a298129463
adding specs and expanding options
...
Tests shouldnt be DRY, they need to be easy to understand.
2016-05-25 13:17:47 -05:00
19c4d5b02b
Remove hard coded target path
2016-05-25 18:04:26 +01:00
c65401026a
wip fixup rc4
2016-05-25 06:17:02 -05:00
05680ab6f3
Land #6887 , add a missing postgresql 9.4.1-5 matching case
2016-05-24 22:19:03 -05:00
028b1ac251
Land #6816 Oracle Application Testing Suite File Upload
2016-05-24 18:27:10 -05:00
5921ac7b47
Add a spec and fix ReverseHttp#luri
2016-05-24 17:22:14 -05:00
3dfdf1d936
Land #6528 , tilde expansion and more for OptPath
2016-05-24 16:01:59 -05:00
a23ce05752
File.exists? must cease to exist
2016-05-24 13:53:26 -07:00
48c25dd863
Remove need for expand_path in this module; normalize handles it now
2016-05-24 13:30:12 -07:00
3df4c38e82
Use correct key file var
2016-05-24 13:28:08 -07:00
7b024d1a72
Land #6914 , add siem to the namelist
2016-05-24 14:22:44 -05:00
14cb85250e
Land #6912 , use the correct variable for cookie expiration in BAP2
2016-05-24 14:19:03 -05:00
ff4d150449
Show IP for print_*
2016-05-24 14:12:54 -05:00
9d545b0a05
Update namelist.txt
2016-05-24 13:00:59 -04:00
b5987e1d51
Land #6907 , Fix check command with an IP or IP range
2016-05-24 11:37:56 -05:00
9807f9b796
Move Rex::Job into its own file
2016-05-24 11:24:47 -05:00
54f4389d31
Bump version of framework to 4.12.5
2016-05-24 08:54:14 -07:00
5cfaef899e
Land #6913 , fix spec warnings
2016-05-24 10:27:43 -05:00
77a62ff7c0
Land #6905 RC4 Stagers
2016-05-24 09:34:32 -05:00
af86d63498
Updated Cache size
2016-05-24 09:07:05 -05:00
f0b945e4c4
Updated cache size
2016-05-24 09:06:46 -05:00
d328258db4
Updated Cache size
2016-05-24 09:06:28 -05:00
43f79f34a9
Removed superfluous instruction
2016-05-24 09:03:14 -05:00
d709229f52
fix spec warnings
2016-05-24 07:51:36 -05:00
5c6b93c1cf
Land #6883 , Add Ubiquiti airOS exploit
2016-05-24 07:26:40 -05:00
3bc020178f
use the correct variable for cookie expiration
2016-05-24 07:16:55 -05:00
e382b2e468
Land #6908 , Fix importing of a zipped workspace
2016-05-24 01:10:24 -05:00
c7b684dbd7
Land #6910 , Update allwinner_backdoor report_vuln hash
2016-05-24 01:02:24 -05:00
ca76e8f290
Update allwinner_backdoor report_vuln hash
2016-05-24 00:57:37 -05:00
5bf8891c54
Land #6882 , fix moodle_cmd_exec HTML parsing to use REX
2016-05-23 23:25:22 -05:00
266d29ca4a
handle garbage better during probe
2016-05-23 22:28:31 -05:00
a6020ca010
style fixes
2016-05-23 22:14:57 -05:00
928a706135
Land #6890 , Allwinner CPU kernel module local privilege escalation
2016-05-23 22:00:52 -05:00
2f8562fba4
added documentation and minor style tweaks
2016-05-23 21:59:44 -05:00
76e8e8f6c7
really fix regex
2016-05-23 20:08:38 -05:00
adb8098b8c
Fix typo
2016-05-24 00:16:04 +01:00
aae7c25603
Add WordPress Ninja Forms unauthenticated file upload module
2016-05-23 23:47:41 +01:00
eb26202961
fix regex
2016-05-23 17:33:06 -05:00
77a81b2e78
bump metasploit credential version
2016-05-23 17:03:10 -05:00
4242bbdf55
change report_note to report_vuln per note
2016-05-23 17:36:50 -04:00
d0b87131a9
fixing import of zip workspace
...
MS-1528
2016-05-23 16:09:22 -05:00
6af9a093d2
update bool
2016-05-23 15:48:03 -05:00
5e059e0c5b
updating the error message
...
changing the exception to be a little more specific.
2016-05-23 15:40:32 -05:00
d3cdcd5f99
Having the payload generator check the payload size
...
Payload generator will raise an error if the payload is larger then the size option
2016-05-23 15:17:41 -05:00
fe1b24e666
allow nil assignment to the datastore
2016-05-23 14:56:19 -05:00
f29463f119
include {peer} in the context of the command dispatcher
2016-05-23 14:55:58 -05:00
2694907b79
update cached payload size
2016-05-23 14:30:43 -05:00
cf62218139
Update payload sizes
2016-05-23 14:27:11 -05:00
efc64eaa5f
Implement reverse_tcp_rc4_dns payload in metasm
...
Using the ruby methods for generating assembly blocks defined or
separated in prior commits, create a new payload from the existing
assembly blocks which performs a DNS lookup of the LHOST prior to
establishing a corresponding socket and downloading, and
decrypting the RC4 encrypted payload.
For anyone looking to learn how to build these payloads, these
three commits should provide a healthy primer. Small changes to
the payload structure can yield entropy enough to avoid signature
based detection by in-line or out-of-band static defenses. This
payload was completed in the time between this commit and the last.
Testing:
Win2k8r2
ToDo:
Update payload sizes when this branch is "complete"
Ensure UUIDs and adjacent black magic all work properly
2016-05-23 14:27:11 -05:00
0e69040a6a
Implement reverse_tcp_dns as metasm payload
...
Using the separation of block_recv and reverse_tcp, implement
reverse_tcp_dns using original shellcode as template with dynamic
injection of parameters. Concatenate the whole thing in the
generation call chain, and compile the resulting shellcode for
delivery.
Metasploit module pruned to bare minimum, with the LHOST OptString
moved into the library component.
Testing:
Win2k8r2
ToDo:
Update payload sizes when this branch is "complete"
Ensure UUIDs and adjacent black magic all work properly
Misc:
Clean up rc4.rb to use the rc4_keys method when generating a
stage. Makes the implementation far more readable and reduces
redundant code.
2016-05-23 14:27:11 -05:00
darkbushido
rastating
Brent Cook
wchen-r7
William Webb
James Lee
William Vu
Jon Hart
x90" * 365
Metasploit
Brendan Watters
Louis Sato
h00die
RageLtMan