fa7d677d45
Consolidate and improve LDAP error handling
2022-10-31 10:56:17 -04:00
06e0be0a3d
Land #17128 , Adds support to specify a shared directory to iterate through and highlight keywords
2022-10-27 16:07:12 +01:00
2bd90079a2
Adds support to specify a shared directory to iterate through and highlighting keywords
2022-10-27 12:49:02 +01:00
43f7d7b73e
Land #17098 , Hikvision camera unauthenticated information disclosure
2022-10-20 16:20:12 +02:00
6a682f4fe6
Land #16982 , Update Dell iDRAC login scanner to work with v8 and v9
2022-10-14 01:40:35 +01:00
08640f0d65
Updated documentation
2022-10-02 20:20:20 +00:00
7ae0f552f3
init commit module and documentation
2022-10-02 19:47:47 +00:00
2958a43a6a
Update to reflect fact that bug is an improper authentication logic bug and to randomize password for auth parameter since it is ignored
2022-09-23 12:19:29 -05:00
f2d357eda1
updated documentation with camera specifications
2022-09-23 09:38:37 -05:00
edc37835e5
Add more nil checks in, update some of the check code to catch an edge case, update notes to account for indicators of compromise, and fix some extra issues noticed on second round of review
2022-09-23 09:38:35 -05:00
3ca34568c2
Clean up some of the documentation and module code and descriptions
2022-09-23 09:38:12 -05:00
5ed7ff7f52
init commit module and documentation
2022-09-23 09:38:05 -05:00
12f3325f3e
Land #16732 , VIDIdial Multiple SQLi
...
This PR adds a module which exploits several
authenticated sqli in VICIdial
2022-09-22 10:47:42 -04:00
6d608ea41e
vicidial sqli module docs update
2022-09-21 16:57:18 -04:00
a7b049510b
Relocate documentation file to proper location and update documentation a little bit to explain some cases
...
Update documentation with proper explanation of how to add users since last one was adding users to the wrong table.
2022-09-13 16:12:21 -05:00
6c27c05d10
parent 3892d29cc5
...
author Jack Heysel <jack_heysel@rapid7.com > 1658964871 -0400
committer Grant Willcox <gwillcox@rapid7.com > 1663093141 -0500
gpgsig -----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEMZiWHhSP9eUn4xpf014FwPK4HoMFAmMgyZUACgkQ014FwPK4
HoP5RxAAjvQs9/bVQSVJXMNVxa5J3Tefi+BnkJyxUAABsYJR/KpKfHMzGxhdA9ED
Rc48cKuaGRscorSdNZJPtRMs1JlrvYLbovTomUoOuyZypKInNdkIhjo24WyandBX
5f4AgmsKFtnfFnxAHQ/jsq25Sa0hgDS/x64q1+aFMupZzm7o9xJrMokqPIu8C1hC
AhdV1jx3xP7jTpTz2YDOUPM3WNZINFNJHZU5JtdCIfciJX1oCbkEdzUZFiiZg6Ui
fZEUDAVQrkZfhcTrLYBBTOgalMjmM4gM9q/X0vHTm6XbEuNN69diw7t3Z7Qa2maY
FU3N8E5mDy2ebpRWF4FOHa3KwEcUwpx17/sIJOfhlFRFazxVDR6DGch4GQg0r5lz
VVN7GEMPqepyCJcBTaagpeeyw/pM/peysrC04amd5ash/6sQ5whS8xIJW1jeN/nf
rVTwJs1kzy28t0wLqeHB+j4OZNm+hqZYrZ0A9VcJT5EBArG8Zlgr+xXcFXhONBk8
GZe/yiMsHPPv+vfSvOo/JVZAbIXpcFRzHjbs1JjFVQq635bWceGWs72xHNEKlssC
MtaL1h0wzV7BilBL2ohMY0ou/gDTqWao3xYGvqfxgYBy/6IQCcV2SmPYLNel+VEt
sc7fqO5R+R/HDUWHv1bEfYKebgaX6pqrzgrqaxwGd6vmSHEEslU=
=BXw+
-----END PGP SIGNATURE-----
Initial changes
Add in documentation improvements for installation
Update Docker install instructions again and also fix a bug with too strict checking on a cookie
Move module into gather type module, remove the scanner import, and update the documentation accordingly so that the check method can work
Updated docs
2022-09-13 16:08:57 -05:00
8c4f151c73
update idrac login scanner to work with v8 and v9
2022-09-04 09:59:15 -04:00
a41ec9388f
Land #16725 , Add ManageEngine ADAudit Plus and DataSecurity Plus Xnode enum modules, docs and mixin (CVE-2020–11532)
2022-09-01 08:46:36 -05:00
69cc144e04
Add module docs
2022-08-30 11:12:36 -04:00
1b5338da06
Land #16701 , Rewrite of Cisco ASA Clientless VPN Brute-force
2022-08-25 16:04:48 +02:00
70e006c493
Initial updates from personal review, sans module adjustments
2022-08-23 20:48:15 -05:00
2242272ef4
Added CSRF token support. Fixed an issue with HTTP Keep-Alive 👀
2022-08-19 10:51:33 -07:00
5cf7a2de92
Fix minor typos in the doc
2022-08-18 13:32:00 +02:00
f093794864
Added Cisco ASA ASDM/HTTP brute force module
2022-08-16 06:31:25 -07:00
b7acf95f1f
vicidial doc update
2022-08-14 08:46:12 -04:00
794ce923ad
placeholder
...
vicidial sqli module
first run of docs
updates to vicidial
2022-08-13 17:02:24 -04:00
c45262cd46
Land #16800 , Add support for OpenSSL 3
2022-08-05 14:20:51 -05:00
74eff9ffac
Land #16851 , Add Cassandra Web file read auxiliary module
...
Merge branch 'land-16851' into upstream-master
2022-08-05 13:04:07 -05:00
c244399f1f
Land #16857 , Add auxiliary gather module for Cisco PVC2300 camera information disclosure
2022-08-04 11:46:07 -04:00
af712d4a89
add docs, fix typo in module description
2022-08-04 16:58:39 +03:00
f65119b353
Support OpenSSL3 and run Ubuntu 22.04 in test matrix
2022-08-03 15:49:53 +01:00
9a4a590b27
Add Cassandra Web file read auxiliary module
2022-08-02 23:40:40 +07:00
1f7b3319a9
Changing readme file accordingly.
2022-08-01 13:43:26 +03:00
d6dabd4bfb
additional code review improvements for xnode auxiliary modules/lib/docs
2022-07-28 15:12:00 +03:00
a6bdc5ea29
-Validating md file with msftidy_docs.
...
-Removing global variables, and calling data stored in datastore when required.
-Calling methods or variables instead of calling terminal commands.
-Some indentations.
-Using heredocs when handling multiple strings.
-Handling the case where LHOST does not contain IP address.
2022-07-24 18:51:53 +03:00
c6c745c633
ManageEngine Xnode library changes and some docs/module adjustments after code review
2022-07-22 16:06:21 +03:00
28c3dd5739
A SCADA scanner module for BACnet protocol.
...
The scanner discovers BACnet devices on the network by broadcasting
Who-is packets, extracts model name, software version, firmware
revision and description from the discovered devices by sending
specific read-property packets. After parsing the data the module saves
it to a local xml file.
Because devices can be nested, every address can have multiple devices.
2022-07-19 17:02:35 +03:00
2a8d95c121
Default to having a near empty custom file so that we can still update the default queries without issues vs preventing updates from occuring. If users want to override the defaults, then they accept the risk of not getting updates. Update documentation to also note this.
2022-07-15 16:29:12 -05:00
2d1acc0369
Refactor code and also add in proper fail_with error codes where needed. Also fix up module and documentation descriptions to be a bit clearer.
2022-07-15 16:29:01 -05:00
03ebbaf2d0
Add in RUN_SINGLE_QUERY and associated options, and then update the code and documentation accordingly. This will allow users to run single queries with associated attribute filters if they want to test out single queries at a time without changing YAML files
2022-07-15 16:29:00 -05:00
67cf39f4b9
Update documentation to include RUN_QUERY_FILE example.
2022-07-15 16:28:55 -05:00
8c236e789e
Rename files to follow proper format. Add in documentation for examples. Then update code so we use Msf::Config.get_config_root to store the config file that we parse to get the actions outside of a Git tracked location. We will still use the default file to populate this non-git tracked location if its not already populated though.
2022-07-15 16:28:43 -05:00
65b9e1cb13
Push initial copy of work up
2022-07-15 16:27:56 -05:00
55079515ca
implement code review suggestions
2022-07-14 06:04:14 -07:00
662c8bbd87
Land #16742 , add NetScaler decrypt aux module
...
This aux module allows users to decrypt secrets
in Citrix NetScaler appliance configuration files
2022-07-13 14:00:43 -04:00
8f3a0e3856
Land #16742 , add NetScaler decrypt aux module
...
This aux module allows users to decrypt secrets
in Citrix NetScaler appliance configuration files
2022-07-13 12:11:02 -04:00
9a6013b153
citrix_netscaler_config_decrypt refinements
...
Refactor error handling when composing KEK fragments to be more
streamlined.
Various tweaks and optimizations.
Updates to documentatation.
2022-07-13 08:36:18 -04:00
3f52cc80a2
Update documentation/modules/auxiliary/admin/citrix/citrix_netscaler_config_decrypt.md
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
2022-07-13 07:57:06 -04:00
6db340508f
Land #16703 , add Censys API v2 functionality
...
This PR updates the censys_search.rb module to also
make use of the v2 API functionality
2022-07-07 13:09:31 -04:00
debf619968
Land #16733 , add dfscoerce scanner module
2022-07-06 18:18:00 -05:00
Spencer McIntyre