Commit Graph

37417 Commits (5a0bec81cbd2d7ddfa2c3e4ad2e8a9f932232c2b)

Author SHA1 Message Date
wchen-r7 53ff3051e1
Land #6531, NETGEAR ProSafe Network Management System 300 auth'd File Download 2016-02-26 10:53:16 -06:00
wchen-r7 bc050410a6 Allow max traversal depth as an option, and report cred 2016-02-26 10:52:30 -06:00
wchen-r7 7731fbf48f
Land #6530, NETGEAR ProSafe Network Management System 300 File Upload 2016-02-26 10:39:09 -06:00
Brent Cook 7acba69e37
Land #6577, add controls for Android ringer 2016-02-26 07:02:49 -06:00
Brent Cook 1427887efe update payloads 2016-02-26 06:10:02 -06:00
Brent Cook 5899b8afc8 make help show up when things are not specified correctly 2016-02-26 06:09:05 -06:00
Brent Cook 89b0c8a27a
Land #6571, use intent to unlock Android screens, support <= 4.3 2016-02-26 05:55:35 -06:00
Brent Cook d891e27cdd
Land #6597, prefer Timeout.timeout since Object#timeout is deprecated 2016-02-25 22:17:49 -06:00
wchen-r7 051506694f
Land #6574, add Linknat Vos Manager Traversal aux module 2016-02-25 22:02:56 -06:00
William Vu 83fad3e328 Add Fortinet backdoor 2016-02-25 21:29:08 -06:00
Brent Cook 5314dae9ae
Land #6601, clarify preferred licensing for new code 2016-02-25 20:26:54 -06:00
Brent Cook a87cf02b50
Land #6524, fix reverse_http to try binding to LHOST first 2016-02-25 20:25:02 -06:00
wchen-r7 3422bd1646
Land #6374, Update the Lastpass creds module with new attack vectors 2016-02-25 14:52:51 -06:00
wchen-r7 f3cf5a8a41 Resolve merge conflict with upstream-master
Out of date author field
2016-02-25 14:49:53 -06:00
wchen-r7 d14ec657e2
Land #6564, Add Apache Karaf Command Execution Module 2016-02-25 14:47:40 -06:00
wchen-r7 1d2ec7a239 Rescue OpenSSL::Cipher::CipherError
Our current net/ssh library is out of date, so we need to rescue
OpenSSL::Cipher::CipherError.
2016-02-25 14:46:53 -06:00
wchen-r7 2e268a25da
Land #6596, Apache Karaf Login Utility 2016-02-25 14:39:51 -06:00
wchen-r7 aa7c3f01a8 Update name and description 2016-02-25 14:39:19 -06:00
wchen-r7 7e25c7b87b Handle OpenSSL::Cipher::CipherError
Our current net/ssh is petty outdated, so it is possible not being
able to connect to certain SSH servers.
2016-02-25 14:35:37 -06:00
Dev Mohanty c4d80a7c16 Merge pull request #1 from wvu-r7/pr/6596
Fix some things
2016-02-25 13:57:14 -06:00
James Barnett 17447bea35
Put the code in the wrong block. 2016-02-25 13:39:04 -06:00
James Barnett 2366a7baa8
Use the correct step definition. 2016-02-25 13:26:11 -06:00
James Barnett e3c5708363
Support for tests that require the DB. Also update ms08-067 script with a few flags. 2016-02-25 12:41:40 -06:00
William Vu 7d20e26a35 Move to aux/scanner/ssh 2016-02-25 11:22:50 -06:00
William Vu f52f44cde0 Remove session_setup, since we're not in a shell
A real shell. A real human bean.
2016-02-25 11:21:45 -06:00
Metasploit b32f474e99
Bump version of framework to 4.11.13 2016-02-24 11:37:42 -08:00
Tyler Bennett ff3a554b4d added an unless to wrap around the print and report_creds func for nas module to only execute if ftpuser and ftppass is non-blank 2016-02-24 13:53:30 -05:00
Brent Cook 1029627a1f Merge pull request #5 from timwr/ringer-mode
fixes for android set_audio_mode
2016-02-23 21:44:13 -06:00
Tyler Bennett 16d7b2e6ff cleaned up unless code for nas module and setup ftpuser and ftppass to only if non blank 2016-02-23 17:37:47 -05:00
dmohanty-r7 6aa6280eff
Try USERNAME before DEFAULTCRED 2016-02-23 13:44:44 -06:00
Tyler Bennett 4eabe43273 fixed issues with capturing regex 2016-02-23 12:27:07 -05:00
Tyler Bennett c191e5b8e1 corrected authors file and cleaned up debug statements 2016-02-23 11:41:12 -05:00
Jon Hart c79eab2c7f
Land #6241, @talos-arch3y's aux module for Dahua DVR CVE-2013-6117 2016-02-23 08:20:54 -08:00
Pedro Ribeiro 5710c85a9e Style changes 2016-02-23 15:15:57 +07:00
Pedro Ribeiro 044b12d3a4 Made style changes requested by OJ and others 2016-02-23 15:14:04 +07:00
dmohanty-r7 07ac13326e
Allow user to try other login credentials 2016-02-22 17:47:32 -06:00
HD Moore aea68adb77 Clarify that contributed code should be BSD/MIT 2016-02-22 16:29:13 -06:00
wvu-r7 340a8d1687 Merge pull request #15 from bcook-r7/land-6524-bind
update to use the common bind_addresses method
2016-02-22 10:16:07 -06:00
James Lee 56fed01ff0
Land #6599, fix silent failures in aux HttpServers 2016-02-22 08:41:11 -06:00
RageLtMan d7ba37d2e6 Msf::Exploit::Remote::HttpServer print_* fix
Exploit::Remote::HttpServer and every descendant utilizes the
print_prefix method which checks whether the module which mixes in
these modules is aggressive. This is done in a proc context most
of the time since its a callback on the underlying Rex HTTP server.

When modules do not define :aggressive? the resulting exceptions
are quietly swallowed, and requestors get an empty response as the
client object dies off.

Add check for response to :aggressive? in :print_prefix to address
this issue.
2016-02-21 20:20:22 -05:00
Tim cef1b77e26 fixes for android set_audio_mode 2016-02-20 12:01:10 +00:00
Tim 27af59ea7c minor tweaks 2016-02-20 08:35:56 +00:00
Metasploit b868f7cc89
Bump version of framework to 4.11.12 2016-02-19 20:19:43 -08:00
joev c8b28d90d1 Fix old comment. 2016-02-19 19:08:38 -06:00
RubenRocha 72a69fcd16 Fixed timeout warning 2016-02-19 21:14:54 +00:00
William Vu 8a15c36770
Land #6563, VNC creds scraper uninstall location 2016-02-19 15:01:23 -06:00
William Vu bfd204ac50 Fix some cosmetic issues 2016-02-19 15:00:56 -06:00
James Barnett 140fafc159 Merge branch 'bug/MS-833/testing-08-067' of github.com:darkbushido/metasploit-framework into HEAD 2016-02-19 13:42:22 -06:00
dmohanty-r7 c0180b23fa
Update description 2016-02-19 13:39:13 -06:00
Louis Sato 9ba82453f8
Land #6584, cidr notation addition for route command 2016-02-19 12:20:00 -06:00