infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
41,003 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

873 Commits (f584d5c1c55cc433d3d85b49096270e7eb237db5)

Author SHA1 Message Date
wchen-r7 fd6a58a348 URI decode users 2017-01-26 18:30:17 -06:00
wchen-r7 e47f38b3c9 Look at the right link to extract users 2017-01-26 18:20:06 -06:00
wchen-r7 ba50f2f88b Fix nil for empty pass 2017-01-26 17:51:20 -06:00
wchen-r7 55b9c15d68 Pass should not be forced 2017-01-26 17:48:41 -06:00
wchen-r7 4ee0a380d1 Update module description 2017-01-26 16:35:15 -06:00
wchen-r7 72b654c9b1 Update description 2017-01-26 14:58:02 -06:00
wchen-r7 94bc44b485 Add Advantech WebAccess Post Auth Credential Collector 2017-01-26 14:53:59 -06:00
Brent Cook 836da6177f Cipher::Cipher is deprecated 2017-01-22 10:20:03 -06:00
William Vu 0589948a73 Remove other rhost (oops) and fail_with 2016-12-23 16:10:21 -06:00
Jon Hart b4235835c8
rhost -> ip 2016-12-23 13:20:24 -08:00
Jon Hart 60e602c371
Update chromecast wifi gather module to use Scanner for scanning in bulk 2016-12-23 11:34:19 -08:00
wchen-r7 22d70ddd09 Fix #7455, handle the URIPORT option properly in is_uxss_injection 
Fix #7455
 2016-11-17 15:50:35 -06:00
Brian Patterson abddeb5cd2 Land 7473, add censys search module 2016-11-17 13:44:00 -06:00
attackdebris 1b4cef10d1 Change creds_name to Kerberos 2016-11-01 17:59:51 +00:00
Brendan 9eaaba1dea Added user logging into the db and humored rubocop 2016-10-27 15:50:17 -05:00
attackdebris c2af2ab214 Move kerberos_enumusers module to aux/gather & add documentation 2016-10-27 19:11:22 +01:00
Vex Woo b5ba862e98 parse ipv4 / website info 2016-10-23 10:53:43 -05:00
Vex Woo 50284cf01b parse domain/ip info from certificate 2016-10-23 10:33:17 -05:00
nixawk c79c102998 remove unuse variable @uri 2016-10-21 23:59:09 -05:00
nixawk 893a6ef82e add censys search module 2016-10-21 23:45:44 -05:00
David Maloney e442f5f76b
Land #7460, zoomeye search module 
typo in previous land commit
 2016-10-21 13:48:28 -05:00
David Maloney 264fe7b8f8 Land #7460, zoomeye search module 2016-10-21 13:47:46 -05:00
nixawk ada571bfdf Fix login - check condition 2016-10-20 22:52:24 -05:00
nixawk 344b688ae5 remove ZoomEye_APIKEY, add (USERNAME / PASSWORD) 2016-10-20 22:48:01 -05:00
nixawk 097a273abb fix dork_search 2016-10-19 20:54:31 -05:00
nixawk 72b2ba2e88 replace [Net::HTTP] with [rex/proto/http] 2016-10-19 20:40:45 -05:00
nixawk a77f415893 remove unuseful condition 2016-10-19 20:05:12 -05:00
nixawk 9f3f0fd358 make [matches_records] simple 2016-10-19 19:59:02 -05:00
nixawk fcc22d9027 add module references info 2016-10-19 02:23:11 -05:00
nixawk 3630388e91 zoomeye search 2016-10-18 22:52:23 -05:00
William Vu fed2ed444f Remove deprecated modules 
psexec_psh is undeprecated because users have been reporting
idiosyncrasies between it and psexec in the field.
 2016-09-03 12:43:01 -05:00
Brendan 81bc6bd672
Land #7228, Create zabbix_toggleids_sqli auxiliary module 2016-09-01 16:33:17 -05:00
Brandon Perry 874fec4e31 Update zabbix_toggleids_sqli.rb 2016-08-31 17:23:16 -04:00
Brandon Perry d43380330e Update zabbix_toggleids_sqli.rb 2016-08-31 17:18:28 -04:00
Pearce Barry 226ded8d7e
Land #6921, Support basic and form auth at the same time 2016-08-25 16:31:26 -05:00
Brandon Perry 38a8d21e5b Update zabbix_toggleids_sqli.rb 2016-08-22 18:57:25 -05:00
Brandon Perry 6b9635d7a5 Rename zabbix_toggleids_sqli to zabbix_toggleids_sqli.rb 2016-08-22 18:52:16 -05:00
Brandon Perry 2abf71a3ac Create zabbix_toggleids_sqli 2016-08-21 12:43:20 -05:00
Pearce Barry 1e7663c704
Land #7200, Rex::Ui::Text cleanup 2016-08-12 16:22:55 -05:00
wchen-r7 c2c05a820a Force uripath and srvport options 2016-08-10 18:25:45 -05:00
wchen-r7 e56e801c12 Update ie_sandbox_findfiles.rb 2016-08-10 18:09:58 -05:00
David Maloney eb73a6914d
replace old rex::ui::text::table refs 
everywhere we called the class we have now rewritten it
to use the new namespace

MS-1875
 2016-08-10 13:30:09 -05:00
Yorick Koster 87b27951cf Fixed some build errors 2016-08-09 20:46:49 +02:00
Yorick Koster 79a84fb320 Internet Explorer iframe sandbox local file name disclosure vulnerability 
It was found that Internet Explorer allows the disclosure of local file
names. This issue exists due to the fact that Internet Explorer behaves
different for file:// URLs pointing to existing and non-existent files.
When used in combination with HTML5 sandbox iframes it is possible to
use this behavior to find out if a local file exists. This technique
only works on Internet Explorer 10 & 11 since these support the HTML5
sandbox. Also it is not possible to do this from a regular website as
file:// URLs are blocked all together. The attack must be performed
locally (works with Internet zone Mark of the Web) or from a share.
 2016-08-09 20:35:42 +02:00
James Lee ff63e6e05a
Land #7018, unvendor net-ssh 2016-07-19 17:06:35 -05:00
Brent Cook b08d1ad8d8
Revert "Land #6812, remove broken OSVDB references" 
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
 2016-07-15 12:00:31 -05:00
David Maloney b6b52952f4
set ssh to non-interactive 
have to set the non-interactive flag so that it does not
prompt the user on an incorrect password

MS-1688
 2016-07-14 11:12:03 -05:00
David Maloney 01d0d1702b
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup 2016-07-14 09:48:28 -05:00
Brent Cook 2b016e0216
Land #6812, remove broken OSVDB references 2016-07-11 22:59:11 -05:00
David Maloney 6c3871bd0c
update ssh modules to use new SSHFactory 
updated all of our SSh based module to use the
new SSHFactory class to plug Rex::Sockets into
Net::SSH

MS-1688
 2016-06-24 13:55:28 -05:00