Commit Graph

854 Commits (75de792558170171ea69c86fac8307619d5dd610)

Author SHA1 Message Date
Tod Beardsley 264d3f9faa
Minor grammar fixes on modules 2014-12-31 11:45:14 -06:00
jvazquez-r7 121c0406e9 Beautify restart_command creation 2014-12-24 15:52:15 -06:00
jvazquez-r7 43ec8871bc Do minor c code cleanup 2014-12-24 15:45:38 -06:00
jvazquez-r7 92113a61ce Check payload 2014-12-24 15:43:49 -06:00
jvazquez-r7 36ac0e6279 Clean get_restart_commands 2014-12-24 14:55:18 -06:00
jvazquez-r7 92b3505119 Clean exploit method 2014-12-24 14:49:19 -06:00
jvazquez-r7 9c4d892f5e Use single quotes when possible 2014-12-24 14:37:39 -06:00
jvazquez-r7 bbbb917728 Do style cleaning on metadata 2014-12-24 14:35:35 -06:00
jvazquez-r7 af24e03879 Update from upstream 2014-12-24 14:25:25 -06:00
Tod Beardsley d3050de862
Remove references to Redmine in code
See #4400. This should be all of them, except for, of course, the module
that targets Redmine itself.

Note that this also updates the README.md with more current information
as well.
2014-12-19 17:27:08 -06:00
Jon Hart 65b316cd8c
Land #4372 2014-12-11 18:48:16 -08:00
Christian Mehlmauer 544f75e7be
fix invalid URI scheme, closes #4362 2014-12-11 23:34:10 +01:00
Christian Mehlmauer de88908493
code style 2014-12-11 23:30:20 +01:00
Tod Beardsley 79f2708a6e
Slight fixes to grammar/desc/whitespace
Note that the format_all_drives module had a pile of CRLFs that should
have been caught by msftidy. Not sure why it didn't.
2014-12-04 13:11:33 -06:00
Rasta Mouse 985838e999 Suggestions from OJ 2014-11-27 21:38:50 +00:00
Rasta Mouse 25ecf73d7d Add configurable directory, rather than relying on the session working
directory.
2014-11-27 17:12:37 +00:00
OJ 75e5553cd4 Change to in exploit 2014-11-26 16:53:30 +10:00
jvazquez-r7 9524efa383 Fix banner 2014-11-25 23:14:20 -06:00
jvazquez-r7 16ed90db88 Delete return keyword 2014-11-25 23:11:53 -06:00
jvazquez-r7 85926e1a07 Improve check 2014-11-25 23:11:32 -06:00
jvazquez-r7 5a2d2914a9 Fail on upload errors 2014-11-25 22:48:57 -06:00
jvazquez-r7 b24e641e97 Modify exploit logic 2014-11-25 22:11:43 -06:00
jvazquez-r7 4bbadc44d6 Use Msf::Exploit::FileDropper 2014-11-25 22:00:42 -06:00
jvazquez-r7 7fbd5b63b1 Delete the Rex::MIME::Message gsub 2014-11-25 21:54:50 -06:00
jvazquez-r7 eaa41e9a94 Added reference 2014-11-25 21:37:04 -06:00
jvazquez-r7 2c207597dc Use single quotes 2014-11-25 18:30:25 -06:00
jvazquez-r7 674ceeed40 Do minor cleanup 2014-11-25 18:26:41 -06:00
jvazquez-r7 6ceb47619a Change module filename 2014-11-25 18:09:15 -06:00
jvazquez-r7 1305d56901 Update from upstream master 2014-11-25 18:07:13 -06:00
Mark Schloesser 9e9954e831 fix placeholder to show the firmware version I used 2014-11-19 21:23:39 +01:00
Mark Schloesser a718e6f83e add exploit for r7-2014-18 / CVE-2014-4880 2014-11-19 21:07:02 +01:00
HD Moore 6b4eb9a8e2 Differentiate failed binds from connects, closes #4169
This change adds two new Rex exceptions and changes the local comm to raise the right one depending on the circumstances. The problem with the existing model is
that failed binds and failed connections both raised the same exception. This change is backwards compatible with modules that rescue Rex::AddressInUse in additi
on to Rex::ConnectionError. There were two corner cases that rescued Rex::AddressInUse specifically:

1. The 'r'-services mixin and modules caught the old exception when handling bind errors. These have been updated to use BindFailed
2. The meterpreter client had a catch for the old exception when the socket reports a bad destination (usually a network connection dropped). This has been updat
ed to use InvalidDestination as that was the intention prior to this change.

Since AddressInUse was part of ConnectionError, modules and mixins which caught both in the same rescue have been updated to just catch ConnectionError.
2014-11-11 14:59:41 -06:00
Joe Vennix c6bbc5bccf
Merge branch 'landing-4055' into upstream-master 2014-10-28 11:18:20 -05:00
Luke Imhoff 216360d664
Add missing require
MSP-11145
2014-10-27 15:19:59 -05:00
sinn3r 7cb4320a76
Land #3561 - unix cmd generic_sh encoder 2014-10-23 15:48:00 -05:00
sinn3r 13fd6a3374
Land #4046 - Centreon SQL and Command Injection 2014-10-23 13:17:00 -05:00
sinn3r ce841e57e2 Rephrase about centreon.session 2014-10-23 13:15:55 -05:00
sinn3r 889045d1b6 Change failure message 2014-10-23 12:55:27 -05:00
William Vu d5b698bf2d
Land #3944, pkexec exploit 2014-10-17 16:30:55 -05:00
jvazquez-r7 7652b580cd Beautify description 2014-10-17 15:31:37 -05:00
jvazquez-r7 d831a20629 Add references and fix typos 2014-10-17 15:29:28 -05:00
URI Assassin 35d3bbf74d
Fix up comment splats with the correct URI
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
0a2940 e689a0626d Use Rex.sleep :-)
"Right is right even if no one is doing it; wrong is wrong even if everyone is doing it"

user@x:/opt/metasploit$ grep -nr "select(nil, nil, nil" . | wc -l
189
user@x:/opt/metasploit$ grep -nr "Rex.sleep" . | wc -l
25
2014-10-10 10:05:46 +01:00
sinn3r c5494e037d
Land #3900 - Add F5 iControl Remote Root Command Execution 2014-10-08 00:30:07 -05:00
jvazquez-r7 299d9afa6f Add module for centreon vulnerabilities 2014-10-07 14:40:51 -05:00
jvazquez-r7 3daa1ed4c5 Avoid changing modules indentation in this pull request 2014-10-07 10:41:25 -05:00
jvazquez-r7 341d8b01cc Favor echo encoder for back compatibility 2014-10-07 10:24:32 -05:00
jvazquez-r7 0089810026 Merge to update 2014-10-06 19:09:31 -05:00
jvazquez-r7 212762e1d6 Delete RequiredCmd for unix cmd encoders, favor EncoderType 2014-10-06 18:42:21 -05:00
0a2940 f2b9aeed74 typo 2014-10-03 11:02:56 +01:00