github/metasploit-framework
1
Fork 0
mirror of https://github.com/rapid7/metasploit-framework synced 2024-11-12 11:52:01 +01:00
Code Releases Activity
27,285 Commits 20 Branches 920 Tags 1.3 GiB
07c14f5ee8
Commit Graph

92 Commits

Author SHA1 Message Date
Tom Sellers
288a891665 Add the 'guest' IPMI user 
The 'guest' IPMI user exists on many Cisco Unified Computing Server (UCS) implementations.
 2014-09-01 07:01:06 -05:00
Tonimir Kisasondi
9b29c572a7 Comments dont work with auth_brute.rb 2014-05-18 21:14:17 +02:00
Tonimir Kisasondi
c9bb2d5165 Added headers to files 2014-05-18 20:55:50 +02:00
Tonimir Kisasondi
97b63d708c Corrected naming to be in line with msf convention 2014-05-18 18:18:23 +02:00
Tonimir Kisasondi
7d79f8a4c2 Removed wrongly named list. 2014-05-18 18:15:17 +02:00
Tonimir Kisasondi
d7bf66973c Fixed userpass delimiters. 2014-05-18 18:13:03 +02:00
Tonimir Kisasondi
6ec926b573 Added separate users/pass/userpass dictionaries 2014-05-18 10:18:07 +02:00
Tonimir Kisasondi
af82ae262c Added a large default password list for services. 2014-05-16 23:27:18 +02:00
zeknox
6931c918af removed bogus urls that are throwing errors 2013-12-13 12:13:23 -06:00
zeknox
554cd41403 added dns_cache_scraper and useful wordlists 2013-12-12 20:18:18 -06:00
Rob Fuller
cdc6a863dd Add another default owa url 
Its not default, but not uncommon to find /exchange/ NTLM protected
 2013-11-07 08:50:22 -05:00
jvazquez-r7
e88e523eaa Delete newline 2013-10-28 09:01:00 -05:00
h0ng10
a834fec889 Added URL for PT-2013-13/SAP Note 1820894 2013-10-23 21:20:18 +02:00
h0ng10
e02bf0cce6 Added /AdapterFramework/version/version.jsp 2013-10-23 21:09:19 +02:00
Tod Beardsley
bd405277d9
Add a default Samsung community string 
See http://www.kb.cert.org/vuls/id/281284

and

http://www.h-online.com/security/news/item/Samsung-network-printer-vulnerability-discovered-Update-2-1757967.html
 2013-10-17 10:35:59 -05:00
kaospunk
533643fe2c Host Information Enumeration via NTLM Authentication 
This aux module makes requests to resources on the target server in
an attempt to find resources which permit NTLM authentication. For
resources which permit NTLM authentication a blank NTLM type 1 message
is sent to enumerate a a type 2 message from the target server. The type
2 message is then parsed for information such as the Active Directory
domain and NetBIOS name.

The user can provide their own TARGETURIS file which contains URIs
to request to attempt to get a 401 with NTLM. This PR also includes
a list of URLs that can be used as the default.
 2013-09-04 21:39:02 -04:00
HD Moore
1e21f0e2aa Updated output formats, top 1000 passwords 2013-06-29 22:01:25 -05:00
HD Moore
f0db04c2a6 Updates to common password db 2013-06-28 10:47:14 -05:00
HD Moore
722d33e8fa Updated common password list 2013-06-23 13:15:31 -05:00
HD Moore
d9737ec03a Updated common passwords 2013-06-23 01:52:18 -05:00
HD Moore
c869112407 Cleanup, reporting, and automatic cracking 2013-06-23 01:35:31 -05:00
HD Moore
5656e0cb7a Initial commit of IPMI library, scanner, & cracker 2013-06-22 23:38:28 -05:00
Tod Beardsley
dc680e7106 Underscores because the rest are. 2013-06-07 15:16:39 -05:00
Tod Beardsley
0265dd8860 Add common passwords from xato.net 
Mark Burnett publishes lists of top passwords occasionally. This PR adds
the top 500 and top 1024 passwords, as of 2011-06-20, linked from this
blog post:

http://xato.net/passwords/more-top-worst-passwords/

He also does a fair bit of frequency analysis there.

The 1024 list, should probably used instead of the original
unix_password.txt file. unix_password.txt  was added on 2010 from an
unknown source (and since edited occasionally to add known good default
passwords). Pulling those changes into this list probably would be
helpful to guess better.

As far as I can tell, there are no special licensing terms for these
lists.
 2013-06-07 15:10:14 -05:00
sinn3r
5504c58b11 Add dlink pass for #1648 2013-03-25 13:25:19 -05:00
m-1-k-3
36d1746c0d linksys traversal module - initial commit 2013-03-23 17:01:02 +01:00
Tod Beardsley
dd9002fcab Merges ChrisJohnRiley's new password 
Lands https://github.com/rapid7/metasploit-framework/pull/1521

Closes #1521

(Forgive the oververbose commit message, experimenting with various
syntax hilighters)
 2013-02-25 08:39:27 -06:00
Chris John Riley
28fd92a013 Added new default password foe TMSADM 
Based on: http://blog.ptsecurity.com/2013/02/sap-unknown-default-password-for-tmsadm.html
 2013-02-25 09:00:57 +01:00
sinn3r
bc03247386 Merge branch 'sap_url_update' of github.com:ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-sap_url_update 2013-02-19 15:08:26 -06:00
jvazquez-r7
9af43bc05c newline to sap_default.txt 2013-02-18 15:58:29 +01:00
Chris John Riley
6519444112 Addition defaults 2013-02-15 13:35:25 +01:00
Chris John Riley
5df03f790b Remove end of line spaces and rerun uniq 2013-02-15 13:31:35 +01:00
Chris John Riley
fb7d0159c3 Further URLs 2013-02-15 13:26:44 +01:00
Chris John Riley
21366dd4df Updated SAP URL list to include further known URLs 2013-02-15 13:20:23 +01:00
f8lerror
bf2b01f8ef Delete a file and strip space 2013-01-24 09:30:04 -05:00
f8lerror
6e94c04a52 Code Corrections and Enhancements 2013-01-23 20:26:23 -05:00
f8lerror
0b61d28e0e added Joomla scanner and url wordlist 2013-01-17 11:36:59 -05:00
Sam Gaudet
7d1716b79f Turnkey Linux default password 2013-01-08 22:47:53 -05:00
nmonkee
f521e70bee wordlists to accompany sap_soap_rfc_brute_login.rb 2012-11-07 10:46:36 +00:00
Cristiano Maruti
75f5e24178 Dell iDrac login aux scanner 2012-09-27 01:33:11 -05:00
Patrick Webster
be63aad0d1 Added Windows wordlist. 2012-08-29 10:51:09 +10:00
jcran
0a6e0b2415 raspberry pi username / password 2012-08-15 01:55:40 -05:00
jcran
8d3ad94f3a enhanced tftp.txt bruteforce list 2012-07-05 22:54:22 -04:00
HD Moore
e8af6882eb Permissions 2012-06-06 20:05:29 -05:00
Tod Beardsley
64270ea7c2 Adding default user/pass for CCTV module 
User/pass combos that come from manuals and independant research.
 2012-05-15 08:14:28 -05:00
andurin
175d6650a9 Added new pass for tomcat 
Have seen this in the wild as a example users.xml
 2012-04-05 11:18:41 +02:00
sinn3r
debbba9623 Add OSVDB-55938: D-Link DAP1353 Default Password for SSH admin 2012-02-26 01:20:16 -06:00
sinn3r
91f56b0fd5 Add default password for CVE-2009-3710 2012-02-26 01:18:08 -06:00
sinn3r
bb5e4a1600 Modules don't need to register VERBOSE, because it's already there 2012-02-17 21:07:44 -06:00
HD Moore
3ed8643dbc Permission changes 2012-01-31 00:33:21 -06:00