Commit Graph

21252 Commits (1d07b2bbfa591fcf43089c19413bf4716eebbd65)

Author SHA1 Message Date
b00stfr3ak 1d07b2bbfa Revert "removed ask file, already in pull request 2551"
This reverts commit 5ceda7c042.
2013-12-09 14:31:43 -07:00
b00stfr3ak 5ceda7c042 removed ask file, already in pull request 2551 2013-10-25 14:46:50 -07:00
b00stfr3ak a476595ddb Added require to post/windows 2013-10-25 14:42:22 -07:00
b00stfr3ak 84999115d7 Added PSH option if UAC is turned off
This will give the option to drop an exe or use psh if uac is turned
off.  The lib can be used for post exploitation to drop an exe or use
powershell and then execute it with the runas command.  I have used the
lib for both bypassuac and ask.
2013-10-25 14:37:12 -07:00
b00stfr3ak c2a69239ee Merge remote-tracking branch 'upstream/master' 2013-10-23 12:08:05 -07:00
sinn3r d1e1968cb9
Land #2566 - Download and delete a file via SMB 2013-10-23 12:28:57 -05:00
sinn3r 9a51dd5fc4 Do exception handling and stuff 2013-10-23 12:28:25 -05:00
sinn3r 0500842625 Do some exception handling 2013-10-23 12:22:49 -05:00
sinn3r 83a4ac17e8 Make sure fd is closed to avoid a possible resource leak 2013-10-23 12:16:18 -05:00
sinn3r af02fd0355 Use store_loot, sorry mubix 2013-10-23 12:13:05 -05:00
b00stfr3ak a5eb61c6f9 Merge remote-tracking branch 'upstream/master' 2013-10-23 09:54:30 -07:00
William Vu 0bc72a3bd4
Land #2564, pretty Fivemat format for RSpec 2013-10-23 11:17:07 -05:00
William Vu bea04cceeb Remove the trailing slash from the ZDI ref 2013-10-23 11:05:33 -05:00
William Vu ba74870673
Land #2567, ZDI ref correction for EMC exploit 2013-10-23 11:04:09 -05:00
Booboule 7d84fa487e Correct ZDI ref to match new scheme 2013-10-23 11:44:44 +02:00
sinn3r caf41f34bf
Land #2562 - Fix RM 8510 (FileDropper) 2013-10-22 21:45:33 -05:00
Rob Fuller 8f3228d191 chage author but basic copied from hdms upload_file 2013-10-22 21:13:30 -04:00
b00stfr3ak a06c0a9575 Merge branch 'local/ask' 2013-10-22 16:06:16 -07:00
b00stfr3ak 69131323af Merge remote-tracking branch 'upstream/master' 2013-10-22 16:05:19 -07:00
sinn3r acc73dd545
Land #2282 - BypassUAC now checks if the process is LowIntegrityLevel 2013-10-22 17:16:26 -05:00
sinn3r af174639cd
Land #2468 - Hwnd Broadcast Performance 2013-10-22 17:03:02 -05:00
jvazquez-r7 7d1dc3746f Use the @schierlm's command 2013-10-22 16:19:49 -05:00
sinn3r 079c82d11d
Land #2565 - Show full path in msftidy 2013-10-22 16:05:56 -05:00
sinn3r 2e8c369c69
Land #2559 - remove content-length 2013-10-22 16:03:42 -05:00
sinn3r ee95ca5e2b
Land #2158 - Fix NoMethodError undefined method `split' for nil:NilClass 2013-10-22 16:01:27 -05:00
Tod Beardsley dc0d9ae21d
Land #2560, ZDI references
[FixRM #8513]
2013-10-22 15:58:21 -05:00
sinn3r e1c4aef805
Land #1789 - Windows SSO Post Module 2013-10-22 15:48:15 -05:00
Meatballs 8611a2a24c
Merge remote-tracking branch 'upstream/master' into low_integ_bypassuac 2013-10-22 21:42:36 +01:00
sinn3r ba1edc6fa8
Land #2402 - Windows Management Instrumentation Local -> Peers 2013-10-22 15:39:32 -05:00
Rob Fuller b2b8824e2e add delete and download modules for smb 2013-10-22 16:31:56 -04:00
jvazquez-r7 6989f16661
Land #2548, @titanous's aux module for CVE-2013-4450 2013-10-22 15:02:54 -05:00
jvazquez-r7 bdf07456ba Last cleanup for nodejs_pipelining 2013-10-22 15:00:58 -05:00
William Vu 33c3167362 Show full path instead of just the basename
Since @todb-r7 and I hate having to use find. :/
2013-10-22 14:54:54 -05:00
Jonathan Rudenberg db447b65f9 Add exploit for Node.js HTTP Pipelining DoS 2013-10-22 15:12:14 -04:00
jvazquez-r7 11b2719ccc Change module plate 2013-10-22 12:36:58 -05:00
jvazquez-r7 df42dfe863
Land #2536, @ddouhine's exploit for ZDI-11-061 2013-10-22 12:35:40 -05:00
jvazquez-r7 c34155b8be Clean replication_manager_exec 2013-10-22 12:34:35 -05:00
Tod Beardsley dc19aa0340
Land #2500, msfupdate/msfconsole SVN purge
Tested a reasonable set of platforms, all looks good.
2013-10-22 12:28:20 -05:00
sinn3r 7c6c0ee450
Land #2563 - Fix misleading statement in Outlook post module 2013-10-22 12:16:42 -05:00
Rob Fuller e447aff0ec Fix misleading statement in Outlook post module
Since this module doesn't retrieve domain exchange information as it isn't stored there it shouldn't say that Outlook isn't installed at all.
2013-10-22 11:53:15 -04:00
jvazquez-r7 4ad9bc5efe Try to [FixRM #8510] 2013-10-22 08:42:14 -05:00
sinn3r 72f3d4f86c
Land #2496 - Added ability to generate multiple payloads
Thx Dave!
2013-10-22 01:42:03 -05:00
jvazquez-r7 71fab72e06 Delete duplicate content-length from axis2_deployer 2013-10-21 15:35:51 -05:00
William Vu 36a7d02001 Update msftidy to check new ZDI reference 2013-10-21 15:31:37 -05:00
William Vu 2aed8a3aea Update modules to use new ZDI reference 2013-10-21 15:13:46 -05:00
William Vu 9258d79978 Add ZDI references to reference.rb 2013-10-21 15:13:46 -05:00
jvazquez-r7 10a4ff41de Delete Content-Length duplicate header 2013-10-21 15:11:37 -05:00
Tod Beardsley b72b13322b Empty test commit for #2500
Just dropping a marker here so I can see that msfupdate actually hits
this after applying #2500.
2013-10-21 15:05:24 -05:00
sinn3r 57e39c2b2c
Land #2498 - multiple payload capabilities 2013-10-21 14:51:24 -05:00
sinn3r 03adb48d48 Resolve NoMethodError undefined method `empty?' for nil:NilClass
blank? should fix this.
2013-10-21 14:50:25 -05:00