Commit Graph

27802 Commits (4c2ae1a7539afee75b455d5a86f8637320ed9bca)

Author SHA1 Message Date
jvazquez-r7 3305b1e9c3
Land #3984, @nullbind's MSSQL privilege escalation module 2014-10-09 11:39:15 -05:00
jvazquez-r7 10b160bedd Do final cleanup 2014-10-09 11:38:45 -05:00
jvazquez-r7 bbe435f5c9 Don't rescue everything 2014-10-09 11:25:13 -05:00
jvazquez-r7 0cd7454a64 Use default value for doprint 2014-10-09 11:04:42 -05:00
jvazquez-r7 db6f6d4559 Reduce code complexity 2014-10-09 10:59:14 -05:00
jvazquez-r7 615b8e5f4a Make easy method comments 2014-10-09 10:48:00 -05:00
jvazquez-r7 dd03e5fd7d Make just one connection 2014-10-09 10:46:51 -05:00
jvazquez-r7 ccf677aad6
land #3978, Fixes #3973, Wrong datastore option URI in glassfish_login 2014-10-09 09:53:01 -05:00
jvazquez-r7 392b3bcf2f
Land #3977, @FireFart's WPVDB reference for php_wordpress_infusionsoft module 2014-10-09 00:32:27 -05:00
sinn3r df0d4f9fb2 Fix #3973 - Unneeded datastore option URI
When Glassfish is installed, the web root is always /, so there is
no point to make this arbitrary.
2014-10-09 00:06:15 -05:00
Christian Mehlmauer 1584c4781c Add reference 2014-10-09 06:58:15 +02:00
nullbind 168f1e559c fixed status 2014-10-08 21:19:50 -05:00
nullbind 3ebcaa16a1 removed scanner 2014-10-08 21:18:56 -05:00
nstarke 328be3cf34 Fine Tuning Jenkins Login Module
At the request of the maintainers, I have deregistered the
RHOST option and made the failure proof a verbose only
print.
2014-10-08 17:53:21 -05:00
jvazquez-r7 4f96d88a2f
Land #3949, @us3r777's exploit for CVE-2014-6446, wordpress infusionsoft plugin php upload 2014-10-08 16:35:49 -05:00
jvazquez-r7 66a8e7481b Fix description 2014-10-08 16:35:14 -05:00
jvazquez-r7 8ba8402be3 Update timeout 2014-10-08 16:32:05 -05:00
jvazquez-r7 bbf180997a Do minor cleanup 2014-10-08 16:29:11 -05:00
Joe Vennix aa18eb54d3
Land #3920, @agix's removal of dead encode code from msfpayload.
Was originally supposed to add support for encoders, but
this was never a supported feature of msfpayload.
2014-10-08 15:03:28 -05:00
William Vu f86c0c2bb5
Land #3970, rm jtr_unshadow 2014-10-08 14:55:15 -05:00
William Vu 1d766ba95b
Rename dump_auxiliary_action{,s}
To dump_module_action{,s} to accommodate post modules, etc.
2014-10-08 14:49:14 -05:00
jvazquez-r7 f30309fe81
Land #3919, @wchen-r7's Fixes #3914, Inconsistent unicode names 2014-10-08 14:46:14 -05:00
William Vu f6a9cfcc52
Break away the elsif into a separate if
In case exploits support actions for some crazy reason in the future.
2014-10-08 14:30:41 -05:00
William Vu b2ba6e7ae1
Make the code more maintainable
Despite the code around it.

Thanks for the advice, @jlee-r7!
2014-10-08 14:14:28 -05:00
jvazquez-r7 dbc199ad77 space after commas 2014-10-08 13:56:59 -05:00
William Vu c0ef2c7938
Support post modules
I kinda hate this code.

TODO: Get rid of and/or and the extra parens.
2014-10-08 13:23:50 -05:00
Jay Smith 7dd6a4d0d9
Merge in changes from @todb-r7. 2014-10-08 13:25:44 -04:00
jvazquez-r7 411f6c8b2d
Land #3793, @mfadzilr's exploit for CVE-2014-6287, HFS remote code execution 2014-10-08 12:16:09 -05:00
jvazquez-r7 98b69e095c Use %TEMP% and update ranking 2014-10-08 12:12:00 -05:00
jvazquez-r7 d90fe4f724 Improve check method 2014-10-08 12:03:16 -05:00
jvazquez-r7 25344aeb6a Change filename 2014-10-08 11:55:33 -05:00
jvazquez-r7 909f88680b Make exploit aggressive 2014-10-08 11:08:01 -05:00
jvazquez-r7 d02f0dc4b9 Make minor cleanup 2014-10-08 10:36:56 -05:00
jvazquez-r7 d913bf1c35 Fix metadata 2014-10-08 10:29:59 -05:00
Tod Beardsley a901916b0b
Remove nonfunctional jtr_unshadow
This module hasn't been doing anything but print_error a go away message
since June, so may as well get rid of it.
2014-10-08 10:23:29 -05:00
William Vu 71e883569f
Land #3969, rm hashrockets from refs 2014-10-08 10:07:35 -05:00
Brendan Coles e0016d4af3 Remove hash rocket from refs array #3766
[SeeRM #8776]
2014-10-08 09:16:38 +00:00
Brendan Coles 3c7be9c4c5 Remove hash rockets from references #3766
[SeeRM #8776]
2014-10-08 09:01:19 +00:00
sinn3r c5494e037d
Land #3900 - Add F5 iControl Remote Root Command Execution 2014-10-08 00:30:07 -05:00
William Vu a8b5bf4625
Show selected auxiliary action 2014-10-07 14:34:41 -05:00
nstarke eed0958de5 Fixing Comment
Comment was incorrect and needed to be fixed.
2014-10-07 11:28:40 -05:00
William Vu 056ee4f207
Land #3958, kill command for pyterp 2014-10-07 10:58:37 -05:00
Spencer McIntyre 766a69e310 Add sys_process_kill to the python meterpreter 2014-10-07 10:10:22 -04:00
nullbind 031fb19153 requested updates 2014-10-06 23:52:30 -05:00
William Vu 3e92892c8b
Land #3954, file:// for the check command 2014-10-06 22:05:51 -05:00
William Vu 399a61d52e
Land #3946, ntp_readvar updates 2014-10-06 21:57:57 -05:00
nstarke e1b0ba5d3d Removing 'require pry'
I accidentally left a reference to pry in my code.
Removing
2014-10-06 21:40:39 -05:00
nstarke b8c2643d56 Converting Module to LoginScanner w/ Specs
The previous commits for this Jenkins CI module relied on an
obsolete pattern.  Consequently, it was necessary to write
this module as a LoginScanner and incorporate the appropriate
specs so that the tests will run properly.
2014-10-06 21:14:10 -05:00
Spencer McIntyre 6ea5d20b11
Land #3955, fix NoMethodError for wordpress_login_enum 2014-10-06 17:22:29 -04:00
sinn3r d3354d01f0 Fix #3808 - NoMethodError undefined method `map'
NoMethodError undefined method `map' due to an incorrect use of
load_password_vars
2014-10-06 15:42:51 -05:00