adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
44,717 Commits 27 Branches 1,043 Tags
a87ae41d81d680b3ea202ff3c59ff3c052d273a7
Commit Graph

4644 Commits

Author SHA1 Message Date
Matthew Kienow b515a582f0 Land #9424, Add SharknAT&To external scanner 2018-01-24 17:20:03 -06:00
Pearce Barry 926ce42a01 Land #8632, colorado ftp fixes 2018-01-24 17:13:20 -06:00
Brent Cook bb73d2c07e Land #9431, Fix owa_login to handle inserting credentials for a hostname 2018-01-24 17:12:39 -06:00
Brent Cook 47682e3f37 Land #9404, update module author 2018-01-24 17:12:34 -06:00
Wei Chen ab610f599b Land #9442, Remove NoMethod Rescue for cerberus_sftp_enumusers 
Land #9442
 2018-01-24 17:12:25 -06:00
Wei Chen 10fafb62bb Land #9436 - Fix cerberus_sftp_enumusers undefined method start for nil 
Land #9436

Thanks Steve!
 2018-01-24 17:12:16 -06:00
William Vu eb8429cbd3 Revert "umlaut" 
This reverts commit ffd7073420.
 2018-01-12 22:57:22 -06:00
Brendan Coles ffd7073420 umlaut 2018-01-13 15:48:45 +11:00
Wei Chen dd737c3bc8 Land #9317, remove multiple deprecated modules 
Land #9317

The following modules are replaced by the following:

auxiliary/scanner/discovery/udp_probe
is replaced by:
auxiliary/scanner/discovery/udp_sweep

exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload
is replaced by:
exploit/multi/http/wp_ninja_forms_unauthenticated_file_upload

exploit/windows/misc/regsvr32_applocker_bypass_server
is replaced by:
exploits/multi/script/web_delivery
 2018-01-10 15:47:20 -06:00
jgor 51e5fb450f Detect and return on bad VNC negotiations 2018-01-05 10:12:13 -06:00
Aaron Soto 7849155347 Land #9359, Improve DCE/RPC fault handling 2018-01-03 20:42:17 -06:00
Adam Cammack a98de2d9a3 Land #9358, Support password protected key files 2018-01-03 15:12:28 -06:00
bka-dev 086f657c56 Fix early termination of auxiliary/scanner/dcerpc/hidden 
This commit fixes an issue, where auxiliary/scanner/dcerpc/hidden terminates directly, once an endpoint can't be reached or access is denied. Instead the next endpoint in list should be checked, instead of terminating directly.
 2017-12-31 14:41:33 +01:00
RageLtMan f2a8d68a1f Permit encrypted SSH keys for login scanner 
Net::SSH::KeyFactory permits loading keys using a passphrase.
The Framework SSH modules were implemented back when we had a fork
of net-ssh in our tree, and can now use functionality provided by
the upstream gem.
Update the ssh key login scanner to add a KEY_PASS datastore
OptString which is then passed to the KeyCollection class and used
in the updated :read_key method which now calls the KeyFactory to
read data and give us the appropriate String representation of the
key in the KeyCollection's cache.
A bit of cleanup performed as well, removing legacy code paths no
longer hit by the module. Shamelessly added self to authors, fair
amount of blood and sweat in the SSH subsystem over the years, hope
nobody objects.

Testing:
  None yet
 2017-12-31 02:53:06 -05:00
Brent Cook 8de760f1f7 Land #9348, Only use basic auth in couchdb_enum when credentials are provided 2017-12-28 21:24:45 -06:00
Brent Cook c2bb144d0f Land #9302, Implement ARD auth and add remote CVE-2017-13872 (iamroot) module 2017-12-28 14:11:26 -06:00
james fad4ccece9 Only use basic auth in couchdb_enum when credentials are provided 2017-12-27 20:16:01 -06:00
Jon Hart bbed7db13c Merge branch 'upstream-master' into feature/mqtt-login 2017-12-27 13:08:44 -08:00
Tod Beardsley e6de25d63b Land #9316 Cambium modules and mixins, tx @juushya 
These cover several of the CVEs mentioned in

https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/
 2017-12-26 12:39:51 -06:00
Tod Beardsley 1bb2bb9d2c Oops, no admin in that path 2017-12-26 12:06:45 -06:00
Tod Beardsley 9af88681a2 Move deprecation out 60 days 2017-12-26 11:56:47 -06:00
juushya 038119d9df Use of get_cookies_parsed, changing dirs, marking deprecated in 2 mods, more 2017-12-23 00:14:27 +05:30
Tod Beardsley 5dfb5d581a Switch get_cookies to get_cookies_parsed 
Am I doing it right? See #9333
 2017-12-21 09:00:56 -06:00
Jon Hart 962bc71d10 Merge branch 'feature/mqtt' into feature/mqtt-login 2017-12-20 18:58:36 -08:00
Jon Hart 298cb16b1a Set default USER/PASS files 2017-12-20 18:44:43 -08:00
Jon Hart b9af835d06 Style 2017-12-20 18:05:00 -08:00
Jon Hart d0b3abc14b Better handling of MQTT endpoints which don't require authentication 
Arguably this is working around LoginScanner's inability to provide
blank usernames AND passwords
 2017-12-20 18:02:52 -08:00
Jon Hart 495c649c7d Better printing 2017-12-20 14:40:42 -08:00
Jon Hart ed5f177fcd syntax 2017-12-20 14:20:08 -08:00
Jon Hart e66ec85677 Set default u/p 2017-12-20 14:18:33 -08:00
Jeffrey Martin 8cd7185a7f Land #9313, Add DirectAdmin login_scanner module 2017-12-20 15:23:24 -06:00
Jeffrey Martin 7f8a5d3834 improved credential reporting 2017-12-20 15:09:11 -06:00
Jon Hart 14c779b945 Fix rubocop warning 2017-12-20 12:44:27 -08:00
Jon Hart c817df0bbc Add module for bruteforcing authentication on MQTT endpoints 2017-12-20 12:30:21 -08:00
Jon Hart 7e91274796 Add module for connecting to/discovering MQTT endpoints 2017-12-20 12:29:50 -08:00
Brent Cook 9fb445fbf0 Land #9300, Add private data type to auxiliary scanner ftp_login and telnet_login 2017-12-20 00:30:43 -06:00
Tod Beardsley 216d00e39f Use a random fname destination for /etc/passwd 2017-12-19 17:02:16 -06:00
Tod Beardsley e93282b71d Drop calls to vprint_* 2017-12-19 16:53:02 -06:00
Tod Beardsley 2dc2ac134e Don't default verbose 2017-12-19 16:48:41 -06:00
Jon Hart a2c5cc0ffb Remove old deprecated modules 2017-12-19 07:56:16 -08:00
Nick Marcoccio acc6951bf3 fixed typo 2017-12-19 08:35:11 -05:00
Tod Beardsley 85350a9645 Add Rapid7 blog references 2017-12-18 17:11:47 -06:00
Tod Beardsley ae4edd65e1 Hard wrap descriptions 2017-12-18 17:03:13 -06:00
Tod Beardsley 27a324237b Initial commit for Cambium issues from @juushya 
Note, these will trigger a bunch of WARNING msftidy messages for setting
cookies directly. This is on purpose.
 2017-12-18 16:32:55 -06:00
Jon Hart a33ed82a40 Land #9214, @realoriginal's update to the Cisco SMI scanner to also fetch Cisco IOS configs 2017-12-18 12:22:26 -08:00
Nick Marcoccio 6d565b6c33 added author information 2017-12-18 09:18:36 -05:00
Nick Marcoccio f447fa1a12 Added DirectAdmin Login Utillity 2017-12-17 22:43:37 -05:00
jgor 0b3a5567a4 Add module for CVE-2017-13872 iamroot remote exploit via ARD (VNC) 2017-12-14 13:59:35 -06:00
nromsdahl 384b250659 Add credential data type 
Added credential data type so that successful passwords are stored in the database and accessible via the creds command.
 2017-12-14 08:07:59 -06:00
nromsdahl be4939b56a Add credential data type 
Added credential data type so a successful ftp login stores the password in the database to be accessed later by the creds command.
 2017-12-14 08:05:57 -06:00