4dcddb2399
Fix #4885 , Support basic and form auth at the same time
...
When a module uses the HttpClient mixin but registers the USERNAME
and PASSWORD datastore options in order to perform a form auth,
it ruins the ability to also perform a basic auth (sometimes it's
possible to see both). To avoid option naming conflicts, basic auth
options are now HTTPUSERNAME and HTTPPASSWORD.
Fix #4885
2016-05-27 16:25:42 -05:00
706d51389e
spelling fix
2016-05-19 19:30:18 -04:00
4a95e675ae
Rm empty references
2016-04-24 11:46:08 -05:00
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
57ab974737
File.exists? must die
2016-04-21 00:47:07 -04:00
f0d403124c
Update symantec_brightmail_ldapcreds.rb
2016-04-20 18:58:12 +02:00
c322a4b314
added modules/auxiliary/scanner/http/symantec_brightmail_ldapcreds.rb
2016-04-20 17:01:18 +01:00
5adf5be983
add symantec bright mail ldap creds
2016-04-20 16:05:24 +01:00
99b4d0a2d5
remove more regex-style bool checks
2016-04-09 13:49:16 -05:00
af7eef231c
Fix a few issues with the SSL scanner
...
First, we need to handle public keys with strength not measured on the same bit
scale as RSA keys. This fixes handshakes for ECDSA and others.
Second, depending on the host we are talking to, we may not have a peer cert.
Handle this properly by checking first on the socket before using it.
2016-04-04 22:08:01 -05:00
57984706b8
Resolve merge conflict with Gemfile
2016-03-24 18:13:31 -05:00
1375600780
Land #6644 , datastore validation on assignment
2016-03-17 11:16:12 -05:00
05f585157d
Land #6646 , add SSL SNI and unify SSLVersion opts
2016-03-15 16:35:22 -05:00
c12cc10416
change class Metasploit to MetasploitModule
2016-03-14 17:57:29 -04:00
dd53625f4a
change Metasploit3 to Metasploit to satisfy travis
2016-03-14 16:52:02 -04:00
a26c90fd41
fix RPORT option
2016-03-14 16:27:44 -04:00
f155477edf
improve description and change behavior to keep trying on connection errors
2016-03-08 12:33:17 -05:00
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
c2f99b559c
Add documentation for auxiliary/scanner/http/tomcat_enum
...
Also fix a typo in normalizer
2016-03-07 15:39:15 -06:00
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
2016-03-07 13:19:55 -06:00
44990e9721
Revert "change Metasploit4 class names"
...
This reverts commit 3da9535e22
2016-03-07 13:19:48 -06:00
3da9535e22
change Metasploit4 class names
2016-03-07 09:57:22 +01:00
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
eea8fa86dc
unify the SSLVersion fields between modules and mixins
...
Also actually handle the 'Auto' option that we had in the crawler and remove
hardcoded defaults in modules that do not need them.
2016-03-06 22:06:27 -06:00
c7c0e12bb3
remove various module hacks for the datastore defaults not preserving types
2016-03-05 23:11:39 -06:00
ded5b58733
one more style fix
2016-03-01 10:20:39 -05:00
4b10331cf0
style fixups
2016-03-01 10:18:25 -05:00
f735a904ff
create owa_ews_login module, modify HttpClient to accept preferred_auth option
2016-02-28 22:01:05 -05:00
051506694f
Land #6574 , add Linknat Vos Manager Traversal aux module
2016-02-25 22:02:56 -06:00
3d1861b3f4
Land #6526 , integrate {peer} string into logging by default
2016-02-15 15:19:26 -06:00
7ca0255ea1
Module should not be marked executable
2016-02-15 12:57:43 +08:00
f35230b908
add Linknat Vos Manager Traversal
2016-02-15 12:39:40 +08:00
5f0add2a8b
Land #6541 , typo fix for cisco_ssl_vpn
2016-02-09 17:13:24 -06:00
240cbb91be
s/resp/res/
2016-02-09 17:12:09 -06:00
cd7046f233
Change method name "method" to "http_method" for http_traversal.rb
...
We accidentally override "#method", which is bad.
2016-02-07 23:15:46 -06:00
2171c344e5
Fix #6539 , correct a typo in report_cred
...
Fix #6539
2016-02-06 13:23:21 -06:00
8094eb631b
Do the same for aux modules
2016-02-01 16:06:34 -06:00
cd56470759
Land #6493 , move SSL to the default options, other fixes
2016-01-29 11:09:51 -06:00
6187354392
Land #6226 , Add Wordpress XML-RPC system.multicall Credential BF
2016-01-23 00:12:46 -06:00
064af0d670
Remove unwanted comment
2016-01-23 00:11:58 -06:00
ad3eed525b
Handing newer version of WP, fallback CHUNKSIE to 1
2016-01-23 08:06:27 +03:00
53e9bd7f51
This line does nothing
2016-01-22 18:55:45 -06:00
0f9cf812b7
Bring wordpress_xmlrpc_login back, make wordpress_multicall as new
2016-01-22 18:54:20 -06:00
91db2597c7
normalize URIs
2016-01-22 11:27:26 -06:00
b02c762b93
Grab zeroSteiner's module/jenkins-cmd branch
2016-01-22 10:17:32 -06:00
484d57614a
remove re-registered ssl options
2016-01-22 09:54:52 +01:00
216986f7af
Do API documentation, rspec, and other small changes
2016-01-21 17:22:14 -06:00
a8feb8cad5
make passwords faster for reading huge wordlest files
2016-01-21 03:32:50 +03:00
4cb19c75a6
Enhance the module and add version check
2016-01-21 03:19:31 +03:00
fcaef76215
Do a version check
...
This attack is not suitable for newer versions due to the
mitigation in place.
2016-01-20 17:14:44 -06:00
6e65d1d871
Land #6411 , chinese caidao asp/aspx/php backdoor bruteforce
2016-01-06 12:03:17 -06:00
bdda8650a2
Do not support username, because the backdoor doesn't use one
2016-01-06 02:02:11 -06:00
6cb9ad0d72
Land #6435 , unaligned def/end fix
2016-01-05 09:59:25 -06:00
c3158497c0
rebuild / add check_setup / send_request
2016-01-05 15:10:26 +08:00
cbbbd9a7e7
end is not aligned with def
2016-01-05 14:07:43 +08:00
58c047200d
Land #6305 , creds update for owa_login
2016-01-04 10:52:39 -06:00
a6914df3e3
rename LOGIN_URL to TARGETURI
2015-12-31 22:21:34 +08:00
370351ca88
chinese caidao asp/aspx/php backdoor bruteforce
2015-12-31 15:17:01 +08:00
283cf5b869
Update msftidy to catch more potential URL vs PACKETSTORM warnings
...
Fix the affected modules
2015-12-24 09:12:24 -08:00
27a6aa0be1
Fix current msftidy warnings about PACKETSTORM vs URL
2015-12-24 09:05:02 -08:00
cea3bc27b9
Fix #6362 , avoid overriding def peer repeatedly
...
def peer is a method that gets repeated a lot in modules, so we
should have it in the tcp mixin. This commit also clears a few
modules that use the HttpClient mixin with def peer.
2015-12-23 11:44:55 -06:00
7d8ecf2341
Add Joomla mixin
2015-12-18 21:14:04 -06:00
db5c69226e
Add Usernames to Creds Database with owa_login.rb
2015-12-03 09:31:36 -07:00
98a0ddebda
Land #6298 , Advantech shellshock module
2015-12-01 11:37:09 -06:00
16d0d53150
Update Shellshock modules, add Advantech coverage
2015-12-01 10:40:46 -06:00
bd8177bf6c
Merge remote-tracking branch 'origin/pr/6284'
...
Land #6284 , fix for false negatives found in #6281
@wvu found some false negatives while testing a server for #6281
2015-11-30 16:09:42 -06:00
920d8c6ad7
Land #6278 , wrong default option for RHOST
2015-11-26 06:49:25 +01:00
8fd2522a59
Land #6257 , @all3g's aux module for locating git repos over HTTP
2015-11-25 12:25:45 -08:00
a56571479f
Remove WmapScanServer mixin; not needed
2015-11-25 11:38:32 -08:00
2da9bb8578
Follow redirects in apache_userdir_enum
...
Found false negatives while testing a server for #6281 .
2015-11-25 13:27:06 -06:00
8f459de064
Fix tomcat_enum for full_uri
2015-11-25 11:28:56 -06:00
38a9efe4d6
Fix squiz_matrix_user_enum for full_uri
2015-11-25 11:28:53 -06:00
7d17c5741b
Fix nginx_source_disclosure for full_uri
2015-11-25 11:19:27 -06:00
035882702a
Fix barracuda_directory_traversal for full_uri
2015-11-25 11:18:17 -06:00
7a5f6495d0
Fix axis_local_file_include for full_uri
2015-11-25 11:16:59 -06:00
42d12a4d40
Fix apache_userdir_enum for full_uri
2015-11-25 11:16:22 -06:00
c09d8031c6
Remove default empty string
2015-11-25 12:19:16 +05:00
eac4f02b66
Spelling and correct description
2015-11-24 17:57:56 -08:00
3ad7ef9814
Modify the printed URL to add https:// when SSL is used.
2015-11-25 12:46:56 +11:00
b1abfe898d
Update wordpress_xmlrpc_login
...
Replace the wordpress_xmlrpc_login code with
wordpress_xmlrpc_massive_bruteforce.rb, which should run a lot
faster.
2015-11-24 16:30:34 -06:00
ccdf814688
Use correct URIs in report_note
2015-11-24 09:52:07 -08:00
c66d56263a
Cleaner and more consistent print_ *
2015-11-24 09:43:05 -08:00
1e90a8004d
Correct printing of URIs when provided TARGETURI doesn't end with /
2015-11-24 09:11:04 -08:00
afa4d9e74d
Add legit git UserAgent
2015-11-24 08:57:19 -08:00
d59c563ee3
Don't store index file
2015-11-24 08:51:43 -08:00
e29a229336
Minor style cleanup
2015-11-24 08:50:21 -08:00
2152c310fe
Remove the default true option of RHOST
2015-11-24 14:54:54 +05:00
dc5e9a1d0a
Support CSRF token in the Jenkins aux cmd module
2015-11-22 17:51:27 -05:00
2dd8567741
remove GIT_HEAD / add description / git_config regex match / save index|config file(s)
2015-11-22 09:18:19 +00:00
fc46ce0ced
Bring module title in line with other WP modules.
2015-11-22 13:39:45 +11:00
e0386d6830
add scan switches GIT_INDEX / GIT_HEAD / GIT_CONFIG
2015-11-21 03:06:37 +00:00
1795e09a27
scan git disclosure (.git/index)
2015-11-19 09:16:32 +00:00
ab71d94392
Make CHUNKSIZE user configurable. Thanks @jhart-r7
2015-11-12 23:02:48 +03:00
732563614b
Change connecting method to send for better code naming
2015-11-12 20:26:17 +03:00
881b12f0ab
Fix rebease conflic
2015-11-12 18:16:39 +03:00
ee312f86f6
Fix peer, naming, and add resp check to the code check
2015-11-12 08:50:46 +03:00
530a7bb613
Fix peer, naming, and add resp check to the code check
2015-11-12 08:42:00 +03:00
2abfa1f241
Fix exceptions and XML parsing
2015-11-12 05:30:07 +03:00
b37fb3f34d
Add TARGETURI option
2015-11-11 06:25:20 +03:00
cf0cb2df9e
Add TARGETURI option
2015-11-11 06:24:52 +03:00
9894fe15bd
Remove unused advanced options
2015-11-11 06:02:37 +03:00
136fa12ac9
Remove unused advanced options
2015-11-11 06:02:13 +03:00
57cf535ec6
Fix the comment
2015-11-11 02:06:49 +03:00
137c2e214e
Fix the comment
2015-11-11 02:01:01 +03:00
91867d344b
Refactoring..
2015-11-10 23:07:13 +03:00
d19942eae3
Add wordpress masive bruteforce using XMLRPC (wordpress API) fix
2015-11-10 23:07:12 +03:00
745738f065
Add wordpress masive bruteforce using XMLRPC (wordpress API)
2015-11-10 23:07:12 +03:00
b571a79b69
Add wordpress masive bruteforce using XMLRPC (wordpress API)
2015-11-10 23:07:12 +03:00
d498dc46a1
Add wordpress masive bruteforce using XMLRPC (wordpress API)
2015-11-10 23:07:12 +03:00
fffbb4106f
Refactoring..
2015-11-10 22:33:37 +03:00
46e7c53950
Add wordpress masive bruteforce using XMLRPC (wordpress API) fix
2015-11-09 19:04:33 +03:00
2bf57a3cf3
Add wordpress masive bruteforce using XMLRPC (wordpress API)
2015-11-09 18:23:15 +03:00
9586f416a1
Add wordpress masive bruteforce using XMLRPC (wordpress API)
2015-11-09 17:37:06 +03:00
9f4f478d2d
Add wordpress masive bruteforce using XMLRPC (wordpress API)
2015-11-09 17:28:58 +03:00
43229c16e7
Correct some authors with unbalanced angle brackets
2015-11-06 13:24:58 -08:00
a71d7ae2ae
Land #6089 , @jvazquez-r7 Fix HTTP mixins namespaces
2015-11-05 16:56:41 -06:00
154fb585f4
Remove bad references (dead links)
...
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
28ca34c40a
Fix conflicts
2015-10-16 15:38:59 -05:00
896099b297
Land #6082 , Directory Traversal for Elasticsearch
2015-10-16 11:00:27 -05:00
e59a4e36b7
Fix check
2015-10-16 10:59:04 -05:00
41e9f8a91b
Some code changes from Roberto
2015-10-16 10:47:19 -05:00
67820f8b61
Fix Packetstorm references
2015-10-15 12:42:59 -05:00
d4cf9a4eb9
Update moduels using Msf::HTTP::Typo3
2015-10-15 11:48:27 -05:00
cf9ddbb701
Update moduels using Msf::HTTP::Wordpress
2015-10-15 11:47:13 -05:00
2a2d8d941d
Land #6054 , HTTP Host header injection module
2015-10-13 23:37:31 -05:00
d933962ff9
Last fix, including espreto minor changes
2015-10-13 18:41:51 +01:00
c642057fa0
Clean up module
2015-10-13 12:03:41 -05:00
772f9d8742
Changes based on espreto recommendations
2015-10-13 16:06:26 +01:00
7790f14af2
Auxiliary module to exploit CVE-2015-5531 (Directory traversal) in Elasticsearch before 1.6.1
2015-10-13 13:05:58 +01:00
185e947ce5
Spell 'D-Link' correctly
2015-10-12 17:12:01 -05:00
3a0f7ce699
Land #6044 , ManageEngine ServiceDesk Plus Arbitrary File Download
2015-10-07 15:24:14 -05:00
f0b6d3c68e
Change error message to avoid an undef method bug
2015-10-07 15:23:29 -05:00
205b175a95
Update host_header_injection.rb
2015-10-07 13:20:06 +08:00
6b3da7f7d8
Update host_header_injection.rb
...
made some changes as suggested by @espreto
2015-10-07 13:01:49 +08:00
a1e0e0cdd9
Add HTTP Host-Header Injection Detection
2015-10-07 11:19:00 +08:00
3f2d5d7f06
Add newline back in
2015-10-05 11:42:58 -05:00
41b07eeef6
Small changes to servicedesk_plus_traversal
2015-10-05 08:56:00 +07:00
ed8f5456a4
Fix bugs in drupal_views_user_enum.
2015-10-04 05:53:54 -03:00
e6a57d5317
Add ManageEngine ServiceDesk Plus Path Traversal module
2015-10-03 15:54:44 +07:00
2e2d27d53a
Land #5935 , final creds refactor
2015-10-01 00:25:14 -05:00
494b9cf75f
Clean up module
...
Prefer TARGETURI and full_uri.
2015-09-30 22:37:03 -05:00
2e5999a119
Missed colon for output standardization
2015-09-30 16:41:46 -04:00
3d41b4046c
Standardize output and include full uri
2015-09-30 16:33:15 -04:00
1bfa087518
Add IP to testing results
...
When specifying multiple hosts the resulting output is useless because you don't know which bypass goes to what IP address
2015-09-30 15:22:24 -04:00
421fb4dcb8
Rework of the jenkins_command module
2015-09-04 16:56:44 -07:00
04d622b69b
Cleanup Jenkins-CI module titles and option descriptions
2015-09-04 10:25:51 -07:00
d55757350d
Use the latest credential API, no more report_auth_info
2015-09-04 03:04:14 -05:00
5d59e8190e
Added OS detection.
2015-09-03 13:12:07 -05:00
6e4ae1238b
Land #5791 , show the VHOST in module output
2015-09-03 11:36:19 -05:00
b8eee4a9e4
Show the IP address if it doesn't match the VHOST
2015-09-03 11:35:38 -05:00
1b021464fe
Land #5919 , remove deprecated VMware modules & update resource script.
2015-09-03 10:23:48 -05:00
4b8dc143ec
Fixed output
2015-09-02 23:50:03 -04:00
255c8b63b3
Modified output
2015-09-02 23:33:06 -04:00
40176b9e3f
Updated.
2015-09-02 19:36:18 -05:00
f78f6d0a0c
Updated.
2015-09-02 19:03:07 -05:00
59aa3975be
Updated.
2015-09-02 18:27:44 -05:00
284edbe4b0
Update jenkins_command.rb
2015-09-02 16:47:23 -04:00
bde4f40c53
Update jenkins_command.rb
2015-09-02 16:39:49 -04:00
becc599aca
Created Jenkins RCE module
...
This module simply automates the same procedures documented by Royce Davis at https://www.pentestgeek.com/penetration-testing/hacking-jenkins-servers-with-no-password/ .
2015-09-02 16:12:05 -04:00
126fc9881e
Cleanup and tweaks
2015-09-02 12:48:53 -05:00
b89b6b653a
Update trace.rb
2015-09-03 01:26:45 +08:00
73bf812dfd
Update trace.rb
...
removed the cookie
2015-09-03 00:35:23 +08:00
5ecee6aaba
Update trace.rb
...
removed some spaces so that msftidy will be happy
2015-09-03 00:27:22 +08:00
34e0819a6e
Modified the HTTP Trace Detection to XST Checker
...
This was suggested by HD Moore in https://github.com/rapid7/metasploit-framework/pull/5612
2015-09-03 00:19:08 +08:00
8e993d7793
Remove deprecated vmware modules
2015-09-02 13:00:15 +05:00
0c4b020089
Land #5913 , Add WP NextGEN Gallery Directory Traversal Vuln
2015-09-02 00:01:35 -05:00
381297ba93
Fix the regex flags
2015-09-01 23:07:48 -05:00
626704079d
Changed output store_loot
2015-09-02 00:18:10 -03:00
96600a96ab
Changed html parse by @wchen-r7
2015-09-01 22:03:21 -03:00
3c72467b7d
Fixes bug where "cert.rb:47: warning: flags ignored" happens due to some issuer patterns.
2015-09-02 01:02:46 +02:00
35661d0182
Add WP NextGEN Gallery Directory Traversal Vuln
2015-09-01 13:28:04 -03:00
3d4cb06c67
Land #5807 , Added Module WP Mobile Pack Vuln
2015-08-28 13:43:00 -05:00
9e7f6d6500
Typos
2015-08-28 13:42:37 -05:00
29e92aaabe
Land #5806 , WordPress Subscribe Comments File Read Vuln
2015-08-28 11:52:59 -05:00
62e6b23b4c
Typo
2015-08-28 11:52:13 -05:00
b17d8f8d49
Land #5768 , update modules to use metasploit-credential
2015-08-17 17:08:58 -05:00
7bb4f9479f
Added new reference and removed empty line.
2015-08-04 03:58:57 -03:00
d9b6e9cc58
Changed res condition and some words.
2015-08-04 03:44:25 -03:00
19ceccd93a
Added JSON parse output.
2015-08-04 03:13:11 -03:00
f4679f5341
Added WP Mobile Pack Info Disclosure Vuln - Functional Module.
2015-08-04 02:21:26 -03:00
d221e9d961
Added more references.
2015-08-03 02:46:54 -03:00
e59e4828e4
Removed unnecessary DEPTH option.
2015-08-02 22:56:17 -03:00
514849bcdc
Added WP Subscribe Comments File Read Vuln - Functional.
2015-08-02 21:24:52 -03:00
fdb2b008f9
Fix a small typo - OSVDB instead of OSVBD.
2015-07-31 02:23:19 -03:00
3c394d673d
altered module to default
...
to replace RHOST with VHOST if it is defined.
MSP-11167
2015-07-30 16:25:15 -05:00
2415072c17
Replaced 'and' with '&&'
2015-07-28 14:14:25 -05:00
ee5e5b1e71
Fixed NoMethodError for .match on nil
2015-07-28 09:03:54 -05:00
866a99ed07
This is better
2015-07-23 20:51:21 -05:00
f5387ab3f2
Fix #5766 , check res for send_request_raw
...
Fix #5766
2015-07-23 20:49:18 -05:00
8bead5fde2
Modate update on using metasploit-credential
...
Update some more modules to usethe new cred API.
Also, make sure to always provide proof because that seems handy.
2015-07-23 18:07:19 -05:00
91fc213ddf
More metasploit-credential update
2015-07-23 15:50:50 -05:00
4561850055
Use metasploit-credential API instead of report_auth_info
2015-07-22 01:11:43 -05:00
07d05828d0
Land #5688 , remove msfcli
2015-07-13 15:27:38 -05:00
0a5119a4ac
Land #5702 , vprint_* optional parameter
2015-07-13 18:47:22 +00:00
e4e9ac9d28
Remove cold_fusion_version, use coldfusion_version instead
...
Please use auxiliary/scanner/http/coldfusion_version instead.
2015-07-13 12:56:46 -05:00
d795b2f831
Module cleanup
2015-07-11 19:40:21 +01:00
728b338593
Give msftidy a cookie
2015-07-10 11:28:10 -05:00
cf4b18700d
Fix CVE reference
2015-07-10 11:14:59 -05:00
f59c99e2ff
Remove msfcli, please use msfconsole -x instead
...
msfcli is no longer supported, please use msfconsole.
Announcement on SecurityStreet:
Weekly Metasploit Wrapup
Posted by Tod Beardsley in Metasploit on Jan 23, 2015 11:57:05 AM
2015-07-09 12:50:02 -05:00
67666160e8
Add patched server detection
2015-07-08 13:47:59 -05:00
25e0f888dd
Initial commit of R7-2015-08 coverage
2015-07-08 13:42:11 -05:00
c04490e5eb
Remove comma before coordinating conjunction
...
An independent clause does not follow.
2015-06-26 12:50:37 -05:00
31eedbcfa0
Minor cleanups on recent modules
...
Edited modules/auxiliary/scanner/http/ms15_034_http_sys_memory_dump.rb
first landed in #5577 , MS15-034 HTTP.SYS Information Disclosure
Edited modules/exploits/multi/browser/adobe_flash_shader_drawing_fill.rb
first landed in #5605 , CVE-2015-3105 flash exploit
Edited modules/exploits/multi/browser/adobe_flash_shader_job_overflow.rb
first landed in #5559 , Adobe Flash Player ShaderJob Buffer Overflow
Edited modules/auxiliary/test/report_auth_info.rb first landed in #5540 ,
@wchen-r7's changes for multiple auxiliary modules to use the new cred
API
2015-06-26 12:18:33 -05:00
84c0e62fd3
Land #5493 , update OWA scanner creds persistence
2015-06-26 08:46:27 -05:00
63f584cbfd
Add last_attempted_at
2015-06-25 12:08:38 +05:00
5751e196bb
Remove extraneous newline
2015-06-23 14:43:37 -05:00
59af7ef1fc
Remove the extra target_uri
2015-06-23 10:27:50 -05:00
a2a231c242
Land #5577 , MS15-034 HTTP.SYS Information Disclosure
2015-06-23 10:20:54 -05:00
11366971da
Oh never mind, user-agent makes it more difficult to use (more crashes)
2015-06-23 01:24:17 -05:00
6127b8a037
Pass user-agent
2015-06-23 01:23:01 -05:00
8ce5cc23cf
More consistent filename style
2015-06-23 01:08:34 -05:00
e9b548e8a2
Changes for ms15034_http_sys_memory_dump.rb
2015-06-23 01:07:33 -05:00
8086a6f8cc
remove unnecessary begin/rescue, change print_* to vprint_* in check()
2015-06-22 20:25:12 -04:00
90e17aee6b
clarified affected OSes and error messages
2015-06-22 15:47:26 -04:00
774aef7241
add module to dump memory via MS15-034
2015-06-22 10:31:31 -04:00
4762e9f62c
Land #5540 , @wchen-r7's changes for multiple auxiliary modules to use the new cred API
2015-06-19 15:39:09 -05:00
fa6e45964e
Provide context to the note
2015-06-19 15:38:26 -05:00
83427583ea
report_note for group info
2015-06-19 15:09:50 -05:00
ef286fdfcf
Remove report_auth_info
2015-06-19 15:06:02 -05:00
b104155cf1
Do Metasploit::Model::Login::Status::UNTRIED
2015-06-19 15:05:42 -05:00
ebd376e0f3
Land #5485 , @wchen-r7 updates wordpress_login_enum to use the new cred API
2015-06-19 10:50:07 -05:00
dfae4bbbf0
Do reporting more accurate
2015-06-19 10:48:12 -05:00
d86c21e94a
Land #5567 , author fix
2015-06-19 10:41:41 -05:00
76cd9590a4
Fix author
2015-06-19 19:13:51 +10:00
9b5770c966
Change to Metasploit::Model::Login::Status::SUCCESSFUL
2015-06-18 23:40:51 -05:00
b6379b4d24
Update drupal_views_user_enum
2015-06-16 00:02:02 -05:00
0b88e86a49
Using the new cred API for multiple auxiliary modules
2015-06-15 16:06:57 -05:00
907f596de6
Land #5520 , Update titan_ftp_admin_pwd to use the new creds API
2015-06-15 03:26:19 -05:00
940d045029
Correctly report rport
2015-06-15 03:23:39 -05:00
308b1a3d7f
Don't deregister username & password
2015-06-15 03:21:09 -05:00
e628d71261
Land #5397 , @espreto's module for WordPress Simple Backup File Read Vulnerability
2015-06-12 15:32:06 -05:00
184c20cd46
Do minor cleanup
2015-06-12 15:31:42 -05:00
7cb82f594b
Add ftp port for service
2015-06-10 14:24:05 +05:00
3ffe006e09
Update titan_ftp_admin_pwd to use the new creds API
2015-06-10 13:36:26 +05:00
78a6e1bc90
Change credential status from untried to successful
2015-06-10 10:07:33 +05:00
49e4820c57
Add depcrecated note to the existing modules
2015-06-09 10:42:53 +05:00
3279518bbd
Move VMware modules to the VMware directory
2015-06-08 14:58:22 +05:00
3ec6d9b7aa
Update owa_login to use new cred API
2015-06-05 15:41:07 +05:00
874e090aa1
Update wordpress_login_enum to use the new cred API
2015-06-04 18:16:14 -05:00
b305fa62f4
Changed vprint_error when nothing was downloaded.
2015-06-03 14:46:59 -03:00
24ec3b2fb5
Changed vprint_error to fail_with method.
2015-06-03 13:46:59 -03:00
80c3022dc1
Deprecate cold_fusion_version. Please use coldfusion_version.
...
auxiliary/scanner/http/cold_fusion_version is deprecated. Please use
auxiliary/scanner/http/coldfusion_version instead.
2015-05-28 15:39:14 -05:00
95b5ff6bea
Minor fixups on recent modules.
...
Edited modules/auxiliary/admin/http/netgear_soap_password_extractor.rb
first landed in #5301 , @m-1-k-3's aux module to extract passwords from
Netgear soap interfaces
Edited modules/auxiliary/scanner/http/influxdb_enum.rb first landed in
Edited modules/auxiliary/scanner/http/title.rb first landed in #5333 ,
HTML Title Grabber
Edited modules/exploits/multi/browser/adobe_flash_uncompress_zlib_uaf.rb
first landed in #5401 , multi-platform CVE-2015-0311 - Flash uncompress()
UAF
Edited modules/exploits/unix/webapp/wp_revslider_upload_execute.rb first
landed in #5290 , Wordpress RevSlider Module
2015-05-26 17:00:10 -05:00
b4a6cdbad0
Remove new line in vprint_line.
2015-05-21 12:33:09 -03:00
0135b3639f
Add WordPress Simple Backup File Read Vulnerability.
2015-05-21 12:23:24 -03:00
a4df3468de
unique: should be update:, include uri in data hash
2015-05-20 16:20:09 -05:00
c85b82e8a7
Merge branch 'master' into land-5358-notes
2015-05-20 16:02:59 -05:00
79b9ef008a
Bugfix
2015-05-17 13:55:56 +01:00
dd5060e08c
Land #5340 , @wchen-r7's change to the symantec_web_gateway_login writing style
2015-05-15 13:18:35 -05:00
cf5fa6752e
Use parenthesis
2015-05-15 13:17:54 -05:00
d05cae5faf
Land #5329 , @wchen-r7's add configurable options to jenkins_login
2015-05-15 11:38:21 -05:00
24a989b8a3
Land #5249 , Add Module for Enum on InfluxDB database
2015-05-14 11:22:54 -05:00
005c36b2a6
If data is empty, don't save (or even continue)
2015-05-14 11:22:10 -05:00
ac0e4e747a
Change writing style of symantec_web_gateway_login
2015-05-13 00:23:37 -05:00
202c5e0121
Land #5333 , HTML Title Grabber
2015-05-12 11:19:06 -05:00
faec5844cb
Some fixes
2015-05-12 11:18:21 -05:00
a5267ab77e
Land #4940 , @dnkolegov's modules for F5 BIG-IP devices
2015-05-12 09:59:21 -05:00
f0048b9a6d
Apparently you don't quote the keys with the new syntax
2015-05-12 11:00:18 +01:00
7c81adbd89
MSFTidy is now quiet and happy
2015-05-12 10:47:49 +01:00
1f6bd3e2be
Updated to new ruby hash syntax and removed <> from title
2015-05-12 10:43:32 +01:00
518e28674e
Removed CGI dependency (@hmoore-r7, @wchen-r7)
2015-05-11 21:10:18 +01:00
78e310562b
Readability style change
2015-05-11 19:48:12 +01:00
8e3d803e74
Updated style as per @void-in's comments
2015-05-11 19:46:10 +01:00
62d67469da
Updated code style as per @hmoore-r7's instructions
2015-05-11 19:34:23 +01:00
b8f7c80fd2
Rubocop
2015-05-11 18:50:03 +01:00
8308c2a925
Added check for nonsensical options
2015-05-11 18:48:55 +01:00
99133deabb
Reran tests, sorted out strip problem
2015-05-11 18:29:44 +01:00
c25a5d3859
Fixed a bunch of rubocop errors
2015-05-11 18:14:37 +01:00
34cf90af59
Removed unnecessary include
2015-05-11 17:31:31 +01:00
c001f014ce
HTML Title Grabber
2015-05-11 17:29:22 +01:00
d8cc2c19d3
Fix #5315 , User configurable options for jenkins_login
...
Fix #5315 . This patch allows the user to configure the HTTP method
for the login, as well as the URL.
2015-05-11 10:15:49 -05:00
efb226a55c
Fixed some minor errors
2015-05-10 02:59:57 -04:00
a8adcda941
Redo port checks
2015-05-08 15:29:30 -05:00
156aac1dff
Use timeout options
2015-05-08 15:23:08 -05:00
bf9ca1f88f
Change module filename
2015-05-08 15:08:59 -05:00
f56115552f
Do code cleanup
2015-05-08 14:56:39 -05:00
b73241882b
Use datastore option
2015-05-08 14:48:19 -05:00
b5f5bacb8c
Use the connect/read timeout as used by the HTTPClient mixin
2015-05-08 14:46:08 -05:00
9fdbfd7031
Use vprint_error
2015-05-08 14:21:36 -05:00
017ae463ed
Fix description style
2015-05-08 14:18:29 -05:00
a7988f9e93
Change credentials to service:service
2015-05-08 22:52:59 +05:00
e8913e5620
Addressed most of @wvu's issues with #5312
2015-05-06 14:47:08 -05:00
f423306b6f
Various post-commit fixups
...
Edited modules/auxiliary/dos/http/ms15_034_ulonglongadd.rb first landed
in #5150 , @wchen-r7's DOS module for CVE-2015-1635 HTTP.sys
Edited modules/auxiliary/gather/apple_safari_ftp_url_cookie_theft.rb
first landed in #5192 , @joevennix's module for Safari CVE-2015-1126
Edited modules/auxiliary/gather/java_rmi_registry.rb first landed in
Edited modules/auxiliary/gather/ssllabs_scan.rb first landed in #5016 ,
add SSL Labs scanner
Edited modules/auxiliary/scanner/http/goahead_traversal.rb first landed
in #5101 , Add Directory Traversal for GoAhead Web Server
Edited modules/auxiliary/scanner/http/owa_iis_internal_ip.rb first
landed in #5158 , OWA internal IP disclosure scanner
Edited modules/auxiliary/scanner/http/wp_mobileedition_file_read.rb
first landed in #5159 , WordPress Mobile Edition Plugin File Read Vuln
Edited modules/exploits/linux/http/multi_ncc_ping_exec.rb first landed
in #4924 , @m-1-k-3's DLink CVE-2015-1187 exploit
Edited modules/exploits/unix/webapp/wp_slideshowgallery_upload.rb first
landed in #5131 , WordPress Slideshow Upload
Edited modules/exploits/windows/local/run_as.rb first landed in #4649 ,
improve post/windows/manage/run_as and as an exploit
(These results courtesy of a delightful git alias, here:
```
cleanup-prs = !"for i in `git status | grep modules | sed
s/#.*modules/modules/`; do echo -n \"Edited $i first landed in \" && git
log --oneline --first-parent $i | tail -1 | sed 's/.*Land //' && echo
''; done"
```
So that's kind of fun.
2015-05-06 11:39:15 -05:00
7fb99cdaaf
Merged fixed conflicts
2015-05-02 05:37:36 -04:00
f95774c6b4
Fixed bugs
2015-05-02 05:09:03 -04:00
93ac8b48e3
Land #5178 , @jboss_vulnscan check for console default admin
...
* And minor fixes
2015-05-01 17:38:20 -05:00
697c6c20cb
Do minor cleanup
2015-05-01 17:37:45 -05:00
c6806b4e5f
Land #5102 , @wchen-r7's ManageEngine Desktop Central Login Utility
2015-05-01 15:20:21 -05:00
b037560c90
Do minor style fixes
2015-05-01 15:01:13 -05:00
9b17191e48
Remove unnecessary {,dis}connect
2015-04-28 15:09:16 -05:00
28e661e204
Fix false positive in POODLE scanner
...
If SSL is false somehow.
2015-04-28 14:19:48 -05:00
7523e592d2
Land #5198 , WordPress contus video gallery 2.7 scanner
2015-04-27 23:24:57 +02:00
7a2084cdc5
Rename wordpress_contus_video_gallery_sqli.rb to wp_contus_video_gallery_sqli.rb
2015-04-26 16:54:21 -05:00
c41c7a1ba2
Rewrote the conditions of res.
2015-04-25 17:18:38 -03:00
d01da0c522
Changed if conditions and exception handling
2015-04-25 15:08:36 -03:00
3a84396f32
Removed authorization header.
2015-04-25 14:30:21 -03:00
b810a96dac
Add Module for Enum on InfluxDB database.
2015-04-25 04:41:33 -03:00
ff96101dba
Land #5218 , fix #3816 , remove print_debug / DEBUG
2015-04-24 13:41:07 -05:00
896d6e8cb7
Fix title
2015-04-24 11:09:39 -05:00
7af6f31c3a
Fix message
2015-04-24 11:08:00 -05:00
5ca6fe3cb0
Do code cleanup
2015-04-24 11:07:13 -05:00
e51897d64e
Filepath option
2015-04-24 04:35:59 -03:00
7b0b59b5f6
Add WordPress GI-Media Library Plugin File Read.
2015-04-24 04:24:16 -03:00
e9f8b25987
Update wordpress_contus_video_gallery_sqli.rb
...
Update to use the Wordpress mixin
2015-04-22 14:43:55 -05:00
26d208f089
Update wordpress_contus_video_gallery_sqli.rb
...
remove 'uri'
2015-04-22 14:42:03 -05:00
ab94f15a60
Take care of modules using the 'DEBUG' option
2015-04-21 12:13:40 -05:00
073850c5ad
Land #5158 , OWA internal IP disclosure scanner
2015-04-21 11:10:39 -05:00
5296c6507d
Land #5157 , OWA login scanner auth timing logs
2015-04-21 11:06:08 -05:00
b622aae97f
Update wordpress_contus_video_gallery_sqli.rb
2015-04-19 18:24:12 -05:00
c393f7c398
add contus video gallery scanner
2015-04-19 17:58:08 -05:00
ed9175d73f
Land #5167 , WordPress CP Multi-View Calendar SQLI Scanner
2015-04-19 23:36:23 +02:00
8c0bcd2e03
Update wordpress_cp_calendar_sqli.rb
...
Use the new WPVDB
2015-04-19 16:32:57 -05:00
6653c9e33d
Land #5162 , WordPress Dukapress File Read Vulnerability
2015-04-17 11:20:55 +02:00
6c77b64dae
wrong method name
2015-04-17 11:20:14 +02:00
aef464fc2e
Land #5159 , WordPress Mobile Edition Plugin File Read Vuln
2015-04-17 11:13:00 +02:00
153344a1dd
fix Unkown typo
2015-04-16 23:59:28 +02:00
ed588e335b
Changed the print_error output.
2015-04-16 17:32:59 -03:00
bf3bdcffb4
Changed the deph value to 7.
2015-04-16 17:30:28 -03:00
dd474757fe
Changed the print_error output.
2015-04-16 17:26:44 -03:00
f50cedeafd
Changed the depth value to 7.
2015-04-16 17:22:49 -03:00
0e186fa617
first fail_with fixes
2015-04-16 21:08:33 +02:00
1455d4e94d
Fix AUTH_TIME
2015-04-16 11:39:33 -05:00
7c572777e1
Fix whitespace
2015-04-16 11:34:50 -05:00
7a9167b235
Fix comments
2015-04-16 11:34:47 -05:00
9bcc988266
Update owa_login
2015-04-16 11:23:04 -05:00
75b88f199a
Create wordpress_cp_calendar_sqli.rb
2015-04-16 09:53:00 -05:00
ecc67b1a57
Fix loot name
2015-04-16 10:42:20 -03:00
d898af5513
Add check version and removed HttpClient
2015-04-16 10:40:35 -03:00
768294710b
Add check and removed HttpClient
2015-04-16 10:22:10 -03:00
890561bff3
Rewriting the condition 'if' for only one line
2015-04-16 09:23:56 -03:00
b90ff36ef4
Rewriting the condition 'if' for only one line
2015-04-16 09:15:17 -03:00
21e964e699
Add Author and references..
2015-04-16 07:20:48 -03:00
f6f4bd0746
Add WordPress Dukapress File Read Vulnerability
2015-04-16 07:17:46 -03:00
c8e1185a04
Included Wordpress mixin.
2015-04-16 05:02:39 -03:00
bec6270f07
Fix regex
2015-04-15 23:47:03 -05:00
01ae7002cf
Fix EOF whitespace
2015-04-15 21:27:53 -05:00
0031f09d60
Add author, EDB, WPVDB and fix loot.
2015-04-15 20:03:36 -03:00
0f1cf1d1b1
Add Module WP Mobile Edition Plugin File Read Vuln
2015-04-15 19:45:08 -03:00
66b7179a97
Rename module to owa_iis_internal_ip
2015-04-15 17:10:01 -05:00
a109dae033
Fix EOL whitespace
2015-04-15 16:58:59 -05:00
cc422eeeea
Fix splat
2015-04-15 16:58:18 -05:00
34ce4edacb
Add exchange_iis_internal_ip
2015-04-15 16:55:19 -05:00
d87483b28d
Squashed commit of the following:
...
commit 49f480af8b9d27e676c02006ae8873a119e1aae6
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Mon Apr 13 10:42:13 2015 -0500
Fix funny punctuation on rootpipe exploit title
See #5119
commit 0b439671efd6dabcf1a69fd0b089c28badf5ccff
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Mon Apr 13 10:37:39 2015 -0500
Fix vendor caps
Trusting the github repo README at
https://github.com/embedthis/goahead
See #5101
2015-04-13 10:46:47 -05:00
5f389cf3c2
Add ManageEngine Desktop Central Login Utility
2015-04-08 02:05:56 -05:00
dc14c770be
Changed the traversal variable to just one line
2015-04-08 02:26:59 -03:00
441042ed37
Removed the segments variable
2015-04-08 01:29:45 -03:00
d399d05383
Add Directory Traversal for GoAhead Web Server
2015-04-07 20:22:06 -03:00
42e82cc644
Rubocop fixes
2015-04-07 18:21:08 -05:00
7275d5745f
Fixes, refactoring and adding JBoss AS default creds scanning
2015-04-07 17:40:25 -05:00
56dc7afea6
Land #5068 , @todb-r7's module author cleanup
2015-04-03 16:00:36 -05:00
wchen-r7
h00die
Brent Cook
Fakhir Karim Reda zirsalem
James Lee
Adam Cammack
rwhitcroft
Christian Mehlmauer
nixawk
William Vu
KINGSABRI
Jon Hart
r3naissance
HD Moore
Kyle Gray
Waqas Ali
aushack
Spencer McIntyre
dmohanty-r7
jvazquez-r7
Roberto Soares
jaguasch
Tod Beardsley
JT
xistence
Jake Yamaki
Alton Johnson
Alexander Salmin
Greg Mikeska
kn0
g0tmi1k
Trevor Rosen
root
Stuart Morgan
Denis Kolegov
void-in
Brandon Perry
Brandon Perry
Nate Power
Zach Grace