74ad81c90c
Consolidate tunnel check into name check
2015-04-20 21:18:12 -05:00
741149058c
Report unknown service names for consistency
2015-04-20 17:22:19 -05:00
d894502148
Update legacy Nmap XML parser
2015-04-20 17:15:35 -05:00
1a66786d1b
Fix Nmap XML parser for tunnel attribute
2015-04-20 17:04:19 -05:00
c7129e063c
Land #5069 , breaking up with old options
2015-04-20 16:23:44 -05:00
d67f7a21d9
Move autoloads into OptionContainer
...
This seems like a better place for them to live
2015-04-20 15:54:42 -05:00
d7fc9294f0
Add require
2015-04-20 15:54:41 -05:00
da0e7282d5
Replace some unnecessary eval action.
...
Metaprogramming should be reserved for when you don't know things. Here
we're making methods from literal strings, so replace the
metaprogramming with much easier to understand regular programming. Also
has the benefit that yard can parse it.
2015-04-20 15:54:41 -05:00
2a3ed890d2
Add specs for Msf::Opt
2015-04-20 15:54:40 -05:00
b64d881914
Make OptionContainer docs a little more useful
2015-04-20 15:54:40 -05:00
3a5af3939d
Split all the option classes into their own files
2015-04-20 15:54:40 -05:00
3fbd4e2fe6
Land #5172 , x64 BSD shell_{bind,reverse}_tcp
2015-04-20 15:37:29 -05:00
79ca0a56f9
Land #4171 , Steam protocol support
2015-04-20 15:35:06 -05:00
f762873a31
Land #5192 , @joevennix's module for Safari CVE-2015-1126
...
* Module to profit cross domain vulnerability on safari
2015-04-20 15:19:54 -05:00
e2eaff6b3a
Don't modify datastore options
2015-04-20 15:16:21 -05:00
88c52ae7ae
Delete second stop_service, the mixin should had done the job
2015-04-20 15:13:11 -05:00
dc0549d2dd
Use #wait
2015-04-20 15:06:01 -05:00
c1234e05e2
Delete parenthesis from condition
2015-04-20 14:56:37 -05:00
0283ac05e5
Do minor style fixes
2015-04-20 14:54:39 -05:00
69b8edda4a
Use single quotes
2015-04-20 14:53:38 -05:00
16daa935dd
Do minor code cleanup
2015-04-20 13:08:51 -05:00
aa4489dd21
Land #5196 , fix incorrect yardoc annotations
2015-04-20 11:50:43 -05:00
4f59abe842
Land #5203 , @Meatballs1 fixes #5199 by using the correct namespace
...
* Fixes web_delivery
2015-04-20 11:20:48 -05:00
eb1c01417a
Bogus :
2015-04-20 11:00:26 +01:00
aa4f913800
Resolves #5199
...
Fix Powershell namespace in web_delivery module
2015-04-20 09:37:42 +01:00
a60fe4af8e
Land #5201 , Change module wording to conform with other WP modules
2015-04-20 10:07:05 +02:00
1a32cf7fc0
Change module wording to conform with other WP modules.
2015-04-20 16:48:35 +10:00
668961b69d
fix some yarddoc issues
2015-04-20 00:06:59 +02:00
103b8297ba
Land #5183 , Improve developer experience for fail_with
2015-04-19 23:57:36 +02:00
ed9175d73f
Land #5167 , WordPress CP Multi-View Calendar SQLI Scanner
2015-04-19 23:36:23 +02:00
8c0bcd2e03
Update wordpress_cp_calendar_sqli.rb
...
Use the new WPVDB
2015-04-19 16:32:57 -05:00
a5583debdc
Land #5131 , WordPress Slideshow Upload
2015-04-19 23:12:26 +02:00
2010e966b3
Add non-httponly cookie theft module for ios/osx safari.
2015-04-19 11:32:37 -05:00
c1a1143377
Remove line in description and output line in fail_with
2015-04-18 15:38:42 -03:00
3417c3f5ab
Land #5181 , Revert unwanted URI encoding
2015-04-18 11:55:19 +02:00
37613adebb
Improve developer experience for fail_with
...
The fail_with for an exploit is used differently than a non-exploit,
so it would be nice to document about this. Also, be strict about
the reason for the exploit one, because this can affect other
components of Metasploit.
2015-04-17 15:55:22 -05:00
4f903a604c
Fix #5103 , Revert unwanted URI encoding
...
Fix #5103 . By default, Httpclient will encode the URI but
we don't necessarily want that. These modules originally
didn't use URI encoding when they were written so we should
just keep them that way.
2015-04-17 13:59:49 -05:00
2a327b7c91
Land #5116 , better handle platform and arch in msfvenom
2015-04-17 10:55:41 -05:00
e73d2cf6a7
Land #5179 , workaround crash with OS X system python
2015-04-17 10:44:05 -05:00
15eef6e8de
Dont fork on OSX
2015-04-17 11:43:07 +01:00
85ba60b6d3
Land #5138 : Cleanup http(s) sessions when all closed
2015-04-17 20:15:02 +10:00
bba0927c7e
Land #5163 , WordPress Reflex Gallery Plugin File Upload
2015-04-17 11:26:34 +02:00
6653c9e33d
Land #5162 , WordPress Dukapress File Read Vulnerability
2015-04-17 11:20:55 +02:00
6c77b64dae
wrong method name
2015-04-17 11:20:14 +02:00
aef464fc2e
Land #5159 , WordPress Mobile Edition Plugin File Read Vuln
2015-04-17 11:13:00 +02:00
3107d99b9a
Use the same URI that was registered when we deregister
...
The original URI is registered as '/foobar/' but is deregistered as
'//foobar/', causing it to never get deregistered. Changing this fixes
unregistration of the service handler for staged payloads, but stageless
doesn't work properly if the URI actually gets deregistered.
2015-04-17 03:20:24 -05:00
18225780da
cleanup HTTP and HTTPS listeners when sessions are closed
...
Rather than listening forever after a session shuts down, close the session if
there are no other URI's registered on the listener. This allows reconfiguring
the listener without restarting framework, but should be safe for situations
where multiple modules share the same listener.
2015-04-17 02:41:24 -05:00
3300845c99
Land #5171 , fail_with check for msftidy
2015-04-16 23:35:23 -05:00
d494bdd5e3
Merge pull request #6 from wvu-r7/pr/5171
...
Consolidate on one check and fix false positives
2015-04-17 06:20:57 +02:00
753978fc7a
Land #5141 , stageless unique URIs with the same UUID
2015-04-16 22:21:32 -05:00
William Vu
James Lee
jvazquez-r7
Brent Cook
Meatballs
Christian Mehlmauer
aushack
Brandon Perry
joev
Roberto Soares
wchen-r7
OJ
Christian Mehlmauer