jvazquez-r7
1727b7fb37
Allow the Msf::Payload::Linux's generate to make its work
2014-01-08 12:41:10 -06:00
jvazquez-r7
83e5169734
Don't use temporal register between syscals and save some bytes on the execve
2014-01-08 11:45:27 -06:00
James Lee
cc51c2033e
Fix unreliable spec
...
Sometimes "localhost" resolves to more than one address
2014-01-08 10:16:32 -06:00
sinn3r
b7ce3c5812
Add rspec
2014-01-08 02:34:43 -06:00
sinn3r
60138aba67
Use $stdout
2014-01-08 02:34:27 -06:00
sinn3r
44f89f839d
Update documentation
2014-01-07 19:11:08 -06:00
sinn3r
4f7cf0994a
Adds a timeout to wait_report method
...
In case it takes too long to get a report, the method will give up
checking after one hour. The user can still manually check the report
from the analysis link given earlier.
2014-01-07 19:03:42 -06:00
sinn3r
481ec7b9ec
Add VirusTotal Scanner Utility
...
[SeeRM #8733 ] This a tool that uses VirusTotal's public API to submit
a malware sample for analysis. As an offensive tool developer, this
would provide a convenient way to check and see how AVs react to
something we write.
2014-01-07 18:29:26 -06:00
jvazquez-r7
5f7582b72d
Don't use a temporary registerfor the dup2 loop counter
2014-01-07 18:02:55 -06:00
jvazquez-r7
c2dce19768
Don't use a temporary registerfor the dup2 loop counter
2014-01-07 17:39:27 -06:00
James Lee
22bdca92f4
Remove the ipv6 attr on Range
...
Makes more sense in the option hash.
2014-01-07 16:52:34 -06:00
James Lee
9c23910b69
Refactor Socket::Range
...
There was really no reason for it to inherit from Array. Also adds a few
more specs and gets coverage up to a more respectable percentage.
2014-01-07 16:31:55 -06:00
jvazquez-r7
a85492a2d7
Fix my own busted dup2 sequence
2014-01-07 16:27:01 -06:00
Joe Vennix
7af8fe9cd1
Catch exceptions in an XSS script and return the error.
2014-01-07 16:23:24 -06:00
Joe Vennix
fb1a038024
Update async API to actually be async in all cases.
...
This avoids zalgo. Also optionally checks the return value
of the compiled Function in XSS to allow you to use send()
or an explicit return, which is maybe more natural for
synchronous xss payloads.
2014-01-07 16:17:34 -06:00
jvazquez-r7
3230b193e1
Make better comment
2014-01-07 15:32:46 -06:00
jvazquez-r7
80dcda6f76
Fix bind call
2014-01-07 15:31:42 -06:00
Niel Nielsen
266b040457
Update cachedump.rb
...
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:14:10 +01:00
Niel Nielsen
d567737657
Update reverse_tcp_rc4_dns.rb
...
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:12:38 +01:00
Niel Nielsen
385ae7ec38
Update reverse_tcp_rc4.rb
...
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:11:16 +01:00
Niel Nielsen
693d95526b
Update bind_tcp_rc4.rb
...
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:09:53 +01:00
Niel Nielsen
1479ef3903
Update typo3_winstaller_default_enc_keys.rb
...
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:08:10 +01:00
Niel Nielsen
73e359ede1
Update reverse_tcp.rb
...
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:06:11 +01:00
Niel Nielsen
e3a3b560e2
Update bind_tcp.rb
...
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:02:52 +01:00
jvazquez-r7
b5524654d5
Delete comment
2014-01-07 14:50:26 -06:00
jvazquez-r7
45c86d149f
Modify authors field
2014-01-07 14:50:12 -06:00
jvazquez-r7
d6639294aa
Save some instructions with dup2
2014-01-07 14:41:33 -06:00
Niel Nielsen
e79ccb08cb
Update rails_secret_deserialization.rb
...
When using aws-sdk with Ruby 2.1.0-rc1, many "Digest::Digest is deprecated; use Digest" warnings are printed.
Even in Ruby 1.8.7-p374, OpenSSL::Digest::Digest is only provided for backward compatibility.
2014-01-07 21:41:15 +01:00
jvazquez-r7
9cf221cdd6
Delete delay slots after syscall
2014-01-07 13:18:20 -06:00
jvazquez-r7
21b146fab3
Land #2834 , @joev-r7's linksys_wrt110_cmd_exec update
2014-01-07 13:01:35 -06:00
jvazquez-r7
590547ebc7
Modify title to avoid versions
2014-01-07 13:01:10 -06:00
James Lee
2ed9772080
Fix unhandled exceptions when resolution fails
2014-01-07 12:00:04 -06:00
Joe Vennix
c34af35230
Add wrt100 to the description and title.
...
* The wrt110 and wrt100 share the same firmware, and are both vulnerable to this
bug.
2014-01-07 10:26:15 -06:00
Joe Vennix
1057cbafee
Remove deprecated linksys module.
2014-01-07 10:22:35 -06:00
jvazquez-r7
70d4082c0c
Add formatting blank lines and delete comment
2014-01-07 09:55:36 -06:00
jvazquez-r7
3edd2a50e2
Shorter mipsle shell_reverse_tcp
2014-01-07 09:45:28 -06:00
Meatballs
3bf728da61
Dont store in DB by default
2014-01-07 12:20:44 +00:00
James Lee
a6b25d3323
Add failing spec for invalid hostname bug
2014-01-06 17:49:27 -06:00
William Vu
db8eeac82c
Land #2830 , vtiger_soap_upload title fix
2014-01-06 14:03:21 -06:00
Tod Beardsley
c0a82ec091
Avoid specific versions in module names
...
They tend to be a lie and give people the idea that only that version is
vulnerable.
2014-01-06 13:47:24 -06:00
sinn3r
185e15c50c
Land #2829 - Fix Travis's build failure
2014-01-06 13:21:19 -06:00
Tod Beardsley
5c77f4dc0f
Don't try to bundle exec before bundle install
2014-01-06 12:47:36 -06:00
Tod Beardsley
e168b92b0c
Add bundle exec rake to avoid system rake
2014-01-06 12:29:50 -06:00
Tod Beardsley
5ae4215229
Hey Travis what's up with your rake version?
2014-01-06 12:11:07 -06:00
William Vu
0a60e77265
Land #2826 , reverse_http{,s} address:port fix
2014-01-06 11:52:51 -06:00
Joe Vennix
49d1285d1b
Add explicit json require.
2014-01-06 11:15:10 -06:00
sinn3r
1cdfbfeed5
Land #2820 - vTigerCRM SOAP AddEmailAttachment Arbitrary File Upload
2014-01-06 10:36:02 -06:00
Joe Vennix
96e97d4768
Oops, the default bufsize is 0 anyways.
2014-01-05 18:57:56 -06:00
Joe Vennix
b64df51fa0
Fixes #8732 by reading until EOF reached.
...
* use a lambda for cleaner iterator.
* also disables buffering, since we are reading byte-by-byte in the first place
and maintaining our own buffer (#data).
2014-01-05 18:36:22 -06:00
Joe Vennix
9d3b86ecf4
Add explicit require for JSON, so msfpayload runs.
2014-01-05 14:58:18 -06:00