a454217bd4
Update info -d markdown
2025-06-24 11:21:49 +01:00
37388ca1be
Adds sentinel values to modules missing notes
2025-06-23 12:24:58 +01:00
a4b14d8b64
Runs Rubocop to fix layout in modules
2025-06-20 15:18:01 +01:00
566e12b69e
Add error_callback to SSH Command Stream
2024-11-25 16:43:59 +00:00
dd0be6cad5
Rubocop fix for arista_tacplus_shell
2022-04-19 22:38:50 -07:00
4417a335ff
Land #16379 , Make SSH defaults widely used
...
Refactored a number of modules to use ssh_client_defaults
2022-04-19 22:08:45 -07:00
a756df5400
Add in missing RuboCop note sections
2022-04-19 16:40:57 -05:00
94ed9ae28b
Modules: Prefer CVE references over cve.mitre.org URL references
2022-04-19 20:42:23 +00:00
fd6c8aa3d5
Lint msftidy
2022-04-18 23:36:23 +02:00
37e334f95d
Rubocop
2022-04-18 09:36:52 -07:00
9e283ae1b1
Refactored aassigned list of modules
2022-04-18 09:35:08 -07:00
e67c70e422
Ensure default options gets override
2022-03-09 13:24:06 +01:00
77dc0722b4
Update modules/exploits/unix/ssh/tectia_passwd_changereq.rb
...
Ensure we're overriding the defaults
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com >
2022-03-09 13:02:15 +01:00
dd47017b5c
Added support to old key exchange algorithms
...
This commit fix the issue #16138 by adding support to old key
exchange algorithms in the net/ssh lib by defining the
`append_all_supported_algorithms` to `true`.
2022-03-09 10:25:50 +01:00
4a9a15e638
Run Rubocop layout rules on modules
2021-08-27 17:19:43 +01:00
100da2f1b1
Enforce Style/RedundantBegin for new modules
2021-05-13 04:01:03 +01:00
b06c5c12aa
Rubocop recently landed modules continued
2021-02-25 14:13:40 +00:00
5b3fde7735
Rubocop recently landed modules
2021-02-16 15:08:08 +00:00
30809787c4
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
d4fb1be83a
Update check code for arista_tacacs_shell.rb
2020-06-14 15:13:30 -07:00
ffc49ccf83
General cleanup
2020-06-14 15:10:41 -07:00
34e3e3c9e8
Removal of Exploit:: on CheckCode
2020-06-14 15:06:42 -07:00
ff402ea9ac
applied linting and cleaning return checks
...
rubocop and msftidy applied
modified check return codes
2020-06-14 14:55:43 -07:00
63713de14c
fix self.class msftidy warning and minor syntax
2020-05-31 18:39:50 -07:00
e29ed335de
Add CVE-2020-9015 Arista TACACS+ SSH Shell Escape
...
This module exploits a vulnerability of a combined poorly configured TACACS+ config and
Arista's bash shell.
This module has been tested successfully on:
- tac_plus version: 202001211926/PCRE/DES
- Arista HW/SW DCS-7280SRAM-48C6-R – 4.22.0.1F
- Arista HW/SW DCS-7050CX3-32S-R – 4.20.11M
- Arista HW/SW DCS-7050QX-32S-R – 4.20.9M
2020-04-21 12:21:52 -07:00
4c036e70c1
Fix http://seclists.org links to https://
...
I have no idea how this happened in my own code. I was seeing https://.
2018-09-15 18:54:45 -05:00
60c0272270
Make style consistent
2018-08-15 21:27:40 -05:00
cd01f11fd2
Remove verifying host keys for all exploits
2018-08-15 14:54:41 -07:00
f5ccdcfcd2
Net SSH CommandStream fixes implemented
...
* Net::SSH::CommandStream typos fixed
* Net::SSH::CommandStream cleanup made more robust and refactored
* require 'net/ssh/command_stream' added to various modules
2018-07-25 11:22:28 -05:00
b1d0529161
prefer 'shell' channels over 'exec' channels for ssh
...
If a command is not specified to CommandStream, request a "shell"
session rather than running exec. This allows targets that do not have a
true "shell" which supports exec to instead return a raw shell session.
2018-02-08 02:21:16 -06:00
6300758c46
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
ef826b3f2c
OCD - print_good & print_error
2017-07-19 12:48:52 +01:00
b8d80d87f1
Remove last newline after class - Make @wvu-r7 happy
2017-07-19 11:19:49 +01:00
64452de06d
Fix msf/core and self.class msftidy warnings
...
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
7352029497
first round of SSL damage fixes
2016-09-13 17:42:31 -05:00
ff63e6e05a
Land #7018 , unvendor net-ssh
2016-07-19 17:06:35 -05:00
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e02167b1d9596c7
2016-07-15 12:00:31 -05:00
b6b52952f4
set ssh to non-interactive
...
have to set the non-interactive flag so that it does not
prompt the user on an incorrect password
MS-1688
2016-07-14 11:12:03 -05:00
01d0d1702b
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup
2016-07-14 09:48:28 -05:00
3d93c55174
move sshfactory into a mixin method
...
use a convience method to DRY up creation
of the SSHFactory inside modules. This will make it easier
to apply changes as needed in future. Also changed msframework attr
to just framework as per our normal convention
MS-1688
2016-06-28 15:23:12 -05:00
6c3871bd0c
update ssh modules to use new SSHFactory
...
updated all of our SSh based module to use the
new SSHFactory class to plug Rex::Sockets into
Net::SSH
MS-1688
2016-06-24 13:55:28 -05:00
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
2016-03-07 13:19:55 -06:00
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
27a6aa0be1
Fix current msftidy warnings about PACKETSTORM vs URL
2015-12-24 09:05:02 -08:00
154fb585f4
Remove bad references (dead links)
...
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
3e613dc333
change exitfunc to thread
2015-09-01 10:43:45 +02:00
648c034d17
change exitfunc to thread
2015-09-01 10:42:15 +02:00
80a22412d9
use EXITFUNC instead of ExitFunction
2015-08-13 21:22:32 +02:00
cgranleese-r7