4e3a188f75
Land #6401 , EasyCafe server file retrieval module
2016-03-16 13:24:54 -04:00
9ac4ec4bfc
Update the class name to MetasploitModule
2016-03-16 13:22:06 -04:00
53f1338ad0
Update module to remove references to print peer
2016-03-16 13:10:39 -04:00
adb275520b
Land #6680 , old SVN code deletion
2016-03-16 10:15:06 -05:00
0edc7fb2c5
whitespace fixes
2016-03-15 22:08:25 -05:00
c8ad1b6017
use the framework version in nessus plugin
2016-03-15 22:08:04 -05:00
5a72f2df16
remove subversion support
2016-03-15 22:00:32 -05:00
87074c0638
Land #6651 , add android sqlite_query option, update metasploit-payloads
2016-03-15 18:27:49 -05:00
257c8f4058
handle a sqlite table being empty
2016-03-15 18:26:38 -05:00
05f585157d
Land #6646 , add SSL SNI and unify SSLVersion opts
2016-03-15 16:35:22 -05:00
68274de4d3
Land #6675 , Add missing stream.raw for hp_sitescope_dns_tool
2016-03-15 11:30:54 -05:00
e29fc5987f
Add missing stream.raw for hp_sitescope_dns_tool
...
This adds the missing stream.raw.
2016-03-15 11:06:06 -05:00
a06236baa6
update to metasploit-payloads 1.1.3
2016-03-14 10:43:41 -05:00
cee0d279c5
Land #6673 , apache_karaf_command_execution move
2016-03-14 01:26:42 -05:00
38153d227c
Move apache_karaf_command_execution to the SSH directory
...
apache_karaf_command_execution does not gather data, therefore
it is not suitable to be in the gather directory.
2016-03-14 00:32:59 -05:00
c6d55dd78d
Land #6517 , search for Nessus plugin
2016-03-13 23:36:42 -05:00
17e3a67dd8
Fix #6612 , overlooked fixes for Fortinet backdoor
2016-03-13 23:35:19 -05:00
6323f7f872
Fix a couple overlooked issues
2016-03-13 23:35:05 -05:00
df0ff30468
Land #6642 , make ipv6_neighbor_router_advertisement discovery smarter
2016-03-13 16:53:11 -05:00
635e31961a
generate valid prefixes
2016-03-13 16:44:57 -05:00
d20731ca74
Land #6600 , add first pass at PR and Issue templates
2016-03-13 15:16:29 -05:00
cd84ac37d6
Land #6569 , check if USERNAME env var exists before using in enum_chrome post module
2016-03-13 15:12:51 -05:00
eb18b091ec
Land #6672 , check if there is a module before checking type in PAYLOAD set callback
2016-03-13 15:10:14 -05:00
42689df6b3
Fix a stack trace with ``set PAYLOAD`` in ``msf>`` context
2016-03-13 14:56:54 -05:00
a50b21238e
Land #6669 , remove debug code from apache_roller_ognl_injection that breaks Windows
2016-03-13 14:14:10 -05:00
b60ca0d481
Land #6671 , Enable loader warnings for modules using class Metasploit3/4
2016-03-13 14:10:05 -05:00
4f09246c78
reenable module loader warnings
2016-03-13 20:04:05 +01:00
558f810165
Land #6667 , add a dev script for finding Metasploit release notes for modules
2016-03-13 14:03:54 -05:00
23eeb76294
update php_utility_belt_rce to use MetasploitModule
2016-03-13 13:59:47 -05:00
a6316d326e
Land #6662 , update disclosure date for php_utility_belt_rce
2016-03-13 13:58:04 -05:00
c89e53d0a3
Land #6666 , fix filezilla_server display bug showing the session ID
2016-03-13 13:56:44 -05:00
dabe5c8465
Land #6655 , use MetasploitModule as module class name
2016-03-13 13:48:31 -05:00
da039e136a
update test modules to use MetasploitModule
2016-03-13 13:44:44 -05:00
eec950801e
Merge pull request #3 from zeroSteiner/pr/6401
...
Add get_file method and parse the server response
2016-03-13 18:28:31 +11:00
b22a057165
Fix #6554 , hardcoded File.open path in apache_roller_ognl_injection
...
The hardcoded File.open path was meant for debugging purposes during
development, but apparently we forgot to remove it. This line causes
the exploit to be unusable on Windows platform.
Fix #6554
2016-03-11 18:48:17 -06:00
e059f42094
Bump version of framework to 4.11.16
2016-03-11 14:17:28 -08:00
51cdb57d42
Fix #6569 , Add a check for USERNAME env var in enum_chrome post mod
...
Fix #6569
Depending on the context, the USERNAME environment variable might
not always be there.
2016-03-11 15:36:44 -06:00
66849302b5
Land #6665 , truncate nexpose vuln names > 255 characters
2016-03-11 14:01:55 -06:00
69de3adf7a
Fix a typo in the file name
2016-03-11 13:50:13 -06:00
1546bf32ed
Add a dev script to find Metasploit release notes
...
This script allows you to find the release notes of a:
* Pull request number for a bug fix, or a notable change.
* A module name (preferably just use the short name)
2016-03-11 13:44:38 -06:00
8217d55e25
Fix display issue when SESSION is -1
2016-03-11 11:37:22 -06:00
6f85c82dc0
Fix Nexpose import to truncate long vuln names
...
A warning is emitted since there is a potential for data loss, but since
we reference vulns by their ID, the data-integrity risk is small.
Initially triggered by some Nexpose data, this should probably be
properly fixed by removing the length bound on the field.
MS-1184
2016-03-11 11:02:55 -06:00
8953952a8f
correction for the DisclosureDate based on Exploit-DB
2016-03-11 14:05:26 +08:00
7009682100
Landing #6659 , Fix bug in MS08-067 related to incorrect service pack identification when fingerprinting
2016-03-10 14:29:29 -06:00
dfd51a7032
Merge branch 'master' into android_sqlite_read
2016-03-10 01:46:30 +00:00
f4e4bb803f
Merge pull request #6657 from dmaloney-r7/staging/rails-upgrade
...
Rails 4.0 Deprecation Warnings
2016-03-09 15:19:36 -06:00
8d22358892
Land #6624 , PHP Utility Belt exploit
2016-03-09 14:12:45 -06:00
52d12b68ae
Clean up module
2016-03-09 14:08:26 -06:00
15ba85bac2
fix missed deprecations
...
missed some deprecation warnings
2016-03-09 13:29:35 -06:00
179d38b914
Fix #6658 , MS08-067 unable to find the right target for W2k3SP0
...
Fix #6658 .
When there is no service pack, the
Msf::Exploit::Remote::SMB#smb_fingerprint_windows_sp method returns
an empty string. But in the MS08-067 exploit, instead of check an
empty string, it checks for "No Service Pack", which causes it to
never detect the right target for Windows Server 2003 SP0.
2016-03-09 11:05:34 -06:00
Spencer McIntyre
William Vu
Brent Cook
Adam Cammack
l0gan
wchen-r7
HD Moore
Christian Mehlmauer
Brendan Coles
Metasploit
James Lee
Jay Turla
James Barnett
Tim
bpatterson-r7
David Maloney