1d7de8fef9
Mid-work commit
...
MSP-9848
2014-07-07 15:44:29 -05:00
c4c7ff519f
Merge pull request #96 from rapid7/feature/MSP-10657/add-private-type
...
Add private_type and realm_key accessors to Framework::Credential
2014-07-07 15:43:18 -05:00
b52c13228c
make private_type validation conditional
...
there are times when this won't be filled in
but the credential is still valid
2014-07-07 15:40:52 -05:00
271fae07cf
Update to compatible dependencies
...
MSP-10654
2014-07-07 14:41:03 -05:00
eda7e7297e
Merge pull request #95 from rapid7/feature/MSP-10649/remove-successes
...
Remove successes and failures
2014-07-07 13:58:40 -05:00
e5b5439e47
Merge pull request #3500 from todb-r7/fixup-release
...
Release fixup: Description/whitespace changes (minor)
2014-07-07 13:56:07 -05:00
4d4b8078f8
Unify SSH specs as well
2014-07-07 13:41:08 -05:00
2a9ac0a007
Axe SSHKey in favor of a unified SSH
2014-07-07 13:35:17 -05:00
71cbbc5388
Merge branch 'feature/MSP-10648/login-scanner-creation' into feature/MSP-10656/unify-ssh-scanners
2014-07-07 13:19:34 -05:00
b7cfc927c4
Add private_type and realm_key accessors
2014-07-07 13:07:28 -05:00
9fef2ca0f3
Description/whitespace changes (minor)
...
Four modules updated for the weekly release with minor cosmetic fixes.
- [ ] See all affected modules still load.
- [ ] See all affected modules have expected `info`
2014-07-07 12:39:05 -05:00
cff2e1a1c1
And remove specs referencing obsolete accessors
2014-07-07 12:37:14 -05:00
5c406a2aa5
Remove successes and failures
...
No reason to store them and they could fill a ton of unnecessary memory.
2014-07-07 12:33:15 -05:00
7035064f3d
Assignment alignment for Dave
2014-07-07 12:30:04 -05:00
f1fcc23a08
Land #3499 , Yokogawa's CVE-2014-3888 module
2014-07-07 11:37:11 -05:00
cd6b83858b
Add new Yokogawa SCADA exploit
2014-07-07 11:20:49 -05:00
f8d738d062
Fix QWORD usage, merges #3498
2014-07-07 10:43:48 -05:00
bdf27b1834
Fix up the TLVs that are now QWORD values in MSF
...
Various values were adjusted to become QWORD values in MSF an windows
meterpreter, but the changes were not ported over to python, php and
java. This commit fixes this inconsistency.
2014-07-07 10:42:58 -05:00
8df3ada087
Better docs
2014-07-07 10:18:42 -05:00
325d2d25b9
Fix requires and derp typos
2014-07-07 10:09:45 -05:00
8f39590f0f
Framework is currently pegged to 0.17.0. Closes #3495
2014-07-07 09:43:05 -05:00
d7908e3050
Update schema.rb
...
MSP-10654
2014-07-07 09:41:46 -05:00
ddfd912354
Fix up the TLVs that are now QWORD values in MSF
...
Various values were adjusted to become QWORD values in MSF an windows
meterpreter, but the changes were not ported over to python, php and
java. This commit fixes this inconsistency.
2014-07-07 19:46:54 +10:00
5961861c97
Merge #2809 into master
2014-07-06 23:46:10 -05:00
6f433db609
Minor typo fix
2014-07-06 23:44:17 -05:00
3ef35f19dc
Prefer strip over chomp
2014-07-06 23:17:09 -05:00
d76081bcef
Prefer strip over chomp
2014-07-06 23:16:56 -05:00
ab7848a895
Merge master for testing of #2809
2014-07-06 22:27:58 -05:00
14b1ed5290
Add spec for comma separated cookies
2014-07-06 16:23:43 -05:00
e7ade9f84d
migrate from wget to echo mechanism
2014-07-06 21:45:53 +02:00
f51feb7f52
Modify get_cookies regular expression
2014-07-06 13:22:31 -05:00
5e7f356f31
Land #3494 , @Firefart's update for Mailpoet's exploit
2014-07-06 11:27:18 -05:00
d5843f8eaf
Updated Mailpoet exploit to work with another version
2014-07-06 10:53:40 +02:00
cf5d29c53b
Add EOF newline to satisfy msftidy
2014-07-05 13:51:12 -05:00
84a3b94679
Land #3493 , small fixes for WP MailPoet module
2014-07-05 13:50:09 -05:00
6d9bf83ded
Small fixes for the recent WP MailPoet module
...
Correct casing in the title
Anchor the use of ::File
Force body.to_s since it can be nil in corner cases
2014-07-05 13:17:23 -05:00
98a82bd145
Land #3486 , @brandonprry's exploit for CVE-2014-4511 gitlist RCE
2014-07-04 16:41:04 -05:00
59881323b9
Clean code
2014-07-04 16:40:16 -05:00
a471f298a5
Merge #3476 into #3481 for meterpreter smilies
...
This incoporates @OJ's fixes as a result of gemification.
2014-07-03 22:54:56 -05:00
311f43f1e4
Constpocalypse
2014-07-03 18:49:46 -05:00
aedd347191
Land all the commits on #3491 , @jlee-r7's patch for php meterpreter
2014-07-03 18:14:52 -05:00
20cf25da7e
Land #3491 , @jlee-r7's fix for php meterpreter on php 5.5.0
2014-07-03 18:11:20 -05:00
a33a6dc79d
add bash to requiredcmd
2014-07-03 16:52:52 -05:00
41cd5527c8
Close the server socket in php bind stager
...
This was previously left dangling, which leaves the port open, but
doesn't do anything with subsequent connections.
2014-07-03 16:52:09 -05:00
806f26424c
&& not and
2014-07-03 16:50:21 -05:00
6fb2fc85a0
address @jvasquez-r7 review points
2014-07-03 16:43:01 -05:00
9246f7a0ce
Strip the NULL that PHP no longer strips
...
As of PHP 5.5.0, unpack("a", ...) no longer strips the NULL byte from
the end of the string. A new format specifier, Z, was introduced to
perform the old behavior, but we don't have a good way to test for its
existence. Instead, just remove it with str_replace
2014-07-03 15:58:05 -05:00
c1fc68e1b1
Replace to_pwdump internals
...
MSP-9948
2014-07-03 15:41:26 -05:00
2efa3d6bc0
Land #3487 , @FireFart's exploit for WordPress MailPoet file upload
2014-07-03 14:34:58 -05:00
f1b7a9f421
Land #3488 - loot storage into the enum_services post module
2014-07-03 14:18:16 -05:00
Trevor Rosen
dmaloney-r7
Luke Imhoff
cdoughty-r7
James Lee
Tod Beardsley
jvazquez-r7
HD Moore
OJ
Michael Messner
Christian Mehlmauer
William Vu
Brandon Perry
sinn3r