adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
13,215 Commits 27 Branches 1,043 Tags
af5bf45b31041bcfd64ea01f808ebd7176ee6af8
Commit Graph

5875 Commits

Author SHA1 Message Date
Chris John Riley af5bf45b31 Altered description to include information on the password complexity check 
Altered the default password to meet the complexity checks

Note: The complexity checks (even if they fail) don't prevent the payload from running. At this point it only raises an warning and continues on. I can change this if it's more desirable however!
 2012-06-04 16:07:20 -05:00
sinn3r 7a8824ab5e Fix typo thanks to juan 2012-06-04 16:07:20 -05:00
Chris John Riley 61e208af37 Added WMIC and complexity checks 2012-06-04 16:07:20 -05:00
Chris John Riley 2080617029 Added WMIC and complexity checks 2012-06-04 16:07:20 -05:00
Christian Mehlmauer 21d76f1589 Adding FireFart's RPORT(80) cleanup 
This was tested by creating a resource script to load every changed
module and displaying the options, like so:

````
use auxiliary/admin/2wire/xslt_password_reset
show options
use auxiliary/admin/http/contentkeeper_fileaccess
show options
````

...etc. This was run in both the master branch and FireFart's branch
while spooling out the results of msfconsole, then diffing those
results. All modules loaded successfully, and there were no changes to
the option sets, so it looks like a successful fix.

Thanks FireFart!

Squashed commit of the following:

commit 7c1eea53fe3743f59402e445cf34fab84cf5a4b7
Author: Christian Mehlmauer <FireFart@gmail.com>
Date:   Fri May 25 22:09:42 2012 +0200

    Cleanup Opt::RPORT(80) since it is already registered by Msf::Exploit::Remote::HttpClient
 2012-06-04 16:07:20 -05:00
sinn3r 2dda99c5ae Change filename 2012-06-04 16:07:20 -05:00
sinn3r 2258139d3e Correct name 2012-06-04 16:07:20 -05:00
sinn3r bb5a243705 Add CVE-2011-4825 module 2012-06-04 16:07:19 -05:00
Christian Mehlmauer 06c64161f7 Adding FireFart's hashcollision DoS module 
Have some minor edits below, looks like it all works now though.

Squashed commit of the following:

commit b7befd4889f12105f36794b1caca316d1691b335
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Jun 1 14:31:32 2012 -0500

    Removing ord in favor of unpack.

    Also renaming a 'character' variable to 'c' rather than 'i' which is
    easy to mistake for an Integer counter variable.

commit e80f6a5622df2136bc3557b2385822ba077e6469
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Jun 1 14:24:41 2012 -0500

    Cleaning up print msgs

commit 5fd65ed54cb47834dc646fdca8f047fca4b74953
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Jun 1 14:19:10 2012 -0500

    Clean up hashcollision_dos description

    Caps, mostly. One sentence I still don't get but it's not really a show
    stopper.

commit bec0ee43dc9078d34a328eb416970cdc446e6430
Author: Christian Mehlmauer <FireFart@gmail.com>
Date:   Thu May 24 19:11:32 2012 +0200

    Removed RPORT, ruby 1.8 safe, no case insensitive check, error handling

commit 20793f0dfd9103c4d7067a71e81212b48318d183
Author: Christian Mehlmauer <FireFart@gmail.com>
Date:   Tue May 22 23:11:53 2012 +0200

    Hashcollision Script (again)
 2012-06-04 16:07:19 -05:00
Tod Beardsley ad8f14432b Whitespace fix for script-fu module 
This is really just to check the GitHub IRC bot thinger.
 2012-06-04 16:07:19 -05:00
sinn3r d6a8e7a5f5 Modify the description 2012-06-04 16:07:19 -05:00
jvazquez-r7 87a9fefb3e Added module for CVE-2012-2763 2012-06-04 16:07:19 -05:00
David Maloney 42cd97e834 Bringin in new version of pcanywhere_login 2012-06-04 16:07:19 -05:00
David Maloney e6a53c834b trying to work around wierd git issue 2012-06-04 16:07:19 -05:00
David Maloney ac6661fadb Fix nil responses 2012-06-04 16:07:18 -05:00
James Lee 2ee620cee4 Whitespace, thanks msftidy.rb! 2012-06-04 16:07:18 -05:00
Tod Beardsley 9a25b10059 Fixing description for citrix module 2012-06-04 16:07:18 -05:00
Tod Beardsley 080a231770 Fixing description for citrix module 2012-06-04 16:07:18 -05:00
Tod Beardsley f5bf954bf1 Fixing description for juan's Citrix module 2012-06-04 16:07:18 -05:00
jvazquez-r7 145747b48e Fixed name module 2012-06-04 16:07:17 -05:00
jvazquez-r7 6ca474e0d9 Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020002 Buffer Overflow 2012-06-04 16:07:17 -05:00
jvazquez-r7 4842be014a Added module for Citrix Streamprocess Opcode 0x40020002 Buffer Overflow 2012-06-04 16:07:17 -05:00
jvazquez-r7 df389bcd63 description updated 2012-06-04 16:07:17 -05:00
jvazquez-r7 82aa0185da Added module for ZDI-12-010 2012-06-04 16:07:17 -05:00
HD Moore 7e7690e5fb Handle cisco devices better with ssh logins 2012-06-04 16:07:17 -05:00
David Maloney cb4ccd427d Adds thelightcosine's pcanywhere module 
Adds PCAnywhere bruteforce capabilities

Squashed commit of the following:

commit 5354fd849f0c009c534d7ce18369382dd56de550
Author: David Maloney <DMaloney@rapid7.com>
Date:   Thu May 31 14:35:23 2012 -0500

    Add explicit pack to encrypted header

commit 7911dd309a94df2729c8247c3817cf5de6b99aad
Author: David Maloney <DMaloney@rapid7.com>
Date:   Thu May 31 13:11:19 2012 -0500

    adds pcanywhere_login module
 2012-06-04 16:07:17 -05:00
Steve Tornio 8d460f8343 add osvdb ref 2012-06-04 16:07:17 -05:00
sinn3r 2ea6795e02 Add s40 dir traversal vuln 
I can't believe I stayed up all night, and this is all I could find.
 2012-06-04 16:07:17 -05:00
sinn3r 7bf6431685 Print IP/Port for each message 2012-06-04 16:07:16 -05:00
sinn3r 785407b444 If we don't get a new file, we assume the upload failed. This is 
possible when we actually don't have WRITE permission to the
'uploads/' directory.
 2012-06-04 16:07:16 -05:00
sinn3r 6f7ab508c9 Don't really care about the return value for the last send_request_raw 2012-06-04 16:07:16 -05:00
sinn3r 0c50f9eac2 Allow the login() function to be a little more verbose for debugging purposes 2012-06-04 16:07:16 -05:00
sinn3r 7c5ede47f9 Add PHP Volunteer Management System exploit 2012-06-04 16:07:16 -05:00
Tod Beardsley 953c54aab9 Minor updates; added BID, fixed grammar 
Modules should not refer to themselves in the first person unless they
are looking for Sarah Connor.
 2012-05-30 16:17:01 -05:00
David Maloney 142a1727c9 Revert " Sets the passive flag on the JtR modules" 
This reverts commit e70ccddc9a.
 2012-05-30 10:14:13 -05:00
David Maloney 9e7acf3a57 left debug statement in module 2012-05-29 20:23:56 -05:00
David Maloney 5496beebbc fix bad proto name in winscp post mod 
The service name would get set as SCP instead of SSH
this screws up bruteforce options later
 2012-05-29 18:17:28 -05:00
David Maloney e70ccddc9a Sets the passive flag on the JtR modules 2012-05-29 17:16:07 -05:00
David Maloney 54fb6d2f7a Fixes unreal ircd race condition 
Handler would exit before finishing staging
 2012-05-29 17:16:07 -05:00
jvazquez-r7 065d3187d3 Added module for OSVDB 74604 2012-05-29 21:10:51 +02:00
Steve Tornio fe86ab9914 =Add osvdb ref 2012-05-29 13:31:20 -05:00
jvazquez-r7 db5b3c8259 Added module for OSVDB 82000 2012-05-28 08:51:36 +02:00
sinn3r d615e3bcb8 Print target IP/Port when restoring currencies.php 2012-05-28 01:33:45 -05:00
sinn3r 712a21717a Totally forgot about disclosure date, damn it 2012-05-28 01:31:13 -05:00
sinn3r 7c1442c4b4 Merge pull request #421 from wchen-r7/symantec_web_gateway 
Add CVE-2012-0297 Symantec Web Gateway
 2012-05-27 23:28:59 -07:00
sinn3r 34c93d8e44 Fix check 2012-05-28 00:51:46 -05:00
sinn3r 96d70e5fb6 Add CVE-2012-0297 Symantec Web Gateway 2012-05-27 22:47:39 -05:00
sinn3r 86ba759c07 Oops, I left one more anonymous out. 2012-05-26 15:30:20 -05:00
sinn3r 18c8314d79 Change unknown authors to "Unknown". 
Since "Anonymous" has become a well known organization, the meaning of the
term also may cause confusion.  In order to clarify, we correct unknown
authors to simply "Unknown".
 2012-05-26 15:23:09 -05:00
sinn3r 8f537653b4 Merge pull request #420 from wchen-r7/quickshare 
Add OSVDB-70776 - QuickShare File Share
 2012-05-26 01:04:21 -07:00