Commit Graph

32088 Commits (48484c1f09015d3f6dec919402e14375028dfe06)

Author SHA1 Message Date
C-P 48484c1f09 Filed vs Failed fix 2015-03-27 11:27:36 -07:00
Brent Cook e0568e95c2
Land #4978 @zerosteiner adds reverse https for python meterpreter 2015-03-26 19:16:46 -05:00
Brent Cook 5ac1ee1d73 fix http/s handler reference counting for pymet
add a persistent session counter to avoid stopping listening when pymet stages over http/s
2015-03-26 18:26:56 -05:00
sinn3r 955c0557e0
Land #4988, Relative URL for ms14_064_ole_code_execution 2015-03-26 13:36:37 -05:00
Spencer McIntyre 10e8cefd6d Pymet dont validate ssl certs for 2.7.9/3.4.3 2015-03-25 19:49:42 -04:00
sinn3r 68cb766681
Land #5007, Ruby 1.9+ syntax 2015-03-25 16:11:53 -05:00
sinn3r 8f03cadb92 Forgot to remove print_debug 2015-03-25 16:08:47 -05:00
William Vu 632879ceb6
Land #5001, wp_easycart_privilege_escalation CVE 2015-03-25 13:54:44 -05:00
jvazquez-r7 d84c48cb7d
Use newer hash syntax 2015-03-25 13:39:34 -05:00
jvazquez-r7 72a0909e9b
Land #4992, @wchen-r7's support for multiple ActiveX controls on BrowserExploitServerMerge 2015-03-25 13:30:36 -05:00
David Maloney 6546d30505
Land #5004, Http Login Refactor
Land Wei's PR to refactor the http login scanner
moving the send request code into it's own method
2015-03-25 12:59:03 -05:00
sinn3r 6e3e696262 Use symantec_web_gateway as an example of using send_request 2015-03-25 10:55:46 -05:00
sinn3r 60f1d9c961 More yard doc 2015-03-25 10:50:11 -05:00
sinn3r 9b9e157e84 More yard doc 2015-03-25 02:26:06 -05:00
sinn3r ded500a9ae Use send_request 2015-03-25 02:13:40 -05:00
sinn3r 6984e5234e Fix a typo 2015-03-25 02:01:25 -05:00
sinn3r 8a8d6fb5ab Some more changes 2015-03-25 02:00:23 -05:00
sinn3r 855cadc6b1 Rescue more exceptions
The attempt_login method is rescuing these exceptions, so maybe
I should do the same.
2015-03-25 01:48:37 -05:00
sinn3r 111e3fcb88 Add rspec for #send_request 2015-03-25 01:45:03 -05:00
sinn3r 8f95624bf7 Add #send_request to Metasploit::Framework::LoginScanner::HTTP 2015-03-25 01:40:02 -05:00
rastating 7a0fe05803 Add CVE-ID to module references 2015-03-24 22:30:43 +00:00
William Vu 376bf13f1e
Land #5000, tools/dev/add_pr_fetch.rb 2015-03-24 17:10:49 -05:00
William Vu aa1a3580b8 chmod +x tools/dev/set_binary_encoding.rb
Missed in #4875.
2015-03-24 17:10:31 -05:00
William Vu d3773aed55 Rename add-pr-remote.rb to add_pr_fetch.rb 2015-03-24 17:05:43 -05:00
Christian Mehlmauer 7bf00f8f47
Land #4789, @rastating WPLMS wordpress module 2015-03-24 20:46:38 +01:00
William Vu 6d85b5fd1e
Land #4998, non-loopback LHOST tab completion 2015-03-24 14:00:01 -05:00
William Vu 660f3dac2b
Land #4997, smb_version SMBDirect option fix 2015-03-24 13:46:09 -05:00
James Lee 65c00dffac
Tab complete non-loopback interfaces' addresses 2015-03-24 12:10:58 -05:00
sinn3r 58c5be0d72 Allow SMBDirect to be optional
The smb_version module needs to deregister the SMBDirect option,
but cannot do this because SMBDirect is a required option. By
having it as optional, the user no longer needs to set it. Also,
since SMBDirect already has a default value, having it as optional
should not change the mixin's default behavior.
2015-03-24 12:04:44 -05:00
William Vu f5947e8ef5
Land #4996, @todb-r7's grammaring harder 2015-03-24 11:15:17 -05:00
Tod Beardsley 49a6057f74
Grammaring harder 2015-03-24 11:10:36 -05:00
William Vu bf70df6788
Land #4995, db_nmap arguments fix 2015-03-24 10:51:47 -05:00
Tod Beardsley 3dec83c1df
Utility for adding PR fetch refs 2015-03-24 10:20:34 -05:00
RageLtMan 548a710745 Replace db_nmap string concat with an Array
16eab48012 introduced changes to
cmd_db_nmap which pass a new arguments variable to Open3 with a
list of args excluding save.

This approach created a problem wherein the address of the target
had to be passed in first and arguments could get mangled.

Reintroduce an array format, exploding when passing to Open3.
Ensure output file options are appended to the arguments being
passed to Open3, instead of the args variable.

Error example:
db_nmap -F 192.168.0.1
[*] Nmap: 'nmap: unrecognized option '- 192.168.0.1 ''
2015-03-24 04:36:58 -04:00
William Vu 9fadc399a2
Land #4994, tools/missing-payload-tests.rb rename
To tools/missing_payload_tests.rb.
2015-03-24 01:00:29 -05:00
sinn3r bef67d773c Don't break untested_payloads.rb 2015-03-24 00:54:11 -05:00
William Vu 7c456f2ad8
Land #4993, ams_xfr "payload_exe" NameError fix 2015-03-24 00:51:49 -05:00
sinn3r 1910a6c6c5 Correct filename for missing-payload-tests.rb
missing-payload-tests.rb is not the correct file format we follow,
it should be missing_payload_tests.rb
2015-03-24 00:50:09 -05:00
sinn3r 8255e7a2dc Fix #4987 - undef payload_exe for ams_xfr
Fix #4987
2015-03-24 00:42:22 -05:00
William Vu 3dac6377d0
Fix #4983, bad copy pasta'd deprecation year 2015-03-24 00:34:54 -05:00
William Vu fadac30f00 Fix deprecated year 2015-03-24 00:34:38 -05:00
Christian Mehlmauer 6eedf6ac03
Land #4975, egghunter tool, Resolve #4944 2015-03-24 06:20:30 +01:00
Christian Mehlmauer 71c544c3c5
added newline at end of file 2015-03-24 06:19:27 +01:00
sinn3r 3c4da5c3ff Update BES rspec 2015-03-24 00:10:18 -05:00
William Vu 6353154865
Land #4983, renamed WordPress modules 2015-03-23 23:49:40 -05:00
William Vu e338b77389 Readd and deprecate renamed WordPress modules 2015-03-23 23:48:56 -05:00
sinn3r db243a8225 x360_video_player_set_text_bof actually uses SetText for ActiveX 2015-03-23 23:36:20 -05:00
HD Moore f6731f115f
Lands #4991, fixes a potential backcompat issue w/meterpreter 2015-03-23 20:00:35 -05:00
sinn3r 3248f02c2c These exploits use :activex, so I update the usage for them 2015-03-23 19:34:24 -05:00
OJ 25dcfc796a Better support old binaries in rev http(s)
* Patch 256char URL if the 512char one doesn't work.
* Return an empty list in the case where the ext enum fails.
2015-03-24 10:14:44 +10:00