Samuel Huckins
ce688f4247
Land #4765 , Rails4 compatible finder conversion
...
* find_or_initialize_by_DYNAMIC
2015-02-13 15:56:09 -06:00
Samuel Huckins
7b7a6340c0
Land #4766 , fixes vuln import finder query
2015-02-13 14:29:04 -06:00
Christian Catalan
dc6a365a13
Fix finder query in Msf::DBManager::Vuln
...
MSP-12152
* This is part of updating finder queries to be Rails 4 compatibile
* In #find_vuln_by_details, pass in conditons hash crit rather than symbol :crit
2015-02-13 13:21:25 -06:00
sinn3r
6b99103cec
Land #4690 - Update Nessus plugin to support the latest REST API
...
Resolves #4447
2015-02-13 12:46:01 -06:00
Sonny Gonzalez
dc1eab377c
Rails 4 finder conversion: convert find_or_initialize_by_x_and_y
...
MSP-12153
* convert to where(conditions).first_or_initialize
2015-02-13 12:39:44 -06:00
sinn3r
f5e0dddd3c
Correct authentication
...
Can't always be true
2015-02-13 11:48:10 -06:00
jvazquez-r7
3ae3d56caa
Land #4745 , fixes #4711 , BrowserAutoPwn failing due to getpeername
2015-02-12 16:51:09 -06:00
William Vu
39c0065560
Land #4758 , SMTPDeliver DATA header fix
2015-02-12 15:07:31 -06:00
Matt Buck
f0bf881cc3
Land #4720 , update Rails 3-style .find(:first)
...
Eliminate the Rails 3-style .find(:first) calls, and replace with
Rails 4-compatible .first().
Fixes #4720 , also see MSP-12012
2015-02-12 14:30:13 -06:00
David Maloney
72878e0c14
fixes bug with smtp header order
...
SMTP servers that support pipelining will not accept any
commands other than MAILFROM and RCPTTO before the DATA
command. We were sending Date and Subject before Data
which would cause some mailservers to suddenly drop
the connection refusing to send the mail.
MSP-12133
2015-02-12 14:13:39 -06:00
sinn3r
50c72125a4
::Errno::EINVAL, disable obfuscation, revoke ms14-064
2015-02-12 11:54:01 -06:00
root
199dca75a6
Implement db_import and finalize plugin
2015-02-12 13:32:49 +05:00
Sonny Gonzalez
7c57b9fb57
Fix Master - Pro build
...
MSP-12138
* revert to previous Rails 3 syntax.
2015-02-11 12:02:34 -06:00
root
64b69d597a
Add report_download and db_scan APIs
2015-02-11 14:11:10 +05:00
sinn3r
22811257db
Fix #4711 - Errno::EINVA (getpeername(2)) BrowserAutoPwn Fix
...
This patch fixes #4711 .
The problem here is that the browser sometimes will shutdown some of our
exploit's connections (in my testing, all Java), and that will cause Ruby
to call a rb_sys_fail with "getpeername(2)". The error goes all the
way to Rex::IO::StreamServer's monitor_listener method, which triggers a
"break" to quit monitoring. And then this causes another chain of reactions
that eventually forces BrowserAutoPwn to quit completely (while the
JavaScript on the browser is still running)
2015-02-10 18:28:02 -06:00
root
e5fd9e70eb
clean plugin/nessus.rb implement additional APIs
2015-02-10 12:40:20 +05:00
Tod Beardsley
0a42ac947a
Land #4737 , fix Socket Context usages
2015-02-09 17:34:03 -06:00
Matt Buck
9a445e2027
Land #4707 , updates to finder syntax
...
Updates some Rails 3 style ActiveRecord calls to use the Rails 4 Arel
syntax, in preparation for our move to Rails 4.
Fixes #4707 , also see MSP-12018
2015-02-09 16:01:38 -06:00
Spencer McIntyre
2a3855c5af
Skip the psh prepend sleep time error when it is 0
2015-02-09 14:20:04 -05:00
Meatballs
133ae4cd04
Land #4679 , Windows Post Gather File from raw NTFS.
2015-02-08 18:50:50 +00:00
Bazin Danil
8cefe637df
bug with testing Win2k8 correction
2015-02-08 17:28:33 +01:00
HD Moore
8d982e3286
Pass the framework/module down into LoginScanner
2015-02-07 11:50:30 -06:00
HD Moore
985641dbc4
Add missing Context, fixes #4723
2015-02-07 11:27:57 -06:00
Meatballs
358ab2590e
Small tidyup
2015-02-07 11:35:47 +00:00
sinn3r
c20a81217c
More work for nessus-xmlrpc.rb
2015-02-07 00:09:02 -06:00
sinn3r
e8ba0b7c31
Fix broken commands
2015-02-06 19:07:43 -06:00
Matt Buck
531743eff1
Land #4697 , updates to finder syntax
...
Updates some Rails 3 style ActiveRecord calls to use the Rails 4 Arel
syntax, in preparation for our move to Rails 4.
Fixes #4697 , also see MSP-12016
2015-02-06 15:41:11 -06:00
Sonny Gonzalez
1051f0fb82
Rails 4 finder conversion
...
MSP-12012
* convert find(:first, options) by mapping options
to methods
2015-02-06 10:15:50 -06:00
Sonny Gonzalez
9a53859a77
Rails 4 finder conversion
...
MSP-12012
* covert find(:first) to first
2015-02-06 10:13:14 -06:00
Spencer McIntyre
4e0a62cb3a
Land #4664 , MS14-070 Server 2003 tcpip.sys priv esc
2015-02-05 18:49:15 -05:00
Bazin Danil
970c5d115a
spellcheck
2015-02-05 22:08:39 +01:00
Spencer McIntyre
5a39ba32f6
Make the ret instruction for token stealing optional
2015-02-05 14:00:38 -05:00
root
2744db4d11
Add nessus_scan_export and nessus_scan_export_status methods
2015-02-05 22:18:22 +05:00
sinn3r
434bca0b27
Land #4613 , auxiliary/server/capture/smb credential creation
2015-02-04 22:45:36 -06:00
sinn3r
df22ed2132
Land #4702 , Fix bug in Firefox XPCOM payload on Linux
2015-02-03 21:36:01 -06:00
jvazquez-r7
c0e1440572
Land #4685 , @FireFart's module for Wordpress Platform Theme RCE
2015-02-03 17:35:59 -06:00
Christian Catalan
3deac54d3f
Convert find_or_initialize_by_X to Rails 4 compatible.
...
MSP-12018
2015-02-03 16:09:49 -06:00
HD Moore
ffe0e52cb6
The iax2 stack now works properly with asterisk 1.8
...
Note that the requirecalltoken=no setting is still required in the asterisk configuration at this point.
2015-02-02 22:29:13 -06:00
HD Moore
0ba34422d5
Pass the debugging option for IAX2 Client
2015-02-02 21:08:16 -06:00
joev
ee1af83cc8
Go ahead and trim whitespace on all commands coming in.
2015-02-02 16:56:22 -06:00
Christian Catalan
797b5d0d55
Convert #find_or_create_by_x to #where().first_or_create
...
MSP-12016
2015-02-02 12:22:26 -06:00
Trevor Rosen
dda87667c9
Land #4688 , fix for pcap magic number on 2.x
2015-02-02 11:00:13 -06:00
root
23af5f8c82
Nessus plugin for REST API
2015-02-01 13:54:35 +05:00
William Vu
7f0af0211d
Land #4682 , exploit/http/server.rb breakup
2015-02-01 01:44:43 -06:00
Christian Catalan
7d1090baca
Convert #find(:all) to #where or #all
2015-02-01 00:31:58 -06:00
Brandon Turner
ad374c2e4f
Use ASCII-8BIT for comparing pcap magic number
...
In Ruby 2, source files are read as UTF-8 by default. When comparing
PCAP headers, we should use ASCII-8BIT or else the comparison will not
work. This should be backwards compatible with Ruby 1.9.
MSP-12092
2015-01-31 23:57:49 -06:00
Christian Catalan
8740fd9015
Convert #find_all_by_X to #where
2015-01-31 21:07:50 -06:00
Christian Mehlmauer
2c956c0a0f
add wordpress platform theme rce
2015-01-31 22:02:44 +01:00
Bazin Danil
fbb85c0391
using string concatenation for performence
2015-01-31 05:13:44 +01:00
Bazin Danil
d9c64397fd
shorter the line, using more variables
2015-01-31 04:32:32 +01:00