570221379e
Land #6533 , move ie_unsafe_scripting to BES
2016-03-18 11:22:44 -05:00
d54bbdf9a3
Land #6566 , filezilla xml file locations
2016-03-17 16:27:24 -05:00
115a033036
Fix parsing the Last Server xml
2016-03-17 16:27:02 -05:00
31279291c2
Resolve merge conflict for ie_unsafe_scripting.rb
2016-03-17 14:42:36 -05:00
b1b68294bb
Update class name
2016-03-17 14:41:23 -05:00
7b2d717280
Change ranking to manual and restore BAP2 count to 21
...
Since the exploit requires the target to be configured manually,
it feel more appropriate to be ManualRanking.
2016-03-17 14:39:28 -05:00
1375600780
Land #6644 , datastore validation on assignment
2016-03-17 11:16:12 -05:00
e9f87d2883
Land #6685 , ensure platform variable is set for non-osx
2016-03-17 08:25:42 -05:00
9e7a330ac8
OptInt -> OptPort
2016-03-16 15:47:29 -05:00
af642379e6
Fix some OptInts
2016-03-16 14:13:18 -05:00
c21bad78e8
Fix some more String defaults
2016-03-16 14:13:18 -05:00
4e3a188f75
Land #6401 , EasyCafe server file retrieval module
2016-03-16 13:24:54 -04:00
9ac4ec4bfc
Update the class name to MetasploitModule
2016-03-16 13:22:06 -04:00
53f1338ad0
Update module to remove references to print peer
2016-03-16 13:10:39 -04:00
1769bad762
fix FORCE logic
2016-03-16 09:53:09 -05:00
d70308f76e
undo logic changes in adobe_flas_otf_font
2016-03-16 09:52:21 -05:00
f83cb4ee32
fix set_wallpaper
2016-03-16 13:07:41 +00:00
05f585157d
Land #6646 , add SSL SNI and unify SSLVersion opts
2016-03-15 16:35:22 -05:00
e29fc5987f
Add missing stream.raw for hp_sitescope_dns_tool
...
This adds the missing stream.raw.
2016-03-15 11:06:06 -05:00
38153d227c
Move apache_karaf_command_execution to the SSH directory
...
apache_karaf_command_execution does not gather data, therefore
it is not suitable to be in the gather directory.
2016-03-14 00:32:59 -05:00
6323f7f872
Fix a couple overlooked issues
2016-03-13 23:35:05 -05:00
df0ff30468
Land #6642 , make ipv6_neighbor_router_advertisement discovery smarter
2016-03-13 16:53:11 -05:00
635e31961a
generate valid prefixes
2016-03-13 16:44:57 -05:00
cd84ac37d6
Land #6569 , check if USERNAME env var exists before using in enum_chrome post module
2016-03-13 15:12:51 -05:00
a50b21238e
Land #6669 , remove debug code from apache_roller_ognl_injection that breaks Windows
2016-03-13 14:14:10 -05:00
23eeb76294
update php_utility_belt_rce to use MetasploitModule
2016-03-13 13:59:47 -05:00
a6316d326e
Land #6662 , update disclosure date for php_utility_belt_rce
2016-03-13 13:58:04 -05:00
c89e53d0a3
Land #6666 , fix filezilla_server display bug showing the session ID
2016-03-13 13:56:44 -05:00
dabe5c8465
Land #6655 , use MetasploitModule as module class name
2016-03-13 13:48:31 -05:00
b22a057165
Fix #6554 , hardcoded File.open path in apache_roller_ognl_injection
...
The hardcoded File.open path was meant for debugging purposes during
development, but apparently we forgot to remove it. This line causes
the exploit to be unusable on Windows platform.
Fix #6554
2016-03-11 18:48:17 -06:00
51cdb57d42
Fix #6569 , Add a check for USERNAME env var in enum_chrome post mod
...
Fix #6569
Depending on the context, the USERNAME environment variable might
not always be there.
2016-03-11 15:36:44 -06:00
8217d55e25
Fix display issue when SESSION is -1
2016-03-11 11:37:22 -06:00
8953952a8f
correction for the DisclosureDate based on Exploit-DB
2016-03-11 14:05:26 +08:00
7009682100
Landing #6659 , Fix bug in MS08-067 related to incorrect service pack identification when fingerprinting
2016-03-10 14:29:29 -06:00
8d22358892
Land #6624 , PHP Utility Belt exploit
2016-03-09 14:12:45 -06:00
52d12b68ae
Clean up module
2016-03-09 14:08:26 -06:00
179d38b914
Fix #6658 , MS08-067 unable to find the right target for W2k3SP0
...
Fix #6658 .
When there is no service pack, the
Msf::Exploit::Remote::SMB#smb_fingerprint_windows_sp method returns
an empty string. But in the MS08-067 exploit, instead of check an
empty string, it checks for "No Service Pack", which causes it to
never detect the right target for Windows Server 2003 SP0.
2016-03-09 11:05:34 -06:00
45c7e4b6ae
Update ipv6_neighbor_router_advertisement.rb
2016-03-09 11:21:24 +08:00
e417909111
Update ipv6_neighbor_router_advertisement.rb
2016-03-09 11:21:07 +08:00
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
2016-03-07 13:19:55 -06:00
44990e9721
Revert "change Metasploit4 class names"
...
This reverts commit 3da9535e22
2016-03-07 13:19:48 -06:00
0e46cc0259
Revert "change remaining class names"
...
This reverts commit 62217fff2b
2016-03-07 13:19:42 -06:00
aa5b201427
Revert "revert ssl_login_pubkey for now"
...
This reverts commit 7d773b65b6
2016-03-07 13:19:33 -06:00
7d773b65b6
revert ssl_login_pubkey for now
2016-03-07 14:44:23 +01:00
62217fff2b
change remaining class names
2016-03-07 09:58:21 +01:00
3da9535e22
change Metasploit4 class names
2016-03-07 09:57:22 +01:00
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
bb36cd016e
Fix #6643 , Pcap.lookupaddrs does not exist
2016-03-06 22:15:39 -06:00
eea8fa86dc
unify the SSLVersion fields between modules and mixins
...
Also actually handle the 'Auto' option that we had in the crawler and remove
hardcoded defaults in modules that do not need them.
2016-03-06 22:06:27 -06:00
Adam Cammack
James Lee
wchen-r7
Brent Cook
Spencer McIntyre
Tim
l0gan
William Vu
Jay Turla
James Barnett
Fakhri Zulkifli
Christian Mehlmauer