170608e97b
Fix first chunk of msftidy "bad char" errors
...
There needs to be a better way to go about preventing/fixing these.
2014-03-11 11:18:54 -05:00
045900bed1
Land #3084 , msftidy for mipsle reboot shellcode
2014-03-11 09:56:56 -05:00
46c11ea2eb
Small fixes to m-1-k-3's mipsle reboot shellcode.
2014-03-10 17:17:23 -05:00
7da54eb9cf
Merge branch 'landing-3041' into upstream-master
...
Lands PR #3041 , @m-1-k-3's reboot shellcode.
2014-03-10 17:11:06 -05:00
8b4f8ec21a
Land #3082 - Release fixes
2014-03-10 15:19:13 -05:00
2086224a4c
Minor fixes. Includes a test module.
2014-03-10 14:49:45 -05:00
26be236896
Pass MSFTidy please
2014-03-10 14:45:56 -05:00
368df03ae1
Land #3081 , Yokogawa SCADA vulns
...
I know it looks like I'm landing my own PR, but it's an illusion; I am
merely shoving bits around on @jvazquez-r7's behalf while he is
technically (and now actually) on vacation.
2014-03-10 12:44:00 -05:00
6e279da6bd
Land todb-r7#13 for rapid7#3081 credit update
2014-03-10 10:24:05 -05:00
8cfa5679f2
More nick instead of name
2014-03-10 16:12:44 +01:00
bc8590dbb9
Change DoS module location
2014-03-10 16:12:20 +01:00
1061036cb9
Use nick instead of name
2014-03-10 16:11:58 +01:00
5485028501
Add 3 Yokogawa SCADA vulns
...
These represent our part for public disclosure of the issues listed
here:
http://www.yokogawa.com/dcs/security/ysar/YSAR-14-0001E.pdf
Yokogawa is calling these YSAR-14-0001E, and I think that they map
thusly:
YSAR-14-0001E Vulnerability 1 :: R7-2013-19.1
YSAR-14-0001E Vulnerability 2 :: R7-2013-19.3
YSAR-14-0001E Vulnerability 3 :: R7-2013-19.4
@jvazquez-r7 if you could confirm, I'd be delighted to land these and
get your disclosure blog post published at:
https://community.rapid7.com/community/metasploit/blog/2014/03/10/yokogawa-centum-cs3000-vulnerabilities
Thanks for all the work on these!
2014-03-10 09:33:54 -05:00
e32ff7c775
Land #3077 - Allow TFTP server to take a host/port argument
2014-03-08 00:58:52 -06:00
151e2287b8
OptPath, not OptString.
2014-03-07 10:52:45 -06:00
5cf1f0ce4d
Since dirs are required, server will send/recv
...
This does change some of the meaning of the required-ness of the
directories. Before, if you wanted to serve files, but not receive any,
you would just fail to set a OUTPUTPATH.
Now, since both are required, users are required to both send and
recieve. This seems okay, you can always just set two different
locations and point the one you don't want at /dev/null or something.
2014-03-07 10:49:11 -06:00
37fa4a73a1
Make the path options required and use /tmp
...
Otherwise it's impossible to run this module without setting the options
which were not otherwise validated anyway.
2014-03-07 10:41:18 -06:00
c76a1ab9f4
Land #3065 - Safari User-Assisted Download & Run Attack
2014-03-07 10:29:56 -06:00
ebee365fce
Land #2742 , report_vuln for MongoDB no auth
2014-03-06 19:34:45 -05:00
84f280d74f
Use a more descriptive MongoDB vulnerability title
2014-03-06 19:20:52 -05:00
8a0531650c
Allow TFTP server to take a host/port argument
...
Otherwise you will tend to listen on your default ipv6 'any' address and
bound to udp6 port 69, assuming you haven't bothered to disable your
automatically-enabled ipv6 stack.
This is almost never correct.
2014-03-06 16:13:20 -06:00
9638bc7061
Allow a custom .app bundle.
...
* adds a method to Rex::Zip::Archive to allow recursive packing
2014-03-06 16:11:30 -06:00
5abb442757
Adds more descriptive explanation of 10.8+ settings.
2014-03-06 15:15:27 -06:00
ee0aa20955
Land #3013 , Metasm update
2014-03-06 14:15:42 -06:00
43d315abd5
Hardcode the platform in the safari exploit.
2014-03-06 13:04:47 -06:00
3c2eb29762
Land #3068 - require msf/core/exploit/powershell
2014-03-05 21:32:10 -06:00
df2bdad4f9
Include 'msf/core/exploit/powershell'
...
Prevent:
```
[-] /pentest/exploit/metasploit-framework/modules/exploits/windows/misc/hp_dataprotector_exec_bar.rb: NameError uninitialized constant Msf::Exploit::Powershell
```
2014-03-06 12:57:43 +11:00
38a2e6e436
Minor fixes.
2014-03-05 19:03:54 -06:00
dca807abe9
Tweaks for BES.
2014-03-05 19:00:15 -06:00
12cf5a5138
Add BES, change extra_plist -> plist_extra.
2014-03-05 18:51:42 -06:00
9d0743ae85
Land #3030 - SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write
2014-03-05 16:34:54 -06:00
2015c56699
Land #3066 - HP Data Protector Backup Client Service Remote Code Execution
2014-03-05 16:18:28 -06:00
096d6ad951
Land #3055 , heapLib2 integration
2014-03-05 15:48:13 -06:00
1ea35887db
Add OSVDB reference
2014-03-06 01:40:15 +10:30
4e9350a82b
Add module for ZDI-14-008
2014-03-05 03:25:13 -06:00
cd3c2f9979
Move osx-app format to EXE.
2014-03-04 22:54:00 -06:00
a1aef92652
Land #2431 - In-memory bypass uac
2014-03-05 11:15:54 +10:00
7cb6e7e261
Land #3057 - MantisBT Admin SQL Injection Arbitrary File Read
2014-03-04 17:52:29 -06:00
f0e97207b7
Fix email format
2014-03-04 17:51:24 -06:00
32c27f6be0
Tweak timeouts.
2014-03-04 17:16:23 -06:00
40047f01d3
Adds Safari User Assisted download launch module.
2014-03-04 17:02:51 -06:00
caaa419ef8
Land #3054 - Fix crash in osx/x64/exec on 10.9 Mavericks
2014-03-04 15:24:02 -06:00
4c4a931fa4
Land #3064 , naughty talk cleanup
2014-03-04 15:01:34 -06:00
f50d6c8709
Remove a couple more instances of "shit"
2014-03-04 15:00:48 -06:00
a3d72567f3
That one, too.
2014-03-04 14:38:25 -06:00
60d0667d9f
Land #3063 , make CONTRIBUTING and HACKING useful
2014-03-04 14:36:12 -06:00
6e88bbd827
No need for that kind of language
2014-03-04 14:34:50 -06:00
9338b43e22
Merge remote-tracking branch 'origin/pr/5' into feature/contributing
2014-03-04 14:21:17 -06:00
d27b47a078
Update HACKING along with CONTRIBUTING.md
2014-03-04 14:12:42 -06:00
45086d01ce
Add a link to common coding mistakes
2014-03-04 14:06:34 -06:00
William Vu
joev
sinn3r
Tod Beardsley
jvazquez-r7
Spencer McIntyre
Brendan Coles
OJ