adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

11360 Commits

Author SHA1 Message Date
sjanusz 1a435f8a77 Working spidering on Windows XP, 7 & 10, DB options work, fix error handling 2021-11-24 17:34:33 +00:00
Grant Willcox 0007887a0c Land #15898, trade URI.encode & URI.escape for Ruby 3 2021-11-23 12:07:48 -06:00
Jeffrey Martin 21a6a18d92 trade URI.encode & URI.escape for Ruby 3 
Ruby 3 removed the `URI.escape` methods however access to
the a parse for the same RFC is stil available at `URI::DEFAULT_PARSER.escape`.

Per the Ruby forum [comment](https://bugs.ruby-lang.org/issues/17309#note-1) this should equal.
 2021-11-22 14:11:03 -06:00
sjanusz 8f7b9c5ad8 Improve disk shares 2021-11-22 12:41:45 +00:00
sjanusz 779881dd55 Add constants & exception handling for RubySMB 2021-11-22 12:36:59 +00:00
sjanusz 107dadf68c Change readme file to show new module changes 2021-11-22 12:36:59 +00:00
sjanusz db4303912a Add fixes 2021-11-22 12:36:59 +00:00
sjanusz eba2df0a8a Fix smb enumshare to work with SMB1/2/3 2021-11-22 12:36:59 +00:00
Matthew Dunn 888a69b911 Update documentation with blog post link and SSO details 2021-11-21 22:35:15 -05:00
Grant Willcox 9023c61ac8 Land #15851, User Agent Refresh 2021-11-17 15:08:52 -06:00
Grant Willcox 1d20393452 We should be safe to change the user agent for Google as well since we are communicating with Google's servers and as far as I can tell changing the user agent doesn't really change the results at all 2021-11-17 15:08:27 -06:00
Christophe De La Fuente 6c57ee376a Land #15755, Azure Active Directory Login Scanner Module 2021-11-17 15:53:22 +01:00
Jeffrey Martin f208e59541 ensure realm reported on credential 
remove default DOMAIN to make input required
 2021-11-16 15:36:04 -06:00
Jeffrey Martin 8c15fde679 adjust service reporting 2021-11-16 14:23:33 -06:00
Jeffrey Martin 5af7847b52 ensure address in an IP when reporting service 2021-11-16 12:39:41 -06:00
Jeffrey Martin 680f068adc move text encode into XML generation 2021-11-16 12:39:41 -06:00
Jeffrey Martin 7b3c9f9d13 utilize AuthBrute more 2021-11-16 12:34:17 -06:00
Ashley Donaldson f020c99a85 Implement suggestions from code review 2021-11-16 11:07:48 +11:00
h00die 69c0c367fe rubocop and example updates 2021-11-13 04:33:24 -05:00
Spencer McIntyre 726c5f26e3 SSH session consistency with auto-platform IDing 2021-11-12 16:03:27 -05:00
space-r7 b6dcb03b45 Land #15843, add Jetty WEB-INF file disclosure 2021-11-12 11:31:27 -06:00
space-r7 9ab969f8fe set default port, change checkcodes 2021-11-12 11:30:42 -06:00
space-r7 f055429189 Land #15806, add BillQuick SQLi module 2021-11-11 11:51:19 -06:00
space-r7 93038f43ce replace fail_with() calls with CheckCode returns 2021-11-11 11:37:55 -06:00
sjanusz fb8ea12de8 Lint SMB EnumShares module 2021-11-11 10:46:24 +00:00
Ashley Donaldson 527057c700 Updated user agent strings in some modules where it shouldn't impact exploitability 2021-11-10 11:12:38 +11:00
Ashley Donaldson cab04d33f5 Use existing Rex::UserAgent class; keep UA string consistent across an MSF session 2021-11-10 10:05:45 +11:00
h00die 28672f3ea5 review 2021-11-09 16:19:20 -05:00
h00die 8f713d00ae remove period 2021-11-09 04:11:23 -05:00
h00die 0fe49cce22 review comments 2021-11-09 04:04:16 -05:00
Ashley Donaldson 551ef90c5f Use default User agent string for generic auxiliary modules 2021-11-09 18:55:49 +11:00
h00die 23ba4a1f3a jetty updates 2021-11-08 14:09:43 -05:00
h00die ea59e89cba jetty web-inf file disclosure 2021-11-08 14:04:08 -05:00
Uli Heilmeier c3c7279de0 sap_router_portscanner: rename validate function 
cmd_run of command_dispatcher/auxiliary.rb calls a validate function
without an argument. As the validate function requires a range argument
running the sap_router_portscanner module fails.

Fix this issue by renaming the function.
 2021-11-07 20:05:20 +01:00
h00die e067535b72 billquick review updates 2021-11-06 06:29:56 -04:00
Matthew Dunn 5b8b718a3d Use fail_with instead of return 2021-11-05 11:49:02 -04:00
Christophe De La Fuente 836422f9ac Land #15776, Wordpress automatic plugin aux module 2021-11-05 12:47:27 +01:00
h00die b39196fd0f review comments 2021-11-04 15:28:05 -04:00
adfoster-r7 79314e6006 Land #15782, Add CVE-2002-0422 Coverage to iis_internal_ip Auxiliary Module 2021-11-02 13:31:34 +00:00
Christophe De La Fuente 43207ebf81 Land #15765, wordpress plugin bulletproofsecurity info disclosure (cve-2021-39327) 2021-10-29 18:33:51 +02:00
h00die d0335ff2df working module 2021-10-28 22:45:07 -04:00
Matthew Dunn becb54d5a5 Update username and password verification to detect improperly set attributes 2021-10-28 12:53:27 -04:00
Spencer McIntyre 7fc38d1b50 Land #15754, add apache2 path traversal modules 2021-10-22 12:40:57 -04:00
Spencer McIntyre ced61f989b Tweak the verbiage for clarity, update docs 2021-10-22 12:38:03 -04:00
h00die 1e9af10a21 pr review 2021-10-21 17:25:14 -04:00
Spencer McIntyre 5ac5a14a37 Land #15756, Add PoC for CVE-2021-31806 Squid DoS 2021-10-21 15:07:00 -04:00
RAMELLA Sébastien e449c2456b fix: traversal check logic... 2021-10-21 23:00:39 +04:00
Joshua Rogers f0eb43d99f Update modules/auxiliary/dos/http/squid_range_dos.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2021-10-21 19:15:30 +02:00
Matthew Dunn b8672bd9e5 Fix missing info in update_info 2021-10-21 11:09:47 -04:00
Matthew Dunn bb17a20274 Address PR feedback in the module setup/documentation 2021-10-21 11:02:40 -04:00