728d7bc065
Fix #9876 , second round of Drupalgeddon 2 updates
...
Thanks to a reviewer for noticing my drupal_unpatched? method was
tri-state because of an unrefactored return. Oops! :)
2018-05-03 17:38:32 -05:00
ce5be387c4
Land #8795 , Added CVE-2016-0040 Windows Privilege Escalation
...
Merge branch 'land-8795' into upstream-master
2018-05-03 16:33:53 -05:00
96b892a546
Make Rubocop happy
2018-05-03 11:30:05 -05:00
916dfa56fe
Add author name to the wlan_probe_request post-exploitation module
2018-05-03 11:41:09 +02:00
d6cf32fad8
Land #9821 , osCommerce 2.3.4.1 - Remote Code Execution
2018-05-02 07:29:15 -05:00
fc2c42f725
Land #9960 , fix continuation warnings in payloads
2018-05-02 06:28:17 -05:00
4a56ecf3ae
psexec native upload argument
2018-05-01 09:33:17 -05:00
34f8a9a5ee
fix continuation warnings in payloads
2018-05-01 04:57:42 -05:00
28173222a8
Land #9881 , cleanup psexec code
2018-04-30 18:39:36 -05:00
e29a53b7cb
Land #9951 , Update linux/gather/enum_protections module
2018-04-30 16:52:30 -05:00
f3fa9af098
fixup osx sizes
2018-04-30 15:21:23 -05:00
7e31c2cf76
Land #9942 , IPv6 channel fixes for Python and Linux/macOS Meterpreters
2018-04-30 15:14:12 -05:00
3351a59efb
Update linux/gather/enum_protections
2018-04-29 06:52:47 +00:00
c4bca03fea
Land #9908 , msfd_rce_remote and msfd_rce_browser
2018-04-27 18:54:17 -05:00
82fc4aba64
Land #9918 , XDebug Unauthenticated OS command execution
2018-04-27 17:08:58 -05:00
8fd7448e48
bump payloads, ipv6 channel fixes
2018-04-27 14:18:54 -05:00
d29bc920c1
print o/p to new line
2018-04-27 20:58:25 +05:30
912970ad3b
change vprint to print for printing o/p in psexec_command
2018-04-27 20:47:21 +05:30
0374de5e0d
change vprint to print for printing o/p
2018-04-27 10:49:04 +05:30
25cf8d175a
report command execution o/p
2018-04-27 08:43:30 +05:30
79d8f5e86c
autofilter = false means skip, which is reverse of intuition
2018-04-26 17:20:55 -05:00
54aaf1f718
Land #9937 , enable autofilter on tp-link camera exploit
2018-04-26 16:08:09 -05:00
4789cdc596
enable autofilter on tp-link camera exploit
2018-04-26 14:56:39 -05:00
0fa0358993
Land #9853 , Update Linux sock_sendpage local exploit module
2018-04-26 14:30:51 -05:00
873cbcee27
Fix #9876 , minor updates to Drupalgeddon 2
...
1. Tested versions are already listed in the module doc, and we've
tested more than just 7.57 and 8.4.5 now. Removing a source of potential
inconsistency in the future.
2. No problem with ivars anymore. No idea what happened, but maybe I was
just too tired to code. Removing cleanup method.
2018-04-25 18:09:54 -05:00
f52e6a18a2
Land #9876 , Drupalgeddon 2
2018-04-25 15:49:53 -05:00
b8eb7f2a86
Set target type instead of regexing names
...
We're no longer matching multiple targets like /In-Memory/ or /Dropper/,
so it makes sense to match on a specific value now.
Old matching in this commit: 1900aa2708
2018-04-25 11:53:26 -05:00
2cd0228db2
Land #9900 , add base64 encoder for ruby
2018-04-25 04:06:50 -05:00
4cba6d1df4
suggest a reason if we get no server response
2018-04-25 03:57:12 -05:00
910e9337fb
Use print_good for patch level check, oops
2018-04-24 23:21:22 -05:00
b7ac16038b
Correct comment about PHP CLI (it's not our last!)
2018-04-24 23:18:51 -05:00
ec43801564
Add check for patch level in CHANGELOG.txt
...
Looks like 8.x has core/CHANGELOG.txt instead.
2018-04-24 23:12:33 -05:00
2ff0e597a0
Add SA-CORE-2018-002 as an AKA ref
...
Makes sense to me. Even though it's technically the advisory.
2018-04-24 22:51:33 -05:00
382a7f8aa3
Merge https://github.com/rapid7/metasploit-framework into psexec_cleanup
2018-04-25 09:09:48 +05:30
8bc1417c8c
Use PHP_FUNC as a fallback in case assert() fails
...
Additionally drop a file in a writable directory in case CWD fails.
2018-04-24 22:29:27 -05:00
cbfdaf23a0
updated for requested changes
2018-04-25 08:56:54 +05:30
8ff4407ca6
Clarify version detection error message
...
This was supposed to imply that we couldn't configure the exploit for a
targetable version. Instead, it just read weirdly. I think it was
missing "to target" at the end. "Determine" is a much better word,
though, since we may be doing detection instead of mere configuration.
2018-04-24 20:51:51 -05:00
e7ac2cd155
move report_auth to psexec module
2018-04-24 23:00:55 +05:30
c81ad8fec0
Changes after review
2018-04-24 18:33:27 +02:00
cfaca5baa3
Restore a return lost in the refactor :(
...
Also spiff up comments.
2018-04-24 11:25:55 -05:00
3353102dc1
fix opt dependencies
2018-04-24 21:55:09 +05:30
a0f16b4a66
Prefer print_warning for consistency
2018-04-24 11:17:19 -05:00
7ef8b99480
Improve printing in ETERNALBLUE's verify_arch
...
Now shows the invalid arch instead of showing nothing.
2018-04-24 11:09:54 -05:00
b507391f1b
Change back to vprint_status for the nth time
...
I really couldn't decide, especially once I got rid of CmdStager.
Also fully document the module options.
2018-04-24 04:23:52 -05:00
c8b6482ab0
Rewrite PHP targets to work with 7.x and 8.x
...
Win some, lose some. php -r spawns a new (obvious) command. :/
Check method and version detection also rewritten. :)
2018-04-24 03:38:05 -05:00
f9a804e7d8
Bring the PR up to date
2018-04-23 08:52:05 -05:00
60c6f970c1
Added base64 encoder for Ruby
2018-04-21 10:54:26 +02:00
8be58d315c
Stop being lazy about badchar analysis
...
Badchars apply to all targets.
2018-04-20 19:30:38 -05:00
5be4526085
Merge remote-tracking branch 'upstream/master' into feature/drupal
2018-04-20 18:42:15 -05:00
1c92134606
Land #9756 , Add lastore-daemon D-Bus Privilege Escalation exploit
...
Merge branch 'land-9756' into upstream-master
2018-04-20 15:45:37 -05:00
William Vu
bwatters-r7
Borja Merino
Jacob Robles
Brent Cook
Jeffrey Martin
Brendan Coles
Aaron Soto
Auxilus
Robin Stenvi
Wei Chen