adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
59,500 Commits 27 Branches 1,043 Tags
9beec65ef34c4e90a00a41ee1c8de0f9e6effd2a
Commit Graph

2307 Commits

Author SHA1 Message Date
Brendan Coles abb0decc7a wordpress_ghost_scanner: Update reference URLs 2021-01-21 20:51:29 +00:00
h00die c64d0038ab review step 1 2020-12-31 12:54:33 -05:00
h00die ff3dd7b73a first go of wp_total_upkeep 2020-12-30 16:34:12 -05:00
Spencer McIntyre 11faafa4e9 Land #14474, Wordpress 2-day: easy-wp-smtp arbitrary wordpress user password reset 2020-12-18 17:07:46 -05:00
Spencer McIntyre 764efbeac3 Fixup a typo, an unnecessary statement and clarify a statement 2020-12-18 17:07:16 -05:00
h00die 3cb39c2fca Land #14497, wordpress uplicator plugin arbitrary file read 2020-12-18 17:05:40 -05:00
h00die bee11c7d6e add cve 2020-12-18 15:32:35 -05:00
h00die 9e6d20a83c create aggressive mode and some review 2020-12-18 15:30:45 -05:00
h00die a1702e8b53 rubocop and minor adjustments 2020-12-17 06:39:43 -05:00
SunCSR Team 65be04ebf9 Update wp_duplicator_file_read.rb 2020-12-13 21:07:21 -05:00
SunCSR Team 3dcd963c9a Update wp_duplicator_file_read.rb 2020-12-13 21:05:34 -05:00
SunCSR Team 64f597a43a Update wp_duplicator_file_read.rb 2020-12-12 23:44:50 +07:00
SunCSR Team 5fc8bb1d7b Update wp_duplicator_file_read.rb 2020-12-12 21:39:59 +07:00
SunCSR Team 8ede2be299 Add module wp_duplicator_file_read.rb 
Duplicator 1.3.24 & 1.3.26 - Unauthenticated Arbitrary File Download
 2020-12-10 23:40:32 -05:00
SunCSR Team 4b3a5fa2c8 Delete wp_duplicator_file_read.rb 2020-12-10 23:39:38 -05:00
SunCSR Team ee541a31ae Add files via upload 
Duplicator 1.3.24 & 1.3.26 - Unauthenticated Arbitrary File Download
 2020-12-10 23:37:32 -05:00
Spencer McIntyre 59339f3337 Land #14418, Wordpress plugin Email Subscribers & Newsletters sqli (CVE-2019-20361) 2020-12-09 10:29:32 -05:00
h00die 13967a40d2 updates to easy wp smtp module 2020-12-08 20:51:54 -05:00
h00die 3b9183f198 working 2020-12-08 16:49:45 -05:00
h00die 4d36a107e6 reverse logic 2020-12-07 18:47:45 -05:00
h00die b21fccebaa updates from review 2020-12-04 21:50:31 -05:00
h00die 0832fe17f0 use fail_with 2020-11-22 09:02:54 -05:00
h00die 7138f6e48b cleanup 2020-11-22 07:51:03 -05:00
h00die 98d00f47f3 tidy 2020-11-22 07:48:54 -05:00
h00die f4c67d713b adjust version number 2020-11-21 10:39:03 -05:00
h00die b023adfdcd wordpress email and subscription newsletter sqli 2020-11-21 10:31:55 -05:00
h00die 149e30d81a wordpress email and subscription newsletter sqli 2020-11-21 10:30:15 -05:00
h00die 8b9043c3f3 add drupal views version info 2020-11-09 16:03:23 -05:00
Christophe De La Fuente 55ccc42cde Land #14319, wp_Loginizer unauth sqli (CVE-2020-27615) 2020-11-05 15:36:10 +01:00
h00die dff6a21742 add wp version check 2020-11-04 11:45:06 -05:00
Grant Willcox 4479f4f0e1 Update library and module to fully support version 5.2. Also update the module to support guest discovery on newer versions on Zabbix 2020-10-29 19:27:12 -05:00
h00die 238889282a module cleanup 2020-10-29 17:11:19 -04:00
h00die f94acb94c9 cleanup 2020-10-29 10:46:14 -04:00
h00die 0abdaf9f67 WIP 2020-10-27 21:30:46 -04:00
h00die c11d07aed2 more cleanup 2020-10-27 17:53:30 -04:00
h00die 9c3b62f071 sqli help needed 2020-10-27 12:09:22 -04:00
Grant Willcox bd57832494 First round of changes from review 2020-10-26 16:02:06 -05:00
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
Spencer McIntyre a4a0a3ab23 Allow scanner modules to skip hosts on fail_with 2020-08-25 17:38:40 -04:00
Christophe De La Fuente 0052da9d15 Land #14043', fix jupyter-login when scanning non-Jupyter hosts 2020-08-25 16:05:53 +02:00
Spencer McIntyre e75bd31a70 Fix jupyter-login when scanning non-Jupyter hosts 2020-08-24 16:02:35 -04:00
0x44434241 178bc3fe50 Serve the public trust. Protect the innocent. Tell noobs to delete necessary parameters. Uphold the law. 2020-08-21 08:47:05 +09:00
0x44434241 935403d937 Applying rubocop suggestions. 2020-08-21 08:35:20 +09:00
0x44434241 06cbf9a86c Applying suggested fixes. 2020-08-21 08:20:21 +09:00
0x44434241 02e6e3feda Adding documentation for auxiliary/scanner/http/squid_pivot_scanning. 2020-08-20 17:41:03 +09:00
0x44434241 d50ed2eb37 Better handling of Squid HTTP response codes. 
The previous version has a bug where HTTP codes that are not [200, 401, 404],
or the word "Zero" is not included in the response body(??), the valid open
port is not printed to the user. This patch fixes that and improves outut.

This commit improves the resilience of this module by looking at the HTTP
response header 'X-Squid-Error', which has static strings from an enum struct
documented here: http://www.squid-cache.org/Doc/code/err__type_8h.html

If the client receives an error from Squid that is not handled, the error type
will now also be printed for the user (eg: ERR_READ_TIMEOUT).

Previously, the module would also output (almost) every IP:PORT pair, even when
they are closed or forbidden by Squid ACL. This has been moved to be a verbose
option, so that non-verbose port-scanning prints a significantly shorter list
for human consumption.

As (among others) HTTP 3xx redirects were not previously displayed to users,
the redirect location is now also printed in the output. The server header is
printed for all open ports where available, and stored in the database.
 2020-08-18 12:57:18 +09:00
Spencer McIntyre c57391501a Fix typos and clarify documentation for jupyter_login 2020-08-10 09:47:59 -04:00
Spencer McIntyre 1c8c3dd675 Add a Jupyter notebook / lab login scanner 2020-08-04 18:12:09 -04:00
Shelby Pace 3f820a1ee6 Land #13759, add BaselineAuthType option 2020-07-13 12:42:07 -05:00
Shelby Pace 895c170394 Land #13769, add FortiMail auth bypass scanner 2020-07-09 09:28:45 -05:00