Commit Graph

24094 Commits (1cb1d4d5ff732d61dc1e055ce2caa4c4ac44bb8b)

Author SHA1 Message Date
sinn3r 023bde5b43 Correct msftidy disclosure date check
This correct msftidy's disclosure date check to do the following:

1. If the module has a disclosure date, the check should kick in.
2. If the module is an exploit, and doesn't have a disclosure
   date, then it will be flagged.
3. If the module is an auxiliary, and doesn't have a disclosure
   date, then it will NOT be flgged (because not all aux modules
   target bugs/vulns like exploits do).
2014-04-07 14:21:04 -05:00
Christian Mehlmauer ac0cafcca6
Initial commit for openssl Heartbleed bug 2014-04-07 21:15:54 +02:00
Tod Beardsley e1071eb4ea
Land todb-r7#6, fix the comment docs 2014-04-07 14:06:50 -05:00
William Vu 31b3a6973e
Fix symlink commands 2014-04-07 12:40:11 -05:00
Michael Messner b1a6b28af9 fixed disclosure date 2014-04-07 19:29:37 +02:00
William Vu 579d6c7bcc
Land #3196, release fixes 2014-04-07 12:26:30 -05:00
Michael Messner 003310f18a feedback included 2014-04-07 19:25:26 +02:00
Tod Beardsley 7572d6612e
Spelling and grammar on new release modules 2014-04-07 12:18:13 -05:00
sinn3r d385c5ad4b Fix undefined method `rport' for the check command 2014-04-07 11:48:28 -05:00
Michael Messner 85de6ed0c9 feedback included 2014-04-07 18:20:15 +02:00
sinn3r 0c883723ba
Land #3149 - Oracle Demantra Arbitrary File Retrieval with auth bypass 2014-04-07 11:11:55 -05:00
sinn3r 31dfae3a01 Follow the 100 columns per line guideline 2014-04-07 11:10:20 -05:00
sinn3r de242ecc00 Correct date format
Hmm weird, msftidy didn't pick this up
2014-04-07 11:09:27 -05:00
sinn3r 13d3d48493
Land #3194 - WinRAR Filename Spoofing 2014-04-07 11:00:08 -05:00
jvazquez-r7 56bd35c8ce Add module for WinRAR spoofing vulnerability 2014-04-07 09:21:49 -05:00
jvazquez-r7 80b069f161 Add support for spoofed zip Central Dir names at Entry level 2014-04-07 09:21:26 -05:00
jvazquez-r7 46e6f937f1 Revert "Add central directory zip spoofing"
This reverts commit d0700e8ac4.
2014-04-07 08:50:33 -05:00
jvazquez-r7 d0700e8ac4 Add central directory zip spoofing 2014-04-07 08:49:49 -05:00
Michael Messner 11bbb7f429 fritzbox echo exploit 2014-04-07 09:12:22 +02:00
dummys ca7dcc0781 cleanup with msftidy 2014-04-06 12:41:58 +02:00
William Vu 6e9a136c59
Land #3191, CONTRIBUTING.md improvements 2014-04-05 22:23:25 -05:00
William Vu 531686c2c9
Change italics to bold 2014-04-05 22:21:44 -05:00
Tod Beardsley 22ff5e2b0b Add three more dos/donts to CONTRIBUTING.md
I've seen a couple PRs targeting the wrong branch. Many projects have a
workflow where PRs should hit `develop` or `release` or something, but
Metasploit-Framework wants PRs targeted against `master`.

Also, warn against fixing too much in one PR since those kinds of PRs
are a) harder to validate and b) might be all wrong anyway. We don't
want people committing a bunch of work when the fundamental approach
isn't going to fly.
2014-04-05 16:10:18 -05:00
jvazquez-r7 6d72860d58
Land #3004, @m-1-k-3's linksys moon exploit 2014-04-04 14:04:48 -05:00
jvazquez-r7 0ae75860ea Code clean up 2014-04-04 14:02:12 -05:00
sinn3r ea1c6fe8a4
Land #3177 - JIRA Issues Collector Directory Traversal 2014-04-04 10:41:51 -05:00
Spencer McIntyre 395f5beef8
Land #3178, http header scan module 2014-04-04 11:36:35 -04:00
Christian Mehlmauer 166e73b52d Merge pull request #5 from zeroSteiner/http_header_changes
Minor modifications for http_header
2014-04-04 17:18:59 +02:00
Spencer McIntyre 2b6ae68cbf Minor modifications for http_header 2014-04-04 10:46:03 -04:00
jvazquez-r7 e2cbcf3c5d
Land #3179, @brandonprry AlienVault sqli aux module 2014-04-04 09:17:11 -05:00
jvazquez-r7 ff6105e55d Add check codes 2014-04-04 09:13:43 -05:00
Brandon Perry 44db611845 defaultoptions, not option 2014-04-04 05:55:35 -07:00
dummys c90c49e319 Add vtiger install rce 0 day 2014-04-04 10:16:55 +02:00
jvazquez-r7 6f14cd225d Do minor clean up 2014-04-03 23:22:44 -05:00
William Vu 48ef061c3c
Land #3046, AIX ibtstat privesc exploit 2014-04-03 17:07:00 -05:00
William Vu 5ac6c4b565
Align msftidy whitelist to 80 columns 2014-04-03 16:54:47 -05:00
William Vu 6c67f1881f
Normalize syntax and whitespace 2014-04-03 16:54:33 -05:00
Tod Beardsley e1d819b8b9
Update the comment docs on pre-commit-hook.rb
[SeeRM #8779]
2014-04-03 15:26:25 -05:00
Tod Beardsley 70c0a19bbe
Be explicit about which mode we're in.
[SeeRM #8779]
2014-04-03 15:20:50 -05:00
Christian Mehlmauer 253a1c1f87
Land #3180, EMC Cloud Tiering Appliance Unauthed XXE with root perms 2014-04-03 22:02:13 +02:00
Brandon Perry a57da00932 fix refs line 2014-04-03 14:07:00 -07:00
Brandon Perry 51f83fccde add some checks in vase the file wasn't retrievable 2014-04-03 14:04:05 -07:00
William Vu 9779913060
Land #3184, Rex::Proto::Http::Client IOError fix 2014-04-03 15:58:50 -05:00
sinn3r 03559dedcd
Land #3187 - Changed OptString to OptRegexp 2014-04-03 14:52:59 -05:00
joev 3504ddc633 Fix http spec. 2014-04-03 14:50:54 -05:00
joev 42d59d269e Check #closed? instead of rescuing. 2014-04-03 14:20:48 -05:00
William Vu d69a9d3c45
Land #3186, OptString should be OptRegexp 2014-04-03 13:07:23 -05:00
Christian Mehlmauer d995d84e91
Changed OptString to OptRegexp 2014-04-03 19:40:07 +02:00
Christian Mehlmauer b4aa08251f
changed option from string to regex 2014-04-03 19:34:40 +02:00
joev 98628b814e Prevent Rex::Proto::Http::Client from raising on close. 2014-04-03 11:36:18 -05:00