Commit Graph

22193 Commits (03d552c087cdb0b9bda8b9febaaa9812ab837316)

Author SHA1 Message Date
Karn Ganeshen 266de2d27f Updated 2013-11-23 00:01:03 +03:00
jonvalt b712c77413 capitalization 2013-11-22 14:37:54 -06:00
jonvalt 52a3b93f24 Hopefully final commit.
ALL issues mentioned by todb in https://github.com/rapid7/metasploit-framework/pull/2663/ have been fixed or erased.

Only exception is comment https://github.com/rapid7/metasploit-framework/pull/2663/#discussion_r7837036 which if omitted as recommended, breaks the module.
2013-11-22 14:17:20 -06:00
jonvalt 9addd37458 minor changes:
s/grab/gather/g
2013-11-22 14:03:54 -06:00
William Vu d670b7c972
Land #2674, Ruby 1.9.3-p484 (CVE-2013-4164) 2013-11-22 13:21:32 -06:00
jonvalt b742ed13b9 junk commit 2013-11-22 12:38:06 -06:00
sinn3r 953a96fc2e This one looks promising 2013-11-22 12:27:10 -06:00
Tod Beardsley b69a67251f
Revert CVE-2013-4164 test
This reverts commit 7688211009.
2013-11-22 12:26:51 -06:00
Tod Beardsley 994d4e94c6 Revert "Force Travis to Ruby 1.9.3-p484"
This reverts commit 25b0c86855.
2013-11-22 12:26:05 -06:00
Tod Beardsley 25b0c86855
Force Travis to Ruby 1.9.3-p484 2013-11-22 12:21:29 -06:00
Tod Beardsley 7688211009
Add a test for CVE-2013-4164. Will crash old Ruby!
If you are not on a recent version of Ruby, you will segfault.
2013-11-22 12:14:51 -06:00
sinn3r 8476ca872e More progress 2013-11-22 11:53:57 -06:00
Tod Beardsley fd009f1e46
Update default ruby to 1.9.3-p484 (CVE-2013-4164)
See
https://www.ruby-lang.org/en/news/2013/11/22/ruby-1-9-3-p484-is-released/
2013-11-22 11:20:21 -06:00
Peter Toth 4a6511311d Code improvements according to feedback 2013-11-22 15:35:45 +01:00
sinn3r f1d181afc7 Progress 2013-11-22 04:51:55 -06:00
sinn3r 6d5c1c230c Progress 2013-11-22 03:55:40 -06:00
OJ 388064b78b Add -x and -s parameters to uploadexec
Added -x parameter to the script which indicates that the underlying
meterpreter session should be terminated when the execution has
finished.

Added -s parameter which takes a floating point number as an arg
which indicates the number of seconds to sleep between uploading
and executing. This helps in the case where http(s) payloads are
used for meterpreter and a time delay is needed to make sure that
the file has been written to disk and the lock released prior to
attempting to executing it.
2013-11-22 18:59:01 +10:00
William Vu bcf0954fd8
Land #2672, multi_console_command default usage 2013-11-22 02:55:07 -06:00
William Vu 3c9d33eb3b
Land #2671, desktopcentral_file_upload name change 2013-11-22 02:51:55 -06:00
sinn3r 4d2253fe35 Diet 2013-11-22 02:25:09 -06:00
OJ 19ea29c6e7 Add usage when -rc -cl or -h are not passed
While testing stuff earlier today I had to use this script and I made the
mistake of not passing in the -rc flag to the script. I was confused for ages!

This change prints the usage message in the case where you don't pass proper
parameters to the script.
2013-11-22 12:47:04 +10:00
sinn3r 8382d31f46 More progress 2013-11-21 18:48:12 -06:00
jvazquez-r7 885fedcc3b Fix target name 2013-11-21 17:42:31 -06:00
Peter Toth 3afa21c721 Added favorite and recent shares to the output 2013-11-21 23:55:24 +01:00
sinn3r 22c7703e8b
Land #2658 - Make OGNL expressions compatible with struts 2.0.11.2 2013-11-21 15:30:42 -06:00
sinn3r 56d1c545e7 Oh look, more code 2013-11-21 14:42:07 -06:00
William Vu 13f8a690a9
Land #2669, msftidy Ruby payload std{out,err} fix 2013-11-21 13:16:28 -06:00
jvazquez-r7 851cf6f0d1
Land #2650, @pnegry's exploit for DesktopCentral 8 2013-11-21 09:30:17 -06:00
jvazquez-r7 77aa665385 Add Privileged flag 2013-11-21 09:28:28 -06:00
jvazquez-r7 2ab3ab8b66 Delete empty Payload metadata section 2013-11-21 09:27:25 -06:00
jvazquez-r7 6bd3c4c887 Fix target name 2013-11-21 09:07:25 -06:00
jvazquez-r7 4c2ad4ca9a Fix metadata 2013-11-21 09:06:47 -06:00
jvazquez-r7 8e4c5dbb5e improve upload_file response check 2013-11-21 09:02:11 -06:00
jvazquez-r7 8fdfeb73db Fix use of FileDropper and improve check method 2013-11-21 09:01:41 -06:00
jvazquez-r7 4abf01c64c Clean indentation 2013-11-21 08:32:54 -06:00
sinn3r ddd5b0abb9 More progress 2013-11-21 04:27:41 -06:00
Karn Ganeshen b5011891a0 corrected rport syntax 2013-11-21 08:57:45 +03:00
Karn Ganeshen 9539972340 Module for OpenMind Message-OS portal login 2013-11-21 06:33:05 +03:00
corelanc0d3r 66edfe968d Sorting output 2013-11-21 00:57:08 +01:00
Tod Beardsley 63d1a78cd2
Remove capturing parens and debug hexes. 2013-11-20 17:53:25 -06:00
Tod Beardsley 637ce058f5
Write a nonstupid regex (2-pass test) 2013-11-20 17:47:19 -06:00
Tod Beardsley 0ec9881a22
Fix stdout/stderr check to avoid ruby payloads
[SeeRM #8498]

This knocks out all the non-datastore editing ERROR messages, so we've
got that going for us. Which is nice.
2013-11-20 17:39:35 -06:00
Tod Beardsley 3926617972
Land #2664, clear EOL spaces
[SeeRM #8498]
2013-11-20 17:27:06 -06:00
Tod Beardsley e88da09894
Land #2660, DLL/service creation for x64 2013-11-20 17:25:16 -06:00
joev eea811b71a
Merge branch 'landing-2601-mipsle-encoders' into upstream-master 2013-11-20 17:14:45 -06:00
sinn3r e13e457d8f Progress 2013-11-20 17:11:13 -06:00
Tod Beardsley 5ef6c5bb44
Land #2668, avoid tidying nonfiles. 2013-11-20 16:57:57 -06:00
William Vu b75f5a8f45 Avoid crashing when msftidy'ing missing files 2013-11-20 16:36:07 -06:00
corelanc0d3r 0ea0dc168c set _comment method to js for num and dword 2013-11-20 23:10:55 +01:00
Tod Beardsley c7bf642972
Land #2665, shebang fix for msftidy. 2013-11-20 15:47:57 -06:00