8c1d7d936b
Revert "Fix conflcit lib/msf/util/exe.rb"
...
This was causing build failures:
https://travis-ci.org/rapid7/metasploit-framework/builds/13816889
It looks like there were a whole bunch of changes that weren't intended.
This reverts commit 3996557ec662102dd1f9
2013-11-11 13:48:39 -06:00
3996557ec6
Fix conflcit lib/msf/util/exe.rb
...
Conflicts:
lib/msf/util/exe.rb
2013-11-11 11:43:09 -06:00
62102dd1f9
Land #2544 - Vbs minimize
2013-11-11 11:14:56 -06:00
33f65dd611
Land #2577 - Use base64 to reduce psh-net payload size
2013-11-11 10:21:20 -06:00
36f96d343e
Revert "Revert "Land #2505" to resolve new rspec fails"
...
This reverts commit e7d3206dc9
2013-11-05 13:45:00 -06:00
f5d1d8eace
chmod -x .rb files without #! in modules and lib
...
It wasn't just cmdstager_printf.rb. :/
2013-10-30 19:51:25 -05:00
3e1ae4c9b3
Land #2504 , @todb-r7's edit command for msfconsole
2013-10-30 15:38:07 -05:00
900ccc7ec9
VISUAL is okay. Also doesn't need to be a path.
...
I don't believe this opens an untoward attack vector -- if your attacker
can run Metasploit locally, you have much bigger problems.
2013-10-30 15:34:23 -05:00
333a0d5820
chmod -x cmdstager_printf.rb
2013-10-28 18:47:14 -05:00
4bf041ec46
Use Rails, not Ruby, time formats.
...
Since MSF now equires ActiveSupport, may as well reference it correctly.
2013-10-25 11:52:54 -05:00
b781e58a67
Unformat the prompt and promptchar
2013-10-25 11:40:28 -05:00
0084f32ca2
Print default values when unset options
2013-10-25 11:21:42 -05:00
e18dd3ec0b
Use base64 to reduce size
2013-10-25 01:19:43 +01:00
6f605fb009
Typo
2013-10-24 16:33:26 +02:00
b5f26455a3
Land #2545 , javascript library overhaul
2013-10-23 16:12:49 -05:00
caf41f34bf
Land #2562 - Fix RM 8510 (FileDropper)
2013-10-22 21:45:33 -05:00
acc73dd545
Land #2282 - BypassUAC now checks if the process is LowIntegrityLevel
2013-10-22 17:16:26 -05:00
7d1dc3746f
Use the @schierlm's command
2013-10-22 16:19:49 -05:00
dc0d9ae21d
Land #2560 , ZDI references
...
[FixRM #8513 ]
2013-10-22 15:58:21 -05:00
8611a2a24c
Merge remote-tracking branch 'upstream/master' into low_integ_bypassuac
2013-10-22 21:42:36 +01:00
ba1edc6fa8
Land #2402 - Windows Management Instrumentation Local -> Peers
2013-10-22 15:39:32 -05:00
4ad9bc5efe
Try to [FixRM #8510 ]
2013-10-22 08:42:14 -05:00
afcce8a511
Merge osdetect and addonsdetect
2013-10-22 01:11:11 -05:00
99d5da1f03
We can simplify this
2013-10-21 20:22:45 -05:00
9a3e719233
Rework the naming style
2013-10-21 20:16:37 -05:00
9258d79978
Add ZDI references to reference.rb
2013-10-21 15:13:46 -05:00
032da9be10
Land #2426 - make use of Msf::Config.data_directory
2013-10-21 13:07:33 -05:00
e7d3206dc9
Revert "Land #2505" to resolve new rspec fails
...
This reverts commit 717dfefead6430fa3354
2013-10-21 12:47:57 -05:00
717dfefead
Land #2505 , missing source fix for sock_sendpage
2013-10-21 11:47:55 -05:00
58a82f0518
Update exe.rb
...
Rename values
2013-10-21 13:50:07 +01:00
8a94df7dcd
Change category name for base64
2013-10-18 21:20:16 -05:00
ffcb86eba2
Land #2541 , Outpost24 importer
...
Sample data is currently secret. If we get a hold of non-secret sample
data, it'll be tacked on to the Redmine bug referenced below.
[FixRM #8384 ]
2013-10-18 13:21:58 -05:00
2ef89eaf35
Randomize exe name
2013-10-18 19:01:28 +01:00
56aa9ab01c
Reduce size
2013-10-18 18:59:30 +01:00
4e4d0488ae
Rubyfy constants in privs lib
2013-10-18 18:26:07 +01:00
6f04a5d4d7
Cache Javascript
2013-10-18 12:23:58 -05:00
b0d614bc6a
Cleaning up requires
2013-10-18 01:47:27 -05:00
e450e34c7e
Merge branch 'master' of github.com:rapid7/metasploit-framework into low_integ_bypassuac
...
Conflicts:
modules/exploits/windows/local/bypassuac.rb
2013-10-17 23:35:36 +01:00
5a662defac
Post::Privs uses Post::Registry methods
2013-10-17 23:28:07 +01:00
c926fa710b
Move all exploitation-related JavaScript to their new home
2013-10-17 16:43:29 -05:00
72a052942f
Methodize the editor variable as local_editor
2013-10-17 14:11:20 -05:00
4c91f2e0f5
Add detection code MS Office
...
Add detection code for MS Office XP, 2003, 2007, 2010, and 2012.
[SeeRM #8413 ]
2013-10-15 16:27:23 -05:00
38965f91ee
Add Outpost24 importer code to core/db.rb
2013-10-15 15:32:28 -05:00
35dd94f0ac
Land #2518 , uninitialized JavascriptOSDetect fix
2013-10-14 13:32:04 -05:00
e10dbf8a5d
Land #2508 - Add nodejs payloads
2013-10-14 12:23:31 -05:00
da3081e1c8
[FixRM 8482] Fix uninit constant Rex::Exploitation::JavascriptOSDetect
...
This fixes an uninit constant Rex::Exploitation::JavascriptOSDetect
while using a module with js_os_detect. It was originally reported
by Metasploit user @viniciuskmax
[FixRM 8482]
2013-10-14 11:40:46 -05:00
c7bcc97dff
Add SSL support to #nodejs_reverse_tcp.
2013-10-12 03:32:52 -05:00
6440a26f04
Move shared Node.js payload logic to mixin.
...
- this fixes the recursive loading issue when creating a payload
inside the cmd payload
- also dries up some of the node cmd invocation logic.
2013-10-12 03:19:06 -05:00
423b490168
Use Rex::Compat.getenv instead
...
Also, this would deprecate out the editor plugin.
2013-10-11 10:42:13 -05:00
a7025fca3d
msfconsole 'edit' command
...
Useful for quick editing a module during development / bug fixing. I
don't really see a security issue with running a command defined in the
user's VISUAL or EDITOR environment variables; if the user can run
msfconsole to begin with, there are better ways to get into trouble.
2013-10-10 23:00:25 -05:00
Tod Beardsley
sinn3r
James Lee
William Vu
jvazquez-r7
Meatballs
ethicalhack3r
Meatballs1
joev