adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
44,717 Commits 27 Branches 1,043 Tags
a87ae41d81d680b3ea202ff3c59ff3c052d273a7
Commit Graph

1965 Commits

Author SHA1 Message Date
Brent Cook bb73d2c07e Land #9431, Fix owa_login to handle inserting credentials for a hostname 2018-01-24 17:12:39 -06:00
Brent Cook 47682e3f37 Land #9404, update module author 2018-01-24 17:12:34 -06:00
William Vu eb8429cbd3 Revert "umlaut" 
This reverts commit ffd7073420.
 2018-01-12 22:57:22 -06:00
Brendan Coles ffd7073420 umlaut 2018-01-13 15:48:45 +11:00
Tod Beardsley e6de25d63b Land #9316 Cambium modules and mixins, tx @juushya 
These cover several of the CVEs mentioned in

https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/
 2017-12-26 12:39:51 -06:00
Tod Beardsley 1bb2bb9d2c Oops, no admin in that path 2017-12-26 12:06:45 -06:00
Tod Beardsley 9af88681a2 Move deprecation out 60 days 2017-12-26 11:56:47 -06:00
juushya 038119d9df Use of get_cookies_parsed, changing dirs, marking deprecated in 2 mods, more 2017-12-23 00:14:27 +05:30
Tod Beardsley 5dfb5d581a Switch get_cookies to get_cookies_parsed 
Am I doing it right? See #9333
 2017-12-21 09:00:56 -06:00
Jeffrey Martin 7f8a5d3834 improved credential reporting 2017-12-20 15:09:11 -06:00
Tod Beardsley 216d00e39f Use a random fname destination for /etc/passwd 2017-12-19 17:02:16 -06:00
Tod Beardsley e93282b71d Drop calls to vprint_* 2017-12-19 16:53:02 -06:00
Tod Beardsley 2dc2ac134e Don't default verbose 2017-12-19 16:48:41 -06:00
Nick Marcoccio acc6951bf3 fixed typo 2017-12-19 08:35:11 -05:00
Tod Beardsley 85350a9645 Add Rapid7 blog references 2017-12-18 17:11:47 -06:00
Tod Beardsley ae4edd65e1 Hard wrap descriptions 2017-12-18 17:03:13 -06:00
Tod Beardsley 27a324237b Initial commit for Cambium issues from @juushya 
Note, these will trigger a bunch of WARNING msftidy messages for setting
cookies directly. This is on purpose.
 2017-12-18 16:32:55 -06:00
Nick Marcoccio 6d565b6c33 added author information 2017-12-18 09:18:36 -05:00
Nick Marcoccio f447fa1a12 Added DirectAdmin Login Utillity 2017-12-17 22:43:37 -05:00
Patrick Webster 2f6da89674 Change author name to nick. 2017-11-09 03:00:24 +11:00
William Vu 972f9c08eb Land #9135, peer print for jenkins_enum 2017-11-01 15:33:13 -05:00
William Vu 77181bcc9c Prefer peer over rhost/rport 2017-11-01 15:32:32 -05:00
William Vu 0e66ca1dc0 Fix #3444/#4774, get_json_document over JSON.parse 
Forgot to update these when I wrote new modules.
 2017-11-01 15:05:49 -05:00
sho-luv 587c9673c6 Added host and port to output 
I added the host and port number to reporting when instances are found.
 2017-10-27 09:34:49 -07:00
William Vu ab63caef7b Land #9009, Apache Optionsbleed module 2017-10-10 12:13:40 -05:00
h00die 7fc9be846a bcoles suggestions 2017-09-29 20:29:30 -04:00
h00die 6cc5324e5b oe is all umlaut 2017-09-28 19:52:02 -04:00
h00die 2295146dcd working optionsbleed module 2017-09-27 22:07:57 -04:00
h00die 997b831b52 implement regexes 2017-09-27 19:33:50 -04:00
h00die 0649d0d356 wip optionsbleed 2017-09-26 22:09:07 -04:00
h00die 273d49bffd Land #8891 login scanner for Inedo BuildMaster 2017-09-24 13:30:17 -04:00
james 4e81a68108 Simplify saving valid credentials by calling store_valid_credential 2017-09-15 00:18:33 -05:00
james 861f4a6201 Changes to buildmaster_login from code review 
Use peer property in messages instead of rhost rport combination for consistency.
Documentation updated accordingly.
 2017-09-09 18:00:04 -05:00
james 47adfb9956 Fixes from code review to buildmaster_login 
Per bcoles, the most important fixes are:
- Removing `self.class` from call to `register_options`
- Adding rescue to login_succeeded to handle bad json
 2017-09-09 16:26:01 -05:00
h00die bd7ea1f90d more updates, 465 more pages to go 2017-08-26 21:01:10 -04:00
james 7dfde651ea Add login scanner module for Inedo BuildMaster 
This module attempts to log into BuildMaster. BuildMaster is an application release automation tool.

More information about BuildMaster:
http://inedo.com/
 2017-08-26 17:56:53 -05:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
g0tmi1k e710701416 Made msftidy.rb happy 
...untested with the set-cookie 'fix'
 2017-07-21 19:55:26 -07:00
g0tmi1k 524373bb48 OCD - Removed un-needed full stop 2017-07-21 07:41:51 -07:00
g0tmi1k 3f6925196b OCD - store_loot & print_good 2017-07-19 13:02:49 +01:00
g0tmi1k ef826b3f2c OCD - print_good & print_error 2017-07-19 12:48:52 +01:00
g0tmi1k b8d80d87f1 Remove last newline after class - Make @wvu-r7 happy 2017-07-19 11:19:49 +01:00
g0tmi1k a008f8e795 BruteForce - > Brute Force 2017-07-19 10:39:58 +01:00
g0tmi1k 4720d1a31e OCD fixes - Spaces 2017-07-14 08:46:59 +01:00
g0tmi1k fd843f364b Removed extra lines 2017-07-14 08:17:16 +01:00
g0tmi1k 67310fa96c print_status -> print_good. [When it is successful, show it!] 2017-07-14 00:09:35 +01:00
William Vu f45facdf6e Fix HTTP verb in jboss_vulnscan print_status 2017-07-06 14:55:33 -05:00
dmohanty-r7 aa387e96a7 Land #8577, Add SurgeNews User Credentials scanner 2017-07-03 10:14:03 -05:00
Brendan Coles dff96ce9a0 Re-order includes with Auxiliary::Scanner last 2017-07-01 08:30:17 +00:00
Brent Cook d20036e0fb revise spelling, add heartbleed and tidy checks 2017-06-28 18:50:20 -04:00