Commit Graph

20761 Commits (6ca01adf1ddfb491d834feed37514337ad868907)

Author SHA1 Message Date
Meatballs 6ca01adf1d
Merge branch 'master' into msi_payload
Conflicts:
	lib/msf/util/exe.rb
2013-09-27 20:37:40 +01:00
Meatballs 34c443f346
Forgot msi-nouac 2013-09-27 20:36:00 +01:00
Meatballs c366726d2d
Land #2432, Fix bad tabs
Episode II: Tabassassin strikes again

[Closes #2432]
2013-09-27 20:27:43 +01:00
Meatballs e806047411
Add MSI bins 2013-09-27 20:03:19 +01:00
Meatballs 8a9843cca6
Merge upstream/master 2013-09-27 20:02:23 +01:00
Tab Assassin c94e8a616f Retabbed to catch new bad tabs 2013-09-27 13:34:13 -05:00
Meatballs 9fde8bee2b Merge branch 'master' of github.com:rapid7/metasploit-framework into upstream-master 2013-09-27 18:12:17 +01:00
Tod Beardsley 7d9d98c9eb
Land #2421, update to cookie parsing specs 2013-09-27 11:45:33 -05:00
Tod Beardsley 869c10af04
Land #2396, aspx-exe shellcode generator
Looks good to me, specs are all happy (also added a #to_h spec)
2013-09-27 11:42:16 -05:00
Meatballs d66269a559
Land #2428, Updated Meterpreter Bins
Fix crashes for kitrap0d and XPSP0

[Closes #2428]
2013-09-27 17:38:08 +01:00
Tod Beardsley 8f957a5394 Add spec for new #to_h method 2013-09-27 11:27:31 -05:00
Christian Mehlmauer 45f52b580d Merge pull request #3 from todb-r7/pr-2421-more-descriptive-rspec
PR #2421 More descriptive rspec
2013-09-27 08:28:20 -07:00
Tod Beardsley 103a64a32a Indent like a sane person. 2013-09-27 10:22:46 -05:00
Tod Beardsley 623aeb367f Set a context for #get_cookies 2013-09-27 10:12:11 -05:00
Tod Beardsley 467c503fb9 DRY with a cookie_sanity_check method 2013-09-27 10:07:28 -05:00
Tod Beardsley 5e95df1370 Convert local variables to HEREDOC methods 2013-09-27 10:02:22 -05:00
Tod Beardsley 57862125b9 Use shuffle and *splat operator to test arrays
Also, move the local variables to inside the describe block to avoid any
future scope issues.
2013-09-27 09:53:04 -05:00
jvazquez-r7 58600b6475
Land #2423, @TecR0c's exploit for OSVDB 96517 2013-09-27 09:48:52 -05:00
jvazquez-r7 6381bbfd39 Clean up freeftpd_pass 2013-09-27 09:47:39 -05:00
Tod Beardsley 0aa2556dfc Use described_class, not a new constant 2013-09-27 09:32:15 -05:00
TecR0c b02a2b9ce0 Added crash info and basic tidy up 2013-09-27 17:05:42 +10:00
William Vu 324c6cefcf Land #2429, @jduck's ancient comment fix 2013-09-26 22:39:26 -05:00
TecR0c 7dbc3f4f87 changed seh address to work on freeFTPd 1.0.10 and below 2013-09-27 12:37:52 +10:00
TecR0c 5fc98481a7 changed seh address to work on freeFTPd 1.0.10 and below 2013-09-27 12:35:03 +10:00
TecR0c a6e1bc61ec updated version in exploit freeFTPd 1.0.10 2013-09-27 11:27:51 +10:00
TecR0c 3a3f1c0d05 updated requested comments for freeFTPd 1.0.10 2013-09-27 11:13:28 +10:00
Joshua J. Drake d04c47d2b7 Remove comment since it was addressed in 4500d09c2f 2013-09-26 19:47:54 -05:00
OJ c38f3b4a56 New meterpreter binaries
New binaries contain fixes for:

* kitrap0d crashing during `getsystem` calls.
    * https://github.com/rapid7/meterpreter/pull/23
* Meterpreter crashing on XP SP0 in certain scenarios.
    * https://github.com/rapid7/meterpreter/pull/21
2013-09-27 09:31:53 +10:00
jvazquez-r7 813bd2c9a5
Land #2379, @xistence's exploit for OSVDB 88860 2013-09-26 13:52:15 -05:00
William Vu acb2a3490c Land #2419, nodejs_js_yaml_load_code_exec info 2013-09-26 12:55:48 -05:00
William Vu e61d390837 Land #2424, sunrpc{_portmapper,} fix and cleanup 2013-09-26 12:40:50 -05:00
Tod Beardsley 8696b5d2dc
Fix bug on missing hosts for SunRPC Portmap
Also cleans up and normalizes the print messages to follow the
conventions of "host:port - proto - message"

[FixRM #8409], reported by Chris F.
2013-09-26 09:42:38 -05:00
jvazquez-r7 b618c40ceb Fix English 2013-09-26 09:00:41 -05:00
TecR0c 0339c3ef48 added freeFTPd 1.0.10 (PASS Command) 2013-09-26 20:37:23 +10:00
xistence c2ff5accee stability fixes to astium_sqli_upload 2013-09-26 10:23:33 +07:00
Tod Beardsley 701410f608
Land #2414, portfwd teardown and recreate
[FixRM #8240]
2013-09-25 17:40:47 -05:00
OJ 3cb7a0ed28
Merge remote-tracking branch 'todb/land-2414' into migrate_close_channels 2013-09-26 08:39:20 +10:00
Tod Beardsley 1a515093cb Idiomatic Ruby
Assuming this gets accepted, this should [FixRM #8240]. Take a look, and
if you're good with it, I'll land on master. Everything seems to work
out on this end.
2013-09-25 17:26:00 -05:00
FireFart 3d28003285 updated get_cookies rspecs 2013-09-25 22:56:13 +02:00
OJ Reeves 4b3857418f Merge pull request #1 from todb-r7/land-2414
Disambiguate tape_engine_8A as tape_engine_0x8a
2013-09-25 13:54:46 -07:00
Tod Beardsley e8fd6f4ca6 Disambiguate tape_engine_8A as tape_engine_0x8a
This will reopen #2358 to avoid filename collisions on Windows, Rubymine
environments, etc.
2013-09-25 15:29:08 -05:00
Tod Beardsley 437bc821c0
Land #2420, fix the empty cookie case 2013-09-25 14:53:26 -05:00
jvazquez-r7 9cc446ae2a Get cookies with empty values 2013-09-25 14:31:34 -05:00
jvazquez-r7 3cc09bc3ab
Land #2267, @Firefart's wordpress mixin 2013-09-25 13:08:24 -05:00
jvazquez-r7 58d4096e0f Resolv conflicts on #2267 2013-09-25 13:06:14 -05:00
jvazquez-r7 ff610dc752 Add vulnerability discoverer as author 2013-09-25 12:45:54 -05:00
jvazquez-r7 5c88ad41a8 Beautify nodejs_js_yaml_load_code_exec metadata 2013-09-25 12:44:34 -05:00
jvazquez-r7 848130c5a1
Land #2377, @jvennix-r7's exploit for CVE-2013-4660 and nodejs payloads 2013-09-25 12:34:05 -05:00
FireFart 34b829abef bugfix 2013-09-25 09:15:07 +02:00
joev 99e46d2cdb Merge branch 'master' into cve-2013-4660_js_yaml_code_exec
Conflicts:
	modules/exploits/multi/handler.rb
2013-09-25 00:32:56 -05:00