Commit Graph

4273 Commits (f53e7f84b88c9912aa3a90682f4211cdea4f2795)

Author SHA1 Message Date
coma 107901b481 Add CVE-2013-5877+CVE-2013-5880 for Oracle Demantra msftidy fix 2014-03-26 22:37:21 -07:00
coma 30da3575e8 Add CVE-2013-5877+CVE-2013-5880 for Oracle Demantra 2014-03-26 21:53:12 -07:00
Tod Beardsley 5b8d8d8009
Get Pro and Framework back in sync. 2014-03-26 09:25:19 -05:00
William Vu cd448ba46c
Land #3132, ntp_monlist improvements 2014-03-25 15:19:45 -05:00
William Vu 1c4797337f Clean up rapid7/metasploit-framework#3132 2014-03-25 14:04:43 -05:00
jvazquez-r7 d83f665466 Delete commas 2014-03-25 13:34:02 -05:00
Ramon de C Valle e27adf6366 Fix msftidy warnings 2014-03-25 10:39:40 -03:00
Ramon de C Valle 473f745c3c Add katello_satellite_priv_esc.rb
This module exploits a missing authorization vulnerability in the
"update_roles" action of "users" controller of Katello and Red Hat
Satellite (Katello 1.5.0-14 and earlier) by changing the specified
account to an administrator account.
2014-03-24 23:44:44 -03:00
Brandon Turner 460a1f551c
Fix for R7-2014-05 2014-03-24 14:12:12 -05:00
Tod Beardsley cd9182c77f
Msftidy warning fix on Joomla module.
Pre-commit hooks people.
2014-03-24 12:03:12 -05:00
Joshua Smith 312f117262 updates file read to close file more quickly 2014-03-21 14:53:15 -04:00
Matteo Cantoni 4b2a2d4dea Improve NTP monlist auxiliary module 2014-03-21 16:39:53 +01:00
Matteo Cantoni fbcd661504 removed snmp_enum_hp_laserjet from this pull request 2014-03-21 15:58:53 +01:00
Spencer McIntyre aa26405c23 Cleanup an expression and avoid fail_with 2014-03-20 17:33:09 -04:00
sinn3r 0c4b71c8bf
Land #3094 - Joomla weblinks-categories Unauth SQLI Arbitrary File Read 2014-03-20 12:08:18 -05:00
sinn3r 93ad818358 Fix header and e-mail format for author 2014-03-20 12:07:50 -05:00
Spencer McIntyre 74398c4b6e Allow using a single URI and/or a list of URIs 2014-03-20 09:54:02 -04:00
Joshua Smith a8d919feb0 use TARGET_URI if given, otherwise TARGET_URIS_FILE 2014-03-19 23:32:04 -05:00
Brandon Perry 9b2cfb6c84 change default targeturi to something more universal 2014-03-19 21:03:50 -05:00
Brandon Perry b52a535609 add official url 2014-03-19 20:41:32 -05:00
Brandon Perry ab42cb1bff better error handling for the user 2014-03-19 18:46:57 -05:00
William Vu b79920ba8f
Land #3089, InvalidWordCount fix for smb_login
[FixRM #8730]
2014-03-19 16:12:56 -05:00
sinn3r fe0b76e24e
Land #2994 - OWA 2013 support 2014-03-19 13:16:37 -05:00
Brandon Perry 2ef2f9b47c use vars_get 2014-03-19 07:51:34 -07:00
Brandon Perry 920b2da720 Merge branch 'master' into joomla_sqli 2014-03-19 07:43:32 -07:00
xistence 8fdb5250d4 changes to smtp relay aux module 2014-03-17 15:09:29 +07:00
David Maloney da0c37cee2
Land #2684, Meatballs PSExec refactor 2014-03-14 13:01:20 -05:00
Brandon Perry a01dd48640 a bit better error message if injection works but no file 2014-03-13 13:38:43 -07:00
Brandon Perry b0688e0fca clarify LOAD_FILE perms in description 2014-03-13 13:11:27 -07:00
Brandon Perry 2734b89062 update normalize_uri calls 2014-03-13 06:55:15 -07:00
William Vu 5aad8f2dc3
Land #3088, SNMP timestamp elements fix 2014-03-13 02:22:14 -05:00
Brandon Perry 7540dd83eb randomize markers 2014-03-12 20:11:55 -05:00
Brandon Perry 3fedafb530 whoops, extra char 2014-03-12 19:54:58 -05:00
Brandon Perry aa00a5d550 check method 2014-03-12 19:47:39 -05:00
Brandon Perry 9cb1c1a726 whoops, typoed the markers 2014-03-12 10:58:34 -07:00
Brandon Perry 6636d43dc5 initial module 2014-03-12 10:46:56 -07:00
Tod Beardsley 206660ddde
Recreate the intent of cfebdae from @parzamendi-r7
The idea was to rescue on a NoReply instead of just fail, and was part
of a fix in #2656.

[SeeRM #8730]
2014-03-11 14:30:01 -05:00
sho-luv f7af9780dc
Rescue InvalidWordCount error
This is a cherry-pick of commit ea86da2 from PR #2656
2014-03-11 14:17:36 -05:00
James Lee f51ee2d6b4
snmp_enum: Treat missing timestamp elements as 0
Timestamps don't always have all the elements we expect. This treats
them as zeroes to ensure that we don't raise silly exceptions in that
case.
2014-03-11 12:44:07 -05:00
William Vu 170608e97b Fix first chunk of msftidy "bad char" errors
There needs to be a better way to go about preventing/fixing these.
2014-03-11 11:18:54 -05:00
jvazquez-r7 8cfa5679f2 More nick instead of name 2014-03-10 16:12:44 +01:00
jvazquez-r7 bc8590dbb9 Change DoS module location 2014-03-10 16:12:20 +01:00
sinn3r e32ff7c775
Land #3077 - Allow TFTP server to take a host/port argument 2014-03-08 00:58:52 -06:00
Tod Beardsley 151e2287b8
OptPath, not OptString. 2014-03-07 10:52:45 -06:00
Tod Beardsley 5cf1f0ce4d
Since dirs are required, server will send/recv
This does change some of the meaning of the required-ness of the
directories. Before, if you wanted to serve files, but not receive any,
you would just fail to set a OUTPUTPATH.

Now, since both are required, users are required to both send and
recieve. This seems okay, you can always just set two different
locations and point the one you don't want at /dev/null or something.
2014-03-07 10:49:11 -06:00
Tod Beardsley 37fa4a73a1
Make the path options required and use /tmp
Otherwise it's impossible to run this module without setting the options
which were not otherwise validated anyway.
2014-03-07 10:41:18 -06:00
Spencer McIntyre ebee365fce
Land #2742, report_vuln for MongoDB no auth 2014-03-06 19:34:45 -05:00
Spencer McIntyre 84f280d74f
Use a more descriptive MongoDB vulnerability title 2014-03-06 19:20:52 -05:00
Tod Beardsley 8a0531650c
Allow TFTP server to take a host/port argument
Otherwise you will tend to listen on your default ipv6 'any' address and
bound to udp6 port 69, assuming you haven't bothered to disable your
automatically-enabled ipv6 stack.

This is almost never correct.
2014-03-06 16:13:20 -06:00
sinn3r 7cb6e7e261
Land #3057 - MantisBT Admin SQL Injection Arbitrary File Read 2014-03-04 17:52:29 -06:00
sinn3r f0e97207b7 Fix email format 2014-03-04 17:51:24 -06:00
Brandon Perry c86764d414 update default password to root 2014-03-04 11:55:30 -08:00
Brandon Perry 2b06791ea6 updates regarding PR comments 2014-03-04 10:08:31 -08:00
Brandon Perry a3523bdcb9 Update mantisbt_admin_sqli.rb
remove extra new line and fix author line
2014-03-04 08:44:53 -06:00
Brandon Perry 98b59c4103 update desc 2014-03-03 12:40:58 -08:00
Brandon Perry c5d1071456 add mantisbt aux module 2014-03-03 12:36:38 -08:00
Tod Beardsley de6be50d64
Minor cleanup and finger-wagging about a for loop 2014-03-03 14:12:22 -06:00
William Vu fd1586ee6a
Land #2515, plaintext creds fix for John
[FixRM #8481]
2014-02-28 09:53:47 -06:00
Spencer McIntyre 12e4e0e36d Return whether result is nil or not. 2014-02-28 10:17:37 -05:00
Spencer McIntyre dfa91310c2 Support checking a single URI for ntlm information. 2014-02-28 08:47:29 -05:00
jgor 8be33f42fe Define service as udp 2014-02-27 12:53:29 -06:00
Peter Arzamendi ea5fe9ec0a Updated to use get_cookie 2014-02-27 08:52:54 -06:00
Peter Arzamendi 9e52a10f2d Set SSL to default to true and removed SSL from register_options. Updated Author to include full name 2014-02-26 20:49:03 -06:00
jvazquez-r7 bfdefdb338
Land #3023, @m-1-k-3's module for Linksys WRT120N bof reset password 2014-02-26 09:36:14 -06:00
jvazquez-r7 6ba26bf743 Use normalize_uri 2014-02-26 09:35:42 -06:00
jvazquez-r7 582372ec3e Do minor cleanup 2014-02-26 09:32:11 -06:00
jvazquez-r7 0531abb691
Land #3026, @ribeirux DoS module for CVE-2014-0050 2014-02-26 08:53:55 -06:00
jvazquez-r7 449d0d63d1 Do small clean up 2014-02-26 08:52:51 -06:00
Michael Messner b79197b8ab feedback included, cleanup, login check 2014-02-26 13:44:36 +01:00
William Vu 63bbe7bef2
Land #3034, 302 redirect for http_basic 2014-02-25 13:54:58 -06:00
William Vu 4cc91095de Fix minor formatting issues 2014-02-25 13:48:37 -06:00
kn0 6783e31c67 Used the builtin send_redirect method in Msf::Exploit::Remote::HttpServer instead of creating a redirect inline 2014-02-24 15:59:49 -06:00
ribeirux ead7cbc692 Author and URI fixed 2014-02-24 22:20:34 +01:00
kn0 f1e71b709c Added 301 Redirect option to Basic Auth module 2014-02-24 14:59:20 -06:00
William Vu 6f398f374e
Land #3032, inside_workspace_boundary? typo fix 2014-02-24 14:55:09 -06:00
James Lee d2945b55c1
Fix typo
inside_workspace_boundary() -> inside_workspace_boundary?()
2014-02-24 14:46:08 -06:00
sinn3r 5cdd9a2ff3
Land #2995 - sqlmap minor cleanup, description & file tests 2014-02-24 10:39:01 -06:00
ribeirux 8f7f1d0497 Add module for CVE-2014-0050 2014-02-22 14:56:59 +01:00
Michael Messner ec8e1e3d6f small fixes 2014-02-21 21:59:45 +01:00
Michael Messner 1384150b7a make msftidy happy 2014-02-21 21:56:46 +01:00
Michael Messner c77fc034da linksys wrt120 admin reset exploit 2014-02-21 21:53:56 +01:00
jvazquez-r7 4ca4d82d89
Land #2939, @Meatballs1 exploit for Wikimedia RCE and a lot more... 2014-02-18 17:48:02 -06:00
xistence 1864089085 removed rport definition 2014-02-17 11:32:24 +07:00
Matteo Cantoni 8a24da9eea Module to query Jboss status servlet 2014-02-15 17:46:52 +01:00
Tod Beardsley f6be574453
Slightly better file checks on sqlmap.py 2014-02-15 09:58:03 -06:00
Tod Beardsley dacbf55fc1
Minor cleanup of title and desc on sqlmap 2014-02-15 09:55:06 -06:00
Royce Davis 0e7074c139 Modififed output for smb_enumshares module 2014-02-14 13:39:13 -06:00
Royce Davis 6dc9840064 Modified output for smb_enumshares 2014-02-14 13:12:52 -06:00
Russell Sim ee3f1fc25b Record successful passwordless access to mongodb 2014-02-14 08:52:17 +11:00
Matteo Cantoni 7c860b9553 fix description 2014-02-13 21:11:50 +01:00
Peter Arzamendi 5ef40e3844 Removed bad sets on datastore['USERNAME'] and datastore['PASSWORD'] 2014-02-12 13:31:03 -06:00
Peter Arzamendi 2b8a8259f9 Updates to support OWA 2013 and some syntax changes 2014-02-12 09:40:49 -06:00
xistence 6944c54d13 Added EXTENDED option to smtp_relay 2014-02-12 15:44:53 +07:00
jvazquez-r7 79d559a0c9 Fix MIME message to_s 2014-02-10 22:23:23 -06:00
Tod Beardsley 1236a4eb07
Fixup on description and some option descrips 2014-02-10 14:41:59 -06:00
sinn3r 8a8bc74687
Land #2940 - DoliWamp 'jqueryFileTree.php' Traversal Gather Credentials 2014-02-10 13:49:02 -06:00
sinn3r 306b31eee3
Small changes before merging 2014-02-10 13:47:31 -06:00
xistence 02fb84db20 Changed dns_amp to avoid false positives 2014-02-10 17:13:06 +07:00
jvazquez-r7 ac52edabd5
Land #2801, Land @kicks4kittens IBM Sametime modules 2014-02-06 10:17:03 -06:00
jvazquez-r7 30c325c22e Make better json check 2014-02-06 10:16:26 -06:00
kicks4kittens 564f9bccc8 Correct print output
Printing the room details is the purpose of the module.
Reinstated printing the table in non-verbose mode (users won't know it's there otherwise)
2014-02-05 22:00:02 +01:00
kicks4kittens 445cd7be5a remove "on {peer}
line already includes {peer} info
2014-02-05 21:57:58 +01:00
kicks4kittens 4c0c9101aa Correct check, reinstate print
Corrected JSON check (response is empty, but valid JSON on check success)
Reinstated print to warn user (not only in VERBOSE)
2014-02-05 21:56:56 +01:00
kicks4kittens 60cf68f899 added default SSL 2014-02-05 21:54:02 +01:00
kicks4kittens 3560b41eb2 correct variable name
body isn't valid, replaced with res.body and tested
2014-02-05 21:51:55 +01:00
kicks4kittens 38add0ab50 alter print_status
Altered print_status to print_good to differentiate when user is online easier
2014-02-05 21:49:39 +01:00
sinn3r 89e1bcc0ca Deprecate modules with date 2013-something
These modules had an expiration date of 2013.
2014-02-04 14:49:18 -06:00
William Vu a58698c177
Land #2922, multithreaded check command 2014-02-04 11:21:05 -06:00
jvazquez-r7 cccf2e4258
Land #2926, @xistence A10 Networks Loadbalancer dir traversal module 2014-02-04 07:28:51 -06:00
jvazquez-r7 cc09367c62 Change the datastore name option 2014-02-04 07:28:14 -06:00
jvazquez-r7 ffd90a3d38 Add confirmation datastore option 2014-02-03 12:40:58 -06:00
Tod Beardsley 9953821451
Fix desc on Drupal module, some peer prints 2014-02-03 12:16:06 -06:00
bcoles 9b9b2fab58 Add DoliWamp 'jqueryFileTree.php' Traversal Gather Credentials module 2014-02-04 02:00:11 +10:30
jvazquez-r7 a92256e8d1 Clean a10networks_ax_directory_traversal 2014-02-03 08:41:23 -06:00
jvazquez-r7 53c2a737e9 Don't register rport again 2014-01-31 09:42:41 -06:00
jvazquez-r7 452042e757
Land #2925, @xistence aux module for Support Center Plus traversal 2014-01-31 09:38:01 -06:00
jvazquez-r7 e9f04d9203 Do final cleanup for Support Center Plus module 2014-01-31 09:37:40 -06:00
jvazquez-r7 32c5d77ebd
Land #2918, @wvu's fix for long argument lists 2014-01-31 08:49:22 -06:00
xistence e81a0ed22b Changes as requested for SupportCenterPlus module 2014-01-31 13:28:45 +07:00
William Vu 56287e308d Clean up unused variables 2014-01-30 11:20:21 -06:00
xistence 8ac0ef396e Added DNS recursion amplification scanner 2014-01-29 14:21:21 +07:00
xistence d3be54fed6 Added Extended SMTP Open Relay aux module 2014-01-29 13:46:54 +07:00
xistence c8296298b3 added A10Networks AX loadbalancer Dir Traversal Auxiliary Module 2014-01-28 16:37:25 +07:00
xistence 32d7f15a5c added ManageEngine Support Center Plus directory traversal auxiliary module 2014-01-28 15:45:23 +07:00
jvazquez-r7 f766a74150
Land #2920, @wvu-r7's author metadata update for printer aux modules 2014-01-27 13:02:31 -06:00
William Vu d19e9307c6 Fix missing colon in :caller_host symbol
Good catch, @jvazquez-r7!
2014-01-27 12:43:59 -06:00
jvazquez-r7 0dbaeb6742 Add Matteo's email 2014-01-27 08:40:44 -06:00
sinn3r f471f50092 ms08_067_check.rb is deprecated.
[SeeRM #8755]
2014-01-26 12:22:13 -06:00
William Vu 52371be52a Clarify why contributors are listed as authors
Also adding @mcantoni to the list of authors. Sorry we missed you!

Dear contributors,

Even though we weren't able to use your code, we absolutely appreciate
that you wrote it. That's why we're listing you as authors. Thanks!!!

https://dev.metasploit.com/redmine/issues/6034
https://dev.metasploit.com/redmine/issues/5217
https://dev.metasploit.com/redmine/issues/6864
2014-01-25 18:02:17 -06:00
Matteo Cantoni f18fef1864 Module to HP LaserJet Printer SNMP Enumeration 2014-01-25 15:48:13 +01:00
William Vu eaeb2af97f Use opts hash for h323_version
https://dev.metasploit.com/redmine/issues/8498
2014-01-24 20:32:37 -06:00
sinn3r f7ecae3f75
Land #2909 - Drupal OpenID External Entity Injection 2014-01-24 15:03:07 -06:00
sinn3r c8e2301111 Be more informative about why CheckCode::Unknown
This is just kind of personal preference here. In case users wonder
why Unknown.
2014-01-24 15:01:52 -06:00
Tod Beardsley 82bf02910d
Land #2911, correct author name for PJL credit 2014-01-24 11:00:12 -06:00
jvazquez-r7 fdaa172cc5
Land #2896, @wchen-r7's check's normalization for auxiliary modules 2014-01-24 08:53:53 -06:00
jvazquez-r7 e8b591ef54 Delete registering of check on bailiwicked modules 2014-01-24 08:47:04 -06:00
sinn3r 9ba72ffc71 Remove check support
Actually, you can't support check because in check mode the module
doesn't know the IP
2014-01-23 21:30:11 -06:00
sinn3r dc52d00be6 Modify vmware_http_login to work with check 2014-01-23 21:27:36 -06:00
jvazquez-r7 cf17bf2e72 Small fix 2014-01-23 19:34:50 -06:00
jvazquez-r7 43de7eb74f Use REXML 2014-01-23 19:32:42 -06:00
William Vu a67068f019 Correct author name
Was using the name quoted in Redmine. Technically, the author is Myo Soe
of the YGN Ethical Hacker Group (YEHG).
2014-01-23 19:09:20 -06:00
jvazquez-r7 5a59e3d4e4 Fix typo 2014-01-23 18:53:58 -06:00
jvazquez-r7 f529eb1d4b Clean code 2014-01-23 18:51:24 -06:00
jvazquez-r7 8e17d38c77 Add check method 2014-01-23 18:30:18 -06:00
jvazquez-r7 b0deb45fad Add Drupal advisory as reference 2014-01-23 18:10:57 -06:00
jvazquez-r7 6d0d7eda10 Delete garbage comment 2014-01-23 18:09:05 -06:00
jvazquez-r7 72b72effa6 Add module for CVE-2012-4554 2014-01-23 18:04:31 -06:00
sinn3r 7faa41dac0 Change Unknown to Safe because it's just a banner check 2014-01-23 15:36:19 -06:00
sinn3r 81a3b2934e Fix prints 2014-01-23 15:33:24 -06:00
sinn3r f5a935a186 Support check for bailiwicked_host 2014-01-23 15:31:37 -06:00
sinn3r 8d411d2037 Fix bailiwicked_domain to allow support of check() 2014-01-23 15:29:40 -06:00
Tod Beardsley f5809423a3
Let's spell right in my spellcheck PR
Updates #2900
2014-01-21 15:57:59 -06:00
Tod Beardsley b3b51eb48c
Pre-release fixup
* Updated descriptions to be a little more descriptive.

  * Updated store_loot calls to inform the user where the
loot is stored.

  * Removed newlines in print_* statments -- these will screw
up Scanner output when dealing with multiple hosts.

Of the fixed newlines, I haven't see any output, so I'm not sure what
the actual message is going to look like -- I expect it's a whole bunch
of newlines in there so it'll be kinda ugly as is (not a blocker for
this but should clean up eventually)
2014-01-21 13:29:08 -06:00
sinn3r 5025736d87 Fix check for modicon_password_recovery 2014-01-19 17:20:20 -06:00
sinn3r a239e14084 Fix nodejs_popelining check 2014-01-19 17:06:35 -06:00
sinn3r 7080bb336c Update ColdFusion check 2014-01-19 17:05:03 -06:00
sinn3r 4fdd2c19a1 Update vbulletin check 2014-01-19 16:54:27 -06:00
sinn3r 0a8aa07131 Fix check method
This isn't a check, so shouldn't be using the check method
2014-01-19 16:47:15 -06:00
jvazquez-r7 01ab6fd545 Do small fixes 2014-01-17 17:59:03 -06:00
jvazquez-r7 5ec062ea1c Beautify print message 2014-01-17 17:42:26 -06:00
jvazquez-r7 d96772ead1 Clean multi-threading on ibm_sametime_enumerate_users 2014-01-17 17:38:16 -06:00
jvazquez-r7 bb3d9da0bb Do first cleaning on ibm_sametime_enumerate_users 2014-01-17 16:33:25 -06:00
jvazquez-r7 584401dc3f Clean ibm_sametime_room_brute code 2014-01-17 15:57:12 -06:00
jvazquez-r7 4d079d47b8 Enable SSL by default 2014-01-17 15:34:33 -06:00
jvazquez-r7 277711b578 Fix metadata 2014-01-17 15:31:51 -06:00
jvazquez-r7 10fd5304ce Parse response body just one time 2014-01-17 15:17:25 -06:00
jvazquez-r7 fe64dbde83 Use rhost and rport methods 2014-01-17 14:49:50 -06:00
jvazquez-r7 5e8ab6fb89 Clea ibm_sametime_version 2014-01-17 12:23:11 -06:00
jvazquez-r7 bce321c628 Do response handling a little better, fake test 2014-01-17 11:02:35 -06:00
jvazquez-r7 11d613f1a7 Clean ibm_sametime_webplayer_dos 2014-01-17 10:52:42 -06:00
jvazquez-r7 51b3d164f7 Move the DoS module to the correct location 2014-01-17 09:30:51 -06:00
sinn3r a1eba03d1f
Land #2725 - Rex::Proto::PJL plus modules 2014-01-16 15:57:38 -06:00
William Vu 9bf90b836b Add environment variables support 2014-01-16 14:53:25 -06:00
William Vu 311704fc0a Perform final cleanup 2014-01-15 13:49:37 -06:00
kicks4kittens d0d82fe405 Fixed code issues as requested in PR2801
Mostly coding style issues
Re-tested in testbed - output as expected
2014-01-15 13:53:14 +01:00
kicks4kittens 87648476e1 Fixed code issues as requested in PR2801
Mostly coding style issues
Re-tested in testbed - output as expected
2014-01-15 13:52:45 +01:00
kicks4kittens 55d4ad1b6a Fixed code issues as requested in PR2801
Mostly coding style issues
Re-tested in testbed - output as expected
2014-01-15 13:51:19 +01:00
jvazquez-r7 0b1671f1b8 Undo debugging comment 2014-01-14 17:02:30 -06:00
jvazquez-r7 6372ae6121 Save some parsing 2014-01-14 17:00:00 -06:00
Matt Andreko 2d40f936e3 Added some additional creds that were useful 2014-01-13 23:15:51 -05:00
Matt Andreko 42fb8c48d1 Fixed the credential parsing and made output consistent
So in the previous refactor, we made the dedicated method to parse
usernames and passwords from the split up config values. However, that
didn't work, because on a single iteration of the loop, you only have
access to a possible username OR password. The other matching key will
be another iteration of the loop. Because of this, no credential pairs
were being reported.

The only way I can see around this (maybe because I'm a ruby newb) would
be to iterate over configs, and if the user or password regex matches,
add the matching value to a hash, which is identified by a key for both
user & pass. Then upon completion of the loop, it'd iterate over the
hash, finding keys that had both user & pass values.
2014-01-13 22:57:25 -05:00
William Vu 7c52f9b496 Update description to use %q{} 2014-01-13 14:42:25 -06:00
William Vu 61b30e8b60
Land #2869, pre-release title/desc fixes 2014-01-13 14:29:27 -06:00
Tod Beardsley 207e9c413d
Add the test info for sercomm_dump_config 2014-01-13 14:27:03 -06:00
jvazquez-r7 fe6d10ac5d
Land #2852, @mandreko's scanner for OSVDB 101653 2014-01-13 14:07:07 -06:00
Tod Beardsley 671027a126
Pre-release title/desc fixes 2014-01-13 13:57:34 -06:00
jvazquez-r7 8c3a71a2e7 Clean sercomm_backdoor scanner according to feedback 2014-01-13 13:53:47 -06:00
jvazquez-r7 95a5d12345 Merge #2835, #2836, #2837, #2838, #2839, #2840, #2841, #2842 into one branch 2014-01-13 10:57:09 -06:00
jvazquez-r7 4a64c4651e
Land #2822, @mandreko's aux module for OSVDB 101653 2014-01-09 15:15:37 -06:00
jvazquez-r7 410302d6d1 Fix indentation 2014-01-09 15:14:52 -06:00
Matt Andreko b1073b3dbb Code Review Feedback
Removed the parameters from get() since it works without them
2014-01-09 15:54:23 -05:00
William Vu d69b658de0
Land #2848, @sho-luv's MS08-067 scanner 2014-01-09 14:39:25 -06:00
Matt Andreko 2a0f2acea4 Made fixes from the PR from jvazquez-r7
The get_once would *only* return "MMcS", and stop. I
modified it to be a get(3, 3). Additionally, the command
length was set to 0x01 when it needed to be 0x00.
2014-01-09 15:33:04 -05:00
William Vu fc616c4413 Clean up formatting 2014-01-09 14:16:31 -06:00
Matt Andreko 93668b3286 Code Review Feedback
Made it less verbose, converting to vprint_error
2014-01-09 14:53:33 -05:00
jvazquez-r7 be6958c965 Clean sercomm_dump_config 2014-01-09 13:42:11 -06:00
Matt Andreko e21c97fd4d Added missing metadata
Add credit where due
Add disclosure date and references
2014-01-09 14:33:54 -05:00
Matt Andreko 9456d26467 Added Scanner module for SerComm backdoor 2014-01-09 14:25:28 -05:00
Matt Andreko 01c5585d44 Moved auxiliary module to a more appropriate folder 2014-01-09 10:17:26 -05:00
Matt Andreko d9e737c3ab Code Review Feedback
Refactored the configuration settings so that creds could be reported to
the database more easily, while still being able to print general
configuration settings separately.
2014-01-09 10:14:34 -05:00