27af59ea7c
minor tweaks
2016-02-20 08:35:56 +00:00
b868f7cc89
Bump version of framework to 4.11.12
2016-02-19 20:19:43 -08:00
c8b28d90d1
Fix old comment.
2016-02-19 19:08:38 -06:00
72a69fcd16
Fixed timeout warning
2016-02-19 21:14:54 +00:00
8a15c36770
Land #6563 , VNC creds scraper uninstall location
2016-02-19 15:01:23 -06:00
bfd204ac50
Fix some cosmetic issues
2016-02-19 15:00:56 -06:00
140fafc159
Merge branch 'bug/MS-833/testing-08-067' of github.com:darkbushido/metasploit-framework into HEAD
2016-02-19 13:42:22 -06:00
c0180b23fa
Update description
2016-02-19 13:39:13 -06:00
9ba82453f8
Land #6584 , cidr notation addition for route command
2016-02-19 12:20:00 -06:00
873250dbec
Land #6557 , bug fix priv_migrate user migration
2016-02-19 12:03:30 -06:00
33aaeb4ac9
Update authors
2016-02-19 11:53:17 -06:00
51c8879e78
Land #6580 , increase database.yml.example pool size
2016-02-19 10:26:46 -06:00
39f1113bca
Remove unused spec.
2016-02-18 22:20:13 -06:00
b3e8cd4f51
Save some bytes on the padded string.
2016-02-18 20:36:52 -06:00
2b784a48b9
Include cached size.
2016-02-18 20:29:42 -06:00
e67e477362
Make x86/shell_reverse_tcp's shell path configurable.
...
Also removes shell_reverse_tcp2 shell.
2016-02-18 20:24:35 -06:00
bc7bf28872
Land #6591 , don't require username for wrt110 cmd exec module
2016-02-18 20:20:15 -06:00
45d1cd5111
Land #6572 , update play_youtube module with android support
2016-02-18 20:16:58 -06:00
b58166a9a8
add android platform to the hash
2016-02-18 20:13:39 -06:00
3b9502cb1d
Don't require username in wrt110 module.
2016-02-18 18:45:04 -06:00
b409b2237d
update to use the common bind_addresses method
2016-02-18 18:17:56 -06:00
6d5217b906
Land #6590 , fix title for IBM Tivoli Storage Manager DoS
2016-02-18 16:08:08 -06:00
a82ce40c40
Update ibm_tsm_dos name
...
For some reason I actually modified the name, but I didn't mean
to.
2016-02-18 16:07:46 -06:00
1e58b1574a
Land #6502 , add -x flag for showing extended sessions info
2016-02-18 15:37:41 -06:00
d316609fef
put extra columns under the -x flag
2016-02-18 15:36:43 -06:00
adb175136e
Fix extra whitespace and unused vars in call
2016-02-18 15:18:29 -06:00
6d88c26474
Change title, and remove requires
2016-02-18 14:26:38 +10:00
2ae1e6df7d
Address concerns from @wvu-r7
2016-02-18 14:21:35 +10:00
2f4ec0af31
Add module for AppLocker bypass
...
This commit includes a new module that allows for payloads to be
uploaded and executed from disk while bypassing AppLocker in the
process. This module is useful for when you're attempting to generate
new shells on the target once you've already got a session. It is also
a handy way of switching between 32 and 64 bit sessions (in the case of
the InstallUtil technique).
The code is taken from Casey Smith's AppLocker bypass research (added in
the references), and includes just one technique at this point. This
technique uses the InstallUtil feature that comes with .NET. Other
techiques can be added at any time.
The code creates a C# file and uploads it to the target. The csc.exe
compiler is used to create a .NET assembly that contains an uninstaller
that gets invoked by InstallUtil behind the scenes. This function is
what contains the payload.
This was tested on Windows 7 x64. It supports running of both 32 and 64
bit payloads out of the box, and checks to make sure that .NET is
installed on the target as well as having a payload that is valid for
the machine (ie. don't run x64 on x86 OSes).
This appears to work fine with both staged and stageless payloads.
2016-02-18 13:46:32 +10:00
28e6d8ef9e
Allow CIDR notation for the route command
2016-02-17 09:44:32 -06:00
35e0a433ea
Make error output more useful
2016-02-16 14:45:00 -06:00
1263a82d1e
update database.yml.example to be something reasonable
2016-02-16 09:12:34 -06:00
95484c81fd
Land #6526 , fix browser exploit server spec
2016-02-15 16:23:04 -06:00
1f58ad15ac
Browser::Exploit::Server needs to have vprint*
2016-02-15 16:21:24 -06:00
3d1861b3f4
Land #6526 , integrate {peer} string into logging by default
2016-02-15 15:19:26 -06:00
c5469be59e
Add Android ringer change mode command
2016-02-15 15:07:48 -06:00
2fddf333ed
add TLV entry
2016-02-15 15:04:15 -06:00
59bf850bb0
Update android.rb
...
Add request for Ringer Mode Changer
2016-02-15 14:59:15 -06:00
4db2840af9
Land #6385 , add .apk template support for msfvenom
2016-02-15 14:27:08 -06:00
7ca0255ea1
Module should not be marked executable
2016-02-15 12:57:43 +08:00
f35230b908
add Linknat Vos Manager Traversal
2016-02-15 12:39:40 +08:00
3416a24dda
Adding vprint_status for loot path
...
Adding a vprint_status to show users the loot
path as per a comment on the pull request.
2016-02-14 11:19:20 -06:00
5c92076a1e
more cleanup
2016-02-14 09:15:25 +00:00
c9c4f49aca
Add get_file method and parse the server response
2016-02-13 17:20:37 -05:00
2b24e8363e
Fix nessus_family_list
...
The list must be iterated from the families key, or it will raise
a type error.
2016-02-13 15:36:04 -05:00
95da031429
Remove vestigial conditional - thx Egypt
2016-02-13 14:45:25 -05:00
93cc7d58ba
Bump version of framework to 4.11.11
2016-02-12 15:38:50 -08:00
88e1124519
Land #6568 , fix for msfvenom symlink not working
...
In installer environments, $0 doesn't match __FILE__ because of the way the gem's binstub wrapper calls it.
2016-02-12 12:35:00 -06:00
541e3972f0
No real reason for this check
...
And it breaks stuff when msfvenom is run as a symlink
2016-02-12 10:49:18 -06:00
b2765a296f
Land #6547 , IBM Tivoli Storage Manager Fastback Denial of Service
2016-02-11 22:05:21 -06:00
Tim
Metasploit
joev
RubenRocha
William Vu
James Barnett
dmohanty-r7
Louis Sato
Brent Cook
wchen-r7
James Lee
OJ
Artem
nixawk
Nicholas Starke
Spencer McIntyre
RageLtMan
Kyle Gray