8fd6dd50de
Check session and CSRF variables as per review
2013-07-16 14:30:55 -03:00
dc51c8a3a6
Change URIPATH option to TARGETURI as per review
2013-07-16 14:27:47 -03:00
54af2929f5
Land #2109 , kill stray character
2013-07-16 11:11:06 -05:00
7a9c228772
Add support to CWE in module references
2013-07-16 12:20:29 -03:00
34e732eabd
Kill stray character in whitespace gutter.
2013-07-16 10:14:41 -05:00
3dbe8fab2c
Add foreman_openstack_satellite_code_exec.rb
...
This module exploits a code injection vulnerability in the 'create'
action of 'bookmarks' controller of Foreman and Red Hat
OpenStack/Satellite (Foreman 1.2.0-RC1 and earlier).
2013-07-16 12:07:31 -03:00
a5d526d710
remove metsrv.dll
2013-07-15 17:16:21 +01:00
e28dd42992
add http authentification and socks
2013-07-15 15:36:58 +01:00
fdd577598a
Land #2095 , go_pro fix for Kali
2013-07-15 04:27:56 -05:00
f594c4b128
small cleanup
2013-07-15 08:48:18 +02:00
393c1b2a99
session stuff
2013-07-15 07:57:30 +02:00
a6b48f3082
HTTP GET
2013-07-14 19:02:53 +02:00
9f65264af4
make msftidy happy
2013-07-14 15:45:14 +02:00
47ca4fd48f
session now working
2013-07-14 15:42:41 +02:00
9133dbac4a
some feedback included and some playing
2013-07-14 14:14:06 +02:00
f48c70d468
enable tor and small fix
2013-07-13 17:59:49 +01:00
94f8b1d177
Land #2073 , psexec_psh
2013-07-12 16:14:17 -05:00
f81369a10d
Don't make promises about AV detection
2013-07-12 16:13:02 -05:00
91b748a701
Make it clear where we failed
...
Even when VERBOSE=false
2013-07-12 15:57:30 -05:00
bc88732400
Prints don't need to be rescued
2013-07-12 15:56:04 -05:00
e8983a21c5
New meterpreter payload reverse_https_proxy
2013-07-12 16:45:16 -04:00
e8294b4f02
Add tentative fixes
2013-07-12 07:12:07 -05:00
1ac1d322f2
Dup before modifying
...
Because `remove_resource` modifies @my_resources, we can't call it while
iterating over the actual @my_resources. The following snippet
illustrates why:
```
>> a = [1,2,3,4]; a.each {|elem| a.delete(elem); puts elem }
1
3
=> [2, 4]
```
[See #2002 ]
2013-07-12 00:57:10 -05:00
529471ed53
Land #2081 - MediaCoder .M3U Buffer Overflow
2013-07-11 23:57:43 -05:00
1341d6ec6b
Remove extra commas and try to keep a line in 100 columns
2013-07-11 23:54:54 -05:00
38e837dc28
Remove inaccurate comment
2013-07-11 22:48:35 -05:00
d9f212320f
Land #2094 , @wchen-r7's changes for smb_enumshares
2013-07-11 18:38:19 -05:00
279787d942
Make this error less verbose too
2013-07-11 17:36:11 -05:00
0906345af4
Ah, typo
2013-07-11 16:53:39 -05:00
eb1905025d
I bet having ip:rport will make more sense
2013-07-11 16:45:52 -05:00
a4d96d37f3
Updated regex
2013-07-11 21:16:02 +01:00
0a9c1bcfff
Too verbose by default drives users nuts, go easy on that.
2013-07-11 13:41:22 -05:00
55dbfc9281
shares_info should only run if there's shares found
2013-07-11 13:36:26 -05:00
14b3e6440c
Check nil
2013-07-11 13:31:30 -05:00
e079f3766b
Land #2101 - Corel PDF Fusion Stack Buffer Overflow
2013-07-11 13:21:33 -05:00
1cf65623d6
Small desc update
2013-07-11 13:20:39 -05:00
2858b41b4f
Land #2102 - Fix typo
...
English is hard
2013-07-11 12:49:35 -05:00
46ac394d00
Land #2097 - show subheading for sections
2013-07-11 12:48:33 -05:00
550fd16a62
Ditch all caps message format
2013-07-11 12:47:26 -05:00
d9107d2bd9
Add module for CVE-2013-3248
2013-07-11 12:30:08 -05:00
abcf34a2e7
Fix typo
2013-07-11 11:56:24 -05:00
496de1755d
Land #2096 - Be able to show advanced options in msfvenom
2013-07-11 11:41:50 -05:00
b5d59980d2
Land #2098 - Catch Rex::ArgumentParseError
2013-07-11 11:38:03 -05:00
62413df04f
Only catch Rex::ArgumentParseError
...
Avoid catching all exceptions, that way we don't actually shut up
other possible errors that are actually bugs.
2013-07-11 11:36:21 -05:00
ca0880428f
Make sure module is awre of USE_SRVSVC_ONLY if that kicks in
2013-07-11 11:08:09 -05:00
a6ce629c3c
Capture a 0xC00000BB condition, plus some other fixes
2013-07-11 10:52:58 -05:00
6f7152a3da
msfcli - fixed impcomplete argument parsing
2013-07-11 12:27:57 +01:00
fe96e0a210
msfcli - show subheading for sections
2013-07-11 12:01:50 +01:00
20c5e08988
msfvenom - Added advance options
2013-07-11 11:39:54 +01:00
ff62a85501
command_dispatcher/core.rb - Made msftidy happy
2013-07-11 10:52:25 +01:00
Ramon de C Valle
William Vu
Joe Vennix
Alexandre Maloteaux
m-1-k-3
James Lee
corelanc0d3r
sinn3r
jvazquez-r7
g0tmi1k