23d9efb5a3
Add stageless Python Meterpreter for bind tcp
2015-10-21 18:37:37 -04:00
8bb694fa5c
Add stageless Python Meterpreter for reverse tcp
2015-10-21 18:23:04 -04:00
190181301d
Land #6119 , update to mdm 1.2.8 (fixes search queries)
2015-10-21 17:09:36 -05:00
7596f13407
remove bundled-with message
2015-10-21 17:08:54 -05:00
867bf340ab
bump mdm to 1.2.8
...
MSP-13273
2015-10-21 16:58:27 -05:00
065d042ec4
Update doc a little bit
2015-10-21 16:29:27 -05:00
12cdd786a6
Add more Nokogiri and RKelly support for Rex::Proto::Http::Response
...
These new methods allow the module writer to being able to parse
HTML/XML/JSON responses properly without using regex first.
2015-10-21 16:26:31 -05:00
3f556c6fee
Land #6117 , Fix nil http_method in php_include
2015-10-21 13:45:32 -05:00
997e8005ce
Fix nil http_method in php_include
2015-10-21 13:22:09 -05:00
129544c18b
Land #6112 , splat for ZPanel exploit
2015-10-21 13:07:51 -05:00
ccc0e55e0c
Land #6116 , target for minishare_get_overflow
2015-10-21 13:06:34 -05:00
4e50f3ebde
Update dns_srv_enum.rb
...
Patch for :
- Split record srvrcd one entry by line for readability.
- Add record for Default-First-Site-Name :
(according to https://technet.microsoft.com/en-us/library/cc759550%28v=ws.10%29.aspx )
'_gc._tcp.Default-First-Site-Name._sites.',
'_kerberos._tcp.Default-First-Site-Name._sites.',
'_kerberos.tcp.Default-First-Site-Name._sites.dc._msdcs.',
'_ldap._tcp.Default-First-Site-Name._sites.',
'_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.',
'_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.',
- Remove double entry '_kerberos.tcp.dc._msdcs.'
- Add fqdn query in logs.
- Add report_note to store and preserve the fqdn query.
Ps : I'm not very familiar with the code and patch rules for modules. Thank you to excuse my eventual errors.
2015-10-21 18:27:14 +02:00
e188bce4c9
Update minishare_get_overflow.rb
2015-10-21 16:48:31 +02:00
f06d7591d6
Add header for zpanel_information_disclosure_rce.rb
2015-10-20 16:19:44 -05:00
70b005de7f
Land #6041 , Zpanel info disclosure exploit
2015-10-20 16:08:16 -05:00
728fd17856
Make code changes for zpanel_information_disclosure_rce.rb
...
Use Nokogiri and URI, as well as indent fixes and other things
2015-10-20 16:07:02 -05:00
cb2d5a6c54
Land #6110 , fix typos in exec_powershell, datstore confusion
2015-10-20 13:10:13 -05:00
0784370b98
more typo and whitespace fixes
2015-10-20 13:09:17 -05:00
4b271425c9
s/datstore/datastore/g
2015-10-20 13:05:49 -05:00
2f1406e1c8
fix typo
...
not sure how this got in there
2015-10-20 13:48:00 -04:00
60c269983b
Land #6078 , Fix double raise in vnc_none_auth
2015-10-20 11:47:26 -05:00
88159edf9f
Fix double raise in vnc_none_auth
...
Not necessary for what it's trying to accomplish, being a scanner.
2015-10-19 18:22:06 -05:00
6de4c90ed9
Land #6106 , tab completion fix for spool
2015-10-19 17:33:32 -05:00
6748ccbb82
This method was moved to Rex::Ui::Text::Output
2015-10-19 10:43:38 -05:00
d7b8767afc
Fix #6105 by moving ``puts`` into the base class
2015-10-19 10:42:46 -05:00
712f9f2c83
Deleted extra reference to exploit DB
2015-10-18 19:10:47 -07:00
b03c3be46d
Fixed some styling errors in the initializer. Switched the calls to sleep(1) to use the Rex API (Rex.sleep(1) instead).
2015-10-18 02:13:03 -07:00
ba75e85eb3
Add WP Ajax Load More Plugin File Upload Vuln.
2015-10-17 13:30:36 -03:00
3757f2e8de
Changed my author name to make sure it matches my GitHub username inside the module information.
2015-10-16 14:54:34 -07:00
95d5e5831e
Adding the updated version of the module to submit a pull request. Changes were made to ensure that the OS version check correctly determines which systems are vulnerable, giving only a warning message if not.
2015-10-16 14:39:07 -07:00
28ca34c40a
Fix conflicts
2015-10-16 15:38:59 -05:00
c399d7e381
Land #5959 , Add Nibbleblog File Upload Vuln
2015-10-16 15:30:13 -05:00
9666660c06
Enforce check and add another error message
2015-10-16 15:29:12 -05:00
20366993e3
Land #5937 , use the Android mixin to get the Android version
2015-10-16 14:23:27 -05:00
d85412b0fb
Complete fix for generation of nop sleds
2015-10-16 14:01:00 -05:00
b788772215
break only if 'make_nops' is able generate the nop sled
2015-10-16 13:28:37 -05:00
28685f0e55
Land #6090 , improve display of framework version in msfconsole
2015-10-16 12:09:00 -05:00
896099b297
Land #6082 , Directory Traversal for Elasticsearch
2015-10-16 11:00:27 -05:00
e59a4e36b7
Fix check
2015-10-16 10:59:04 -05:00
41e9f8a91b
Some code changes from Roberto
2015-10-16 10:47:19 -05:00
f14776ab63
Land #6092 , refs for arkeia_agent_exec
2015-10-15 22:50:57 -05:00
8cb6cc57b5
Land #6094 , refs for another ManageEngine module
2015-10-15 22:49:05 -05:00
86dfbf23e8
Fix whitespace
2015-10-15 22:48:53 -05:00
8e41ca5f6e
Land #6093 , refs for manage_engine_opmanager_rce
2015-10-15 22:47:58 -05:00
018b515150
Add CVE/URL references to manageengine_eventlog_analyzer_rce
2015-10-16 10:41:39 +07:00
b1f2e40b98
Add CVE/URL references to module manage_engine_opmanager_rce
2015-10-16 10:36:13 +07:00
6a1553ae63
Add EDB/CVE/URL references to arkeia_agent_exec
2015-10-16 10:23:20 +07:00
dcf7b5c95a
Land #6086 , @jvazquez-r7's Fix Kerberos Client mixin Namespace
...
* If something breaks, blame @jvazquez-r7. Hopefully this is safe :)
2015-10-15 16:24:19 -05:00
bd96e0ded2
Improve get_hash for Framework version
2015-10-15 16:22:45 -05:00
67820f8b61
Fix Packetstorm references
2015-10-15 12:42:59 -05:00
Spencer McIntyre
Brent Cook
Louis Sato
wchen-r7
Kyle Gray
William Vu
fraf0
Boumediene Kaddour
Rob Fuller
HD Moore
Sam H
Sam Handelman
Roberto Soares
jvazquez-r7
xistence
dmohanty-r7