Tod Beardsley
78381316a2
Add @brandonprry's seven new modules
...
Already reviewed privately, no associated PR.
2013-10-30 11:04:21 -05:00
Tod Beardsley
5b76947767
Add a few more modules.
2013-10-30 10:25:48 -05:00
jvazquez-r7
c8ceaa25c6
Land #2589 , @wvu-r7's exploit for OSVDB 98714
2013-10-29 14:56:30 -05:00
jvazquez-r7
9f81aeb4ad
Fix style
2013-10-29 14:55:16 -05:00
William Vu
5af42f2c28
Add short comment on why the padding is necessary
2013-10-29 11:46:10 -05:00
William Vu
e368cb0a5e
Add Win7 SP1 to WinXP SP3 target
2013-10-29 10:45:14 -05:00
jvazquez-r7
1b75aef614
Land #2591 , @bcoles's exploit for ProcessMaker
2013-10-29 09:54:23 -05:00
jvazquez-r7
c4c171d63f
Clean processmaker_exec
2013-10-29 09:53:39 -05:00
jvazquez-r7
26af6452da
Land #2588 , @wvu-r7's permissions change for cmdstager_printf.rb
2013-10-29 08:07:19 -05:00
bcoles
3eed800b85
Add ProcessMaker Open Source Authenticated PHP Code Execution
2013-10-29 23:27:29 +10:30
William Vu
665f6c3e35
Land #2590 , gsub nil fix for mimikatz
2013-10-29 00:58:16 -05:00
OJ
606411de81
Fix mimikatz error when password is nil
...
In some cases the password value that comes out of mimikatz results
is `nil`, instead of an empty string. This fixes this so that if
the string is `nil` is falls back to an empty string, resulting in
the call to `gsub` working instead of failing.
2013-10-29 15:13:32 +10:00
William Vu
ea7bba4035
Add Beetel Connection Manager NetConfig.ini BOF
2013-10-28 22:52:02 -05:00
William Vu
333a0d5820
chmod -x cmdstager_printf.rb
2013-10-28 18:47:14 -05:00
Brandon Turner
4b7a438d45
Merge pull request #2587 from todb-r7/release-fixup
...
Release fixups
2013-10-28 12:26:17 -07:00
Tod Beardsley
4128aa8c08
Resplat and tabs
2013-10-28 14:03:15 -05:00
Tod Beardsley
9045eb06b0
Various title and description updates
2013-10-28 14:00:19 -05:00
Tod Beardsley
9bb9f8b27b
Update descriptions on SMB file utils.
2013-10-28 13:48:25 -05:00
Tod Beardsley
0f63420e9f
Be specific about the type of hash
...
See #2583 . Since there are several types of hashes, we need to be more
specific about this -- see modules/exploits/windows/smb/psexec.rb which
uses an "smb_hash" as a password type.
Also, the fixes in #2583 do not appear to address anything else reported
on the Redmine issue, namely, operating system and architecture
identification discovered with this module (assuming good credentials).
Therefore, the Redmine issue should not be considered resolved.
[SeeRM #4398 ]
2013-10-28 13:40:07 -05:00
William Vu
1fee3ce952
Land #2584 , reporting for energizer_duo_detect
2013-10-28 10:48:20 -05:00
jvazquez-r7
efcfc9eef7
Land #2273 , @kaospunk's enum domain feature for owa_login
2013-10-28 09:47:54 -05:00
jvazquez-r7
71a1ccf771
Clean owa_login enum_domain feature
2013-10-28 09:46:41 -05:00
jvazquez-r7
2b5e2df94e
Land #2568 , @h0ng10's update of SAP url's wordlist
2013-10-28 09:01:33 -05:00
jvazquez-r7
e88e523eaa
Delete newline
2013-10-28 09:01:00 -05:00
sinn3r
87dc58191d
Land #2583 - Report creds to db
2013-10-26 23:22:40 -05:00
sinn3r
69823be7cf
Land #2586 - require 'msf/core/exploit/powershell'
2013-10-26 00:44:49 -05:00
William Vu
278dff93e7
Add missing require for Msf::Exploit::Powershell
...
Thanks for the report, @mubix.
2013-10-25 21:41:24 -05:00
jvazquez-r7
e0aec13ce1
[FixRM #4397 ] Add reporting for energizer_duo_detect
2013-10-25 16:51:44 -05:00
jvazquez-r7
9276a839d4
[FixRM #4398 ] Report credentials to database
2013-10-25 16:19:47 -05:00
jvazquez-r7
df83114f0b
Land #2578 , @wchen-r7's [FixRM #8525 ]
2013-10-25 13:28:59 -05:00
sinn3r
9d439b6925
Land #2580 - Don't try to create war without exe
2013-10-25 13:05:09 -05:00
sinn3r
9a9f94bfe9
Land #2579 - module platform to ms04_011_pct
2013-10-25 13:01:39 -05:00
Tod Beardsley
3dd6814e93
Land #2581 , update global option display
2013-10-25 12:13:49 -05:00
jvazquez-r7
84abdb4905
Land @todb-r7's fix to show all the default options
2013-10-25 12:03:09 -05:00
Tod Beardsley
4bf041ec46
Use Rails, not Ruby, time formats.
...
Since MSF now equires ActiveSupport, may as well reference it correctly.
2013-10-25 11:52:54 -05:00
Tod Beardsley
b781e58a67
Unformat the prompt and promptchar
2013-10-25 11:40:28 -05:00
jvazquez-r7
0084f32ca2
Print default values when unset options
2013-10-25 11:21:42 -05:00
sinn3r
a95425de08
Check dec instead
2013-10-25 10:47:41 -05:00
jvazquez-r7
d9f055f03f
[FixRM #8494 ] Don't try to create war without exe
2013-10-25 09:44:38 -05:00
jvazquez-r7
b69ee1fc67
[FixRM #8419 ] Add module platform to ms04_011_pct
2013-10-25 09:29:19 -05:00
sinn3r
1d0a3aad70
[FixRM #8525 ] undefined method `+' for nil:NilClass in enum_ie
...
Looks like for some reason if CryptUnprotectData fails, the decrypt_reg()
method will return "". And when you unpack "", you produce an array of nils.
Since you cannot add something to nil, this should cause an
"undefined method `+' for nil:NilClass" error.
This will check if we get an array of nils, we jump to the next iteration.
2013-10-25 00:26:38 -05:00
sinn3r
36165cba88
Land #2575 - Update meterpreter DLLs
2013-10-24 21:10:24 -05:00
Tod Beardsley
27739a0351
Meterpreter bins after Meterpreter PR 32
...
Protects against potential BOFs due to strcpy usage.
These binaries were built against meterpreter master after
https://github.com/rapid7/meterpreter/pull/32 landed.
The CI tests can be seen here:
https://ci.metasploit.com/view/Meterpreter/job/MeterpreterWin/75/
Note, this commit is signed. Your merge commit should be signed, too, so
people can be assured that nobody is backdooring Meterpreter on the sly.
2013-10-24 15:15:49 -05:00
sinn3r
7d788fbf76
Land #2571 - HP Intelligent Management SOM FileDownloadServlet Arbitrary Download
2013-10-24 14:15:26 -05:00
sinn3r
7ee615223d
Land #2570 - HP Intelligent Management SOM Account Creation
2013-10-24 14:14:06 -05:00
sinn3r
811d1ca937
Land #2573 - Fix a typo
2013-10-24 11:35:56 -05:00
jvazquez-r7
ea80c15c3b
Land #2383 , @jamcut's aux module for jenkins enum
2013-10-24 11:31:36 -05:00
jvazquez-r7
8428671f32
Land #2455 , @juushya's aux module for radware
2013-10-24 10:54:02 -05:00
jvazquez-r7
1673b66cbe
Delete some white lines
2013-10-24 10:50:14 -05:00
jvazquez-r7
b589e9aa6e
Use the peer method
2013-10-24 10:45:02 -05:00