adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

9290 Commits

Author SHA1 Message Date
William Vu 49176a3606 Land #11952, Supra Smart Cloud TV RFI module 2019-06-28 12:12:15 -05:00
William Vu baa17290e4 Adjust name :) 2019-06-28 12:08:27 -05:00
Dhiraj Mishra 09d6ae3458 Removing comments 
Thanks wvu-r7 for your support.
 2019-06-28 16:17:08 +05:30
William Vu d7a5eae146 Fix bug, adjust prints, and check body for "OK" 2019-06-28 04:12:57 -05:00
William Vu dc81adb417 Add GatherProof advanced option to ssh_login* 2019-06-27 21:04:20 -05:00
James Barnett 2ed8e6db97 Deregister PASSWORD_SPRAY option for LoginScanner modules 2019-06-27 17:06:32 -05:00
asoto-r7 26cd53efb6 Land #11977, AWS EC2, S3, and IAM Enumeration 2019-06-27 11:29:05 -05:00
asoto-r7 0c83e55b00 enum_iam: Update 'Console Login' output to accurately reflect Disabled status 2019-06-26 14:57:32 -05:00
William Vu 933b5f0413 Tidy up send_request_cgi 2019-06-26 00:59:53 -05:00
William Vu 00530031fd Try not encoding the GET parameters 2019-06-26 00:55:23 -05:00
William Vu f3b509a1bc Implement on_request_uri 2019-06-25 23:47:19 -05:00
William Vu fe11eabe62 Merge remote-tracking branch 'upstream/master' into pr/11952 2019-06-25 23:47:06 -05:00
RageLtMan f874f50748 Update Author fields for several modules 
Add hirura to authors list for the Ruby reverse_ssh payloads.

Update all modules with author-per-line name references to be
consistent (useful given the difference in names between commiter
in git log and GitHub account).

Next steps:
  See if HrrRbSsh client-side implementation can be fleshed out
enough to create alternative payload outputs for both of the Ruby
modules (using TARGET/ACTION to select between net/ or hrr_).
 2019-06-25 20:49:26 -04:00
asoto-r7 84b6f05947 Fix 'bucket' typo 2019-06-25 16:35:44 -05:00
Jacob Robles 8be8aa603c Adjust logic 
Early return to reduce nesting ifs
 2019-06-24 12:43:26 -05:00
Jacob Robles 3d143f366c Remove LIMIT and adjust quotes 2019-06-24 12:40:01 -05:00
asoto-r7 358ff635dd Renamed modules per @wvu's offline suggestion 2019-06-20 15:08:30 -05:00
Pearce Barry 3f0810502e Explicitly require 'rc4' in the BlueKeep scanner. 
Appears to still operate as-expected:

	msf5 > use auxiliary/scanner/rdp/cve_2019_0708_bluekeep
	msf5 auxiliary(scanner/rdp/cve_2019_0708_bluekeep) > set rhosts <target>
	rhosts => <target>
	msf5 auxiliary(scanner/rdp/cve_2019_0708_bluekeep) > run

	[+] <target>:3389      - The target is vulnerable.
	[*] <target>:3389 - Scanned 1 of 1 hosts (100% complete)
	[*] Auxiliary module execution completed

Fixes MS-4291.
 2019-06-19 08:27:04 -05:00
Jacob Robles efeb0a5f5c Land #11971, zip extraction from modbus pcap 2019-06-18 16:25:27 -05:00
Jacob Robles 66c3c6a94b Remove unused mixin, update save loot logic 
Capture mixin was not used. Loot was being
saved when a zip file wasn't found. Updated
file path so the module is under analyze.
 2019-06-18 14:08:47 -05:00
asoto-r7 36eeba4e37 Address code review from @jrobles-r7. Thanks! 2019-06-17 16:19:45 -05:00
asoto-r7 850951e261 Fix a bug in MFA output, and also try to fix Travis complaintsy 2019-06-17 15:01:51 -05:00
William Vu 379caff828 Land #11932, TLS and doc'd packets for BlueKeep 2019-06-14 21:10:08 -05:00
William Vu 3d8b474632 Clean up module 2019-06-14 21:09:57 -05:00
jdiog0 6646295d51 modbus zip 
Co-Authored-By: @shellfail <jrobles@rapid7.com>
 2019-06-14 19:27:54 +01:00
asoto-r7 e2d4dc5f41 Initial concept for AWS IAM enumeration 2019-06-14 13:23:20 -05:00
asoto-r7 1d800a5d9a Move error handling method up, in preparation for making a library, maybe 2019-06-13 18:40:34 -05:00
asoto-r7 54a17e0a51 Initial concept for AWS S3 enumeration 2019-06-13 18:40:16 -05:00
Tom Sellers a2863ff3cf Add comment to pdu_connect_initial 2019-06-12 10:46:12 -05:00
Tom Sellers 008f9061f6 Randomize client random, sanity check fields 2019-06-12 07:49:45 -05:00
asoto-r7 f96de95acc Initial concept for AWS EC2 enumeration 2019-06-11 19:10:59 -05:00
Tom Sellers f4aa86c9b3 rubocop cleanup 2019-06-11 13:29:05 -05:00
Tom Sellers cc93b312ac Add ability to configure username, client, IP, etc 2019-06-11 13:07:59 -05:00
Brent Cook fa09b239e8 Land #11941, add support for module aliases 2019-06-11 12:57:01 -05:00
William Vu a8867992ae Add minimal HttpServer support 2019-06-07 11:53:47 -05:00
William Vu d943b4d314 Fix style 2019-06-07 11:44:17 -05:00
William Vu be6a34398a Rename module to match product 2019-06-07 11:33:10 -05:00
William Vu 9e47e061f2 Remove rank to appease msftidy 2019-06-07 11:28:39 -05:00
Brent Cook 3f5f48a3fc Land #11340, make SSH agent and other options configurable 2019-06-07 11:22:31 -05:00
William Vu 397e6b16a4 Move aux module out of exploits 2019-06-07 11:18:33 -05:00
Clément Notin 69ab2154ad wordpress_content_injection: fix CVE number 2019-06-05 12:43:16 +02:00
Tom Sellers e15840f8db Add nil check for quick response 2019-06-04 08:36:58 -05:00
Tom Sellers 6a8e4366ae Improve XP stabilty, trim dead code 2019-06-04 06:53:36 -05:00
Tom Sellers 9d17832347 Deal with virtual channel data blob 2019-06-04 05:49:45 -05:00
Tom Sellers b176948c3c Refactor more binary blobs 2019-06-03 16:54:33 -05:00
Adam Cammack 2e36d90291 Add some less-verbose aliases 
These aliases avoid duplicating the protocol in the module name.
 2019-06-03 13:42:55 -05:00
Tom Sellers 61b5072e88 Add explicit check for NLA 2019-06-03 09:38:12 -05:00
Tom Sellers 5871dc0802 Fix nego when RDP Security is forced 2019-06-03 08:50:30 -05:00
h00die 3589c4f4c7 avoid cracking hashes already cracked 2019-06-02 21:14:02 -04:00
William Vu 7c83734592 Update LoginScanner::SSH modules 2019-06-02 20:08:27 -05:00