Commit Graph

43943 Commits (402e926151367fbc71512c29f89d88aef5583812)

Author SHA1 Message Date
William Vu 6de986bd70 Fix cache invalidation bug in tab completion
We use active_module instead of cmd_use to invalidate @cache_payloads,
since the ivar is no longer shared between cmd_set and cmd_use.

Fixes #8483. See #7655.
2017-09-29 18:01:50 -05:00
bigendiansmalls 9ae8bdda1c
Added Bind Shell JCL Payload for mainframe
The bind shell is the companion payload to the reverse_shell_jcl
payload for the mainframe platform.
2017-09-29 16:52:36 -05:00
William Vu 0723477b49 Fix nil bug in loot -a and nix hostless loot
Apparently you can't actually store hostless loot.
2017-09-29 16:16:16 -05:00
William Vu 1ec968192b Add tab completion to the edit command 2017-09-29 15:43:53 -05:00
bwatters-r7 e0fee9e317
Land #8821, Expose session naming 2017-09-29 15:32:47 -05:00
Metasploit 32104eb90e
Bump version of framework to 4.16.10 2017-09-29 10:04:04 -07:00
Pearce Barry e5a3441c98
Land #9020, fix #9019 - Travis Timeouts on build 2017-09-29 10:25:40 -05:00
Christian Mehlmauer 5c0bb26060
increase travis timeout 2017-09-29 11:50:02 +02:00
Christian Mehlmauer de017eed3c
fix #9019 2017-09-29 10:57:46 +02:00
William Vu 9b75ef7c36
Land #8343, qmail Shellshock module 2017-09-29 00:28:30 -05:00
William Vu daedf0d904 Clean up module 2017-09-29 00:27:22 -05:00
h00die 6cc5324e5b oe is all umlaut 2017-09-28 19:52:02 -04:00
Martin Pizala f973ff13b6
Add some lines to Exploit Detection and Mitigation 2017-09-29 00:55:53 +02:00
Martin Pizala 3a1a437ac7
Rubocop Stlye 2017-09-28 23:53:45 +02:00
Martin Pizala 40c58e3017 Function for selecting the target host 2017-09-28 23:43:59 +02:00
Martin Pizala cc98e80002
Change arch to ARCH_X64 2017-09-28 20:50:18 +02:00
RootUp 26108f5ac9 Create ibm_lotus_notes.md 2017-09-28 10:31:42 -05:00
h00die 2295146dcd working optionsbleed module 2017-09-27 22:07:57 -04:00
Adam Cammack 254602174f
Land #9016, Bump payloads for getsystem fix 2017-09-27 19:23:03 -05:00
OJ 7ea14e8431
Update payloads for getsystem fixes 2017-09-28 09:43:02 +10:00
h00die 997b831b52 implement regexes 2017-09-27 19:33:50 -04:00
William Vu a47536bb1b
Land #9013, Nokogiri mixin port-less fix 2017-09-27 13:52:55 -05:00
loftwing f777e2ab3b Merge branch 'master' into fix_nmap_imports
bringing branch up to date
2017-09-27 12:52:27 -05:00
loftwing 51c1cddb5c Removed requirement for a host to have ports 2017-09-27 12:43:50 -05:00
Brent Cook e39b7fd859
Land #9011, revert changes that hung getsystem/getprivs 2017-09-27 08:38:56 -05:00
OJ 3068fb6e7e
Fix getprivs and getsystem
This is a fix for crap and stupid stuff that I did half way through the
packet pivot code. I was working on some priv stuff at the same time,
and when I realised that the work I was doing was not sensible as part
of the packet pivot PR, I failed to revert my changes properly.

As a result I broke `getprivs` and `getsystem`. I am sorry. And I'm
ashamed.
2017-09-27 16:31:42 +10:00
Christian Mehlmauer 81406a073e
tidy up code 2017-09-27 08:01:48 +02:00
Christian Mehlmauer 41e3895424
remove checks for hardcoded name 2017-09-27 07:41:06 +02:00
h00die 0649d0d356 wip optionsbleed 2017-09-26 22:09:07 -04:00
bwatters-r7 579342c4f6
Land #8955, Fix error messages on telnet_encrypt_overflow.rb 2017-09-26 16:08:58 -05:00
bwatters-r7 66d6ac418a
Land #8978, Add smb1 scanner 2017-09-26 16:06:41 -05:00
Brent Cook 0d31c1c9a8
Land #8945, fix issue where we can call shutdown on a closed socket 2017-09-26 16:01:51 -05:00
Brent Cook 71f13db918 style updates 2017-09-26 15:58:43 -05:00
Adam Cammack 0408979e54
Land #9005, Remove spurious commas 2017-09-26 15:36:33 -05:00
Brent Cook cad36ee14e
Land #8952, suhosin compatibility added to staged payload 2017-09-26 15:22:36 -05:00
Brent Cook ea751dde4c
Land #8992, Bump Ruby to 2.4.2 2017-09-26 15:07:17 -05:00
Adam Cammack 968ae8e267
Land #8925, Allow `edit` to optionally take a path 2017-09-26 13:32:39 -05:00
root ec51ab2547 Exit function param bug 2017-09-26 11:16:41 +03:00
William Vu b10d6b8b63
Land #9001, SSLVersion consolidation for modules 2017-09-25 15:53:18 -05:00
William Vu 98ae054b06
Land #8931, Node.js debugger exploit 2017-09-25 14:00:13 -05:00
William Vu d234409d40
Land #8918, wp_admin_shell_upload multisite fix 2017-09-25 13:54:10 -05:00
William Vu 64dca2dd59
Land #8969, msftidy exit code rework 2017-09-25 13:45:26 -05:00
Brent Cook 7924667e51 appease alignists 2017-09-25 09:10:10 -05:00
Brent Cook 62ee4ed708 update modules to use inherited SSLVersion option 2017-09-25 09:03:22 -05:00
h00die 273d49bffd
Land #8891 login scanner for Inedo BuildMaster 2017-09-24 13:30:17 -04:00
h00die e6c4a87bda documentation update 2017-09-24 13:29:34 -04:00
h00die 4d1e51a0ff
Land #8906 RCE for supervisor 2017-09-24 08:03:30 -04:00
Brent Cook 7c1f965973 update tests to Ruby 2.3.5 too 2017-09-23 21:16:12 -04:00
Brent Cook ccc2636fd4 bump Ruby to 2.4.2, fix security issues 2017-09-23 21:12:12 -04:00
Brent Cook d73e95e7db
Land #8946, fix #8879, APK injection edge cases 2017-09-23 20:48:12 -04:00