Commit Graph

27303 Commits (43171141da59f7b2a23f33b85fde2a7bf0a92f3d)

Author SHA1 Message Date
Josh Abraham 43171141da update for ntp modules 2014-09-19 11:14:11 -04:00
Josh Abraham c216cf8c53 added spoofing capabilities to udp_scanner 2014-09-19 10:29:05 -04:00
James Lee 1faa816a8a
Land #3818, Metasploit::Concern loading 2014-09-18 13:06:41 -05:00
Luke Imhoff 39d302a120
Update metasploit_data_models
MSP-11359

Include fix for loading from metasploit_data_models/lib.
2014-09-18 12:35:26 -05:00
Luke Imhoff 8d38735f4a
Update schema with detected_arch
MSP-11359
2014-09-18 12:35:09 -05:00
Luke Imhoff 44588cc014
Add detected_arch to expected hosts columns in spec
MSP-11359
2014-09-18 12:34:34 -05:00
Luke Imhoff 0f854ce5ed
Update to released metasploit-model
MSP-11359
2014-09-18 11:33:41 -05:00
Luke Imhoff 03cc69d902
Update gems
MSP-11359
2014-09-18 11:33:22 -05:00
Luke Imhoff 21d6e4afb3
Move metasploit-concern to gemspec
MSP-11359

The dependency on `metasploit-concern` should not have been in the db
group as `Metasploit::Concern.run` is called for
`Msf::Exploit:Remote::HttpServer`, which works without the db group
installed.  This is a fix for a bug from #3781.
2014-09-18 09:33:57 -05:00
Tod Beardsley 5dad73a28f
Explicitly require credential_collection
Otherwise, you run into a require ordering problem on some platforms.
This is not a great way to fix this -- but it's a fast way, and possibly
even a good way, since you're being explicit about what your module
requirements are.
2014-09-17 15:47:30 -05:00
Tod Beardsley b5c3c87790
Land #3812, discourage Meterpreter scripts 2014-09-17 15:32:15 -05:00
Tod Beardsley 4bbd107911
Land #3813, sponge left in patient 2014-09-17 15:28:54 -05:00
sinn3r 50fa5745bb Rm print_debug line
I forgot to remove this line while testing the module
2014-09-16 16:46:40 -05:00
sinn3r 5e076e0375 Text about not accepting changes to meterpreter scripts 2014-09-16 16:41:14 -05:00
sinn3r ffe0eca7fd
Land #3609 - Fix gettelnet 2014-09-16 16:27:46 -05:00
James Lee 3e42fcbbab
Land #3794, NDR encoding specs
MSP-11370 #land
2014-09-16 16:23:22 -05:00
sinn3r 07c14f5ee8
Land #3388 - Post mod to check Win32_QuickFixEngineering 2014-09-16 16:18:04 -05:00
sinn3r 36a3abe036 Add a reference 2014-09-16 16:17:22 -05:00
Joe Vennix a846d084ca
Lands #3806, @dmaloney-r7's fixes to SMB LoginScanner. 2014-09-16 15:35:53 -05:00
David Maloney 5ff4a55cd2
smb connection error not setting result properly
if the initial connection from the SMB LoginScanner fails
it wouldn't set the target information on the result. this could cause
smb_login to throw a stack trace when it calls invalidate_login
2014-09-16 15:24:14 -05:00
David Maloney e5aa5c4014
missing postgres rescues 2014-09-16 15:04:07 -05:00
sinn3r 169d04020d
Land #3571 - Add Wordpress XML-RPC Login Scanner (with LoginScanner) 2014-09-16 14:51:24 -05:00
sinn3r 4ed1fa55f5 Don't need this header 2014-09-16 14:50:32 -05:00
Samuel Huckins 70400803ee Merge branch 'master' of github.com:rapid7/metasploit-framework 2014-09-16 14:21:10 -05:00
William Vu 35b8c2be4b
Land #3800, release fixes 2014-09-16 14:05:23 -05:00
Samuel Huckins 4c3c8e5337
Land #3795, various LoginScanners shored up 2014-09-16 13:55:26 -05:00
sinn3r b028424152
Land #3752 - add "show missing" 2014-09-16 13:45:13 -05:00
David Maloney aeed66b694
missing mysql rescue 2014-09-16 13:41:03 -05:00
William Vu cf13597048
Land #3801, REMOTE_JS for Android UXSS
For BeEF integration, etc.
2014-09-16 13:38:40 -05:00
Joe Vennix 59dfa624c4
Add a REMOTE_JS datastore option for BeEf hooks etc. 2014-09-16 13:31:03 -05:00
David Maloney d708de07a3
return the lgoinscanner class name in an invalid exception
when a loginScanner throws an Invalid exception , the message
will now include the classname of the Scanner that threw it.
2014-09-16 13:24:08 -05:00
sinn3r 3e09283ce5
Land #3777 - Fix struts_code_exec_classloader on windows 2014-09-16 13:09:58 -05:00
sinn3r ceaf1d64d0
Land #3799 - Add CVE-2014-5519: phpwiki/ploticus RCE 2014-09-16 12:56:04 -05:00
sinn3r 158d4972d9 More references and pass msftidy 2014-09-16 12:54:27 -05:00
Tod Beardsley bd17c96a6e
Dropped a hyphen in the title 2014-09-16 12:47:44 -05:00
Vincent Herbulot 7a7b6cb443 Some refactoring
Use EDB instead of URL for Exploit-DB.
Remove peer variable as peer comes from HttpClient.
2014-09-16 17:49:45 +02:00
David Maloney 6decd3cbd2
fix exceptions thrown in telnet loginscanner too 2014-09-16 10:09:59 -05:00
us3r777 4c615ecf94 Module for CVE-2014-5519, phpwiki/ploticus RCE 2014-09-16 00:09:41 +02:00
David Maloney bf8f7221c7
rescue exceptions in check_setup 2014-09-15 13:52:17 -05:00
jvazquez-r7 3f5fdaebb4 Add specs for Rex::Encoder::NDR 2014-09-15 13:49:18 -05:00
jvazquez-r7 7d4c4c3658
Land #3699, @dmaloney-r7's ipboard login refactor 2014-09-15 08:29:42 -05:00
dmaloney-r7 8452ac1d37 Merge pull request #14 from jvazquez-r7/review_3699
Add specs for #attempt_login
2014-09-13 11:56:18 -05:00
HD Moore 6bd3675f03 Land #3680, add specs for Rex::MIME 2014-09-13 00:34:39 -05:00
HD Moore 6a2a85d2c4 Land #3789, adds specs for Rex::Proto::Http::Packet::Header
orts
2014-09-13 00:21:43 -05:00
jvazquez-r7 9e21cc8ad4 Add specs for invalid IPBoard application 2014-09-12 16:14:10 -05:00
jvazquez-r7 917a7ffa1e Add specs for valid IPBoard application 2014-09-12 16:08:03 -05:00
jvazquez-r7 83bf220a10
Land #3730, @TomSellers's post module for Remote Desktop Connection Manager 2014-09-12 15:38:33 -05:00
jvazquez-r7 5da6a450f1 fix find condition 2014-09-12 15:21:50 -05:00
jvazquez-r7 1749fc73c2 Change module filename 2014-09-12 15:05:33 -05:00
Cucumber b80519dc16
Lands #3779, specs
MSP-11343

Merge specs that I missed during last merge.
2014-09-12 14:49:26 -05:00