1226b3656f
Land #4945 , @wchen-r7's login scanner for Symantec web gateway
2015-03-20 14:44:05 -05:00
62871255b0
Match class and file names
2015-03-20 14:25:20 -05:00
179177d5c0
Fix typo
2015-03-20 13:27:41 -05:00
608bf55b79
Update
2015-03-17 11:54:38 -05:00
27b6fbb648
I don't need :ssl and :ssl_version
2015-03-17 11:31:38 -05:00
69453c1955
Missing ?
2015-03-17 12:00:58 +00:00
d18224e3cb
Correct capitilzation of GitLab
2015-03-17 11:32:14 +00:00
25840c41cf
Rubocop
2015-03-17 11:21:05 +00:00
f4a1e981ab
Add gitlab login scanner
2015-03-17 11:19:23 +00:00
ff58f7d270
Add Symantec Web Gateway Login Module
2015-03-17 02:51:57 -05:00
75c075e32b
properly anchor regexes
...
duh
2015-03-03 19:15:29 -06:00
64490c746a
CredCollection now knows about postgres_md5
...
the cred collection can now identify a postgres_md5 hash string
and set the type on the Metasploit::Framework::Credential object
appropriately
MSP-12244
2015-03-03 16:43:52 -06:00
c836078292
allow credentials to have a type of postgres_md5
...
add postgres_md5 to the type validation on
Metasploit::Framework::Credential to account
for the new Private type
MSP-12244
2015-03-03 16:35:30 -06:00
aa4038d539
allow the postgres librry to take an md5 hash
...
allow the raw md5 password hash to be passed in instead of
a password for md5 authentication in postgres. Adds an extra exception
class for when an md5 hash is given but the server expects
a different form of authentication.
MSP-12244
2015-03-03 13:16:46 -06:00
8c5ff858d0
Land #4812 , hp_sys_mgmt_login configurable URIs
2015-02-23 19:04:14 -06:00
97ccf7e23f
Fixes SSL support for http_login (variable shadowing)
2015-02-23 14:00:29 -06:00
c39d6e152e
Land #4819 , Normalize HTTP LoginScanner modules
2015-02-23 11:43:42 -06:00
c60e2584bf
Comment typo
2015-02-22 02:51:18 -06:00
888c718f40
Fix two typos
2015-02-22 02:45:50 -06:00
8e8a366889
Pass Http::Client parameters into LoginScanner::Http (see #4803 )
2015-02-22 02:26:15 -06:00
bf2be7964b
Fix #4592 , print_* methods used in LoginScanner modules
...
Fix #4592
2015-02-20 22:46:21 -06:00
40c237f507
Fix #3982 , allow URIs to be user configurable
...
Fix #3982
2015-02-20 21:54:03 -06:00
ffa6550aec
Land #4787 , HD's new Zabbix and Chef LoginScanners
...
Lands the new LoginScanners HD wrote for Zabbix
and the Chef WebUI
2015-02-18 14:51:16 -06:00
804db0ff0c
add leixcal sorting to methods
...
lexical sort the new methods except for
msf module entrypoint methods which should always be at
the top
2015-02-18 14:50:33 -06:00
2847507f03
Add a chef brute force module
2015-02-17 23:49:57 -06:00
27d5ab45b4
Add a zabbix brute force module
2015-02-17 22:56:08 -06:00
85fd139ab0
Add missing context and a normalize_uri helper method
2015-02-17 22:55:53 -06:00
16932372db
Calls to Rex::Proto::Http::Client.new were passing in empty context
2015-02-17 20:44:37 -06:00
8d982e3286
Pass the framework/module down into LoginScanner
2015-02-07 11:50:30 -06:00
985641dbc4
Add missing Context, fixes #4723
2015-02-07 11:27:57 -06:00
7d1090baca
Convert #find(:all) to #where or #all
2015-02-01 00:31:58 -06:00
8f54e4d611
Implement "-" for msfconsole -r from stdin
...
More predictable than /dev/stdin, which is usually a symlink to
/proc/self/fd/0 or /dev/fd/0, but the feature is not guaranteed to be
present.
This isn't *terribly* useful, but it can be. -x is recommended, but it
doesn't allow for ERB directives. This is mostly for hax.
2015-01-29 19:26:56 -06:00
69f03f5c5d
Move ACPP default port into Rex
2015-01-12 19:43:57 -08:00
e9557ffe58
Simplify module in prep for some authbrute cleanups
2015-01-12 13:08:12 -08:00
97f5cbdf08
Add initial Airport ACPP login scanner
2015-01-12 13:08:12 -08:00
bdbb26ba31
Land #4540 , resolves #4532 , honour DB_ALL_* options
2015-01-07 21:12:23 +00:00
5d68d48ca5
Land #4385 , fixes bruteforce_speed validator
...
bruteforce_speed validator now accepts nil
2015-01-07 12:09:25 -06:00
702511dbc5
respect DB_ALL_USERS & DB_ALL_PASS
...
fix last few things in authbrute
and make the CredentialCollections understand the
additional seperate components
MSP-11986
2015-01-07 11:41:41 -06:00
7ff2ba0725
first pass on fixing DB_ALL authbrute stuff
...
DB_ALL_CREDS worked but DB_ALL_USER and DB_ALL_PASS
did not. working on fixing that.
This commit also does some nice DRY work in the auth_brute mixin
MSP-11986
2015-01-07 11:30:39 -06:00
6ded5a7eb4
Avoid spinner on Windows
...
Fixes #4147 , probably.
2014-12-30 10:17:56 -06:00
337b2d784f
Land #4416 , define rails version dep in one place
...
* Bump rails to 3.2.21
2014-12-19 15:17:54 -06:00
db0aeb2a05
Make the version constraint a range
2014-12-19 13:54:13 -06:00
c493ccfc06
Define the Rails version constraint in a library constant
2014-12-19 11:46:39 -06:00
80cd04d76a
Land #4332 , test optimization for Cucumber
...
* Make Cuke run faster on TravisCI
2014-12-18 09:34:55 -06:00
4c994d84e0
Updating version to 4.11 for Flood release
2014-12-15 14:42:09 -06:00
ac004d2770
Fix bruteforce validators to accept nil
...
bruteforce_speed isn't always required, because the speed checker
already handles nil (and presumes the user wants the fastest possible).
See also MSP-11842
2014-12-12 13:57:37 -06:00
4eaf64afef
Don't lie about stop_on_success
...
This absolutely needs to be honored too, though.
See #4365 .
2014-12-11 12:37:13 -06:00
edf541fabe
Fix some double spacing
2014-12-11 09:39:15 -06:00
09617f990b
Implement BRUTEFORCE_SPEED respect (telnet)
...
This implements just for telnet, but assuming this strategy is kosher,
it's not too painful to add for the rest of the LoginScanner using the
old defaults used by `AuthBrute`.
See #3904 , @dmaloney-r7 or @jlee-r7
2014-12-09 15:40:43 -06:00
8c0610cb7a
Merge branch 'master' into feature/MSP-11671/test-optimization
...
MSP-11671
Conflicts:
.travis.yml
2014-12-08 08:46:22 -06:00
jvazquez-r7
sinn3r
Meatballs
David Maloney
William Vu
HD Moore
Christian Catalan
Jon Hart
Tod Beardsley
Fernando Arias
Matt Buck
Trevor Rosen
Samuel Huckins
Luke Imhoff