Commit Graph

40213 Commits (83a3a4e348bc45d2c6022e9b749d3a7cb4fe2ade)

Author SHA1 Message Date
wchen-r7 83a3a4e348 Fix #7463, check nil return value when using redis_command
Fix #7463
2016-11-21 15:52:12 -06:00
William Vu 6f8660f345
Land #7586, NameError fix for brute_dirs 2016-11-21 14:46:19 -06:00
William Vu 7b5c819430
Land #7588, disclosure date fix for OpenNMS sploit 2016-11-21 14:01:18 -06:00
William Vu c8320d661f
Land #7590, mixin order fix for buffalo_login 2016-11-21 13:57:27 -06:00
Jin Qian 90d360a592 Fix the issue 7589, both RHOST and RHOSTS options are quired
Thanks to Will who found it's due to the order of mixin.
2016-11-21 11:06:32 -06:00
Prateep Bandharangshi 8869ebfe9b Fix incorrect disclosure date for OpenNMS exploit
Disclosure date was Nov 2015, not Nov 2014
2016-11-21 16:44:36 +00:00
Jin Qian 18b873be47 Fix the exception issue reported in issue #7585
Fix the exception by initialize a key variable that caused the exception.
2016-11-21 10:00:23 -06:00
William Webb 6c6221445c
Land #7543, Create exploit for CVE-2016-6563 / Dlink DIR HNAP Login 2016-11-21 09:59:50 -06:00
Brent Cook 0504cae21f
Land #7536, fix get_ipv4_addr(@interface) usage 2016-11-21 01:09:05 -06:00
Brent Cook d8f59a9d62
Land #7507, Fix payload uuid/arch/platform tracking 2016-11-21 00:58:37 -06:00
Brent Cook d7dce28018 bump mettle to get fix for UUID encoding 2016-11-21 00:57:50 -06:00
Brent Cook 0a3acf57d1 update payload sizes 2016-11-20 19:47:17 -06:00
Brent Cook fcb2ef3933 bump ruby, get new openssl fixes 2016-11-20 19:35:44 -06:00
Brent Cook 05cb5edaac update payload gems 2016-11-20 19:10:27 -06:00
Brent Cook 16b5f40dae Revert "Rework XOR code to make more sense"
This reverts commit 699a8e91d2.
2016-11-20 19:09:45 -06:00
Brent Cook 005d34991b update architecture 2016-11-20 19:09:33 -06:00
Brent Cook e52d67cb8c add architecture check 2016-11-20 19:09:26 -06:00
Brent Cook f313389be4 Merge remote-tracking branch 'upstream/master' into land-7507-uuid-arch 2016-11-20 19:08:56 -06:00
David Maloney 6a35b366bc
Land #7577, URPORT fix 2016-11-18 14:41:10 -06:00
Metasploit 643a5511cf
Bump version of framework to 4.13.1 2016-11-18 10:01:48 -08:00
wchen-r7 00e4a8881f
Land #7574, Update open_proxy aux module 2016-11-18 11:41:43 -06:00
h00die cd01b07682
Land #7565
Lands print_bad and vprint_bad from todb-r7
2016-11-18 13:29:39 -05:00
wchen-r7 d3adfff663 Change syntax 2016-11-18 11:41:04 -06:00
wchen-r7 f894b9a4c5 Fix typo 2016-11-18 11:39:26 -06:00
David Maloney 202009b50b
Land #7570, async print fix
Land's jennamagius' fix for async console printing
outoupt from jobs no longers screws the console prompt
up. w00t!
2016-11-18 11:25:18 -06:00
David Maloney 8d1c718873
Land #7572, wireshark dos typos
Lands mcantoni's pr for fixing typos in the
wireshark dos modules
2016-11-18 11:01:32 -06:00
wchen-r7 4596785217
Land #7450, PowerShellEmpire Arbitrary File Upload 2016-11-17 17:47:15 -06:00
wchen-r7 22d70ddd09 Fix #7455, handle the URIPORT option properly in is_uxss_injection
Fix #7455
2016-11-17 15:50:35 -06:00
Brian Patterson abddeb5cd2 Land 7473, add censys search module 2016-11-17 13:44:00 -06:00
Brendan f2b9498643
Land #7576, Fix RHOSTS use in auxiliary/scanner/ftp/titanftp_xcrc_traversal 2016-11-17 13:06:29 -06:00
Jin Qian c03f35ef13 Fix the hanging of module auxiliary/scanner/ftp/titanftp_xcrc_traversal.rb
Thanks for Wei who pointed out the error: in store_loop call, it used "rhosts", should have been ip.
2016-11-17 10:08:59 -06:00
Cantoni Matteo c9b9be9328 Update open_proxy aux module 2016-11-17 15:44:03 +01:00
Cantoni Matteo 30f7006b5b Fixed typos of an old commit 2016-11-17 14:39:33 +01:00
Tim 66ba2b077b
Land #7567, fix apk injection when template has no permissions 2016-11-17 11:42:54 +00:00
Dylan Davis 739c9c1315 Ensure cursor is positioned appropriately if it is not at the end of a line when async prints arrive 2016-11-16 21:07:50 -07:00
Dylan Davis 491a3a3162 Prevent the input prompt from being mangled by asynchronous prints. 2016-11-16 20:43:07 -07:00
wchen-r7 c0af5b690d
Land #6638, add local exploit module to execute payload w/ stealth 2016-11-16 16:25:15 -06:00
wchen-r7 e1ff37f3eb Title change and handling Rex::TimeoutError exception 2016-11-16 16:23:44 -06:00
Brendan 18bafaa2e7
Land #7531, Fix drb_remote_codeexec and create targets 2016-11-16 12:58:22 -06:00
Metasploit 383314530a
Bump version of framework to 4.13.0 2016-11-16 07:48:26 -08:00
OJ be2aabb873
Merge updates to mettle stages from acammack-r7 2016-11-16 19:13:20 +10:00
Brian Yip 927e195e28 Generate payload apk from permissionless apk 2016-11-16 00:48:10 -04:00
Tod Beardsley 1deacad2be
Add a print_bad alias for print_error
Came up on Twitter, where Justin may have been trolling a little:

https://twitter.com/jstnkndy/status/798671298302017536

We have a `print_good` method, but not a `print_bad`, which seems a
little weird for Ruby -- opposite methods should be intuitive as Justin
is implying.

Anyway, I went with alias_method, thanks to the compelling argument at

https://github.com/bbatsov/ruby-style-guide#alias-method

...since Metasploit is all about the singleton, and didn't want to risk
some unexpected scoping thing.

Also dang, we define the `print_` methods like fifty billion times!
Really should fix that some day.
2016-11-15 19:20:42 -06:00
Brendan 7e4645afb3
Land #7527, Add LURI support to the reverse_http/s stagers 2016-11-15 16:31:20 -06:00
wchen-r7 7b83720b90
Bring #6638 up to date 2016-11-15 12:27:05 -06:00
wchen-r7 f50e609d12
Land #7556, Prevent psexec_command from dying when one host errors 2016-11-15 12:17:01 -06:00
wchen-r7 e5d3289c18 Fix name for exception 2016-11-15 12:14:58 -06:00
Brent Cook b6f097c035
Correct a few misspellings 2016-11-15 08:08:20 -06:00
Brent Cook b56b6a49ac
Land #7328, Extend lsa_transname_heap exploit to MIPS 2016-11-15 07:37:19 -06:00
Brent Cook 312f33afa3 minor formatting updates 2016-11-15 07:36:54 -06:00