Commit Graph

25930 Commits (7c1605efe4b54ac58bc96c6fc345d1ecc274ee56)

Author SHA1 Message Date
jvazquez-r7 33da1a6871 Give a chance to the mixin 2014-08-12 13:49:39 -05:00
Emilio Pinna 5b6be55c50 Fix (properly) 'execute_command()' missing 'opts' parameter 2014-08-12 19:49:27 +02:00
Tod Beardsley bbcd63cd10
Update Gemfile.lock as well for PR #3639 2014-08-12 12:28:39 -05:00
Emilio Pinna 3af17ffad0 Fixed 'execute_command()' missing 'opts' parameter 2014-08-12 19:24:24 +02:00
jvazquez-r7 042423088c Make sure which the full payload is used 2014-08-12 11:41:29 -05:00
Tod Beardsley 47cb906408
Remove rubocop and msftidy touchpoints
Rubocop replaces the default YAML library which makes development
testing difficult. It does not cause problems on Travis, but according
to reports, it does cause instability with many individual dev
environments.

While I would love to have a more solid source of this bug report, right
now this was an oral report from @shuckins-r7 (who I tend to believe a
lot).
2014-08-12 10:37:58 -05:00
Emilio Pinna f71589f534 Simplify payload upload using 'CmdStager' mixin 2014-08-12 10:49:17 +02:00
sinn3r 4aeb1eda9c Don't use datastore options as default values 2014-08-11 18:55:32 -05:00
kaospunk 4e6a04d3ad Modifications for login and key addition
This commit adds additional support for logging in
on multiple versions of Gitlab as well as adding a
key to exploit the vulnerability.
2014-08-11 19:54:10 -04:00
Emilio Pinna cc5770558d Remove local payload saving used for debugging 2014-08-11 19:16:14 +02:00
Emilio Pinna 4790b18424 Use FileDropper mixin to delete uploaded file 2014-08-11 19:02:09 +02:00
Emilio Pinna ac526ca9bd Fix print_* to vprint_* in check method 2014-08-11 18:58:11 +02:00
Emilio Pinna 4b4b24b79d Fix errors printing 2014-08-11 18:54:43 +02:00
Emilio Pinna c97cd75beb Rephrase 'Author' section 2014-08-11 18:52:21 +02:00
Emilio Pinna 0138f3648d Add VMTurbo Operations Manager 'vmtadmin.cgi' Remote Command Execution module. 2014-08-11 16:57:39 +02:00
kaospunk a995bcf2ef Fix URI building and failure cases
This update uses the normalize_uri method for building
URIs. Additionally, failure cases have been modified
for a less generic version.
2014-08-10 19:53:33 -04:00
Meatballs 351b687759
Land #3612, Windows Local Kernel exploits refactor 2014-08-10 22:05:06 +01:00
Meatballs b277f588fb
Use railgun helper functions 2014-08-10 21:52:12 +01:00
joev af3ca19ab2
Land #3501, @AnwarMohamed's android meterpreter commands. 2014-08-09 16:29:59 -05:00
Anwar Mohamed 92432503ce Merge pull request #5 from jvennix-r7/android_ext3
Final-round of code tweaks. All commands working well.
2014-08-09 23:45:45 +03:00
Tod Beardsley ef2663a050
Land #3637, on stage, from unknown 2014-08-09 14:16:06 -05:00
Tod Beardsley 08bb815bd8
Add Yokogawa unauth admin module 2014-08-09 13:30:10 -05:00
joev dbaa377aa1 Final-round of code tweaks. All commands working well. 2014-08-09 13:04:52 -05:00
jvazquez-r7 486b5523ee Refactor set_version 2014-08-09 02:17:07 -05:00
jvazquez-r7 d959affd6e Delete debug message 2014-08-09 01:58:42 -05:00
jvazquez-r7 da04b43861 Add module for CVE-2014-0983 2014-08-09 01:56:38 -05:00
Jon Hart 3307726c21
Land #3627, @wchen-r7's cleanup of ctypes in smb_enumshares 2014-08-08 19:17:15 -07:00
Jon Hart 73253b575a
Land #3626, @wchen-r7's storing of text loot as txt 2014-08-08 18:57:38 -07:00
Jon Hart b3bb20f569
Land #3629, @wchen-r7's HTTP traversal fixes 2014-08-08 18:08:32 -07:00
Jon Hart c35dc4d3ac Extract query params separately
Prevents stomping on data
2014-08-08 18:07:25 -07:00
sinn3r 93174a818b
Land #3628 - Add --ask option in msfconsole 2014-08-08 11:03:15 -05:00
sinn3r 969e5ddd39 Override the correct smb_direct 2014-08-07 18:48:46 -05:00
sinn3r 3b27102c4c Override the correct smb_direct 2014-08-07 18:47:33 -05:00
sinn3r 436e2abfff Fix datastore options 2014-08-07 17:59:40 -05:00
sinn3r 1963318e70 Fix datastore options 2014-08-07 17:58:25 -05:00
sinn3r ab8f2c7d3f Datastore option fix 2014-08-07 17:57:44 -05:00
sinn3r 6f8c7f092a Fix direct datastore assignments to pass msftidy 2014-08-07 17:51:45 -05:00
sinn3r 2967d85e44
Land #3624 - Wordpress XMLRPC DoS 2014-08-07 17:25:22 -05:00
Iquaba b33d2b8583 Adds a newline for readability 2014-08-07 13:49:13 -05:00
Iquaba 6cea921478 Adds --ask option to prompt before exiting msfconsole 2014-08-07 13:44:46 -05:00
sinn3r c79fe731c5 Um, this is the right way to do it. 2014-08-07 13:32:48 -05:00
sinn3r f7bda738cf Fix file handle leak 2014-08-07 13:30:34 -05:00
sinn3r 711630d059 Fix datastore assignments 2014-08-07 13:28:51 -05:00
sinn3r c7090f57a5 Fix "text" ctype in smb_enumshares
"text" is not a valid ctype, should be text/plain
2014-08-07 11:25:55 -05:00
Christian Mehlmauer a7be5b5164
Added fingerprinting 2014-08-07 18:12:58 +02:00
sinn3r e432f3f442 Support all text-based ctypes 2014-08-07 11:10:32 -05:00
sinn3r f3d90ada14
Land #3625 - Update adobe_pdf_embedded_exe target description 2014-08-07 11:01:30 -05:00
jvazquez-r7 b259e5b464 Update description again 2014-08-07 09:21:25 -05:00
jvazquez-r7 4af0eca330 Update target description 2014-08-07 09:11:01 -05:00
Christian Mehlmauer d6e60453d6
Added Wordpress XMLRPC DoS 2014-08-07 11:38:44 +02:00