cx
1b5e40ff78
New Creds model added
2014-09-08 11:42:05 +03:00
William Vu
5c1d95812c
Add verify_checksum and use it
...
Also fixed a YARD typo.
2014-09-08 02:19:21 -05:00
Joe Vennix
27889ea411
Add a safety fallback on js load.
2014-09-08 00:46:47 -05:00
Joe Vennix
8407d45c9c
Rework the timers.
2014-09-08 00:40:00 -05:00
Joe Vennix
5c9c8edfcf
Fix refs.
2014-09-07 23:33:45 -05:00
Joe Vennix
5efaf7d4cf
rename module, handle asyncness.
2014-09-07 23:25:08 -05:00
jvazquez-r7
10bb77af9f
Land #3716 , @wchen-r7's Glassfish LoginScanner update
2014-09-07 21:54:34 -05:00
jvazquez-r7
6cdfd322f2
change should to expect
2014-09-07 21:35:33 -05:00
jvazquez-r7
e6f7b35d0d
Use context to describe #attempt_login
2014-09-07 21:26:01 -05:00
jvazquez-r7
f266ca99f5
Use allow_any_instance_of as with rspec 3
2014-09-07 21:18:22 -05:00
jvazquez-r7
768b50974f
Redo try_glassfish_3 specs
2014-09-07 21:04:43 -05:00
jvazquez-r7
07238ef7b3
Redo try_glassfish_2 specs
2014-09-07 20:47:54 -05:00
Joe Vennix
1bf89fb6bd
Add Android <= 4.3 AOSP UXSS module.
2014-09-07 20:44:03 -05:00
jvazquez-r7
9a42e7635a
Use expect instead of should on try_login
2014-09-07 20:01:44 -05:00
jvazquez-r7
06207afb12
Use expect instead of should
2014-09-07 19:37:24 -05:00
jvazquez-r7
424d1ec47f
Add example to describe how send_request handles a JSESSIONID cookie
2014-09-07 19:33:56 -05:00
jvazquez-r7
28aa7429ed
Land #3751 , @wchen-r7's [FixRM #8836 ] Use windows\\win.ini vs boot.ini
2014-09-07 01:47:10 -05:00
jvazquez-r7
c86d01a667
Fix win.ini signature
2014-09-07 01:46:38 -05:00
William Vu
422d6bd2e4
Land #3758 , nil deref fix for iax2/call.rb
2014-09-06 16:08:32 -05:00
HD Moore
af24e30ae9
Return instead of crashing if no challenge is received
2014-09-06 15:51:50 -05:00
sinn3r
ff6cce8bd1
3rd person
2014-09-06 01:56:39 -05:00
sinn3r
6df7658267
Very small change to the doc
2014-09-06 01:54:52 -05:00
sinn3r
419b2136b1
remove the "instance methods" context
2014-09-06 01:42:48 -05:00
sinn3r
c8ccb5e848
In 3rd person
2014-09-06 01:39:32 -05:00
sinn3r
febf70fed1
Merge pull request #21 from jvazquez-r7/review_3716
...
Clean YARD documentation
2014-09-06 01:22:58 -05:00
sinn3r
44b9dc9b28
Update tmlisten_traversal
2014-09-06 01:18:11 -05:00
jvazquez-r7
78cf75c4d5
Clean YARD documentation
2014-09-06 00:24:39 -05:00
William Vu
7d942be715
Land #3755 , WVE and BPS reference removal
2014-09-05 19:56:40 -05:00
sinn3r
0d56a8ee14
Merge pull request #20 from wvu-r7/pr/3755
...
Remove WVE references from msftidy
2014-09-05 19:55:38 -05:00
William Vu
48e098b172
Remove WVE references from msftidy
2014-09-05 19:28:27 -05:00
Samuel Huckins
643329e2c4
Land #3757 , postgres login scanner nil public fix
2014-09-05 16:35:46 -05:00
jvennix-r7
671c7f1095
Merge pull request #12 from wvu-r7/pr/3691
...
Fix read_ack to read only the ACK
2014-09-05 16:09:38 -05:00
David Maloney
0d9fbe798a
turn nil publics and privates into blanks
...
don't pass nil into the credential object, pass an empty string instead
this is the expected behaviour and avoids stack traces
2014-09-05 16:06:58 -05:00
jvazquez-r7
df278dd2dc
Conver to exploit
2014-09-05 14:47:33 -05:00
sinn3r
ce0e7b59f5
Remove WVE and BPS reference identifiers
...
Reasons why they should be gone:
WVE:
* wirelessve.org is down.
* Not a single module uses WVE as a reference
BPS:
* "BreakingPoint" no longer exists
* The URL takes you to a login page to ixia. And there is no point
of referencing something people can't see.
* Not a single module uses BPS as a reference.
2014-09-05 13:28:10 -05:00
William Vu
b6e04599a7
Fix read_ack to read only the ACK
...
It was reading the response, too. Also removed an extraneous send_ack.
2014-09-05 12:30:59 -05:00
jvazquez-r7
d4a8b7e00d
Move to exploits
2014-09-05 10:38:28 -05:00
jvazquez-r7
892f72e4ce
Move module path
2014-09-05 10:30:27 -05:00
jvazquez-r7
d041ee6629
Delete exploit modules from this branch
2014-09-05 10:29:24 -05:00
William Vu
9a7d1b2390
Land #3733 , "guest" for ipmi_users.txt
2014-09-04 21:11:42 -05:00
Chris Hebert
abffdd8705
Update alienvault_newpolicyform_sqli.rb
...
cleaned up according to msftidy.rb suggestions
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:17 - [WARNING] Spaces at EOL
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:18 - [WARNING] Tabbed indent: "\tlack of input filtering to read an arbitrary file from the file system.\n"
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:29 - [WARNING] Space-Tab mixed indent: "\t [ 'OSVDB', '106815' ],\n"
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:29 - [WARNING] Tabbed indent: "\t [ 'OSVDB', '106815' ],\n"
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:30 - [WARNING] Space-Tab mixed indent: "\t [ 'EDB', '33317'],\n"
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:30 - [WARNING] Tabbed indent: "\t [ 'EDB', '33317'],\n"
modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb:110 - [WARNING] Spaces at EOL
2014-09-04 21:46:37 -04:00
Chris Hebert
664cc131e3
Update alienvault_newpolicyform_sqli.rb
...
added 'ctx' variable relating to jvazquez-r7 note added on Jun 9
2014-09-04 21:34:24 -04:00
sinn3r
08ce278cca
Got these wrong
2014-09-04 17:05:51 -05:00
sinn3r
cb490fc00e
[SeeRM #8836 ] Change boot.ini to win.ini
2014-09-04 17:03:21 -05:00
jvazquez-r7
d83131f1d9
Land #3750 , @wvu favoring unless
2014-09-04 16:17:07 -05:00
jvazquez-r7
ff210a7c0a
delete parenthesis
2014-09-04 16:16:29 -05:00
sinn3r
85b48fd437
Land #3736 - Revert initial ff xpi prompt bypass for Firefox 22-27
2014-09-04 16:08:15 -05:00
jvazquez-r7
f063dcf0f4
Land #3741 , @pedrib's module for CVE-2014-5005 Desktop Central file upload
2014-09-04 15:44:21 -05:00
jvazquez-r7
f466b112df
Minor cleaning on check
2014-09-04 15:43:59 -05:00
jvazquez-r7
74b8e8eb40
Change module filename
2014-09-04 15:39:34 -05:00