Commit Graph

32262 Commits (6d5bcb93a8629bc3d4fcdeada30e54d2c937ed20)

Author SHA1 Message Date
Tod Beardsley 6d5bcb93a8
Normalize the SecurityXploded Team credits
[See #5012]
2015-04-02 15:15:37 -05:00
Tod Beardsley 6532fad579
Remove credits to Alligator Security Team
All but one of these modules credits both a team name and individual
team members. We should just be crediting team members. The domain
persists in all the other credits.

The one that didn't was credited to dflah_ specifically, so merely
changed the author name.

Longer description, if needed, wrapped at 72 characters.

[See #5012]
2015-04-02 15:12:22 -05:00
Matt Buck cecc8aba2c
Land #5052, fix bug with session creation
Fix the bug that attempted to use a session before it was added to the
database.

MSP-12493 #land
2015-04-01 14:38:42 -05:00
HD Moore db5293eeee
Lands #5054, adds a module for the Ceragon mateidu SSH issue 2015-04-01 14:32:56 -05:00
Tod Beardsley b17727d244
Switching to privileged => false 2015-04-01 14:35:45 -05:00
sinn3r a592f645f0
Land #5039, Webdorado gallery wd 1.2.5 unauthenticated SQLi scanner 2015-04-01 14:34:58 -05:00
Tod Beardsley 0825534d2c
Fix reference 2015-04-01 14:16:45 -05:00
Tod Beardsley 8ec71e9daf
Add a module for R7-2015-05 2015-04-01 14:05:41 -05:00
James Lee 8c1a597a25
Make a Session record before using it
How about that.
2015-04-01 13:12:28 -05:00
Brent Cook f4977bf606
Land #5006 @jlee-r7 adds meterpreter specs 2015-04-01 11:05:47 -05:00
OJ 46dca23ffe
Land #5047: Metasploit is magic (Banner Adjustments) 2015-04-01 21:51:10 +10:00
Tod Beardsley 293cbfc8f3
Slightly wanged one of the text bubbles 2015-04-01 06:46:50 -05:00
OJ 24171a1a08
Land #5045 : Convert stageless proxy to new format 2015-04-01 12:06:57 +10:00
HD Moore be575bb108 Merge pull request #10 from OJ/hd-stageless-proxy
Fix up the proxy patching
2015-03-31 20:54:50 -05:00
OJ 1a313ad943 Fix up the proxy patching
Patching of the proxy details was failing, so this commit fixes that.
Also, added code that makes the proxy type check case-insensitive.
2015-04-01 11:48:22 +10:00
James Lee e5cd88a51e
Land #5044, missing HKLM in regkey 2015-03-31 17:50:03 -05:00
Samuel Huckins d5030f7e53
Land 5036, vuln push to NX updates into master 2015-03-31 17:32:02 -05:00
Samuel Huckins 835a66cc95
Land 5042, fix issues on reporting exploit success 2015-03-31 17:14:01 -05:00
James Lee 2fc22132e0
Link the new constant as default in documentation 2015-03-31 16:48:02 -05:00
James Lee 44dd45e48d
Use a const instead of hardcoding "tcp" everywhere 2015-03-31 16:15:04 -05:00
HD Moore df15892958 Convert stageless proxy settings to the new format 2015-03-31 15:46:15 -05:00
James Lee 76bfaa6ce9
Fix dumb inverted logic. Thanks, rspec! 2015-03-31 14:28:07 -05:00
David Maloney 63da27ece0
add missing HKLM root to regkey
the chevkm windows psot module had HKLM
missing from the front of one of it's reg key
paths. This was missed in Rails 3 due to the
error being swallowed unexpectedly. in rails 4
we actually see this cause a stack trace

MSP-12384
2015-03-31 14:17:18 -05:00
James Lee 8b8ec5990a
Ask the database how long the column should be
Instead of hardcoding a number
2015-03-31 14:12:22 -05:00
Tod Beardsley 34d637c7b8
Needs more ponies 2015-03-31 13:59:37 -05:00
Brent Cook c666d0494f
Land #5043 @todb-r7's release fixups 2015-03-31 13:41:24 -05:00
James Lee a8ef465b46
Use the variables we worked so hard to create 2015-03-31 13:34:27 -05:00
James Lee 3695d4b0c7
Don't modify argument in place 2015-03-31 13:32:28 -05:00
James Lee adcf88761d
Save ref names for easier debugging 2015-03-31 13:07:09 -05:00
James Lee 176cdcb836
Use sym-to-proc instead of reimplementing it 2015-03-31 11:21:53 -05:00
Tod Beardsley d1318d1b48
Fixups for release 2015-03-31 11:02:12 -05:00
James Lee a1a7faa77a
Don't modify argument in place 2015-03-31 10:41:24 -05:00
James Lee 7e559f7b13
Don't modify argument in place 2015-03-31 10:16:14 -05:00
James Lee 971120ce98
Use create! instead of new ... save! 2015-03-31 10:15:23 -05:00
OJ 86d8aab854
Land #5040: Remove wininet hack for http/s meterp 2015-03-31 14:50:13 +10:00
Brent Cook d89cd118e0 remove wininet workaround in meterpreter http/s
We had a workaround to close connections on very old wininet implementations
that would not do it themselves. With the new WinHttp API-using meterpreters
and stagers, we no longer should use this workaround. It can actually be
actively bad and prematurely close the connection.

This needs testing around different payloads, and they should be on real
networks, ideally where TCP really has to work to get data transfered.
2015-03-30 23:38:32 -05:00
James Lee dfaf1b3a8f
Stub monitor_sock so we don't leak threads 2015-03-30 22:03:39 -05:00
James Lee 47d85af811
Really truly update schema for reals
Srsly
2015-03-30 18:35:17 -05:00
Brandon Perry e73286cfa5 update stale references 2015-03-30 17:17:48 -05:00
James Lee 790a08a848
It's pronounced "exploit", not "assoc_exploit" 2015-03-30 16:21:17 -05:00
Tod Beardsley 3f0f659eaf
Land #5019, add rescues to some LoginScanners 2015-03-30 16:06:51 -05:00
James Lee bf2d37c511
Axe superfluous line in Gemfile
Covered by the gemspec
2015-03-30 14:57:12 -05:00
James Lee d3dd7ecfc5
Update to latest schema 2015-03-30 14:10:06 -05:00
James Lee 2394d4bae8
Merge branch 'staging/single-vuln-push' into feature/MSP-11934/refactor-report-exploit-success
Conflicts:
	Gemfile
	Gemfile.lock
	spec/support/shared/examples/msf/db_manager/exploit_attempt.rb
2015-03-30 14:08:54 -05:00
James Lee 2ab4584079
Merge remote-tracking branch 'upstream/master' into staging/single-vuln-push 2015-03-30 13:50:52 -05:00
James Lee 46d4d6b588
Update to latest Mdm 2015-03-30 13:48:21 -05:00
James Lee 1b0e3f13c6
Remove unnecessary extra assignment 2015-03-30 13:14:36 -05:00
James Lee 310779d7bf
Death to hashrockets 2015-03-30 13:13:58 -05:00
James Lee 6386289d80
Remove bogus spec
No longer necessary to check that we're instantiating an Msf::Module
because we get the same information by reusing an existing
Mdm::Module::Detail
2015-03-30 13:10:36 -05:00
James Lee e65f4e92ea
Separate the two ways to make `Mdm::Session`s
Failing spec due to reuse of Mdm::Module::Detail instead of also
instantiating an Msf::Module
2015-03-30 13:05:20 -05:00