HD Moore
5d57e9db34
Remove unnecessary RHOST definition
2018-05-06 22:20:51 -05:00
HD Moore
8141e949fc
Note the runtimes
2018-05-05 18:34:11 -05:00
HD Moore
e775a97ae2
Adds panos_readsessionvars exploit module
2018-05-05 15:41:17 -05:00
Tim W
5f01b6abc9
Land #9977 , fix crash during x64 linux reverse_tcp stager retry
2018-05-05 17:13:00 +08:00
Tim W
4216d06ffb
fix #9963 , update x64 linux reverse_tcp stager cached size
2018-05-05 16:30:45 +08:00
William Vu
88f09dc302
Update a few stragglers in Drupalgeddon 2
...
1. I added a missed header and YARD to the Drupal mixin.
2. I decided to match discovered versions more liberally.
2018-05-03 18:35:25 -05:00
William Vu
728d7bc065
Fix #9876 , second round of Drupalgeddon 2 updates
...
Thanks to a reviewer for noticing my drupal_unpatched? method was
tri-state because of an unrefactored return. Oops! :)
2018-05-03 17:38:32 -05:00
bwatters-r7
ce5be387c4
Land #8795 , Added CVE-2016-0040 Windows Privilege Escalation
...
Merge branch 'land-8795' into upstream-master
2018-05-03 16:33:53 -05:00
bwatters-r7
96b892a546
Make Rubocop happy
2018-05-03 11:30:05 -05:00
Borja Merino
916dfa56fe
Add author name to the wlan_probe_request post-exploitation module
2018-05-03 11:41:09 +02:00
Jacob Robles
d6cf32fad8
Land #9821 , osCommerce 2.3.4.1 - Remote Code Execution
2018-05-02 07:29:15 -05:00
Jacob Robles
fc2c42f725
Land #9960 , fix continuation warnings in payloads
2018-05-02 06:28:17 -05:00
Jacob Robles
4a56ecf3ae
psexec native upload argument
2018-05-01 09:33:17 -05:00
Brent Cook
34f8a9a5ee
fix continuation warnings in payloads
2018-05-01 04:57:42 -05:00
Jeffrey Martin
28173222a8
Land #9881 , cleanup psexec code
2018-04-30 18:39:36 -05:00
Brent Cook
e29a53b7cb
Land #9951 , Update linux/gather/enum_protections module
2018-04-30 16:52:30 -05:00
Brent Cook
f3fa9af098
fixup osx sizes
2018-04-30 15:21:23 -05:00
Brent Cook
7e31c2cf76
Land #9942 , IPv6 channel fixes for Python and Linux/macOS Meterpreters
2018-04-30 15:14:12 -05:00
Brendan Coles
3351a59efb
Update linux/gather/enum_protections
2018-04-29 06:52:47 +00:00
Aaron Soto
c4bca03fea
Land #9908 , msfd_rce_remote and msfd_rce_browser
2018-04-27 18:54:17 -05:00
Aaron Soto
82fc4aba64
Land #9918 , XDebug Unauthenticated OS command execution
2018-04-27 17:08:58 -05:00
Brent Cook
8fd7448e48
bump payloads, ipv6 channel fixes
2018-04-27 14:18:54 -05:00
Auxilus
d29bc920c1
print o/p to new line
2018-04-27 20:58:25 +05:30
Auxilus
912970ad3b
change vprint to print for printing o/p in psexec_command
2018-04-27 20:47:21 +05:30
Auxilus
0374de5e0d
change vprint to print for printing o/p
2018-04-27 10:49:04 +05:30
Auxilus
25cf8d175a
report command execution o/p
2018-04-27 08:43:30 +05:30
Brent Cook
79d8f5e86c
autofilter = false means skip, which is reverse of intuition
2018-04-26 17:20:55 -05:00
Jeffrey Martin
54aaf1f718
Land #9937 , enable autofilter on tp-link camera exploit
2018-04-26 16:08:09 -05:00
Brent Cook
4789cdc596
enable autofilter on tp-link camera exploit
2018-04-26 14:56:39 -05:00
Brent Cook
0fa0358993
Land #9853 , Update Linux sock_sendpage local exploit module
2018-04-26 14:30:51 -05:00
William Vu
873cbcee27
Fix #9876 , minor updates to Drupalgeddon 2
...
1. Tested versions are already listed in the module doc, and we've
tested more than just 7.57 and 8.4.5 now. Removing a source of potential
inconsistency in the future.
2. No problem with ivars anymore. No idea what happened, but maybe I was
just too tired to code. Removing cleanup method.
2018-04-25 18:09:54 -05:00
Brent Cook
f52e6a18a2
Land #9876 , Drupalgeddon 2
2018-04-25 15:49:53 -05:00
William Vu
b8eb7f2a86
Set target type instead of regexing names
...
We're no longer matching multiple targets like /In-Memory/ or /Dropper/,
so it makes sense to match on a specific value now.
Old matching in this commit: 1900aa2708
.
2018-04-25 11:53:26 -05:00
Brent Cook
2cd0228db2
Land #9900 , add base64 encoder for ruby
2018-04-25 04:06:50 -05:00
Brent Cook
4cba6d1df4
suggest a reason if we get no server response
2018-04-25 03:57:12 -05:00
William Vu
910e9337fb
Use print_good for patch level check, oops
2018-04-24 23:21:22 -05:00
William Vu
b7ac16038b
Correct comment about PHP CLI (it's not our last!)
2018-04-24 23:18:51 -05:00
William Vu
ec43801564
Add check for patch level in CHANGELOG.txt
...
Looks like 8.x has core/CHANGELOG.txt instead.
2018-04-24 23:12:33 -05:00
William Vu
2ff0e597a0
Add SA-CORE-2018-002 as an AKA ref
...
Makes sense to me. Even though it's technically the advisory.
2018-04-24 22:51:33 -05:00
Auxilus
382a7f8aa3
Merge https://github.com/rapid7/metasploit-framework into psexec_cleanup
2018-04-25 09:09:48 +05:30
William Vu
8bc1417c8c
Use PHP_FUNC as a fallback in case assert() fails
...
Additionally drop a file in a writable directory in case CWD fails.
2018-04-24 22:29:27 -05:00
Auxilus
cbfdaf23a0
updated for requested changes
2018-04-25 08:56:54 +05:30
William Vu
8ff4407ca6
Clarify version detection error message
...
This was supposed to imply that we couldn't configure the exploit for a
targetable version. Instead, it just read weirdly. I think it was
missing "to target" at the end. "Determine" is a much better word,
though, since we may be doing detection instead of mere configuration.
2018-04-24 20:51:51 -05:00
Auxilus
e7ac2cd155
move report_auth to psexec module
2018-04-24 23:00:55 +05:30
Robin Stenvi
c81ad8fec0
Changes after review
2018-04-24 18:33:27 +02:00
William Vu
cfaca5baa3
Restore a return lost in the refactor :(
...
Also spiff up comments.
2018-04-24 11:25:55 -05:00
Auxilus
3353102dc1
fix opt dependencies
2018-04-24 21:55:09 +05:30
William Vu
a0f16b4a66
Prefer print_warning for consistency
2018-04-24 11:17:19 -05:00
William Vu
7ef8b99480
Improve printing in ETERNALBLUE's verify_arch
...
Now shows the invalid arch instead of showing nothing.
2018-04-24 11:09:54 -05:00
William Vu
b507391f1b
Change back to vprint_status for the nth time
...
I really couldn't decide, especially once I got rid of CmdStager.
Also fully document the module options.
2018-04-24 04:23:52 -05:00