Commit Graph

2702 Commits (ffd8890ba2ac53e763a7eeb7bc440b2522a51dd8)

Author SHA1 Message Date
sinn3r 6f50410e5f Merge branch 'patch-1' of github.com:mubix/metasploit-framework into mubix-patch-1 2013-01-03 17:51:54 -06:00
James Lee 9e912a23ff Merge branch 'rapid7' into FireFart-msftidy_aux_1 2013-01-03 16:54:25 -06:00
Tonimir Kisasondi 39e81fb07f Update modules/auxiliary/scanner/http/wordpress_login_enum.rb
Simple fix for msfconsole start error.
2013-01-03 21:52:10 +01:00
Tod Beardsley 1406f7cb0a Msftidy on sap_router_info_request 2013-01-03 10:55:11 -06:00
Christian Mehlmauer 8cada447b2 msftidy: remove $Id$ 2013-01-03 10:21:10 +01:00
Christian Mehlmauer e4a6669927 msftidy: remove $Revision$ 2013-01-03 01:05:45 +01:00
Christian Mehlmauer 4d8a2a0885 msftidy: remove $Revision$ 2013-01-03 01:01:18 +01:00
Christian Mehlmauer 95948b9d7c msftidy: remove $Revision$ 2013-01-03 00:58:09 +01:00
Christian Mehlmauer ca890369b1 msftidy: remove $Id$ 2013-01-03 00:54:48 +01:00
Rob Fuller 88d12da3db hilight positive results in WebDAV scanner
As suggested by Lee Baird
2013-01-02 13:27:25 -05:00
sinn3r 33ea21e415 Merge branch '403labs-zgrace-wordpress_login_enum' 2012-12-28 17:47:05 -06:00
sinn3r d92b3bd2e1 Apply fixes 2012-12-28 17:46:17 -06:00
Tod Beardsley e5eb8c6301 Fix connected in sap_router_info_request
See #1028 comments
2012-12-28 16:34:59 -06:00
sinn3r 2746a57093 Merge branch 'zgrace-wordpress_login_enum' of git://github.com/403labs/metasploit-framework into 403labs-zgrace-wordpress_login_enum 2012-12-28 15:42:09 -06:00
Tod Beardsley 3daea913b1 Merge branch 'sap_router_info_request' 2012-12-28 15:22:44 -06:00
Tod Beardsley 35604ac1aa Normalizing caps and expanding description a bit
Be nice to have a couple more lines on the description
2012-12-28 15:12:40 -06:00
Tod Beardsley 5d7197d8ba Moved shout outs, organized includes
include Msf::Exploit::Remote::Tcp must precede the include for the
Scanner mixin -- otherwise you end up with some undesired effects, like
having an RHOST and RHOSTS on the datastore.

Also, took out the block of shout outs and gave references and credits
to the people / url's mentioned.
2012-12-28 14:51:23 -06:00
Tod Beardsley c2586d0907 Instead of raising, offer advice on BPF filtering
Many people don't know how to disable ICMP echo responses off the top of
their head. However, the problem is solvable with a decent BPF filter.
2012-12-27 15:18:18 -06:00
Tod Beardsley c6533621a0 Oops removing debug prints 2012-12-27 14:58:52 -06:00
Tod Beardsley c695f429d5 Mirror upstream PacketFu fix on ICMP size 2012-12-27 14:56:49 -06:00
Tod Beardsley 121353b360 Fixing EOLs to unix
In vim:

:set fileformat=unix
:wq

ta-da
2012-12-27 13:54:50 -06:00
Tod Beardsley 9fa6c9f4c4 Merge remote branch 'ChrisJohnRiley/icmp_exfil' into icmp_exfil 2012-12-27 13:52:19 -06:00
Zach Grace d4bdf1b6b4 Added user name enumeration based on author id enumeration 2012-12-24 16:09:03 -06:00
sinn3r 2c4d517e75 Merge branch 'useragent_cleanup' of git://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-useragent_cleanup 2012-12-21 11:14:06 -06:00
Chris John Riley 413b75cd8b Fixed crash issues with unescape
Added better formatting to avoid pages of output
2012-12-21 12:07:14 +01:00
Chris John Riley e237512bd7 Cleaned up the SAP modules as they are all sending double user-agent strings (also added OptEnum where appropriate) 2012-12-21 10:47:45 +01:00
sinn3r cad8abef48 msftidy cleanup 2012-12-18 11:46:27 -06:00
sinn3r 860ebbcfb1 Merge branch 'master' into averagesecurityguy-master 2012-12-18 11:45:41 -06:00
sinn3r 0344c568fd Merge branch 'smb_fixes' of git://github.com/alexmaloteaux/metasploit-framework into alexmaloteaux-smb_fixes 2012-12-18 11:38:14 -06:00
sinn3r 9825b07df8 Merge branch 'sap_soap_rfc_dbmcli_sxpg_command_exec' of git://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_dbmcli_sxpg_command_exec 2012-12-18 01:12:50 -06:00
nmonkee 37f7122006 NameError undefined local variable or method output - fixed 2012-12-17 19:34:36 +00:00
Tod Beardsley 10511e8281 Merge remote branch 'origin/bug/fix-double-slashes'
Ran the new normalize_uri() specs, all passes, so I'm quite confident in
this change.
2012-12-17 13:29:19 -06:00
sinn3r d2885d9045 Correct US Cert references 2012-12-13 14:19:53 -06:00
jvazquez-r7 8f388eb226 fixing if typo 2012-12-11 23:28:21 +01:00
jvazquez-r7 b5b5667539 Merge branch 'symantec_brightmail' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-symantec_brightmail 2012-12-11 23:27:56 +01:00
sinn3r 0ca1dbd14e Account for the timeout condition 2012-12-11 16:24:42 -06:00
Rob Fuller 20ea56e4b9 fixed type @wchen-r7 found
hopefully didn't miss any others
2012-12-11 15:29:53 -05:00
Rob Fuller 717799cffd fix typos
negotiate spelled wrong in a couple spots
and only 3 g's in loggging
2012-12-11 15:00:21 -05:00
jvazquez-r7 461f057c95 Merge branch 'loggedin_users' of https://github.com/R3dy/metasploit-framework into R3dy-loggedin_users 2012-12-11 17:33:31 +01:00
sinn3r 25d888bebb Add CVE-2012-4347 Symantec Messaging Gateway Log File Download 2012-12-10 18:09:29 -06:00
Tod Beardsley 7ea188e02d Merge pull request #1147 from wchen-r7/cve_text_consistency
Change CVE text format
2012-12-09 14:48:08 -08:00
sinn3r 64a8b59ff9 Change CVE forma
Although the original text should work perfectly, for better
consistency, it's best to remove the "CVE" part. This may not
be a big deal in framework, but stands out a lot in Pro.
2012-12-09 01:09:21 -06:00
HD Moore 69177105ab Handle a null reply properly, small bug fix 2012-12-07 10:54:08 -08:00
Stephen Haywood f56ef52ffc Fixed path error when BASE_PATH is nil. 2012-12-06 23:55:34 -05:00
Stephen Haywood 761e735a55 Store wc.db file in loot. Add BASE_PATH option. 2012-12-06 23:38:03 -05:00
Royce Davis 97c9dd0caf Extra file got added by mistake, removed it 2012-12-06 16:31:28 -06:00
Royce Davis 600121c36a Fixed issue involing static path to Windows directory 2012-12-06 16:28:59 -06:00
Stephen Haywood 8a149b3ea3 Removed Version. 2012-12-06 17:24:16 -05:00
Stephen Haywood 4ce51fe889 Made changes requested by sinn3r. 2012-12-06 17:18:50 -05:00
Royce Davis 4837ea38f5 Merge https://github.com/rapid7/metasploit-framework 2012-12-06 16:15:55 -06:00
sinn3r c66777d028 Merge branch 'command' of git://github.com/R3dy/metasploit-framework into R3dy-command 2012-12-06 16:08:04 -06:00
Royce Davis 205276c38f Update modules/auxiliary/admin/smb/psexec_command.rb
Fixed static path to Windows directory.  This causes problems with directory is 'WINNT' for example.
2012-12-06 16:03:44 -06:00
Stephen Haywood d938959e97 Module to find SVN wc.db files. 2012-12-06 16:30:23 -05:00
jvazquez-r7 232eb7bf2d Final cleanup plus name change 2012-12-05 00:32:42 +01:00
jvazquez-r7 9cff72af72 Merge branch 'loggedin_users' of https://github.com/R3dy/metasploit-framework into R3dy-loggedin_users 2012-12-05 00:31:24 +01:00
jvazquez-r7 3dada00f43 fix typo accor ding to redmine 7550 2012-12-04 22:37:08 +01:00
Royce Davis a1136be59e Fixed last ip changed it to peer 2012-12-02 19:17:59 -06:00
Royce Davis 2b171bb003 Added report_note functionality 2012-12-02 18:49:50 -06:00
Royce Davis e4e3ec8fdd Fixed module to use clean psexec method 2012-12-02 18:35:23 -06:00
Royce Davis 476a5dc58c Fixed return without disconnect 2012-12-02 18:27:27 -06:00
Royce Davis 4276279dd8 Fixed print_status to use peer instead of ip 2012-12-02 18:25:09 -06:00
sinn3r 1085357dbb Talked to Todb, we like "." better 2012-11-30 14:53:57 -06:00
sinn3r 61a74bf257 Minor changes here and there
Changes include:
* Some corrections in metadata
* report_note()
* Removes connect(), usually don't need it in modules
2012-11-30 14:24:27 -06:00
Matt Andreko a73d8792ee Changed RPORT definition per egypt 2012-11-30 13:57:25 -05:00
Matt Andreko 40b8c93ef8 Added HSTS scanner for HTTPS sites 2012-11-30 09:30:11 -05:00
Royce Davis 7d4982b47b Fixed description area and authoer section 2012-11-29 14:21:27 -06:00
Royce Davis d6a3f6666d Fixed simple return form get_output method 2012-11-29 14:15:57 -06:00
Royce Davis cf53588ab7 Removed Version 2012-11-29 14:14:41 -06:00
Royce Davis 3ebbee5b1f Removed generic URLs 2012-11-29 14:13:49 -06:00
sinn3r bf41d3d0fd Merge branch 'network_shutdown_creds' of git://github.com/wchen-r7/metasploit-framework into wchen-r7-network_shutdown_creds 2012-11-29 10:43:03 -06:00
sinn3r b0e4931de8 When 'credentials' is empty, it is empty....... 2012-11-29 10:22:20 -06:00
HD Moore 93a69ea62e Fix instances of invalid lower-case datastore use 2012-11-29 00:05:36 -06:00
sinn3r b3a473aec0 Forgot to remove this option 2012-11-28 18:48:33 -06:00
sinn3r 0415d31c61 Update description 2012-11-28 16:07:21 -06:00
sinn3r 52c2437d5a Add OSVDB-83199 as a cred collecting aux module
From #1102
2012-11-28 15:56:13 -06:00
Alexandre Maloteaux c0c3dff4e6 Several fixes for smb, mainly win 8 compatibility 2012-11-28 22:49:40 +01:00
Royce Davis 82dc8e8814 Added check for LOGONSERVER and HOMEPATH 2012-11-28 09:02:19 -06:00
Tod Beardsley a24ebde3e3 Fix syntax on @@loaded_msfrpc 2012-11-27 14:10:46 -06:00
HD Moore 84294655aa Update the require, error handling, casing 2012-11-27 11:44:51 -08:00
sinn3r b008eb93c9 Fix msgpack issue 2012-11-27 12:45:01 -06:00
sinn3r 0440708453 I missed this sucker: var in a quote 2012-11-27 11:57:51 -06:00
sinn3r 0a0195e6c8 Merge branch 'kost-aux-scan-nexpose' 2012-11-27 11:57:11 -06:00
sinn3r 24f44e7a82 Lots of small changes
Basically the same changes I've been correcting like the rest of
other modules.
2012-11-27 11:52:58 -06:00
jvazquez-r7 6ccceedcb7 final cleanup for sip_deregister 2012-11-27 18:34:31 +01:00
jvazquez-r7 496fb63fad Merge branch 'sip_deregister' of https://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-sip_deregister 2012-11-27 18:34:05 +01:00
sinn3r 4dbb82d0bc Merge branch 'aux-scan-nexpose' of git://github.com/kost/metasploit-framework into kost-aux-scan-nexpose 2012-11-27 11:25:44 -06:00
sinn3r 139c149583 This variable doesn't have to be in a quote 2012-11-27 11:19:04 -06:00
sinn3r 673c519fa3 msg() isn't needed, because it's already implemented in HttpClient 2012-11-27 11:18:27 -06:00
sinn3r 7c3e478070 Final changes 2012-11-27 11:16:12 -06:00
sinn3r bb34fb8dec Actually, this is the exact reason why res can be nil 2012-11-27 11:14:52 -06:00
sinn3r eb30765509 Use vars_post instead of data 2012-11-27 11:13:21 -06:00
sinn3r 4796fb4415 These don't need to be in a quote 2012-11-27 11:12:15 -06:00
sinn3r 5b787406b9 Correct output messages
When HttpClient is used, it's actually not necessary to put the
target's IP/port and the module name in the output, because it's
already included in there.
2012-11-27 11:10:31 -06:00
sinn3r 46f86f46fa Merge branch 'aux-scan-nessus' of git://github.com/kost/metasploit-framework into kost-aux-scan-nessus 2012-11-27 11:01:36 -06:00
sinn3r 319fa04c16 Fix Ruby 1.8 comma of death 2012-11-26 16:45:43 -06:00
sinn3r 9ccc69c4c1 Mostly cosmetic changes. Plus a nil token bug fix. 2012-11-26 16:32:49 -06:00
sinn3r 32ea36916c Cosmetic changes 2012-11-26 16:28:16 -06:00
sinn3r 65ac56a7a7 Merge branch 'aux-scan-metasploit' of git://github.com/kost/metasploit-framework into kost-aux-scan-metasploit 2012-11-26 16:26:11 -06:00
sinn3r 472ec35adb Merge branch 'kost-aux-scan-splunk-login' 2012-11-26 16:16:02 -06:00
sinn3r af451df864 Lots of changes made
These changes include:
* More description
* Checks if auth is actually required.
* Collects the default credential on the webpage, and then tries it.
* Fixes possible nil 'Set-Cookie' header.
* Supports more options (USERPASS_FILE, USER_FILE, PASS_FILE)
* Removes the msg() function.
2012-11-26 16:12:11 -06:00