Commit Graph

19287 Commits (13ea8aaaad038f68d7d1b92f3c9d77595344a95d)

Author SHA1 Message Date
Rob Fuller 99de6168f7 re-add metsrv.dll 2013-07-23 13:58:29 -04:00
Rob Fuller 394a473bf1 Merge pull request #4 from alexmaloteaux/methttpsproxy
add some features
2013-07-23 10:48:19 -07:00
William Vu 173661c77d Land #2147, msfcli help optimization 2013-07-23 11:10:45 -05:00
sinn3r 0035f2ee64 Speed up msfcli help
If the user only wants to see help, then no point to load things
that will actually never be used by msfcli.  Only rex is needed.
2013-07-22 23:26:44 -05:00
sinn3r 8b0aac2d3c Add another test case for having a trailing slash for unix path
If a trailing path exists in the original input, should keep it.
This test case should verify that.
2013-07-22 23:23:40 -05:00
sinn3r 2be0b84ba8 Not Windows format, Unix. 2013-07-22 22:37:36 -05:00
sinn3r 4ea176b5ee Add another test case 2013-07-22 22:35:19 -05:00
sinn3r 958a4edd73 Keep the trailing slash if the user wishes 2013-07-22 20:46:18 -05:00
sinn3r 359009583f Drop support for UNC path parsing in normalize_win_path
Not really a good idea to try to parse UNC format. Confuses the
purpose of the function.
2013-07-22 20:20:45 -05:00
sinn3r 8656fcf5e0 Update the test description a little better 2013-07-22 19:35:52 -05:00
sinn3r 4b3fce9349 Add functions to normalize Winodws & Unix paths
The purpose of these functions is to be able to join file/dir paths
safely without trailing slashes, basically for the same reason as
normalize_uri.  Some modules are really buggy when merging paths,
so instead of letting them do it, it's better to use these functions.
2013-07-22 19:26:04 -05:00
William Vu 48666f1466 Land #2145, consistent datastore options 2013-07-22 17:06:36 -05:00
jvazquez-r7 af1bd01b62 Change datastore options names for consistency 2013-07-22 16:57:32 -05:00
William Vu b0c74dbb8b Land #2120, specs for command_dispatcher 2013-07-22 16:33:19 -05:00
lsanchez-r7 03cd3ff4eb adding new lines to the end of files. 2013-07-22 16:26:45 -05:00
Tod Beardsley 6055ae7ba5 Land #2132, adding logging to hostname resolver
Also incidentally updated the description.
2013-07-22 15:19:47 -05:00
Tod Beardsley b4589c3c82 Expanding description 2013-07-22 15:19:30 -05:00
jvazquez-r7 70900cfe5e Final cleanup for foreman_openstack_satellite_priv_esc 2013-07-22 14:59:23 -05:00
jvazquez-r7 6346f80ff0 Land #2143, @rcvalle's module for CVE-2013-2113 2013-07-22 14:58:07 -05:00
Tod Beardsley 5e55c506cd Land #2140, add CWS as a first-class reference. 2013-07-22 13:50:38 -05:00
Ramon de C Valle b6c9fd4723 Add foreman_openstack_satellite_priv_esc.rb
This module exploits a mass assignment vulnerability in the 'create'
action of 'users' controller of Foreman and Red Hat OpenStack/Satellite
(Foreman 1.2.0-RC1 and earlier) by creating an arbitrary administrator
account.
2013-07-22 15:24:25 -03:00
William Vu 20baf68efb Land #2141, @todb-r7's weekly English thing 2013-07-22 13:18:48 -05:00
Rich Lundeen aa159f12b7 changed options wording 2013-07-22 11:15:22 -07:00
Rich Lundeen 57055ab754 added optional option 2013-07-22 11:13:29 -07:00
Tod Beardsley 164153f1e6 Minor updates to titles and descriptions 2013-07-22 13:04:54 -05:00
jvazquez-r7 77e8250349 Add support for CWE 2013-07-22 12:13:56 -05:00
jvazquez-r7 6158415bd3 Clean CWE reference, will ad in new pr 2013-07-22 12:03:55 -05:00
jvazquez-r7 da4fda6cb1 Land #2110, @rcvalle's exploit for Foreman Ruby Injection 2013-07-22 12:02:43 -05:00
Ramon de C Valle 9577639b7d Revert "Add support to CWE in module references"
This reverts commit 7a9c228772.
2013-07-22 13:16:42 -03:00
Ramon de C Valle 04e9398ddd Fix CSRF regular expressions as per review 2013-07-22 13:10:56 -03:00
jvazquez-r7 de6e2ef6f4 Final cleanup for dlink_upnp_exec_noauth 2013-07-22 10:53:09 -05:00
jvazquez-r7 c1c72dea38 Land @2127, @m-1-k-3's exploit for DLink UPNP SOAP Injection 2013-07-22 10:52:13 -05:00
Ramon de C Valle 11ef4263a4 Remove call to handler as per review 2013-07-22 12:49:42 -03:00
David Maloney 6976bfd032 Remove pry from gemfile 2013-07-21 15:20:34 -05:00
jvazquez-r7 3c3a951d7e Land #2138, @wchen-r7's CVE-2013-1017 fileformat exploit 2013-07-21 11:00:34 -05:00
sinn3r d9dad313b0 Land #2129 - Allow "python" format 2013-07-20 20:25:11 -05:00
sinn3r e7e712fa01 EOL fix 2013-07-20 19:54:05 -05:00
sinn3r ab515fb66d Add the file format version of CVE-2013-1017 2013-07-20 19:50:09 -05:00
David Maloney 943dde5c6c OptRegexp specs 2013-07-20 18:44:55 -05:00
David Maloney 2fc397b251 OptRaw specs 2013-07-20 17:57:52 -05:00
David Maloney d66779ba4c OptString specs and better validation 2013-07-20 17:49:03 -05:00
David Maloney d6f2b28708 More opt specs 2013-07-20 17:37:39 -05:00
lsanchez-r7 18200c8490 passing all of my changes into rubymines formatter
this should convert everything over to tabs
fixing a filename error and some white space at the EOL
2013-07-20 17:32:05 -05:00
David Maloney 7c8f7329e9 integrate with egypt's already better specs 2013-07-20 16:46:16 -05:00
sinn3r 757cf18bb4 Land #2135 - Update FF detection 2013-07-20 13:10:14 -05:00
Meatballs fe405d2187 Tidyup info 2013-07-19 23:50:59 +01:00
Joe Vennix 92ae90b828 Whitespace fixes. 2013-07-19 17:27:27 -05:00
Meatballs 6fab3f6308 Add powershell cmdline 2013-07-19 23:24:54 +01:00
Joe Vennix 2e838d7be3 Fix minor bugs discovered when testing. 2013-07-19 17:18:39 -05:00
jvazquez-r7 4beea52449 Use instance variables 2013-07-19 14:46:17 -05:00