Jin Qian
35fdf1473b
Fixed issue #7650 where etherpad_duo_login module may crash
...
Add check for presence of Server header.
2016-12-02 18:07:18 -06:00
Brendan
86ec5861f9
Land #7649 , update session_compatible? for changes from PR#7507
...
Fixing the ability to find compatible post scripts for sessions
2016-12-02 16:29:08 -06:00
Jeffrey Martin
b218c7690a
cleanup stray comment
2016-12-02 15:25:58 -06:00
Jeffrey Martin
0be166e719
update session_compatible? for changes from PR#7507
2016-12-02 14:55:38 -06:00
wchen-r7
7ee9408da3
Land #7647 , Search with an intersect instead of a union
2016-12-02 13:55:50 -06:00
darkbushido
889de05af4
removing some commented code
2016-12-02 13:06:22 -06:00
darkbushido
486f8cd2a3
adding arch to search
2016-12-02 13:05:23 -06:00
darkbushido
f6694992ce
changing module search to use the new scopes
2016-12-02 13:05:23 -06:00
dmohanty-r7
f45b0e3c88
Land #7643 , only use ANSI ctrl chars in stdio output
2016-12-02 12:54:46 -06:00
Metasploit
76db530a86
Bump version of framework to 4.13.4
2016-12-02 10:02:53 -08:00
wchen-r7
374763e991
Land #7636 , support sleep command for android meterpreter
2016-12-02 11:48:26 -06:00
William Vu
ff8141c1b5
Land #7644 , cred fix for vbulletin_vote_sqli_exec
2016-12-01 15:47:31 -06:00
William Vu
c65ff2f0f4
Land #7646 , get_cookies fix for dolibarr_login
2016-12-01 15:43:43 -06:00
Jin Qian
11906eb540
Fix issue #7645 where dolibarr_login module crashed
...
Add "res" (http response) when trying to retrieve the cookie
2016-12-01 15:38:26 -06:00
wchen-r7
41355898fa
Remove extra def report_cred in vbulletin_vote_sqli_exec
2016-12-01 15:31:24 -06:00
wchen-r7
9325ef8d8f
Land #7573 , Add WP Symposium Plugin SQLI aux mod to steal credentials
2016-12-01 14:56:30 -06:00
wchen-r7
6b5dba72d4
Update description
2016-12-01 14:55:16 -06:00
wchen-r7
64bc029106
Fix Ruby style
2016-12-01 14:53:55 -06:00
wchen-r7
90ec367a99
Add method to save creds to database
2016-12-01 14:52:51 -06:00
wchen-r7
174cd74900
Land #7532 , Add bypass UAC local exploit via Event Viewer module
2016-12-01 11:16:49 -06:00
wchen-r7
1e9d80c998
Fix another typo
2016-12-01 11:16:06 -06:00
wchen-r7
b8243b5d10
Fix a typo
2016-12-01 11:15:26 -06:00
David Maloney
c9b5e43201
only use ANSI ctrl chars in stdio output
...
the async output fix was put in the parent UI IO
class when it only really makes sense in stdio.
Those ctrl sequences will noly be understood if output to a
terminal.
MS-2298
2016-12-01 11:06:17 -06:00
William Vu
54684d31bd
Land #7641 , check_conn? fix for cisco_ssl_vpn
2016-11-30 21:14:19 -06:00
William Vu
032312d40b
Properly check res
2016-11-30 21:03:29 -06:00
William Vu
1d6ee7192a
Land #7427 , new options for nagios_xi_chained_rce
2016-11-30 17:11:02 -06:00
William Vu
b0cd28ef4c
Update module docs
2016-11-30 17:10:57 -06:00
William Vu
3e8cdd1f36
Polish up USER_ID and API_TOKEN options
2016-11-30 17:10:52 -06:00
Jin Qian
ec83a861c8
Fix issue #7640 where cisco SSL VPN not move despite server responded
...
Add the "return true" statement that was missing.
2016-11-30 16:25:13 -06:00
OJ
ebf5121359
Merge branch 'upstream/master' into add-bypassuac-eventvwr
2016-12-01 07:58:16 +10:00
OJ
6890e56b30
Remove call to missing function
2016-12-01 07:57:54 +10:00
David Maloney
2a065cd220
Land #7591 , sinn3r's warbird check fix
...
Lands sinn3r's fix to the warbird license verification
check in the payload segment injector
2016-11-30 15:45:04 -06:00
jinq102030
f13d012ade
Merge pull request #7639 from wchen-r7/fix_7628
...
Fix #7628 , concrete5_member_list HTML parser
2016-11-30 14:52:41 -06:00
wchen-r7
56505d2cc1
Resolve merge conflict
2016-11-30 14:33:23 -06:00
wchen-r7
c70c3701c5
Fix #7628 , concrete5_member_list HTML parser
...
Fix #7628
2016-11-30 14:20:36 -06:00
William Webb
b6bb1995ad
Merge branch 'master' of github.com:rapid7/metasploit-framework into upstream-master
2016-11-30 12:00:45 -06:00
William Webb
c31758e0ea
Land #7627 , Fix typo in payloads/linux/armle/mettle
2016-11-30 11:58:47 -06:00
wchen-r7
530e9a9bc6
Land #7633 , fix dell_idrac to stop trying on a user after a valid login
2016-11-30 11:46:31 -06:00
David Maloney
5b80c5de6b
Land #7635 , OJ's fix to UUID unpacking
...
fixes an issue with UUID packing that would
incorrectly trim off nullbytes
2016-11-30 11:19:33 -06:00
David Maloney
d1be2d735f
Land #7578 , pdf-shaper exploit
...
Land lsato's work on the pdf-shaper buffer overflow
exploit
2016-11-30 11:13:12 -06:00
Tim
8f3fab4b1b
fix sleep and transport on android
2016-11-30 21:59:01 +08:00
OJ
e5db0f4610
Fix unpack causing puid breakage in some cases
2016-11-30 15:51:17 +10:00
Jin Qian
afed1f465e
Fix issue 7632 where MSF keeps trying after success.
...
Thanks to Wei who suggested adding "return :next_user" after success.
2016-11-29 14:57:15 -06:00
David Maloney
3c9ebb97be
Land #7624 , Wvu's style fixes
...
land's wvu's style and text fixes for the
OS X archived messages module
2016-11-29 14:05:05 -06:00
David Maloney
4c50a7c80d
Land #7630 , Username Regex Fix
...
lands jin's fix for the username regex in
the concrete5 module
2016-11-29 14:00:27 -06:00
Jin Qian
1beeb99d44
Fix issue 7628, username extracted became garbled
...
Make the regular expression less aggressive.
2016-11-29 12:52:57 -06:00
Adam Cammack
878779e14c
Fix typo in payloads/linux/armle/mettle
2016-11-29 10:12:17 -06:00
William Vu
b6fe6c1d38
Fix #7597 , minor changes to enum_messages
2016-11-28 17:37:32 -06:00
wchen-r7
19bcef0c92
Land #7623 , Prefer DefaultOptions to reregistering SSL option
2016-11-28 14:54:12 -06:00
William Vu
c39c53b102
Prefer DefaultOptions to reregistering SSL option
2016-11-28 14:29:02 -06:00