metasploit-gs

Author	SHA1	Message	Date
Clément Notin	33e35bae7c	Add descriptions to auxiliary modules Actions And a little formatting Closes #13403 Update modules/auxiliary/admin/android/google_play_store_uxss_xframe_rce.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/admin/backupexec/dump.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/admin/http/arris_motorola_surfboard_backdoor_xss.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/dos/android/android_stock_browser_iframe.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/admin/tikiwiki/tikidblib.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/smb.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/telnet.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/vnc.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/fakedns.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/tftp.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/dos/http/gzip_bomb_dos.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/dos/http/ibm_lotus_notes.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/dos/http/ibm_lotus_notes2.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/dos/http/webkitplus.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/dos/windows/browser/ms09_065_eot_integer.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/example.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/android_browser_file_theft.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/apple_safari_ftp_url_cookie_theft.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/android_browser_new_tab_cookie_theft.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/apple_safari_webarchive_uxss.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/browser_lanipleak.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/firefox_pdfjs_file_theft.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/flash_rosetta_jsonp_url_disclosure.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/samsung_browser_sop_bypass.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/http.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/http_basic.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/http_ntlm.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/http_ntlmrelay.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/socks4a.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/socks5.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/sip.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/postgresql.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/local_hwbridge.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/webkit_xslt_dropper.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/socks_unc.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/client/iec104/iec104.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/browser_info.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/drda.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/ftp.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/mssql.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/mysql.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/pop3.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/dns/spoofhelper.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/printjob_capture.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update description following Actions removal Update modules/auxiliary/gather/browser_info.rb Update modules/auxiliary/gather/browser_info.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/browser_info.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>	2020-05-17 14:51:14 -05:00
William Vu	04e263f305	Add auxiliary/admin/http/ibm_drm_download action	2020-05-07 08:03:28 -05:00
Pedro Ribeiro	227347627c	Address review comments Update documentation/modules/auxiliary/admin/http/ibm_drm_download.md Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update documentation/modules/auxiliary/admin/http/ibm_drm_download.md Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update documentation/modules/auxiliary/admin/http/ibm_drm_download.md Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/admin/http/ibm_drm_download.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> final changes! Update modules/auxiliary/admin/http/ibm_drm_download.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/admin/http/ibm_drm_download.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/admin/http/ibm_drm_download.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/admin/http/ibm_drm_download.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/admin/http/ibm_drm_download.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/admin/http/ibm_drm_download.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/admin/http/ibm_drm_download.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/admin/http/ibm_drm_download.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> final final Update ibm_drm_download.md change date to ISO really fix the date now	2020-05-05 10:56:40 -05:00
Pedro Ribeiro	9fe684e5d5	break into smaller chunks	2020-05-05 10:15:55 +07:00
Pedro Ribeiro	9020e2e391	add full disclosure url	2020-05-01 21:01:26 +07:00
Pedro Ribeiro	8e20cf94be	got me refs wrong m8	2020-05-01 13:48:02 +07:00
Pedro Ribeiro	37eecbc01f	fix eol spaces	2020-05-01 13:29:50 +07:00
Pedro Ribeiro	fc50e21251	add cve	2020-05-01 10:17:57 +07:00
Pedro Ribeiro	81b678b271	remove CVE for merge, will add later	2020-04-30 11:15:43 +07:00
Pedro Ribeiro	75c9cf5c80	Update ibm_drm_download.rb	2020-04-28 14:12:53 +07:00
Pedro Ribeiro	bf3fff677e	and rubocop the file download module too	2020-04-24 10:24:39 +07:00
Pedro Ribeiro	13c4d50c2c	Create ibm_drm_download.rb	2020-04-21 15:53:12 +07:00
Spencer McIntyre	b89744cef2	Land #12145 , add a module to generate grafana cookies	2020-04-20 09:21:01 -04:00
Spencer McIntyre	c9bfcf2240	Make VERSION an OptEnum and clean up whitespace	2020-04-20 09:20:55 -04:00
svnsyn	a4507bbfc6	requested changes	2020-04-19 19:53:33 +02:00
Brent Cook	8489bcdfd9	This fixes broken links to the community.rapid7.com blog Performed mechanically with sed, spot-checked that the new blog can consume these links.	2020-02-18 09:06:11 -06:00
h00die	905eb17132	begining to fix spelling errors	2019-10-05 14:26:34 -04:00
dwelch-r7	a587668b9e	Remove Default targets from aux modules	2019-09-24 12:15:43 +01:00
dwelch-r7	134765dc40	Remove targets from aux modules	2019-09-23 15:29:38 +01:00
William Vu	32334c2386	Update all module splats from http:// to https://	2019-08-15 18:10:44 -05:00
Rene Riedling	dee7e9d690	moved module to another directory	2019-08-15 11:01:53 +02:00
Rene Riedling	5e45c3e469	Recoded the tool to a scanner.	2019-08-14 13:32:11 +02:00
svnsyn	02d0e36d2a	No shows all vulnerable version and covers some edge cases	2019-08-01 08:06:36 +02:00
svnsyn	790f388fb3	I want to contribute a module for generating remember cookies for grafana instances where ldap or oauth is used. These cookies can be used for authentication bypass, like its explained here: https://github.com/u238/grafana-CVE-2018-15727 https://grafana.com/blog/2019/04/29/grafana-5.4.4-and-6.1.6-released-with-important-security-fix/ The module takes a username and generates a bad salted cookie. It also takes one of these cookies to decrypt the username out of it. Both cookies has to be set where as an existing session cookie should have been deleted before getting access. I wrote it in python since I had a lot of different results while calculating this task comparing the go and ruby crypto libraries.	2019-07-31 18:59:00 +02:00
William Vu	501a9109a5	Fix and refactor check method	2019-07-12 20:29:43 -05:00
William Vu	2bc2b88ee6	vprint and quotes	2019-07-12 14:37:34 -05:00
William Vu	be5f15a245	Add @h00die and @bcoles changes	2019-07-12 12:46:13 -05:00
Patrick Webster	f13378c503	Minor fix for aux joomla_registration_privesc Module checks for version number. If disclosed, checks for vulnerable release ranges. Missing a Safe retval for known immune numbers.	2019-07-12 06:37:08 +10:00
William Vu	baa17290e4	Adjust name :)	2019-06-28 12:08:27 -05:00
Dhiraj Mishra	09d6ae3458	Removing comments Thanks wvu-r7 for your support.	2019-06-28 16:17:08 +05:30
William Vu	d7a5eae146	Fix bug, adjust prints, and check body for "OK"	2019-06-28 04:12:57 -05:00
William Vu	933b5f0413	Tidy up send_request_cgi	2019-06-26 00:59:53 -05:00
William Vu	00530031fd	Try not encoding the GET parameters	2019-06-26 00:55:23 -05:00
William Vu	f3b509a1bc	Implement on_request_uri	2019-06-25 23:47:19 -05:00
William Vu	a8867992ae	Add minimal HttpServer support	2019-06-07 11:53:47 -05:00
William Vu	d943b4d314	Fix style	2019-06-07 11:44:17 -05:00
William Vu	be6a34398a	Rename module to match product	2019-06-07 11:33:10 -05:00
William Vu	9e47e061f2	Remove rank to appease msftidy	2019-06-07 11:28:39 -05:00
William Vu	397e6b16a4	Move aux module out of exploits	2019-06-07 11:18:33 -05:00
Jeffrey Martin	310ee3b46b	add advanced force to rompager	2019-05-21 15:52:32 -05:00
Jacob Robles	5559de2458	Update documentation	2019-04-15 07:06:27 -05:00
Jacob Robles	51cb4358d6	Randomize check number	2019-04-12 14:47:34 -05:00
Jacob Robles	236a3ee2f5	Rename files	2019-04-11 07:04:57 -05:00
Jacob Robles	91fec97cd7	Update run logic, fix create_credential usage	2019-04-11 06:54:19 -05:00
Jacob Robles	54abfcbc2c	Update check logic	2019-04-11 06:21:40 -05:00
Jacob Robles	1b2b752bef	Remove rescue that is handled in HttpClient mixin	2019-04-11 06:20:48 -05:00
Jacob Robles	9385fbc3b7	Change date format	2019-04-11 06:18:52 -05:00
Synacktiv	e9dd2f4f06	Store the whole JSON response	2019-04-09 13:59:44 +02:00
Synacktiv	b2422ab661	Remove use of service_details	2019-04-09 13:45:17 +02:00
Synacktiv	3d51fdb003	Improve send_sql_request	2019-04-09 13:42:43 +02:00

1 2 3 4 5 ...

556 Commits