Commit Graph

13090 Commits (7cc905832e40e6049260fff6f495e85160d7c287)

Author SHA1 Message Date
sinn3r 90a7458b56 Lower the rank a little to favor other modules in BAP 2012-04-23 15:15:08 -05:00
HD Moore 206018c8a3 Patched with a small tweak to avoid a raise 2012-04-23 14:58:25 -05:00
HD Moore f6005ba06e Permission change, ignore 2012-04-23 13:42:18 -05:00
HD Moore a0815223e8 Patch this with a newer/manually built extension 2012-04-23 13:41:56 -05:00
HD Moore efc589c1e2 Fix up Net::HTTP usage so that it works with newer ruby as well 2012-04-23 03:53:50 -05:00
HD Moore a1f9d2c27a Bump up the wait_timeout (works with the recent AR patch) and fix a typo in the http_version commit 2012-04-23 02:44:56 -05:00
HD Moore 59ecc8584d Force http_version to always make a new request, even if the information is in the DB 2012-04-23 02:39:02 -05:00
HD Moore a6787106a5 This ports two active_record patches over that deal with database thread pooling 2012-04-23 02:37:47 -05:00
James Lee b3dec4d183 Require pg >=0.13 2012-04-22 21:49:15 -06:00
James Lee 08dc8364ce Adjust Gemfile to reflect real dependencies 2012-04-22 21:38:56 -06:00
HD Moore 5302c83db9 Remove extranenous .so files (ext not lib) 2012-04-22 21:30:05 -05:00
Leonardo Botelho 66ecf28451 Shadow stream recorder exploit. 2012-04-22 19:19:40 -03:00
HD Moore 1d2581ebf4 Cosmetic 2012-04-21 14:51:20 -05:00
sinn3r b0a76a1aa1 Add wake-on-lan module 2012-04-21 03:29:49 -05:00
James Lee 9cdd8912c5 Remove spurious cli.peerhost in output 2012-04-20 13:31:42 -06:00
sinn3r 37e75dc644 Make this description a little more sense 2012-04-20 12:25:51 -05:00
James Lee 6cb0fe9fbf Use the framework thread spawner instead of Rex
Not sure why this was Rex before, changed for consistency and to avail
of the ActiveRecord connection release code recently added to the
framework version.
2012-04-20 01:13:12 -06:00
sinn3r b955569b10 Update the use of get2() in order to support ruby 1.9.3 2012-04-20 01:37:24 -05:00
James Lee 6d0e4fba5e Go ahead and wrap the db commands as well.
Most of this probably isn't necessary, but better safe than sorry.
2012-04-19 23:53:00 -06:00
James Lee 29e01760f0 Wrap more database usage in with_connection block 2012-04-19 23:51:20 -06:00
James Lee d79f8b0492 Add with_connection wrappers to the database rpc calls
Certainly not all of these methods require a connection, but it is
better to check one out when we don't need it than to risk grabbing an
implicit connection that will never be handed back to the pool.
2012-04-19 22:58:24 -06:00
sinn3r c68a775106 Fix EDB references 2012-04-19 23:53:32 -05:00
David Maloney 5db3e5aa34 Fixes some issues with the nexpose integration library
Should now work for all cases
2012-04-19 23:04:14 -05:00
sinn3r 12bf301d2b Correct file name 2012-04-19 21:17:19 -05:00
sinn3r 05459ca3ff Change module description 2012-04-19 21:17:19 -05:00
sinn3r 072faa65ec Massive code cleanup 2012-04-19 21:17:19 -05:00
sinn3r 93134e6fd2 Change default target 2012-04-19 21:17:19 -05:00
unknown 47ecd36805 Implemented Changes suggested by wchen-r7 (sinn3r) 2012-04-19 21:17:19 -05:00
unknown feb625cab0 Updated module 2012-04-19 21:17:19 -05:00
unknown 8caec4777f TFTPserverST addition 2012-04-19 21:17:18 -05:00
Tod Beardsley d33cd386a8 Merge pull request #340 from rsmudge/armitage
fix a compatability issue with latest msf changes.
2012-04-19 17:50:43 -07:00
Alexander Klink 8c06e0d46e Squashed commit of the following:
commit 5c82f0acade617d8314858170752c498eac4b4fb
Author: Alexander Klink <git@alech.de>
Date:   Thu Apr 19 20:57:21 2012 +0200

    pdf2xdp.rb script to convert PDF file to XDP format

    XDP is an equivalent format for PDF, but is pretty useful in evading AV
    software.

    See
    https://www.metasploit.com/redmine/issues/3679
    http://shiftordie.de/blog/2011/02/09/evading-avs-using-the-xml-data-package-xdp-format/

[Closes #345]
2012-04-19 18:27:18 -06:00
sinn3r 93390fa6e2 Fix metadata and some cosmetic stuff 2012-04-19 19:12:27 -05:00
sinn3r bce6c9abcf Verify checksum to avoid jumping to a corrupt payload 2012-04-19 18:52:43 -05:00
sinn3r ae7c2acf9d Merge branch 'xradio-exploit-module' of https://github.com/b0telh0/metasploit-framework into b0telh0-xradio-exploit-module 2012-04-19 18:09:20 -05:00
sinn3r 9a00823828 Merge branch '0a2940-CVE-2008-5499_adobe_flashplayer_aslaunch' 2012-04-19 18:08:22 -05:00
sinn3r f5e8f57497 Minor fixes 2012-04-19 18:07:35 -05:00
James Lee 06b3ed2e13 Add with_connection wrappers to the methods I missed 2012-04-19 15:45:23 -06:00
James Lee 876c59b192 Make use of the new ActiveRecord 3.x concurrency contract
All Database usage must go through framework.db (which should have been
the case before, anyways) or explicitly checkout and checkin a
connection.  Failure to do so causes thread starvation and bizarre
random failures when attempting to use the database.

This commit also explicitly releases database connections at the end of
all threads created via framework.threads.spawn, which should alleviate
Deprecation Warning messages from ActiveRecord.

[Fixes #6613]
2012-04-19 14:21:21 -06:00
sinn3r 8d1d63dda8 Correct OSVDB reference, thanks modpr0be 2012-04-19 12:04:11 -05:00
sinn3r 45997b8dd4 Fix typos 2012-04-19 10:54:05 -05:00
sinn3r 37f4e7b3b9 Fix bug #6714, thanks Scott 2012-04-19 10:22:31 -05:00
Tod Beardsley 8edf3fc8bd Service info shouldn't be blanked if it exists.
Check service.info at the end of reporting a service instead of the
beginning. This will preserve an existing service info in the event
we're re-reporting a service.

[See #6701]
2012-04-19 09:47:41 -05:00
Tod Beardsley ce3d98bc88 vcms_login.rb description 2012-04-19 07:44:28 -05:00
sinn3r 5fde6b759f Add VCMS brute-force module 2012-04-19 02:25:03 -05:00
sinn3r 81b6e76619 Correct CVE/OSVDB/BID references, thanks Chad. 2012-04-19 00:24:56 -05:00
sinn3r 946ab1514e Correct module naming style 2012-04-18 20:45:25 -05:00
sinn3r 1065111817 Correct TARGETURI description 2012-04-18 18:57:37 -05:00
sinn3r 7071c30b4b These modules don't really print anything out with print_status(), which makes it weird to look now that we've implemented egypt's output style changes 2012-04-18 16:07:41 -05:00
sinn3r 0e45b6c06c Avoid printing ip:port twice 2012-04-18 16:01:10 -05:00