James Lee
c3e8f81982
Land #7038 , zutto_deriku, an x64 encoder
2016-07-12 13:46:55 -05:00
wchen-r7
af3ac60e28
Land #7087 , Fix Beholder migration with multiple users
2016-07-12 11:48:33 -05:00
William Vu
310332b521
Clean up module
2016-07-12 11:17:10 -05:00
wchen-r7
b869b890c7
Land #7090 , Add module for Tikiwiki Upload Exec
2016-07-12 11:16:50 -05:00
wchen-r7
2471e8bc8c
Add FileDropper to cleanup properly
2016-07-12 11:16:18 -05:00
William Vu
277950cc79
Land #6733 , psexec StackAdjustment fix
2016-07-12 11:14:16 -05:00
wchen-r7
f6751f3c90
Fix typos
2016-07-12 10:56:41 -05:00
thao doan
a79f6fccad
Land #7092 , Added minor changes to the Windows Meterpreter docs
2016-07-12 08:15:28 -07:00
Mehmet Ince
43833c8756
Fixing double normalize function call
2016-07-12 07:30:18 +03:00
Brent Cook
2b016e0216
Land #6812 , remove broken OSVDB references
2016-07-11 22:59:11 -05:00
Pearce Barry
7b1d9596c7
Land #7068 , Introduce 'mettle' - new POSIX meterpreter
2016-07-11 22:38:40 -05:00
Brent Cook
117a0945b1
Land #7079 , Import, sign, and publish signed dev keys
2016-07-11 22:19:45 -05:00
Brent Cook
627fffdb08
Land #7089 , correct usage of OptPort and OptRegex
2016-07-11 22:13:27 -05:00
Brent Cook
128f802928
use the regex source when generating or displaying a regex
2016-07-11 22:05:50 -05:00
Brent Cook
79fd648bbe
don't double-encapsulate regexes on normalize
2016-07-11 22:05:00 -05:00
wchen-r7
6ab0dbc321
fix header
2016-07-11 15:34:14 -05:00
wchen-r7
2c7ffcc3a8
Update windows/meterpreter/reverse_tcp doc about sleep control
2016-07-11 15:32:49 -05:00
khr0x40sh
7211936f96
Fix Payload exit issue
...
Fixed payload exiting issue by adding while ($true){Start-Sleep 1000};
statement.
2016-07-11 16:21:08 -04:00
wchen-r7
8817de793a
Add module documentation for windows/meterpreter/reverse_https
2016-07-11 15:18:18 -05:00
Mehmet Ince
fc56ab6722
Fixing some coding style because of rubocop
2016-07-11 23:10:18 +03:00
Brendan
47f2cef22e
Syntax changes to humor rubocop and ruby style
2016-07-11 12:50:58 -07:00
Mehmet Ince
e79c3ba7c0
Tiki Wiki unauth rce
2016-07-11 22:44:07 +03:00
William Vu
108c3961e2
Make sure GATEWAY_PROBE_PORT is 0
...
This ensures that dst_port is set for UDPSocket#send.
2016-07-11 12:10:46 -05:00
Brendan
963437d5e7
Land #7063 , Add module for WebNMS 5.2 Arbitrary File Download
2016-07-11 10:05:21 -07:00
Brendan
c2a5da08af
Land #7064 , Add moule to steal creds from WebNMS 5.2
2016-07-11 06:38:50 -07:00
Josh Hale
ffa340500f
Tweek migration - Check rights to process before migrate
2016-07-10 19:05:59 -05:00
William Webb
52c6daa0f2
Land #7048 , Riverbed SteelCentral NetProfiler and NetExpress Remote
...
Command Injection
2016-07-10 18:54:12 -05:00
Francesco
b75084249a
Removed duplicate 'Privileged' key
2016-07-10 01:37:03 -04:00
William Webb
92a592d303
Land #7083 , Fix description for linux/misc/mongod_native_helper.rb
2016-07-09 14:25:47 -05:00
h00die
fdce5bc30c
add disclosure date
2016-07-09 09:30:00 -04:00
Pedro Ribeiro
0a40e7d8f5
Merge pull request #28 from bwatters-r7/updates-7063
...
Added error checking and some suggested style changes
2016-07-09 12:49:56 +01:00
Pedro Ribeiro
55f27fb6fe
Merge pull request #27 from bwatters-r7/changes-7064
...
Added version check and error handling, changed regex to ruby syntax.
2016-07-09 12:47:46 +01:00
sho-luv
25f49c0091
Fixed Description
...
Just cleaned up Description.
2016-07-08 16:17:39 -07:00
William Webb
202969fae9
Land #7081 , Add module documentation for linux/x86/meterpreter/reverse_tcp
2016-07-08 15:51:27 -05:00
Metasploit
48410f3ab2
Bump version of framework to 4.12.13
2016-07-08 10:01:58 -07:00
Brendan
bbe4162320
Added error checking and some suggested style changes
2016-07-08 08:27:56 -07:00
wchen-r7
d0e1c67c18
Land #7026 , Add Action Pack render exploit CVE-2016-2098
2016-07-07 16:16:37 -05:00
wchen-r7
201750a31b
Add documentation for rails_actionpack_inline_exec
2016-07-07 16:15:51 -05:00
wchen-r7
2cc6565cc9
Update rails_actionpack_inline_exec
2016-07-07 15:56:50 -05:00
Brendan
09dcd1dade
Added version check and error handling, changed regex to ruby syntax.
...
Also made a few syntax changes to placate rubocop.
2016-07-07 10:35:18 -07:00
wchen-r7
deecb24967
Update doc
2016-07-07 11:43:03 -05:00
wchen-r7
54fa43030d
Add module documentation for linux/x86/meterpreter/reverse_tcp
2016-07-07 11:39:28 -05:00
h00die
892f354ece
give me some credit
2016-07-06 21:39:45 -04:00
h00die
47cf6d5edf
better docs, extract more data
2016-07-06 21:28:57 -04:00
Brent Cook
1c8556d8e0
add mettle payload tests
2016-07-06 15:53:20 -05:00
Brent Cook
a362d8b9c8
update payload test generator to work with MetasploitModules
2016-07-06 15:53:06 -05:00
wchen-r7
fee361dae0
Land #7075 , Add ms16-016 local privilege escalation
2016-07-06 12:01:01 -05:00
wchen-r7
532ea5d4c4
Make sure there's a ref and checkcode
2016-07-06 12:00:20 -05:00
Tod Beardsley
7a321c7350
Import, sign, and publish signed dev keys
...
This largely automates the process of importing developer keys,
much like `import-dev-keys.sh`, but also takes the additional, sadly
manual step of signing the key with your default key, and uploading
those keys to https://sks-keyservers.net .
In effect, you are stating that you trust keys published on keybase.io
and are listed as such on the official Metasploit-Framework development
wiki.
If your own default key either has no passphrase, or has a passphrase
cached in a keymanager, the process merely requires you hit `y` for
every key, and `y` again for keys with multiple IDs. Otherwise, you
will need to provide your passphrase for each signing. Temporarily
removing the passphrase alleviates this pain.
Of course, this assumes you actually trust the development wiki
and keybase to do the right thing. The tradition is to individually
verify each key through some personally invented means, such as in
person with a government ID check.
Note that `import-dev-keys.sh` currently lists a number of keys
not on Keybase, and that functionality has not been carried over
to this script.
2016-07-06 10:33:02 -05:00
Spencer McIntyre
c23be2bb79
Land #7077 , add module doc for py/met/rev_tcp
2016-07-06 11:22:43 -04:00