fa8c9bc4f3
Merge pull request #75 from rapid7/feature/MSP-9692/afp_login
...
MSP-9692 #land
2014-06-13 10:51:26 -05:00
f452652f54
Merge pull request #61 from rapid7/feature/MSP-9708/ssh-bruteforce
...
Functional steps updated and passing, along with specs. Proof being maintained seemed off, but it's not persisted, just used for setting platform.
MSP-9708 #land
2014-06-12 18:37:44 -05:00
d215b8e5b2
Merge pull request #47 from rapid7/feature/MSP-9712/winrm-bruteforce
...
45 merged, steps passing.
MSP-9712 #land
2014-06-12 16:04:17 -05:00
52d63f51bb
Merge pull request #50 from rapid7/feature/MSP-9705/postgres_login
...
Verily verified.
MSP-9705 #land
2014-06-12 15:49:39 -05:00
539f30e720
refactor afp_login
2014-06-12 14:16:05 -05:00
96e492f572
Merge branch 'master' into staging/electro-release
2014-06-12 14:02:27 -05:00
62a4991508
Land #3446 , some code cleanup from @todb-r7
2014-06-12 13:35:36 -05:00
3f5e50d18f
Aux modules don't have ranking.
...
msftidy should have defintely caught this. That it didn't catch on
Travis-CI concerns me. Need to research this.
2014-06-12 13:21:59 -05:00
1aa029dbed
Avoid double quotes in the initialize/elewhere
...
There is no need to have double quotes there for uninterpolated strings,
and every other module uses single quotes.
2014-06-12 13:20:59 -05:00
fe33444858
Merge pull request #58 from rapid7/feature/MSP-9693/db2_auth
...
Errors resolved, cred created
MSP-9693 #land
2014-06-12 12:49:54 -05:00
e85f829ee4
modules living inside scanner should include the Scanner mixin
2014-06-12 12:20:44 -05:00
430b3d181e
Merge pull request #67 from rapid7/feature/MSP-9695/ftp_login
...
Access level string clarified, specs passing, valid looking cores with proper info
MSP-9695 #land
2014-06-12 11:33:18 -05:00
71a4f1ab33
Clarified RW access level
...
MSP-9695
2014-06-12 11:32:20 -05:00
67d4097e1d
Land #3271 , @claudijd's Cisco ASA SSL VPN Bruteforce Aux Module
2014-06-12 11:27:23 -05:00
7650067b41
Fix metadata
2014-06-12 11:22:52 -05:00
e76c85c5d1
Fix usage of print_*
2014-06-12 11:13:45 -05:00
e4ff07dfa8
Merge branch 'staging/electro-release' into feature/MSP-9693/db2_auth
2014-06-12 10:52:06 -05:00
88f8b585a3
Merge branch 'staging/electro-release' into feature/MSP-9705/postgres_login
...
Conflicts:
Gemfile
Gemfile.lock
2014-06-12 10:47:02 -05:00
a5d88fd2ab
Space in arg list, because I don't hate feedom.
2014-06-12 10:29:14 -05:00
6bc37cca0c
Land #3430 , @brandonprry's generic MongoDB injection enum.
2014-06-11 21:41:23 -05:00
c074ebda7b
refactor telnet_login
2014-06-11 17:46:42 -05:00
85bee6ea12
Update ftp_login.rb
2014-06-11 17:29:23 -05:00
cca91dd7c5
Update mongodb_js_inject_collection_enum.rb
...
some @jvennix-r7 fixes
2014-06-11 17:07:57 -05:00
83a2dc250d
make ftp guest attempts optional
2014-06-11 16:37:59 -05:00
c8e1fab6ec
Merge branch 'staging/electro-release' into feature/MSP-9708/ssh-bruteforce
...
Conflicts:
lib/metasploit/framework/credential.rb
2014-06-11 16:28:01 -05:00
b756395eaa
Merge branch 'staging/electro-release' into feature/MSP-9712/winrm-bruteforce
...
Conflicts:
lib/metasploit/framework/credential_collection.rb
spec/lib/metasploit/framework/credential_collection_spec.rb
2014-06-11 16:21:59 -05:00
1164cf5363
refactor ftp_login
...
uses new cred goodness
2014-06-11 16:21:55 -05:00
87a9ee9a69
Merge pull request #59 from rapid7/feature/MSP-9697/tomcat_login
...
Feature/msp 9697/tomcat login
MSP-9697 #land
2014-06-11 15:35:09 -05:00
6c0d668f0a
Merge pull request #55 from rapid7/feature/MSP-9701/msssql_login
...
Feature/msp 9701/msssql login
MSP-9701 #land
2014-06-11 13:48:59 -05:00
84aa0d42ed
Merge pull request #57 from rapid7/bug/MSP-10004/rubyzip
...
Trevor added a 0.4.1 tag right before this PR landed, making this unmergable. Pulled in staging/electro-release, specs passing.
2014-06-11 13:48:03 -05:00
1903542683
Merge branch 'staging/electro-release' into bug/MSP-10004/rubyzip
...
Conflicts:
Gemfile
Gemfile.lock
2014-06-11 13:42:26 -05:00
e8752f9c56
Point to correct creds version
2014-06-11 13:38:35 -05:00
651871bd7a
Resolve upstream conflict
2014-06-11 13:34:45 -05:00
9593422f9c
Merge branch 'master' into staging/electro-release
2014-06-11 10:23:56 -05:00
6ca5cf6c26
Add Chromecast YouTube remote control
2014-06-11 00:08:08 -05:00
fb8c1f4c4b
Refactor ssh_login to use LoginScanner stuffs
...
Also, Metasploit::Credential::Creation stuffs.
2014-06-10 17:30:06 -05:00
c06fd21fb1
refactor tomcat_mgr_login
...
uses the new Metasploit::Credential magic now
2014-06-10 15:59:00 -05:00
693c4aae66
make sure we capture realms
...
need to account for the possability of
realms in mssql_login
2014-06-10 14:41:45 -05:00
b05e7fb9ac
Fix require
...
MSP-10004
Change 'zip/zip' to 'zip' to match >= 1.0.0 rubyzip API.
2014-06-10 13:58:07 -05:00
74d376e387
refactor db2_auth module
...
you know what it is
2014-06-10 13:43:07 -05:00
4d923a4809
Update to Rubyzip 1.X API
...
MSP-10004
`require 'zip'` instead of `'zip/zip'` and rename all classes to remove
redundant Zip prefix inside the Zip namespace.
2014-06-10 13:41:42 -05:00
44540e6d00
Land #3437 , CSS Injection MITM scanner
2014-06-10 13:36:35 -05:00
4aa1fee398
Land #3326 , @FireFart's Heartbleed - server response parsing
2014-06-10 13:27:28 -05:00
0c89d6cdce
refactor mssql_login
...
now uses all the Metasploit::Credential goodness
2014-06-10 11:49:08 -05:00
15ceb1e826
put calls in right place it helps
2014-06-10 11:17:19 -05:00
63ec83ea90
missing public
...
missing the public in the invalidate_login call
now fixed
2014-06-10 11:12:17 -05:00
6362eac0b0
add invalidate_login call
2014-06-10 11:11:22 -05:00
e9d9806408
invalidate_login
...
added invalidate_login call
also made to_s on credential drop the @
if there is no realm present
2014-06-10 11:07:15 -05:00
dc590008a7
add invalidate_login call
...
add the new invalidate login call to make sure
we update the status on failed logins appropriately
2014-06-10 10:58:27 -05:00
521284253f
Be more clear about the vuln and impact
2014-06-10 10:29:23 -05:00
Samuel Huckins