Commit Graph

22758 Commits (60f1688bb8b8a12e5d7730b23e9853f5e76e3f32)

Author SHA1 Message Date
jvazquez-r7 1727b7fb37 Allow the Msf::Payload::Linux's generate to make its work 2014-01-08 12:41:10 -06:00
jvazquez-r7 83e5169734 Don't use temporal register between syscals and save some bytes on the execve 2014-01-08 11:45:27 -06:00
James Lee cc51c2033e
Fix unreliable spec
Sometimes "localhost" resolves to more than one address
2014-01-08 10:16:32 -06:00
sinn3r b7ce3c5812 Add rspec 2014-01-08 02:34:43 -06:00
sinn3r 60138aba67 Use $stdout 2014-01-08 02:34:27 -06:00
sinn3r 44f89f839d Update documentation 2014-01-07 19:11:08 -06:00
sinn3r 4f7cf0994a Adds a timeout to wait_report method
In case it takes too long to get a report, the method will give up
checking after one hour. The user can still manually check the report
from the analysis link given earlier.
2014-01-07 19:03:42 -06:00
sinn3r 481ec7b9ec Add VirusTotal Scanner Utility
[SeeRM #8733] This a tool that uses VirusTotal's public API to submit
a malware sample for analysis. As an offensive tool developer, this
would provide a convenient way to check and see how AVs react to
something we write.
2014-01-07 18:29:26 -06:00
jvazquez-r7 5f7582b72d Don't use a temporary registerfor the dup2 loop counter 2014-01-07 18:02:55 -06:00
jvazquez-r7 c2dce19768 Don't use a temporary registerfor the dup2 loop counter 2014-01-07 17:39:27 -06:00
James Lee 22bdca92f4
Remove the ipv6 attr on Range
Makes more sense in the option hash.
2014-01-07 16:52:34 -06:00
James Lee 9c23910b69
Refactor Socket::Range
There was really no reason for it to inherit from Array. Also adds a few
more specs and gets coverage up to a more respectable percentage.
2014-01-07 16:31:55 -06:00
jvazquez-r7 a85492a2d7 Fix my own busted dup2 sequence 2014-01-07 16:27:01 -06:00
Joe Vennix 7af8fe9cd1 Catch exceptions in an XSS script and return the error. 2014-01-07 16:23:24 -06:00
Joe Vennix fb1a038024 Update async API to actually be async in all cases.
This avoids zalgo. Also optionally checks the return value
of the compiled Function in XSS to allow you to use send()
or an explicit return, which is maybe more natural for
synchronous xss payloads.
2014-01-07 16:17:34 -06:00
jvazquez-r7 3230b193e1 Make better comment 2014-01-07 15:32:46 -06:00
jvazquez-r7 80dcda6f76 Fix bind call 2014-01-07 15:31:42 -06:00
Niel Nielsen 266b040457 Update cachedump.rb
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:14:10 +01:00
Niel Nielsen d567737657 Update reverse_tcp_rc4_dns.rb
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:12:38 +01:00
Niel Nielsen 385ae7ec38 Update reverse_tcp_rc4.rb
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:11:16 +01:00
Niel Nielsen 693d95526b Update bind_tcp_rc4.rb
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:09:53 +01:00
Niel Nielsen 1479ef3903 Update typo3_winstaller_default_enc_keys.rb
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:08:10 +01:00
Niel Nielsen 73e359ede1 Update reverse_tcp.rb
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:06:11 +01:00
Niel Nielsen e3a3b560e2 Update bind_tcp.rb
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:02:52 +01:00
jvazquez-r7 b5524654d5 Delete comment 2014-01-07 14:50:26 -06:00
jvazquez-r7 45c86d149f Modify authors field 2014-01-07 14:50:12 -06:00
jvazquez-r7 d6639294aa Save some instructions with dup2 2014-01-07 14:41:33 -06:00
Niel Nielsen e79ccb08cb Update rails_secret_deserialization.rb
When using aws-sdk with Ruby 2.1.0-rc1, many "Digest::Digest is deprecated; use Digest" warnings are printed.
Even in Ruby 1.8.7-p374, OpenSSL::Digest::Digest is only provided for backward compatibility.
2014-01-07 21:41:15 +01:00
jvazquez-r7 9cf221cdd6 Delete delay slots after syscall 2014-01-07 13:18:20 -06:00
jvazquez-r7 21b146fab3
Land #2834, @joev-r7's linksys_wrt110_cmd_exec update 2014-01-07 13:01:35 -06:00
jvazquez-r7 590547ebc7 Modify title to avoid versions 2014-01-07 13:01:10 -06:00
James Lee 2ed9772080
Fix unhandled exceptions when resolution fails 2014-01-07 12:00:04 -06:00
Joe Vennix c34af35230 Add wrt100 to the description and title.
* The wrt110 and wrt100 share the same firmware, and are both vulnerable to this
bug.
2014-01-07 10:26:15 -06:00
Joe Vennix 1057cbafee Remove deprecated linksys module. 2014-01-07 10:22:35 -06:00
jvazquez-r7 70d4082c0c Add formatting blank lines and delete comment 2014-01-07 09:55:36 -06:00
jvazquez-r7 3edd2a50e2 Shorter mipsle shell_reverse_tcp 2014-01-07 09:45:28 -06:00
Meatballs 3bf728da61
Dont store in DB by default 2014-01-07 12:20:44 +00:00
James Lee a6b25d3323
Add failing spec for invalid hostname bug 2014-01-06 17:49:27 -06:00
William Vu db8eeac82c
Land #2830, vtiger_soap_upload title fix 2014-01-06 14:03:21 -06:00
Tod Beardsley c0a82ec091
Avoid specific versions in module names
They tend to be a lie and give people the idea that only that version is
vulnerable.
2014-01-06 13:47:24 -06:00
sinn3r 185e15c50c
Land #2829 - Fix Travis's build failure 2014-01-06 13:21:19 -06:00
Tod Beardsley 5c77f4dc0f
Don't try to bundle exec before bundle install 2014-01-06 12:47:36 -06:00
Tod Beardsley e168b92b0c
Add bundle exec rake to avoid system rake 2014-01-06 12:29:50 -06:00
Tod Beardsley 5ae4215229
Hey Travis what's up with your rake version? 2014-01-06 12:11:07 -06:00
William Vu 0a60e77265
Land #2826, reverse_http{,s} address:port fix 2014-01-06 11:52:51 -06:00
Joe Vennix 49d1285d1b Add explicit json require. 2014-01-06 11:15:10 -06:00
sinn3r 1cdfbfeed5
Land #2820 - vTigerCRM SOAP AddEmailAttachment Arbitrary File Upload 2014-01-06 10:36:02 -06:00
Joe Vennix 96e97d4768 Oops, the default bufsize is 0 anyways. 2014-01-05 18:57:56 -06:00
Joe Vennix b64df51fa0 Fixes #8732 by reading until EOF reached.
* use a lambda for cleaner iterator.
* also disables buffering, since we are reading byte-by-byte in the first place
and maintaining our own buffer (#data).
2014-01-05 18:36:22 -06:00
Joe Vennix 9d3b86ecf4 Add explicit require for JSON, so msfpayload runs. 2014-01-05 14:58:18 -06:00