5240c6e164
Add module for MS13-037 CVE-2013-2551
2013-06-12 07:37:57 -05:00
132769d415
Merge branch 'release'
2013-06-11 18:52:11 -05:00
72b3ea2be0
Merge pull request #1943 from shuckins-r7:bug/nx-asset-group-push
2013-06-11 18:41:49 -05:00
d5be41617e
Uses raw-xml-v2 Nexpose export for Nexpose import as this adds device-id
...
back to XML schema and will result in hosts that can be pushed back to
Nexpose.
[Bug #51521175 ]
2013-06-11 18:37:02 -05:00
7601152640
Land #1942
2013-06-11 16:29:19 -05:00
6a5d1d06b2
Make the conditional correct for print_prefix
...
Fixes a bug introduced on #1936 .
2013-06-11 16:16:17 -05:00
5dfb3de4f3
Land #1940 - Update firefox svg exploit description to be more accurate
2013-06-11 12:16:23 -05:00
45da645717
Update ff svg exploit description to be more accurate.
2013-06-11 12:12:18 -05:00
2874aead2e
Land #1938 - Change sevone_enum because it's an Scanner
2013-06-11 11:42:18 -05:00
430511cbff
Land #1937 , @wchen-r7's fix for heap spray js code
2013-06-11 09:17:40 -05:00
0578572d98
Change sevone_enum because it's an Scanner
2013-06-11 08:51:15 -05:00
081baad68c
Remove variable 'overflow' because it's not used
...
The 'overflow' variable isn't needed
2013-06-11 02:26:45 -05:00
fe32a747a3
Land #1936 , prefer PacketFu and pcaprub gems
2013-06-10 17:28:43 -05:00
d7e3c5cdb3
Rspec: Ensure PacketFu is actually still available
...
PacketFu should be required from the gem, not from the shipped msf
library. Several modules depend on it being available, so this rspec
test mostly just ensures that Msf::Exploit::Capture mixin is still
around.
2013-06-10 16:02:50 -05:00
9a08090b0f
Inch toward making modules more testable
2013-06-10 16:02:19 -05:00
d4e9431633
Add Gemfile entry for PacketFu
2013-06-10 14:18:05 -05:00
7dafcc76df
Remove packetfu and pcaprub libaries
...
These should be handled by bundler's Gemfile.
2013-06-10 14:12:18 -05:00
5b61f99ee6
Land #1933 - Update smart_hashdump Regular Expressions for Win 8 & 2012
2013-06-10 13:28:04 -05:00
0c6dbe9885
Add final cleanup for sevone_enum
2013-06-10 13:16:22 -05:00
6765a911a4
Land #1921 , @juushya brute force login module for SevOne
2013-06-10 13:15:14 -05:00
622dc27d95
Land #1925 - fix SNMP enum module failing to catch some fail cases
...
[FixRM:#7945]
2013-06-10 12:51:02 -05:00
31faf65271
Land #1929 , spool ui fix from @jsherwood0
2013-06-10 12:30:50 -05:00
fee804a074
Land #1926 , Auxiliary::Web changes
...
Since none of these changes appear to be reachable from Metasploit
Framework, this seems like a nop for me.
2013-06-10 11:59:19 -05:00
5c988d99fe
more updates to sevone.rb. hopefully all is covered..
2013-06-10 21:59:18 +05:30
0895184e1f
Land #1932 - Actually support OUTPUTPATH datastore option
2013-06-10 11:22:28 -05:00
04171c46ec
more updates to sevone.rb. hopefully all is covered.
2013-06-10 21:47:56 +05:30
7ae6383803
Land #1935 , @todb-r7's description cleanup
2013-06-10 11:14:04 -05:00
f58e279066
Cleanup on module names, descriptions.
2013-06-10 10:52:22 -05:00
3fbbe3e7b3
Make msftidy happy
2013-06-10 08:16:15 -05:00
3c05cf4382
Land #1842 , @viris DoS module for cve-2013-0229
2013-06-10 08:15:45 -05:00
154894bda6
Added comments and merged jvazquez-r7-miniupnp_dos_clean branch.
2013-06-10 10:18:26 +02:00
a9df55c27a
Add Windows 2012 to regex matching
2013-06-09 20:46:44 -04:00
8e83f0ee30
Add Windows 8 and 2012 to regex matching
2013-06-09 20:41:46 -04:00
7ac5b6de53
Fix prompt and color issue with cmd_spool
...
Changing spool setting caused problems with prompt and color. This
fix makes the following changes:
- Saves the color setting and re-applies it to the new output console
- Sets the prompt in the same way that cmd_use does
2013-06-09 13:35:35 -04:00
cb79aa252a
Fix output path in ms10_004_textbytesatom.rb
...
ms10_004_textbytesatom.rb does not write to the local data directory,
instead it writes to the metasploit path (at least, that's where I
started msfrpcd).
This fixes it by using Msf::Config.local_directory
2013-06-09 07:28:48 +10:00
c8c331c290
Land #1928 - Devecot with Exim sender_address param command exec
2013-06-07 22:39:32 -05:00
f55edac0ca
Title and description update
2013-06-07 22:38:53 -05:00
a510084f1c
Description change.
2013-06-07 22:35:46 -05:00
600494817d
Fix typo and target name
2013-06-07 21:08:38 -05:00
9025b52951
make the payload build more clear
2013-06-07 18:05:11 -05:00
d76e14fc9c
Add module for OSVDB 93004 - Exim Dovect exec
2013-06-07 17:59:04 -05:00
74bddcf339
Update sevone_enum.rb
...
New updates as per review comments
2013-06-08 02:28:09 +05:30
19a6f310cd
Land #1927 - Add common passwords from xato.net
2013-06-07 15:24:09 -05:00
dc680e7106
Underscores because the rest are.
2013-06-07 15:16:39 -05:00
aefcc51704
Land #1924 - Java pwn2own 2013: java_jre17_driver_manager (CVE-2013-1488)
2013-06-07 15:12:09 -05:00
0265dd8860
Add common passwords from xato.net
...
Mark Burnett publishes lists of top passwords occasionally. This PR adds
the top 500 and top 1024 passwords, as of 2011-06-20, linked from this
blog post:
http://xato.net/passwords/more-top-worst-passwords/
He also does a fair bit of frequency analysis there.
The 1024 list, should probably used instead of the original
unix_password.txt file. unix_password.txt was added on 2010 from an
unknown source (and since edited occasionally to add known good default
passwords). Pulling those changes into this list probably would be
helpful to guess better.
As far as I can tell, there are no special licensing terms for these
lists.
2013-06-07 15:10:14 -05:00
1ca8fd2cf1
Update sevone_enum.rb
...
Updated as per initial review comments.
2013-06-08 01:14:43 +05:30
6aa7c74fdd
make anemone also rspect domain
2013-06-07 14:24:14 -05:00
79bfdf3ca6
Add comment to explain the applet delivery methods
2013-06-07 14:20:21 -05:00
b8ba0f27ee
Land #1738 - Bug/spec 2.0 compat
2013-06-07 13:58:50 -05:00
jvazquez-r7
Brandon Turner
Samuel Huckins
James Lee
Tod Beardsley
sinn3r
Joe Vennix
William Vu
KarnGaneshen
Dejan Lukan
Carlos Perez
John Sherwood
Ruslaideemin
David Maloney