83ae5cb14d
fix backup_file.rb and add a few docs
2018-07-22 20:50:22 -04:00
2a969d70db
dicoogle
2018-07-21 21:31:45 -04:00
65d42380d3
Merge branch 'master' into remote_creds_data
2018-07-19 16:25:06 -05:00
8e1f68f384
Update ms15_034_http_sys_memory_dump.rb with VHOST
...
Added VHOST to cater to targets that require virtual hostname to be defined
2018-07-16 15:13:23 +08:00
1a3a4ef5e4
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
cce3b6f369
Clean up module
2018-07-12 02:57:14 -05:00
7d8b9a90d7
Add more reporting
2018-07-11 17:22:48 -04:00
30c43e22d9
Fix typo
2018-07-11 17:04:31 -04:00
bb8ac4a7ab
Add info & update_info
2018-07-11 16:52:16 -04:00
c26fcc0af1
Merge branch 'master' into remote_creds_data
2018-07-11 10:27:49 -05:00
1f0045fa03
Improve Description
2018-07-11 01:27:10 -04:00
00f4d3967c
Add basic reporting
2018-07-11 00:47:43 -04:00
d488b51264
Use peer instead of ip & port
2018-07-11 00:41:55 -04:00
5a89642ddd
Simplify the module greatly
2018-07-11 00:15:56 -04:00
ffc2f044cc
Remove lines that were not required
2018-07-11 00:04:44 -04:00
7b1e7eb085
Minor improvement to description
2018-07-11 00:04:12 -04:00
2b2029b487
Align Hashrockets
2018-07-11 00:03:26 -04:00
9491c63778
Fix several minor details
2018-07-10 23:56:05 -04:00
66c207a124
Remove timeout of 25 seconds
2018-07-10 23:53:13 -04:00
718606c9f2
Add Auxiliary module to enumerate the Docker Server Version
2018-07-10 19:34:49 -04:00
bbc16e1873
Merge branch 'master' into remote_creds_data
2018-07-09 09:49:14 -05:00
aff39e65d5
Update missing CVE references for auxiliary modules
...
Based on existing references such as BID, OSVDB, blog posts, etc
2018-07-08 19:00:11 -05:00
e1a9aae109
Add Wordress Arbitrary File Deletion module
2018-07-03 12:21:38 +02:00
76535b5e51
Check hidden val && check auth requirement
2018-06-25 17:24:13 -05:00
10c36bbd7d
modified get_creds, renamed make_request
2018-06-25 12:45:06 -05:00
81bdbd712c
added disclosureDate and modified style
2018-06-22 15:58:21 -05:00
510c2d04ef
add auxiliary module and documentation - SickRage
2018-06-22 11:18:02 -05:00
b315886f9b
Update option description
2018-06-19 14:55:53 -05:00
9be8aa6877
Be more verbose on error handling
2018-06-19 14:54:27 -05:00
a0189cc3f6
made suggested changes to module
2018-06-19 12:22:44 -05:00
b78bb78f95
added auxiliary module and documentation
2018-06-18 10:25:33 -05:00
2ded48a510
Merge branch 'master' into remote_creds_data
2018-06-15 10:26:10 -05:00
9f2f61c481
Implement create_credential_and_login in the dataproxy
2018-06-14 13:28:03 -05:00
918705d510
Removed deprecated modules: `epmp1000_cmd_exec` and `cambium_snmp_loot`
2018-05-31 14:31:58 -05:00
cc0fdee788
EmptyGroup advanced option, just in case...
2018-05-10 09:57:50 -05:00
79a0610436
remove empty group
2018-05-09 11:11:03 -05:00
133b34827f
Fix false+ login in a few more places
2018-02-23 13:16:41 -06:00
5815b626d9
Dont save email addresses as valid
...
Also add module doc for owa_login module
2018-02-22 14:58:11 -06:00
e531dbc976
Fix bug causing all logins to appear valid
...
The headers we were looking for were a little too loose
and were incorrectly identifying all responses as successful
login attempts
2018-02-22 11:25:35 -06:00
56c00a8cb6
initial OWA 2016 support
2018-02-19 21:43:49 -06:00
fbeba8bfd2
Fix #9513 , Add private_type to be able to store password for Tomcat
...
If there is no :private_type, the create_credential method in
Metasploit::Credential::Creation will quietly skip the password,
which makes it look like a bug when the user is trying to view
the password from the creds command.
Fix #9513
2018-02-13 14:31:56 -06:00
ecb5fffb0b
Typo fix: "withint" --> "within"
2018-02-13 06:20:57 +13:00
10fde42adc
Land #9431 , Fix owa_login to handle inserting credentials for a hostname
2018-01-22 16:46:39 -06:00
2a6b3671bf
Add connection addr+port info to http response object.
...
Update owa_login to use this instead of doing lookups on its own.
2018-01-19 13:37:33 -06:00
e9ce2374e5
Auto-resolve target if it's a hostname (owa_login).
...
Ensures the module does save the creds which it claims to be saving. See MS-2968.
2018-01-17 16:47:21 -06:00
d172259f5d
umlaut
2018-01-13 16:06:11 +11:00
eb8429cbd3
Revert "umlaut"
...
This reverts commit ffd7073420
2018-01-12 22:57:22 -06:00
ffd7073420
umlaut
2018-01-13 15:48:45 +11:00
e6de25d63b
Land #9316 Cambium modules and mixins, tx @juushya
...
These cover several of the CVEs mentioned in
https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/
2017-12-26 12:39:51 -06:00
1bb2bb9d2c
Oops, no admin in that path
2017-12-26 12:06:45 -06:00
9af88681a2
Move deprecation out 60 days
2017-12-26 11:56:47 -06:00
038119d9df
Use of get_cookies_parsed, changing dirs, marking deprecated in 2 mods, more
2017-12-23 00:14:27 +05:30
5dfb5d581a
Switch get_cookies to get_cookies_parsed
...
Am I doing it right? See #9333
2017-12-21 09:00:56 -06:00
7f8a5d3834
improved credential reporting
2017-12-20 15:09:11 -06:00
216d00e39f
Use a random fname destination for /etc/passwd
2017-12-19 17:02:16 -06:00
e93282b71d
Drop calls to vprint_*
2017-12-19 16:53:02 -06:00
2dc2ac134e
Don't default verbose
2017-12-19 16:48:41 -06:00
acc6951bf3
fixed typo
2017-12-19 08:35:11 -05:00
85350a9645
Add Rapid7 blog references
2017-12-18 17:11:47 -06:00
ae4edd65e1
Hard wrap descriptions
2017-12-18 17:03:13 -06:00
27a324237b
Initial commit for Cambium issues from @juushya
...
Note, these will trigger a bunch of WARNING msftidy messages for setting
cookies directly. This is on purpose.
2017-12-18 16:32:55 -06:00
6d565b6c33
added author information
2017-12-18 09:18:36 -05:00
f447fa1a12
Added DirectAdmin Login Utillity
2017-12-17 22:43:37 -05:00
2f6da89674
Change author name to nick.
2017-11-09 03:00:24 +11:00
972f9c08eb
Land #9135 , peer print for jenkins_enum
2017-11-01 15:33:13 -05:00
77181bcc9c
Prefer peer over rhost/rport
2017-11-01 15:32:32 -05:00
0e66ca1dc0
Fix #3444/#4774, get_json_document over JSON.parse
...
Forgot to update these when I wrote new modules.
2017-11-01 15:05:49 -05:00
587c9673c6
Added host and port to output
...
I added the host and port number to reporting when instances are found.
2017-10-27 09:34:49 -07:00
ab63caef7b
Land #9009 , Apache Optionsbleed module
2017-10-10 12:13:40 -05:00
7fc9be846a
bcoles suggestions
2017-09-29 20:29:30 -04:00
6cc5324e5b
oe is all umlaut
2017-09-28 19:52:02 -04:00
2295146dcd
working optionsbleed module
2017-09-27 22:07:57 -04:00
997b831b52
implement regexes
2017-09-27 19:33:50 -04:00
0649d0d356
wip optionsbleed
2017-09-26 22:09:07 -04:00
273d49bffd
Land #8891 login scanner for Inedo BuildMaster
2017-09-24 13:30:17 -04:00
4e81a68108
Simplify saving valid credentials by calling store_valid_credential
2017-09-15 00:18:33 -05:00
861f4a6201
Changes to buildmaster_login from code review
...
Use peer property in messages instead of rhost rport combination for consistency.
Documentation updated accordingly.
2017-09-09 18:00:04 -05:00
47adfb9956
Fixes from code review to buildmaster_login
...
Per bcoles, the most important fixes are:
- Removing `self.class` from call to `register_options`
- Adding rescue to login_succeeded to handle bad json
2017-09-09 16:26:01 -05:00
bd7ea1f90d
more updates, 465 more pages to go
2017-08-26 21:01:10 -04:00
7dfde651ea
Add login scanner module for Inedo BuildMaster
...
This module attempts to log into BuildMaster. BuildMaster is an application release automation tool.
More information about BuildMaster:
http://inedo.com/
2017-08-26 17:56:53 -05:00
6300758c46
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
e710701416
Made msftidy.rb happy
...
...untested with the set-cookie 'fix'
2017-07-21 19:55:26 -07:00
524373bb48
OCD - Removed un-needed full stop
2017-07-21 07:41:51 -07:00
3f6925196b
OCD - store_loot & print_good
2017-07-19 13:02:49 +01:00
ef826b3f2c
OCD - print_good & print_error
2017-07-19 12:48:52 +01:00
b8d80d87f1
Remove last newline after class - Make @wvu-r7 happy
2017-07-19 11:19:49 +01:00
a008f8e795
BruteForce - > Brute Force
2017-07-19 10:39:58 +01:00
4720d1a31e
OCD fixes - Spaces
2017-07-14 08:46:59 +01:00
fd843f364b
Removed extra lines
2017-07-14 08:17:16 +01:00
67310fa96c
print_status -> print_good. [When it is successful, show it!]
2017-07-14 00:09:35 +01:00
f45facdf6e
Fix HTTP verb in jboss_vulnscan print_status
2017-07-06 14:55:33 -05:00
aa387e96a7
Land #8577 , Add SurgeNews User Credentials scanner
2017-07-03 10:14:03 -05:00
dff96ce9a0
Re-order includes with Auxiliary::Scanner last
2017-07-01 08:30:17 +00:00
d20036e0fb
revise spelling, add heartbleed and tidy checks
2017-06-28 18:50:20 -04:00
461ab4501d
add 'Also known as', AKA 'AKA', to module references
2017-06-28 15:53:00 -04:00
ceba4e6d61
Add pointer to CDX API
2017-06-21 12:34:40 -05:00
c12056d242
Fix enum_wayback using CDX API
2017-06-21 12:29:15 -05:00
b82051757d
Add SurgeNews User Credentials scanner module
2017-06-17 01:49:47 +00:00
549f9e74d8
Fix AMT scanner for mangled HTML (no </p>)
...
Also stores proof using the correct :info for report_vuln (not :proof).
2017-06-14 16:54:32 -05:00
bb9d1a6768
Land #8507 , Riverbed SteelHead VCX file read
2017-06-12 10:39:48 -05:00
h00die
James Barnett
Sunny Neo
asoto-r7
William Vu
Agora Security
Wei Chen
Aloïs Thévenot
Shelby Pace
Jacob Robles
Brent Cook
follower
Pearce Barry
Brendan Coles
Tod Beardsley
juushya
Jeffrey Martin
Nick Marcoccio
Patrick Webster
sho-luv
james
james
Brent Cook
g0tmi1k
dmohanty-r7