sinn3r
25a1552fbd
Dynamic VirtualProtect dwSize. Change output style.
2012-03-11 13:49:46 -05:00
Tod Beardsley
de888e50f0
Adding a cleaner RuntimeError to target_uri
...
The purpose of re-raising an error from a library method like this is to
tell the user in no uncertain terms what all actually went wrong with the
module. This fix will cause a somewhat more pleasant error message than
the default message. Here's the raise from URI:
```
[-] Auxiliary failed: URI::InvalidURIError bad URI(is not URI?): what%ever
[-] Call stack:
[-] /home/todb/.rvm/rubies/ruby-1.9.1-p378/lib/ruby/1.9.1/uri/common.rb:156:in `split'
[-] /home/todb/.rvm/rubies/ruby-1.9.1-p378/lib/ruby/1.9.1/uri/common.rb:174:in `parse'
[-] /home/todb/.rvm/rubies/ruby-1.9.1-p378/lib/ruby/1.9.1/uri/common.rb:626:in `parse'
[-] /home/todb/.rvm/rubies/ruby-1.9.1-p378/lib/ruby/1.9.1/uri/common.rb:724:in `URI'
[-] /home/todb/git/rapid7/metasploit-framework/lib/msf/core/exploit/http/client.rb:535:in `target_uri'
[-] /home/todb/.msf4/modules/auxiliary/test_uri.rb:20:in `run'
[*] Auxiliary module execution completed
```
And here's the new, Metasploit-specific one:
```
[-] Invalid URI: "what%ever"
[-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: URIPATH.
[*] Auxiliary module execution completed
```
The user can now tell easily what's wrong with the module configuration,
and doesn't have to parse through a stack trace that leads down into
the Ruby stdlib.
2012-03-10 10:58:16 -06:00
sinn3r
b0e7c048c9
This module fits the GoodRanking description
2012-03-10 00:50:41 -06:00
sinn3r
710c66dbb0
Merge branch 'venom_opts' of https://github.com/kernelsmith/metasploit-framework into kernelsmith-venom_opts
2012-03-10 00:48:24 -06:00
sinn3r
1d5bad469c
Add Windows 7 SP1 target
2012-03-10 00:11:25 -06:00
Joshua Smith
645f9b4f53
added -o,--options to list the options for a payload
2012-03-09 20:39:14 -05:00
sinn3r
cc87ed8428
Remove weird error handling unless someone explains to me why I need to raise errors when it does already
2012-03-09 18:42:06 -06:00
sinn3r
0530eb4b09
Add target_uri
2012-03-09 14:44:32 -06:00
sinn3r
1ae779157d
Disable Nops so we don't get an ugly crash after getting a shell
2012-03-08 18:56:58 -06:00
Tod Beardsley
8ab783d3d9
Replicating master's fixes to flash.
...
The Max Power way.
2012-03-08 17:00:58 -06:00
Tod Beardsley
1e4d4a5ba0
Removing EncoderType from flash module
...
Also not very useful
2012-03-08 16:57:41 -06:00
Tod Beardsley
302a42a495
Fixing up print statements
...
Dropping the ROP prints since they're not all that useful.
2012-03-08 16:56:44 -06:00
Tod Beardsley
1396fc19bd
Fixup bad merge on flash mp4
2012-03-08 16:52:53 -06:00
Tod Beardsley
19aaed05c9
Title change on .mp4 to MP4
...
and that's all.
2012-03-08 16:51:43 -06:00
sinn3r
cb04e47304
Attempt #2 : there's no cli in get_payload
2012-03-08 16:47:49 -06:00
sinn3r
3563fe1b36
The encoder "issue" was just a misconfig on my side. Also there's no cli in get_payload.
2012-03-08 16:41:32 -06:00
sinn3r
fee2e1eff9
Minor spray size change
2012-03-08 16:19:51 -06:00
HD Moore
12395c719f
Remove debugging code
2012-03-08 16:16:42 -06:00
HD Moore
c8c73b076d
Permisssions (ignore)
2012-03-08 16:16:13 -06:00
HD Moore
87274987c1
Remove the now obsolete text about SWF_PLAYER
2012-03-08 16:16:13 -06:00
HD Moore
28a58a39c2
Propagate the job_id back to the caller (often console's active_module)
...
to restore job handling
2012-03-08 16:14:52 -06:00
sinn3r
181fdb7365
A small title change
2012-03-08 16:10:16 -06:00
HD Moore
6b00848688
Propagate the job_id back to the caller (often console's active_module)
...
to restore job handling
2012-03-08 16:01:32 -06:00
HD Moore
0c70586625
Merge branch 'mp4-player'
2012-03-08 15:47:25 -06:00
HD Moore
1271368b6f
Redirect to a trailing slash to make sure relative resources load
...
properly
2012-03-08 15:37:06 -06:00
HD Moore
3e6cbe9486
Add source code to the player
2012-03-08 15:23:10 -06:00
James Lee
090674386f
Tell the user when we have to switch from a deleted workspace
2012-03-08 14:08:38 -07:00
HD Moore
b0db18674c
Test out new player code
2012-03-08 15:05:12 -06:00
James Lee
b79e79022a
Add a rename option to workspace command
...
[Fixes #6498 ]
2012-03-08 13:44:31 -07:00
HD Moore
eb847a3dfb
Add a nicer prefix to the target selection message
2012-03-08 13:46:14 -06:00
David Maloney
795a40218e
Addresses a race condition with checking a scanner's status before it's run method has executed.
2012-03-08 13:18:02 -06:00
David Maloney
67c7971bdf
Addresses a race condition with checking a scanner's status before it's run method has executed.
2012-03-08 13:07:03 -06:00
Tod Beardsley
5b566b43b4
Catching an update from @hdmoore-r7
...
wrt the nuclear option.
2012-03-08 12:08:39 -06:00
sinn3r
edb3f19c12
A little more padding for Win Vista target
2012-03-08 12:04:04 -06:00
Tod Beardsley
97ba37f0c0
Adding compiled SWF as well.
...
Dammit
2012-03-08 12:03:51 -06:00
Tod Beardsley
18962e1180
Checking in the new Flash exploit to the release
...
Using the checkout master directly:
git checkout master external/source/exploits/CVE-2012-0754/Exploit.as
git checkout master
modules/exploits/windows/browser/adobe_flash_mp4_cprt.rb
2012-03-08 11:55:01 -06:00
Jonathan Cran
046857f3ab
Merge branch 'release/2012030701' of r7.github.com:rapid7/metasploit-framework into release/2012030701
2012-03-08 10:23:46 -06:00
HD Moore
188f5c111c
Simplify the module instance (required to call certain methods)
2012-03-08 10:22:32 -06:00
HD Moore
f0685e4a1f
Overwrite the local datastore with the normalized option, even if it
...
came from a global datastore due to a fall-through
2012-03-08 10:22:18 -06:00
HD Moore
36240b6fe4
Revert the previous global fix in favor of a different method.
...
Fixes #6501
2012-03-08 10:22:07 -06:00
HD Moore
a6053b1ec3
Always clone modules before running them via the simplified wrappers.
...
This prevents changes to the datastore or instance variables from
being carried over into a second run
2012-03-08 10:21:00 -06:00
HD Moore
86fc45810b
Remove the resource during cleanup
2012-03-07 23:04:53 -06:00
HD Moore
b4e0daf3ca
Small tweaks to the adobe mp4 exploit
2012-03-07 22:53:47 -06:00
James Lee
8d93e3ad44
Actually use the password we were given...
2012-03-08 10:17:39 -07:00
David Maloney
9d343ea1c1
Fix to dividie by zero issue in scannenr progress method
2012-03-08 11:03:33 -06:00
sinn3r
7ddd173b40
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-03-08 00:47:06 -06:00
sinn3r
9ece7b08fc
Add vendor's advisory as a reference
2012-03-08 00:46:34 -06:00
sinn3r
c63bc27c4b
Merge pull request #223 from rsmudge/armitage
...
Armitage 03.08.12
2012-03-07 22:45:52 -08:00
sinn3r
5f92bff697
Make sure no encoder will break the exploit again
2012-03-08 00:44:57 -06:00
sinn3r
2e94b97c82
Fix description
2012-03-07 23:59:51 -06:00