dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix URLs not resolving 

fix URLs not resolving

add csv export to references

fix URLs not resolving

pdf not pd

missed a url change

remove extra recirectedfrom fields

remove extra file

fix ovftool url accidental replacement
This commit is contained in:
h00die 2022-01-23 15:28:32 -05:00 committed by Grant Willcox
parent 34ffea9f3c
commit d5ba1afbec
No known key found for this signature in database
GPG Key ID: D35E05C0F2B81E83
361 changed files with 555 additions and 538 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
modules/auxiliary/admin/android/google_play_store_uxss_xframe_rce.rb
View File

@ -33,8 +33,8 @@ class MetasploitModule < Msf::Auxiliary
'Actions' => [[ 'WebServer', 'Description' => 'Serve exploit via web server' ]],
'PassiveActions' => [ 'WebServer' ],
'References' => [
[ 'URL', 'https://blog.rapid7.com/2014/09/15/major-android-bug-is-a-privacy-disaster-cve-2014-6041'],
[ 'URL', 'http://1337day.com/exploit/description/22581' ],
[ 'URL', 'https://www.rapid7.com/blog/post/2014/09/15/major-android-bug-is-a-privacy-disaster-cve-2014-6041/'],
[ 'URL', 'https://web.archive.org/web/20150316151817/http://1337day.com/exploit/description/22581' ],
[ 'OSVDB', '110664' ],
[ 'CVE', '2014-6041' ]
],

10
modules/auxiliary/admin/atg/atg_client.rb
View File

@ -25,13 +25,13 @@ class MetasploitModule < Msf::Auxiliary
'License' => MSF_LICENSE,
'References' =>
[
['URL', 'https://blog.rapid7.com/2015/01/22/the-internet-of-gas-station-tank-gauges'],
['URL', 'http://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/the-gaspot-experiment'],
['URL', 'https://www.rapid7.com/blog/post/2015/01/22/the-internet-of-gas-station-tank-gauges/'],
['URL', 'https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/the-gaspot-experiment'],
['URL', 'https://github.com/sjhilt/GasPot'],
['URL', 'https://github.com/mushorg/conpot'],
['URL', 'http://www.veeder.com/us/automatic-tank-gauge-atg-consoles'],
['URL', 'http://www.chipkin.com/files/liz/576013-635.pdf'],
['URL', 'http://www.veeder.com/gold/download.cfm?doc_id=6227']
['URL', 'https://www.veeder.com/us/automatic-tank-gauge-atg-consoles'],
['URL', 'https://cdn.chipkin.com/files/liz/576013-635.pdf'],
['URL', 'https://docs.veeder.com/gold/download.cfm?doc_id=6227']
],
'DefaultAction' => 'INVENTORY',
'Actions' =>

2
modules/auxiliary/admin/backupexec/dump.rb
View File

@ -24,7 +24,7 @@ class MetasploitModule < Msf::Auxiliary
['CVE', '2005-2611'],
['OSVDB', '18695'],
['BID', '14551'],
['URL', 'http://www.fpns.net/willy/msbksrc.lzh'],
['URL', 'https://web.archive.org/web/20120227144337/http://www.fpns.net/willy/msbksrc.lzh'],
],
'Actions' =>
[

2
modules/auxiliary/admin/backupexec/registry.rb
View File

@ -23,7 +23,7 @@ class MetasploitModule < Msf::Auxiliary
[
[ 'OSVDB', '17627' ],
[ 'CVE', '2005-0771' ],
[ 'URL', 'http://www.idefense.com/application/poi/display?id=269&type=vulnerabilities'],
[ 'URL', 'https://web.archive.org/web/20110801042138/http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=269'],
],
'Actions' =>
[

2
modules/auxiliary/admin/dcerpc/cve_2021_1675_printnightmare.rb
View File

@ -40,7 +40,7 @@ class MetasploitModule < Msf::Auxiliary
['CVE', '2021-1675'],
['CVE', '2021-34527'],
['URL', 'https://github.com/cube0x0/CVE-2021-1675'],
['URL', 'https://github.com/afwu/PrintNightmare'],
['URL', 'https://web.archive.org/web/20210701042336/https://github.com/afwu/PrintNightmare'],
['URL', 'https://github.com/calebstewart/CVE-2021-1675/blob/main/CVE-2021-1675.ps1'],
['URL', 'https://github.com/byt3bl33d3r/ItWasAllADream']
],

4
modules/auxiliary/admin/dns/dyn_dns_update.rb
View File

@ -19,10 +19,10 @@ class MetasploitModule < Msf::Auxiliary
'Brent Cook <brent_cook[at]rapid7.com>'
],
'References' => [
['URL', 'http://www.tenable.com/plugins/index.php?view=single&id=35372'],
['URL', 'https://www.tenable.com/plugins/nessus/35372'],
['URL', 'https://github.com/KINGSABRI/CVE-in-Ruby/tree/master/NONE-CVE/DNSInject'],
['URL', 'https://www.christophertruncer.com/dns-modification-dnsinject-nessus-plugin-35372/'],
['URL', 'https://github.com/ChrisTruncer/PenTestScripts/blob/master/DNSInject.py']
['URL', 'https://github.com/ChrisTruncer/PenTestScripts/blob/master/HostScripts/DNSInject.py']
],
'License' => MSF_LICENSE,
'Actions' => [

4
modules/auxiliary/admin/firetv/firetv_youtube.rb
View File

@ -17,8 +17,8 @@ class MetasploitModule < Msf::Auxiliary
},
'Author' => ['wvu'],
'References' => [
['URL', 'http://www.amazon.com/dp/B00CX5P8FC?_encoding=UTF8&showFS=1'],
['URL', 'http://www.amazon.com/dp/B00GDQ0RMG/ref=fs_ftvs']
['URL', 'https://www.amazon.com/dp/B00CX5P8FC?_encoding=UTF8&showFS=1'],
['URL', 'https://www.amazon.com/dp/B00GDQ0RMG/ref=fs_ftvs']
],
'License' => MSF_LICENSE,
'Actions' => [

2
modules/auxiliary/admin/hp/hp_data_protector_cmd.rb
View File

@ -30,7 +30,7 @@ class MetasploitModule < Msf::Auxiliary
[ 'CVE', '2011-0923' ],
[ 'OSVDB', '72526' ],
[ 'ZDI', '11-055' ],
[ 'URL', 'http://hackarandas.com/blog/2011/08/04/hp-data-protector-remote-shell-for-hpux' ]
[ 'URL', 'https://hackarandas.com/blog/2011/08/04/hp-data-protector-remote-shell-for-hpux/' ]
],
'Author' =>
[

4
modules/auxiliary/admin/hp/hp_ilo_create_admin_account.rb
View File

@ -19,8 +19,8 @@ class MetasploitModule < Msf::Auxiliary
[
[ 'CVE', '2017-12542' ],
[ 'BID', '100467' ],
[ 'URL', 'https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03769en_us' ],
[ 'URL', 'https://www.synacktiv.com/posts/exploit/hp-ilo-talk-at-recon-brx-2018.html' ]
[ 'URL', 'https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-hpesbhf03769en_us' ],
[ 'URL', 'https://www.synacktiv.com/en/publications/hp-ilo-talk-at-recon-brx-2018.html' ]
],
'Author' =>
[

2
modules/auxiliary/admin/hp/hp_imc_som_create_account.rb
View File

@ -23,7 +23,7 @@ class MetasploitModule < Msf::Auxiliary
[ 'OSVDB', '98249' ],
[ 'BID', '62902' ],
[ 'ZDI', '13-240' ],
[ 'URL', 'https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03943547' ]
[ 'URL', 'https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c03943547' ]
],
'Author' =>
[

6
modules/auxiliary/admin/http/allegro_rompager_auth_bypass.rb
View File

@ -25,9 +25,9 @@ class MetasploitModule < Msf::Auxiliary
],
'References' => [
['CVE', '2014-9222'],
['URL', 'http://mis.fortunecook.ie'],
['URL', 'http://mis.fortunecook.ie/misfortune-cookie-suspected-vulnerable.pdf'], # list of likely vulnerable devices
['URL', 'http://mis.fortunecook.ie/too-many-cooks-exploiting-tr069_tal-oppenheim_31c3.pdf'] # 31C3 presentation with POC
['URL', 'https://web.archive.org/web/20191006135858/http://mis.fortunecook.ie/'],
['URL', 'https://web.archive.org/web/20190207102911/http://mis.fortunecook.ie/misfortune-cookie-suspected-vulnerable.pdf'], # list of likely vulnerable devices
['URL', 'https://web.archive.org/web/20190623150837/http://mis.fortunecook.ie/too-many-cooks-exploiting-tr069_tal-oppenheim_31c3.pdf'] # 31C3 presentation with POC
],
'DisclosureDate' => '2014-12-17',
'License' => MSF_LICENSE

2
modules/auxiliary/admin/http/arris_motorola_surfboard_backdoor_xss.rb
View File

@ -44,7 +44,7 @@ class MetasploitModule < Msf::Auxiliary
[ 'CVE', '2015-0964' ], # XSS vulnerability
[ 'CVE', '2015-0965' ], # CSRF vulnerability
[ 'CVE', '2015-0966' ], # "techician/yZgO8Bvj" web interface backdoor
[ 'URL', 'https://blog.rapid7.com/2015/06/05/r7-2015-01-csrf-backdoor-and-persistent-xss-on-arris-motorola-cable-modems' ],
[ 'URL', 'https://www.rapid7.com/blog/post/2015/06/05/r7-2015-01-csrf-backdoor-and-persistent-xss-on-arris-motorola-cable-modems/' ],
]
))

2
modules/auxiliary/admin/http/cisco_7937g_ssh_privesc.py
View File

@ -32,7 +32,7 @@ metadata = {
'date': '2020-06-02',
'license': 'GPL_LICENSE',
'references': [
{'type': 'url', 'ref': 'https://blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/'},
{'type': 'url', 'ref': 'https://web.archive.org/web/20200921054955/https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/'},
{'type': 'cve', 'ref': '2020-16137'}
],
'type': 'single_scanner',

2
modules/auxiliary/admin/http/cnpilot_r_cmd_exec.rb
View File

@ -22,7 +22,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
['CVE', '2017-5259'],
['URL', 'https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities']
['URL', 'https://www.rapid7.com/blog/post/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/']
],
'License' => MSF_LICENSE
)

2
modules/auxiliary/admin/http/cnpilot_r_fpt.rb
View File

@ -21,7 +21,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
['CVE', '2017-5261'],
['URL', 'https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities']
['URL', 'https://www.rapid7.com/blog/post/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/']
],
'License' => MSF_LICENSE
)

2
modules/auxiliary/admin/http/dlink_dir_300_600_exec_noauth.rb
View File

@ -23,7 +23,7 @@ class MetasploitModule < Msf::Auxiliary
[
[ 'OSVDB', '89861' ],
[ 'EDB', '24453' ],
[ 'URL', 'http://www.dlink.com/uk/en/home-solutions/connect/routers/dir-600-wireless-n-150-home-router' ],
[ 'URL', 'https://eu.dlink.com/uk/en/products/dir-600-wireless-n-150-home-router' ],
[ 'URL', 'http://www.s3cur1ty.de/home-network-horror-days' ],
[ 'URL', 'http://www.s3cur1ty.de/m1adv2013-003' ]
],

2
modules/auxiliary/admin/http/foreman_openstack_satellite_priv_esc.rb
View File

@ -25,7 +25,7 @@ class MetasploitModule < Msf::Auxiliary
['CWE', '915'],
['OSVDB', '94655'],
['URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=966804'],
['URL', 'http://projects.theforeman.org/issues/2630']
['URL', 'https://projects.theforeman.org/issues/2630']
],
'DisclosureDate' => 'Jun 6 2013'
)

2
modules/auxiliary/admin/http/iis_auth_bypass.rb
View File

@ -19,7 +19,7 @@ class MetasploitModule < Msf::Auxiliary
[ 'CVE', '2010-2731' ],
[ 'OSVDB', '66160' ],
[ 'MSB', 'MS10-065' ],
[ 'URL', 'http://soroush.secproject.com/blog/2010/07/iis5-1-directory-authentication-bypass-by-using-i30index_allocation/' ]
[ 'URL', 'https://soroush.secproject.com/blog/2010/07/iis5-1-directory-authentication-bypass-by-using-i30index_allocation/' ]
],
'Author' =>
[

2
modules/auxiliary/admin/http/jboss_bshdeployer.rb
View File

@ -22,7 +22,7 @@ class MetasploitModule < Msf::Auxiliary
[
[ 'CVE', '2010-0738' ], # using a VERB other than GET/POST
[ 'OSVDB', '64171' ],
[ 'URL', 'http://www.redteam-pentesting.de/publications/jboss' ],
[ 'URL', 'https://www.redteam-pentesting.de/en/publications/jboss/-bridging-the-gap-between-the-enterprise-and-you-or-whos-the-jboss-now' ],
[ 'URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=574105' ]
],
'Actions' =>

2
modules/auxiliary/admin/http/jboss_deploymentfilerepository.rb
View File

@ -21,7 +21,7 @@ class MetasploitModule < Msf::Auxiliary
[
[ 'CVE', '2010-0738' ], # using a VERB other than GET/POST
[ 'OSVDB', '64171' ],
[ 'URL', 'http://www.redteam-pentesting.de/publications/jboss' ],
[ 'URL', 'https://www.redteam-pentesting.de/en/publications/jboss/-bridging-the-gap-between-the-enterprise-and-you-or-whos-the-jboss-now' ],
[ 'URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=574105' ]
],
'Actions' =>

4
modules/auxiliary/admin/http/limesurvey_file_download.rb
View File

@ -26,8 +26,8 @@ class MetasploitModule < Msf::Auxiliary
'License' => MSF_LICENSE,
'References' =>
[
['URL', 'https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20151022-0_Lime_Survey_multiple_critical_vulnerabilities_v10.txt'],
['URL', 'https://www.limesurvey.org/en/blog/76-limesurvey-news/security-advisories/1836-limesurvey-security-advisory-10-2015'],
['URL', 'https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-lime-survey/'],
['URL', 'https://www.limesurvey.org/blog/22-security/136-limesurvey-security-advisory-10-2015'],
['URL', 'https://github.com/LimeSurvey/LimeSurvey/compare/2.06_plus_151014...2.06_plus_151016?w=1']
],
'DisclosureDate' => '2015-10-12'))

2
modules/auxiliary/admin/http/linksys_tmunblock_admin_reset_bof.rb
View File

@ -25,7 +25,7 @@ class MetasploitModule < Msf::Auxiliary
[
[ 'EDB', '31758' ],
[ 'OSVDB', '103521' ],
[ 'URL', 'http://www.devttys0.com/2014/02/wrt120n-fprintf-stack-overflow/' ] # a huge amount of details about this vulnerability and the original exploit
[ 'URL', 'https://web.archive.org/web/20210424073058/http://www.devttys0.com/2014/02/wrt120n-fprintf-stack-overflow/' ] # a huge amount of details about this vulnerability and the original exploit
],
'DisclosureDate' => '2014-02-19'))
end

2
modules/auxiliary/admin/http/mutiny_frontend_read_delete.rb
View File

@ -27,7 +27,7 @@ class MetasploitModule < Msf::Auxiliary
[
[ 'CVE', '2013-0136' ],
[ 'US-CERT-VU', '701572' ],
[ 'URL', 'https://blog.rapid7.com/2013/05/15/new-1day-exploits-mutiny-vulnerabilities' ]
[ 'URL', 'https://www.rapid7.com/blog/post/2013/05/15/new-1day-exploits-mutiny-vulnerabilities/' ]
],
'Actions' =>
[

2
modules/auxiliary/admin/http/netgear_soap_password_extractor.rb
View File

@ -30,7 +30,7 @@ class MetasploitModule < Msf::Auxiliary
[
[ 'BID', '72640' ],
[ 'OSVDB', '118316' ],
[ 'URL', 'https://github.com/darkarnium/secpub/tree/master/NetGear/SOAPWNDR' ]
[ 'URL', 'https://github.com/darkarnium/secpub/tree/master/Vulnerabilities/NetGear/SOAPWNDR' ]
],
'Author' =>
[

2
modules/auxiliary/admin/http/netgear_wnr2000_pass_recovery.rb
View File

@ -33,7 +33,7 @@ class MetasploitModule < Msf::Auxiliary
['CVE', '2016-10176'],
['URL', 'https://raw.githubusercontent.com/pedrib/PoC/master/advisories/netgear-wnr2000.txt'],
['URL', 'https://seclists.org/fulldisclosure/2016/Dec/72'],
['URL', 'http://kb.netgear.com/000036549/Insecure-Remote-Access-and-Command-Execution-Security-Vulnerability']
['URL', 'https://kb.netgear.com/000036549/Insecure-Remote-Access-and-Command-Execution-Security-Vulnerability']
],
'DisclosureDate' => '2016-12-20'))
register_options(

2
modules/auxiliary/admin/http/nexpose_xxe_file_read.rb
View File

@ -27,7 +27,7 @@ class MetasploitModule < Msf::Auxiliary
'License' => MSF_LICENSE,
'References' =>
[
[ 'URL', 'https://blog.rapid7.com/2013/08/16/r7-vuln-2013-07-24' ]
[ 'URL', 'https://www.rapid7.com/blog/post/2013/08/16/r7-vuln-2013-07-24/' ]
],
'DefaultOptions' => {
'SSL' => true

2
modules/auxiliary/admin/http/openbravo_xxe.rb
View File

@ -29,7 +29,7 @@ class MetasploitModule < Msf::Auxiliary
['CVE', '2013-3617'],
['OSVDB', '99141'],
['BID', '63431'],
['URL', 'https://blog.rapid7.com/2013/10/30/seven-tricks-and-treats']
['URL', 'https://www.rapid7.com/blog/post/2013/10/30/seven-tricks-and-treats']
],
'License' => MSF_LICENSE,
'DisclosureDate' => '2013-10-30'

4
modules/auxiliary/admin/http/sophos_wpa_traversal.rb
View File

@ -29,8 +29,8 @@ class MetasploitModule < Msf::Auxiliary
[ 'OSVDB', '91953' ],
[ 'BID', '58833' ],
[ 'EDB', '24932' ],
[ 'URL', 'http://www.sophos.com/en-us/support/knowledgebase/118969.aspx' ],
[ 'URL', 'https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt' ]
[ 'URL', 'https://web.archive.org/web/20130603041204/http://www.sophos.com/en-us/support/knowledgebase/118969.aspx' ],
[ 'URL', 'https://web.archive.org/web/20140701204340/https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt' ]
],
'DefaultOptions' => {
'SSL' => true

2
modules/auxiliary/admin/kerberos/ms14_068_kerberos_checksum.rb
View File

@ -32,7 +32,7 @@ class MetasploitModule < Msf::Auxiliary
['URL', 'http://blogs.technet.com/b/srd/archive/2014/11/18/additional-information-about-cve-2014-6324.aspx'],
['URL', 'https://labs.mwrinfosecurity.com/blog/2014/12/16/digging-into-ms14-068-exploitation-and-defence/'],
['URL', 'https://github.com/bidord/pykek'],
['URL', 'https://blog.rapid7.com/2014/12/25/12-days-of-haxmas-ms14-068-now-in-metasploit']
['URL', 'https://www.rapid7.com/blog/post/2014/12/25/12-days-of-haxmas-ms14-068-now-in-metasploit']
],
'License' => MSF_LICENSE,
'DisclosureDate' => '2014-11-18'

2
modules/auxiliary/admin/mssql/mssql_enum_domain_accounts.rb
View File

@ -24,7 +24,7 @@ class MetasploitModule < Msf::Auxiliary
'antti <antti.rantasaari[at]netspi.com>'
],
'License' => MSF_LICENSE,
'References' => [[ 'URL','http://msdn.microsoft.com/en-us/library/ms174427.aspx']]
'References' => [[ 'URL','https://docs.microsoft.com/en-us/sql/t-sql/functions/suser-sname-transact-sql']]
))
register_options(

2
modules/auxiliary/admin/mssql/mssql_enum_domain_accounts_sqli.rb
View File

@ -25,7 +25,7 @@ class MetasploitModule < Msf::Auxiliary
'antti <antti.rantasaari[at]netspi.com>'
],
'License' => MSF_LICENSE,
'References' => [[ 'URL','http://msdn.microsoft.com/en-us/library/ms174427.aspx']]
'References' => [[ 'URL','https://docs.microsoft.com/en-us/sql/t-sql/functions/suser-sname-transact-sql']]
))
register_options(

2
modules/auxiliary/admin/mssql/mssql_enum_sql_logins.rb
View File

@ -22,7 +22,7 @@ class MetasploitModule < Msf::Auxiliary
},
'Author' => ['nullbind <scott.sutherland[at]netspi.com>'],
'License' => MSF_LICENSE,
'References' => [['URL','http://msdn.microsoft.com/en-us/library/ms174427.aspx']]
'References' => [['URL','https://docs.microsoft.com/en-us/sql/t-sql/functions/suser-sname-transact-sql']]
))
register_options(

2
modules/auxiliary/admin/mssql/mssql_ntlm_stealer.rb
View File

@ -28,7 +28,7 @@ class MetasploitModule < Msf::Auxiliary
},
'Author' => [ 'nullbind <scott.sutherland[at]netspi.com>' ],
'License' => MSF_LICENSE,
'References' => [[ 'URL', 'http://en.wikipedia.org/wiki/SMBRelay' ]]
'References' => [[ 'URL', 'https://en.wikipedia.org/wiki/SMBRelay' ]]
))
register_options(

2
modules/auxiliary/admin/mssql/mssql_ntlm_stealer_sqli.rb
View File

@ -30,7 +30,7 @@ class MetasploitModule < Msf::Auxiliary
'Antti <antti.rantasaari[at]netspi.com>'
],
'License' => MSF_LICENSE,
'References' => [[ 'URL', 'http://en.wikipedia.org/wiki/SMBRelay' ]]
'References' => [[ 'URL', 'https://en.wikipedia.org/wiki/SMBRelay' ]]
))
register_options(

2
modules/auxiliary/admin/scada/yokogawa_bkbcopyd_client.rb
View File

@ -21,7 +21,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
[ 'CVE', '2014-5208' ],
[ 'URL', 'https://blog.rapid7.com/2014/08/09/r7-2014-10-disclosure-yokogawa-centum-cs3000-bkbcopydexe-file-system-access']
[ 'URL', 'https://www.rapid7.com/blog/post/2014/08/09/r7-2014-10-disclosure-yokogawa-centum-cs3000-bkbcopydexe-file-system-access']
],
'Actions' =>
[

2
modules/auxiliary/admin/tikiwiki/tikidblib.rb
View File

@ -23,7 +23,7 @@ class MetasploitModule < Msf::Auxiliary
['OSVDB', '30172'],
['BID', '20858'],
['CVE', '2006-5702'],
['URL', 'http://secunia.com/advisories/22678/'],
['URL', 'https://web.archive.org/web/20080211225557/http://secunia.com/advisories/22678/'],
],
'DisclosureDate' => '2006-11-01',
'Actions' =>

2
modules/auxiliary/admin/vnc/realvnc_41_bypass.rb
View File

@ -27,7 +27,7 @@ class MetasploitModule < Msf::Auxiliary
[
['BID', '17978'],
['OSVDB', '25479'],
['URL', 'http://secunia.com/advisories/20107/'],
['URL', 'https://web.archive.org/web/20080102163013/http://secunia.com/advisories/20107/'],
['CVE', '2006-2369'],
],
'DisclosureDate' => '2006-05-15'))

2
modules/auxiliary/admin/vxworks/apple_airport_extreme_password.rb
View File

@ -22,7 +22,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
['OSVDB', '66842'],
['URL', 'http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html'],
['URL', 'https://www.rapid7.com/blog/post/2010/08/02/new-vxworks-vulnerabilities/'],
['US-CERT-VU', '362332']
]
))

2
modules/auxiliary/admin/vxworks/dlink_i2eye_autoanswer.rb
View File

@ -22,7 +22,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
['OSVDB', '66842'],
['URL', 'http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html'],
['URL', 'https://www.rapid7.com/blog/post/2010/08/02/new-vxworks-vulnerabilities/'],
['US-CERT-VU', '362332']
]
))

2
modules/auxiliary/admin/vxworks/wdbrpc_memory_dump.rb
View File

@ -17,7 +17,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
['OSVDB', '66842'],
['URL', 'http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html'],
['URL', 'https://www.rapid7.com/blog/post/2010/08/02/new-vxworks-vulnerabilities/'],
['US-CERT-VU', '362332']
],
'Actions' =>

2
modules/auxiliary/admin/vxworks/wdbrpc_reboot.rb
View File

@ -19,7 +19,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
['OSVDB', '66842'],
['URL', 'http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html'],
['URL', 'https://www.rapid7.com/blog/post/2010/08/02/new-vxworks-vulnerabilities/'],
['US-CERT-VU', '362332']
],
'Actions' =>

2
modules/auxiliary/admin/webmin/file_disclosure.rb
View File

@ -26,7 +26,7 @@ class MetasploitModule < Msf::Auxiliary
['BID', '18744'],
['CVE', '2006-3392'],
['US-CERT-VU', '999601'],
['URL', 'http://secunia.com/advisories/20892/'],
['URL', 'https://web.archive.org/web/20060722192501/http://secunia.com/advisories/20892/'],
],
'DisclosureDate' => '2006-06-30',
'Actions' =>

4
modules/auxiliary/dos/http/apache_commons_fileupload_dos.rb
View File

@ -27,8 +27,8 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
['CVE', '2014-0050'],
['URL', 'http://tomcat.apache.org/security-8.html'],
['URL', 'http://tomcat.apache.org/security-7.html']
['URL', 'https://tomcat.apache.org/security-8.html'],
['URL', 'https://tomcat.apache.org/security-7.html']
],
'DisclosureDate' => '2014-02-06'
))

4
modules/auxiliary/dos/http/apache_mod_isapi.rb
View File

@ -43,8 +43,8 @@ class MetasploitModule < Msf::Auxiliary
[ 'CVE', '2010-0425' ],
[ 'OSVDB', '62674'],
[ 'BID', '38494' ],
[ 'URL', 'https://issues.apache.org/bugzilla/show_bug.cgi?id=48509' ],
[ 'URL', 'http://www.gossamer-threads.com/lists/apache/cvs/381537' ],
[ 'URL', 'https://bz.apache.org/bugzilla/show_bug.cgi?id=48509' ],
[ 'URL', 'https://web.archive.org/web/20100715032229/http://www.gossamer-threads.com/lists/apache/cvs/381537' ],
[ 'URL', 'http://www.senseofsecurity.com.au/advisories/SOS-10-002' ],
[ 'EDB', '11650' ]
],

2
modules/auxiliary/dos/http/brother_debut_dos.rb
View File

@ -24,7 +24,7 @@ class MetasploitModule < Msf::Auxiliary
],
'References' => [
[ 'CVE', '2017-16249' ],
[ 'URL', 'https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2017-017/?fid=10211']
[ 'URL', 'https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=18730']
],
'DisclosureDate' => '2017-11-02'))
end

2
modules/auxiliary/dos/http/canon_wireless_printer.rb
View File

@ -23,7 +23,7 @@ class MetasploitModule < Msf::Auxiliary
],
'References' => [
[ 'CVE', '2013-4615' ],
[ 'URL', 'http://www.mattandreko.com/2013/06/canon-y-u-no-security.html']
[ 'URL', 'https://www.mattandreko.com/2013/06/canon-y-u-no-security.html']
],
'DisclosureDate' => '2013-06-18'))
end

10
modules/auxiliary/dos/http/hashcollision_dos.rb
View File

@ -33,11 +33,11 @@ class MetasploitModule < Msf::Auxiliary
'License' => MSF_LICENSE,
'References' =>
[
['URL', 'http://www.ocert.org/advisories/ocert-2011-003.html'],
['URL', 'http://www.nruns.com/_downloads/advisory28122011.pdf'],
['URL', 'http://events.ccc.de/congress/2011/Fahrplan/events/4680.en.html'],
['URL', 'http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf'],
['URL', 'http://www.youtube.com/watch?v=R2Cq3CLI6H8'],
['URL', 'http://ocert.org/advisories/ocert-2011-003.html'],
['URL', 'https://web.archive.org/web/20120105151644/http://www.nruns.com/_downloads/advisory28122011.pdf'],
['URL', 'https://fahrplan.events.ccc.de/congress/2011/Fahrplan/events/4680.en.html'],
['URL', 'https://fahrplan.events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf'],
['URL', 'https://www.youtube.com/watch?v=R2Cq3CLI6H8'],
['CVE', '2011-5034'],
['CVE', '2011-5035'],
['CVE', '2011-4885'],

2
modules/auxiliary/dos/http/ms15_034_ulonglongadd.rb
View File

@ -30,7 +30,7 @@ class MetasploitModule < Msf::Auxiliary
[
['CVE', '2015-1635'],
['MSB', 'MS15-034'],
['URL', 'http://pastebin.com/ypURDPc4'],
['URL', 'https://pastebin.com/ypURDPc4'],
['URL', 'https://github.com/rapid7/metasploit-framework/pull/5150'],
['URL', 'https://community.qualys.com/blogs/securitylabs/2015/04/20/ms15-034-analyze-and-remote-detection'],
['URL', 'http://www.securitysift.com/an-analysis-of-ms15-034/']

2
modules/auxiliary/dos/http/nodejs_pipelining.rb
View File

@ -28,7 +28,7 @@ class MetasploitModule < Msf::Auxiliary
[ 'CVE', '2013-4450' ],
[ 'OSVDB', '98724' ],
[ 'BID' , '63229' ],
[ 'URL', 'http://blog.nodejs.org/2013/10/22/cve-2013-4450-http-server-pipeline-flood-dos' ]
[ 'URL', 'https://nodejs.org/ja/blog/vulnerability/http-server-pipeline-flood-dos/' ]
],
'DisclosureDate' => '2013-10-18'))

2
modules/auxiliary/dos/http/novell_file_reporter_heap_bof.rb
View File

@ -21,7 +21,7 @@ class MetasploitModule < Msf::Auxiliary
'License' => MSF_LICENSE,
'References' => [
[ 'CVE', '2012-4956' ],
[ 'URL', 'https://blog.rapid7.com/2012/11/16/nfr-agent-buffer-vulnerabilites-cve-2012-4959' ]
[ 'URL', 'https://www.rapid7.com/blog/post/2012/11/16/nfr-agent-buffer-vulnerabilites-cve-2012-4959/' ]
],
'DisclosureDate' => '2012-11-16'))

2
modules/auxiliary/dos/http/webkitplus.rb
View File

@ -27,7 +27,7 @@ class MetasploitModule < Msf::Auxiliary
['EDB', '44842'],
['CVE', '2018-11646'],
['URL', 'https://bugs.webkit.org/show_bug.cgi?id=186164'],
['URL', 'https://datarift.blogspot.com/2018/06/cve-2018-11646-webkit.html']
['URL', 'https://www.inputzero.io/2018/06/cve-2018-11646-webkit.html']
],
'DisclosureDate' => '2018-06-03',
'Actions' => [[ 'WebServer', 'Description' => 'Serve exploit via web server' ]],

2
modules/auxiliary/dos/http/wordpress_long_password_dos.rb
View File

@ -25,7 +25,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
['CVE', '2014-9016'],
['URL', 'http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9034'],
['URL', 'https://nvd.nist.gov/vuln/detail/CVE-2014-9034'],
['OSVDB', '114857'],
['WPVDB', '7681']
],

4
modules/auxiliary/dos/http/wordpress_xmlrpc_dos.rb
View File

@ -24,9 +24,9 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
['CVE', '2014-5266'],
['URL', 'http://wordpress.org/news/2014/08/wordpress-3-9-2/'],
['URL', 'https://wordpress.org/news/2014/08/wordpress-3-9-2/'],
['URL', 'http://www.breaksec.com/?p=6362'],
['URL', 'http://mashable.com/2014/08/06/wordpress-xml-blowup-dos/'],
['URL', 'https://mashable.com/archive/wordpress-xml-blowup-dos'],
['URL', 'https://core.trac.wordpress.org/changeset/29404'],
['WPVDB', '7526']
],

2
modules/auxiliary/dos/misc/memcached.rb
View File

@ -16,7 +16,7 @@ class MetasploitModule < Msf::Auxiliary
},
'References' =>
[
[ 'URL', 'https://code.google.com/p/memcached/issues/detail?id=192' ],
[ 'URL', 'https://code.google.com/archive/p/memcached/issues/192' ],
[ 'CVE', '2011-4971' ],
[ 'OSVDB', '92867' ]
],

2
modules/auxiliary/dos/ntp/ntpd_reserved_dos.rb
View File

@ -27,7 +27,7 @@ class MetasploitModule < Msf::Auxiliary
[ 'BID', '37255' ],
[ 'CVE', '2009-3563' ],
[ 'OSVDB', '60847' ],
[ 'URL', 'https://support.ntp.org/bugs/show_bug.cgi?id=1331' ]
[ 'URL', 'https://bugs.ntp.org/show_bug.cgi?id=1331' ]
],
'DisclosureDate' => '2009-10-04'))

2
modules/auxiliary/dos/sap/sap_soap_rfc_eps_delete_file.rb
View File

@ -36,7 +36,7 @@ class MetasploitModule < Msf::Auxiliary
'References' => [
[ 'OSVDB', '74780' ],
[ 'URL', 'http://dsecrg.com/pages/vul/show.php?id=331' ],
[ 'URL', 'https://service.sap.com/sap/support/notes/1554030' ]
[ 'URL', 'https://launchpad.support.sap.com/#/notes/1554030' ]
],
'Author' =>
[

4
modules/auxiliary/dos/scada/allen_bradley_pccc.rb
View File

@ -29,8 +29,8 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
[ 'CVE', '2017-7924' ],
[ 'URL', 'https://ics-cert.us-cert.gov/advisories/ICSA-17-138-03' ],
[ 'URL', 'http://dl.acm.org/citation.cfm?doid=3174776.3174780']
[ 'URL', 'https://www.cisa.gov/uscert/ics/advisories/ICSA-17-138-03' ],
[ 'URL', 'https://dl.acm.org/doi/10.1145/3174776.3174780']
])
register_options([Opt::RPORT(44818),])
end

2
modules/auxiliary/dos/scada/igss9_dataserver.rb
View File

@ -24,7 +24,7 @@ class MetasploitModule < Msf::Auxiliary
[
[ 'CVE', '2011-4050' ],
[ 'OSVDB', '77976' ],
[ 'URL', 'http://www.us-cert.gov/control_systems/pdf/ICSA-11-335-01.pdf' ]
[ 'URL', 'https://www.cisa.gov/uscert/ics/advisories/ICSA-11-335-01' ]
],
'DisclosureDate' => '2011-12-20'
))

2
modules/auxiliary/dos/scada/siemens_siprotec4.rb
View File

@ -22,7 +22,7 @@ class MetasploitModule < Msf::Auxiliary
[
[ 'CVE' '2015-5374' ],
[ 'EDB', '44103' ],
[ 'URL', 'https://ics-cert.us-cert.gov/advisories/ICSA-15-202-01' ]
[ 'URL', 'https://www.cisa.gov/uscert/ics/advisories/ICSA-15-202-01' ]
])
register_options([Opt::RPORT(50000),])
end

2
modules/auxiliary/dos/scada/yokogawa_logsvr.rb
View File

@ -26,7 +26,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
[ 'URL', 'http://www.yokogawa.com/dcs/security/ysar/YSAR-14-0001E.pdf' ],
[ 'URL', 'https://blog.rapid7.com/2014/03/10/yokogawa-centum-cs3000-vulnerabilities' ],
[ 'URL', 'https://www.rapid7.com/blog/post/2014/03/10/yokogawa-centum-cs3000-vulnerabilities/' ],
[ 'CVE', '2014-0781']
],
'DisclosureDate' => '2014-03-10',

3
modules/auxiliary/dos/smb/smb_loris.rb
View File

@ -32,7 +32,8 @@ metadata = {
],
date: '2017-06-29',
references: [
{ type: 'url', ref: 'http://smbloris.com/' }
{ type: 'url', ref: 'https://web.archive.org/web/20170804072329/https://smbloris.com/' },
{ type: 'aka', ref: 'SMBLoris'}
],
type: 'dos',
options: {

2
modules/auxiliary/dos/syslog/rsyslog_long_tag.rb
View File

@ -23,7 +23,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
[ 'CVE', '2011-3200'],
[ 'URL', 'http://www.rsyslog.com/potential-dos-with-malformed-tag/' ],
[ 'URL', 'https://www.rsyslog.com/potential-dos-with-malformed-tag/' ],
[ 'URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=727644' ],
],
'DisclosureDate' => 'Sep 01 2011')

3
modules/auxiliary/dos/upnp/miniupnpd_dos.rb
View File

@ -25,7 +25,8 @@ class MetasploitModule < Msf::Auxiliary
[ 'CVE', '2013-0229' ],
[ 'OSVDB', '89625' ],
[ 'BID', '57607' ],
[ 'URL', 'https://community.rapid7.com/servlet/JiveServlet/download/2150-1-16596/SecurityFlawsUPnP.pdf' ]
[ 'URL', 'https://www.rapid7.com/blog/post/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play/' ],
[ 'URL', 'https://www.hdm.io/writing/SecurityFlawsUPnP.pdf' ]
],
'DisclosureDate' => '2013-03-27',
))

2
modules/auxiliary/dos/windows/ftp/iis75_ftpd_iac_bof.rb
View File

@ -31,7 +31,7 @@ class MetasploitModule < Msf::Auxiliary
[ 'BID', '45542' ],
[ 'MSB', 'MS11-004' ],
[ 'EDB', '15803' ],
[ 'URL', 'http://blogs.technet.com/b/srd/archive/2010/12/22/assessing-an-iis-ftp-7-5-unauthenticated-denial-of-service-vulnerability.aspx' ]
[ 'URL', 'https://msrc-blog.microsoft.com/2010/12/22/assessing-an-iis-ftp-7-5-unauthenticated-denial-of-service-vulnerability/' ]
],
'DisclosureDate' => '2010-12-21'))

2
modules/auxiliary/dos/windows/rdp/ms12_020_maxchannelids.rb
View File

@ -26,7 +26,7 @@ class MetasploitModule < Msf::Auxiliary
[ 'URL', 'http://pastie.org/private/feg8du0e9kfagng4rrg' ],
[ 'URL', 'http://stratsec.blogspot.com.au/2012/03/ms12-020-vulnerability-for-breakfast.html' ],
[ 'EDB', '18606' ],
[ 'URL', 'https://blog.rapid7.com/2012/03/21/metasploit-update' ]
[ 'URL', 'https://www.rapid7.com/blog/post/2012/03/21/metasploit-update/' ]
],
'Author' =>
[

2
modules/auxiliary/dos/windows/smb/ms09_050_smb2_negotiate_pidhigh.rb
View File

@ -25,7 +25,7 @@ class MetasploitModule < Msf::Auxiliary
['BID', '36299'],
['OSVDB', '57799'],
['MSB', 'MS09-050'],
['URL', 'https://seclists.org/fulldisclosure/2009/Sep/0039.html']
['URL', 'https://seclists.org/fulldisclosure/2009/Sep/39']
]
))
register_options([

2
modules/auxiliary/dos/windows/ssh/sysax_sshd_kexchange.rb
View File

@ -19,7 +19,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
[ 'OSVDB', '92081'],
[ 'URL', 'http://www.mattandreko.com/2013/04/sysax-multi-server-610-ssh-dos.html']
[ 'URL', 'https://www.mattandreko.com/2013/04/sysax-multi-server-610-ssh-dos.html']
],
'DisclosureDate' => '2013-03-17'))

2
modules/auxiliary/dos/wireshark/cldap.rb
View File

@ -20,7 +20,7 @@ class MetasploitModule < Msf::Auxiliary
[
[ 'CVE', '2011-1140'],
[ 'OSVDB', '71552'],
[ 'URL', 'http://www.wireshark.org/security/wnpa-sec-2011-04.html' ],
[ 'URL', 'https://www.wireshark.org/security/wnpa-sec-2011-04.html' ],
[ 'URL', 'https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5717' ],
],
'DisclosureDate' => '2011-03-01'))

2
modules/auxiliary/example.py
View File

@ -25,7 +25,7 @@ metadata = {
'date': '2018-03-22',
'license': 'MSF_LICENSE',
'references': [
{'type': 'url', 'ref': 'https://blog.rapid7.com/2017/12/28/regifting-python-in-metasploit/'},
{'type': 'url', 'ref': 'https://www.rapid7.com/blog/post/2017/12/28/regifting-python-in-metasploit/'},
{'type': 'aka', 'ref': 'Coldstone'}
],
'type': 'single_scanner',

2
modules/auxiliary/gather/android_browser_file_theft.rb
View File

@ -27,7 +27,7 @@ class MetasploitModule < Msf::Auxiliary
[
# patch for file redirection, 2014
['URL', 'https://android.googlesource.com/platform/packages/apps/Browser/+/d2391b492dec778452238bc6d9d549d56d41c107%5E%21/#F0'],
['URL', 'https://code.google.com/p/chromium/issues/detail?id=90222'] # the UXSS
['URL', 'https://bugs.chromium.org/p/chromium/issues/detail?id=90222'] # the UXSS
],
'DefaultAction' => 'WebServer'
))

2
modules/auxiliary/gather/android_object_tag_webview_uxss.rb
View File

@ -35,7 +35,7 @@ class MetasploitModule < Msf::Auxiliary
'References' => [
[ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],
[ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],
[ 'URL', 'http://trac.webkit.org/changeset/96826' ]
[ 'URL', 'http://trac.webkit.org/changeset/96826/webkit' ]
],
'DefaultAction' => 'WebServer',
'DisclosureDate' => '2014-10-04'

2
modules/auxiliary/gather/apple_safari_webarchive_uxss.rb
View File

@ -28,7 +28,7 @@ class MetasploitModule < Msf::Auxiliary
'Author' => 'joev',
'References' =>
[
['URL', 'https://blog.rapid7.com/2013/04/25/abusing-safaris-webarchive-file-format']
['URL', 'https://www.rapid7.com/blog/post/2013/04/25/abusing-safaris-webarchive-file-format/']
],
'DisclosureDate' => '2013-02-22',
'Actions' => [[ 'WebServer', 'Description' => 'Serve exploit via web server' ]],

2
modules/auxiliary/gather/browser_lanipleak.rb
View File

@ -23,7 +23,7 @@ class MetasploitModule < Msf::Auxiliary
'References' => [
[ 'CVE', '2018-6849' ],
[ 'URL', 'http://net.ipcalf.com/' ],
[ 'URL', 'https://datarift.blogspot.in/p/private-ip-leakage-using-webrtc.html' ]
[ 'URL', 'https://www.inputzero.io/p/private-ip-leakage-using-webrtc.html' ]
],
'DisclosureDate' => '2013-09-05',
'Actions' => [[ 'WebServer', 'Description' => 'Serve exploit via web server' ]],

2
modules/auxiliary/gather/checkpoint_hostname.rb
View File

@ -26,7 +26,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
# aushack - None? Stumbled across, probably an old bug/feature but unsure.
[ 'URL', 'http://www.osisecurity.com.au/advisories/checkpoint-firewall-securemote-hostname-information-disclosure' ],
[ 'URL', 'https://web.archive.org/web/20120508142715/http://www.osisecurity.com.au/advisories/checkpoint-firewall-securemote-hostname-information-disclosure' ],
[ 'URL', 'https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk69360' ]
]
))

2
modules/auxiliary/gather/cisco_rv320_config.rb
View File

@ -32,7 +32,7 @@ class MetasploitModule < Msf::Auxiliary
['CVE', '2019-1653'],
['URL', 'https://seclists.org/fulldisclosure/2019/Jan/52'],
['URL', 'https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvg42801'],
['URL', 'http://www.cisco.com/en/US/products/csa/cisco-sa-20110330-acs.html']
['URL', 'https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20110330-acs.html']
],
'DisclosureDate' => '2019-01-24',
'DefaultOptions' =>

2
modules/auxiliary/gather/darkcomet_filedownloader.rb
View File

@ -22,7 +22,7 @@ class MetasploitModule < Msf::Auxiliary
],
'References' =>
[
[ 'URL', 'https://www.nccgroup.trust/globalassets/our-research/us/whitepapers/PEST-CONTROL.pdf' ],
[ 'URL', 'https://www.nccgroup.com/globalassets/our-research/us/whitepapers/PEST-CONTROL.pdf' ],
[ 'URL', 'http://samvartaka.github.io/exploitation/2016/06/03/dead-rats-exploiting-malware' ]
],
'DisclosureDate' => '2012-10-08',

4
modules/auxiliary/gather/drupal_openid_xxe.rb
View File

@ -30,8 +30,8 @@ class MetasploitModule < Msf::Auxiliary
[ 'OSVDB', '86429' ],
[ 'BID', '56103' ],
[ 'URL', 'https://drupal.org/node/1815912' ],
[ 'URL', 'http://drupalcode.org/project/drupal.git/commit/b912710' ],
[ 'URL', 'http://www.ubercomp.com/posts/2014-01-16_facebook_remote_code_execution' ]
[ 'URL', 'https://github.com/drupal/drupal/commit/b9127101ffeca819e74a03fa9f5a48d026c562e5' ],
[ 'URL', 'https://www.ubercomp.com/posts/2014-01-16_facebook_remote_code_execution' ]
],
'DisclosureDate' => '2012-10-17'
))

2
modules/auxiliary/gather/eaton_nsm_creds.rb
View File

@ -21,7 +21,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
['OSVDB', '83199'],
['URL', 'http://secunia.com/advisories/49103/']
['URL', 'https://web.archive.org/web/20121014000855/http://secunia.com/advisories/49103/']
],
'Author' =>
[

2
modules/auxiliary/gather/exchange_proxylogon_collector.rb
View File

@ -35,7 +35,7 @@ class MetasploitModule < Msf::Auxiliary
['CVE', '2021-26855'],
['LOGO', 'https://proxylogon.com/images/logo.jpg'],
['URL', 'https://proxylogon.com/'],
['URL', 'https://aka.ms/exchangevulns'],
['URL', 'https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/'],
['URL', 'https://docs.microsoft.com/en-us/exchange/client-developer/web-service-reference/distinguishedfolderid'],
['URL', 'https://github.com/3gstudent/Homework-of-Python/blob/master/ewsManage.py']
],

2
modules/auxiliary/gather/flash_rosetta_jsonp_url_disclosure.rb
View File

@ -31,7 +31,7 @@ class MetasploitModule < Msf::Auxiliary
['CVE', '2014-4671'],
['URL', 'http://miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/'],
['URL', 'https://github.com/mikispag/rosettaflash'],
['URL', 'http://quaxio.com/jsonp_handcrafted_flash_files/']
['URL', 'https://www.quaxio.com/jsonp_handcrafted_flash_files/']
],
'DisclosureDate' => '2014-07-08',
'Actions' => [[ 'WebServer', 'Description' => 'Serve exploit via web server' ]],

2
modules/auxiliary/gather/impersonate_ssl.rb
View File

@ -16,7 +16,7 @@ class MetasploitModule < Msf::Auxiliary
'Author' => 'Chris John Riley',
'References' =>
[
['URL', 'http://www.slideshare.net/ChrisJohnRiley/ssl-certificate-impersonation-for-shits-andgiggles']
['URL', 'https://www.slideshare.net/ChrisJohnRiley/ssl-certificate-impersonation-for-shits-andgiggles']
],
'License' => MSF_LICENSE,
'Description' => %q{

2
modules/auxiliary/gather/java_rmi_registry.rb
View File

@ -21,7 +21,7 @@ class MetasploitModule < Msf::Auxiliary
'License' => MSF_LICENSE,
'References' =>
[
['URL', 'http://docs.oracle.com/javase/8/docs/platform/rmi/spec/rmiTOC.html']
['URL', 'https://docs.oracle.com/javase/8/docs/platform/rmi/spec/rmiTOC.html']
]
)

2
modules/auxiliary/gather/jenkins_cred_recovery.rb
View File

@ -26,7 +26,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
[ 'EDB', '38664' ],
[ 'URL', 'http://www.th3r3p0.com/vulns/jenkins/jenkinsVuln.html' ]
[ 'URL', 'https://www.th3r3p0.com/vulns/jenkins/jenkinsVuln.html' ]
],
'DefaultOptions' =>
{

2
modules/auxiliary/gather/joomla_contenthistory_sqli.rb
View File

@ -17,7 +17,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
['CVE', '2015-7297'],
['URL', 'https://www.trustwave.com/Resources/SpiderLabs-Blog/Joomla-SQL-Injection-Vulnerability-Exploit-Results-in-Full-Administrative-Access/']
['URL', 'https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/joomla-sql-injection-vulnerability-exploit-results-in-full-administrative-access/']
],
'Author' =>
[

2
modules/auxiliary/gather/joomla_weblinks_sqli.rb
View File

@ -23,7 +23,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
['EDB', '31459'],
['URL', 'http://developer.joomla.org/security/578-20140301-core-sql-injection.html']
['URL', 'https://developer.joomla.org/security/578-20140301-core-sql-injection.html']
],
'DisclosureDate' => '2014-03-02'
))

2
modules/auxiliary/gather/mantisbt_admin_sqli.rb
View File

@ -24,7 +24,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
['CVE', '2014-2238'],
['URL', 'http://www.mantisbt.org/bugs/view.php?id=17055']
['URL', 'https://www.mantisbt.org/bugs/view.php?id=17055']
],
'Platform' => ['win', 'linux'],
'Privileged' => false,

2
modules/auxiliary/gather/mongodb_js_inject_collection_enum.rb
View File

@ -19,7 +19,7 @@ class MetasploitModule < Msf::Auxiliary
['Brandon Perry <bperry.volatile[at]gmail.com>'],
'References' =>
[
['URL', 'http://nosql.mypopescu.com/post/14453905385/attacking-nosql-and-node-js-server-side-javascript']
['URL', 'https://nosql.mypopescu.com/post/14453905385/attacking-nosql-and-nodejs-server-side#_=_']
],
'Platform' => ['linux', 'win'],
'Privileged' => false,

2
modules/auxiliary/gather/ms14_052_xmldom.rb
View File

@ -28,7 +28,7 @@ class MetasploitModule < Msf::Auxiliary
[ 'CVE', '2013-7331'],
[ 'MSB', 'MS14-052' ],
[ 'URL', 'https://soroush.secproject.com/blog/2013/04/microsoft-xmldom-in-ie-can-divulge-information-of-local-drivenetwork-in-error-messages/' ],
[ 'URL', 'https://www.alienvault.com/open-threat-exchange/blog/attackers-abusing-internet-explorer-to-enumerate-software-and-detect-securi' ]
[ 'URL', 'https://cybersecurity.att.com/blogs/labs-research/attackers-abusing-internet-explorer-to-enumerate-software-and-detect-securi' ]
],
'Platform' => 'win',
'DisclosureDate' => '2014-09-09', # MSB. Used in the wild since Feb 2014

8
modules/auxiliary/gather/netgear_password_disclosure.rb
View File

@ -26,10 +26,10 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
[ 'CVE', '2017-5521' ],
[ 'URL', 'https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2017-003/?fid=8911' ],
[ 'URL', 'http://thehackernews.com/2017/01/Netgear-router-password-hacking.html'],
[ 'URL', 'https://www.trustwave.com/Resources/SpiderLabs-Blog/CVE-2017-5521--Bypassing-Authentication-on-NETGEAR-Routers/'],
[ 'URL', 'http://pastebin.com/dB4bTgxz'],
[ 'URL', 'https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=18758' ],
[ 'URL', 'https://thehackernews.com/2017/01/Netgear-router-password-hacking.html'],
[ 'URL', 'https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2017-5521-bypassing-authentication-on-netgear-routers/'],
[ 'URL', 'https://pastebin.com/dB4bTgxz'],
[ 'EDB', '41205']
],
'License' => MSF_LICENSE

6
modules/auxiliary/gather/nis_bootparamd_domain.rb
View File

@ -24,9 +24,9 @@ class MetasploitModule < Msf::Auxiliary
'wvu' # Metasploit module
],
'References' => [
['URL', 'https://tools.ietf.org/html/rfc1831'],
['URL', 'https://tools.ietf.org/html/rfc4506'],
['URL', 'http://pentestmonkey.net/blog/nis-domain-name']
['URL', 'https://datatracker.ietf.org/doc/html/rfc1831'],
['URL', 'https://datatracker.ietf.org/doc/html/rfc4506'],
['URL', 'https://pentestmonkey.net/blog/nis-domain-name']
],
'License' => MSF_LICENSE
))

4
modules/auxiliary/gather/nis_ypserv_map.rb
View File

@ -29,8 +29,8 @@ class MetasploitModule < Msf::Auxiliary
},
'Author' => 'wvu',
'References' => [
['URL', 'https://tools.ietf.org/html/rfc1831'],
['URL', 'https://tools.ietf.org/html/rfc4506']
['URL', 'https://datatracker.ietf.org/doc/html/rfc1831'],
['URL', 'https://datatracker.ietf.org/doc/html/rfc4506']
],
'License' => MSF_LICENSE
))

2
modules/auxiliary/gather/nuuo_cms_bruteforce.rb
View File

@ -32,7 +32,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
[ 'CVE', '2018-17888' ],
[ 'URL', 'https://ics-cert.us-cert.gov/advisories/ICSA-18-284-02' ],
[ 'URL', 'https://www.cisa.gov/uscert/ics/advisories/ICSA-18-284-02' ],
[ 'URL', 'https://seclists.org/fulldisclosure/2019/Jan/51' ],
[ 'URL', 'https://raw.githubusercontent.com/pedrib/PoC/master/advisories/NUUO/nuuo-cms-ownage.txt' ]

2
modules/auxiliary/gather/nuuo_cms_file_download.rb
View File

@ -34,7 +34,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
[ 'CVE', '2018-17934' ],
[ 'URL', 'https://ics-cert.us-cert.gov/advisories/ICSA-18-284-02' ],
[ 'URL', 'https://www.cisa.gov/uscert/ics/advisories/ICSA-18-284-02' ],
[ 'URL', 'https://seclists.org/fulldisclosure/2019/Jan/51' ],
[ 'URL', 'https://raw.githubusercontent.com/pedrib/PoC/master/advisories/NUUO/nuuo-cms-ownage.txt' ]

2
modules/auxiliary/gather/oats_downloadservlet_traversal.rb
View File

@ -37,7 +37,7 @@ class MetasploitModule < Msf::Auxiliary
[
['CVE', '2019-2557'],
['URL', 'https://srcincite.io/advisories/src-2019-0033/'],
['URL', 'https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html']
['URL', 'https://www.oracle.com/security-alerts/cpuapr2019.html']
],
'DisclosureDate' => '2019-04-16'
))

2
modules/auxiliary/gather/qnap_lfi.rb
View File

@ -34,7 +34,7 @@ class MetasploitModule < Msf::Auxiliary
['CVE', '2019-7194'],
['CVE', '2019-7195'],
['EDB', '48531'],
['URL', 'https://medium.com/bugbountywriteup/qnap-pre-auth-root-rce-affecting-450k-devices-on-the-internet-d55488d28a05'],
['URL', 'https://infosecwriteups.com/qnap-pre-auth-root-rce-affecting-450k-devices-on-the-internet-d55488d28a05'],
['URL', 'https://www.qnap.com/en-us/security-advisory/nas-201911-25'],
['URL', 'https://github.com/Imanfeng/QNAP-NAS-RCE']
],

2
modules/auxiliary/gather/windows_deployment_services_shares.rb
View File

@ -27,7 +27,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
[ 'MSDN', 'http://technet.microsoft.com/en-us/library/cc749415(v=ws.10).aspx'],
[ 'URL', 'http://rewtdance.blogspot.co.uk/2012/11/windows-deployment-services-clear-text.html'],
[ 'URL', 'http://rewtdance.blogspot.com/2012/11/windows-deployment-services-clear-text.html'],
],
))

2
modules/auxiliary/gather/wp_all_in_one_migration_export.rb
View File

@ -24,7 +24,7 @@ class MetasploitModule < Msf::Auxiliary
'References' =>
[
['WPVDB', '7857'],
['URL', 'http://www.pritect.net/blog/all-in-one-wp-migration-2-0-4-security-vulnerability']
['URL', 'https://www.pritect.net/blog/all-in-one-wp-migration-2-0-4-security-vulnerability']
],
'DisclosureDate' => '2015-03-19'
))

4
modules/auxiliary/gather/xbmc_traversal.rb
View File

@ -23,9 +23,9 @@ class MetasploitModule < Msf::Auxiliary
],
'References' =>
[
['URL', 'http://forum.xbmc.org/showthread.php?tid=144110&pid=1227348'],
['URL', 'https://forum.kodi.tv/showthread.php?tid=144110&pid=1227348'],
['URL', 'https://github.com/xbmc/xbmc/commit/bdff099c024521941cb0956fe01d99ab52a65335'],
['URL', 'http://www.ioactive.com/pdfs/Security_Advisory_XBMC.pdf'],
['URL', 'https://ioactive.com/pdfs/Security_Advisory_XBMC.pdf'],
],
'DisclosureDate' => '2012-11-04'
))

2
modules/auxiliary/gather/zoomeye_search.rb
View File

@ -32,7 +32,7 @@ class MetasploitModule < Msf::Auxiliary
'Grant Willcox' # Additional fixes to refine searches, improve quality of info saved and improve error handling.
],
'References' => [
['URL', 'https://github.com/zoomeye/SDK'],
['URL', 'https://github.com/knownsec/ZoomEye-python'],
['URL', 'https://www.zoomeye.org/api/doc'],
['URL', 'https://www.zoomeye.org/help/manual']
],

6
modules/auxiliary/parser/unattend.rb
View File

@ -21,9 +21,9 @@ class MetasploitModule < Msf::Auxiliary
],
'References' =>
[
['URL', 'http://technet.microsoft.com/en-us/library/ff715801'],
['URL', 'http://technet.microsoft.com/en-us/library/cc749415(v=ws.10).aspx'],
['URL', 'http://technet.microsoft.com/en-us/library/c026170e-40ef-4191-98dd-0b9835bfa580']
['URL', 'https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-8.1-and-8/ff715801(v=win.10)'],
['URL', 'https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-vista/cc749415(v=ws.10)'],
['URL', 'https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc732280(v=ws.10)']
],
))

Some files were not shown because too many files have changed in this diff Show More