Commit Graph

27587 Commits (7da22d064de18ddf76f0acc2131783d7aadb7c5c)

Author SHA1 Message Date
Spencer McIntyre 7da22d064d Remove an unnecessary var and fix process_close 2014-10-02 20:52:45 -04:00
sinn3r 0820a4fe6a
Land #3933 - Fix cmd_exec with Python Meterpreter on OS X 2014-10-02 13:48:19 -05:00
Samuel Huckins 0dfd8e25b8
Land #3846, Rex::ImageSource specs 2014-10-02 12:33:56 -05:00
William Vu ee92648693
Land #3906, Zsh completion for Metasploit 2014-10-02 11:06:10 -05:00
Joe Vennix b1b8cba4c5
Rescue an IOError on channel double-close.
This was causing output from python meterpreter
commands run on OSX to be discarded when the error
was raised, making cmd_exec not-so-useful.
2014-10-01 22:35:41 -05:00
HD Moore 0380c5e887 Add CVE-2014-6278 support, lands #3932 2014-10-01 18:25:41 -05:00
William Vu c1b0acf460
Add CVE-2014-6278 support to the exploit module
Same thing.
2014-10-01 17:58:25 -05:00
William Vu 5df614d39b
Land #3928, release fixes 2014-10-01 17:21:08 -05:00
HD Moore 77bb2df215 Adds support for both CVEs, lands #3931 2014-10-01 17:06:59 -05:00
sinn3r 3ec6166193
Land #3927 - Shellshock PureFPTd extauth 2014-10-01 17:00:55 -05:00
William Vu 51bc5f52c1
Add CVE-2014-6278 support
Going with an OptEnum to simplify the code for now...
2014-10-01 16:40:55 -05:00
Spencer McIntyre 8cf718e891 Update pureftpd bash module rank and description 2014-10-01 17:19:31 -04:00
Tod Beardsley 4fbab43f27
Release fixes, all titles and descs 2014-10-01 14:26:09 -05:00
Spencer McIntyre cf6029b2cf Remove the less stable echo stager from the exploit 2014-10-01 15:15:07 -04:00
Spencer McIntyre 632edcbf89 Add CVE-2014-6271 exploit via Pure-FTPd ext-auth 2014-10-01 14:57:40 -04:00
William Vu 9bfd013e10
Land #3923, mv misc/pxexploit to local/pxeexploit
Also renamed typo'd pxexploit -> pxeexploit.
2014-09-30 17:48:06 -05:00
William Vu 5fc57f7ed5
Land #3924, rm dlink_upnp_exec_noauth_telnetd
Deprecated.
2014-09-30 17:46:07 -05:00
William Vu 039e544ffa
Land #3925, rm indeces_enum
Deprecated.
2014-09-30 17:45:38 -05:00
sinn3r be1df68563 Remove auxiliary/scanner/elasticsearch/indeces_enum.rb
Time is up, so good bye.
2014-09-30 17:24:21 -05:00
sinn3r 9e67beb396 Remove modules/exploits/linux/http/dlink_upnp_exec_noauth_telnetd.rb
Time is up, so good bye.
2014-09-30 17:21:55 -05:00
sinn3r b17396931f Fixes #3876 - Move pxeexploit to local directory 2014-09-30 17:16:13 -05:00
Tod Beardsley c1cb8bcfdd
Land #3918, bugfix on self.rhost mssql_login 2014-09-30 13:36:42 -05:00
sinn3r 296a51f661
Land #3917 - Description & module title update 2014-09-30 12:37:38 -05:00
William Vu 5ea968f3ee
Update description to prefer the exploit module 2014-09-30 11:34:28 -05:00
sinn3r 7163b8c55a Fixes #3915 - NoMethodError private method `rhost'
There's no self.rhost, but rhost is defined
2014-09-30 11:34:16 -05:00
William Vu 162e42080a
Update title to reflect scanner status 2014-09-30 11:04:17 -05:00
sinn3r 10dc6ed2fe
Land #3912 - Update check method and additional references 2014-09-30 10:18:56 -05:00
William Vu de65ab0519
Fix broken check in exploit module
See 71d6b37088.
2014-09-29 23:03:09 -05:00
William Vu 12d7073086
Use idiomatic Ruby for the marker 2014-09-29 22:32:07 -05:00
William Vu 71d6b37088
Fix bad header error from pure Bash CGI script 2014-09-29 22:25:42 -05:00
William Vu df44dfb01a
Add OSVDB and EDB references to Shellshock modules 2014-09-29 21:39:07 -05:00
sinn3r b2d2101be2
Land #3913 - Change hardcoded table prefixes 2014-09-29 17:55:45 -05:00
sinn3r 8f3e03d4f2
Land #3903 - ManageEngine OpManager / Social IT Arbitrary File Upload 2014-09-29 17:53:43 -05:00
Christian Mehlmauer b266233e95 fix bug 2014-09-30 00:21:52 +02:00
Pedro Ribeiro 533b807bdc Add OSVDB id 2014-09-29 21:52:44 +01:00
sinn3r ffe5aafb2f
Land #3905 - Update exploits/multi/http/apache_mod_cgi_bash_env_exec 2014-09-29 15:19:35 -05:00
sinn3r 21b2d9eb3f
Land #3899 - WordPress custom-contact-forms Plugin SQL Upload 2014-09-29 14:40:28 -05:00
sinn3r 9e5826c4eb
Land #3844 - Add the JSObfu mixin to Firefox exploits 2014-09-29 11:15:14 -05:00
sinn3r ababc3d8ff
Land #3869 - HP Network Node Manager I PMD Buffer Overflow 2014-09-29 11:00:12 -05:00
Meatballs d5959d6bd6
Land #2585, Refactor Bypassuac with Runas Mixin 2014-09-28 09:24:22 +01:00
Meatballs e14dd9900b
Land #3896, Change Max LOGLEVEL to 3 2014-09-28 09:18:29 +01:00
Meatballs 67c25c20ca
Land #3357, Run Local Exploits in AutoRunScript 2014-09-28 09:12:26 +01:00
Meatballs 3fc57109e6 Dont rescue Exception 2014-09-28 09:12:03 +01:00
Spencer McIntyre 3181d4e080 Add zsh completion definitions for utilities 2014-09-27 20:12:02 -04:00
Spencer McIntyre fe12ed02de Support a user defined header in the exploit too 2014-09-27 18:58:53 -04:00
Pedro Ribeiro f20610a657 Added full disclosure URL 2014-09-27 21:34:57 +01:00
Pedro Ribeiro 030aaa4723 Add exploit for CVE-2014-6034 2014-09-27 19:33:49 +01:00
Pedro Ribeiro ce8452a17a Merge pull request #3 from rapid7/master
bla
2014-09-27 19:24:32 +01:00
HD Moore 64dbc396dd Add header specification to check module, lands #3902 2014-09-27 12:58:29 -05:00
William Vu 044eeb87a0
Add variable HTTP header
Also switch from OptEnum to OptString for flexibility.
2014-09-27 12:39:24 -05:00