adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

21 Commits

Author SHA1 Message Date
space-r7 dd0b124e84 fix typo in docs, check some responses 2022-05-04 17:28:37 -05:00
krastanoel 115dad7193 Why do i keep forgeting that res can be nil 2022-05-04 20:23:42 +07:00
krastanoel 10c1c75337 Fail the exploit when the target is not Zoneminder but the user enable the ForceExploit 2022-05-04 20:13:40 +07:00
krastanoel 54f6e270fe Make sure the target is a Zoneminder before parse the version, and check if the version is not nil 2022-05-04 20:02:37 +07:00
krastanoel 4c231ba226 Apply suggestions from code review 
Remove unnecessary check for content-type response

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-05-04 16:37:20 +07:00
krastanoel 8408f28967 checking status code response for successful exploitation 2022-05-03 20:47:36 +07:00
krastanoel c582f4277f res can be nil due to a timeout or other reason 2022-05-03 20:09:58 +07:00
krastanoel 4e6dddd735 Fail if the response is nil or the body is blank 2022-05-03 19:41:06 +07:00
krastanoel a1dcbb8004 Make sure the response content-type is json before parsing 2022-05-03 19:31:38 +07:00
krastanoel b4733afe2c Modify cookie jar, login and responses 
- use keep_cookies instead of grabbing and set manually
- separate login code to its own method
- check response is not nil before calling get_html_document method
- clear cookie jar in exploit method and authenticate if user disable AutoCheck option
 2022-05-03 17:54:59 +07:00
krastanoel 4e2328fc89 Return safe checkcode when authentication failed to benefit from autocheck module 2022-04-30 03:45:06 +07:00
krastanoel dbc49c67e6 Use nokogiri over regex to parse csrf_magic value 2022-04-30 03:16:37 +07:00
krastanoel 538e3569f4 No need to use rescue block on check method for supported ruby version 2022-04-30 03:12:27 +07:00
krastanoel a7670b1bfe Fix Inconsistent indentation detected. 2022-04-30 01:46:13 +07:00
krastanoel f1f0ec5435 Apply suggestions from code review 
Remove RPORT option and rescue block

Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-04-30 01:18:56 +07:00
krastanoel e27627fbbf Assign check result to an instance variable 2022-04-29 23:01:15 +07:00
krastanoel ae23be355b Remove rand method 2022-04-29 22:34:34 +07:00
krastanoel 328448e8d4 Get current language before resetting it 2022-04-29 20:52:58 +07:00
krastanoel 7816ffb7c3 Remove checkcode in exploit method and use fail_with instead, no need to use rand method 2022-04-29 19:45:51 +07:00
krastanoel e58fff1ac3 Remove fail_with in check method and return both checkcode and message instead of print 2022-04-29 19:36:36 +07:00
krastanoel 7c371b65ee Add Zoneminder Language rce module 2022-04-28 20:59:53 +07:00