Commit Graph

31957 Commits (859b54f8a3b16d9251c25d91241cd974cfbc14f0)

Author SHA1 Message Date
Meatballs c56679f33e
Modify for new SMB mixin 2015-03-05 21:26:13 +00:00
William Vu 3e81bf073c
Land #4883, Postgres PTH reference 2015-03-05 15:05:27 -06:00
Tod Beardsley e429d4c04f Add reference and description for PTH on Postgres
Dave and William did most of the work already over on PR #4871, this
just points it out in the module.
2015-03-05 14:36:56 -06:00
Tod Beardsley 0c87e28208
Land #4882, workspace sort order
[Fixes #4881]
2015-03-05 14:30:00 -06:00
Matthew Hall fef8b89001 Merge pull request #6 from jvazquez-r7/final_3323_folder_support
Add support for a folder and update module.  Thanks @jvazquez-r7  - yeah I was using an older version of my code for the exploit (whoops - long day...). Landed. I'll look at merging this with the existing exploit over the weekend.
2015-03-05 20:08:10 +00:00
Samuel Huckins 7cb3e236fb
Adding back prepended colons
Don't seem to be needed but don't want to introduce that change.
2015-03-05 14:06:50 -06:00
Samuel Huckins 02d30b3d44
Changes workspace cmd ordering to updated_at asc 2015-03-05 14:05:24 -06:00
Samuel Huckins 84df403d11
Land #4852, vuln note import/export addition 2015-03-05 13:54:22 -06:00
sinn3r 16c86227e2 Change to OptBool and default to explicit 2015-03-05 13:07:03 -06:00
jvazquez-r7 de08d8247b Do some module cleanup 2015-03-05 13:00:01 -06:00
sinn3r 31191bef39 Fix #4865, undef method 'ancestors' in lib/msf/core/payload_set.rb
Fix #4865
2015-03-05 12:49:51 -06:00
jvazquez-r7 82659aba93 Populate metadata from code to make test easier 2015-03-05 12:40:20 -06:00
jvazquez-r7 dc02f8332f Pass msftidy 2015-03-05 12:29:31 -06:00
jvazquez-r7 a06eb04d59 Deregister FOLDER_NAME on exploit modules 2015-03-05 12:27:12 -06:00
jvazquez-r7 38f8fe382c Update specs 2015-03-05 12:24:41 -06:00
jvazquez-r7 5ede40a39d Change the variable name 2015-03-05 12:21:33 -06:00
jvazquez-r7 e0a22a6794 Add support for folder 2015-03-05 12:19:33 -06:00
Tod Beardsley 0353602829
Add back set_binary_encoding.rb
[See #4875]
2015-03-05 12:05:05 -06:00
sinn3r cb9922ad39
Land #4874, Add PHPMoAdmin command injection 2015-03-05 11:30:44 -06:00
sinn3r 8978b1d7b5 Add a version 2015-03-05 11:29:44 -06:00
Matthew Hall 5b65811fb2 Merge pull request #5 from jvazquez-r7/land_3323
Update with rapid7 master changes. I'll take a further look at this module and add version support to pick the best exploit path for differing tomcat versions.
2015-03-05 14:46:01 +00:00
Ricardo Almeida 32188f09d6 Update phpmoadmin_exec.rb
Changes:
Added required comment at the top of the file;
Changed Class name "Metasploit3" >> "Metasploit4";
Standard name/email format for public PoC author.
2015-03-05 12:56:08 +00:00
Ricardo Almeida 95962aab0d Update phpmoadmin_exec.rb
Changes:
"Check if vulnerable" code improvement;
Payload delivery code improvement;
Minor indent issues.

Thanks for your feedback guys :)
2015-03-05 12:46:53 +00:00
William Vu a23381118b
Land #4878, squid_pivot_scanning interpolation fix 2015-03-05 01:09:40 -06:00
aushack 2f4df39dc9 Fixed typo 2015-03-05 17:40:51 +11:00
sinn3r d40e7485dd Add CVE-2015-0240 auxiliary module 2015-03-04 23:50:14 -06:00
HD Moore 7a354f322c Comment typo (missing i). 2015-03-04 20:11:41 -06:00
HD Moore 95f67dba7a Tell payloads and encoders how much space they have to work with 2015-03-04 19:25:04 -06:00
HD Moore 1001061a96 Initialize @capture_count 2015-03-04 18:52:18 -06:00
Tod Beardsley 4ad9638682
Remove some old and crufty /tools
It's possible someone still wants the Webscarab stand-alone importer,
but I cannot imagine that after years of bitrot that is even viable in
its current state.

The rest of them are all older development tools that are no longer
needed (normal vim/rubymine auto-formatting will do the trick).
2015-03-04 16:46:40 -06:00
jvazquez-r7 b9a30d60d4
Land #3294, @0x41414141's generic dll injection through SMB shared folder 2015-03-04 16:42:24 -06:00
jvazquez-r7 e715eaba58 Update description 2015-03-04 16:39:27 -06:00
jvazquez-r7 e155f2998e Change module filename 2015-03-04 16:38:08 -06:00
jvazquez-r7 77abd57397 Do code cleanup 2015-03-04 16:37:31 -06:00
jvazquez-r7 22ff4d0097 Update with master changes 2015-03-04 16:30:19 -06:00
jvazquez-r7 bcdf261f3b
Land #3076, @0x41414141's generic dll injection through HTTP module 2015-03-04 16:19:14 -06:00
jvazquez-r7 e7de09df29 Change module filename 2015-03-04 16:18:45 -06:00
jvazquez-r7 1337b7ace8 Clean module 2015-03-04 16:18:10 -06:00
Ricardo Almeida 9530e15c81 Update phpmoadmin_exec.rb
Changes:
Changed description section;
Changed 'URL' to 'EDB' in references section;
Added newline at the end.
2015-03-04 21:59:08 +00:00
jvazquez-r7 d4738d8c0a
Update #3076 branch 2015-03-04 15:51:00 -06:00
Ricardo Almeida c19895ac85 Update phpmoadmin_exec.rb
Changes:
Added new URL;
Added CVE number;
Corrected the disclosure date;
Corrected the normalize_uri() function syntax.
2015-03-04 21:31:44 +00:00
jvazquez-r7 5cc9ea3618 Update with master changes 2015-03-04 15:16:12 -06:00
William Vu a64dd4a1af
Land #4871, Postgres PTH support
MSP-12244
2015-03-04 15:08:57 -06:00
David Maloney 8d6ba0e775
fix transient factory bug
pulled re-released metasploit-credential to fix
bug by a hidden change to factories

MSP-1244
2015-03-04 14:58:49 -06:00
David Maloney 7fa8e4faae
fix schema.rb again
screwed it up somehow the first time
2015-03-04 14:01:47 -06:00
David Maloney 2d46c06b97
Merge branch 'master' into feature/MSP-12244/postgres-pass-the-hash 2015-03-04 13:56:10 -06:00
David Maloney dee2e84530
update schema 2015-03-04 13:31:23 -06:00
jvazquez-r7 1676d98bf9
Land #4451, @0x41414141's module for CVE-2014-2623, using the new SMB Share mixin 2015-03-04 13:09:10 -06:00
jvazquez-r7 fa9d921138 Beautify description 2015-03-04 13:07:10 -06:00
jvazquez-r7 8fdb7a798e Change module filename 2015-03-04 13:01:06 -06:00