h00die
a349eb9a0d
fixes per peer review
2017-06-10 14:29:53 -04:00
Jeffrey Martin
b932aae82e
reference typo fix
2017-06-06 11:50:07 -05:00
Jeffrey Martin
1558db375d
update CVE reference in where modules report_vuln
2017-06-05 16:36:44 -05:00
h00die
de86c5d991
add storing creds and loot name consistency
2017-06-04 17:46:43 -04:00
h00die
ea5db9a039
working module
2017-06-02 23:09:19 -04:00
James Lee
4def7ce6cc
Land #8327 , Simplify storing credentials
2017-05-18 16:49:01 -05:00
HD Moore
f7ff840ef0
Add missing return, thanks bperry!
2017-05-08 14:08:59 -05:00
HD Moore
9392e48b72
Add a scanner for Intel AMT auth bypass (CVE-2017-5689)
2017-05-08 13:24:00 -05:00
Jeffrey Martin
a1efa30fa2
comments adjustments & enum better
2017-05-08 11:57:06 -05:00
Jeffrey Martin
e2fe70d531
convert store_valid_credential to named params
2017-05-05 18:23:15 -05:00
Jeffrey Martin
63b6ab5355
simplify valid credential storage
2017-05-04 22:51:40 -05:00
William Vu
64452de06d
Fix msf/core and self.class msftidy warnings
...
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
Brent Cook
f8792956ee
fix one module for testing
2017-04-26 16:21:13 -05:00
William Webb
f870f94fa9
Land #8163 , Add Cambium ePMP Arbitrary Command Execution
2017-03-31 19:06:19 -05:00
juushya
30896d1fab
Add Cambium ePMP Arbitrary Command Execution Module
2017-03-28 00:17:36 +05:30
William Webb
66a585ab41
Land #8050 , Add Cambium ePMP System Hash Dumper
2017-03-27 12:08:53 -05:00
William Webb
935c59306b
Land #7897 , Add Cambium ePMP 1000 Device Configuration file dumper
2017-03-27 12:05:11 -05:00
William Webb
d705949b37
Land #7784 , Cambium ePMP 1000 Login Scanner
2017-03-27 12:01:56 -05:00
juushya
dd7cf39678
updated references
2017-03-25 12:31:08 +05:30
juushya
63d88c159a
updated references
2017-03-25 12:27:38 +05:30
juushya
fd5e25bcc2
restored version check
2017-03-25 12:08:00 +05:30
h00die
7bcd53d87d
Land #8079 , exploit and aux for dnaLims
2017-03-20 11:08:05 -04:00
h00die
fd5345a869
updates per pr
2017-03-20 10:40:43 -04:00
h00die
06e6a973ce
land #7944 a scanner for Carlo Gavazzi energy meters
2017-03-18 10:35:43 -04:00
juushya
0b5da60564
Added nil check + formatting edits
2017-03-07 02:17:21 +05:30
juushya
d99d81992f
Added nil check + formatting edits
2017-03-07 02:16:01 +05:30
juushya
05efb61d3b
Added nil check + formatting edits
2017-03-07 02:14:18 +05:30
juushya
62b0efd99d
Added nil check + formatting edits
2017-03-07 01:44:23 +05:30
juushya
9a5ab604e5
Added nil check + formatting edits
2017-03-07 01:21:07 +05:30
juushya
2d8e3c73f5
Minor edits
2017-03-07 00:20:05 +05:30
juushya
3ab214e758
Minor edits
2017-03-07 00:03:24 +05:30
juushya
e8460c3b94
Minor edit
2017-03-03 02:37:20 +05:30
juushya
fafd35330d
Add epmp1000 dump hashes module
2017-03-03 02:22:34 +05:30
juushya
c6e65b1521
Minor edits
2017-03-03 02:00:19 +05:30
juushya
6bd09c142f
Minor edits
2017-03-03 00:53:17 +05:30
juushya
c9a354b844
Added nil checks
2017-03-01 20:18:51 +05:30
wchen-r7
69c7b0168c
Restore USERNAME and PASSWORD options for owa_login
...
Requested by our own pentesters, the username & password options
should be restored so users can more easily try one password but
multiple users.
2017-02-27 15:04:06 -06:00
h00die
43550b8cdf
fixing line length
2017-02-23 19:55:23 -05:00
h00die
041238f77c
land #7896 Binom3 power meter scanner and brute
2017-02-23 19:49:50 -05:00
jvoisin
73eed104a9
Take into account @h00die's comments.
2017-02-20 13:22:20 +01:00
jvoisin
7bd6aff1cf
Add a sploit for CVE-2017-5982
2017-02-19 21:57:27 +01:00
Brent Cook
e4c324c988
Land #7941 , treat a user with no mailbox as a valid credential anyway
2017-02-17 17:09:57 -06:00
juushya
e6bfbb7c78
Added random cookie gen, res checks, & minor updates
2017-02-12 16:55:11 +05:30
juushya
906ca6c24e
Add Carlo Gavazzi module
2017-02-11 11:18:43 +05:30
James Barnett
94a234e5bf
Specify sname as http/https to keep with standards throughout the code.
2017-02-10 17:31:08 -06:00
jakxx
58779f0aaf
owa_login no mailbox bugfix
...
The owa_login module currently misses a success condition where the
creds are valid but there is no mailbox setup. This commit adds the
check for the condition for OWA 2013.
2017-02-09 21:35:58 -05:00
wchen-r7
4a9a8adaa1
Land #7928 , http_version now stores the fingerprints
2017-02-09 16:28:51 -06:00
Christian Mehlmauer
8ade9b8aae
Land #7905 , WordPress content injection module
2017-02-09 15:49:50 +01:00
William Vu
cf395ea7b1
Make error checks more consistent
2017-02-08 18:00:44 -06:00
William Vu
0d56676690
Add error check for listing posts
2017-02-08 17:13:12 -06:00
William Vu
766e7b013d
Once more, with feeling
2017-02-08 09:17:37 -06:00
William Vu
a71b097e6b
Revert status iteration, since it doesn't work
...
Also.
2017-02-08 09:13:42 -06:00
William Vu
6b2a995a7d
Revert AutoPublish, since it doesn't work
...
Apparently.
2017-02-08 07:43:17 -06:00
William Vu
df38a91fbd
Be nice and parse JSON for the error
2017-02-08 07:37:09 -06:00
William Vu
befe224c58
Use wordpress_and_online? before actions
2017-02-08 07:24:57 -06:00
William Vu
46ab03f528
Add SearchTerm to filter listed posts
2017-02-08 06:10:46 -06:00
William Vu
064420075f
Update diagnostics and print better header
2017-02-08 04:54:25 -06:00
William Vu
6df55c9733
Gotta catch 'em (post statuses) all
2017-02-08 04:31:06 -06:00
William Vu
7583d050b7
Add AutoPublish to publish updated posts
2017-02-08 04:01:42 -06:00
William Vu
e480107bd5
Add PostCount (default 100) to list more posts
2017-02-08 03:52:20 -06:00
William Vu
13f4b0d7ae
Be more specific with invalid post ID
2017-02-08 02:18:52 -06:00
William Vu
6f4ff89218
Add WPVDB reference
2017-02-07 18:33:58 -06:00
jvoisin
96f7b2e245
http_version now store the fngerprints
...
Currently, the `http_version` module doesn't store the fingerprints
into the database; this commit should fix this behaviour.
2017-02-07 18:36:36 +01:00
William Vu
b4056a110b
Print diagnostics if no posts found/given
2017-02-07 04:37:05 -06:00
h00die
f531366d89
Land #7790 an aux module to extract Meteocontrol Weblog admin password
2017-02-06 15:23:06 -05:00
William Vu
8af966a132
Add WordPress content injection module
2017-02-06 04:40:26 -06:00
juushya
d305f895ff
Fixed a typo space
2017-02-04 11:59:45 +05:30
juushya
36416c20cb
Updated check for extract fail case now + Minor edits
2017-02-04 03:00:31 +05:30
juushya
34b861403e
Minor updates
2017-02-04 01:44:18 +05:30
juushya
58a50d7dd1
Minor edits
2017-02-01 04:46:05 +05:30
juushya
6d6db2f40f
Add epmp1000 dump config module
2017-02-01 04:42:47 +05:30
juushya
20a51371ce
Minor Edits
2017-02-01 04:23:28 +05:30
juushya
423648e347
Minor edits
2017-02-01 03:53:14 +05:30
juushya
82d2777417
Minor update
2017-02-01 03:44:50 +05:30
juushya
59e31e26f2
Add Binom3 module
2017-02-01 03:35:35 +05:30
Brent Cook
3c9b1be649
Land #7883 , Fix cisco_firepower_download to pass the username properly
2017-01-27 16:31:06 -06:00
Brent Cook
4480ea7877
Land #7827 , Cisco Firepower Management Console LoginScanner
2017-01-27 16:26:40 -06:00
Brent Cook
171cc7d54e
slight wording tweak
2017-01-27 16:26:23 -06:00
wchen-r7
e6de951e3e
Fix cisco_firepower_download to pass the username properly
2017-01-27 16:25:34 -06:00
Brent Cook
a4dd1fc846
Land #7805 , Add CVE-2016-6435 - Cisco Firepower Management Console Dir Traversal
2017-01-27 16:09:14 -06:00
wchen-r7
781bc8420a
Add Advantech WebAccess LoginScanner module
2017-01-26 13:54:50 -06:00
Brent Cook
836da6177f
Cipher::Cipher is deprecated
2017-01-22 10:20:03 -06:00
Jin Qian
b4d3e9da8d
This closes #7849 on the confusing message.
...
Use result.proof which has the right message. Thanks to Wei for pointing it
2017-01-19 15:39:10 -06:00
wchen-r7
82ab4fc630
Update cisco_firepower_download module & documentation
2017-01-17 13:58:10 -06:00
juushya
7791c58d5c
rubocop check & msftidy run clean. Minor updates.
2017-01-17 01:10:39 +05:30
juushya
657c7444bf
rubocop check & msftidy clean. Few updates.
2017-01-17 00:17:57 +05:30
wchen-r7
a687073416
Add Cisco Firepower Management Console LoginScanner
2017-01-13 16:59:20 -06:00
wchen-r7
8194603725
Add CVE-2016-6435 - Cisco Firepower Management Console Dir Traversal
2017-01-09 14:39:37 -06:00
juushya
93168648b4
Minor update in description
2017-01-08 13:28:07 +05:30
juushya
4133a6fa97
Minor cleanup, msftidy check
2017-01-07 03:57:46 +05:30
dmohanty-r7
5cba9b0034
Land #7747 , Add LoginScanner module for BAVision IP cameras
2017-01-06 16:25:44 -06:00
juushya
ba8394ecc1
Minor updates
2017-01-06 15:34:17 +05:30
juushya
39423a70a7
Add Meteocontrol Weblog Extract Admin password module
2017-01-06 15:20:41 +05:30
juushya
c5acda0a22
Fixed the file permissions
2017-01-05 04:40:41 +05:30
juushya
c15b77c31b
Add Cambium ePMP 1000 Login Scanner module
2017-01-05 04:19:32 +05:30
wchen-r7
144f886e8b
Add LoginScanner module for BAVision IP cameras
2016-12-23 16:22:17 -06:00
William Vu
0589948a73
Remove other rhost (oops) and fail_with
2016-12-23 16:10:21 -06:00
Jin Qian
da9ea0b85c
Change the PCRE.
2016-12-16 15:41:10 -06:00
William Vu
f0dca7abbf
Land #7692 , print_error for error_sql_injection
2016-12-09 17:09:52 -06:00
William Vu
4e235be484
Ensure a trailing slash for base_uri
...
Technically, the GET parameters should be in vars_get, but we don't want
to refactor the entire module right now.
2016-12-09 16:53:58 -06:00
Jin Qian
8780c325a7
Fixed issues #7691 , silent exit.
...
Add a print statement to alert user what is missing, user could be confused that "show missing" is empty yet something is missing.
2016-12-09 16:20:44 -06:00
Jin Qian
17c12a78f5
Fixed issue #7689 , count of found users not accurate
...
In module drupal_views_user_enum, the count of found users is not accurate.
Fixed it by doing flatten before doing counting.
2016-12-09 15:19:43 -06:00
Jin Qian
4a35f8449a
Fixed issue #7650 by matching Server header using regex as Wei suggested
...
The suggestion by Wei is simpler than the one I checked in which checks for presence of Server header before calling include method.
2016-12-02 20:26:38 -06:00
Jin Qian
35fdf1473b
Fixed issue #7650 where etherpad_duo_login module may crash
...
Add check for presence of Server header.
2016-12-02 18:07:18 -06:00
Jin Qian
11906eb540
Fix issue #7645 where dolibarr_login module crashed
...
Add "res" (http response) when trying to retrieve the cookie
2016-12-01 15:38:26 -06:00
William Vu
54684d31bd
Land #7641 , check_conn? fix for cisco_ssl_vpn
2016-11-30 21:14:19 -06:00
William Vu
032312d40b
Properly check res
2016-11-30 21:03:29 -06:00
Jin Qian
ec83a861c8
Fix issue #7640 where cisco SSL VPN not move despite server responded
...
Add the "return true" statement that was missing.
2016-11-30 16:25:13 -06:00
wchen-r7
56505d2cc1
Resolve merge conflict
2016-11-30 14:33:23 -06:00
wchen-r7
c70c3701c5
Fix #7628 , concrete5_member_list HTML parser
...
Fix #7628
2016-11-30 14:20:36 -06:00
wchen-r7
530e9a9bc6
Land #7633 , fix dell_idrac to stop trying on a user after a valid login
2016-11-30 11:46:31 -06:00
Jin Qian
afed1f465e
Fix issue 7632 where MSF keeps trying after success.
...
Thanks to Wei who suggested adding "return :next_user" after success.
2016-11-29 14:57:15 -06:00
Jin Qian
1beeb99d44
Fix issue 7628, username extracted became garbled
...
Make the regular expression less aggressive.
2016-11-29 12:52:57 -06:00
William Vu
c39c53b102
Prefer DefaultOptions to reregistering SSL option
2016-11-28 14:29:02 -06:00
Pearce Barry
8c54b0e5f4
Land #7622 , Fix check_conn? method in cisco_ironport_enum
2016-11-28 14:19:02 -06:00
William Vu
777d5c1820
Fix check_conn? method in cisco_ironport_enum
2016-11-28 14:02:39 -06:00
wchen-r7
4eb109b22f
Land #7609 , set SSL to true by default for cisco_nac_manager_traversal
2016-11-28 11:30:41 -06:00
John Q. Public
c286c708d9
Print file contents
...
Added a print_good statement at line 63 in order to print to contents of the newly discovered robots.txt file.
2016-11-25 15:57:37 -06:00
Pearce Barry
ec020e3d07
Land #7611 , cisco_ironport_enum falsely claimed connection failed
...
Fixes #7610
2016-11-24 09:54:09 -06:00
Jin Qian
65b858ac06
Fix issue 7610, cisco_ironport_enum falsely claimed connection failed.
...
Make sure we return 1 in check_conn method.
2016-11-23 14:59:07 -06:00
Jin Qian
b7ae7a47be
Fix issue #7608 where the SSL option was not turned on by default
...
Set the SSL option to be on by default.
2016-11-23 14:45:42 -06:00
Jin Qian
0df3e17e0c
Fix the issue in MS2132 where OWA_LOGIN doesn't continue on connection error.
...
The possibility of temporary connnection disruption means this module should keep trying other user/pass pairs upon error.
2016-11-23 09:56:27 -06:00
William Vu
6f8660f345
Land #7586 , NameError fix for brute_dirs
2016-11-21 14:46:19 -06:00
William Vu
c8320d661f
Land #7590 , mixin order fix for buffalo_login
2016-11-21 13:57:27 -06:00
Jin Qian
90d360a592
Fix the issue 7589, both RHOST and RHOSTS options are quired
...
Thanks to Will who found it's due to the order of mixin.
2016-11-21 11:06:32 -06:00
Jin Qian
18b873be47
Fix the exception issue reported in issue #7585
...
Fix the exception by initialize a key variable that caused the exception.
2016-11-21 10:00:23 -06:00
wchen-r7
d3adfff663
Change syntax
2016-11-18 11:41:04 -06:00
wchen-r7
f894b9a4c5
Fix typo
2016-11-18 11:39:26 -06:00
Cantoni Matteo
c9b9be9328
Update open_proxy aux module
2016-11-17 15:44:03 +01:00
Alton J
98d7b19ab9
Passed IP parameter to additional functions.
2016-10-11 15:09:50 -05:00
Alton J
acff0fa9cf
Added IP addresses to output.
2016-10-11 14:43:42 -05:00
Alton J
f0ff4a0721
Added IP addresses to output.
2016-10-11 14:42:06 -05:00
wchen-r7
245237d650
Land #7288 , Add LoginScannerfor Octopus Deploy server
2016-09-13 17:26:56 -05:00
Brent Cook
1d4b0de560
Land #6616 , Added an Outlook EWS NTLM login module.
2016-09-09 11:43:52 -05:00
james-otten
dcf0d74428
Adding module to scan for Octopus Deploy server
...
This module tries to log into one or more Octopus Deploy servers.
More information about Octopus Deploy:
https://octopus.com
2016-09-06 20:52:49 -05:00
Pearce Barry
226ded8d7e
Land #6921 , Support basic and form auth at the same time
2016-08-25 16:31:26 -05:00
wchen-r7
5f8ef6682a
Fix #7202 , Make print_brute print ip:rport if available
...
Fix #7202
2016-08-16 15:34:30 -05:00
David Maloney
eb73a6914d
replace old rex::ui::text::table refs
...
everywhere we called the class we have now rewritten it
to use the new namespace
MS-1875
2016-08-10 13:30:09 -05:00
Brent Cook
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e0216
, reversing
changes made to 7b1d9596c7
.
2016-07-15 12:00:31 -05:00
Brent Cook
2b016e0216
Land #6812 , remove broken OSVDB references
2016-07-11 22:59:11 -05:00
Brent Cook
128f802928
use the regex source when generating or displaying a regex
2016-07-11 22:05:50 -05:00
Pearce Barry
159446ce92
Ensure http_login scanner module saves passwds.
...
Fixes #6983 . When the auxiliary/scanner/http/http_login module discovers a successful basic auth user+password combination, make sure we properly store the password by specifically telling the credentials gem that the private data we're storing is a :password.
2016-06-30 16:58:39 -05:00
wchen-r7
f13d91f685
Fix a prob of printing an empty rhost from the scanner mixin
2016-06-07 19:19:39 -05:00
wchen-r7
e8304e684c
Bring #6793 up to date with upstream-master
2016-06-07 19:04:32 -05:00
wchen-r7
6ae4d1576e
Apply fixes to symantec_brightmail_ldapcreds.rb
2016-06-07 19:01:58 -05:00
sho-luv
98cfcc65ae
Added IP address to returned information.
...
This scanner module doesn't tell you the location of the found information. So when using the -R option to fill the RHOSTS all you get is a bunch of successful findings, however you won't know to which systems they belong.
2016-05-31 19:47:00 -07:00
wchen-r7
504a94bf76
Technically, this is form auth, not http auth
2016-05-27 18:39:25 -05:00
wchen-r7
14adcce8bf
Missed the HTTPUSERNAME fix
2016-05-27 18:37:04 -05:00
wchen-r7
61f9cc360b
Correct casing - should be HttpUsername and HttpPassword
2016-05-27 18:31:54 -05:00
wchen-r7
7f643a7b8d
Fix syntax error
2016-05-27 18:05:24 -05:00
wchen-r7
4dcddb2399
Fix #4885 , Support basic and form auth at the same time
...
When a module uses the HttpClient mixin but registers the USERNAME
and PASSWORD datastore options in order to perform a form auth,
it ruins the ability to also perform a basic auth (sometimes it's
possible to see both). To avoid option naming conflicts, basic auth
options are now HTTPUSERNAME and HTTPPASSWORD.
Fix #4885
2016-05-27 16:25:42 -05:00
h00die
706d51389e
spelling fix
2016-05-19 19:30:18 -04:00
wchen-r7
4a95e675ae
Rm empty references
2016-04-24 11:46:08 -05:00
wchen-r7
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
Brent Cook
57ab974737
File.exists? must die
2016-04-21 00:47:07 -04:00
Fakhir Karim Reda zirsalem
f0d403124c
Update symantec_brightmail_ldapcreds.rb
2016-04-20 18:58:12 +02:00
Karim Reda Fakhir
c322a4b314
added modules/auxiliary/scanner/http/symantec_brightmail_ldapcreds.rb
2016-04-20 17:01:18 +01:00
Karim Reda Fakhir
5adf5be983
add symantec bright mail ldap creds
2016-04-20 16:05:24 +01:00
Brent Cook
99b4d0a2d5
remove more regex-style bool checks
2016-04-09 13:49:16 -05:00
Brent Cook
af7eef231c
Fix a few issues with the SSL scanner
...
First, we need to handle public keys with strength not measured on the same bit
scale as RSA keys. This fixes handshakes for ECDSA and others.
Second, depending on the host we are talking to, we may not have a peer cert.
Handle this properly by checking first on the socket before using it.
2016-04-04 22:08:01 -05:00
wchen-r7
57984706b8
Resolve merge conflict with Gemfile
2016-03-24 18:13:31 -05:00
James Lee
1375600780
Land #6644 , datastore validation on assignment
2016-03-17 11:16:12 -05:00
Adam Cammack
05f585157d
Land #6646 , add SSL SNI and unify SSLVersion opts
2016-03-15 16:35:22 -05:00
rwhitcroft
c12cc10416
change class Metasploit to MetasploitModule
2016-03-14 17:57:29 -04:00
rwhitcroft
dd53625f4a
change Metasploit3 to Metasploit to satisfy travis
2016-03-14 16:52:02 -04:00
rwhitcroft
a26c90fd41
fix RPORT option
2016-03-14 16:27:44 -04:00
rwhitcroft
f155477edf
improve description and change behavior to keep trying on connection errors
2016-03-08 12:33:17 -05:00
Christian Mehlmauer
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
wchen-r7
c2f99b559c
Add documentation for auxiliary/scanner/http/tomcat_enum
...
Also fix a typo in normalizer
2016-03-07 15:39:15 -06:00
Brent Cook
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
.
2016-03-07 13:19:55 -06:00
Brent Cook
44990e9721
Revert "change Metasploit4 class names"
...
This reverts commit 3da9535e22
.
2016-03-07 13:19:48 -06:00
Christian Mehlmauer
3da9535e22
change Metasploit4 class names
2016-03-07 09:57:22 +01:00
Christian Mehlmauer
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
Brent Cook
eea8fa86dc
unify the SSLVersion fields between modules and mixins
...
Also actually handle the 'Auto' option that we had in the crawler and remove
hardcoded defaults in modules that do not need them.
2016-03-06 22:06:27 -06:00
Brent Cook
c7c0e12bb3
remove various module hacks for the datastore defaults not preserving types
2016-03-05 23:11:39 -06:00
rwhitcroft
ded5b58733
one more style fix
2016-03-01 10:20:39 -05:00
rwhitcroft
4b10331cf0
style fixups
2016-03-01 10:18:25 -05:00
rwhitcroft
f735a904ff
create owa_ews_login module, modify HttpClient to accept preferred_auth option
2016-02-28 22:01:05 -05:00
wchen-r7
051506694f
Land #6574 , add Linknat Vos Manager Traversal aux module
2016-02-25 22:02:56 -06:00
Brent Cook
3d1861b3f4
Land #6526 , integrate {peer} string into logging by default
2016-02-15 15:19:26 -06:00
nixawk
7ca0255ea1
Module should not be marked executable
2016-02-15 12:57:43 +08:00
nixawk
f35230b908
add Linknat Vos Manager Traversal
2016-02-15 12:39:40 +08:00
William Vu
5f0add2a8b
Land #6541 , typo fix for cisco_ssl_vpn
2016-02-09 17:13:24 -06:00
William Vu
240cbb91be
s/resp/res/
2016-02-09 17:12:09 -06:00
wchen-r7
cd7046f233
Change method name "method" to "http_method" for http_traversal.rb
...
We accidentally override "#method", which is bad.
2016-02-07 23:15:46 -06:00
wchen-r7
2171c344e5
Fix #6539 , correct a typo in report_cred
...
Fix #6539
2016-02-06 13:23:21 -06:00
James Lee
8094eb631b
Do the same for aux modules
2016-02-01 16:06:34 -06:00
Brent Cook
cd56470759
Land #6493 , move SSL to the default options, other fixes
2016-01-29 11:09:51 -06:00
wchen-r7
6187354392
Land #6226 , Add Wordpress XML-RPC system.multicall Credential BF
2016-01-23 00:12:46 -06:00
wchen-r7
064af0d670
Remove unwanted comment
2016-01-23 00:11:58 -06:00
KINGSABRI
ad3eed525b
Handing newer version of WP, fallback CHUNKSIE to 1
2016-01-23 08:06:27 +03:00
wchen-r7
53e9bd7f51
This line does nothing
2016-01-22 18:55:45 -06:00
wchen-r7
0f9cf812b7
Bring wordpress_xmlrpc_login back, make wordpress_multicall as new
2016-01-22 18:54:20 -06:00
wchen-r7
91db2597c7
normalize URIs
2016-01-22 11:27:26 -06:00
wchen-r7
b02c762b93
Grab zeroSteiner's module/jenkins-cmd branch
2016-01-22 10:17:32 -06:00
Christian Mehlmauer
484d57614a
remove re-registered ssl options
2016-01-22 09:54:52 +01:00
wchen-r7
216986f7af
Do API documentation, rspec, and other small changes
2016-01-21 17:22:14 -06:00
KINGSABRI
a8feb8cad5
make passwords faster for reading huge wordlest files
2016-01-21 03:32:50 +03:00
KINGSABRI
4cb19c75a6
Enhance the module and add version check
2016-01-21 03:19:31 +03:00
wchen-r7
fcaef76215
Do a version check
...
This attack is not suitable for newer versions due to the
mitigation in place.
2016-01-20 17:14:44 -06:00