William Webb
21e6211e8d
add exploit for cve-2016-0189
2016-08-01 13:26:35 -05:00
William Vu
3b13adba70
Hint about incorrect RAILSVERSION
...
If the secret doesn't match, you might have set the wrong RAILSVERSION.
The difference is secret_token (Rails 3) vs. secret_key_base (Rails 4).
2016-08-01 09:36:25 -07:00
William Vu
4c12c2f6c5
Improve Meterpreter ps -A experience
...
This allows us to use "x64" instead of "x86_64" in ps -A.
2016-07-31 17:19:57 -07:00
William Vu
e699d3f05b
Fix empty output in nbns_response
...
Normally, the module prints nothing unless VERBOSE is true. In practice,
we at least want to see responded-to hosts. We leave details to be
printed when VERBOSE is set.
2016-07-31 09:47:19 -07:00
h00die
38138e66d2
adding docs for #4888 #5697 #6731
2016-07-29 23:11:57 -04:00
William Vu
10653fadb1
Land #7164 , jira_collector_traversal COLLECTOR fix
2016-07-29 20:08:30 -07:00
James Lee
d46c3a1d8c
Collector looks like hex, store it as a string
2016-07-29 21:57:51 -05:00
h00die
b2a521475a
adding sparse docs
2016-07-29 22:02:11 -04:00
Brent Cook
8bda3c6382
Land #7121 , Don't clobber nil strings when there are empty strings in the config file
2016-07-29 15:49:11 -05:00
Andrew Smith
1d6fa11c4f
Addition of SMB delivery module
2016-07-29 14:58:30 -04:00
Metasploit
190bac6e0a
Bump version of framework to 4.12.17
2016-07-29 10:02:06 -07:00
Brent Cook
8ad38aec2f
Land #7109 , Add final filesize to msfvenom output
2016-07-29 09:24:10 -05:00
Brent Cook
d1f65b27b8
Land #7151 , Improve CVE-2016-0099 reliability
2016-07-29 09:22:11 -05:00
Brent Cook
2b75710fce
Land #7157 , fix the ms06_067 exploit test
2016-07-29 09:16:18 -05:00
Brent Cook
0afbc4f8ac
Land #7159 , tiki_calendar_exec incorrectly reports successful login
2016-07-29 08:59:25 -05:00
James Barnett
0c5765d572
Apparently the tests expected the typo in DATABASE.
2016-07-28 17:40:37 -05:00
wchen-r7
1e1866f583
Fix #7158 , tiki_calendar_exec incorrectly reports successful login
...
Fix #7158
2016-07-28 17:03:31 -05:00
James Barnett
3a254a9441
This is a combination of 5 commits.
...
@db tests not working because the part where we tell it to connect to the database was commented out.
There was a race condition causing the rc script to exit before all of the sessions were opened. This change properly waits for us to get the expected number of sessions before exiting.
Use a more reliable form of the rc script.
Didn't mean to commit the schema.rb
Forgot new line
2016-07-28 16:30:54 -05:00
Pearce Barry
c682490c1b
Land #7128 , Add Windows Gather Avira Password Extraction
2016-07-28 16:30:43 -05:00
Pearce Barry
6c7cc061ea
Minor formatting tweaks.
2016-07-28 16:29:42 -05:00
Robert Kugler
ef2899dfd4
msftidy updates
2016-07-28 16:29:42 -05:00
Robert Kugler
7b4bb75294
Create avira_password.rb
2016-07-28 16:29:42 -05:00
Brendan
ee40c9d809
Land #6625 , Send base64ed shellcode and decode with certutil (Actually MSXML)
2016-07-28 13:01:05 -07:00
Brendan
2525eab996
persistance -> persistence
2016-07-28 12:56:04 -07:00
Pearce Barry
f2a608b400
Land #7152 , update global constants to allow for windows 10
2016-07-27 12:58:44 -05:00
William Webb
5b8b15e578
update global constants to allow for windows 10
2016-07-27 12:45:05 -05:00
wchen-r7
322fc11225
Fix whitespace
2016-07-27 12:37:14 -05:00
wchen-r7
dbe31766af
Update CVE-2016-0099 Powershell
2016-07-27 12:35:43 -05:00
Brendan
af137f3ec3
Land #7127 , Fix #6989 , scanner modules printing RHOST in progress messages
2016-07-27 09:16:08 -07:00
William Vu
c3635e0903
Land #7126 , mettle 0.0.6 updates
2016-07-27 10:10:21 -05:00
Brent Cook
288b39e37f
update to mettle 0.0.6
2016-07-27 08:59:21 -05:00
Brent Cook
3987c2c0d8
cache sysinfo (we use it a lot, it will not change)
2016-07-27 08:49:19 -05:00
Brent Cook
9cb4880747
allow process architecture to be a string (allow more than x86)
2016-07-27 08:49:19 -05:00
Vex Woo
864989cf6c
For echo command
2016-07-26 20:27:23 -05:00
Vex Woo
be65f2c4d3
add module doc
2016-07-26 20:26:22 -05:00
Brent Cook
952c2f9d1e
Land #7149 , Add uploads dir to Wordpress mixin
2016-07-26 19:39:35 -05:00
William Vu
a0c42f5dd2
Add wordpress_url_uploads
2016-07-26 19:10:19 -05:00
Brendan
4720d77c3a
Land #6965 , centreon useralias exec
2016-07-26 15:02:36 -07:00
Brendan
c21971cb4e
Added some info on problems encountered during testing.
2016-07-26 14:59:18 -07:00
wchen-r7
cce1ae6026
Fix #6989 , scanner modules printing RHOST in progress messages
...
Fix #6989
2016-07-25 23:15:59 -05:00
Pearce Barry
f7562c09b2
Land #7125 , Add timestamping to downloaded files
...
Fixes MS-1744.
2016-07-25 22:24:53 -05:00
Pearce Barry
c35e7fb63f
Land 7124, Remove unwanted <ruby> tag while generating module doc code
2016-07-25 21:11:21 -05:00
William Vu
bebff786b7
Add timestamping to downloaded files
2016-07-25 17:18:27 -05:00
dmohanty-r7
249379849d
Land #7119 , use rex-ole gem
2016-07-25 16:17:22 -05:00
wchen-r7
21f5da29d4
Remove unwanted <ruby> tag while generating module doc code
2016-07-25 15:38:59 -05:00
wchen-r7
df15eebdf8
Land #7106 , multiple keylog_recorder improvements
2016-07-25 14:54:06 -05:00
Pearce Barry
1b6bd927d0
Rex::OLE is now rex-ole gem, fixes MS-1712
2016-07-25 14:05:48 -05:00
wchen-r7
1016cb675d
Land #7107 , Use VHOST info for redirection in firefox_proto_crmfrequest
2016-07-24 15:50:21 -05:00
wchen-r7
72caeaa72f
Fix redirect url
2016-07-24 15:49:03 -05:00
William Vu
71a2446c0e
Land #7122 , small grammar fix in a script
2016-07-23 17:34:15 -05:00