James Lee
26b40666ce
Merge branch 'rapid7' into feature/stage_encoding
2013-01-15 15:10:58 -06:00
sinn3r
9dc42e93e7
Reduce unnecessary indent level
2013-01-15 14:36:41 -06:00
sinn3r
5109cc97fe
Add more verbs
...
[SeeRM: #7138 ] by jabra
2013-01-15 14:11:53 -06:00
sinn3r
b3291c0329
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
2013-01-15 14:10:47 -06:00
James Lee
ee14c1c613
Merge remote-tracking branch 'R3dy/psexec-mixin2' into rapid7
2013-01-15 12:58:50 -06:00
James Lee
4883cf4b01
Minor doc comment additions
2013-01-15 12:49:43 -06:00
sinn3r
b5167e7695
Merge branch 'add_bap_to_itms_overflow' of github.com:jvennix-r7/metasploit-framework into jvennix-r7-add_bap_to_itms_overflow
2013-01-15 12:25:07 -06:00
sinn3r
6508964171
For consistency with other post modules, also do a store_loot
2013-01-15 12:16:32 -06:00
sinn3r
c1794e9195
Merge branch 'bulletproof_ftp_creds' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-bulletproof_ftp_creds
2013-01-15 11:41:42 -06:00
sinn3r
6e6e90d733
Cosmetic changes
2013-01-15 11:36:49 -06:00
sinn3r
a06d49a8be
Return symbols
...
STOP_ON_SUCCESS is being ignored because the module's login function
doesn't pass a symbol to the mixin. This addresses that.
2013-01-15 11:25:02 -06:00
James Lee
d36e38fca6
Move encoding into handle_connection
...
* Allows payloads that override generate_stage to still take advantage
of stage encoding
* Also adds doc comments for a few methods
2013-01-15 10:34:31 -06:00
sinn3r
54883da8cd
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
2013-01-15 10:25:05 -06:00
Jose Selvi
18f81fd6f4
Nagios3 history.cgi exploit
2013-01-15 15:32:32 +01:00
Tod Beardsley
9d4366fdab
Merge remote-tracking branch 'wchen-r7/irb_terminatelineinput'
2013-01-15 01:50:15 -08:00
Tod Beardsley
6064dfcb71
Merge remote-tracking branch 'wchen-r7/fail_to_reload_fix'
2013-01-15 01:43:07 -08:00
Tod Beardsley
279a61d0f4
Add the optional pause for Windows
2013-01-15 13:44:59 -06:00
Tod Beardsley
db4a392de2
Msfupdate should check for installation validity
...
This fix will allow people to at least solve their own msfupdate
problems by registering for Community Edition.
[SeeRM #7690 ]
2013-01-15 13:44:59 -06:00
jvazquez-r7
1e64d36320
avoid begin rescue blocks
2013-01-15 02:05:58 +01:00
James Lee
a1e853500f
Merge branch 'bug/optint_empty' into feature/stage_encoding
2013-01-14 15:50:39 -06:00
James Lee
21c18b78e6
Don't bother nil check, to_s handles it
2013-01-14 15:47:58 -06:00
James Lee
0c90171fa7
Deal with alread-normalized ints
...
[See #1308 ][See #1304 ]
2013-01-14 15:31:14 -06:00
James Lee
fb19ec1005
Merge branch 'rapid7' into feature/stage_encoding
2013-01-14 15:20:23 -06:00
James Lee
83877b6c76
Merge branch 'master' of github.com:rapid7/metasploit-framework into rapid7
2013-01-14 15:19:27 -06:00
sinn3r
347cc3f879
Merge branch 'bug/rm7680-psexec_command-convert-nil-into-integer' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-bug/rm7680-psexec_command-convert-nil-into-integer
2013-01-14 15:12:43 -06:00
sinn3r
04b35a38ff
Update MSB ref
2013-01-14 14:59:32 -06:00
sinn3r
b2ecb18a71
Allow OptInt to pass "" for special reasons
...
Cheap fix
2013-01-14 14:55:48 -06:00
lmercer
a89db93891
psexec_command - Unable to execute specified command: can't convert nil into Integer
...
Patched as described in Redmine bug #7680
2013-01-14 15:54:40 -05:00
sinn3r
07d15baf89
Merge branch 'bug/opt_int_hex' of github.com:jlee-r7/metasploit-framework into jlee-r7-bug/opt_int_hex
2013-01-14 14:40:25 -06:00
James Lee
bbb3fa25be
Allow negative values for OptInt
...
[FixRM #7540 ]
2013-01-14 14:18:56 -06:00
jvazquez-r7
c6c59ace46
final cleanup
2013-01-14 20:53:19 +01:00
jvazquez-r7
5ecb0701ea
Merge branch 'freesshd_authbypass' of https://github.com/danielemartini/metasploit-framework into danielemartini-freesshd_authbypass
2013-01-14 20:52:45 +01:00
jvazquez-r7
3eaa07afae
documenting magic numbers
2013-01-14 19:43:34 +01:00
jvazquez-r7
530df0acf0
delete comments
2013-01-14 19:22:39 +01:00
jvazquez-r7
57be789f2c
Fix comments by egypt
2013-01-14 19:22:02 +01:00
jvazquez-r7
702638a6a3
final cleanup
2013-01-14 17:36:24 +01:00
jvazquez-r7
b0a339708d
Merge branch 'w3totalcache' of https://github.com/FireFart/metasploit-framework into FireFart-w3totalcache
2013-01-14 17:35:48 +01:00
Christian Mehlmauer
b11fd48b05
implemented juans feedback
2013-01-14 17:06:52 +01:00
Christian Mehlmauer
8b85f7d977
fix msftidy
2013-01-14 14:55:53 +01:00
Christian Mehlmauer
0acbcfd964
fix url path
2013-01-14 14:39:50 +01:00
Christian Mehlmauer
c17ee70e66
Use target_uri for the wordpress url
2013-01-14 14:34:34 +01:00
jvazquez-r7
40fc861eee
Added post module for BulletProof FTP Client
2013-01-14 13:50:10 +01:00
joe
771fc07264
Change :vuln_test to :os_name for checking OS.
2013-01-14 02:17:40 -06:00
joe
efcdb1097c
Add BAP options to itms_overflow module.
2013-01-14 01:42:58 -06:00
James Lee
b3b68c1b90
Make stage encoding possible
...
* Fixes a bug in shikata where input greater than 0xffff length would
still use 16-bit counter
* Short circuits finding bad xor keys if there are no bad characters to
avoid
* Fixes huge performance issue with large inputs to xor-based encoders
due to the use of String#+ instead of String#<< in a loop. It now
takes ~3 seconds on modern hardware to encode a 750kB buffer with
shikata where it used to take more than 10 minutes. The decoding side
takes a similar amount of time and will increase the wait between
sending the second stage and opening a usable session by several
seconds.
I believe this addresses the intent of pull request 905
[See #905 ]
2013-01-13 21:07:39 -06:00
James Lee
0d34e0b249
Fix regex for hex numbers
2013-01-13 20:53:40 -06:00
sinn3r
90b0a7035b
Recover the prompt again
2013-01-13 13:24:48 -06:00
Christian Mehlmauer
0c95938b1d
Added a request to force db caching
2013-01-13 20:12:37 +01:00
Daniele Martini
04fe1dae11
Added module for Freesshd Authentication Bypass (CVE-2012-6066)
...
This module works against FreeSSHD <= 1.2.6. Tested against
password and public key authentication methods. It will generate
a random key and password.
To use it you need to know a valid username. The module contains
a basic bruteforce methods, so you can specify more than one to try.
2013-01-13 17:08:04 +01:00
James Lee
4703a6f737
Unbreak OptInt hex syntax
...
* Fix spec for no-longer-pending tests
* Fix regex in OptInt#valid? to allow hex syntax again
[See #1293 ][See #1296 ]
2013-01-12 14:17:29 -06:00