Christian Mehlmauer
3da9535e22
change Metasploit4 class names
2016-03-07 09:57:22 +01:00
Christian Mehlmauer
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
Brent Cook
bc7bf28872
Land #6591 , don't require username for wrt110 cmd exec module
2016-02-18 20:20:15 -06:00
joev
3b9502cb1d
Don't require username in wrt110 module.
2016-02-18 18:45:04 -06:00
Brent Cook
3d1861b3f4
Land #6526 , integrate {peer} string into logging by default
2016-02-15 15:19:26 -06:00
William Vu
5b3fb99231
Land #6549 , module option for X-Jenkins-CLI-Port
2016-02-10 10:34:33 -06:00
William Vu
c67360f436
Remove extraneous whitespace
2016-02-10 09:44:01 -06:00
wchen-r7
1d6b782cc8
Change logic
...
I just can't deal with this "unless" syntax...
2016-02-08 18:40:48 -06:00
wchen-r7
d60dcf72f9
Resolve #6546 , support manual config for X-Jenkins-CLI-Port
...
Resolve #6546
2016-02-08 18:16:48 -06:00
James Lee
12256a6423
Remove now-redundant peer
...
These all include either Msf::Exploit::Remote:Tcp or Msf::Exploit::Remote:HttpClient
2016-02-01 15:12:03 -06:00
Nicholas Starke
d51be6e3da
Fixing typo
...
This commit fixes a typo in the word "service"
2016-01-28 16:44:42 -06:00
Nicholas Starke
1ef7aef996
Fixing User : Pass delimiter
...
As per the PR comments, this commit replaces the user and
pass delimiter from "/" to ":"
2016-01-27 17:20:58 -06:00
Nicholas Starke
4560d553b5
Fixing more issues from comments
...
This commit includes more minor fixes from the github
comments for this PR.
2016-01-24 19:43:02 -06:00
Nicholas Starke
d877522ea5
Fixing various issues from comments
...
This commit fixes issues with specifying "rhost:rport",
replacing them instead with "peer". Also, a couple of
"Unknown" errors were replaced with "UnexpectedReply".
2016-01-23 13:43:09 -06:00
Nicholas Starke
a5a2e7c06b
Fixing Disclosure Date
...
Disclosure date was in incorrect format, this commit
fixes the issue
2016-01-23 11:41:05 -06:00
Nicholas Starke
8c8cdd9912
Adding Dlink DCS Authenticated RCE Module
...
This module takes advantage of an authenticated HTTP RCE
vulnerability to start telnet on a random port. The module
then connects to that telnet session and returns a shell.
This vulnerability is present in version 2.01 of the firmware
and resolved by version 2.12.
2016-01-23 11:15:23 -06:00
wchen-r7
7259d2a65c
Use unless instead of if !
2016-01-05 13:05:01 -06:00
Brendan Coles
7907c93047
Add D-Link DCS-931L File Upload module
2016-01-05 04:15:38 +00:00
Jon Hart
27a6aa0be1
Fix current msftidy warnings about PACKETSTORM vs URL
2015-12-24 09:05:02 -08:00
Jon Hart
efdb6a8885
Land #6392 , @wchen-r7's 'def peer' cleanup, fixing #6362
2015-12-24 08:53:32 -08:00
Brent Cook
e4f9594646
Land #6331 , ensure generic payloads raise correct exceptions on failure
2015-12-23 15:43:12 -06:00
wchen-r7
cea3bc27b9
Fix #6362 , avoid overriding def peer repeatedly
...
def peer is a method that gets repeated a lot in modules, so we
should have it in the tcp mixin. This commit also clears a few
modules that use the HttpClient mixin with def peer.
2015-12-23 11:44:55 -06:00
wchen-r7
ab3fe64b6e
Add method peer for jenkins_java_deserialize.rb
2015-12-15 01:18:27 -06:00
wchen-r7
bd8aea2618
Fix check for jenkins_java_deserialize.rb
...
This fixes the following:
* nil return value checks
* handle missing X-Jenkins-CLI-Port scenario more properly
* proper HTTP path normalization
2015-12-14 11:25:59 -06:00
dmohanty-r7
eb4611642d
Add Jenkins CLI Java serialization exploit module
...
CVE-2015-8103
2015-12-11 14:57:10 -06:00
karllll
a5c6e260f2
Update hp_vsa_login_bof.rb
...
Updated reference URL to latest location
2015-12-10 10:56:39 -05:00
wchen-r7
11c1eb6c78
Raise Msf::NoCompatiblePayloadError if generate_payload_exe fails
...
Most exploits don't check nil for generate_payload_exe, they just
assume they will always have a payload. If the method returns nil,
it ends up making debugging more difficult. Instead of checking nil
one by one, we just raise.
2015-12-08 21:13:23 -06:00
James Lee
385378f338
Add reference to Rapid7 advisory
2015-12-01 11:37:27 -06:00
HD Moore
9dbf7cb86c
Remove the SSL option (not needed)
2015-12-01 11:34:03 -06:00
HD Moore
758e7c7b58
Rename
2015-12-01 11:33:45 -06:00
HD Moore
ea2174fc95
Typo and switch from raw -> encoded
2015-12-01 10:59:12 -06:00
HD Moore
16d0d53150
Update Shellshock modules, add Advantech coverage
2015-12-01 10:40:46 -06:00
Jon Hart
8d1f5849e0
Land #6228 , @m0t's module for F5 CVE-2015-3628
2015-11-18 15:39:40 -08:00
Jon Hart
ae3d65f649
Better handling of handler creation output
2015-11-18 15:31:32 -08:00
Jon Hart
bcdf2ce1e3
Better handling of invulnerable case; fix 401 case
2015-11-18 15:24:41 -08:00
Jon Hart
deec836828
scripts/handlers cannot start with numbers
2015-11-18 12:31:46 -08:00
Jon Hart
7399b57e66
Elminate multiple sessions, better sleep handling for session waiting
2015-11-18 12:23:28 -08:00
Jon Hart
e4bf5c66fc
Use slightly larger random script/handler names to avoid conflicts
2015-11-18 11:51:44 -08:00
Jon Hart
e7307d1592
Make cleanup failure messages more clear
2015-11-18 11:44:34 -08:00
Jon Hart
0e3508df30
Squash minor rubocop gripes
2015-11-18 11:05:10 -08:00
Jon Hart
f8218f0536
Minor updates to print_ output; wire in handler_exists;
2015-11-18 11:05:10 -08:00
Jon Hart
392803daed
Tighten up cleanup code
2015-11-18 11:05:10 -08:00
m0t
c0d9c65ce7
always overwrite the payload file
2015-11-18 18:48:34 +00:00
Jon Hart
e21bf80ae4
Squash a rogue space
2015-11-17 14:17:59 -08:00
Jon Hart
3396fb144f
A little more simplification/cleanup
2015-11-17 14:16:29 -08:00
Jon Hart
dcfb3b5fbc
Let Filedropper handle removal
2015-11-17 13:01:06 -08:00
Jon Hart
715f20c92c
Add missing super in setup
2015-11-16 14:45:13 -08:00
Jon Hart
902951c0ca
Clean up description; Simplify SOAP code more
2015-11-16 11:06:45 -08:00
Jon Hart
1aa1d7b5e4
Use random path for payload
2015-11-16 10:57:48 -08:00
Jon Hart
ee5d91faab
Better logging when exploit gets 401
2015-11-16 10:41:48 -08:00