Commit Graph

39148 Commits (87b27951cf307b0dbf7cb221422fc33cd8c3bdad)

Author SHA1 Message Date
William Webb 21e6211e8d add exploit for cve-2016-0189 2016-08-01 13:26:35 -05:00
William Vu 3b13adba70 Hint about incorrect RAILSVERSION
If the secret doesn't match, you might have set the wrong RAILSVERSION.
The difference is secret_token (Rails 3) vs. secret_key_base (Rails 4).
2016-08-01 09:36:25 -07:00
William Vu 4c12c2f6c5 Improve Meterpreter ps -A experience
This allows us to use "x64" instead of "x86_64" in ps -A.
2016-07-31 17:19:57 -07:00
William Vu e699d3f05b Fix empty output in nbns_response
Normally, the module prints nothing unless VERBOSE is true. In practice,
we at least want to see responded-to hosts. We leave details to be
printed when VERBOSE is set.
2016-07-31 09:47:19 -07:00
h00die 38138e66d2 adding docs for #4888 #5697 #6731 2016-07-29 23:11:57 -04:00
William Vu 10653fadb1
Land #7164, jira_collector_traversal COLLECTOR fix 2016-07-29 20:08:30 -07:00
James Lee d46c3a1d8c
Collector looks like hex, store it as a string 2016-07-29 21:57:51 -05:00
h00die b2a521475a adding sparse docs 2016-07-29 22:02:11 -04:00
Brent Cook 8bda3c6382
Land #7121, Don't clobber nil strings when there are empty strings in the config file 2016-07-29 15:49:11 -05:00
Andrew Smith 1d6fa11c4f Addition of SMB delivery module 2016-07-29 14:58:30 -04:00
Metasploit 190bac6e0a
Bump version of framework to 4.12.17 2016-07-29 10:02:06 -07:00
Brent Cook 8ad38aec2f
Land #7109, Add final filesize to msfvenom output 2016-07-29 09:24:10 -05:00
Brent Cook d1f65b27b8
Land #7151, Improve CVE-2016-0099 reliability 2016-07-29 09:22:11 -05:00
Brent Cook 2b75710fce
Land #7157, fix the ms06_067 exploit test 2016-07-29 09:16:18 -05:00
Brent Cook 0afbc4f8ac
Land #7159, tiki_calendar_exec incorrectly reports successful login 2016-07-29 08:59:25 -05:00
James Barnett 0c5765d572
Apparently the tests expected the typo in DATABASE. 2016-07-28 17:40:37 -05:00
wchen-r7 1e1866f583 Fix #7158, tiki_calendar_exec incorrectly reports successful login
Fix #7158
2016-07-28 17:03:31 -05:00
James Barnett 3a254a9441 This is a combination of 5 commits.
@db tests not working because the part where we tell it to connect to the database was commented out.

There was a race condition causing the rc script to exit before all of the sessions were opened. This change properly waits for us to get the expected number of sessions before exiting.

Use a more reliable form of the rc script.

Didn't mean to commit the schema.rb

Forgot new line
2016-07-28 16:30:54 -05:00
Pearce Barry c682490c1b
Land #7128, Add Windows Gather Avira Password Extraction 2016-07-28 16:30:43 -05:00
Pearce Barry 6c7cc061ea Minor formatting tweaks. 2016-07-28 16:29:42 -05:00
Robert Kugler ef2899dfd4 msftidy updates 2016-07-28 16:29:42 -05:00
Robert Kugler 7b4bb75294 Create avira_password.rb 2016-07-28 16:29:42 -05:00
Brendan ee40c9d809
Land #6625, Send base64ed shellcode and decode with certutil (Actually MSXML) 2016-07-28 13:01:05 -07:00
Brendan 2525eab996 persistance -> persistence 2016-07-28 12:56:04 -07:00
Pearce Barry f2a608b400
Land #7152, update global constants to allow for windows 10 2016-07-27 12:58:44 -05:00
William Webb 5b8b15e578 update global constants to allow for windows 10 2016-07-27 12:45:05 -05:00
wchen-r7 322fc11225 Fix whitespace 2016-07-27 12:37:14 -05:00
wchen-r7 dbe31766af Update CVE-2016-0099 Powershell 2016-07-27 12:35:43 -05:00
Brendan af137f3ec3
Land #7127, Fix #6989, scanner modules printing RHOST in progress messages 2016-07-27 09:16:08 -07:00
William Vu c3635e0903
Land #7126, mettle 0.0.6 updates 2016-07-27 10:10:21 -05:00
Brent Cook 288b39e37f update to mettle 0.0.6 2016-07-27 08:59:21 -05:00
Brent Cook 3987c2c0d8 cache sysinfo (we use it a lot, it will not change) 2016-07-27 08:49:19 -05:00
Brent Cook 9cb4880747 allow process architecture to be a string (allow more than x86) 2016-07-27 08:49:19 -05:00
Vex Woo 864989cf6c For echo command 2016-07-26 20:27:23 -05:00
Vex Woo be65f2c4d3 add module doc 2016-07-26 20:26:22 -05:00
Brent Cook 952c2f9d1e
Land #7149, Add uploads dir to Wordpress mixin 2016-07-26 19:39:35 -05:00
William Vu a0c42f5dd2 Add wordpress_url_uploads 2016-07-26 19:10:19 -05:00
Brendan 4720d77c3a
Land #6965, centreon useralias exec 2016-07-26 15:02:36 -07:00
Brendan c21971cb4e Added some info on problems encountered during testing. 2016-07-26 14:59:18 -07:00
wchen-r7 cce1ae6026 Fix #6989, scanner modules printing RHOST in progress messages
Fix #6989
2016-07-25 23:15:59 -05:00
Pearce Barry f7562c09b2
Land #7125, Add timestamping to downloaded files
Fixes MS-1744.
2016-07-25 22:24:53 -05:00
Pearce Barry c35e7fb63f
Land 7124, Remove unwanted <ruby> tag while generating module doc code 2016-07-25 21:11:21 -05:00
William Vu bebff786b7 Add timestamping to downloaded files 2016-07-25 17:18:27 -05:00
dmohanty-r7 249379849d
Land #7119, use rex-ole gem 2016-07-25 16:17:22 -05:00
wchen-r7 21f5da29d4 Remove unwanted <ruby> tag while generating module doc code 2016-07-25 15:38:59 -05:00
wchen-r7 df15eebdf8
Land #7106, multiple keylog_recorder improvements 2016-07-25 14:54:06 -05:00
Pearce Barry 1b6bd927d0 Rex::OLE is now rex-ole gem, fixes MS-1712 2016-07-25 14:05:48 -05:00
wchen-r7 1016cb675d
Land #7107, Use VHOST info for redirection in firefox_proto_crmfrequest 2016-07-24 15:50:21 -05:00
wchen-r7 72caeaa72f Fix redirect url 2016-07-24 15:49:03 -05:00
William Vu 71a2446c0e
Land #7122, small grammar fix in a script 2016-07-23 17:34:15 -05:00