226ded8d7e
Land #6921 , Support basic and form auth at the same time
2016-08-25 16:31:26 -05:00
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e02167b1d9596c7
2016-07-15 12:00:31 -05:00
2b016e0216
Land #6812 , remove broken OSVDB references
2016-07-11 22:59:11 -05:00
14adcce8bf
Missed the HTTPUSERNAME fix
2016-05-27 18:37:04 -05:00
61f9cc360b
Correct casing - should be HttpUsername and HttpPassword
2016-05-27 18:31:54 -05:00
4dcddb2399
Fix #4885 , Support basic and form auth at the same time
...
When a module uses the HttpClient mixin but registers the USERNAME
and PASSWORD datastore options in order to perform a form auth,
it ruins the ability to also perform a basic auth (sometimes it's
possible to see both). To avoid option naming conflicts, basic auth
options are now HTTPUSERNAME and HTTPPASSWORD.
Fix #4885
2016-05-27 16:25:42 -05:00
01a691a46c
Update sap_router_portscanner.rb
...
Added additional SAP TCP/IP ports for sap_port_info function.
ref: https://wiki.scn.sap.com/wiki/display/TCPIP/Services
2016-05-27 14:43:16 +01:00
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
2016-03-07 13:19:55 -06:00
44990e9721
Revert "change Metasploit4 class names"
...
This reverts commit 3da9535e22
2016-03-07 13:19:48 -06:00
3da9535e22
change Metasploit4 class names
2016-03-07 09:57:22 +01:00
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
8094eb631b
Do the same for aux modules
2016-02-01 16:06:34 -06:00
0cda20c9e2
Fix everything pointed out by @jlee-r7
2015-11-18 12:02:28 -06:00
17a1f2ee8a
Fix #6242 , Check nil for sock.read
...
Fix #6242
2015-11-16 14:24:46 -06:00
154fb585f4
Remove bad references (dead links)
...
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
d55757350d
Use the latest credential API, no more report_auth_info
2015-09-04 03:04:14 -05:00
54c5c6ea38
Another update
2015-07-29 14:31:35 -05:00
4f903a604c
Fix #5103 , Revert unwanted URI encoding
...
Fix #5103 . By default, Httpclient will encode the URI but
we don't necessarily want that. These modules originally
didn't use URI encoding when they were written so we should
just keep them that way.
2015-04-17 13:59:49 -05:00
0f27c63720
fix msftidy warnings
2014-12-12 13:16:21 +01:00
e30ee9fee2
Update with :unique_data
2014-11-21 10:14:39 -06:00
ee15179441
Fix service discovery errors
2014-11-20 18:22:33 +00:00
35d3bbf74d
Fix up comment splats with the correct URI
...
See the complaint on #4039 . This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
ad2e7c3713
print header only if there are results...
2014-07-17 18:02:24 -05:00
7e6e154a39
Fix null pointer dereference
2014-07-17 08:51:12 -05:00
8e1949f3c8
Added newline at EOF
2014-06-17 21:03:18 +02:00
1f33566033
Land #3432 , @Meatballs1 sap_soap_rfc_brute_login's clean up
2014-06-09 11:39:52 -05:00
b39b41e29f
Land #3371 , @Meatballs1 fix for sap_mgmt_con_getprocessparameter
2014-06-09 11:25:01 -05:00
099003708c
Land #3422 , SAP Bruterforcer datastore cleanup
2014-06-08 08:42:27 +02:00
fe20e6e1c4
Merge remote-tracking branch 'upstream/master' into soap_brute_fix
...
Conflicts:
modules/auxiliary/scanner/sap/sap_soap_rfc_brute_login.rb
2014-06-07 02:44:16 +01:00
8624ddfc3e
Clean up SAP SOAP RFC Brute Login
...
Honour the user supplied settings
Abort a host on connection error
Check a 200 response for some appropriate data
Let datastore validation handle things like options being present
Be more verbose if needed
Use the HTTPClient more appropriately
2014-06-07 02:34:49 +01:00
b997c2ac1f
Further tidies
2014-06-07 02:00:35 +01:00
0e3549ebc4
mc brute tidy
2014-06-03 17:27:46 +01:00
da0a9f66ea
Resolved all msftidy vars_get warnings
2014-05-25 19:29:39 +02:00
dc0e649a10
Clean up case statement
2014-05-19 09:21:07 -05:00
6b1e4c3a9d
Show loot and error code
2014-05-19 11:17:58 +01:00
848227e18a
401 should be a valid url
2014-05-19 10:59:38 +01:00
5d96f54410
Be verbose about 307
2014-05-19 10:52:06 +01:00
88b7dc3def
re-add content length
2014-05-19 10:46:47 +01:00
e59f104195
Use unless
2014-05-19 10:41:01 +01:00
dd1a47f31f
Modified sap_icm_urlscan to check for authentication of custom URLs
...
Fixed ruby coding style
2014-05-17 22:47:49 +02:00
90158b9932
Land #2791 , @morisson's support to remote dns resolution on sap_router_portscanner
2014-01-02 12:19:50 -06:00
f75782bc2f
Use RHOST, RPORT for the SAPROUTER options
2014-01-02 12:18:54 -06:00
b02e21a1d3
Land #2779 , @wchen-r7's mod to raise Msf::OptionValidateError when PORTS is invalid
2013-12-26 09:27:27 -06:00
88b3b2c78e
Switch RHOSTS to TARGETS and add validation
2013-12-23 11:58:26 -06:00
94da642f5c
fixed typo: innacurated -> inaccurate
2013-12-21 20:36:43 +00:00
c387a850ca
Fixed default value for RESOLVE (local)
2013-12-21 19:21:57 +00:00
6ce0bab036
Cleanup, also split IP addresses separated by commas.
2013-12-21 00:15:00 +00:00
6ac0aad38b
Prevent report_* when RESOLVE is remote, since hostname may be unknown and local resolution fail, thus spitting out an error and failing
2013-12-19 23:37:13 +00:00
Pearce Barry