dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
39,482 Commits 10 Branches 885 Tags 1.3 GiB
Commit Graph

39482 Commits

Author SHA1 Message Date
Pedro Ribeiro 4d49f7140c update links and CVE on webnms_file_download 2016-09-13 18:50:53 +01:00
Pedro Ribeiro 41bdae4b84 update links and CVE on webnms_file_upload 2016-09-13 18:50:25 +01:00
Pedro Ribeiro 8b90df8b67 update links and CVE on webnms_cred_disclosure 2016-09-13 18:49:58 +01:00
Pedro Ribeiro 2dac1e0369 Merge pull request #33 from rapid7/master 
aaa
 2016-09-13 18:44:55 +01:00
wchen-r7 89705cc803 Avoid potential undef method error '+' for nil 2016-09-13 11:13:02 -05:00
wchen-r7 50447fc4cf Fix post/windows/gather/credentials/steam for an empty env var 2016-09-13 11:04:42 -05:00
nixawk 1ce9aedb97 parenthesis for condition expression 2016-09-13 03:37:47 -05:00
nixawk fd16c1c3b7 Fix issue-7295 2016-09-13 01:32:20 -05:00
aushack 11342356f8 Support LHOST for metasploit behind NAT 2016-09-13 11:23:49 +10:00
David Maloney fd3b885d83
replace msfrop with the rex-rop_builder gem 
moved all of this code into the new gem

MS-1722
 2016-09-12 16:06:53 -05:00
Brent Cook 8cf62dc4ed
Land #7299, Set defaults in WordpressMulticall login scanner 2016-09-12 12:26:08 -05:00
Adam Cammack aa193bf372
Set defaults in WordpressMulticall login scanner 
This login scanner would crash it was used like a normal login scanner.

MS-2007
 2016-09-12 11:22:15 -05:00
Brent Cook e09fe08983
Land #7278, fix FTP path traversal scanners 2016-09-12 10:47:36 -05:00
scriptjunkie a0e05d4c4c
Land #7287, mdaemon cred dumper 2016-09-10 08:43:07 -05:00
yasulib 8743f01130 Fix #7267, Fix Wrong IDs on openvas plugin 2016-09-10 09:37:49 +09:00
Brent Cook a81f351cb3
Land #7274, Remove deprecated modules 2016-09-09 12:01:59 -05:00
Brent Cook f35fdfcd5f
Added documentation for auxiliary/scanner/http/owa_ews_login 2016-09-09 11:50:25 -05:00
Brent Cook 1d4b0de560
Land #6616, Added an Outlook EWS NTLM login module. 2016-09-09 11:43:52 -05:00
Agora Security 00f09d19b1 SMTP Typo 
Correct SMTP Type (before SMPT)
 2016-09-09 01:36:37 -05:00
Agora Security 1c598cd15d SMTP Type 
Change SMPT for SMTP
 2016-09-09 01:36:08 -05:00
Pearce Barry 4495b27e67
Land #7254, Rex::SSLScan Gemification 2016-09-08 13:20:56 -05:00
Pearce Barry e5e57366ac
Land #7280, use the new rex-nop gem 2016-09-08 13:03:49 -05:00
David Maloney 1b9c37ff78
Merge branch 'master' into feature/MS-1711/rex-nop 2016-09-08 10:48:07 -05:00
David Maloney 1b69d163cc
push rex-text back to previous version 2016-09-08 10:41:33 -05:00
William Vu 92dba8ff9d
Land #7290, env var check for WinSCP module 2016-09-07 21:08:12 -05:00
Brendan a30711ddcd
Land #7279, Use the rubyntlm gem (again) 2016-09-07 16:33:35 -05:00
wchen-r7 a9c3c5d391 Fix typos 2016-09-07 15:40:10 -05:00
wchen-r7 831c7a08a8 Check environment variables before using for winscp module 2016-09-07 15:24:22 -05:00
dmohanty-r7 24bb6b18ea
Land #7246 Rex::Socket Gemification 
MS-1715
 2016-09-07 13:14:45 -05:00
David Maloney 17ab04829c missed the lib/rex/socket.rb file 
failed to delete this rather important bigt
 2016-09-07 11:38:28 -05:00
David Maloney 7857c58655 remove all the left voer cruft 
remove all the files that got xfered out to the gems

MS-1715
 2016-09-07 11:38:28 -05:00
David Maloney 43942e6029 refactor pem parser to use the rex-socket gem version 
use rex-socket's pem aprser instead of the old one we used
to have in rex::parser

MS-1715
 2016-09-07 11:38:27 -05:00
David Maloney cd90ff7c24 pull in rex-socket gem 
pull rex-socket gem in as a dep

MS-1715
 2016-09-07 11:38:26 -05:00
David Maloney 1a913da08c pull in rex-core as a dep 2016-09-07 11:38:26 -05:00
David Maloney 405c59b8b8 move bidirectional pipe into rex/ui/text 
this didn't really fit with the rest of rex::io and it inherits
from inside rex/ui/text so just put it there

MS-1715
 2016-09-07 11:34:04 -05:00
Tim 6cb331e74d
Land 7281, add vagrant default password to wordlist 2016-09-07 13:01:01 +01:00
Tim 96f81b4817
add root:vagrant to root_userpass 2016-09-07 12:59:12 +01:00
Pedro Ribeiro 31cd81d060 Merge pull request #32 from rapid7/master 
aaa
 2016-09-07 10:41:48 +01:00
William Vu 5cca776bc1
Land #7289, minor module fixes 2016-09-06 23:31:39 -05:00
William Vu 7d44bd5ba4 Clean up module 2016-09-06 23:30:58 -05:00
aushack 015b790295 Added default rport. 2016-09-07 14:24:07 +10:00
aushack 7632c74aba Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2016-09-07 14:15:57 +10:00
aushack 6e21684ff7 Fix typo. 2016-09-07 14:08:46 +10:00
james-otten dcf0d74428 Adding module to scan for Octopus Deploy server 
This module tries to log into one or more Octopus Deploy servers.

More information about Octopus Deploy:
https://octopus.com
 2016-09-06 20:52:49 -05:00
EgiX df5fdbff41 Add module for KIS-2016-07: SugarCRM REST PHP Object Injection 
This PR contains a module to exploit KIS-2016-07, a PHP Object Injection vulnerability in SugarCRM CE before version 6.5.24 that allows unauthenticated users to execute arbitrary PHP code with the permissions of the webserver. Successful exploitation of this vulnerability should require SugarCRM to be running on PHP before version 5.6.25 or 7.0.10, which fix CVE-2016-7124.
 2016-09-07 01:58:41 +02:00
Christian Mehlmauer c6012e7947
add jsp payload generator 2016-09-06 22:17:21 +02:00
Pearce Barry 0f30d3a720
Land #7208, use new rex-bin_tools gem 2016-09-06 13:19:35 -05:00
Pearce Barry a1a7fde31a
Land #7208, use new rex-bin_tools gem 2016-09-06 13:12:59 -05:00
Pearce Barry 9d5a276e91
Fix recent metasploit-framework.gemspec conflict. 2016-09-06 13:10:28 -05:00
wchen-r7 23a5d737fc Add password "vagrant" to wordlists 
The password "vagrant" is often used in Metasploitable3.
 2016-09-06 12:36:02 -05:00