Commit Graph

18325 Commits (612eabd21a249672397da51952e3031c349b2713)

Author SHA1 Message Date
Bruno Morisson 612eabd21a added sap_router_portscanner module 2013-05-29 23:36:53 +01:00
jvazquez-r7 f76a50ae38 Land #1881, @todb's fix for Redmine Bug 7991 2013-05-29 16:17:18 -05:00
Tod Beardsley e7a1f06fbc Modules shouldn't be +x 2013-05-29 15:11:35 -05:00
Tod Beardsley 10d8bebe73 Start with a random username to test 401 codes
SeeRM #7991

While this fixes the specific case of tomcat_mgr_login, it doesn't
address the general case where modules are attempting to test code 401
responses in order to determine if bruteforcing should continue.
2013-05-29 12:36:28 -05:00
Samuel Huckins f0e3b0c124 Merge pull request #1836 from dmaloney-r7/bug/anyuser_anypass_http
Verified MSF specs passing, Pro on develop functional tests working (ran Bruteforce, saw normal and verbose output concerning that bruteforce was skipped for such a case and why, verified no cred saved with 'anyuser' user).
2013-05-29 07:44:18 -07:00
jvazquez-r7 146284cdd5 Land #1876, @wchen-r7's fix for Redmine 7984 2013-05-28 20:05:50 -05:00
sinn3r ed5b8895bb Fixes smart_migrate for a TypeError bug
Bug is: TypeError can't convert Rex::RuntimeError into String

[SeeRM: #7984]
2013-05-28 18:45:49 -05:00
sinn3r 63694a6c87 Landing #1875 - Also remove *.ts.rb files 2013-05-28 17:29:02 -05:00
Tod Beardsley 14c4dbcf8c Also remove *.ts.rb files
On the heels of #1862, this gets rid of the "test suites" that bound
together all the old unit tests.
2013-05-28 17:05:44 -05:00
jvazquez-r7 a486fff9a4 Land #1872, @wchen-r7's improvement of cold_fusion_version 2013-05-28 16:35:45 -05:00
jvazquez-r7 96888455a7 Add new signature for CF9 2013-05-28 16:04:08 -05:00
sinn3r 8cb1bdefb7 Landing #1849 - 32 and 64bit compatible to_winpe_only() function 2013-05-28 15:24:43 -05:00
sinn3r deea66b76f Landing #1871 - fix an undefined variable bug in the DTP module 2013-05-28 15:13:20 -05:00
sinn3r 085b943107 Landing #1873 - mdm version bump 2013-05-28 15:03:39 -05:00
David Maloney 5b4c26146c mdm version bump 2013-05-28 14:59:38 -05:00
sinn3r b9969a8b2b Landing #1855 - Updates for coldfusion_pwd_props for CF9 by ringt 2013-05-28 14:43:09 -05:00
sinn3r 0ecffea66f Updates fingerprint() for CF10 2013-05-28 14:42:11 -05:00
sinn3r a6a46f82bb Updates the description a little bit 2013-05-28 14:31:56 -05:00
sinn3r e4e5edc619 Looks like we don't need to check MD5, let's keep it that way then. 2013-05-28 14:31:15 -05:00
sinn3r 8ab90e657c Adds a check for Cold Fusion 10 2013-05-28 14:21:29 -05:00
Samuel Huckins e20385dd9e Merge pull request #1864 from dmaloney-r7/feature/task_associations/cred_service_host
Passes specs and functional tests
2013-05-28 12:11:57 -07:00
Spencer McIntyre 3857507d73 fix an undefined variable bug in the DTP module 2013-05-28 14:52:58 -04:00
James Lee 9843dc4cb4 Land #1708, android meterpreter
Conflicts:
	data/meterpreter/ext_server_stdapi.jar
2013-05-28 12:19:45 -05:00
sinn3r d16d316658 Fixes mssql_findandsampledata & ms11_006_creat esizeddibsection
[FixRM:7987]
[FixRM:7986]
2013-05-28 11:15:17 -05:00
sinn3r 73aa14cb91 Landing #1868 - IBM SPSS SamplePower 3.0 module (CVE-2012-5946) 2013-05-28 11:02:21 -05:00
Tod Beardsley 2861b70a34 Add a note about hooking msftidy 2013-05-28 10:44:23 -05:00
Tod Beardsley 75d6c8079a Spelling, whitespace
Please be sure to run msftidy.rb on new modules. Thanks!
2013-05-28 10:03:37 -05:00
jvazquez-r7 e678b2c5d8 Add module for CVE-2012-5946 2013-05-26 00:21:20 -05:00
darknight007 57b7e4ec44 Update ms11_006_createsizeddibsection.rb 2013-05-25 13:14:41 +06:00
darknight007 6f2ddb3704 Update mssql_findandsampledata.rb 2013-05-25 11:33:57 +05:00
David Maloney c8ff4552d1 schema changes 2013-05-24 09:05:54 -05:00
sinn3r e169ccab4f Landing #1862 - Remove inline unit tests 2013-05-23 22:19:29 -05:00
sinn3r cd947e2075 Landing #1861 - Implement check for auxiliary modules
[FixRM:#7975]
2013-05-23 22:10:54 -05:00
sinn3r 3a550ae093 Landing #1863 - Fixed a bug in the HSTS module around null headers 2013-05-23 14:58:32 -05:00
Matt Andreko ea7805d3c8 Fixed a bug in the HSTS module around null headers 2013-05-23 15:02:39 -04:00
David Maloney 0f21861921 Add task handling to imports
allow imports to carry along task info

[Story #49167601]
2013-05-23 13:33:19 -05:00
Tod Beardsley 05916c079e Inline unit tests are so last decade
Aside from codebase-wide changes, nearly all of these tests haven't been
touched since before 2010, and there is no effort to maintain this style
of testing. We've moved on to (correctly) seperating out our tests from
our codebase.
2013-05-23 12:41:14 -05:00
sinn3r ff08fed987 Revert master misfire, back to the firefox module 2013-05-23 12:39:45 -05:00
sinn3r 61a024e416 Merge branch 'master' of github.com:rapid7/metasploit-framework into upstream-master 2013-05-23 12:22:20 -05:00
sinn3r 81ad280107 Landing #1856 - CVE-2013-0758 Firefox <= 17.0.1 + Flash RCE
Chained exploit using CVE-2013-0758 and CVE-2013-0757
2013-05-23 12:21:10 -05:00
Tod Beardsley ae848cf2fe Fix unix test post module load path
Works now:

````
msf post(unix) > run

[*] Running against session 1
[*] Session type is shell and platform is linux
[+] should list users
[*] Passed: 1; Failed: 0
[*] Post module execution completed
````
2013-05-23 12:16:57 -05:00
Tod Beardsley d44a158238 Land #1859, fix trailing newlines in zip.
This incidentally fixes #1755 for real, where most of the discussion
of this bug took place.
2013-05-23 12:00:48 -05:00
jvennix-r7 db90423faf Merge pull request #1 from wchen-r7/pr1856_target_fix
Fix #1856 - Target selection and swf path
2013-05-23 09:59:26 -07:00
Tod Beardsley eeea1d9109 Regression test for check in exploits 2013-05-23 11:46:16 -05:00
Tod Beardsley a852304ba3 DRY: Move check things to the common module level
While it makes lots of sense to bring check to all modules, of course
some modules will not be able to actually use it. Namely modules like
nop and payload modules. If you're feeling creative, you could probably
come up with semantically similar checks for those, too.
2013-05-23 11:42:41 -05:00
Tod Beardsley 7436fdad72 First, copy-pasta and add a test 2013-05-23 11:26:53 -05:00
sinn3r 8680aa8952 Landing #1857 - MS12-020 off-by-one fix 2013-05-22 22:57:08 -05:00
sinn3r 67861794f6 Fix automatic payload selection 2013-05-22 22:37:18 -05:00
David Maloney d8074c0bf4 Use create not new
Was calling .new instead of .create
[Story #49167601]
2013-05-22 18:29:22 -05:00
xard4s 527f969d8d fix range 2013-05-22 18:28:14 -04:00