24527d7a55
Land #4427 , Misfortune Cookie Scanner
...
lands Jhart's scanner module for the RomPager
Misofrtune Cookie vuln.
2014-12-19 14:03:00 -06:00
8d2bd74d31
Add preliminary module to cover 'Misfortune Cookie', CVE-2014-9222
2014-12-18 17:21:26 -08:00
723998e1d4
Land #4425 , jobs tab completion NilClass fix
2014-12-18 15:25:57 -06:00
400bd9a094
Fix jobs NilClass tab complete bug
2014-12-18 15:43:04 -05:00
153d7e273d
Land #4420 , tentative "fix" for EXE spec
2014-12-18 13:55:56 -06:00
db474adc7b
Remove the helper as well.
...
See #3807 .
Again, happy to have working tests that actually test validity. But,
these ain't them.
2014-12-18 13:28:04 -06:00
144daaa6bb
Land #4421 - add a deprecation message for msfcli
...
please make your way to msfconsole
2014-12-18 10:28:31 -06:00
60099d42cf
Add deprecation warning to msfcli, 6 months
...
See #3802
2014-12-18 09:39:50 -06:00
80cd04d76a
Land #4332 , test optimization for Cucumber
...
* Make Cuke run faster on TravisCI
2014-12-18 09:34:55 -06:00
270debea32
Remove the EXE file test spec
...
This thing has been a problem since forever, given cross-platform
issues and random collisions with other file magic signatures.
See #3807 and #2793 and the even earlier redmine bug.
This should not close the bug, since we're merely avoiding the random
fails by not testing at all. We /should/ test, but in the meantime, we
can't suffer these failures that throw me (at least) into a panic every
time.
2014-12-18 09:18:24 -06:00
dcf23172be
Land #4418 , threads tab completion NilClass fix
2014-12-17 22:13:17 -06:00
d41dc0d88e
Land #4419 , msfbinscan NameError fix
2014-12-17 22:00:25 -06:00
9f0bf85ec1
Fix typo in msfbinscan
2014-12-18 02:43:24 +01:00
549f3c69ff
Dont crash when tab complete threads command with typos
2014-12-17 19:36:04 -05:00
5262096905
Land #4412 , get_once NilClass fixes
2014-12-17 14:07:09 -06:00
6b0a98b69c
Resolve #4408 - bad uncaught nil get_once
2014-12-17 14:02:42 -06:00
1ff51d5856
Land #4410 , rm_f with more f
2014-12-17 13:16:46 -06:00
698ca2639b
Do not delete files that do not exist in rm_f
2014-12-17 09:18:06 -05:00
9de4137aa7
Patch UA/Proxy settings during migration, lands #3632
2014-12-16 22:21:48 -06:00
370f6003e3
Refactors metsrv patching in reverse_hop_htt.rb
2014-12-17 11:57:17 -05:00
1930eb1bf8
Refactors metsrv patching in reverse_http.rb
2014-12-17 10:04:43 -05:00
f6af86a06d
Land #4402 , ms12_020_check NilClass fix
2014-12-16 15:34:25 -06:00
3a00db3c9c
Land #4404 , Oracle scheduler exploit fix
2014-12-16 15:33:44 -06:00
c78685269f
Land #4403 , msfvenom configurable variable name
2014-12-16 10:10:54 -06:00
f237c56a13
This oracle scheduler exploit hangs if not vuln
...
When this exploit gets run against a system that isn't vulnerable
it can hang for a signifigant ammount of time. This change uses the check
method on the exploit to see whether it should proceed. Don't try to exploit
the host if it's not vulnerable.
2014-12-16 09:42:42 -06:00
513fd122b8
Update rpsec
2014-12-16 00:26:53 -06:00
c2bc79c53c
Resolves #4275 - Configurable variable name as an option
...
Resolves #4275
2014-12-15 23:59:34 -06:00
52b3025351
Reworked to avoid extending String class on blob per hdm's rec.
2014-12-15 21:40:41 -05:00
2604746fb7
Land #4361 , Kippo detector
2014-12-15 14:54:48 -06:00
81a069d548
Merge pull request #1 from wvu-r7/pr/4361
...
Merging changes. Thanks for all the help!
2014-12-15 15:51:48 -05:00
4c994d84e0
Updating version to 4.11 for Flood release
2014-12-15 14:42:09 -06:00
8394cc13a8
Perform final cleanup of detect_kippo
2014-12-15 14:38:38 -06:00
c611249723
Take full advantage of the check command
2014-12-15 12:50:59 -06:00
9edb2b4fab
Fix #4378 - Do exception handling
...
Fix #4378
2014-12-15 12:37:36 -06:00
effb5b966f
Land #4328 , @bcoles' exploit for ActualAnalyzer < 2.81 'ant' code execution
2014-12-15 09:57:27 -08:00
025c0771f8
Have exploit call check. Have check report_vuln
2014-12-15 09:53:11 -08:00
4c714b3eaf
Land #4386 - Fix issue #3852 (support for other languages for enable_rdp)
2014-12-15 11:37:05 -06:00
f521e7d234
Use newer Ruby hash syntax
2014-12-15 09:17:32 -08:00
c93dc04a52
Resolve address before storing the working cred
2014-12-15 09:11:12 -08:00
c24fdb81b5
Land #4389 , Meatballs1's fix for enum_ad_* post module regressions
...
Fixes #4387 by adjusting for the new return type from ADSI queries.
2014-12-15 10:45:12 -06:00
5ca8f187b3
Merge remote-tracking branch 'upstream/pr/4328' into temp
2014-12-15 08:15:51 -08:00
3ee60101cf
Updating lockfile for credential 0.13.8
...
Logfile cleanup
2014-12-14 21:12:32 -06:00
63320ce7bd
Updating to latest metasploit-credential, 0.13.8
...
Drops test log files that are clogging build
2014-12-14 21:05:32 -06:00
4530066187
return nil
2014-12-15 01:04:39 +11:00
55d9e9cff6
Use list of potential analytics hosts
2014-12-14 23:15:41 +11:00
f1f57c6ed9
Merge pull request #1 from jhart-r7/landing-4328
...
Minor improvements to actual analyzer ant cookie exploit
2014-12-14 23:04:13 +11:00
e3943682a2
Improves linux/armle payloads, lands #3315
2014-12-13 18:27:14 -06:00
e2617c7095
Return the workspace id in responses, lands #4142
2014-12-13 18:04:58 -06:00
00590f9f26
Adds Java serialization support, lands #4327
2014-12-13 17:47:53 -06:00
6ea5ed1a82
Shrinks windows payloads, lands #4391
2014-12-13 17:41:50 -06:00
David Maloney
Jon Hart
William Vu
Spencer McIntyre
Tod Beardsley
sinn3r
Trevor Rosen
Jakub Nawalaniec
HD Moore
Sean Verity
Andrew Morris
Samuel Huckins
Brent Cook
Brendan Coles