9f87fb33a7
Move digest calculation to a variable
2013-11-06 12:47:50 -06:00
46f0998903
Add URL refs
2013-11-06 12:47:50 -06:00
a973862c74
Add new modules
2013-11-06 12:47:50 -06:00
61e4700832
Allow guest login option.
...
This enables obtaining or maintaining access to properly misconfigured
systems through the Guest account.
2013-11-06 11:28:13 -06:00
5b5ebd6cb5
Land #2606 , better +x check for msftidy.
2013-11-06 10:21:51 -06:00
5237f86027
Land #2605 , update LICENSE for reality.
2013-11-05 15:51:02 -06:00
7dcb071f11
Remote shebang and fix pxexeploit
2013-11-06 07:10:25 +10:00
3577a364be
Land #2607 , reverted reverted merge fix for #2505
2013-11-05 14:01:38 -06:00
faf6be4529
Missed an errant require
...
Wasn't even using it anyway
2013-11-05 14:00:55 -06:00
9e30c58495
Blow away remnants of Local::Unix
2013-11-05 13:51:45 -06:00
36f96d343e
Revert "Revert "Land #2505" to resolve new rspec fails"
...
This reverts commit e7d3206dc9
2013-11-05 13:45:00 -06:00
bcc9c760c4
Add +x check to msftidy
2013-11-05 11:50:28 -06:00
e4f9de589d
Update 3rd party licenses
...
Since we no longer ship a gemcache, this removes references to the
gemcache. I still list all 3rd party gems for convenience.
2013-11-04 17:27:28 -06:00
c91b95c411
Land #2504 , @todb-r7's cleanup for release
2013-11-04 16:10:09 -06:00
f62247e731
Fix comments, indenting and pxexploit module
...
Updated the comments and indentation so they're not blatantly wrong.
Adjusted the pxexploit module so that it doesn't break any more as
a result of the refactoring.
2013-11-05 06:35:50 +10:00
84572c58a8
Minor fixup for release
...
* Adds some new refs.
* Fixes a typo in a module desc.
* Fixes a weird slash continuation for string building (See #2589 )
2013-11-04 12:10:38 -06:00
ff78082004
Refactor lanattacks ruby code, add command dispatcher
...
The lanattacks module didn't seem to have a command dispatcher, and
hence loading the module would always result in a failure. This
commit fixes this problem.
The commit contains a bit of a refactor of the lanattacks code to be
a little more modular. It also has a shiny new dispatcher which breaks
the DHCP and TFTP functionality up into separate areas.
2013-11-04 17:37:42 +10:00
c5778f51d7
Land #2594 , @jvennix-r7's firefox 25 js detection
2013-10-31 09:22:37 -05:00
58fa67faa3
Land #2597 , @wvu-r7's fix for files permissions
2013-10-31 08:18:42 -05:00
5c923757e8
Removed generic command execution capability
2013-10-30 21:35:24 -04:00
f5d1d8eace
chmod -x .rb files without #! in modules and lib
...
It wasn't just cmdstager_printf.rb. :/
2013-10-30 19:51:25 -05:00
3e1ae4c9b3
Land #2504 , @todb-r7's edit command for msfconsole
2013-10-30 15:38:07 -05:00
b76c13b57d
Land #2596 , resplat new WMI module
2013-10-30 15:34:24 -05:00
900ccc7ec9
VISUAL is okay. Also doesn't need to be a path.
...
I don't believe this opens an untoward attack vector -- if your attacker
can run Metasploit locally, you have much bigger problems.
2013-10-30 15:34:23 -05:00
e488a54a06
Resplat new WMI module
2013-10-30 15:14:16 -05:00
0735bee635
Land #2595 , CVE update for vtiger_php_exec
2013-10-30 14:03:06 -05:00
98224ee89f
CVE update for vtiger issue
2013-10-30 13:48:35 -05:00
b3c4dfcb04
Land #2593 , updated refs for @brandonprry's stuff
2013-10-30 12:29:47 -05:00
344413b74d
Reorder refs for some reason.
2013-10-30 12:25:55 -05:00
32794f9d37
Move OpenBravo to aux module land
2013-10-30 12:20:04 -05:00
4425cf1dc1
Add support for firefox 25.
...
Also replaces a bunch of missing semicolons.
2013-10-30 12:19:22 -05:00
17d796296c
Un-dupe References for ispconfig
2013-10-30 12:03:35 -05:00
0d480f3a7d
Typo fix
2013-10-30 11:38:04 -05:00
97a4ca0752
Update references for FOSS modules
2013-10-30 11:36:16 -05:00
78381316a2
Add @brandonprry's seven new modules
...
Already reviewed privately, no associated PR.
2013-10-30 11:04:21 -05:00
5b76947767
Add a few more modules.
2013-10-30 10:25:48 -05:00
2fbac9b129
Add `getproxy` command
...
This command pulls out system proxy details on windows machines.
2013-10-30 18:40:51 +10:00
c8ceaa25c6
Land #2589 , @wvu-r7's exploit for OSVDB 98714
2013-10-29 14:56:30 -05:00
9f81aeb4ad
Fix style
2013-10-29 14:55:16 -05:00
5af42f2c28
Add short comment on why the padding is necessary
2013-10-29 11:46:10 -05:00
e368cb0a5e
Add Win7 SP1 to WinXP SP3 target
2013-10-29 10:45:14 -05:00
1b75aef614
Land #2591 , @bcoles's exploit for ProcessMaker
2013-10-29 09:54:23 -05:00
c4c171d63f
Clean processmaker_exec
2013-10-29 09:53:39 -05:00
26af6452da
Land #2588 , @wvu-r7's permissions change for cmdstager_printf.rb
2013-10-29 08:07:19 -05:00
3eed800b85
Add ProcessMaker Open Source Authenticated PHP Code Execution
2013-10-29 23:27:29 +10:30
665f6c3e35
Land #2590 , gsub nil fix for mimikatz
2013-10-29 00:58:16 -05:00
606411de81
Fix mimikatz error when password is nil
...
In some cases the password value that comes out of mimikatz results
is `nil`, instead of an empty string. This fixes this so that if
the string is `nil` is falls back to an empty string, resulting in
the call to `gsub` working instead of failing.
2013-10-29 15:13:32 +10:00
ea7bba4035
Add Beetel Connection Manager NetConfig.ini BOF
2013-10-28 22:52:02 -05:00
333a0d5820
chmod -x cmdstager_printf.rb
2013-10-28 18:47:14 -05:00
4b7a438d45
Merge pull request #2587 from todb-r7/release-fixup
...
Release fixups
2013-10-28 12:26:17 -07:00
jvazquez-r7
Tod Beardsley
scriptjunkie
OJ
William Vu
James Lee
Brandon Turner
root
joev
bcoles