Joshua Smith
251c284458
modernizes some of the rpc code
2015-02-22 15:37:55 -06:00
HD Moore
29ac27f357
Lands #4813 , replaces print_* with exceptions
2015-02-22 14:14:16 -06:00
HD Moore
c60e2584bf
Comment typo
2015-02-22 02:51:18 -06:00
HD Moore
888c718f40
Fix two typos
2015-02-22 02:45:50 -06:00
HD Moore
ea54696d99
Remove redundant params now provided by the mixin helper
2015-02-22 02:32:28 -06:00
HD Moore
8e8a366889
Pass Http::Client parameters into LoginScanner::Http (see #4803 )
2015-02-22 02:26:15 -06:00
Christian Mehlmauer
c820431879
Land #4770 , Wordpress Ultimate CSV Importer user extract module
2015-02-22 08:52:45 +01:00
William Vu
2609a2acee
Land #4815 , MS15-001 reference update
2015-02-21 21:05:03 -06:00
William Vu
2b9ab901cb
Land #4811 , creds -d documentation
2015-02-21 20:59:52 -06:00
William Vu
9f826f4caa
Land #4809 , s/WtfError/ElfParseyError/
2015-02-21 20:52:58 -06:00
William Vu
b39e2bea8e
Land #4806 , EXE::Custom case-sensitivity fix
2015-02-21 20:49:53 -06:00
William Vu
f900d9cf26
Handle whitespace as per blank?
...
!~ /\S/ as per the original implementation of blank? also works.
2015-02-21 20:36:16 -06:00
rastating
f9dbff8a6c
Add store path output
2015-02-21 23:41:26 +00:00
Christian Mehlmauer
7d42dcee9c
Land #4769 , Wordpress holding-pattern theme file upload
2015-02-21 23:13:06 +01:00
Christian Mehlmauer
9223c23eb4
Land #4808 , Wordpress plugin upload module
2015-02-21 23:01:15 +01:00
sinn3r
aa8a82f44f
Update MS15-001 reference
2015-02-21 08:39:21 -06:00
rastating
708340ec5a
Tidy up various bits of code
2015-02-21 12:53:33 +00:00
jvazquez-r7
ef62e1fc04
Land #4798 , @wchen-r7's deletion of x64 support on ms13_022_silverlight_script_object
...
* Ungenuine support, well deleted
2015-02-21 01:11:09 -06:00
jvazquez-r7
ef990223d5
Move arch out of target
2015-02-21 01:10:35 -06:00
sinn3r
441c301fd3
Fix #4458 , more informative errors for ms04_011
...
Fix #4458
2015-02-21 00:32:20 -06:00
sinn3r
bf2be7964b
Fix #4592 , print_* methods used in LoginScanner modules
...
Fix #4592
2015-02-20 22:46:21 -06:00
sinn3r
fb9a054713
Fix rspec
...
The login URi is user-configurable so we shouldn't dictate this
anymore.
2015-02-20 22:08:09 -06:00
sinn3r
f4e512e0ff
Should be an array
2015-02-20 21:56:49 -06:00
sinn3r
40c237f507
Fix #3982 , allow URIs to be user configurable
...
Fix #3982
2015-02-20 21:54:03 -06:00
sinn3r
b8cb93d712
Fix #3790 , document the creds -d feature
...
Fix #3790
2015-02-20 21:38:26 -06:00
sinn3r
099dbee538
Update help.feature
2015-02-20 21:23:02 -06:00
sinn3r
b5f8ae85cf
Fix #3827 , Add support to rename a job
...
Fix #3827
2015-02-20 21:13:45 -06:00
sinn3r
85871ab822
Fix #4382 , Make errors more meaningful
...
Fix #4382
2015-02-20 20:09:58 -06:00
rastating
76a64b31d7
Resolve msftidy issues
2015-02-21 01:41:29 +00:00
rastating
7d30b214ee
Add WordPress admin shell upload module
2015-02-21 01:31:33 +00:00
rastating
7e1e0f8196
Add plugin upload functionality
2015-02-21 01:20:20 +00:00
sinn3r
40972220e3
Land #4804 , HP Client Automation Command Injection
2015-02-20 16:56:03 -06:00
Brent Cook
58436fcc98
Land #4706 jvazquez-r7 adds NTLMSSP support for smb_relay
2015-02-20 15:15:00 -06:00
William Vu
c9ddd0dac9
Land #4795 , f5_bigip_cookie_disclosure update
2015-02-20 13:11:42 -06:00
William Vu
b676f5a07e
Clean up #4795
2015-02-20 13:10:31 -06:00
William Vu
59b7f321e5
Land #4801 , QConvergeConsole Tomcat creds
2015-02-20 12:54:07 -06:00
William Vu
cd8f9065be
Land #4807 , reverse_http_proxy_pstore spec
2015-02-20 12:28:20 -06:00
Brent Cook
641b67469d
add payload specs for reverse_http_proxy_pstore
...
PR predated the spec
2015-02-20 12:23:51 -06:00
Meatballs
dc4898765f
Fix EXE::Custom
2015-02-20 16:59:18 +00:00
Brent Cook
b624278f9d
Merge branch 'master' into land-4706-smb_reflector
2015-02-20 10:26:04 -06:00
Brent Cook
765a1bffd7
Land #1396 @somename11111's http_proxy_pstore stager
2015-02-20 09:47:34 -06:00
Brent Cook
5297ebc1a1
Merge branch 'master' into land-1396-http_proxy_pstore
...
Bring things back to the future
2015-02-20 08:50:17 -06:00
Brent Cook
91b4a59fc7
msftidy fixes
2015-02-20 08:42:54 -06:00
jvazquez-r7
1633a6d4fd
Read response back while staging
2015-02-20 01:06:47 -06:00
jvazquez-r7
b0c6671721
Add module for ZDI-15-038, HPCA command injection
2015-02-20 00:41:17 -06:00
Ferenc Spala
c498ba64e4
Added a new pair of default Tomcat credentials. QLogic's QConvergeConsole comes with a bundled Tomcat with a hard-coded username and password for the manager app.
2015-02-19 15:08:50 -06:00
sinn3r
49f4b68671
Land #4790 , injecting code into eval-based Javascript unpackers
2015-02-19 12:33:52 -06:00
sinn3r
036a6089eb
Drop ungenuine x64 support in ms13_022_silverlight_script_object
...
The MS13-022 exploit does not actually run as x64. IE by default
still runs x86 so BES will always automatically select that target.
If IE forces x64 (which can be done manually), the BES detection
code will see it as ARCH_X86_64, and the payload generator will
still end up generating a x86 payload anyway.
If the user actually chooses a x64 payload, such as
windows/x64/meterpreter/reverse_tcp, the exploit is going to crash
because you can't run x64 shellcode on an x86 architecture.
2015-02-19 10:39:43 -06:00
William Vu
27a8c460bd
Land #4797 , revert of #4780 (issue #4669 )
2015-02-19 09:58:20 -06:00
Brent Cook
4781ac4b39
the http service needs to keep running to handle meterpreter loading
...
revert a8f44ca68f
2015-02-19 09:38:48 -06:00