adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,971 Commits 27 Branches 1,043 Tags
6d9d9a70d410cc94de4d3d9afd7a75cd426d43be
Commit Graph

55 Commits

Author SHA1 Message Date
sfewer-r7 df24090fc0 fix typo in message 2025-07-09 14:59:54 +01:00
sfewer-r7 ab913b0416 make this error message not that no password may be present on the device 2025-07-09 14:58:59 +01:00
sfewer-r7 34952d73f6 display the AuthCookie if one is received 2025-07-09 10:15:30 +01:00
Stephen Fewer 56354849f0 favor AUTO over ANY for this enum usage 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-07-01 15:05:09 +01:00
Stephen Fewer 14512d7d17 favor AUTO over ANY for this enum 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-07-01 15:04:57 +01:00
Stephen Fewer 18b00cebbb Use a more permissive regex to pull out the logbox name value 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-06-26 16:39:36 +01:00
sfewer-r7 6bdebf6ee3 add the salt_table_index value in the failure message 2025-06-26 16:35:21 +01:00
Stephen Fewer 84dda69ee0 this status message should explicitly say it has generated the *default* password 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-06-26 16:34:04 +01:00
Stephen Fewer a7b26ac74d fail with a message that includes the unexpected length value 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-06-26 16:32:08 +01:00
Stephen Fewer f66389bbbf include the password in the verbose status message 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-06-26 16:31:31 +01:00
sfewer-r7 c6ffcdb2f8 This resolves the 'Proto is not included in the list' error during create_credential 2025-06-26 16:11:38 +01:00
sfewer-r7 14191f6166 use Base64.strict_encode64 2025-06-24 10:16:49 +01:00
sfewer-r7 edea803c75 add in references 2025-06-24 10:14:59 +01:00
sfewer-r7 83a03efa3b aux module for CVE-2024-51978 2025-06-20 16:41:39 +01:00
bcoles 4ea181751d modules/auxiliary/admin: Resolve RuboCop violations 2025-05-21 08:32:40 +10:00
h00die 8beb6255cb fix spelling in aux modules 2024-01-07 15:02:53 -05:00
dwelch-r7 1617b3ec9b Use zeitwerk for lib/msf/core folder 2020-12-07 10:31:45 +00:00
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
Brent Cook 172a984d60 add deregister_tcp/udp_options 2019-03-08 16:04:32 -06:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
g0tmi1k 3f6925196b OCD - store_loot & print_good 2017-07-19 13:02:49 +01:00
g0tmi1k b8d80d87f1 Remove last newline after class - Make @wvu-r7 happy 2017-07-19 11:19:49 +01:00
g0tmi1k 4720d1a31e OCD fixes - Spaces 2017-07-14 08:46:59 +01:00
g0tmi1k 67310fa96c print_status -> print_good. [When it is successful, show it!] 2017-07-14 00:09:35 +01:00
William Vu 64452de06d Fix msf/core and self.class msftidy warnings 
Also fixed rex requires.
 2017-05-03 15:44:51 -05:00
Brent Cook b08d1ad8d8 Revert "Land #6812, remove broken OSVDB references" 
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
 2016-07-15 12:00:31 -05:00
wchen-r7 816bc91e45 Resolve #6807, remove all OSVDB references. 
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.

Resolve #6807
 2016-04-23 12:32:34 -05:00
Christian Mehlmauer 3123175ac7 use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook f703fa21d6 Revert "change Metasploit3 class names" 
This reverts commit 666ae14259.
 2016-03-07 13:19:55 -06:00
Christian Mehlmauer 666ae14259 change Metasploit3 class names 2016-03-07 09:56:58 +01:00
James Lee 8094eb631b Do the same for aux modules 2016-02-01 16:06:34 -06:00
wchen-r7 cea3bc27b9 Fix #6362, avoid overriding def peer repeatedly 
def peer is a method that gets repeated a lot in modules, so we
should have it in the tcp mixin. This commit also clears a few
modules that use the HttpClient mixin with def peer.
 2015-12-23 11:44:55 -06:00
wchen-r7 4561850055 Use metasploit-credential API instead of report_auth_info 2015-07-22 01:11:43 -05:00
root 4bd40fed7f yard doc and comment corrections for auxiliary 2015-04-03 16:12:23 +05:00
URI Assassin 35d3bbf74d Fix up comment splats with the correct URI 
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
 2014-10-17 11:47:33 -05:00
HD Moore 5e900a9f49 Correct sock.get() to sock.get_once() to prevent indefinite hangs/misuse 2014-06-28 16:06:46 -05:00
HD Moore 3868348045 Fix incorrect use of sock.get that leads to indefinite hang 2014-06-28 15:48:58 -05:00
nodeofgithub b80d366bb7 Add filter to output WPA-PSK password on Netgear DG834GT 2014-04-26 15:52:31 +02:00
Tod Beardsley 9035d1523d Update wol.rb to specify rhost/rport directly 
- [ ] Fire up tcpdump on the listening interface
 - [ ] Run the module and see the pcap:

listening on vmnet8, link-type EN10MB (Ethernet), capture size 65535
bytes
20:56:02.592331 IP 192.168.145.1.41547 > 255.255.255.255.9: UDP, length
102
 2014-04-14 20:57:20 -05:00
jvazquez-r7 0b1671f1b8 Undo debugging comment 2014-01-14 17:02:30 -06:00
jvazquez-r7 6372ae6121 Save some parsing 2014-01-14 17:00:00 -06:00
Matt Andreko 2d40f936e3 Added some additional creds that were useful 2014-01-13 23:15:51 -05:00
Matt Andreko 42fb8c48d1 Fixed the credential parsing and made output consistent 
So in the previous refactor, we made the dedicated method to parse
usernames and passwords from the split up config values. However, that
didn't work, because on a single iteration of the loop, you only have
access to a possible username OR password. The other matching key will
be another iteration of the loop. Because of this, no credential pairs
were being reported.

The only way I can see around this (maybe because I'm a ruby newb) would
be to iterate over configs, and if the user or password regex matches,
add the matching value to a hash, which is identified by a key for both
user & pass. Then upon completion of the loop, it'd iterate over the
hash, finding keys that had both user & pass values.
 2014-01-13 22:57:25 -05:00
Tod Beardsley 207e9c413d Add the test info for sercomm_dump_config 2014-01-13 14:27:03 -06:00
Tod Beardsley 671027a126 Pre-release title/desc fixes 2014-01-13 13:57:34 -06:00
jvazquez-r7 410302d6d1 Fix indentation 2014-01-09 15:14:52 -06:00
Matt Andreko b1073b3dbb Code Review Feedback 
Removed the parameters from get() since it works without them
 2014-01-09 15:54:23 -05:00
Matt Andreko 2a0f2acea4 Made fixes from the PR from jvazquez-r7 
The get_once would *only* return "MMcS", and stop. I
modified it to be a get(3, 3). Additionally, the command
length was set to 0x01 when it needed to be 0x00.
 2014-01-09 15:33:04 -05:00
jvazquez-r7 be6958c965 Clean sercomm_dump_config 2014-01-09 13:42:11 -06:00
Matt Andreko 01c5585d44 Moved auxiliary module to a more appropriate folder 2014-01-09 10:17:26 -05:00