8beb6255cb
fix spelling in aux modules
2024-01-07 15:02:53 -05:00
64b441be2a
Rspec tests, get_broker_port addition
2023-06-22 01:29:33 -04:00
67225650de
convert _ to .
2023-06-16 16:13:36 -04:00
4f661ff230
rocketmq version lib
2023-06-16 15:36:06 -04:00
3e538a34af
review comments
2023-06-08 16:38:22 -04:00
e3bcc9ac08
rocketmq version scanner
2023-06-07 17:29:53 -04:00
2e63a5b48c
setting stop_on_success attribute to true
...
this attribute is needed by LoginScanner module but will have no effect
2022-07-01 12:22:31 +07:00
cdc6fe471f
Use safe navigation operator instead of rescue
2022-07-01 12:06:38 +07:00
738aa7ac0a
Deregister STOP_ON_SUCCESS
2022-06-30 11:42:50 +07:00
f81e4d5dde
use autocheck module and rescue in case the user use ForceExploit against unknown service
2022-06-30 11:38:20 +07:00
da63fbbad4
Add FreeSwitch Login auxiliary module
2022-06-28 20:13:24 +07:00
d5ba1afbec
fix URLs not resolving
...
fix URLs not resolving
add csv export to references
fix URLs not resolving
pdf not pd
missed a url change
remove extra recirectedfrom fields
remove extra file
fix ovftool url accidental replacement
2022-02-16 17:22:40 -06:00
30809787c4
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
c45c01f888
Rescue connection errors and return a CheckCode
...
Oops, the Scanner mixin was silently catching them.
2020-08-26 12:34:03 -05:00
f08349982d
Use CheckModule scanner in java_rmi_server exploit
2020-08-24 10:11:03 -05:00
33e35bae7c
Add descriptions to auxiliary modules Actions
...
And a little formatting
Closes #13403
Update modules/auxiliary/admin/android/google_play_store_uxss_xframe_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/backupexec/dump.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/http/arris_motorola_surfboard_backdoor_xss.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/dos/android/android_stock_browser_iframe.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/tikiwiki/tikidblib.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/smb.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/telnet.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/vnc.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/fakedns.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/tftp.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/dos/http/gzip_bomb_dos.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/dos/http/ibm_lotus_notes.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/dos/http/ibm_lotus_notes2.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/dos/http/webkitplus.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/dos/windows/browser/ms09_065_eot_integer.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/example.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/android_browser_file_theft.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/apple_safari_ftp_url_cookie_theft.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/android_browser_new_tab_cookie_theft.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/apple_safari_webarchive_uxss.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/browser_lanipleak.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/firefox_pdfjs_file_theft.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/flash_rosetta_jsonp_url_disclosure.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/samsung_browser_sop_bypass.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/http.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/http_basic.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/http_ntlm.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/http_ntlmrelay.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/socks4a.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/socks5.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/sip.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/postgresql.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/local_hwbridge.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/webkit_xslt_dropper.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/socks_unc.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/client/iec104/iec104.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/browser_info.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/drda.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/ftp.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/mssql.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/mysql.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/pop3.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/dns/spoofhelper.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/printjob_capture.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update description following Actions removal
Update modules/auxiliary/gather/browser_info.rb
Update modules/auxiliary/gather/browser_info.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/browser_info.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
2020-05-17 14:51:14 -05:00
bb583672bf
Fix style
2020-01-16 14:21:09 -06:00
30ddabba92
add PROTOCOL option for sunrpc_portmapper
2020-01-02 09:52:18 -06:00
32334c2386
Update all module splats from http:// to https://
2019-08-15 18:10:44 -05:00
ddef5b4961
MSF5: Remove unneeded RHOST deregister in scanners
...
With Metasploit 5, RHOST and RHOSTS are aliases, so no need to
deregister one or the other, as they are the same option. Deregistering
one deregisters both.
2019-03-05 13:04:49 -06:00
24f807490f
revisionism
2019-01-10 19:19:14 +00:00
50b7d93a18
java_jmx_scanner: Incorporate @bcoles suggestions
2018-12-19 12:56:53 -06:00
51ce96a2b4
Merge branch 'jmx_scanner' of https://github.com/sgorbaty/metasploit-framework into sgorbaty-jmx_scanner
2018-12-18 16:05:03 -06:00
b31afb4e3d
Spaces at EOL fixes
2018-11-29 17:29:05 -06:00
504237c77a
Land #10877 , ibm-mq-login username/password checker
2018-11-28 11:36:53 -06:00
84f0a59fe6
ibm_mq_login: Added support for WebSphere 9 via the PASSWORD option
2018-11-28 11:08:37 -06:00
96ede80dc4
Land #10876 , ibm_mq_enum: IBM WebSphere MQ Name and Version Enumeration
2018-11-21 16:10:59 -06:00
a3131f15de
ibm_mq_enum: Code cleanup, server channel and general exception handling improvements
2018-11-21 16:09:18 -06:00
7084538b8c
ibm_mq_channel_brute: Exception handling when channel.length > 20 chars
2018-11-20 16:24:17 -06:00
d2a5b966f3
Land #10875 , IBM WebSphere MQ Channel Name Bruteforce auxiliary module
2018-11-20 16:23:23 -06:00
90b9204703
Update DisclosureDate to ISO 8601 in my modules
...
Basic msftidy fixer:
diff --git a/tools/dev/msftidy.rb b/tools/dev/msftidy.rb
index 9a21b9e398..e9ff2b21e5 100755
--- a/tools/dev/msftidy.rb
+++ b/tools/dev/msftidy.rb
@@ -442,6 +442,8 @@ class Msftidy
# Check disclosure date format
if @source =~ /["']DisclosureDate["'].*\=\>[\x0d\x20]*['\"](.+?)['\"]/
d = $1 #Captured date
+ File.write(@full_filepath, @source.sub(d, Date.parse(d).to_s))
+ fixed('Probably updated traditional DisclosureDate to ISO 8601')
# Flag if overall format is wrong
if d =~ /^... (?:\d{1,2},? )?\d{4}$/
# Flag if month format is wrong
2018-11-16 12:18:28 -06:00
f192b50a8e
Catch exceptions
2018-11-08 18:47:56 +00:00
1fbf779f9c
Added more verbose output
2018-11-08 18:35:15 +00:00
88e4d384d2
increased default timeout value
2018-11-08 16:13:55 +00:00
b705059bca
Added channel name length check
2018-10-28 20:18:58 +00:00
60aa1181ca
Add IBM WebSphere MQ Login Bruteforce module
...
Used to bruteforce usernames that can connect to the Queue Manager. The name of a valid server-connection channel without SSL configured is required, as well as a list of usernames to try.
* IBM Downloads page: https://developer.ibm.com/messaging/mq-downloads/
* Tested on IBM MQ 7.5, 8 and 9
* Usage:
* Download and install MQ Server from the above link
* Create a new Queue Manager
* Create a new channel (without SSL)
* Allow remote connections for admin users by removing the CHLAUTH record that denies all users or configure access for a specific username.
* Run the module
2018-10-28 19:29:45 +00:00
92d5ab469c
Update ibm_mq_channel_brute.rb
2018-10-28 18:21:54 +00:00
296d9a08eb
Removing unnecessary line
...
Co-Authored-By: pkb1s <petkoutroubis@gmail.com >
2018-10-28 18:10:51 +00:00
3e3be18189
Using print_line instead of print("\n")
...
Co-Authored-By: pkb1s <petkoutroubis@gmail.com >
2018-10-28 18:10:14 +00:00
f8c829dc81
Using print_line instead of print("\n")
...
Co-Authored-By: pkb1s <petkoutroubis@gmail.com >
2018-10-28 18:10:09 +00:00
67e8a7ce13
Changing CHANNELS_FILE option type
...
Co-Authored-By: pkb1s <petkoutroubis@gmail.com >
2018-10-28 18:08:12 +00:00
f51a95465e
Changed http to https in metasploit url
...
Co-Authored-By: pkb1s <petkoutroubis@gmail.com >
2018-10-28 18:07:20 +00:00
a6135e3738
Added "increase timeout" message
2018-10-28 17:48:15 +00:00
02d9d0f006
Add IBM WebSphere MQ Queue Manager Name and MQ Version Enumeration module
...
Run this auxiliary against the listening port of an IBM MQ Queue Manager to identify its name and version. Any channel type can be used to get this information as long as the name of the channel is valid.
* IBM Downloads page: https://developer.ibm.com/messaging/mq-downloads/
* Tested on IBM MQ 7.5, 8 and 9
* Usage:
* Download and install MQ Server from the above link
* Create a new Queue Manager
* Create a new channel (without SSL)
* Run the module
2018-10-28 16:09:17 +00:00
a23cb7dfe8
Add IBM WebSphere MQ Channel Name Bruteforce module
...
Uses a dictionary to bruteforce MQ channel names. For all identified channels it also returns if SSL is used and whether it is a server-connection channel.
* IBM Downloads page: https://developer.ibm.com/messaging/mq-downloads/
* Tested on IBM MQ 7.5, 8 and 9
* Usage:
** Download and install MQ Server
** Create a Queue Manager
** Create a new channel (without SSL)
** Run the module
2018-10-28 15:22:27 +00:00
a0b7a4986e
Making sure we connect to RMI
2018-07-30 23:25:32 -07:00
c3534a479e
JMX scanner
2018-07-30 13:25:15 -07:00
99555dde02
sleep! per feedback
2017-11-21 21:33:29 -05:00
5484ee840e
Correct port when eating cisco config
2017-11-21 18:09:51 -08:00
bdc822c67d
Improve logging when requesting config
2017-11-21 18:09:02 -08:00
h00die