1769bad762
fix FORCE logic
2016-03-16 09:53:09 -05:00
d70308f76e
undo logic changes in adobe_flas_otf_font
2016-03-16 09:52:21 -05:00
f83cb4ee32
fix set_wallpaper
2016-03-16 13:07:41 +00:00
44e1fefa2e
when normalizing a string type, ensure we have a string first
2016-03-16 06:44:36 -05:00
0edc7fb2c5
whitespace fixes
2016-03-15 22:08:25 -05:00
c8ad1b6017
use the framework version in nessus plugin
2016-03-15 22:08:04 -05:00
5a72f2df16
remove subversion support
2016-03-15 22:00:32 -05:00
63263773d1
simplify sanity checks for Ruby 1.x
2016-03-15 21:55:25 -05:00
3b6a3374ae
prefer explicit defaults to implicit
2016-03-15 20:58:14 -05:00
87074c0638
Land #6651 , add android sqlite_query option, update metasploit-payloads
2016-03-15 18:27:49 -05:00
257c8f4058
handle a sqlite table being empty
2016-03-15 18:26:38 -05:00
05f585157d
Land #6646 , add SSL SNI and unify SSLVersion opts
2016-03-15 16:35:22 -05:00
3cbc5684e1
iadd some preuath fps for postgres 9.4
...
the preauth fingerprinting for postgres is somewhat
unmaintainable, but due to a specific customer request
i have added these two FPs for 9.4.1-5
MS-1102
2016-03-15 14:50:07 -05:00
903807d039
update spec for pre-check
2016-03-15 14:21:01 -05:00
654590911b
Enforce integrity of datastore options on assignment
2016-03-15 14:00:32 -05:00
68274de4d3
Land #6675 , Add missing stream.raw for hp_sitescope_dns_tool
2016-03-15 11:30:54 -05:00
e29fc5987f
Add missing stream.raw for hp_sitescope_dns_tool
...
This adds the missing stream.raw.
2016-03-15 11:06:06 -05:00
a06236baa6
update to metasploit-payloads 1.1.3
2016-03-14 10:43:41 -05:00
d8c850aaf0
Add support for the execution of single powershell commands
2016-03-14 17:13:12 +10:00
cee0d279c5
Land #6673 , apache_karaf_command_execution move
2016-03-14 01:26:42 -05:00
38153d227c
Move apache_karaf_command_execution to the SSH directory
...
apache_karaf_command_execution does not gather data, therefore
it is not suitable to be in the gather directory.
2016-03-14 00:32:59 -05:00
c6d55dd78d
Land #6517 , search for Nessus plugin
2016-03-13 23:36:42 -05:00
17e3a67dd8
Fix #6612 , overlooked fixes for Fortinet backdoor
2016-03-13 23:35:19 -05:00
6323f7f872
Fix a couple overlooked issues
2016-03-13 23:35:05 -05:00
f8f61e8d83
Basic shell of the MSF Powershell extension functionality
2016-03-14 12:55:58 +10:00
df0ff30468
Land #6642 , make ipv6_neighbor_router_advertisement discovery smarter
2016-03-13 16:53:11 -05:00
635e31961a
generate valid prefixes
2016-03-13 16:44:57 -05:00
d20731ca74
Land #6600 , add first pass at PR and Issue templates
2016-03-13 15:16:29 -05:00
cd84ac37d6
Land #6569 , check if USERNAME env var exists before using in enum_chrome post module
2016-03-13 15:12:51 -05:00
eb18b091ec
Land #6672 , check if there is a module before checking type in PAYLOAD set callback
2016-03-13 15:10:14 -05:00
42689df6b3
Fix a stack trace with ``set PAYLOAD`` in ``msf>`` context
2016-03-13 14:56:54 -05:00
a50b21238e
Land #6669 , remove debug code from apache_roller_ognl_injection that breaks Windows
2016-03-13 14:14:10 -05:00
b60ca0d481
Land #6671 , Enable loader warnings for modules using class Metasploit3/4
2016-03-13 14:10:05 -05:00
4f09246c78
reenable module loader warnings
2016-03-13 20:04:05 +01:00
558f810165
Land #6667 , add a dev script for finding Metasploit release notes for modules
2016-03-13 14:03:54 -05:00
23eeb76294
update php_utility_belt_rce to use MetasploitModule
2016-03-13 13:59:47 -05:00
a6316d326e
Land #6662 , update disclosure date for php_utility_belt_rce
2016-03-13 13:58:04 -05:00
c89e53d0a3
Land #6666 , fix filezilla_server display bug showing the session ID
2016-03-13 13:56:44 -05:00
dabe5c8465
Land #6655 , use MetasploitModule as module class name
2016-03-13 13:48:31 -05:00
da039e136a
update test modules to use MetasploitModule
2016-03-13 13:44:44 -05:00
eec950801e
Merge pull request #3 from zeroSteiner/pr/6401
...
Add get_file method and parse the server response
2016-03-13 18:28:31 +11:00
b22a057165
Fix #6554 , hardcoded File.open path in apache_roller_ognl_injection
...
The hardcoded File.open path was meant for debugging purposes during
development, but apparently we forgot to remove it. This line causes
the exploit to be unusable on Windows platform.
Fix #6554
2016-03-11 18:48:17 -06:00
e059f42094
Bump version of framework to 4.11.16
2016-03-11 14:17:28 -08:00
51cdb57d42
Fix #6569 , Add a check for USERNAME env var in enum_chrome post mod
...
Fix #6569
Depending on the context, the USERNAME environment variable might
not always be there.
2016-03-11 15:36:44 -06:00
66849302b5
Land #6665 , truncate nexpose vuln names > 255 characters
2016-03-11 14:01:55 -06:00
69de3adf7a
Fix a typo in the file name
2016-03-11 13:50:13 -06:00
1546bf32ed
Add a dev script to find Metasploit release notes
...
This script allows you to find the release notes of a:
* Pull request number for a bug fix, or a notable change.
* A module name (preferably just use the short name)
2016-03-11 13:44:38 -06:00
8217d55e25
Fix display issue when SESSION is -1
2016-03-11 11:37:22 -06:00
6f85c82dc0
Fix Nexpose import to truncate long vuln names
...
A warning is emitted since there is a potential for data loss, but since
we reference vulns by their ID, the data-integrity risk is small.
Initially triggered by some Nexpose data, this should probably be
properly fixed by removing the length bound on the field.
MS-1184
2016-03-11 11:02:55 -06:00
8953952a8f
correction for the DisclosureDate based on Exploit-DB
2016-03-11 14:05:26 +08:00
Brent Cook
Tim
Adam Cammack
David Maloney
l0gan
OJ
William Vu
wchen-r7
HD Moore
Christian Mehlmauer
Brendan Coles
Metasploit
James Lee
Jay Turla