Pedro Ribeiro
4d49f7140c
update links and CVE on webnms_file_download
2016-09-13 18:50:53 +01:00
Pedro Ribeiro
41bdae4b84
update links and CVE on webnms_file_upload
2016-09-13 18:50:25 +01:00
Pedro Ribeiro
8b90df8b67
update links and CVE on webnms_cred_disclosure
2016-09-13 18:49:58 +01:00
Pedro Ribeiro
2dac1e0369
Merge pull request #33 from rapid7/master
...
aaa
2016-09-13 18:44:55 +01:00
wchen-r7
89705cc803
Avoid potential undef method error '+' for nil
2016-09-13 11:13:02 -05:00
wchen-r7
50447fc4cf
Fix post/windows/gather/credentials/steam for an empty env var
2016-09-13 11:04:42 -05:00
nixawk
1ce9aedb97
parenthesis for condition expression
2016-09-13 03:37:47 -05:00
nixawk
fd16c1c3b7
Fix issue-7295
2016-09-13 01:32:20 -05:00
aushack
11342356f8
Support LHOST for metasploit behind NAT
2016-09-13 11:23:49 +10:00
David Maloney
fd3b885d83
replace msfrop with the rex-rop_builder gem
...
moved all of this code into the new gem
MS-1722
2016-09-12 16:06:53 -05:00
Brent Cook
8cf62dc4ed
Land #7299 , Set defaults in WordpressMulticall login scanner
2016-09-12 12:26:08 -05:00
Adam Cammack
aa193bf372
Set defaults in WordpressMulticall login scanner
...
This login scanner would crash it was used like a normal login scanner.
MS-2007
2016-09-12 11:22:15 -05:00
Brent Cook
e09fe08983
Land #7278 , fix FTP path traversal scanners
2016-09-12 10:47:36 -05:00
scriptjunkie
a0e05d4c4c
Land #7287 , mdaemon cred dumper
2016-09-10 08:43:07 -05:00
yasulib
8743f01130
Fix #7267 , Fix Wrong IDs on openvas plugin
2016-09-10 09:37:49 +09:00
Brent Cook
a81f351cb3
Land #7274 , Remove deprecated modules
2016-09-09 12:01:59 -05:00
Brent Cook
f35fdfcd5f
Added documentation for auxiliary/scanner/http/owa_ews_login
2016-09-09 11:50:25 -05:00
Brent Cook
1d4b0de560
Land #6616 , Added an Outlook EWS NTLM login module.
2016-09-09 11:43:52 -05:00
Agora Security
00f09d19b1
SMTP Typo
...
Correct SMTP Type (before SMPT)
2016-09-09 01:36:37 -05:00
Agora Security
1c598cd15d
SMTP Type
...
Change SMPT for SMTP
2016-09-09 01:36:08 -05:00
Pearce Barry
4495b27e67
Land #7254 , Rex::SSLScan Gemification
2016-09-08 13:20:56 -05:00
Pearce Barry
e5e57366ac
Land #7280 , use the new rex-nop gem
2016-09-08 13:03:49 -05:00
David Maloney
1b9c37ff78
Merge branch 'master' into feature/MS-1711/rex-nop
2016-09-08 10:48:07 -05:00
David Maloney
1b69d163cc
push rex-text back to previous version
2016-09-08 10:41:33 -05:00
William Vu
92dba8ff9d
Land #7290 , env var check for WinSCP module
2016-09-07 21:08:12 -05:00
Brendan
a30711ddcd
Land #7279 , Use the rubyntlm gem (again)
2016-09-07 16:33:35 -05:00
wchen-r7
a9c3c5d391
Fix typos
2016-09-07 15:40:10 -05:00
wchen-r7
831c7a08a8
Check environment variables before using for winscp module
2016-09-07 15:24:22 -05:00
dmohanty-r7
24bb6b18ea
Land #7246 Rex::Socket Gemification
...
MS-1715
2016-09-07 13:14:45 -05:00
David Maloney
17ab04829c
missed the lib/rex/socket.rb file
...
failed to delete this rather important bigt
2016-09-07 11:38:28 -05:00
David Maloney
7857c58655
remove all the left voer cruft
...
remove all the files that got xfered out to the gems
MS-1715
2016-09-07 11:38:28 -05:00
David Maloney
43942e6029
refactor pem parser to use the rex-socket gem version
...
use rex-socket's pem aprser instead of the old one we used
to have in rex::parser
MS-1715
2016-09-07 11:38:27 -05:00
David Maloney
cd90ff7c24
pull in rex-socket gem
...
pull rex-socket gem in as a dep
MS-1715
2016-09-07 11:38:26 -05:00
David Maloney
1a913da08c
pull in rex-core as a dep
2016-09-07 11:38:26 -05:00
David Maloney
405c59b8b8
move bidirectional pipe into rex/ui/text
...
this didn't really fit with the rest of rex::io and it inherits
from inside rex/ui/text so just put it there
MS-1715
2016-09-07 11:34:04 -05:00
Tim
6cb331e74d
Land 7281, add vagrant default password to wordlist
2016-09-07 13:01:01 +01:00
Tim
96f81b4817
add root:vagrant to root_userpass
2016-09-07 12:59:12 +01:00
Pedro Ribeiro
31cd81d060
Merge pull request #32 from rapid7/master
...
aaa
2016-09-07 10:41:48 +01:00
William Vu
5cca776bc1
Land #7289 , minor module fixes
2016-09-06 23:31:39 -05:00
William Vu
7d44bd5ba4
Clean up module
2016-09-06 23:30:58 -05:00
aushack
015b790295
Added default rport.
2016-09-07 14:24:07 +10:00
aushack
7632c74aba
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2016-09-07 14:15:57 +10:00
aushack
6e21684ff7
Fix typo.
2016-09-07 14:08:46 +10:00
james-otten
dcf0d74428
Adding module to scan for Octopus Deploy server
...
This module tries to log into one or more Octopus Deploy servers.
More information about Octopus Deploy:
https://octopus.com
2016-09-06 20:52:49 -05:00
EgiX
df5fdbff41
Add module for KIS-2016-07: SugarCRM REST PHP Object Injection
...
This PR contains a module to exploit KIS-2016-07, a PHP Object Injection vulnerability in SugarCRM CE before version 6.5.24 that allows unauthenticated users to execute arbitrary PHP code with the permissions of the webserver. Successful exploitation of this vulnerability should require SugarCRM to be running on PHP before version 5.6.25 or 7.0.10, which fix CVE-2016-7124.
2016-09-07 01:58:41 +02:00
Christian Mehlmauer
c6012e7947
add jsp payload generator
2016-09-06 22:17:21 +02:00
Pearce Barry
0f30d3a720
Land #7208 , use new rex-bin_tools gem
2016-09-06 13:19:35 -05:00
Pearce Barry
a1a7fde31a
Land #7208 , use new rex-bin_tools gem
2016-09-06 13:12:59 -05:00
Pearce Barry
9d5a276e91
Fix recent metasploit-framework.gemspec conflict.
2016-09-06 13:10:28 -05:00
wchen-r7
23a5d737fc
Add password "vagrant" to wordlists
...
The password "vagrant" is often used in Metasploitable3.
2016-09-06 12:36:02 -05:00