56c96f3aa2
Land #3647 , @Meatballs1 correct unpack specifier
2014-08-13 08:44:38 -04:00
256204f2af
Use correct pack/unpack specifier
2014-08-13 11:36:16 +01:00
4a01c27ed4
Use get_env and good pack specifier
2014-08-13 10:59:22 +01:00
4ff73a1467
Add version build check
2014-08-13 09:53:43 +02:00
b7e4bd4080
Fix 'domain\user' reporting in mremote
2014-08-12 18:01:42 -05:00
50e2e325d7
Land #3534 , @KoreLogicSecurity's exploit for CVE-2014-2477
2014-08-12 17:18:34 -05:00
da4b572a0d
Change module name
2014-08-12 17:17:26 -05:00
3eccc12f50
Switch from vprint to print
2014-08-12 17:11:24 -05:00
f203fdebcb
Use Msf::Exploit::Local::WindowsKernel
2014-08-12 17:09:39 -05:00
e1debd68ad
Merge to update
2014-08-12 16:21:39 -05:00
183b27ee27
There is only one target
2014-08-12 16:14:41 -05:00
c8e4048c19
Some style fixes
2014-08-12 16:11:31 -05:00
ea3d2f727b
Dont fail_with while checking
2014-08-12 16:09:59 -05:00
3440f82b2e
Minor description adjustment
2014-08-12 22:18:59 +02:00
9e38ffb797
Add the check for the manual payload setting
2014-08-12 21:55:42 +02:00
b84192c654
Land #3642 - Be sure which the full payload is used
2014-08-12 14:52:26 -05:00
93990f4578
Land #3631 , @wchen-r7's fixes to avoid datastore options assignment at runtime
2014-08-12 14:46:02 -05:00
b46b6af50d
Land #3630 , @wchen-r7's fix for datastore assignments on smb_enumusers
2014-08-12 14:26:55 -05:00
84374fe92c
Merge branch 'staging/electro-release' into bug/MSP-11050/rails_root
2014-08-12 13:54:38 -05:00
12f1234296
always set our rails root to our root
...
this works fine when calling any framework binaries
from their path as CWD. if you call tehm from another path
you will get an incorrect root which can cause certain things to load
incorrectly
Signed-off-by: David Maloney <DMaloney@rapid7.com>
2014-08-12 13:53:28 -05:00
33da1a6871
Give a chance to the mixin
2014-08-12 13:49:39 -05:00
5b6be55c50
Fix (properly) 'execute_command()' missing 'opts' parameter
2014-08-12 19:49:27 +02:00
bbcd63cd10
Update Gemfile.lock as well for PR #3639
2014-08-12 12:28:39 -05:00
3af17ffad0
Fixed 'execute_command()' missing 'opts' parameter
2014-08-12 19:24:24 +02:00
fc65a45d94
Merge branch 'electro-remove-rubocop' into staging/electro-release
2014-08-12 12:03:16 -05:00
042423088c
Make sure which the full payload is used
2014-08-12 11:41:29 -05:00
fcfce9efec
Merge branch 'staging/electro-release' into feature/MSP-10992/scanner-dry
2014-08-12 11:22:51 -05:00
c937c4b8b3
Merge pull request #3641 from limhoff-r7/bug/MSP-11046/resource
...
MSP-11046 #land
2014-08-12 11:10:39 -05:00
6b262cb3b4
Remove rubocop and msftidy touchpoints
...
This replicates PR rapid7#3639 for the staging/electro-release branch
Rubocop replaces the default YAML library which makes development
testing difficult. It does not cause problems on Travis, but according
to reports, it does cause instability with many individual dev
environments.
While I would love to have a more solid source of this bug report, right
now this was an oral report from @shuckins-r7 (who I tend to believe a
lot).
(Conflict resolved on rubocop.yml)
2014-08-12 10:51:09 -05:00
e051272a20
Fix typo
...
MSP-11046
`ActiveSupport::OrderedOptions` automatically create an attribute for
any missing keys, so when `options.console.resource` was used it would
return `nil` instead of the erroring. The correct option name was
`options.console.resources` (note the pluralization).
2014-08-12 10:49:35 -05:00
225c6da616
Remove rubocop because it causes backtrace
...
MSP-11046
See https://gist.github.com/limhoff-r7/7c398b5f4c44ed40cf1f
2014-08-12 10:47:26 -05:00
47cb906408
Remove rubocop and msftidy touchpoints
...
Rubocop replaces the default YAML library which makes development
testing difficult. It does not cause problems on Travis, but according
to reports, it does cause instability with many individual dev
environments.
While I would love to have a more solid source of this bug report, right
now this was an oral report from @shuckins-r7 (who I tend to believe a
lot).
2014-08-12 10:37:58 -05:00
427cc5f7ed
Merge remote-tracking branch 'upstream/staging/electro-release' into staging/electro-release
2014-08-12 10:04:58 -05:00
f71589f534
Simplify payload upload using 'CmdStager' mixin
2014-08-12 10:49:17 +02:00
4aeb1eda9c
Don't use datastore options as default values
2014-08-11 18:55:32 -05:00
4e6a04d3ad
Modifications for login and key addition
...
This commit adds additional support for logging in
on multiple versions of Gitlab as well as adding a
key to exploit the vulnerability.
2014-08-11 19:54:10 -04:00
cc5770558d
Remove local payload saving used for debugging
2014-08-11 19:16:14 +02:00
4790b18424
Use FileDropper mixin to delete uploaded file
2014-08-11 19:02:09 +02:00
ac526ca9bd
Fix print_* to vprint_* in check method
2014-08-11 18:58:11 +02:00
4b4b24b79d
Fix errors printing
2014-08-11 18:54:43 +02:00
c97cd75beb
Rephrase 'Author' section
2014-08-11 18:52:21 +02:00
0138f3648d
Add VMTurbo Operations Manager 'vmtadmin.cgi' Remote Command Execution module.
2014-08-11 16:57:39 +02:00
a995bcf2ef
Fix URI building and failure cases
...
This update uses the normalize_uri method for building
URIs. Additionally, failure cases have been modified
for a less generic version.
2014-08-10 19:53:33 -04:00
351b687759
Land #3612 , Windows Local Kernel exploits refactor
2014-08-10 22:05:06 +01:00
b277f588fb
Use railgun helper functions
2014-08-10 21:52:12 +01:00
8e626c1b60
Add rspec coverage for Msf::Auxiliary::DRDoS
2014-08-09 21:12:10 -07:00
af3ca19ab2
Land #3501 , @AnwarMohamed's android meterpreter commands.
2014-08-09 16:29:59 -05:00
92432503ce
Merge pull request #5 from jvennix-r7/android_ext3
...
Final-round of code tweaks. All commands working well.
2014-08-09 23:45:45 +03:00
ef2663a050
Land #3637 , on stage, from unknown
2014-08-09 14:16:06 -05:00
08bb815bd8
Add Yokogawa unauth admin module
2014-08-09 13:30:10 -05:00
Spencer McIntyre
Meatballs
Emilio Pinna
James Lee
jvazquez-r7
sinn3r
David Maloney
Tod Beardsley
Samuel Huckins
Brandon Turner
Luke Imhoff
kaospunk
Jon Hart
joev
Anwar Mohamed