Commit Graph

23118 Commits (003310f18ac3d3d1606d9155b7e4728999cd24a0)

Author SHA1 Message Date
Michael Messner 003310f18a feedback included 2014-04-07 19:25:26 +02:00
Michael Messner 85de6ed0c9 feedback included 2014-04-07 18:20:15 +02:00
Michael Messner 11bbb7f429 fritzbox echo exploit 2014-04-07 09:12:22 +02:00
jvazquez-r7 f07efc91a8 Land #2915, @Meatballs1 improvements for LDAP post mixin 2014-02-17 19:14:59 -06:00
Spencer McIntyre 7f9b4a4bf4
Land #2655, Re-do exe-small for scripting payloads. 2014-02-17 15:56:23 -05:00
sinn3r 52ac85be11
Land #2931 - Oracle Forms and Reports RCE 2014-02-17 08:54:23 -06:00
sinn3r 110ffbf342 Indent looks off for this line 2014-02-17 08:53:29 -06:00
sinn3r 632ea05688 100 columns 2014-02-17 08:52:56 -06:00
sinn3r 8da7ba131b In case people actually don't know what RCE means 2014-02-17 08:51:48 -06:00
sinn3r 73459baefd Add OSVDB references 2014-02-17 08:50:34 -06:00
Mekanismen fb7b938f8e check func fixed 2014-02-17 15:11:56 +01:00
Mekanismen e27d98368e fixed local server issues 2014-02-16 18:26:08 +01:00
Mekanismen e40b9e5f37 updated and improved 2014-02-16 16:24:39 +01:00
Mekanismen b7d69c168c bugfix and user supplied local path support 2014-02-15 16:24:59 +01:00
sinn3r 9daffbd484
Land #2973 - Dexter panel (CasinoLoader) SQLi to file upload code exec 2014-02-14 17:16:27 -06:00
Meatballs f58b66adf8
Docs and more robust code 2014-02-14 23:15:05 +00:00
sinn3r 48199fec27 Change URL identifier, and make the user choose a target 2014-02-14 17:15:00 -06:00
Meatballs f5c401bee7
Yarddocs 2014-02-14 22:59:36 +00:00
Spencer McIntyre 3299b68adf
Landing #2767, @Meatballs1 Powershell Reflective Payload 2014-02-14 16:12:46 -05:00
sinn3r abe4d6c6e1
Land #2991 - Modified output for smb_enumshares 2014-02-14 14:31:17 -06:00
Royce Davis 0e7074c139 Modififed output for smb_enumshares module 2014-02-14 13:39:13 -06:00
Royce Davis 6dc9840064 Modified output for smb_enumshares 2014-02-14 13:12:52 -06:00
sinn3r 518242ced3
Land #2990 - Fix enum_configs
Fix bug:
undefined local variable or method `get_sysinfo
2014-02-14 10:08:20 -06:00
jvazquez-r7 b2ea257204 Include Linux::System post mixin 2014-02-14 08:32:21 -06:00
sinn3r 71b7b1a2e9
Land #2989 - fix rspec 2014-02-13 16:09:37 -06:00
David Maloney a098c08f2f pend out bad spec 2014-02-13 15:44:05 -06:00
sinn3r 00ba0b5208
Land #2987 - Add ff 27 support to os.js 2014-02-13 15:20:53 -06:00
sinn3r 4ad7290364
Land #2988 - Unbreak the URL refs 2014-02-13 15:16:05 -06:00
sinn3r 4dd60631cb
Land #2950 - New Payload Generator for MsfVenom 2014-02-13 15:13:10 -06:00
Tod Beardsley 745f313413
Remove @nmonkee as author per twitter convo 2014-02-13 14:41:10 -06:00
Tod Beardsley 371f23b265
Unbreak the URL refs add nmonkee as ref and author
While @nmonkee didn't actually contribute to #2942, he did publish a
python exploit that leverages WebView, so given our policy of being
loose with author credit, I added him.

Also added a ref to @nmonkee's thing.

@jduck @jvennix-r7 if you have a problem with this, please do say so, I
don't think adding @nmonkee in any way diminishes your work, and I don't
want to appear like we're secretly ripping off people's work. I know you
aren't on this or any other module, and I know @nmonkee doesn't think
that either.
2014-02-13 14:19:59 -06:00
David Maloney 0c9b386402 add missing option serialiser
was missing the -o flag to output a payload's options
2014-02-13 10:19:26 -06:00
William Vu a4035252d6 Land #1910, DISCLAIMER for firefox_creds
Fixed conflict in Author.
2014-02-12 16:32:08 -06:00
Joe Vennix 51f3ab1690 Add ff 27 support to os.js 2014-02-12 15:32:47 -06:00
jvazquez-r7 51896bcf74
land #2984, @wchen-r7's [FixRM #8765] NameError uninitialized constant in enum_ad_user_comments 2014-02-12 15:31:54 -06:00
sinn3r ce2de8f3bf Different way to write this 2014-02-12 15:08:20 -06:00
David Maloney 4565be18e3 require active_support numeric
ensure we have the activesupport numeric bytes extension
loaded for calling .gigabyte
2014-02-12 13:20:13 -06:00
jvazquez-r7 8b25b6e343
Land #2980, @wvu-r7 fix to handle invalid session id on post module runs 2014-02-12 13:13:34 -06:00
William Vu 40db1c4d0d s/auxiliarly/auxiliary/ 2014-02-12 12:17:53 -06:00
sinn3r 45d4b1e1fd
Land #2958 - Add options: Applicaiton-Name, Permissions for jar.rb 2014-02-12 11:14:25 -06:00
James Lee d0ee521c8f
Land #2982, make getenv smarter 2014-02-12 10:54:30 -06:00
jvazquez-r7 a59ce95901
Land #2970, @sgabe exploit for CVE-2010-2343 2014-02-12 08:10:53 -06:00
jvazquez-r7 9845970e12 Use pop#ret to jump over the overwritten seh 2014-02-12 08:10:14 -06:00
sgabe 11513d94f5 Add Juan as author 2014-02-12 12:17:02 +01:00
sgabe 3283880d65 Partially revert "Replace unnecessary NOP sled with random text" to improve reliability.
This partially reverts commit 12471660e9.
2014-02-12 12:09:16 +01:00
sinn3r 0f620f5aba Fix Uninitialized Constant RequestError
[SeeRM #8765] NameError uninitialized constant
2014-02-12 00:23:23 -06:00
OJ beca4b8bc3 Fix issue with getenv failing
The call to `getenv` failed when `%` or `$` were used because of the
differences between Meterpreter handling and MSF handling.

Meterpreter effectively ignores (ie. strips out) the platform-specific
characters which are used for environment variables. In the `getenv`
call, MSF was invoking `getenvs` and getting a full hash of values, then
attempting to index into the hash using a string which may be "polluted"
with those platform-specific characters. This meant that there was a
discrepency between what was returned and what was used to index and
as a result, the value would come out as `nil`.

For example, calling `getenv('%FOO%')` would result in a hash with
`{'FOO'=>'bar'}`, so looking for '%FOO%' in this result would yield
nothing.

This commit changes this so that the name is ignored and the first
value is returned.
2014-02-12 13:51:30 +10:00
sgabe 7195416a04 Increase the size of the NOP sled 2014-02-12 02:35:53 +01:00
William Vu 5a488b310d Use a more correct error message
-1 is a valid session ID, even though it's a fake one.
2014-02-11 18:06:43 -06:00
sgabe 3f09456ce8 Minor code formatting 2014-02-11 23:53:04 +01:00