349a366e84
ysoserial: Changes from code review
2018-12-17 15:41:31 -06:00
cd2dbf0edf
ysoserial: Modified `hp_imc_java_deserialize` to use the library
2018-12-14 16:13:17 -06:00
a2a38bb72f
ysoserial: Distracted halfway through a comment 🙃
2018-12-14 15:07:13 -06:00
74b4ba1c50
ysoserial: Change class name to camelcase to align with Ruby style guide
2018-12-14 14:44:58 -06:00
212454b1fb
ysoserial: Support larger payloads, Randomize fingerprintable string
2018-12-14 14:43:30 -06:00
fa74a1839a
Initial support for dynamic ysoserial Java serialization payloads
2018-12-14 12:51:08 -06:00
ae089ce573
Land #10960 , add wp duplicator code inject module
2018-12-11 12:02:07 -06:00
b82e3469a2
renamed module and doc
2018-12-11 11:59:19 -06:00
7e953e34b9
Added the clean_up function
2018-12-11 18:13:46 +01:00
f946b6d900
automatic module_metadata_base.json update
2018-12-11 06:39:46 -08:00
1ab69c221c
Land #11040 , Add CyberLink LabelPrint Local BOF
2018-12-11 08:19:51 -06:00
106d6cefe4
Add documentation
2018-12-11 07:55:52 -06:00
165f082160
Fix syntax, minor edits
2018-12-11 07:55:20 -06:00
3968b1ed2e
automatic module_metadata_base.json update
2018-12-10 09:42:28 -08:00
3f18ffa224
Land #10318 , Oracle function-based index privesc
2018-12-10 11:32:39 -06:00
d0f1f72426
Clean up module
2018-12-10 11:21:16 -06:00
43842ad41d
Land #11082 , Update show plugins to show all available plugins as well
2018-12-10 10:20:51 -06:00
2ccce813e0
automatic module_metadata_base.json update
2018-12-10 08:06:37 -08:00
bc6356a2cd
Land #11090 , update code and style for exploit/linux/local/glibc_origin_expansion_priv_esc
2018-12-10 09:59:03 -06:00
5bddc4e9ef
Land #11096 , Replace WsfDelay typo with WfsDelay in docs
2018-12-10 11:03:53 +00:00
bca4ae03ff
Replace WsfDelay with WfsDelay
2018-12-10 16:02:19 +05:30
aa56f1e073
automatic module_metadata_base.json update
2018-12-09 22:47:11 -08:00
82d34b9406
Land #11087 , File::binread for exploit_data
2018-12-10 00:38:51 -06:00
52af87d278
Land #11091 , add chronos user
2018-12-09 09:24:06 -06:00
45c6f1ed62
Fix #11084 Add 'chronos' to unix_users.txt
...
This commit adds the username 'chronos' to the user list as it happens
to be the default username on ChromeOS, as highlighted by @h00die in
Issue #11084 .
2018-12-09 09:58:58 -05:00
237d3c86c4
Code cleanup and update style
2018-12-09 07:26:51 +00:00
a9c0a5d53d
Use ::File::binread for exploit_data file read
2018-12-09 04:09:56 +00:00
d9e7efa7e2
automatic module_metadata_base.json update
2018-12-08 07:59:36 -08:00
d3fc707c98
Land #11080 , update mettle payloads
2018-12-08 09:51:37 -06:00
cff8816781
automatic module_metadata_base.json update
2018-12-08 07:28:08 -08:00
3768f79568
Land #11085 , add lkrg_installed? checks to various modules
2018-12-08 09:19:33 -06:00
733c2f637d
Land #11081 , Add Msf::Post::Linux::Kernel.lkrg_installed? method
2018-12-08 09:14:57 -06:00
d8ab6a552b
Add lkrg_installed? checks
2018-12-08 13:37:12 +00:00
52eb60469e
automatic module_metadata_base.json update
2018-12-08 05:07:49 -08:00
2e5e392085
Land #11079 , add kernel configuration checks to local exploits
2018-12-08 06:58:48 -06:00
42c5a7d245
Update show plugins to show all available plugins as well as the loaded ones.
...
Fixes #11051
2018-12-08 01:19:44 +05:30
df76521100
Land #11066 , add rpc output locking, fix logging
2018-12-07 13:49:10 -06:00
7f4d97ef46
don't embed status characters in messages, use correct logging instead
2018-12-07 13:29:56 -06:00
09ffce4ec5
fix mutex locking, push to rpcSend
2018-12-07 13:28:34 -06:00
80d83720df
Add Msf::Post::Linux::Kernel.lkrg_installed? method
2018-12-07 14:42:16 +00:00
275c043cfd
Add kernel_config checks
2018-12-07 03:28:17 +00:00
0345c8f66c
update mettle payloads
...
This is a large update to mettle payloads including:
* Adds globbing support to the `ls` command (https://github.com/rapid7/mettle/pull/139 )
* Fixes crashes on iOS platforms when cryptTLV is enabled (https://github.com/rapid7/mettle/pull/142 )
* Fixes display of the OS version on macOS and iOS (https://github.com/rapid7/mettle/pull/143 )
* Fixes the local port handling for pivoted client network connections (https://github.com/rapid7/mettle/pull/144 )
* Fixes an unaligned memory access in TLV packet handling, needed for some CPUs (https://github.com/rapid7/mettle/pull/145 )
* Fixes some compatibility issues building on Solaris (https://github.com/rapid7/mettle/pull/147 )
* Updated libpcap, mbedtls, and libcurl to the latest versions (https://github.com/rapid7/mettle/pull/146 )
2018-12-06 21:16:41 -06:00
9e110eb9fc
Land #10940 , add default service mapping to imports
2018-12-06 21:04:05 -06:00
273d26f173
automatic module_metadata_base.json update
2018-12-06 19:00:59 -08:00
f4282bfb56
Land #11064 , Add Msf::Post::Linux::Kernel.kernel_config method
2018-12-06 20:52:12 -06:00
310d6f0170
Land #11068 , Update db_connect help text
2018-12-06 20:32:13 -06:00
7d8458d8d4
Land #11076 , Prevent storing empty config files as loot
2018-12-06 20:30:08 -06:00
1515dffd06
Land #11062 , Suppress 'Permission denied' errors when enumerating SUID files
2018-12-06 20:22:44 -06:00
71f84fe6a7
Land #11060 , Add checks to post/linux/gather/enum_protections
2018-12-06 20:17:50 -06:00
7b654409f7
Land #11078 , add additional CVE for exploit/linux/http/php_imap_open_rce
2018-12-06 20:14:49 -06:00
asoto-r7
Shelby Pace
Julien Legras
Metasploit
Jacob Robles
William Vu
Brent Cook
Brendan Coles
Auxilus
Shreyans Devendra Doshi
Garvit Dewan