Commit Graph

31266 Commits (3b21de390661675fc6d47dbce293e37bd128e56c)

Author SHA1 Message Date
Joshua Smith 251c284458 modernizes some of the rpc code 2015-02-22 15:37:55 -06:00
HD Moore 29ac27f357
Lands #4813, replaces print_* with exceptions 2015-02-22 14:14:16 -06:00
HD Moore c60e2584bf Comment typo 2015-02-22 02:51:18 -06:00
HD Moore 888c718f40 Fix two typos 2015-02-22 02:45:50 -06:00
HD Moore ea54696d99 Remove redundant params now provided by the mixin helper 2015-02-22 02:32:28 -06:00
HD Moore 8e8a366889 Pass Http::Client parameters into LoginScanner::Http (see #4803) 2015-02-22 02:26:15 -06:00
Christian Mehlmauer c820431879
Land #4770, Wordpress Ultimate CSV Importer user extract module 2015-02-22 08:52:45 +01:00
William Vu 2609a2acee
Land #4815, MS15-001 reference update 2015-02-21 21:05:03 -06:00
William Vu 2b9ab901cb
Land #4811, creds -d documentation 2015-02-21 20:59:52 -06:00
William Vu 9f826f4caa
Land #4809, s/WtfError/ElfParseyError/ 2015-02-21 20:52:58 -06:00
William Vu b39e2bea8e
Land #4806, EXE::Custom case-sensitivity fix 2015-02-21 20:49:53 -06:00
William Vu f900d9cf26 Handle whitespace as per blank?
!~ /\S/ as per the original implementation of blank? also works.
2015-02-21 20:36:16 -06:00
rastating f9dbff8a6c Add store path output 2015-02-21 23:41:26 +00:00
Christian Mehlmauer 7d42dcee9c
Land #4769, Wordpress holding-pattern theme file upload 2015-02-21 23:13:06 +01:00
Christian Mehlmauer 9223c23eb4
Land #4808, Wordpress plugin upload module 2015-02-21 23:01:15 +01:00
sinn3r aa8a82f44f Update MS15-001 reference 2015-02-21 08:39:21 -06:00
rastating 708340ec5a Tidy up various bits of code 2015-02-21 12:53:33 +00:00
jvazquez-r7 ef62e1fc04
Land #4798, @wchen-r7's deletion of x64 support on ms13_022_silverlight_script_object
* Ungenuine support, well deleted
2015-02-21 01:11:09 -06:00
jvazquez-r7 ef990223d5 Move arch out of target 2015-02-21 01:10:35 -06:00
sinn3r 441c301fd3 Fix #4458, more informative errors for ms04_011
Fix #4458
2015-02-21 00:32:20 -06:00
sinn3r bf2be7964b Fix #4592, print_* methods used in LoginScanner modules
Fix #4592
2015-02-20 22:46:21 -06:00
sinn3r fb9a054713 Fix rspec
The login URi is user-configurable so we shouldn't dictate this
anymore.
2015-02-20 22:08:09 -06:00
sinn3r f4e512e0ff Should be an array 2015-02-20 21:56:49 -06:00
sinn3r 40c237f507 Fix #3982, allow URIs to be user configurable
Fix #3982
2015-02-20 21:54:03 -06:00
sinn3r b8cb93d712 Fix #3790, document the creds -d feature
Fix #3790
2015-02-20 21:38:26 -06:00
sinn3r 099dbee538 Update help.feature 2015-02-20 21:23:02 -06:00
sinn3r b5f8ae85cf Fix #3827, Add support to rename a job
Fix #3827
2015-02-20 21:13:45 -06:00
sinn3r 85871ab822 Fix #4382, Make errors more meaningful
Fix #4382
2015-02-20 20:09:58 -06:00
rastating 76a64b31d7 Resolve msftidy issues 2015-02-21 01:41:29 +00:00
rastating 7d30b214ee Add WordPress admin shell upload module 2015-02-21 01:31:33 +00:00
rastating 7e1e0f8196 Add plugin upload functionality 2015-02-21 01:20:20 +00:00
sinn3r 40972220e3
Land #4804, HP Client Automation Command Injection 2015-02-20 16:56:03 -06:00
Brent Cook 58436fcc98
Land #4706 jvazquez-r7 adds NTLMSSP support for smb_relay 2015-02-20 15:15:00 -06:00
William Vu c9ddd0dac9
Land #4795, f5_bigip_cookie_disclosure update 2015-02-20 13:11:42 -06:00
William Vu b676f5a07e Clean up #4795 2015-02-20 13:10:31 -06:00
William Vu 59b7f321e5
Land #4801, QConvergeConsole Tomcat creds 2015-02-20 12:54:07 -06:00
William Vu cd8f9065be
Land #4807, reverse_http_proxy_pstore spec 2015-02-20 12:28:20 -06:00
Brent Cook 641b67469d add payload specs for reverse_http_proxy_pstore
PR predated the spec
2015-02-20 12:23:51 -06:00
Meatballs dc4898765f
Fix EXE::Custom 2015-02-20 16:59:18 +00:00
Brent Cook b624278f9d Merge branch 'master' into land-4706-smb_reflector 2015-02-20 10:26:04 -06:00
Brent Cook 765a1bffd7
Land #1396 @somename11111's http_proxy_pstore stager 2015-02-20 09:47:34 -06:00
Brent Cook 5297ebc1a1 Merge branch 'master' into land-1396-http_proxy_pstore
Bring things back to the future
2015-02-20 08:50:17 -06:00
Brent Cook 91b4a59fc7 msftidy fixes 2015-02-20 08:42:54 -06:00
jvazquez-r7 1633a6d4fd Read response back while staging 2015-02-20 01:06:47 -06:00
jvazquez-r7 b0c6671721 Add module for ZDI-15-038, HPCA command injection 2015-02-20 00:41:17 -06:00
Ferenc Spala c498ba64e4 Added a new pair of default Tomcat credentials. QLogic's QConvergeConsole comes with a bundled Tomcat with a hard-coded username and password for the manager app. 2015-02-19 15:08:50 -06:00
sinn3r 49f4b68671
Land #4790, injecting code into eval-based Javascript unpackers 2015-02-19 12:33:52 -06:00
sinn3r 036a6089eb Drop ungenuine x64 support in ms13_022_silverlight_script_object
The MS13-022 exploit does not actually run as x64. IE by default
still runs x86 so BES will always automatically select that target.

If IE forces x64 (which can be done manually), the BES detection
code will see it as ARCH_X86_64, and the payload generator will
still end up generating a x86 payload anyway.

If the user actually chooses a x64 payload, such as
windows/x64/meterpreter/reverse_tcp, the exploit is going to crash
because you can't run x64 shellcode on an x86 architecture.
2015-02-19 10:39:43 -06:00
William Vu 27a8c460bd
Land #4797, revert of #4780 (issue #4669) 2015-02-19 09:58:20 -06:00
Brent Cook 4781ac4b39 the http service needs to keep running to handle meterpreter loading
revert a8f44ca68f
2015-02-19 09:38:48 -06:00