Commit Graph

27081 Commits (41e41e2f497eab860e6a7f158c8a0028baa652b1)

Author SHA1 Message Date
James Lee fa27def41f Revert "Fix a crash when we can't connect to PG"
This reverts commit b6deb6a342.
2014-08-20 11:01:29 -05:00
OJ a6b7262611 Updated to meterpreter_bins version 0.0.7
This has been a long time coming! Kiwi has been broken for a while and
this updated fixes that problem.

Details of the binaries build date/commits are in the gemspec in the
main meterpreter_bins repo.
2014-08-20 12:30:34 +10:00
William Vu f0f5772217
Land #3675, firefox_svg_plugin un-deprecation 2014-08-19 17:52:41 -05:00
sinn3r e2e2dfc6a3 Undo FF 2014-08-19 17:47:44 -05:00
sinn3r 777efb5e48
Land #3669 - Deprecate ff 17 svg exploit 2014-08-19 17:42:31 -05:00
sinn3r c73ec66c7a
Land #3659 - Add HybridAuth install.php PHP Code Execution 2014-08-19 17:19:01 -05:00
Tod Beardsley a4c6a10edb
The .foo domain is live now.
I still kinda hate these tests, though, since they fail in wildcard DNS
environments (like OpenDNS).
2014-08-19 16:47:30 -05:00
dmaloney-r7 0c9dafff54 Merge pull request #3673 from jlee-r7/bug/MSP-11061/crash-without-postgres
Fix a crash when we can't connect to PG
2014-08-19 16:16:30 -05:00
James Lee b6deb6a342
Fix a crash when we can't connect to PG
MSP-11061

No Postgres, no cry
2014-08-19 15:30:24 -05:00
Tod Beardsley 08430ee7ac
Land #3616, cred gem for imap from @TomSellers 2014-08-19 15:26:12 -05:00
Tom Sellers 74920d26a4 Update to server/capture/imap.rb for new Credential system 2014-08-19 15:25:31 -05:00
Tod Beardsley 170c8b699a
Land #3617 from @TomSellers, ftp anon scanner 2014-08-19 13:22:30 -05:00
sinn3r 311cc5befb
Land #3668 - Add specs for Rex::Exploitation::HeapLib 2014-08-19 13:14:24 -05:00
Tom Sellers 3fdad4dc91
Update auxillary/scanner/ftp with Credential Gem 2014-08-19 13:13:05 -05:00
sinn3r 7bf637716a
Land #3663 - Add specs for Rex::Exploitation::EncryptJS 2014-08-19 13:08:14 -05:00
William Vu dc95b01cc5
Land #3670, smb_login private_type fix
[FixRM #8841]
2014-08-19 11:30:23 -05:00
William Vu b748cee760
Land #3664, enum_osx dump_hash removal 2014-08-19 11:29:23 -05:00
jvazquez-r7 325c05d0e0
Land #3671, @wchen-r7's fix for RangeWalker spec 2014-08-19 11:01:14 -05:00
sinn3r f3528c929f geez, glassfish gtf outta there 2014-08-19 10:40:52 -05:00
sinn3r ad241910d0 This is more invalid than the other one 2014-08-19 10:39:50 -05:00
David Maloney e9dea358b8
gemfile change 2014-08-19 10:32:44 -05:00
David Maloney 473b92a060
Merge branch 'master' into feature/MSP-10992/scanner-dry
Conflicts:
	Gemfile.lock
	lib/metasploit/framework/command/console.rb
	lib/metasploit/framework/common_engine.rb
	lib/metasploit/framework/credential.rb
	lib/metasploit/framework/credential_collection.rb
	lib/metasploit/framework/login_scanner/afp.rb
	lib/metasploit/framework/login_scanner/axis2.rb
	lib/metasploit/framework/login_scanner/db2.rb
	lib/metasploit/framework/login_scanner/ftp.rb
	lib/metasploit/framework/login_scanner/http.rb
	lib/metasploit/framework/login_scanner/mssql.rb
	lib/metasploit/framework/login_scanner/mysql.rb
	lib/metasploit/framework/login_scanner/pop3.rb
	lib/metasploit/framework/login_scanner/postgres.rb
	lib/metasploit/framework/login_scanner/result.rb
	lib/metasploit/framework/login_scanner/smb.rb
	lib/metasploit/framework/login_scanner/snmp.rb
	lib/metasploit/framework/login_scanner/ssh.rb
	lib/metasploit/framework/login_scanner/telnet.rb
	lib/metasploit/framework/login_scanner/vnc.rb
	lib/metasploit/framework/parsed_options/console.rb
	lib/metasploit/framework/require.rb
	lib/metasploit/framework/version.rb
	lib/msf/core/modules/namespace.rb
	modules/auxiliary/analyze/jtr_postgres_fast.rb
	modules/auxiliary/scanner/afp/afp_login.rb
	modules/auxiliary/scanner/db2/db2_auth.rb
	modules/auxiliary/scanner/ftp/ftp_login.rb
	modules/auxiliary/scanner/http/axis_login.rb
	modules/auxiliary/scanner/http/http_login.rb
	modules/auxiliary/scanner/http/tomcat_mgr_login.rb
	modules/auxiliary/scanner/mssql/mssql_login.rb
	modules/auxiliary/scanner/mysql/mysql_login.rb
	modules/auxiliary/scanner/pop3/pop3_login.rb
	modules/auxiliary/scanner/postgres/postgres_login.rb
	modules/auxiliary/scanner/snmp/snmp_login.rb
	modules/auxiliary/scanner/ssh/ssh_login.rb
	modules/auxiliary/scanner/ssh/ssh_login_pubkey.rb
	modules/auxiliary/scanner/telnet/telnet_login.rb
	modules/auxiliary/scanner/vnc/vnc_login.rb
	modules/auxiliary/scanner/winrm/winrm_login.rb
	spec/lib/metasploit/framework/credential_spec.rb
	spec/lib/msf/core/framework_spec.rb
2014-08-19 10:30:16 -05:00
sinn3r 17b03e7d34 Fix rspec due to an invalid dns becoming valid 2014-08-19 10:28:30 -05:00
OJ e0df664656
Land #3653 : NETAPI x64 fixes 2014-08-19 11:40:43 +10:00
sinn3r 7330e3585f Support Glassfish 4.0 and lots of other changes 2014-08-18 19:03:26 -05:00
James Lee f169b8dff3
Fix hashes being stored as passwords 2014-08-18 15:52:13 -05:00
joev b93fda5cef
Remove browser_autopwn hook from deprecated FF module. 2014-08-18 15:33:43 -05:00
joev 87aa63de6e
Deprecate FF17 SVG exploit.
This exploit needs flash, the tostring_console injection one does not.
2014-08-18 15:32:51 -05:00
cdoughty-r7 5fac1510bc Merge pull request #3667 from todb-r7/fix-release
Release fixes: Minor caps, grammar, desc fixes
2014-08-18 14:06:01 -05:00
Brendan Coles 564431fd41 Use arrays in refs for consistency 2014-08-18 18:54:54 +00:00
jvazquez-r7 f812d2619c Fix load_js when opts[:newobfu] and add specs 2014-08-18 13:50:19 -05:00
Tod Beardsley 6792ded714
Land #3666, fix msfconsole start w/out database 2014-08-18 13:44:20 -05:00
Tod Beardsley cad281494f
Minor caps, grammar, desc fixes 2014-08-18 13:35:34 -05:00
James Lee b9e449f5e2
Fix crash when database.yml doesn't exist 2014-08-18 12:40:57 -05:00
jvazquez-r7 3dae6ee934 Not prefixing the class when describing method 2014-08-18 12:19:30 -05:00
jvazquez-r7 2dc579d467 Add template for specs 2014-08-18 12:16:20 -05:00
jvazquez-r7 75df32b1d3 Use single quoted strings out of the spec strings 2014-08-18 11:43:54 -05:00
joev 5654370316
Remove hashdump functionality from enum_osx.
There is a specific hashdump module that is more up-to-date, no need to duplicate
functionality (and code).
2014-08-18 11:40:11 -05:00
sinn3r 7c1605efe4
Land #3662 - Fix android payload issue when running browser_autopwn 2014-08-18 11:38:28 -05:00
jvazquez-r7 4ffd166918 Add specs for Rex::Exploitation::EncryptJS 2014-08-18 11:31:36 -05:00
Vincent Herbulot fd40a68525 Added YARD documentation to lib/msf/http/jboss 2014-08-18 18:19:37 +02:00
joev 5bfbb7654e
Add android meterpreter to browser autopwn. 2014-08-18 11:09:16 -05:00
Vincent Herbulot 2b59337e9a Jboss spec modifications.
Various changes in the jboss spec to match the newly refactored
methods in lib/msf/http/jboss.
2014-08-18 17:19:09 +02:00
William Vu c5c63f44e9
Land #3661, binary coding for libs 2014-08-17 18:01:19 -05:00
HD Moore 5e123e024d Add 'coding: binary' to all msf/rex library files
This fixes a huge number of hard-to-detect runtime bugs
that occur when a default utf-8 string from one of these
libraries is passed into a method expecting ascii-8bit
2014-08-17 17:31:53 -05:00
HD Moore d8e82b9394 Lands #3655, fixes pack operators
the commit.
he commit.
2014-08-17 17:25:52 -05:00
Brendan Coles b8b2e3edff Add HybridAuth install.php PHP Code Execution module 2014-08-16 23:31:46 +00:00
sinn3r e656a81c63
Land #3656 - FF toString console.time Privileged Javascript Injection 2014-08-15 17:07:23 -05:00
joev 6d958475d6
Oops, this doesn't work on 23, only 22. 2014-08-15 17:00:58 -05:00
joev fb1fe7cb8b
Add some obfuscation. 2014-08-15 16:54:30 -05:00