Commit Graph

28551 Commits (17032b1eed96cb8c966b0a9f155a116b058a409a)

Author SHA1 Message Date
Juan Escobar 17032b1eed Fix issue reported by FireFart 2014-11-13 04:48:45 -05:00
Juan Escobar ac17780f6d Fix by @FireFart to recover communication with the application after a meterpreter session 2014-11-11 05:49:18 -05:00
Juan Escobar 6bf1f613b6 Fix issues reported by FireFart 2014-11-11 00:41:58 -05:00
Juan Escobar d4bbf0fe39 Fix issues reported by wchen-r7 and mmetince 2014-11-10 15:27:10 -05:00
Juan Escobar 9cce7643ab update description and fix typos 2014-11-09 09:10:01 -05:00
Juan Escobar 5d17637038 Add CVE-2014-7146 PHP Code Execution for MantisBT 2014-11-09 08:00:44 -05:00
jvazquez-r7 bc5529396f
Land #4137, @pedrib's module for Eventlog CVE-2014-6038/6039 2014-11-08 08:12:11 -06:00
Pedro Ribeiro e7b448537f Add OSVDB ids 2014-11-08 11:05:34 +00:00
Pedro Ribeiro bf7c7688c0 Merge pull request #7 from jvazquez-r7/review_4137
Review Eventlog Analzyer exploit for CVE-2014-6038/6039
2014-11-08 11:04:28 +00:00
jvazquez-r7 9d6e0664a4 Guess service name and port 2014-11-07 20:56:01 -06:00
jvazquez-r7 a44640c9fc Use single quotes 2014-11-07 20:48:04 -06:00
jvazquez-r7 7c1c08fc19 Use single quotes without interpolation 2014-11-07 20:46:47 -06:00
jvazquez-r7 0373156cce Use unless over if not 2014-11-07 20:42:08 -06:00
jvazquez-r7 f5a920da99 Use || operator 2014-11-07 20:41:44 -06:00
jvazquez-r7 64754a5609 Delete unnecessary begin..end block 2014-11-07 20:38:36 -06:00
jvazquez-r7 0919f74a3d Delete unused variable 2014-11-07 20:37:57 -06:00
jvazquez-r7 22b875d0f3 Reduce code complexity 2014-11-07 20:37:40 -06:00
jvazquez-r7 b1517e6ace Delete unnecessary nil comparision 2014-11-07 20:34:13 -06:00
jvazquez-r7 aa1fec7f02 Use fail_with 2014-11-07 20:33:33 -06:00
jvazquez-r7 d630eac272 Reduce code complexity 2014-11-07 20:32:15 -06:00
jvazquez-r7 cea30b5427 Use built-in format for RPORT 2014-11-07 20:30:32 -06:00
jvazquez-r7 e99cc00a57 No more than 100 columns on description 2014-11-07 20:29:38 -06:00
William Vu a830c28012
Land #4151, downcase nil deref. fix 2014-11-07 11:43:22 -06:00
Jon Hart 2b7d25950b
Land #4148, @wchen-r7 fixed #4133 2014-11-07 08:26:29 -08:00
sinn3r e54442af36 Fix #4089 - undefined method `downcase' for nil:NilClass 2014-11-07 02:45:22 -06:00
sinn3r 0dbfecba36 Better method name
Should be srvhost, not lhost
2014-11-07 02:23:34 -06:00
Pedro Ribeiro c00a3ac9cd Add full disclosure URL 2014-11-07 08:06:21 +00:00
Samuel Huckins 71a96f256b
Land #4149, readline adjustments
* Windows guard, DRYing
2014-11-07 00:09:48 -06:00
Joshua Smith 7b25e3be75
Land #4139, Visual Mining NetCharts
landed after some touch up
2014-11-06 22:52:41 -06:00
Joshua Smith 7510fb40aa touch up visual_mining_netcharts_upload 2014-11-06 22:50:20 -06:00
Joshua Smith 709ff1bbdb touch up lib/rex/mime/message.rb 2014-11-06 22:48:34 -06:00
Pedro Ribeiro 8a0249cdbf Address Juan's points 2014-11-06 21:02:28 +00:00
Luke Imhoff f494a9f3da
Don't depend on 'rb-readline' on Windows
MSP-11585

`rb-readline` gem doesn't work with Ruby Installer for 1.9.3 because of
`NoMethodError undefined method 'dlopen' for Fiddle:Module`.  Removing
`rb-readline` may be a temporary fix it if turns out that this is a bug
with rb-readline or some other upstream bug.
2014-11-06 14:52:49 -06:00
Luke Imhoff 122928d952
Remove redundant rb-readline from Gemfile
MSP-11585

The entry in the gemspec is sufficient.
2014-11-06 14:51:10 -06:00
jvazquez-r7 64fe2dd7d6
Land #4143, @kernelsmith's get_custom_exe fix
* Initializes the exe variable
* Fixes #4131
2014-11-06 14:39:57 -06:00
sinn3r 579481e5f8 Explain why I did this
Also tagging Fix #4133
2014-11-06 14:25:11 -06:00
sinn3r f210ade253 Use SRVHOST for msvidctl_mpeg2 2014-11-06 14:23:21 -06:00
Joshua Smith b199820d23 init exe as nil instead of '' 2014-11-06 13:31:37 -06:00
jvazquez-r7 6e51d84371
Land #4138, @wchen-r7's reference cheking for module_reference.rb
* Fixes #4039
2014-11-06 10:51:29 -06:00
sinn3r f7e308cae8
Land #4110 - Citrix Netscaler BoF 2014-11-06 00:04:17 -06:00
Joshua Smith 861443d947
Land #4144, fix default template.pdf 2014-11-05 23:13:16 -06:00
sinn3r c2391bf011 Add an R in /Info for the trailer dictionary to make it readable 2014-11-05 22:28:37 -06:00
Joshua Smith 265c178c52 fixes #4131, EXE::Custom NameError 2014-11-05 22:10:54 -06:00
jvazquez-r7 54c1e13a98
Land #4140, @wchen-r7's default template for adobe_pdf_embedded_exe
* Fixes #4134
* Adds a default PDF template
2014-11-05 20:21:14 -06:00
jvazquez-r7 adefb2326e
Land #4124, @wchen-r7 fixes #4115 adding HTTP auth support to iis_webdav_upload_asp 2014-11-05 18:14:33 -06:00
Jon Hart 496c8fa47d
Land #4136, @todb-r7's fix to allow use of other ruby versions
Only rbenv and rvm have been tested.

For rbenv:

  rbenv shell <VERSION>

For rvm:

  rvm --create --versions-conf use <VERSION>@metasploit-framework
2014-11-05 15:27:53 -08:00
sinn3r 1b2554bc0d Add a default template for CVE-2010-1240 PDF exploit 2014-11-05 17:08:38 -06:00
Jon Hart 973c639c0e Add note about rbenv for rvm .versions.conf local override 2014-11-05 15:03:02 -08:00
jvazquez-r7 c833888c32 Just randomize 2014-11-05 15:53:06 -06:00
jvazquez-r7 79cabc6d68 Fix clean up 2014-11-05 15:46:33 -06:00