3615bd094d
limit the # of bssids sent to google, log more error details
2015-08-14 17:58:33 -05:00
82e1181ccb
update to metasploit-payloads 1.0.8
2015-08-14 17:38:54 -05:00
f4031d87fc
light ruby style cleanups
2015-08-14 17:26:05 -05:00
3aab9aa74c
move BSSID checker to tools, fixup rubocop warnings, add OS X example
2015-08-14 17:13:11 -05:00
c02df6b39d
Land #5800 , @bperry's Symantec Endpoint Protection Manager RCE module
2015-08-14 17:03:48 -05:00
b33abd72ce
Complete description
2015-08-14 17:03:21 -05:00
4aa3be7ba2
Do ruby fixing and use FileDropper
2015-08-14 17:00:27 -05:00
3d92e9d71c
Land #5802 , add support for background colors in prompts
2015-08-14 15:02:51 -05:00
ddb7224160
Land #5847 , @todb-r7 on behalf of anonymous contributor, exploit for FF CVE-2015-4495
...
* To exfiltrate arbitrary files
* Tested successfully on linux
2015-08-14 14:57:28 -05:00
a560496455
Do minor ruby style fixes
2015-08-14 14:50:03 -05:00
82193f11e7
Minor js fixes
2015-08-14 14:45:48 -05:00
0a4651a553
Land #5359 , add PuTTY session enumeration module
2015-08-14 13:20:05 -05:00
b908f41b0f
Land #5838 , @bcook-r7's fixes for paylaod cached sizes
2015-08-14 12:39:58 -05:00
f25a5da46f
Do Minor fixes
2015-08-14 12:37:49 -05:00
e4cb6872f2
Add exploit for CVE-2015-4495, Firefox PDF.js
2015-08-14 12:07:15 -05:00
66148336e1
Modify tests to resolve false negative
...
MSP-13064
2015-08-14 11:48:52 -05:00
6b1e911041
Instantiate payload modules so parameter validation occurs
...
Calling .new on payload modules does not perform parameter validation, leading
to a number cached sizes based on invalid parameters. Most notably,
normalization does not occur either, which makes all OptBool params default to
true.
2015-08-14 11:35:39 -05:00
0615d908c4
Update description to explain quarantine effects.
2015-08-13 23:46:37 -05:00
84144bf6cf
Update webarchive_uxss to use the webarchive mixin.
...
- Fixes extension installation to use a new window, not an iframe
- Steals the entire cookie file
- Removes cache poisoning scripts, which no longer seem to work
2015-08-13 23:41:27 -05:00
33f1324fa9
Land #5813 , @jakxx adds VideoCharge SEH file exploit
2015-08-13 18:01:25 -04:00
f19186adda
Land #5841 , homm3_h3m default target change
2015-08-13 14:54:58 -05:00
02c6ea31bb
Use the more recent HD version as default target
2015-08-13 14:42:21 -05:00
80a22412d9
use EXITFUNC instead of ExitFunction
2015-08-13 21:22:32 +02:00
605a14350f
Land #5833 , sshexec improvements
2015-08-13 14:16:22 -05:00
3bd6c4cee4
Add a comma
2015-08-13 14:16:09 -05:00
677ec341dd
Land #5839 , pre-bloggery cleanup edits
2015-08-13 13:43:57 -05:00
c94a185610
Land #5697 , Werkzeug debug RCE
2015-08-13 13:32:27 -05:00
d54ee19ce9
Clean up module
2015-08-13 13:32:22 -05:00
bb4116ed9d
Avoid msftidy.rb rule breaking on missing newline
2015-08-13 12:38:05 -05:00
50041fad2a
Pre-Bloggery cleanup
...
Edited modules/auxiliary/gather/lansweeper_collector.rb first landed in
and minor description word choice changes.
Edited modules/auxiliary/server/browser_autopwn2.rb first landed in
options. Also removed from the description the missing options of
'WhiteList' and 'RealList' -- those don't appear to be available
according to `show options` and `show advanced`, @wchen-r7.
Edited modules/post/multi/recon/local_exploit_suggester.rb first landed
in #5823 , mv local_exploit_{suggestor,suggester} for minor description
cleanup and axing the description of the SHOWDESCRIPTION option (it's
already described identically on the option itself).
2015-08-13 12:33:04 -05:00
6e75db090f
Fix comment
2015-08-12 21:11:48 -05:00
e9203060b0
Allow the hostname and port to be overridden, necessary for complex NAT setups
2015-08-12 16:20:14 -05:00
790356bac8
add infer_vuln_from_session to other valid case
...
MSP-13065
2015-08-12 15:45:37 -05:00
01b3ae2dd8
Revert "added infer_vuln_from_session to other valid case"
...
This reverts commit 53e747ce2e
2015-08-12 15:43:16 -05:00
53e747ce2e
added infer_vuln_from_session to other valid case
...
MSP-13064
2015-08-12 15:35:03 -05:00
e7566d6aee
Adding print_status line
2015-08-12 16:08:04 -04:00
28fbb7cdde
Update the description of the sshexec module
2015-08-12 16:05:09 -04:00
7eb5b8e03f
Merge pull request #1 from FireFart/videocharge
...
improve module from @FireFart
2015-08-12 16:04:59 -04:00
dfe2bbf1e9
Add a python target to the sshexec module
2015-08-12 15:46:47 -04:00
979d7e6be3
improve module
2015-08-12 15:37:37 +02:00
2b225b2e7e
Added changes per feedback
...
Updated to include and use seh mixin
changed offset and space for reliability
got rand_text buffer junk working
removed double spaces and stupid fillers in file data
2015-08-12 01:34:45 -04:00
80f415074b
Land #5823 , mv local_exploit_{suggestor,suggester}
2015-08-11 13:52:55 -05:00
7f0d992914
Fixed name typo
2015-08-11 11:51:52 -05:00
4c28cae5d1
updated to include recommendation from @zerosteiner
2015-08-10 18:38:23 -04:00
203c231b74
Fix #5659 : Update CMD exploits payload compatibility options
2015-08-10 17:12:59 -05:00
76f6312fab
Fix #3916 Support 64 bits targets on enum_cred_store
2015-08-10 15:16:12 -05:00
6e684d46f2
Ensure exceptions don't interfere with `busy`
2015-08-10 12:11:37 -04:00
e141d1451c
Fix calls to stage_payload
2015-08-10 09:33:38 +10:00
a611fff7bf
Use Rex::ThreadSafe.select on CVE-2015-1793
2015-08-08 07:43:39 -07:00
c8ba5bb90c
Land #5513 , @rcvalle's exploit for incomplete internal state distinction in JSSE
2015-08-08 07:41:53 -07:00
Brent Cook
jvazquez-r7
Tod Beardsley
Greg Mikeska
joev
Spencer McIntyre
William Vu
Christian Mehlmauer
Mo Sadek
HD Moore
jakxx
Alex Watt
OJ