adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
28,526 Commits 27 Branches 1,043 Tags
a6fed7798e01b6ae030fc2e2ec0cd34bc1ca5941
Commit Graph

15021 Commits

Author SHA1 Message Date
Tod Beardsley cca30b536f Land #4094, fixes for OWA brute forcer 
Fixes #4083

Thanks TONS to @jhart-r7 for doing most of the work on this!
 2014-11-05 14:00:26 -06:00
Jon Hart ff8d481eec Update description to remove comments about defaults. Default to 2013 2014-11-04 21:21:19 -08:00
Jon Hart 2c028ca7a6 Move redirect check before body check -- a redirect won't have a body 2014-11-04 14:19:21 -08:00
Jon Hart 7855ede2de Move userpass emptiness checking into setup 2014-11-04 14:07:39 -08:00
William Vu ebb8b70472 Land #4015, another Android < 4.4 UXSS module 2014-11-04 15:52:29 -06:00
Tod Beardsley f8593ca1b5 Land #4109, tnftp savefile exploit from @wvu-r7 2014-11-04 15:44:13 -06:00
Tod Beardsley 5fb268bbdf Updates to better OWA fix 2014-11-04 14:32:54 -06:00
Jon Hart b0e388f4c3 Land #3516, @midnitesnake's snmp_enumusers fix for Solaris, OS X 2014-11-04 08:23:16 -08:00
jvazquez-r7 400ef51897 Land #4076, exploit for x7chat PHP application 2014-11-03 18:22:04 -06:00
jvazquez-r7 3bf7473ac2 Add github pull request as reference 2014-11-03 18:18:42 -06:00
jvazquez-r7 44a2f366cf Switch ranking 2014-11-03 18:06:09 -06:00
jvazquez-r7 039d3cf9ae Do minor cleanup 2014-11-03 18:04:30 -06:00
William Vu 277fd5c7a1 Land #4123, release fixes 2014-11-03 16:20:00 -06:00
Juan Escobar 7e4248b601 Added compatibility with older versions, Updated descriptions and fixed issue with Ubuntu 12.04 2014-11-03 16:42:50 -05:00
Tod Beardsley 0199e4d658 Land #3770, resolve random stager bugs 2014-11-03 14:15:14 -06:00
Tod Beardsley 51b96cb85b Cosmetic title/desc updates 2014-11-03 13:37:45 -06:00
sinn3r 6f013cdcaf Missed these 2014-10-31 18:48:48 -05:00
sinn3r d6a830eb6e Rescue the correct exception: Rex::HostUnreachable 2014-10-31 16:43:33 -05:00
Joe Vennix 1e9f9ce425 Handle invalid JSON errors and fix typo. 2014-10-31 11:01:49 -05:00
William Vu 953a642b0e Finally write a decent description 2014-10-30 22:51:42 -05:00
sinn3r 64f4777407 Land #4091 - Xerox DLM injection 2014-10-30 22:15:16 -05:00
sinn3r b7a1722b46 Pass msftidy, more descriptive name and description 2014-10-30 22:14:18 -05:00
William Vu e3ed7905f1 Add tnftp_savefile exploit 
Also add URI{HOST,PORT} and {,v}print_good to HttpServer.
 2014-10-30 20:38:16 -05:00
Jon Hart 1a37a6638c Fix splunk_upload_app_exec to work on new installs. Style 2014-10-30 18:28:56 -07:00
Jon Hart 55f245f20f Merge #3507 into local, recently updated branch of master for landing 2014-10-30 17:28:20 -07:00
OJ cc7f7c9986 Land #4108 - Avoid local offsets in CVE-2014-4113 2014-10-31 09:08:51 +10:00
jvazquez-r7 6574db5dbb Fix the 64 bits code 2014-10-30 17:01:59 -05:00
sinn3r 92ad2c434d Land #4081 - Xerox workcentre 5735 LDAP service redential extractor 2014-10-30 13:52:07 -05:00
sinn3r 470a067384 Final changes 2014-10-30 13:51:44 -05:00
sinn3r 912f6c8eee Land #4085 - Xerox Administrator Console Password Extract 2014-10-30 13:37:32 -05:00
sinn3r 02b1c5c4bc Final changes 2014-10-30 13:37:02 -05:00
sinn3r 127d1640da Print password 2014-10-30 13:27:40 -05:00
Joe Vennix 6dc13f90cd Update descriptions to mention Webview bugginess. 2014-10-30 10:55:56 -05:00
Joe Vennix 0ad9f95806 Remove stray alert() for debugging. 2014-10-30 10:52:06 -05:00
Joe Vennix 88040fbce0 Add another Android < 4.4 UXSS exploit. 2014-10-30 10:34:14 -05:00
Jon Hart 15e1c253fa Numerous cleanups for snmp_enumusers 
* Bring in line with Ruby standards
* More sane format for adding new OSs
* Better logging for use on larger networks
* Better error handling
 2014-10-29 23:54:32 -07:00
Peter Arzamendi 9d56f0298a Changed upper XXX to lower XXX. 2014-10-29 20:09:02 -05:00
Peter Arzamendi b35a8935db Updated get_once for get_once undefined method and EOFError 2014-10-29 13:47:07 -05:00
Deral Heiland 64a59e805c Fix a simple typo 2014-10-29 12:40:24 -04:00
Deral Heiland 1bf1be0e46 Updated to module based feedback from wchen-r7 2014-10-29 11:42:07 -04:00
Juan Escobar 2e53027bb6 Fix value of X7C2P cookie and typo 2014-10-29 08:32:36 -05:00
Peter Arzamendi 2bc8767751 Updated rescue to catch other errors from the socket API 2014-10-29 08:03:28 -05:00
Juan Escobar 9f21ac8ba2 Fix issues reported by wchen-r7 2014-10-28 21:31:33 -05:00
Jon Hart ba5035c7ef Prevent calling match when there is no WWW-auth header 2014-10-28 17:13:57 -07:00
Jon Hart a5d883563d Abort if 2013 desired but redirect didn't happen 2014-10-28 15:59:22 -07:00
Jon Hart 7ca4ba26b0 Show more helpful vprint messages when login fails 2014-10-28 15:48:04 -07:00
Jon Hart bce8f34a71 Set proper Cookie header from built cookie string 2014-10-28 15:41:36 -07:00
Jon Hart a3e1e11987 Ensure necessary cookies are present in OWA 2010 login response 2014-10-28 15:40:15 -07:00
Peter Arzamendi 604cad9fbb Updated timeout to default to 45 seconds to wait for the print job to finish. 2014-10-28 15:45:28 -05:00
Peter Arzamendi b17d6a661d Moved module to auxiliary/gather and updated timeout to wait for the printer job to complete before we try to grab the creds. 2014-10-28 15:23:47 -05:00