1fe8bc9cea
Added a SLEEP_TIME option
...
Added a SLEEP_TIME options which is the number of seconds to sleep prior to executing the initial IEX request. This is useful in cases where a machine would have to establish a VPN connection, initiated by the user, after a reboot.
Alternatively, as opposed to a sleep time, it could have a loop that attempts to retry for a certain period of item.
2015-11-18 11:17:57 +00:00
089a006408
Land #6248
2015-11-17 14:28:55 -08:00
a9e8ab785e
Land #6220 , adds ATG client module
2015-11-17 13:31:17 -06:00
e107ec2d17
Change fail to fail_with, fix typo
2015-11-17 13:30:46 -06:00
74f6ff7752
Rename to atg_client to match conventions
2015-11-17 12:59:37 -06:00
f6fdabfd77
Land #6239 , added Session info display to module output
...
MS-706
2015-11-16 18:10:58 -06:00
038d367d58
Fix #6247 , Update Meterpreter Usage on "Interact"
...
The "interact" command does not actually exist. Instead, users
should do "channel -i" to interact with a channel.
Fix #6247
2015-11-16 17:58:39 -06:00
f0da09090d
Land #6233 , Konica Minolta FTP Utility 1.00 Directory Traversal
2015-11-16 13:55:29 -06:00
740cacb4c0
Check nil
2015-11-16 13:54:36 -06:00
24c41c9261
Land #6225 , wall(1)/write(1) post module
2015-11-16 12:47:35 -06:00
a1ab8f1dc7
added Session info display to module output
...
output from the mssql_local_auth_bypass module
is now prefixed with the Session id and address
of the target host so it is explicitly clear
where it is performing each action
MS-706
2015-11-16 12:13:26 -06:00
06a5b5b0bd
Land #6234 , Host header transport
2015-11-14 11:35:47 -06:00
d0c928081b
Land #6231
2015-11-13 13:30:31 -08:00
c914c7b22c
Completely remove SET_TIME
2015-11-13 12:28:23 -08:00
ab3ae675ff
Hide TIME option since SET_TIME is not implemented
2015-11-13 12:26:42 -08:00
ad22eb8444
More cleanup
2015-11-13 12:24:28 -08:00
045bab052e
Add configurable timeout
2015-11-13 12:18:40 -08:00
6e9afc38ee
print_good when we get something
2015-11-13 12:12:37 -08:00
196a88c39a
Style nit
2015-11-13 12:06:00 -08:00
38ca943219
Remove unneeded width arg
2015-11-13 11:49:50 -08:00
4a707b33a2
Add rspec coverage for cowsay. Achievement unlocked
2015-11-13 10:26:47 -08:00
4604f8cd83
Move cowsay to Rex::Text so that everyone can enjoy it ;)
2015-11-13 08:57:48 -08:00
4401c6f1fd
Land #6178 , rsync modules_list improvements
2015-11-13 10:46:24 -06:00
cd4aa28d11
Transport priority changes
...
Pass in the "lhost" and "lport" options to the default transport during the native payload. This takes the following LHOST priorities:
1. OverrideLHOST, only if OverrideRequestHost is TRUE
2. The request Host: header.
3. The LHOST datastore.
2015-11-13 13:21:46 +00:00
9d9865150b
Transport priority changes
...
Default transport request should set the priority to the Host: request header, and the subsequent OverrideRequestHost, OverrideLHOST, and OverrideLPORT options in the handler for reverse_http(s).
2015-11-13 13:19:01 +00:00
44948a2ace
Add konica_ftp_traversal.rb ( CVE-2015-7603 )
...
This module exploits a directory traversal vulnerability found in Konica Minolta FTP Utility 1.0. This vulnerability allows an attacker to download arbitrary files from the server by crafting a RETR command that includes file system traversal strings such as '..//
2015-11-13 07:51:42 +08:00
9a0f0a7843
Land #6142 , uptime refactor
2015-11-12 16:58:55 -06:00
0e121df69d
Need a default template
...
The set_template_default actually needs the second argument,
otherwise we hit a RuntimeError.
2015-11-12 15:17:03 -06:00
aaea730508
Fix #6213 - Method to_linux_x86_elf fails to set set :template
...
:template by default is just the base name of the file, not the
fullname. Before we use it, we need to normalize it. Methods
in this class rely on set_template_default for normalization (
which can also handle a custom path), so we'll just use that too.
Fix #6213
2015-11-12 15:07:58 -06:00
ee25cb88b5
Land #6196 , vBulletin 5.1.2 Unserialize Code Execution
2015-11-12 14:38:39 -06:00
6077617bfd
rm res var name
...
the res variable isn't used
2015-11-12 14:37:47 -06:00
199ed9ed25
Move vbulletin_unserialize.rb to exploits/multi/http/
...
According to @all3g, this works on Windows too, so we will move
this to multi/http.
2015-11-12 14:36:01 -06:00
e8dacf32fd
Land #6182 , Heartbleed scanner improvements
2015-11-11 16:59:20 -06:00
ce3f9e2fab
Fix minor style issues
2015-11-11 16:58:20 -06:00
a2fe2fbd5e
Land #6214 , #6060 , simplify framework gem layout and version scheme
...
This merges things up and removes duplicate gemspecs so we can easily make
framework gem releases for embedding in 3rd-party projects.
2015-11-11 15:04:21 -06:00
1b951b36fe
remove -db / -pcap / -all gemspecs, merge into one
2015-11-11 15:01:50 -06:00
15cfa925c8
Document the cloud mess
2015-11-11 12:06:53 -08:00
a328675f77
Add simulated cowsay support to wall
2015-11-11 11:54:46 -08:00
99607e6e4d
Land #6205 , BisonWare BisonFTP Server Directory Traversal
...
CVE-2015-7602
2015-11-11 11:47:45 -06:00
40bdd2bd01
Do module cleanup for auxiliary/scanner/ftp/bison_ftp_traversal
2015-11-11 11:46:37 -06:00
8d21a91f3e
Add initial wall module
2015-11-11 09:15:32 -08:00
c79a66be02
Land #6204 , directory traversal for PCMan FTP server
...
CVE-2015-7601
2015-11-11 11:07:34 -06:00
e6e5bde492
Do module cleanup for auxiliary/scanner/ftp/pcman_ftp_traversal
2015-11-11 11:06:54 -06:00
7ad42c2ba1
Land #6216 , remove duplicate keys for LoginScanner modules
2015-11-11 10:12:12 -06:00
81cf79d77d
Land #6221 , update references for caidao_php_backdoor_exec.rb
2015-11-11 09:54:05 -06:00
75a0472db8
Update bison_ftp_traversal.rb
...
made some changes
2015-11-11 14:01:39 +08:00
4716e2e16b
Update pcman_ftp_traversal.rb
...
made some changes
2015-11-11 14:00:04 +08:00
0cfa67f58f
Stub out more of the set time, but disable it
2015-11-10 22:00:02 -08:00
c98ab1dad4
update SET_TANK_NAME opt to mention necessary opts
2015-11-10 21:49:40 -08:00
de570a1550
Improve output when setting tank names
2015-11-10 21:41:05 -08:00
sammbertram
Jon Hart
HD Moore
wchen-r7
William Vu
David Maloney
scriptjunkie
JT
Louis Sato
Brent Cook