William Vu
056ee4f207
Land #3958 , kill command for pyterp
2014-10-07 10:58:37 -05:00
Spencer McIntyre
766a69e310
Add sys_process_kill to the python meterpreter
2014-10-07 10:10:22 -04:00
nullbind
031fb19153
requested updates
2014-10-06 23:52:30 -05:00
William Vu
3e92892c8b
Land #3954 , file:// for the check command
2014-10-06 22:05:51 -05:00
William Vu
399a61d52e
Land #3946 , ntp_readvar updates
2014-10-06 21:57:57 -05:00
nstarke
e1b0ba5d3d
Removing 'require pry'
...
I accidentally left a reference to pry in my code.
Removing
2014-10-06 21:40:39 -05:00
nstarke
b8c2643d56
Converting Module to LoginScanner w/ Specs
...
The previous commits for this Jenkins CI module relied on an
obsolete pattern. Consequently, it was necessary to write
this module as a LoginScanner and incorporate the appropriate
specs so that the tests will run properly.
2014-10-06 21:14:10 -05:00
Spencer McIntyre
6ea5d20b11
Land #3955 , fix NoMethodError for wordpress_login_enum
2014-10-06 17:22:29 -04:00
sinn3r
d3354d01f0
Fix #3808 - NoMethodError undefined method `map'
...
NoMethodError undefined method `map' due to an incorrect use of
load_password_vars
2014-10-06 15:42:51 -05:00
sinn3r
17f278effd
Fix #3822 - Support file:// syntax for check()
2014-10-06 13:37:14 -05:00
Jon Hart
8c8ccc1d54
Update Authors
2014-10-06 11:30:39 -07:00
us3r777
03888bc97b
Change the check function
...
Use regex based detection
2014-10-06 18:56:01 +02:00
us3r777
29111c516c
Wordpress Infusionsoft Gravity Forms CVE-2014-6446
...
The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for
WordPress does not properly restrict access, which allows remote
attackers to upload arbitrary files and execute arbitrary PHP
code via a request to utilities/code_generator.php.
2014-10-06 14:10:01 +02:00
agix
12cd686bc4
Delete Encoder possibility in msfpayload
2014-10-06 11:22:53 +02:00
nstarke
69400cf280
Fixing Author Declaration
...
I had accidentally listed myself three times as the author.
Fixing that issue so that I am only declaring myself once.
2014-10-05 23:17:28 -05:00
nstarke
c0a3691817
Adding Jenkins-CI Login Scanner
...
Per Github issue #3871 (RM8774), I have added a
login scanner module for Jenkins-CI installations.
2014-10-05 22:08:34 -05:00
James Lee
a65ee6cf30
Land #3373 , recog
...
Conflicts:
Gemfile
Gemfile.lock
data/js/detect/os.js
lib/msf/core/exploit/remote/browser_exploit_server.rb
modules/exploits/android/browser/webview_addjavascriptinterface.rb
2014-10-03 18:05:58 -05:00
Tod Beardsley
097d2bfbb5
Land #3922 : Metasploit Park banner
2014-10-03 16:32:56 -05:00
Jon Hart
a341756e83
Support spoofing source IPs for NTP readvar, include status messages
2014-10-03 14:05:57 -07:00
Jon Hart
fa4414155a
Only include the exact readvar payload, not any padding
2014-10-03 13:58:13 -07:00
Jon Hart
65c1a8230a
Address most Rubocop complaints
2014-10-03 13:47:29 -07:00
Jon Hart
0715c671c6
Update NTP readvar module to detect DRDoS, UDPScanner to be faster
2014-10-03 13:28:30 -07:00
Tod Beardsley
d048bb7725
Add some color to the msfpark banner
...
It looks kind of naked without some color compared to all the other
banners.
2014-10-03 14:52:54 -05:00
Samuel Huckins
f2fc0d88ef
Lands #3943 , changes to engine require
2014-10-03 14:26:50 -05:00
Matt Buck
0bb4eac259
Rename the method for optional requires
...
MSP-11412
2014-10-03 14:06:13 -05:00
Matt Buck
88cbf22ef0
Optionally require mdm, as well
...
MSP-11412
2014-10-03 13:49:39 -05:00
Matt Buck
478dbd32f2
Bump to newly-released versions of gems
...
MSP-11412
2014-10-03 12:07:23 -05:00
Matt Buck
f748256e47
Use the prerelease versions of the gems
...
MSP-11412
2014-10-03 10:29:10 -05:00
William Vu
f7e709dcb3
Land #3941 , new WPVDB reference
2014-10-03 10:17:02 -05:00
Christian Mehlmauer
f45b89503d
change WPVULNDBID to WPVDB
2014-10-03 17:13:18 +02:00
Spencer McIntyre
7da22d064d
Remove an unnecessary var and fix process_close
2014-10-02 20:52:45 -04:00
Matt Buck
04dbfb9ad6
Bump metasploit gem dependencies
...
MSP-11412
2014-10-02 18:11:13 -05:00
Brandon Perry
2c9446e6a8
Update f5_icontrol_exec.rb
2014-10-02 17:56:24 -05:00
sinn3r
6f50ef581c
Land #3935 - Fix SNMP scanners on OS X/FreeBSD
2014-10-02 16:38:36 -05:00
sinn3r
6d7870a4ac
Land #3934 - New :vuln_test option to BES
2014-10-02 16:31:50 -05:00
Christian Mehlmauer
33b37727c7
Added wpvulndb links
2014-10-02 23:03:31 +02:00
Matt Buck
dabec92e61
Ensure require of metasploit/credential/engine is optional
2014-10-02 14:46:56 -05:00
Matt Buck
7ed1977d0b
Specific require all metasploit gem dependencies' engines
...
MSP-11412
2014-10-02 14:20:10 -05:00
Matt Buck
71efeb0c26
Also PATH out the deps for metasploit-credential and metasploit_data_models
...
MSP-11412
2014-10-02 14:08:35 -05:00
sinn3r
0820a4fe6a
Land #3933 - Fix cmd_exec with Python Meterpreter on OS X
2014-10-02 13:48:19 -05:00
Matt Buck
05c71af03c
PATH out the deps to metasploit-concern and metasploit-model, for the moment
2014-10-02 13:29:50 -05:00
Samuel Huckins
0dfd8e25b8
Land #3846 , Rex::ImageSource specs
2014-10-02 12:33:56 -05:00
William Vu
ee92648693
Land #3906 , Zsh completion for Metasploit
2014-10-02 11:06:10 -05:00
HD Moore
24eec0e2a6
Swap to recog ~> 1.0 pre Luke's comment
2014-10-02 09:51:41 -05:00
Joe Vennix
7861b17e16
Use write() to fix SNMP on osx/freebsd.
2014-10-02 09:15:43 -05:00
HD Moore
5f4098f650
Bump recog to ~> 1.0.0
2014-10-02 00:51:37 -05:00
Joe Vennix
6571213f1c
Remove un-truthy doc string.
2014-10-01 23:41:02 -05:00
Joe Vennix
5a8eca8946
Adds a :vuln_test option to BES, just like in BAP.
...
I needed this to run a custom JS check for the Android
webview vuln when the exploit is served straight
through BES. The check already existed when using BAP,
so I tried to preserve that syntax, and also added a
:vuln_test_error as an optional error message.
This commit also does some mild refactoring of un-
useful behavior in BES.
2014-10-01 23:34:31 -05:00
Joe Vennix
b1b8cba4c5
Rescue an IOError on channel double-close.
...
This was causing output from python meterpreter
commands run on OSX to be discarded when the error
was raised, making cmd_exec not-so-useful.
2014-10-01 22:35:41 -05:00
HD Moore
0380c5e887
Add CVE-2014-6278 support, lands #3932
2014-10-01 18:25:41 -05:00