Commit Graph

16454 Commits (27aae87c1884740bbbb391fef9fc8960bf6652d2)

Author SHA1 Message Date
Tod Beardsley fe81d02227 Merge remote-tracking branch 'bturner-r7/update-licensing' 2013-01-08 15:31:41 -06:00
Royce Davis 3e1ea25207 Added Yard documentation 2013-01-08 15:20:13 -06:00
Brandon Turner 67e8e40640 Replace THIRD_PARTY with machine-readable LICENSE 2013-01-08 13:38:18 -06:00
jvazquez-r7 52982c0785 Added BrowserAutopwn info 2013-01-08 19:53:34 +01:00
jvazquez-r7 0e475dfce1 improvements and testing 2013-01-08 19:43:58 +01:00
James Lee 95a95d45ec Fix importing msfxml files containing a session
[See #1179][SeeRM #7669]
2013-01-08 12:13:20 -06:00
Royce Davis c236e4e6e3 I took a stab at generating Yard documentation. I have never done it before... 2013-01-08 11:57:59 -06:00
Royce Davis 4fd196c0de Fixed typo, capitalization and column space 2013-01-08 11:52:40 -06:00
lmercer 69485ba261 made changes as specified in Redmine Bug #7139 2013-01-08 12:14:57 -05:00
jvazquez-r7 b2575f0526 Added module for OSVDB 76681 2013-01-08 17:46:31 +01:00
Tod Beardsley 2c3ccb5207 I dont hold all the BSD rights. 2013-01-08 07:44:54 -06:00
HD Moore 4eb35b5c1d Fix typo in license text 2013-01-07 23:29:49 -06:00
sinn3r e8b7a2db32 Merge branch 'jduck-smb_login_format_fix_rm_7657' 2013-01-07 22:36:14 -06:00
sinn3r be36c4ebef Some machines are sensitive about this. 2013-01-07 22:32:43 -06:00
sinn3r 90e755c6c6 Merge branch 'smb_login_format_fix_rm_7657' of github.com:jduck/metasploit-framework into jduck-smb_login_format_fix_rm_7657 2013-01-07 22:26:25 -06:00
Joshua J. Drake 3ceb313752 Fixes format string issue in smb_login - FixRM #7657 2013-01-07 22:17:49 -06:00
Tod Beardsley 2ae8a08db9 Add license for Byakugan, per e-mail from Lurene.
Ask pusscat@metasploit.com if you don't believe me -- got her license
statement today.
2013-01-07 22:06:20 -06:00
Joshua J. Drake d9789534ad Revert "Change temporary directory name, clean more things"
This reverts commit 302f20e089.
2013-01-07 22:04:38 -06:00
Joshua J. Drake 18a1a25316 Revert "Do not remove outputs on clean"
This reverts commit 3f2430a8a0.
2013-01-07 22:04:27 -06:00
Joshua J. Drake c74d258509 Revert "Fixes format string issue in smb_login - FixRM #7657"
Will replay on separate branch.

This reverts commit a12b628ccc.
2013-01-07 22:03:57 -06:00
Joshua J. Drake 60987de854 Merge branch 'master' of github.com:rapid7/metasploit-framework 2013-01-07 21:20:20 -06:00
Joshua J. Drake a12b628ccc Fixes format string issue in smb_login - FixRM #7657 2013-01-07 21:20:09 -06:00
sinn3r 2a1ab2c99a Improve the module 2013-01-07 19:03:58 -06:00
sinn3r 1d3c1ec7fc Merge branch 'master' of github.com:CharlieEriksen/metasploit-framework into CharlieEriksen-master 2013-01-07 19:03:35 -06:00
sinn3r 824bd84990 I forgot to add this exception 2013-01-07 18:06:39 -06:00
Charlie Eriksen 4e0fca6d0f Adding DB error handling
As per sinn3r's suggestion, adding handling for the most common MySQL
errors.

Also adding HostNotPrivileged, which I encountered during my testing.
2013-01-07 23:52:13 +00:00
sinn3r fc48cc117d Merge branch 'bug/rm7665-netsparker-import' of github.com:jlee-r7/metasploit-framework into jlee-r7-bug/rm7665-netsparker-import 2013-01-07 17:19:52 -06:00
sinn3r 83ce282a75 Merge branch 'bug/rm7665-netsparker-import' of github.com:jlee-r7/metasploit-framework into jlee-r7-bug/rm7665-netsparker-import 2013-01-07 17:18:04 -06:00
James Lee a0e6c7043b Add actual cdata handler
Netsparker puts requests, responses, and info for vulns inside a cdata
(which makes sense because it's usually html snippets). This commit
handles that so report_web_vuln will actually be somewhat useful. Note
that the request is ignored by report_web_vuln despite there being a
place for it in the WebVuln model.

[SeeRM #7665]
2013-01-07 17:16:48 -06:00
James Lee 8bfca52941 Clear state for new vulns
[FixRM #7665]
2013-01-07 16:27:40 -06:00
sinn3r 5bc1066c69 Change how modules use the mysql login functions 2013-01-07 16:12:10 -06:00
Gary Spillman 46fb7a0f30 Adding cucumber test scenarios for framework - redmine: /issues/7667 2013-01-07 16:08:58 -06:00
sinn3r 261e095e5e Handle exceptions in mysql_login 2013-01-07 16:02:59 -06:00
sinn3r 268de941c7 Merge branch 'tasos-r7-web-modules' 2013-01-07 13:37:32 -06:00
sinn3r b53e8c794f Fix indent level 2013-01-07 13:36:55 -06:00
sinn3r a59c474e3e Merge branch 'jvazquez-r7-ibm_cognos_tm1admsd_bof' 2013-01-07 13:34:52 -06:00
James Lee 3f9c459545 Fix ArgumentError when importing netsparker xml 2013-01-07 12:21:08 -06:00
smilingraccoon 9f69dbbd30 update unless statements, targeturi, and resolve var 2013-01-07 13:17:49 -05:00
Tod Beardsley 36adf86184 Various and sundry fixes for normalize_uri 2013-01-07 12:02:08 -06:00
Tod Beardsley 6a9445966a Caught missing paren 2013-01-07 11:21:55 -06:00
Tod Beardsley 33751c7ce4 Merges and resolves CJR's normalize_uri fixes
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules

Note that this trips all kinds of msftidy warnings, but that's for another
day.

Conflicts:
	modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
	modules/exploits/windows/http/xampp_webdav_upload_php.rb
2013-01-07 11:16:58 -06:00
Royce Davis 7dd9d30363 Added a new mixin psexec.rb 2013-01-07 11:05:23 -06:00
Joshua J. Drake 708b6cf3dd Merge branch 'master' of github.com:rapid7/metasploit-framework 2013-01-06 11:55:16 -06:00
Charlie Eriksen a8df3d71ff Changes based on Sinn3r's feedback
A bucket-load of changes!

- Added a fallback for if there is no Set-Cookie header
- Added a check if the cookie we produce is simply empty, meaning we
failed something :(
- Removed use of flatten. Though I may look into making that extraction
better
- Changed cgi requests to use vars_(post|get)
- Clarified a few status prints
- A few EOL space fixes
2013-01-06 12:34:27 +00:00
Rob Fuller 986435c598 Fix typo
Typo found by @schierlm but mentioned after the commit of pull request #1187
Info: https://github.com/rapid7/metasploit-framework/pull/1187#commitcomment-2340457
2013-01-06 01:47:15 -05:00
jvazquez-r7 b6011e6013 Merge branch 'meaningful_error' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-meaningful_error 2013-01-06 01:09:01 +01:00
jvazquez-r7 f2245ea573 Merge branch 'msftidy_fix' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-msftidy_fix 2013-01-06 00:45:50 +01:00
sinn3r 3d3799d38d Ok... even more explicit 2013-01-05 13:39:31 -06:00
Charlie Eriksen a5113f0da4 Adding a check function
Because it makes sense. The non-vulnerable versions doesn't have
/libs/pdf.php.

So pretty simple.
2013-01-05 18:37:29 +00:00
Charlie Eriksen ae72022777 Improvement for CVE 2012-4915
Made two tiny improvements based on Meatballs' points

- Added handling for 127.0.0.1 as DB_HOST
- Added a note in the description about it changing the pasword
2013-01-05 18:23:00 +00:00