05f0d09828
Merge branch staging/electro-release into master
...
On August 15, shuckins-r7 merged the Metasploit 4.10.0 branch
(staging/electro-release) into master. Rather than merging with
history, he squashed all history into two commits (see
149c3ecc6382760bf5b319ba7772f362b81d681448f0743d1b
2014-08-22 10:50:38 -05:00
ced65734e9
Make some datastore options advanced
2014-08-22 10:26:04 -05:00
6ee39f89de
Merge pull request #13 from jvennix-r7/update-gemfile-lock-so-travis-can-run
...
Update lockfile in msf repo after `bundle install`
2014-08-22 10:24:10 -05:00
b4e3e84f92
Use CamelCase for target keys
2014-08-22 10:23:36 -05:00
b58550fe00
Indent description and fix title
2014-08-22 10:21:08 -05:00
19ba7772f3
Revert "Various merge resolutions from master <- staging"
...
This reverts commit 149c3ecc63
2014-08-22 10:17:44 -05:00
05afe416a9
Update lockfile to pull in new msf-cred versions.
2014-08-21 15:44:16 -05:00
3918acb1e1
Changed keyword used when returning
2014-08-21 12:34:54 -04:00
a0b72bba93
Updated module based on feedback
2014-08-21 12:26:41 -04:00
da752b0134
Add exploit for CVE-2014-3996
2014-08-21 15:30:28 +01:00
383906c26c
Removed function no longer used
2014-08-20 22:51:01 -04:00
c93bfb4673
Fixed targeturi value
2014-08-20 21:23:45 -04:00
7f90b81711
IP Board Login Scanner Module
2014-08-20 21:18:19 -04:00
9f9f28cc31
If a peer is 127.0.0.1, don't try to store it because we (currently...) can't
2014-08-20 15:48:54 -07:00
9db3dc7ad8
Store peer data note in the same format as originally
2014-08-20 15:10:45 -07:00
758c3fa518
Only discard monlist replies that are impossibly short
...
This fixes the case where if a monlist reply only includes one peer
2014-08-20 15:02:21 -07:00
7ad9300d37
Update ntp_monlist to use UDPScanner, NTP and DRDoS mixins
2014-08-20 14:41:00 -07:00
48f0743d1b
remove crappy basedir method
...
this method is no lopnger needed
2014-08-20 15:28:36 -05:00
6bc55bf8cc
change is_apt method
2014-08-20 15:27:11 -05:00
b547f7fc75
fix msfbasedir for go_pro
...
go_pro uses the wrong base director y for starting
up metasploit pro when using the go_pro command
this caused errors
2014-08-20 15:22:18 -05:00
8fd4ee87ab
Allow singular NTP version and mode 7 implementation testing
2014-08-20 12:21:39 -07:00
f9b902c6cc
Land #3681 , restore rake and rspec functionality
...
Since this is a more complete fix than #3678 and #3679 , this merge
closes #3678 and closes #3679 . Lets see if that magic syntax works!
2014-08-20 11:27:09 -05:00
cef4ddf535
Fix a crash when msfconsole is a symlink
2014-08-20 11:03:41 -05:00
c3e8bc8fa0
Fix a crash when we can't connect to PG, again
2014-08-20 11:02:46 -05:00
fa27def41f
Revert "Fix a crash when we can't connect to PG"
...
This reverts commit b6deb6a342
2014-08-20 11:01:29 -05:00
a6b7262611
Updated to meterpreter_bins version 0.0.7
...
This has been a long time coming! Kiwi has been broken for a while and
this updated fixes that problem.
Details of the binaries build date/commits are in the gemspec in the
main meterpreter_bins repo.
2014-08-20 12:30:34 +10:00
f0f5772217
Land #3675 , firefox_svg_plugin un-deprecation
2014-08-19 17:52:41 -05:00
e2e2dfc6a3
Undo FF
2014-08-19 17:47:44 -05:00
777efb5e48
Land #3669 - Deprecate ff 17 svg exploit
2014-08-19 17:42:31 -05:00
c73ec66c7a
Land #3659 - Add HybridAuth install.php PHP Code Execution
2014-08-19 17:19:01 -05:00
a4c6a10edb
The .foo domain is live now.
...
I still kinda hate these tests, though, since they fail in wildcard DNS
environments (like OpenDNS).
2014-08-19 16:47:30 -05:00
0c9dafff54
Merge pull request #3673 from jlee-r7/bug/MSP-11061/crash-without-postgres
...
Fix a crash when we can't connect to PG
2014-08-19 16:16:30 -05:00
b6deb6a342
Fix a crash when we can't connect to PG
...
MSP-11061
No Postgres, no cry
2014-08-19 15:30:24 -05:00
08430ee7ac
Land #3616 , cred gem for imap from @TomSellers
2014-08-19 15:26:12 -05:00
74920d26a4
Update to server/capture/imap.rb for new Credential system
2014-08-19 15:25:31 -05:00
170c8b699a
Land #3617 from @TomSellers, ftp anon scanner
2014-08-19 13:22:30 -05:00
311cc5befb
Land #3668 - Add specs for Rex::Exploitation::HeapLib
2014-08-19 13:14:24 -05:00
3fdad4dc91
Update auxillary/scanner/ftp with Credential Gem
2014-08-19 13:13:05 -05:00
7bf637716a
Land #3663 - Add specs for Rex::Exploitation::EncryptJS
2014-08-19 13:08:14 -05:00
dc95b01cc5
Land #3670 , smb_login private_type fix
...
[FixRM #8841 ]
2014-08-19 11:30:23 -05:00
b748cee760
Land #3664 , enum_osx dump_hash removal
2014-08-19 11:29:23 -05:00
325c05d0e0
Land #3671 , @wchen-r7's fix for RangeWalker spec
2014-08-19 11:01:14 -05:00
f3528c929f
geez, glassfish gtf outta there
2014-08-19 10:40:52 -05:00
ad241910d0
This is more invalid than the other one
2014-08-19 10:39:50 -05:00
e9dea358b8
gemfile change
2014-08-19 10:32:44 -05:00
473b92a060
Merge branch 'master' into feature/MSP-10992/scanner-dry
...
Conflicts:
Gemfile.lock
lib/metasploit/framework/command/console.rb
lib/metasploit/framework/common_engine.rb
lib/metasploit/framework/credential.rb
lib/metasploit/framework/credential_collection.rb
lib/metasploit/framework/login_scanner/afp.rb
lib/metasploit/framework/login_scanner/axis2.rb
lib/metasploit/framework/login_scanner/db2.rb
lib/metasploit/framework/login_scanner/ftp.rb
lib/metasploit/framework/login_scanner/http.rb
lib/metasploit/framework/login_scanner/mssql.rb
lib/metasploit/framework/login_scanner/mysql.rb
lib/metasploit/framework/login_scanner/pop3.rb
lib/metasploit/framework/login_scanner/postgres.rb
lib/metasploit/framework/login_scanner/result.rb
lib/metasploit/framework/login_scanner/smb.rb
lib/metasploit/framework/login_scanner/snmp.rb
lib/metasploit/framework/login_scanner/ssh.rb
lib/metasploit/framework/login_scanner/telnet.rb
lib/metasploit/framework/login_scanner/vnc.rb
lib/metasploit/framework/parsed_options/console.rb
lib/metasploit/framework/require.rb
lib/metasploit/framework/version.rb
lib/msf/core/modules/namespace.rb
modules/auxiliary/analyze/jtr_postgres_fast.rb
modules/auxiliary/scanner/afp/afp_login.rb
modules/auxiliary/scanner/db2/db2_auth.rb
modules/auxiliary/scanner/ftp/ftp_login.rb
modules/auxiliary/scanner/http/axis_login.rb
modules/auxiliary/scanner/http/http_login.rb
modules/auxiliary/scanner/http/tomcat_mgr_login.rb
modules/auxiliary/scanner/mssql/mssql_login.rb
modules/auxiliary/scanner/mysql/mysql_login.rb
modules/auxiliary/scanner/pop3/pop3_login.rb
modules/auxiliary/scanner/postgres/postgres_login.rb
modules/auxiliary/scanner/snmp/snmp_login.rb
modules/auxiliary/scanner/ssh/ssh_login.rb
modules/auxiliary/scanner/ssh/ssh_login_pubkey.rb
modules/auxiliary/scanner/telnet/telnet_login.rb
modules/auxiliary/scanner/vnc/vnc_login.rb
modules/auxiliary/scanner/winrm/winrm_login.rb
spec/lib/metasploit/framework/credential_spec.rb
spec/lib/msf/core/framework_spec.rb
2014-08-19 10:30:16 -05:00
17b03e7d34
Fix rspec due to an invalid dns becoming valid
2014-08-19 10:28:30 -05:00
e0df664656
Land #3653 : NETAPI x64 fixes
2014-08-19 11:40:43 +10:00
f169b8dff3
Fix hashes being stored as passwords
2014-08-18 15:52:13 -05:00
b93fda5cef
Remove browser_autopwn hook from deprecated FF module.
2014-08-18 15:33:43 -05:00
Brandon Turner
jvazquez-r7
dmaloney-r7
joev
Christopher Truncer
Pedro Ribeiro
Jon Hart
Tod Beardsley
James Lee
OJ
William Vu
sinn3r
Tom Sellers