Commit Graph

12645 Commits (14e3cd75dc32f369edf8d8c2fd806597fdf7315a)

Author SHA1 Message Date
James Lee 0547369966 Add bap support for flash mp4 and new java bug
Also fixes a silly issue where adobe_flash_mp4_cprt was adding the
/test.mp4 resource after every request instead of just once at startup.
2012-03-30 12:59:07 -06:00
sinn3r e723704a32 Merge pull request #289 from wchen-r7/enum_colloquy
Add post module enum_colloquy.rb to collect chatlogs and the plist
2012-03-30 09:24:32 -07:00
sinn3r 18a13a4bfb Correct description 2012-03-30 11:22:55 -05:00
sinn3r 392125f201 Merge pull request #290 from swtornio/master
add osvdb ref
2012-03-30 09:17:39 -07:00
Steve Tornio ae21c05e69 add osvdb ref 2012-03-30 07:26:07 -05:00
sinn3r e018c6604f Modify CVE-2012-0507 2012-03-30 02:06:56 -05:00
sinn3r 8d2a58dfd8 Add post module enum_colloquy.rb to collect chatlogs and the preferences list 2012-03-29 16:24:43 -05:00
Tod Beardsley bec8d40a6c File permissions fix 2012-03-29 16:24:31 -05:00
James Lee b5fc8e4a77 Merge branch 'upstream-master' 2012-03-29 13:18:01 -06:00
Tod Beardsley f069a32223 Merge pull request #288 from wchen-r7/cve_2012_0507
Adding sinn3r and juan's exploit for CVE-2012-0507. Blog post coming soon.
2012-03-29 08:46:49 -07:00
sinn3r 791ebdb679 Add CVE-2012-0507 (Java) 2012-03-29 10:31:14 -05:00
Tod Beardsley bd4819e8f2 Merge pull request #238 from mak/linux-x64-find-port
linux/x64/shell_find_port payload
2012-03-29 05:54:54 -07:00
Tod Beardsley 220ad7875f Merge pull request #285 from wvandevanter-r7/squid_pivot_scanning
Squid pivot scanning
2012-03-29 05:02:05 -07:00
Tod Beardsley 434e487800 Merge pull request #287 from rsmudge/armitage
startup bug fix for armitage
2012-03-29 05:00:03 -07:00
Raphael Mudge 28483711e7 initialize a console before connecting to db (forces msf to setup the database for user) 2012-03-29 01:00:03 -04:00
Willis Vandevanter f5e05461f6 changed the false positive check IP to a user set variable 2012-03-28 22:18:56 -04:00
sinn3r 73b53ea225 Merge pull request #286 from jlee-r7/bug/6567
Make sure session.target_host gets resolved
2012-03-28 14:33:26 -07:00
Raphael Mudge e48c47e958 Armitage 03.28.12. Mostly performance improvements. 2012-03-28 14:33:25 -06:00
Tod Beardsley 56404f5edd Fixing EDB reference 2012-03-28 14:33:25 -06:00
HD Moore 9968b94951 Update for compatibility 2012-03-28 14:33:25 -06:00
James Lee e9a9bc4794 Rename enum_user_dirs 2012-03-28 14:33:25 -06:00
James Lee 64f8665df0 Remove loads 2012-03-28 14:33:24 -06:00
James Lee 0e472deede Add a simple test for unix shells 2012-03-28 14:33:24 -06:00
Tod Beardsley bd13720c45 Fixing checksum uri generator again.
This time, it's ensured that generate_uri_checksum(sum) will succeed,
provided the sum is an even number between 80 and 100 (tested)

It's still not great for arbitrary checksum targets, but that's because
there are lots of strings that cannot satisfy the requirement. I kind of
think this is the fault of Rex.
2012-03-28 14:33:24 -06:00
sinn3r d01bf496f0 Remove the extra 'require' 2012-03-28 14:33:24 -06:00
sinn3r 844654b1e1 Add OSX Gather Airport post module 2012-03-28 14:33:24 -06:00
HD Moore f4f8187eee Correct an issue where launched exploits only used saved configurations 2012-03-28 14:33:24 -06:00
James Lee f797bb5d1b Convert railgun tests to ModuleTest API 2012-03-28 14:33:24 -06:00
James Lee 8f376e5605 Allow empty values for OptRegexp options 2012-03-28 14:33:24 -06:00
James Lee 3abb45672d Convert registry tests to ModuleTest API 2012-03-28 14:33:24 -06:00
James Lee 5821a70b16 Add exception logging for test failures 2012-03-28 14:33:24 -06:00
James Lee eda4da870d Return a proper value instead of a silly print 2012-03-28 14:33:24 -06:00
Tod Beardsley 2dfd501e5f Quoting "Chicken of the VNC"
Otherwise, this looks like a nonsense string to people not familiar with
this application.
2012-03-28 14:33:24 -06:00
Tod Beardsley e651c9ba3b Grammar on dns_txt_query_exec payload name and desc 2012-03-28 14:33:24 -06:00
Tod Beardsley 7f0fb84743 Fix up desc again on enum_dns 2012-03-28 14:33:23 -06:00
Tod Beardsley a6ab0304d6 More fixes to enum_dns.rb
* Should use 'and', not & (bitwise AND)
  * Made capitalization sane for Anglophones. See: http://owl.english.purdue.edu/owl/resource/592/1/
2012-03-28 14:33:23 -06:00
Tod Beardsley 27af32d382 Style fixes for enum_dns.rb
* Use a dotted.notation for note types
  * Changed title to something more descriptive
  * Expanded description
  * Other trivial changes
2012-03-28 14:33:23 -06:00
sinn3r 73e5ead177 ADD OSVDB-80262 2012-03-28 14:33:23 -06:00
sinn3r 6789c32539 Add OSVDB-80262 2012-03-28 14:33:23 -06:00
Tod Beardsley cb49500b8f A still cleaner checksummed URI generator
Now with http and https support.
2012-03-28 14:33:23 -06:00
Tod Beardsley 7278946ecb Revert "Precalculate some uri strings in case the 1000-round generation fails"
This reverts commit 7161a548f4.

Prepping for a more sane solution that doesn't change the URI sizes and
succeeds without fallingback to a pre-generated list.
2012-03-28 14:32:27 -06:00
hdm 7d2095bad4 Precalculate some uri strings in case the 1000-round generation fails 2012-03-28 14:32:27 -06:00
Tod Beardsley 4f4200a7b7 Revert "Precalculate some uri strings in case the 1000-round generation fails"
This reverts commit 7161a548f4.

Prepping for a more sane solution that doesn't change the URI sizes and
succeeds without fallingback to a pre-generated list.
2012-03-28 14:32:27 -06:00
Tod Beardsley 9bc309958d A nicer checksum fixer
Just use a checksum digit like a cc#, no need for precalculated lists,
will be correct every time.
2012-03-28 14:31:23 -06:00
hdm dea92a1e29 Precalculate some uri strings in case the 1000-round generation fails 2012-03-28 14:29:31 -06:00
Tod Beardsley 0df4a8a63d Rogue period, DELETED. 2012-03-28 14:29:31 -06:00
sinn3r cfc0fdac7d Cosmetic cleanup 2012-03-28 14:29:31 -06:00
corelanc0d3r 1501cf1932 probably safer to use regex 2012-03-28 14:29:31 -06:00
Kurtis Miller 72cfbaa4d1 forgot to add renamed module 2012-03-28 14:29:31 -06:00
Kurtis Miller df116185d4 modifications recommended by sinn3r 2012-03-28 14:29:31 -06:00