Tod Beardsley
2086224a4c
Minor fixes. Includes a test module.
2014-03-10 14:49:45 -05:00
Tod Beardsley
26be236896
Pass MSFTidy please
2014-03-10 14:45:56 -05:00
Tod Beardsley
368df03ae1
Land #3081 , Yokogawa SCADA vulns
...
I know it looks like I'm landing my own PR, but it's an illusion; I am
merely shoving bits around on @jvazquez-r7's behalf while he is
technically (and now actually) on vacation.
2014-03-10 12:44:00 -05:00
Tod Beardsley
6e279da6bd
Land todb-r7#13 for rapid7#3081 credit update
2014-03-10 10:24:05 -05:00
jvazquez-r7
8cfa5679f2
More nick instead of name
2014-03-10 16:12:44 +01:00
jvazquez-r7
bc8590dbb9
Change DoS module location
2014-03-10 16:12:20 +01:00
jvazquez-r7
1061036cb9
Use nick instead of name
2014-03-10 16:11:58 +01:00
Tod Beardsley
5485028501
Add 3 Yokogawa SCADA vulns
...
These represent our part for public disclosure of the issues listed
here:
http://www.yokogawa.com/dcs/security/ysar/YSAR-14-0001E.pdf
Yokogawa is calling these YSAR-14-0001E, and I think that they map
thusly:
YSAR-14-0001E Vulnerability 1 :: R7-2013-19.1
YSAR-14-0001E Vulnerability 2 :: R7-2013-19.3
YSAR-14-0001E Vulnerability 3 :: R7-2013-19.4
@jvazquez-r7 if you could confirm, I'd be delighted to land these and
get your disclosure blog post published at:
https://community.rapid7.com/community/metasploit/blog/2014/03/10/yokogawa-centum-cs3000-vulnerabilities
Thanks for all the work on these!
2014-03-10 09:33:54 -05:00
sinn3r
e32ff7c775
Land #3077 - Allow TFTP server to take a host/port argument
2014-03-08 00:58:52 -06:00
Tod Beardsley
151e2287b8
OptPath, not OptString.
2014-03-07 10:52:45 -06:00
Tod Beardsley
5cf1f0ce4d
Since dirs are required, server will send/recv
...
This does change some of the meaning of the required-ness of the
directories. Before, if you wanted to serve files, but not receive any,
you would just fail to set a OUTPUTPATH.
Now, since both are required, users are required to both send and
recieve. This seems okay, you can always just set two different
locations and point the one you don't want at /dev/null or something.
2014-03-07 10:49:11 -06:00
Tod Beardsley
37fa4a73a1
Make the path options required and use /tmp
...
Otherwise it's impossible to run this module without setting the options
which were not otherwise validated anyway.
2014-03-07 10:41:18 -06:00
sinn3r
c76a1ab9f4
Land #3065 - Safari User-Assisted Download & Run Attack
2014-03-07 10:29:56 -06:00
Spencer McIntyre
ebee365fce
Land #2742 , report_vuln for MongoDB no auth
2014-03-06 19:34:45 -05:00
Spencer McIntyre
84f280d74f
Use a more descriptive MongoDB vulnerability title
2014-03-06 19:20:52 -05:00
Tod Beardsley
8a0531650c
Allow TFTP server to take a host/port argument
...
Otherwise you will tend to listen on your default ipv6 'any' address and
bound to udp6 port 69, assuming you haven't bothered to disable your
automatically-enabled ipv6 stack.
This is almost never correct.
2014-03-06 16:13:20 -06:00
Joe Vennix
9638bc7061
Allow a custom .app bundle.
...
* adds a method to Rex::Zip::Archive to allow recursive packing
2014-03-06 16:11:30 -06:00
Joe Vennix
5abb442757
Adds more descriptive explanation of 10.8+ settings.
2014-03-06 15:15:27 -06:00
William Vu
ee0aa20955
Land #3013 , Metasm update
2014-03-06 14:15:42 -06:00
Joe Vennix
43d315abd5
Hardcode the platform in the safari exploit.
2014-03-06 13:04:47 -06:00
sinn3r
3c2eb29762
Land #3068 - require msf/core/exploit/powershell
2014-03-05 21:32:10 -06:00
Brendan Coles
df2bdad4f9
Include 'msf/core/exploit/powershell'
...
Prevent:
```
[-] /pentest/exploit/metasploit-framework/modules/exploits/windows/misc/hp_dataprotector_exec_bar.rb: NameError uninitialized constant Msf::Exploit::Powershell
```
2014-03-06 12:57:43 +11:00
Joe Vennix
38a2e6e436
Minor fixes.
2014-03-05 19:03:54 -06:00
Joe Vennix
dca807abe9
Tweaks for BES.
2014-03-05 19:00:15 -06:00
Joe Vennix
12cf5a5138
Add BES, change extra_plist -> plist_extra.
2014-03-05 18:51:42 -06:00
sinn3r
9d0743ae85
Land #3030 - SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write
2014-03-05 16:34:54 -06:00
sinn3r
2015c56699
Land #3066 - HP Data Protector Backup Client Service Remote Code Execution
2014-03-05 16:18:28 -06:00
William Vu
096d6ad951
Land #3055 , heapLib2 integration
2014-03-05 15:48:13 -06:00
bcoles
1ea35887db
Add OSVDB reference
2014-03-06 01:40:15 +10:30
jvazquez-r7
4e9350a82b
Add module for ZDI-14-008
2014-03-05 03:25:13 -06:00
Joe Vennix
cd3c2f9979
Move osx-app format to EXE.
2014-03-04 22:54:00 -06:00
OJ
a1aef92652
Land #2431 - In-memory bypass uac
2014-03-05 11:15:54 +10:00
sinn3r
7cb6e7e261
Land #3057 - MantisBT Admin SQL Injection Arbitrary File Read
2014-03-04 17:52:29 -06:00
sinn3r
f0e97207b7
Fix email format
2014-03-04 17:51:24 -06:00
Joe Vennix
32c27f6be0
Tweak timeouts.
2014-03-04 17:16:23 -06:00
Joe Vennix
40047f01d3
Adds Safari User Assisted download launch module.
2014-03-04 17:02:51 -06:00
sinn3r
caaa419ef8
Land #3054 - Fix crash in osx/x64/exec on 10.9 Mavericks
2014-03-04 15:24:02 -06:00
William Vu
4c4a931fa4
Land #3064 , naughty talk cleanup
2014-03-04 15:01:34 -06:00
William Vu
f50d6c8709
Remove a couple more instances of "shit"
2014-03-04 15:00:48 -06:00
Tod Beardsley
a3d72567f3
That one, too.
2014-03-04 14:38:25 -06:00
Tod Beardsley
60d0667d9f
Land #3063 , make CONTRIBUTING and HACKING useful
2014-03-04 14:36:12 -06:00
Tod Beardsley
6e88bbd827
No need for that kind of language
2014-03-04 14:34:50 -06:00
William Vu
9338b43e22
Merge remote-tracking branch 'origin/pr/5' into feature/contributing
2014-03-04 14:21:17 -06:00
Tod Beardsley
d27b47a078
Update HACKING along with CONTRIBUTING.md
2014-03-04 14:12:42 -06:00
Tod Beardsley
45086d01ce
Add a link to common coding mistakes
2014-03-04 14:06:34 -06:00
Brandon Perry
c86764d414
update default password to root
2014-03-04 11:55:30 -08:00
William Vu
3491a93f0a
Add note about descriptive titles in bug reports
2014-03-04 13:16:55 -06:00
William Vu
3bbb2d628e
Add note about topic branches
2014-03-04 13:05:50 -06:00
William Vu
79aa14235a
Add note about the 50/72 rule
2014-03-04 12:46:42 -06:00
William Vu
e8979ff892
Add note about PR titles
2014-03-04 12:44:12 -06:00