infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
30,950 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

9537 Commits (4dce589bbe32945d8e354636e7010407642fdf38)

Author SHA1 Message Date
Samuel Huckins ce688f4247
Land #4765, Rails4 compatible finder conversion 
* find_or_initialize_by_DYNAMIC
 2015-02-13 15:56:09 -06:00
Samuel Huckins 7b7a6340c0
Land #4766, fixes vuln import finder query 2015-02-13 14:29:04 -06:00
Christian Catalan dc6a365a13
Fix finder query in Msf::DBManager::Vuln 
MSP-12152

* This is part of updating finder queries to be Rails 4 compatibile
* In #find_vuln_by_details, pass in conditons hash crit rather than symbol :crit
 2015-02-13 13:21:25 -06:00
sinn3r 6b99103cec
Land #4690 - Update Nessus plugin to support the latest REST API 
Resolves #4447
 2015-02-13 12:46:01 -06:00
Sonny Gonzalez dc1eab377c
Rails 4 finder conversion: convert find_or_initialize_by_x_and_y 
MSP-12153

* convert to where(conditions).first_or_initialize
 2015-02-13 12:39:44 -06:00
sinn3r f5e0dddd3c Correct authentication 
Can't always be true
 2015-02-13 11:48:10 -06:00
jvazquez-r7 3ae3d56caa
Land #4745, fixes #4711, BrowserAutoPwn failing due to getpeername 2015-02-12 16:51:09 -06:00
William Vu 39c0065560
Land #4758, SMTPDeliver DATA header fix 2015-02-12 15:07:31 -06:00
Matt Buck f0bf881cc3
Land #4720, update Rails 3-style .find(:first) 
Eliminate the Rails 3-style .find(:first) calls, and replace with
Rails 4-compatible .first().

Fixes #4720, also see MSP-12012
 2015-02-12 14:30:13 -06:00
David Maloney 72878e0c14
fixes bug with smtp header order 
SMTP servers that support pipelining will not accept any
commands other than MAILFROM and RCPTTO before the DATA
command. We were sending Date and Subject before Data
which would cause some mailservers to suddenly drop
the connection refusing to send the mail.

MSP-12133
 2015-02-12 14:13:39 -06:00
sinn3r 50c72125a4 ::Errno::EINVAL, disable obfuscation, revoke ms14-064 2015-02-12 11:54:01 -06:00
root 199dca75a6 Implement db_import and finalize plugin 2015-02-12 13:32:49 +05:00
Sonny Gonzalez 7c57b9fb57
Fix Master - Pro build 
MSP-12138

* revert to previous Rails 3 syntax.
 2015-02-11 12:02:34 -06:00
root 64b69d597a Add report_download and db_scan APIs 2015-02-11 14:11:10 +05:00
sinn3r 22811257db Fix #4711 - Errno::EINVA (getpeername(2)) BrowserAutoPwn Fix 
This patch fixes #4711.

The problem here is that the browser sometimes will shutdown some of our
exploit's connections (in my testing, all Java), and that will cause Ruby
to call a rb_sys_fail with "getpeername(2)". The error goes all the
way to Rex::IO::StreamServer's monitor_listener method, which triggers a
"break" to quit monitoring. And then this causes another chain of reactions
that eventually forces BrowserAutoPwn to quit completely (while the
JavaScript on the browser is still running)
 2015-02-10 18:28:02 -06:00
root e5fd9e70eb clean plugin/nessus.rb implement additional APIs 2015-02-10 12:40:20 +05:00
Tod Beardsley 0a42ac947a
Land #4737, fix Socket Context usages 2015-02-09 17:34:03 -06:00
Matt Buck 9a445e2027
Land #4707, updates to finder syntax 
Updates some Rails 3 style ActiveRecord calls to use the Rails 4 Arel
syntax, in preparation for our move to Rails 4.

Fixes #4707, also see MSP-12018
 2015-02-09 16:01:38 -06:00
Spencer McIntyre 2a3855c5af Skip the psh prepend sleep time error when it is 0 2015-02-09 14:20:04 -05:00
Meatballs 133ae4cd04
Land #4679, Windows Post Gather File from raw NTFS. 2015-02-08 18:50:50 +00:00
Bazin Danil 8cefe637df bug with testing Win2k8 correction 2015-02-08 17:28:33 +01:00
HD Moore 8d982e3286 Pass the framework/module down into LoginScanner 2015-02-07 11:50:30 -06:00
HD Moore 985641dbc4 Add missing Context, fixes #4723 2015-02-07 11:27:57 -06:00
Meatballs 358ab2590e
Small tidyup 2015-02-07 11:35:47 +00:00
sinn3r c20a81217c More work for nessus-xmlrpc.rb 2015-02-07 00:09:02 -06:00
sinn3r e8ba0b7c31 Fix broken commands 2015-02-06 19:07:43 -06:00
Matt Buck 531743eff1
Land #4697, updates to finder syntax 
Updates some Rails 3 style ActiveRecord calls to use the Rails 4 Arel
syntax, in preparation for our move to Rails 4.

Fixes #4697, also see MSP-12016
 2015-02-06 15:41:11 -06:00
Sonny Gonzalez 1051f0fb82
Rails 4 finder conversion 
MSP-12012

* convert find(:first, options) by mapping options
  to methods
 2015-02-06 10:15:50 -06:00
Sonny Gonzalez 9a53859a77
Rails 4 finder conversion 
MSP-12012

* covert find(:first) to first
 2015-02-06 10:13:14 -06:00
Spencer McIntyre 4e0a62cb3a
Land #4664, MS14-070 Server 2003 tcpip.sys priv esc 2015-02-05 18:49:15 -05:00
Bazin Danil 970c5d115a spellcheck 2015-02-05 22:08:39 +01:00
Spencer McIntyre 5a39ba32f6 Make the ret instruction for token stealing optional 2015-02-05 14:00:38 -05:00
root 2744db4d11 Add nessus_scan_export and nessus_scan_export_status methods 2015-02-05 22:18:22 +05:00
sinn3r 434bca0b27
Land #4613, auxiliary/server/capture/smb credential creation 2015-02-04 22:45:36 -06:00
sinn3r df22ed2132
Land #4702, Fix bug in Firefox XPCOM payload on Linux 2015-02-03 21:36:01 -06:00
jvazquez-r7 c0e1440572
Land #4685, @FireFart's module for Wordpress Platform Theme RCE 2015-02-03 17:35:59 -06:00
Christian Catalan 3deac54d3f
Convert find_or_initialize_by_X to Rails 4 compatible. 
MSP-12018
 2015-02-03 16:09:49 -06:00
HD Moore ffe0e52cb6 The iax2 stack now works properly with asterisk 1.8 
Note that the requirecalltoken=no setting is still required in the asterisk configuration at this point.
 2015-02-02 22:29:13 -06:00
HD Moore 0ba34422d5 Pass the debugging option for IAX2 Client 2015-02-02 21:08:16 -06:00
joev ee1af83cc8 Go ahead and trim whitespace on all commands coming in. 2015-02-02 16:56:22 -06:00
Christian Catalan 797b5d0d55 Convert #find_or_create_by_x to #where().first_or_create 
MSP-12016
 2015-02-02 12:22:26 -06:00
Trevor Rosen dda87667c9
Land #4688, fix for pcap magic number on 2.x 2015-02-02 11:00:13 -06:00
root 23af5f8c82 Nessus plugin for REST API 2015-02-01 13:54:35 +05:00
William Vu 7f0af0211d
Land #4682, exploit/http/server.rb breakup 2015-02-01 01:44:43 -06:00
Christian Catalan 7d1090baca Convert #find(:all) to #where or #all 2015-02-01 00:31:58 -06:00
Brandon Turner ad374c2e4f
Use ASCII-8BIT for comparing pcap magic number 
In Ruby 2, source files are read as UTF-8 by default.  When comparing
PCAP headers, we should use ASCII-8BIT or else the comparison will not
work.  This should be backwards compatible with Ruby 1.9.

MSP-12092
 2015-01-31 23:57:49 -06:00
Christian Catalan 8740fd9015 Convert #find_all_by_X to #where 2015-01-31 21:07:50 -06:00
Christian Mehlmauer 2c956c0a0f
add wordpress platform theme rce 2015-01-31 22:02:44 +01:00
Bazin Danil fbb85c0391 using string concatenation for performence 2015-01-31 05:13:44 +01:00
Bazin Danil d9c64397fd shorter the line, using more variables 2015-01-31 04:32:32 +01:00