70a79bb0e8
Land #7014 , Nagios remote root shell exploit
2016-07-01 08:17:38 -07:00
2e97a08954
Land #7046 , Pad host field in notes -d command
2016-07-01 10:14:45 -05:00
02d40eb576
Land #7044 , Pass exploit SRVPORT in BrowserAutopwn2
2016-07-01 09:49:05 -05:00
d42d9f8557
Add module docs to appease the Thao god
2016-07-01 01:17:27 -05:00
9663f88fdc
Download profile.zip instead of including it
...
profile.zip is GPL-licensed...
2016-07-01 01:17:23 -05:00
6e1b6e96a9
Land #7032 , rm -rf lib/rex/encoders
...
Dead code!
2016-06-30 16:32:14 -05:00
f0cd25dcee
Land #7035 , lib/sshkey* swap to gem
2016-06-30 16:25:27 -05:00
1401a61f59
Land #6998 , Fix #6984 Undefined method 'winver' in ms10_092_schelevator
2016-06-30 16:14:09 -05:00
fec2301fc8
Land #7037 , db_export -f xml stack trace fix
...
Missed during the Rails upgrade.
2016-06-30 15:58:38 -05:00
cdf3c63af9
Land #7045 , Fix interactive shell with Windows Meterpreter
2016-06-30 15:51:33 -05:00
343f4010bd
Prefer newer hash syntax
2016-06-30 15:43:06 -05:00
dbcdc300e5
Fix #7019 , Pad host field in notes -d command
...
The notes -d command is always expecting a host address, but
fileformat exploits don't have this type of information when the
exploit file is generated, therefore there isn't enough fields
provided for Rex table.
Fix #7019
2016-06-30 15:38:58 -05:00
d6c7ac51d6
Fix interactive shell with Windows Meterpreter
...
see https://github.com/rapid7/metasploit-payloads/pull/105
2016-06-30 15:34:40 -05:00
20c2a10e8a
Add note about issues to CONTRIBUTING.md
2016-06-30 15:14:59 -05:00
118caa13bf
Fix #7021 , Pass exploit SRVPORT in BrowserAutopwn2
...
In BrowserAutoPwn2, the mixin forgets to pass the SRVPORT datastore
option to the exploits, so they always use the default 8080. As a
result, if a different SRVPORT is set, BAP2 would be serving the
target machine with bad exploit links.
Fix #7021
2016-06-30 14:20:53 -05:00
afbeb2b668
Land #7023 , fixes for swagger exploit
...
Thanks @sdavis-r7!
See #7015 as well.
2016-06-30 10:54:34 -04:00
d1281b6594
Chmod to remove the exec bit.
2016-06-30 10:43:46 -04:00
5e39f895cf
Fix exception on msf 'db_export' cmd (see #7008 )
...
Users reported (in GitHub issue #7008 ) hitting an exception when attempting to export the contents of the msf database (i.e. workspaces, hosts, events, etc.) via the 'db_export' command. After some digging, it appears there were a few ActiveRecord changes with the new Rails upgrade that require a couple mods to the way we are querying.
2016-06-29 16:02:31 -05:00
68bd4e2375
Fire and forget the shell
...
Edge case where reverse_perl returns 302 when app is unconfigured.
2016-06-29 14:51:05 -05:00
80563b2c0f
Merge branch 'master' into feature/MS-1700/sshkey-gem
2016-06-29 09:44:57 -05:00
55457ef977
Land #7034 , use the bit-struct gem
2016-06-29 07:35:00 -07:00
80c65ec4fc
Land #7020 , Added documentation for Netbios Spoof module
2016-06-28 14:26:26 -07:00
d186844cde
Land #7033 , Use the proper Author key, not Authors
2016-06-28 16:20:43 -05:00
2dba09a9ce
unvendor sshkey gem
...
use the actual maintained gem rather than our vendored
copy
MS-1700
2016-06-28 16:10:48 -05:00
dcddd2d671
use the bit-struct gem
...
removed vendored copy of bit-struct and use the gem
instead
MS-1699
2016-06-28 15:58:47 -05:00
4e63591ce8
Use the proper Author key, not Authors
2016-06-28 15:21:19 -05:00
356f4fd54d
delete deprecated lib/rex/encoders
...
this directory is all dead code and has been replaced with
the lib/rex/encoder directory. these files should have been
purge a long time ago for cleanlieness
MS-1692
2016-06-28 14:43:39 -05:00
0a83b34a85
Land #7025 , dev's PR for rex-java
...
lands the pr for moving Rex::Java into it's own gem
2016-06-28 14:40:02 -05:00
d90f0779f8
Land #7009 , egypt's rubyntlm cleanup
...
Land egypt's PR to replace all of our NTLM code with
the rubyntlm gem
2016-06-28 14:15:34 -05:00
97f9ca4028
Merge branch 'master' into egypt/ruby-ntlm
2016-06-28 14:14:56 -05:00
e3e360cc83
Bump version of framework to 4.12.10
2016-06-28 12:13:26 -07:00
ac5d2709cf
Land #7031 , Revert #6729
2016-06-28 13:52:53 -05:00
d5d0b9e9b8
Revert "Land #6729 , Speed up the datastore"
...
This reverts commit c6b1955a5a4fb7472391
2016-06-28 13:39:52 -05:00
70a7415185
Change description
2016-06-28 11:24:38 -05:00
5f08591fef
Add Nagios XI exploit
2016-06-27 15:17:18 -05:00
c2f3d411c3
Replace rex/java with rex-java gem
2016-06-27 14:52:49 -05:00
fd07da3519
Bump version of framework to 4.12.9
2016-06-27 11:54:04 -07:00
2480781409
pesky pry.
2016-06-27 01:55:49 -04:00
c2b4e22b46
updated with discovered changes from k kali & documentation update changes requested.
2016-06-27 01:53:20 -04:00
1e7202cf9b
Add module documentation for auxiliary/admin/netbios/netbios_spoof
2016-06-25 12:20:08 -05:00
058115c21f
Land #7015 , sdavis' swagger exploit
2016-06-24 16:13:51 -05:00
15a1a9ed71
Raise if payload.arch doesn't match expected
...
This is necessary when payload is a generic/* since we can't actually
figure out what we need the prefix/suffix to be because the generics are
a pain to extract the arch/platform info out of.
Also remove some unnecessary options.
2016-06-24 16:08:47 -05:00
5d4cc7ab40
Add nodejs to list of defaults
2016-06-24 16:06:50 -05:00
4c5fd78937
Land #7005 , rm the crap out of lib/rex
...
And stuff the code into gems!
2016-06-24 13:38:30 -05:00
9f280d714e
Land #6994 , NetBIOS Name Brute Force Spoofing modules
2016-06-23 17:54:51 -05:00
3fb9eae687
EOL space if a ruby devil.
2016-06-23 15:40:16 -07:00
b38b116c9a
@ePaul comments added to description.
2016-06-23 15:33:11 -07:00
5e1b7d8c0f
even more clean up.
2016-06-23 14:59:11 -07:00
63d8787101
added back (new) usage examples for nodejs,java,ruby,php.
2016-06-23 14:56:46 -07:00
0fd83b50d1
Merge pull request #3 from todb-r7/return-of-multiarch
...
Return of multiarch: LGTM. thank you! @wchen-r7 @egypt @todb-r7 !
2016-06-23 16:00:33 -04:00
Brendan
William Webb
William Vu
Brent Cook
wchen-r7
Tod Beardsley
Pearce Barry
David Maloney
thao doan
James Lee
Metasploit
Adam Cammack
Louis Sato
dmohanty-r7
Scott Lee Davis
Scott Lee Davis