James Lee
9e2f795f64
Land #6290 , correctly override reverse_http Host
2015-11-30 09:56:28 -06:00
Spencer McIntyre
fba9715a56
Add stageless python meterpreter http & https payloads
2015-11-28 17:41:55 -05:00
Andrew Smith
59bd88ff70
msftidy
2015-11-27 16:45:52 -05:00
Andrew Smith
9c016343c7
Update to logic and reliability
...
Included support for Windows Defender
Rewrote logic to support hosts with multiple AV products installed
2015-11-27 16:41:40 -05:00
BAZIN-HSC
070a156925
-Recovrey +Recovery
2015-11-27 13:58:19 +01:00
Jon Cave
0c8eb6fb37
Display ReverseListenerBindPort if it is set
...
ReverseListenerBindPort overrides LPORT if it is used. The `listener_uri`
method should use the output `bind_port` to account for this.
2015-11-27 09:16:20 +00:00
wchen-r7
c888726a1a
Fix #6287 , check DisablePayloadHandler value in exploit.rb
...
It looks active_module datastore options are always strings. They
are actually different than what the module uses (normalized), so
we have to always have to check it.
2015-11-26 18:30:31 -06:00
Brent Cook
e5119e6446
use payload_uri's result to derive lhost / lport
2015-11-26 15:21:51 -06:00
Brent Cook
216119c05c
unfold override lhost/lport logic
2015-11-26 15:15:21 -06:00
Spencer McIntyre
1b495e73ac
Further reduce python reverse_http duplicate code
2015-11-26 14:31:00 -05:00
Spencer McIntyre
bd25ffa48c
Consolidate py reverse http uri code into a mixin
2015-11-26 13:32:50 -05:00
Brent Cook
f4d35116bd
land #6288 , fix regression using non-default port with reverse_http
2015-11-26 11:04:24 -06:00
Brent Cook
eb57163db6
Land #6285 , excellent new sound plugin scheme
2015-11-26 10:41:02 -06:00
Jon Cave
d9655fc882
Use LPORT if opts[:lport] is undefined
...
`nil.to_i` returns 0 which will short circuit the || resulting in port 0
being used. nil should be checked for prior to casting to int.
2015-11-26 16:08:22 +00:00
OJ
87507e19a9
Change job view to show bind port if applicable
2015-11-26 16:18:00 +10:00
wchen-r7
ecfcdbe875
rm extra "excellent"
2015-11-25 23:49:44 -06:00
Christian Mehlmauer
920d8c6ad7
Land #6278 , wrong default option for RHOST
2015-11-26 06:49:25 +01:00
wchen-r7
d44224142e
Update audio files
2015-11-25 23:41:18 -06:00
Louis Sato
90fb3e0118
Land #6277 , jenkins domain cred recovery aux module
2015-11-25 22:58:43 -06:00
wchen-r7
776455d10a
Add another sound and event
...
Add sound: "We've got a shell"
Add event on_session_fail
2015-11-25 22:46:51 -06:00
Brent Cook
a7a89adfac
Land #6264 , meterpreter per-extension init string support, update payloads to 1.0.17
...
This brings in the following changes:
Changes to support maven 3.3+
Don't fall back to 0.0.0.0
Remove all debug builds from the Windows projects
Add show_mount, ps_list, and some core tweaks
Refactor TLV layout, add more debug output, token stealing
Add incognito binding, code tidies
Update packaged libs
Add transport list binding
Add transport add command to python binding
Update python core lib archive
change source perms back to non-executable
First pass of stageless initialisation script
Finalise stageless initialisation scripts
add BOOT_COMPLETED receiver that starts the Payload
Improve the implementation of the getuid command
Switch to Utils.runCommand per timwr's suggestion
Updated init script method
also bumps msgpack 0.7.1, which fixes a failure packing messages > 256k
2015-11-25 22:27:27 -06:00
Brent Cook
78e306e281
s/Initialision/Initialization/
2015-11-25 22:07:25 -06:00
Brent Cook
d984e5c781
update payload sizes
2015-11-25 22:04:52 -06:00
Brent Cook
c8461bfb24
update to metasploit-payloads 1.0.17
2015-11-25 22:03:28 -06:00
wchen-r7
7dc268d601
Land #6283 , increase the amount of space needed for ms08_067
2015-11-25 19:37:25 -06:00
wchen-r7
af8c557fa9
Add the MP3s
2015-11-25 18:09:27 -06:00
wchen-r7
fa32f43ee4
Muts says "Try harder!" or "Excellent" for the sounds plugin
...
With the sounds plugin, muts will say "excellent!" when a session
is received. If a session is terminated (either exited or lost),
muts will say "try harder!"
2015-11-25 18:06:58 -06:00
Jon Hart
8fd2522a59
Land #6257 , @all3g's aux module for locating git repos over HTTP
2015-11-25 12:25:45 -08:00
Jon Hart
a56571479f
Remove WmapScanServer mixin; not needed
2015-11-25 11:38:32 -08:00
William Vu
2da9bb8578
Follow redirects in apache_userdir_enum
...
Found false negatives while testing a server for #6281 .
2015-11-25 13:27:06 -06:00
Jon Hart
a692a5d36c
Remove Platform, this should work everywhere; correct grammar
2015-11-25 11:23:18 -08:00
William Vu
e56aa96a66
Land #6281 , TARGETURI/full_uri fixes
2015-11-25 13:15:50 -06:00
William Vu
8f459de064
Fix tomcat_enum for full_uri
2015-11-25 11:28:56 -06:00
William Vu
38a9efe4d6
Fix squiz_matrix_user_enum for full_uri
2015-11-25 11:28:53 -06:00
Brent Cook
35ea8c3f74
relax space needed a bit less, work with Windows XP and 2k3
2015-11-25 11:25:57 -06:00
William Vu
7d17c5741b
Fix nginx_source_disclosure for full_uri
2015-11-25 11:19:27 -06:00
William Vu
035882702a
Fix barracuda_directory_traversal for full_uri
2015-11-25 11:18:17 -06:00
William Vu
7a5f6495d0
Fix axis_local_file_include for full_uri
2015-11-25 11:16:59 -06:00
William Vu
42d12a4d40
Fix apache_userdir_enum for full_uri
2015-11-25 11:16:22 -06:00
Brent Cook
2a89a2bc9a
increase the amount of space needed for ms08_067
2015-11-25 07:13:16 -06:00
Waqas Ali
c09d8031c6
Remove default empty string
2015-11-25 12:19:16 +05:00
William Vu
f9d3652e1a
Land #6282 , deprecated module cleanup
...
rm modules/exploits/windows/browser/adobe_flash_pixel_bender_bof.rb
2015-11-24 23:48:09 -06:00
wchen-r7
6fbcb3d127
Land #6263 , add BisonWare BisonFTP Server Buffer Overflow
2015-11-24 22:55:15 -06:00
wchen-r7
f57ebad0e6
Change hard tabs to spaces
2015-11-24 22:54:52 -06:00
JT
9a7e51daec
Update bison_ftp_bof.rb
2015-11-25 11:47:21 +08:00
JT
3d6e4068cb
Update bison_ftp_bof.rb
2015-11-25 11:17:07 +08:00
wchen-r7
591da3c97e
Please use exploit/multi/browser/adobe_flash_pixel_bender_bof
...
Time to say goodbye to:
exploits/windows/browser/adobe_flash_pixel_bender_bof.rb
Please use:
exploit/multi/browser/adobe_flash_pixel_bender_bof
Reason: The replacement supports multiple platforms, so better.
2015-11-24 20:37:57 -06:00
Vex Woo
a262c6bff5
Merge pull request #2 from jhart-r7/pr/fixup-6257
...
HTTP Git scanner for information disclosure in git repository.
2015-11-25 02:05:30 +00:00
Jon Hart
eac4f02b66
Spelling and correct description
2015-11-24 17:57:56 -08:00
aushack
3ad7ef9814
Modify the printed URL to add https:// when SSL is used.
2015-11-25 12:46:56 +11:00