Commit Graph

23794 Commits (32cd846fe4dc33f435c03314bd9c796ad235ba36)

Author SHA1 Message Date
xistence ef4a019b20 Quantum DXi V1000 SSH private key exposure 2014-03-17 14:15:00 +07:00
xistence e261975c34 Array Networks vxAG and vAPV SSH key and privesc 2014-03-17 14:11:16 +07:00
xistence 1043d9d8b2 Array Networks vxAG and vAPV SSH key and privesc 2014-03-17 14:06:55 +07:00
William Vu 506c354722
Land #3103, vars_get check for msftidy 2014-03-15 19:57:19 -05:00
William Vu 9eada528d7
Land #3097, Rex::Text.uri_encode RFC 3986 fix 2014-03-14 15:38:24 -05:00
William Vu 267c415653
Land #3102, missing require in reverse_powershell 2014-03-14 15:28:52 -05:00
Daniel Miller 0b6a890137 Fix missing require in reverse_powershell
When initializing the db:

/opt/metasploit-framework/modules/payloads/singles/cmd/windows/reverse_powershell.rb:34:in `initialize': uninitialized constant Msf::Handler::ReverseTcp (NameError)
    from /opt/metasploit-framework/lib/msf/core/payload_set.rb:198:in `new'
    from /opt/metasploit-framework/lib/msf/core/payload_set.rb:198:in `add_module'
    from /opt/metasploit-framework/lib/msf/core/module_manager/loading.rb:72:in `on_module_load'
    from /opt/metasploit-framework/lib/msf/core/modules/loader/base.rb:207:in `load_module'
    from /opt/metasploit-framework/lib/msf/core/modules/loader/base.rb:271:in `block in load_modules'
    from /opt/metasploit-framework/lib/msf/core/modules/loader/directory.rb:58:in `block (2 levels) in each_module_reference_name'
    from /opt/metasploit-framework/lib/rex/file.rb:127:in `block in find'
    from /opt/metasploit-framework/lib/rex/file.rb:126:in `catch'
    from /opt/metasploit-framework/lib/rex/file.rb:126:in `find'
    from /opt/metasploit-framework/lib/msf/core/modules/loader/directory.rb:45:in `block in each_module_reference_name'
    from /opt/metasploit-framework/lib/msf/core/modules/loader/directory.rb:29:in `foreach'
    from /opt/metasploit-framework/lib/msf/core/modules/loader/directory.rb:29:in `each_module_reference_name'
    from /opt/metasploit-framework/lib/msf/core/modules/loader/base.rb:264:in `load_modules'
    from /opt/metasploit-framework/lib/msf/core/module_manager/loading.rb:118:in `block in load_modules'
    from /opt/metasploit-framework/lib/msf/core/module_manager/loading.rb:116:in `each'
    from /opt/metasploit-framework/lib/msf/core/module_manager/loading.rb:116:in `load_modules'
    from /opt/metasploit-framework/lib/msf/core/module_manager/module_paths.rb:56:in `block in add_module_path'
    from /opt/metasploit-framework/lib/msf/core/module_manager/module_paths.rb:55:in `each'
    from /opt/metasploit-framework/lib/msf/core/module_manager/module_paths.rb:55:in `add_module_path'
    from /opt/metasploit-framework/lib/msf/base/simple/framework/module_paths.rb:14:in `init_module_paths'
    from /opt/metasploit-framework/lib/msf/ui/console/driver.rb:228:in `initialize'
    from /opt/metasploit-framework/msfconsole:148:in `new'
    from /opt/metasploit-framework/msfconsole:148:in `<main>'
2014-03-14 19:28:00 +00:00
David Maloney da0c37cee2
Land #2684, Meatballs PSExec refactor 2014-03-14 13:01:20 -05:00
Tod Beardsley 5613da79f1
Land #3100, drop noisy line length check
This doesn't fix the associated redmine issue, but it knocks out 21
warnings that are hard/impossible to fix programmatically.

[SeeRM #8498]
2014-03-14 11:27:04 -05:00
William Vu 6aa75a328f Ax the arbitrary long line warning
It's not 80 or 132. ;)
2014-03-14 10:28:58 -05:00
Brandon Perry a01dd48640 a bit better error message if injection works but no file 2014-03-13 13:38:43 -07:00
Brandon Perry b0688e0fca clarify LOAD_FILE perms in description 2014-03-13 13:11:27 -07:00
William Vu 8393a49148
Land #3098, check command host selection fix
[FixRM #8768]
2014-03-13 14:25:39 -05:00
sinn3r 243fa4f56a
Land #2910 - MPlayer Lite M3U Buffer Overflow 2014-03-13 14:13:17 -05:00
sinn3r e832be9eeb Update description and change ranking
The exploit requires the targeted user to open the malicious in
specific ways.
2014-03-13 14:09:37 -05:00
sinn3r 6e37493471
Land #3091 - native shellcode payloads from a FF privileged js shell 2014-03-13 13:36:37 -05:00
James Lee 9aaf111523
Only test routes when they are implemented 2014-03-13 13:05:09 -05:00
James Lee 6438b9372c
Land #3067, python meterp net.config additions 2014-03-13 13:03:43 -05:00
Michael Messner 8db5d854c2 typo, null terminator 2014-03-13 18:38:27 +01:00
Joe Vennix 952b50f8c1
Add priv escalation mixin to the firefox local exploit. 2014-03-13 11:49:44 -05:00
Joe Vennix db036e44ad Use RdlCopyMemory from Kernel32. 2014-03-13 11:05:58 -05:00
sinn3r 7ead04414c
Land #3024 - Allow encoder Compat options 2014-03-13 10:59:40 -05:00
William Vu 591a2c3529
Land #3099, Rapid7 name normalization 2014-03-13 10:34:13 -05:00
Tod Beardsley 6309c4a193
Metasploit LLC transferred assets to Rapid7
The license texts should reflect this.
2014-03-13 09:47:52 -05:00
Tod Beardsley 520d1e69c4
Rapid7 Comma Inc
After some more discussion with Rapid7's legal fellow.
2014-03-13 09:46:20 -05:00
Brandon Perry 2734b89062 update normalize_uri calls 2014-03-13 06:55:15 -07:00
William Vu 5aad8f2dc3
Land #3088, SNMP timestamp elements fix 2014-03-13 02:22:14 -05:00
sinn3r 84b08a5a35 Fix check command host selection behavior
[SeeRM #8768] Instead of using the saved value for host, the check
command should use whatever the user specifies.
2014-03-12 22:54:01 -05:00
Brandon Perry 7540dd83eb randomize markers 2014-03-12 20:11:55 -05:00
Brandon Perry 3fedafb530 whoops, extra char 2014-03-12 19:54:58 -05:00
Brandon Perry aa00a5d550 check method 2014-03-12 19:47:39 -05:00
Michael Messner f39e784d19 mipsle execve payload 2014-03-12 21:08:40 +01:00
William Vu 5cf5643337
Land #3092, Rapid7, Inc. thing 2014-03-12 14:49:02 -05:00
Brandon Perry 9cb1c1a726 whoops, typoed the markers 2014-03-12 10:58:34 -07:00
Brandon Perry 6636d43dc5 initial module 2014-03-12 10:46:56 -07:00
Tod Beardsley 9d4ceaa3a0
Let's try to be consistent about Rapid7 Inc.
According to

http://www.sec.gov/Archives/edgar/data/1560327/000156032712000001/0001560327-12-000001.txt

Rapid7 is actually "Rapid7 Inc" not "Rapid7, LLC" any more.

This does not address the few copyright/license statements around
"Metasploit LLC," whatever that is.
2014-03-12 11:20:17 -05:00
Joe Vennix 851fca2107 Add posix fork() call before running code. 2014-03-12 02:56:26 -05:00
Joe Vennix 7afcb6aee8 Add CreateThread wrapper for windows. 2014-03-12 02:49:09 -05:00
Joe Vennix ce0c5380a5
Kill stray //. 2014-03-12 02:20:49 -05:00
Joe Vennix 9bdf570763
All working now. In-memory meterpreter even. 2014-03-12 02:19:28 -05:00
Tod Beardsley 206660ddde
Recreate the intent of cfebdae from @parzamendi-r7
The idea was to rescue on a NoReply instead of just fail, and was part
of a fix in #2656.

[SeeRM #8730]
2014-03-11 14:30:01 -05:00
Spencer McIntyre 5ea26688d7 Fix a syntax error for Python 2.4 2014-03-11 15:22:52 -04:00
sho-luv f7af9780dc
Rescue InvalidWordCount error
This is a cherry-pick of commit ea86da2 from PR #2656
2014-03-11 14:17:36 -05:00
Spencer McIntyre f3493ce220 Merge branch 'master' into pymeterpreter-net
Conflicts:
	data/meterpreter/ext_server_stdapi.py
2014-03-11 15:15:02 -04:00
Tod Beardsley 2d15ef68cc
Land #3087, lots of title/desc changes for msftidy
While this does not close the associated redmine issue, it makes
progress toward closing.

[SeeRM #8498]
2014-03-11 13:45:49 -05:00
Spencer McIntyre e874223421
Land #3083, fix pymet when ctypes isn't available 2014-03-11 14:31:44 -04:00
sinn3r b431bf3da9
Land #3052 - Fix nil error in BES 2014-03-11 12:51:03 -05:00
William Vu 517f264000 Add last chunk of fixes 2014-03-11 12:46:44 -05:00
James Lee f51ee2d6b4
snmp_enum: Treat missing timestamp elements as 0
Timestamps don't always have all the elements we expect. This treats
them as zeroes to ensure that we don't raise silly exceptions in that
case.
2014-03-11 12:44:07 -05:00
James Lee b87c2dca0b
Use older hash modules when hashlib isn't there 2014-03-11 12:25:54 -05:00