Commit Graph

35959 Commits (0ae2e64bc56dd8543a97cc4ebc94de4738376488)

Author SHA1 Message Date
jvazquez-r7 c60fa496c7
Delete extra spaces 2015-10-09 23:37:11 -05:00
jvazquez-r7 e6fbca716c
Readd comment 2015-10-09 23:29:23 -05:00
jvazquez-r7 af445ee411
Re apply a couple of fixes 2015-10-09 23:24:51 -05:00
HD Moore a590b80211 Update autoregister_ports, try both addresses for the MBean 2015-10-09 20:20:35 -07:00
HD Moore 2b94b70365 Always connect to RHOST regardless of JMXRMI address 2015-10-09 17:49:22 -07:00
Brent Cook 209fd781b6
Land #6065, add SRVHOST tab completion 2015-10-09 17:52:18 -05:00
Brent Cook 47cd215cef
Land #6042, update rvm and jenkins to use Ruby 2.1.7 2015-10-09 17:26:16 -05:00
HD Moore cd2e9d4232 Move Msf::Java to the normal Msf::Exploit::Remote namespace 2015-10-09 13:24:34 -07:00
Tod Beardsley 84455c2167
Land #6701, HP SiteScope issue 2015-10-09 15:08:41 -05:00
Tod Beardsley 94bb94d33a
Working URL for real 2015-10-09 15:07:44 -05:00
Tod Beardsley b04f947272
Fix blog post date, derp 2015-10-09 14:59:57 -05:00
Tod Beardsley 55ef6ebe91
HP SiteScope vuln, R7-2015-17
On behalf of @l0gan, already reviewed once by @jvazquez-r7, reviewed
again by me.

For details, see:

https://community.rapid7.com/community/metasploit/blog/2017/10/09/r7-2015-17-hp-sitescope-dns-tool-command-injection
2015-10-09 14:55:48 -05:00
jvazquez-r7 5e9faad4dc Revert "Merge branch using Rex sockets as IO"
This reverts commit c48246c91c, reversing
changes made to 3cd9dc4fde.
2015-10-09 14:09:12 -05:00
jvazquez-r7 c48246c91c
Merge branch using Rex sockets as IO 2015-10-09 13:42:09 -05:00
jvazquez-r7 347495e2f5
Rescue Rex::StreamClosedError when there is a session 2015-10-09 13:41:41 -05:00
jvazquez-r7 3aa7b513d5
Delete safe_get_once 2015-10-09 13:34:38 -05:00
jvazquez-r7 3cd9dc4fde
Fix JMX Server specs 2015-10-09 12:17:44 -05:00
jvazquez-r7 62272e64ed
Fix RMI Registry specs 2015-10-09 12:16:59 -05:00
Jon Hart 7a16f28969
Land #6069 2015-10-09 10:14:19 -07:00
jvazquez-r7 12d2594095
Add StringIO stub to Msf::Java::Rmi::Client::Jmx::Connection 2015-10-09 12:00:35 -05:00
jvazquez-r7 3d1ec54f02
Stub has_read_data? 2015-10-09 11:36:24 -05:00
William Vu 8670224ea0 Prefer do/end 2015-10-09 11:26:33 -05:00
jvazquez-r7 eabe742b9d
Expose the timeout betweed reads as mixin option 2015-10-09 11:17:44 -05:00
William Vu b95d5790f6 Improve output 2015-10-09 11:13:50 -05:00
William Vu 6d2a89e9a6 Be more descriptive about EOFError
There are other modules that could be updated, surely.
2015-10-09 11:05:17 -05:00
jvazquez-r7 5fab1cc71a
Add loop timeout 2015-10-09 11:05:05 -05:00
bigendian smalls bef7562823
Fixed Typo 2015-10-09 06:39:02 -05:00
bigendian smalls 6549f48d4e
Added new class MainframeShell for mainframe(z/os)
This class is built upon and overrides certain methods in the generic
CommandShell class.  Primarily it is here to control when and if bytes
sent to/from mainframe (z/os) targets get encoded/decoded from cp1047
(ebcdic<->ascii).  This would be the default shell for upcoming
mainframe based payloads.
2015-10-08 17:11:31 -05:00
wchen-r7 8aed503ad2 Change EXITFUNC acceptable options
This gets rid of the nil option because this is the same as "".
And then we change the empty value to ''.
2015-10-08 16:52:17 -05:00
jvazquez-r7 3dd7fdfd95
Land #6055, @wvu-r7's -q option for msfd
* Fixes #5770
2015-10-08 14:10:27 -05:00
jvazquez-r7 326141ffa8
Initialize the DisableBanner option 2015-10-08 14:08:45 -05:00
William Vu 2f50374bf9 Add SRVHOST tab completion
A trivial update to @jlee-r7's code.
2015-10-08 14:01:21 -05:00
wchen-r7 352535e15d
Land #6026, Add support for NewClass elements on Rex::Java::Serialization 2015-10-08 12:33:12 -05:00
brent morris 28454f3b2e MSFTidyness 2015-10-08 12:59:46 -04:00
Brent Cook 421ed382ab
Land #6052, update msftidy path 2015-10-07 16:52:32 -05:00
Brent Cook 9d51abe4b5 fix msftidy link 2015-10-07 16:52:21 -05:00
Brent Cook d26a299a14
Land #6052, organize tools into the new structure 2015-10-07 16:17:42 -05:00
wchen-r7 3a0f7ce699
Land #6044, ManageEngine ServiceDesk Plus Arbitrary File Download 2015-10-07 15:24:14 -05:00
wchen-r7 f0b6d3c68e Change error message to avoid an undef method bug 2015-10-07 15:23:29 -05:00
wchen-r7 871f46a14e
Land #6038, ManageEngine ServiceDesk Plus Arbitrary File Upload 2015-10-07 15:17:58 -05:00
wchen-r7 dddfaafac7 Update reference 2015-10-07 15:17:22 -05:00
wchen-r7 a2c9e2549d
Land #6014, support TCP advanced options for loginscanner mods 2015-10-07 14:26:25 -05:00
Christian Mehlmauer eb597bb9f3
Land #5842, watermark fileformat exploit 2015-10-07 19:29:04 +02:00
William Vu 77fae28cd4 Add -q option to msfd to disable banner 2015-10-07 01:57:58 -05:00
William Vu ddea0ea708
Fix #5797, extraneous nil fix 2015-10-07 01:11:51 -05:00
William Vu 0182f394b4 Remove extraneous nil
Didn't need it, forgot to remove it.
2015-10-07 01:10:33 -05:00
JT 205b175a95 Update host_header_injection.rb 2015-10-07 13:20:06 +08:00
JT 6b3da7f7d8 Update host_header_injection.rb
made some changes as suggested by @espreto
2015-10-07 13:01:49 +08:00
JT a1e0e0cdd9 Add HTTP Host-Header Injection Detection 2015-10-07 11:19:00 +08:00
jakxx c5237617f2 Update buffer size for reliability 2015-10-06 18:12:40 -04:00