Commit Graph

36250 Commits (35ea8c3f7409cdbc120bfbae5b58f1e502a5b7d3)

Author SHA1 Message Date
Brent Cook 35ea8c3f74 relax space needed a bit less, work with Windows XP and 2k3 2015-11-25 11:25:57 -06:00
Brent Cook 2a89a2bc9a increase the amount of space needed for ms08_067 2015-11-25 07:13:16 -06:00
William Vu 16e6ced867
Land #6108, OpenVPN creds scraper 2015-11-23 14:25:19 -06:00
William Vu 601d4fda9f Add note about --auth-nocache 2015-11-23 14:24:26 -06:00
Louis Sato 5303079ba4
Land #6262, local exploit add not implemented error 2015-11-23 14:23:13 -06:00
Louis Sato 2305e6048b
Land #6261, module ref verbose + timeout opts 2015-11-23 13:07:29 -06:00
Louis Sato 493e476a43
Land #6243, check nil for sock.read 2015-11-23 11:15:51 -06:00
Brent Cook 5654b6b2e2 Land #6227, reverse_hop_http updates and HTTPS unification 2015-11-23 06:29:15 -06:00
Brent Cook 25f2241aa3
Land #6246, show the user errors from create_session 2015-11-23 06:01:08 -06:00
Brent Cook 674f58ba87
Land #6273, update hdm account info 2015-11-23 05:47:06 -06:00
HD Moore 353cad2cc6 Update to match active & github account merge 2015-11-22 13:38:26 -06:00
wchen-r7 81c4aeedc1
Land #6270, Update Wordpress module titles 2015-11-21 21:37:28 -06:00
aushack 1410d03386 Fixed msftidy capitalisation. 2015-11-22 14:32:51 +11:00
aushack fc46ce0ced Bring module title in line with other WP modules. 2015-11-22 13:39:45 +11:00
wchen-r7 b636aeb303 rm print_warning 2015-11-20 19:38:33 -06:00
William Vu b2d6458f50
Land #6129, Joomla SQLi RCE 2015-11-20 14:30:23 -06:00
wchen-r7 d405f31c35 Add a NotImplementedError if run is used to run a local exploit
Running a local exploit like a post is not currently supported,
we should at least raise a warning or something, and not just
let it backtrace and confuse the user.
2015-11-19 14:31:31 -06:00
wchen-r7 467267b3be Fix #6260, add timeout and verbose option
Fix #6260
2015-11-19 11:30:16 -06:00
William Vu 7c5d292e42
Land #6201, chkrootkit privesc 2015-11-19 10:37:30 -06:00
Jon Hart 8d1f5849e0
Land #6228, @m0t's module for F5 CVE-2015-3628 2015-11-18 15:39:40 -08:00
Jon Hart ae3d65f649
Better handling of handler creation output 2015-11-18 15:31:32 -08:00
Jon Hart bcdf2ce1e3
Better handling of invulnerable case; fix 401 case 2015-11-18 15:24:41 -08:00
wchen-r7 fc16a904a3
Land #6252, Add SLEEP_TIME option for registry_persistence.rb 2015-11-18 15:32:19 -06:00
wchen-r7 3c72135a2f No to_i
What happens here is it converts to a Fixnum, and then it converts
back to a String anway because it's in a String.
2015-11-18 15:25:18 -06:00
m0t 26c88368f7 Merge pull request #7 from jhart-r7/pr/fixup-6228
print_ improvements, better cleanup and prevent multiple sessions
2015-11-18 22:04:56 +01:00
Jon Hart deec836828
scripts/handlers cannot start with numbers 2015-11-18 12:31:46 -08:00
Jon Hart 7399b57e66
Elminate multiple sessions, better sleep handling for session waiting 2015-11-18 12:23:28 -08:00
Jon Hart e4bf5c66fc
Use slightly larger random script/handler names to avoid conflicts 2015-11-18 11:51:44 -08:00
Jon Hart e7307d1592
Make cleanup failure messages more clear 2015-11-18 11:44:34 -08:00
Jon Hart 0e3508df30 Squash minor rubocop gripes 2015-11-18 11:05:10 -08:00
Jon Hart f8218f0536 Minor updates to print_ output; wire in handler_exists; 2015-11-18 11:05:10 -08:00
Jon Hart 392803daed Tighten up cleanup code 2015-11-18 11:05:10 -08:00
William Vu 657e50bb86 Clean up module 2015-11-18 12:50:57 -06:00
m0t c0d9c65ce7 always overwrite the payload file 2015-11-18 18:48:34 +00:00
wchen-r7 0cda20c9e2 Fix everything pointed out by @jlee-r7 2015-11-18 12:02:28 -06:00
sammbertram a484b318eb Update registry_persistence.rb 2015-11-18 16:13:18 +00:00
sammbertram 1fe8bc9cea Added a SLEEP_TIME option
Added a SLEEP_TIME options which is the number of seconds to sleep prior to executing the initial IEX request. This is useful in cases where a machine would have to establish a VPN connection, initiated by the user, after a reboot. 

Alternatively, as opposed to a sleep time, it could have a loop that attempts to retry for a certain period of item.
2015-11-18 11:17:57 +00:00
m0t 109a733a4e Merge pull request #6 from jhart-r7/pr/fixup-6228
More cleanup of F5 BIG-IP iCall privilege escalation vulnerability (CVE-2015-3628)
2015-11-18 09:50:37 +01:00
Jon Hart 089a006408
Land #6248 2015-11-17 14:28:55 -08:00
Jon Hart e21bf80ae4
Squash a rogue space 2015-11-17 14:17:59 -08:00
Jon Hart 3396fb144f
A little more simplification/cleanup 2015-11-17 14:16:29 -08:00
Jon Hart dcfb3b5fbc
Let Filedropper handle removal 2015-11-17 13:01:06 -08:00
HD Moore a9e8ab785e
Land #6220, adds ATG client module 2015-11-17 13:31:17 -06:00
HD Moore e107ec2d17 Change fail to fail_with, fix typo 2015-11-17 13:30:46 -06:00
HD Moore 74f6ff7752 Rename to atg_client to match conventions 2015-11-17 12:59:37 -06:00
jvoisin 44d477a13c Fix some rubocop warnings 2015-11-17 13:26:50 +01:00
Roberto Soares ac99f9c229 Fix condition 2015-11-17 00:52:42 -02:00
Roberto Soares f69e7c0fb3 Fix condition 2015-11-17 00:49:04 -02:00
Roberto Soares a48d0b275b Added check if the commands executed successfully. 2015-11-17 00:07:31 -02:00
wchen-r7 f6fdabfd77
Land #6239, added Session info display to module output
MS-706
2015-11-16 18:10:58 -06:00