adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

9290 Commits

Author SHA1 Message Date
Shelby Pace d83e108e74 added check for valid apikey, changed available? 2018-09-18 14:19:16 -05:00
Shelby Pace 2cf1fbcb2c storing user credentials 2018-09-18 13:27:46 -05:00
Brent Cook 549440595f Land #10627, Add SMB2 support to smb_enumshares 2018-09-17 22:34:42 -05:00
Brent Cook 6126a627cc Land #10570, AKA Metadata Refactor 2018-09-17 22:29:20 -05:00
Brent Cook a814899dc2 Land #10660, deregister RHOSTS as well as RHOST 2018-09-17 22:26:37 -05:00
Erin Bleiweiss 011c25ed59 Merge changes from master (ghostscript) 2018-09-17 13:57:28 -05:00
Shelby Pace fef728dccd getting user credentials 2018-09-17 12:39:58 -05:00
Brendan Coles 30d8a38897 deregister_options RHOSTS 2018-09-17 16:58:57 +00:00
AverageSecurityGuy 91edebb2ef Add references, clean up code. 2018-09-17 10:30:54 -04:00
Tim W a9b9e7420b update description 2018-09-16 19:51:15 +08:00
Tim W 1d2519978d improve div tags 2018-09-16 18:57:09 +08:00
Tim W 2eb97ea07b add ios blur dos module 2018-09-16 13:44:43 +08:00
William Vu 4c036e70c1 Fix http://seclists.org links to https:// 
I have no idea how this happened in my own code. I was seeing https://.
 2018-09-15 18:54:45 -05:00
Hendrik Van Belleghem 1ed3c0b001 Added Green-M to author list 2018-09-15 23:34:04 +02:00
Hendrik Van Belleghem f5f76a609d Clean up - old couchdb module 2018-09-15 23:31:17 +02:00
Hendrik Van Belleghem 4a72a2872f Changes in couchdb_enum now includes versio checks 2018-09-15 21:19:51 +02:00
Hendrik Van Belleghem aed609d6f0 Changes in couchdb_enum to also include fill database enumeration 2018-09-15 13:58:54 +02:00
Shelby Pace d2f587894b Initial metadata setup 2018-09-14 09:37:23 -05:00
Hendrik Van Belleghem 33037b6b26 Fixes for CouchDB CVE 2017-12635 module 2018-09-14 00:15:11 +02:00
Erin Bleiweiss e3178faa9a Add metadata for teradata_odbc_sql.py 2018-09-13 13:09:01 -05:00
Adam Cammack 04cc7843a4 Typo fixes 2018-09-13 11:19:13 -05:00
Hendrik Van Belleghem 3e4c3478f6 Small fixes in couchdb_2017-12635 2018-09-12 23:48:23 +02:00
Hendrik Van Belleghem 537e12ea7e Added CouchDB user creation with Admin role Auxiliary module - 2017_12635 2018-09-12 23:17:34 +02:00
Shelby Pace 5b81ebd81b Land #10589, multidrop support for word xml docs 2018-09-12 11:00:11 -05:00
Jacob Robles d0e67c5b60 Add SMB2 support to smb_enumshares 2018-09-11 19:05:26 -05:00
Adam Cammack a8f766cfd5 Update heartbleed description to mention repeat 2018-09-11 17:41:06 -05:00
Brent Cook a3d74d926c Land #9897, Fix #8404 ListenerComm Support For Exploit::Remote::TcpServer 2018-09-10 16:25:55 -05:00
Brent Cook ea2fcb6fc4 Land #10593, Refactor SSH mixins and update modules 2018-09-10 15:38:53 -05:00
William Vu 3ec4d2f22b Normalize loot type OID 
1. Include the vendor, product, and technology
2. Content type is already reported, extension changed
3. Original filename including extension is also reported

Can we get some sort of standard on the OID?
 2018-09-10 15:06:07 -05:00
h00die 39a2d9d2a8 save xml files as xml 2018-09-09 21:24:39 -04:00
Oliver Morton 56cb853014 Make Output and Log Files Optional 
Change the 'required' attribute of the output and logfile options to
False.
Open output file for appending immediately before use and only if output
file name is configured.
 2018-09-07 16:26:33 -04:00
Shaksham Jaiswal 552ff027cd fixes 2018-09-07 15:18:11 +05:30
Shaksham Jaiswal bc1173a857 code fixes 2018-09-07 15:11:49 +05:30
Oliver Morton ac144e027a Add office365userenum.py as external module 
External python module compatible with v2 and v3.

Enumerate valid usernames (email addresses) from Office 365 using
ActiveSync.
Differences in the HTTP Response code and HTTP Headers can be used to
differentiate between:

 - Valid Username (Response code 401)

 - Valid Username and Password without 2FA (Response Code 200)

 - Valid Username and Password with 2FA (Response Code 403)

 - Invalid Username (Response code 404 with Header X-CasErrorCode: UserNotFound)

Note this behaviour appears to be limited to Office365, MS Exchange
does not appear to be affected.

Microsoft Security Response Center stated on 2017-06-28 that this issue
does not "meet the bar for security servicing". As such it is not
expected to be fixed any time soon.

This script is maintaing the ability to run independently of MSF.
 2018-09-06 16:42:31 -04:00
William Vu 35fb0d19ab Refactor SSH mixins and update modules 2018-09-05 23:53:11 -05:00
asoto-r7 14aee3a822 Added auxiliary/fileformat/multidrop support for Word XML documents 2018-09-05 11:51:48 -05:00
BrianWGray 3546b9388c correct CVE Reference 2018-09-05 10:29:49 -04:00
BrianWGray b8687d501c msftidy corrections 2018-08-31 18:55:20 -04:00
Erin Bleiweiss 69a785ff46 Update json for python modules 2018-08-31 16:56:22 -05:00
Erin Bleiweiss eb17d9b198 Refactor AKA references for modules 2018-08-31 16:56:05 -05:00
Wei Chen 0dea5fcfd9 Land #10565, Add Dolibarr ERP/CRM Auxiliary Module 2018-08-31 13:47:46 -05:00
Shelby Pace aa9d0d7c6c using uri_encode 2018-08-31 08:41:25 -05:00
Shelby Pace b1151b9d12 modified login_uri 2018-08-31 08:08:46 -05:00
Shelby Pace 42af28a86a printing and storing credentials 2018-08-30 14:17:37 -05:00
Shelby Pace 85c4abac99 storing credentials 2018-08-30 13:59:00 -05:00
egre55 2304c377db Add IIS ShortName Scanner module 2018-08-30 08:46:22 +00:00
Shelby Pace 7915c4ac6c getting user credentials in response 2018-08-29 13:59:06 -05:00
Shelby Pace bb4a4b8839 initial module setup 2018-08-29 10:28:10 -05:00
Christian Mehlmauer 14fa41a376 merge changes 2018-08-29 06:09:40 +02:00
Ben Schmeckpeper ed60b767a7 Correct claymore_dos.py's CVE reference 
The CVE reference shouldn't include the `CVE-` prefix
 2018-08-28 13:34:02 -05:00