 2015-03-26 22:49:22 -05:00
sinn3r b0b17775c2 First working version 2015-03-26 21:53:26 -05:00
dnkolegov 5d80ef9325 Fix minor issues 2015-03-25 02:53:36 -04:00
dnkolegov 040a1af9c5 Delete useless ecnryption cookie detection, fix minor issues 2015-03-25 02:34:33 -04:00
jvazquez-r7 39e87f927a
Make code consistent 2015-03-24 11:44:26 -05:00
dnkolegov 2a0deaa6c8 Deleted default options and SYN scan 2015-03-23 04:31:08 -04:00
jvazquez-r7 b839547dc3 Add documentation for Registry modules and methods 2015-03-19 17:57:21 -05:00
jvazquez-r7 a7f1244251
Finish the java_rmi_registry gather module 2015-03-19 17:33:45 -05:00
jvazquez-r7 5c3134a616
Add first support to gather information from RMI registries 2015-03-19 11:16:04 -05:00
OJ e943cb550f
Land #4585 : CVE-2015-0975 XXE in OpenNMS 2015-03-18 22:34:52 +10:00
OJ d1a2f58303 Fix of regex for file capture and format tweaks 2015-03-18 22:17:44 +10:00
OJ fa7242388b Move the module to the correct location 2015-03-18 18:18:54 +10:00
dnkolegov dd751a3371 Add ssl/tls support, change default parameters 2015-03-17 02:23:13 -04:00
sinn3r 0d36115112 Update MS15-018 MSB reference 2015-03-12 10:13:37 -05:00
Tod Beardsley df80d56fda
Land #4898, prefer URI to open-uri 2015-03-09 09:14:10 -05:00
joev ccd0712d43 Use ===, doh. 2015-03-06 12:29:34 -06:00
joev fefd4e271a Don't hardcode the hex. 2015-03-06 12:16:03 -06:00
joev 3fb4fbe8e6 Add 'not allowed' check instead of magic check. 2015-03-06 00:01:31 -06:00
joev 7db3277731 Actually hide the iframe. 2015-03-05 23:52:29 -06:00
joev d7295959ca Remove open-uri usage in msf. 2015-03-05 23:45:28 -06:00
joev 3c5d7b3ef0 Okay, putting source code in a quoted string is horrible. 2015-03-05 23:25:37 -06:00
sinn3r 5f3ed83922
Land #4836, Solarwinds Core Orion Service SQL injection 2015-03-02 11:44:26 -06:00
Brandon Perry f8e3874203 add nil check 2015-02-28 20:43:19 -06:00
Brandon Perry ceb92cdf5e update login method 2015-02-26 07:33:51 -06:00
joev c4b85603d2 Fix encoding, oops. 2015-02-25 22:56:33 -06:00
joev d486d17302 Add reference to 2014 fix. 2015-02-25 21:04:01 -06:00
joev a410d2ec25 Add android 4.3 stock browser cookie/password theft. 2015-02-25 21:02:15 -06:00
Tod Beardsley 6feae9524b
Fix up funny indent on description
[See #4770]
2015-02-24 12:25:48 -06:00
Brandon Perry 1134b0a6fa fix dataastore to datastore 2015-02-24 10:34:33 -06:00
Brandon Perry c9439addf8 fix url 2015-02-23 16:50:58 -06:00
Brandon Perry 3d82c7755b add solarwinds module 2015-02-22 15:35:42 -06:00
Christian Mehlmauer c820431879
Land #4770, Wordpress Ultimate CSV Importer user extract module 2015-02-22 08:52:45 +01:00
rastating f9dbff8a6c Add store path output 2015-02-21 23:41:26 +00:00
William Vu c9ddd0dac9
Land #4795, f5_bigip_cookie_disclosure update 2015-02-20 13:11:42 -06:00
William Vu b676f5a07e Clean up #4795 2015-02-20 13:10:31 -06:00