With Metasploit 5, RHOST and RHOSTS are aliases, so no need to
deregister one or the other, as they are the same option. Deregistering
one deregisters both.
Basic msftidy fixer:
diff --git a/tools/dev/msftidy.rb b/tools/dev/msftidy.rb
index 9a21b9e398..e9ff2b21e5 100755
--- a/tools/dev/msftidy.rb
+++ b/tools/dev/msftidy.rb
@@ -442,6 +442,8 @@ class Msftidy
# Check disclosure date format
if @source =~ /["']DisclosureDate["'].*\=\>[\x0d\x20]*['\"](.+?)['\"]/
d = $1 #Captured date
+ File.write(@full_filepath, @source.sub(d, Date.parse(d).to_s))
+ fixed('Probably updated traditional DisclosureDate to ISO 8601')
# Flag if overall format is wrong
if d =~ /^... (?:\d{1,2},? )?\d{4}$/
# Flag if month format is wrong
Used to bruteforce usernames that can connect to the Queue Manager. The name of a valid server-connection channel without SSL configured is required, as well as a list of usernames to try.
* IBM Downloads page: https://developer.ibm.com/messaging/mq-downloads/
* Tested on IBM MQ 7.5, 8 and 9
* Usage:
* Download and install MQ Server from the above link
* Create a new Queue Manager
* Create a new channel (without SSL)
* Allow remote connections for admin users by removing the CHLAUTH record that denies all users or configure access for a specific username.
* Run the module
Run this auxiliary against the listening port of an IBM MQ Queue Manager to identify its name and version. Any channel type can be used to get this information as long as the name of the channel is valid.
* IBM Downloads page: https://developer.ibm.com/messaging/mq-downloads/
* Tested on IBM MQ 7.5, 8 and 9
* Usage:
* Download and install MQ Server from the above link
* Create a new Queue Manager
* Create a new channel (without SSL)
* Run the module
Uses a dictionary to bruteforce MQ channel names. For all identified channels it also returns if SSL is used and whether it is a server-connection channel.
* IBM Downloads page: https://developer.ibm.com/messaging/mq-downloads/
* Tested on IBM MQ 7.5, 8 and 9
* Usage:
** Download and install MQ Server
** Create a Queue Manager
** Create a new channel (without SSL)
** Run the module
Work in progress of GET, and PUT. PUT works fine for grabbing the configuration. GET will be used for service a config to execute commands , or the also WIP action "UPLOAD"
William Vu