14514d7b8b
update gemspec for metasploit-credential
2014-11-11 13:35:00 -06:00
1f1af70047
Update Msfcli#usage spec style
...
MSP-11147
2014-11-11 13:22:28 -06:00
dbd5937dc7
Limit threads to 1 when CPORT is set, closes #4170
...
This issue also applies to TCP scanner modules.
2014-11-11 13:21:09 -06:00
ebec5329df
Update Msfclie#dump_module_list spec style
...
MSP-11147
2014-11-11 13:21:06 -06:00
56b53b0dcd
Remove redundant 'it' in text name
...
MSP-11147
2014-11-11 13:16:45 -06:00
5d6aec8bed
Fix context prefix
...
MSP-11147
Instance methods should be prefixed with `#`, not `.`.
2014-11-11 13:14:34 -06:00
a6fed7798e
Update Msfcli#usage spec style
...
MSP-11147
2014-11-11 13:11:40 -06:00
c6f115d070
Update Msfcli#initialize spec style
...
MSP-11147
2014-11-11 13:11:05 -06:00
9238d80a24
Use correct source port for NBNS spoofer
...
137 is only correct for systems that use this as their source port.
Systems running Samba, for example, don't use this. So use the port
taken from the original request, not 137 or 1337
2014-11-11 10:33:27 -08:00
86379db65c
Remove incorrect 'Class methods' context
...
MSP-11147
2014-11-11 12:32:22 -06:00
36ab73b83a
Extract Msfcli#framework
...
MSP-11147
Expose Msfcli @framework as Msfcli#framework so that it can be set in
tests. It also allows Msfcli#framework to lazily initialize and memoize
to @framework.
2014-11-11 12:25:14 -06:00
cf0ecd0367
Fix thread leaks in TaskManager spec
...
MSP-11147
2014-11-11 12:02:14 -06:00
96ba6da697
Add the UDP scanner template, lands #4113 .
...
There is some additional work to do regarding CHOST/CPORT, but this is not tied to the udp template changes.
2014-11-11 11:59:30 -06:00
eede74be1e
Extract 'Msf::Framework#threads cleaner'
...
MSP-11147
Extract from 'Msf::Simple::Framework' the `after(:each)` that kills and joins
threads from `framework.threads` into 'Msf::Framework#threads cleaner`.
2014-11-11 11:49:48 -06:00
6653d5e913
Land #4168 , @nullbind's MS SQL SUSER_SNAME login enumeration module
2014-11-11 11:17:39 -06:00
01fda27264
Fix title
2014-11-11 11:15:53 -06:00
a588bfd31a
Use single quotes
2014-11-11 09:56:46 -06:00
77c8dc2b64
Dont return nil from 'run'
2014-11-11 09:39:08 -06:00
fb309aae11
Use a Fixnum as FuzzInt default value
2014-11-11 09:36:53 -06:00
f6762b41b6
Use random fake db name
2014-11-11 09:35:51 -06:00
94c353222d
Do small cosmetic changes
2014-11-11 09:31:57 -06:00
e9e5869951
update from master
2014-11-11 09:24:33 -06:00
c0285067c9
Add new module to test TNS poison
...
msf auxiliary(tnspoison_checker) > show options
Module options (auxiliary/scanner/oracle/tnspoison_checker1):
Name Current Setting Required Description
---- --------------- -------- -----------
RHOSTS 172.16.2.100, 172.16.2.24, 172.16.2.101 yes The target address range or CIDR identifier
RPORT 1521 yes The target port
THREADS 1 yes The number of concurrent threads
msf auxiliary(tnspoison_checker) > exploit
[+] 172.16.2.100:1521 is vulnerable
[*] Scanned 1 of 3 hosts (033% complete)
[-] 172.16.2.24:1521 is not vulnerable
[*] Scanned 2 of 3 hosts (066% complete)
[-] 172.16.2.101:1521 unable to connect to the server
[*] Scanned 3 of 3 hosts (100% complete)
[*] Auxiliary module execution completed
2014-11-11 17:29:27 +03:00
ac17780f6d
Fix by @FireFart to recover communication with the application after a meterpreter session
2014-11-11 05:49:18 -05:00
6bf1f613b6
Fix issues reported by FireFart
2014-11-11 00:41:58 -05:00
091da05a86
update from master
2014-11-10 22:59:44 -06:00
39b8bcc808
Merge branch 'upstream/master' of github.com:rapid7/metasploit-framework
2014-11-11 09:25:37 +10:00
4987f77526
Land #4157 - Add getsid to python meterpreter
2014-11-11 09:24:51 +10:00
3faf4a4702
Land #4120 , @nullbind's module for MS SQL privilege escalation
...
* through ESCALATE AS
2014-11-10 16:59:28 -06:00
cac6494427
Use snake_case in filename
2014-11-10 16:58:46 -06:00
2c33642de8
Do minor cleanup
2014-11-10 16:57:57 -06:00
12ae8b3ec6
update from master
2014-11-10 16:19:26 -06:00
493b81d874
cleanup
2014-11-10 15:22:21 -06:00
31fa57fcb2
mssql_enum_sql_logins
2014-11-10 15:19:55 -06:00
d543b16cc1
Added mssql_enum_sql_logins.rb
2014-11-10 15:02:46 -06:00
ea226f7482
Update mssql_enum_sql_logins.rb
2014-11-10 15:02:14 -06:00
0a68171bab
Land #4166 , @wchen-r7's fix for undefined method `rank'
...
* Fixes #4047
* undefined method `rank' due to an invalid encoder name
2014-11-10 15:00:17 -06:00
bf1558d702
update gemspec for metasploit-credential
...
update gemspec to use newest metasploit-credential
MSP-11592
2014-11-10 14:54:09 -06:00
d4bbf0fe39
Fix issues reported by wchen-r7 and mmetince
2014-11-10 15:27:10 -05:00
86ff5f93eb
Land #4158 , Fix for null dereference on Exploit::Remote::HttpServer#remove_resource
2014-11-10 14:14:48 -06:00
4e96833408
Check service before using it
2014-11-10 14:14:20 -06:00
1064049729
Revert "Fix buggy calls to stop_service"
...
This reverts commit 613f5309bb
2014-11-10 14:05:57 -06:00
cc99a6a96f
Merge pull request #9 from jvazquez-r7/review_4155
...
Clean exploit for CVE-2014-8499 - PMP privesc + password disclosure
2014-11-10 19:44:28 +00:00
74344e9295
added mssql_enum_sql_logins
2014-11-10 13:42:52 -06:00
0b51741779
Fix #4047 - undefined method `rank' due to an invalid encoder name
...
Fix #4047 caused by an invalid encoder name. Also added elog() to
avoid shutting everything up in msfvenom
2014-11-10 13:25:53 -06:00
4b701700c1
Fix banner
2014-11-10 12:40:53 -06:00
7ed11ffd52
Check for INTERFACE or SMAC in dtp setup
2014-11-10 10:14:47 -08:00
65dbb1a83f
Do print_status
2014-11-10 11:26:53 -06:00
7aed1e9581
Create loot_passwords method
2014-11-10 11:21:44 -06:00
92df11baa7
Create report_super_admin_creds method
2014-11-10 11:16:25 -06:00
Fernando Arias
Luke Imhoff
HD Moore
Jon Hart
jvazquez-r7
Nikita
Juan Escobar
OJ
nullbind
David Maloney
Pedro Ribeiro
sinn3r