Commit Graph

30702 Commits (8a17acf847fef4d79a819a6c795d7efc2a32beec)

Author SHA1 Message Date
jvazquez-r7 6bb3171328 Do minor cleanup 2015-01-04 23:12:42 -06:00
jvazquez-r7 711b97ecc5 Beautify metadata 2015-01-04 23:08:46 -06:00
rastating 92015ac124 Replace custom login with wordpress_login mixin 2015-01-04 23:07:07 +00:00
jvazquez-r7 4653e48dba
Land #4515, @bcook-r7's linux meterpreter binaries update 2015-01-04 16:59:24 -06:00
rastating 39412c4a48 Add WordPress long password DoS module 2015-01-04 18:50:23 +00:00
Pedro Ribeiro c9b76a806a Create manageengine_auth_upload.rb 2015-01-04 17:05:53 +00:00
Brent Cook 7ae56865f1 Update linux meterpreter binaries for rapid7/meterpreter#111
This rebuilds the binaries on Ubuntu 10.04 i386 for metepreter PR #111,
improving the reliability and fixing some bugs in linux process migration.

Tested against Ubuntu 10.04 i386 and Ubuntu 14.04 x86_64:

```
meterpreter > ps
...
 55994  48270  server                   0        bcook       ../metasploit-framework/server
 56009  44199  bash                     0        bcook       -bash
 56094  56009  dummy                    0        bcook       ./dummy

meterpreter > migrate 56094
[*] Migrating to 56094
[*] Migration completed successfully.
meterpreter > sysinfo
Computer     : mint
OS           : Linux mint 3.13.0-37-generic #64-Ubuntu SMP Mon Sep 22 21:28:38 UTC 2014 (x86_64)
Architecture : x86_64
Meterpreter  : x86/linux
meterpreter > ps
...
 55994  48270  [server] <defunct>        0        bcook
 56009  44199  bash                      0        bcook       -bash
 56094  56009  dummy                     0        bcook       ./dummy

meterpreter >
```

Verified presence of call stub when debugging a session:

```
(gdb) x/32b 0x61cc28
0x61cc28:	0x90	0x90	0x90	0x90	0x90	0x90	0x90	0x90
0x61cc30:	0x90	0x90	0x90	0x90	0x90	0x90	0x90	0x90
0x61cc38:	0x90	0x90	0x68	0x04	0x00	0x00	0x00	0x68
0x61cc40:	0xff	0xff	0xff	0xff	0xb8	0x5a	0x5a	0x5a
```
2015-01-04 10:47:44 -06:00
Pedro Ribeiro 32d4bf03c3 Add OSVDB id and full disclosure URL 2015-01-04 12:36:51 +00:00
Joshua J. Drake 7295cd34aa One more http// fix 2015-01-03 02:32:08 -06:00
William Vu 327f2839bb
Land #4508, default Ruby 2.1.5 for everyone 2015-01-02 17:15:53 -06:00
OJ 17ff546b0f Remove unnecessary calls to expand path
When using the Meterpreter Binaries gem to locate the path to the
meterpreter DLLs, it's not necessary to use File.expand_path on
the result because the gem's code does this already.

This commit simple removes those unnecessary calls.
2015-01-03 08:30:26 +10:00
Tod Beardsley ff43fbd8de
Land #4509, private/protected workaround for 2.1.5
Fixes #4507. See also #4506 (but does not fix this yet).
2015-01-02 15:53:58 -06:00
sinn3r d45cdd61aa Resolve #4507 - respond_to? + send = evil
Since Ruby 2.1, the respond_to? method is more strict because it does
not check protected methods. So when you use send(), clearly you're
ignoring this type of access control. The patch is meant to preserve
this behavior to avoid potential breakage.

Resolve #4507
2015-01-02 13:29:17 -06:00
Tod Beardsley a6e23e5e4d
Default Ruby 2.1.5 for everyone
See #4506
2015-01-02 11:33:36 -06:00
sinn3r 3c755a6dfa Template 2015-01-02 11:31:28 -06:00
Sven Vetsch b121e2c3fd adds a get and getg method besides the already existing set/setg and unset/unsetg 2015-01-02 12:40:24 +01:00
root c348663204 Add McAfee Hashdump 2015-01-02 10:22:11 +00:00
OJ 5596cee803
Land #4502 - Update linux meterpreter bins 2015-01-02 12:41:35 +10:00
jvazquez-r7 69bda63ef6 Update linux meterpreter binaries 2015-01-01 20:05:36 -06:00
William Vu b64bfd87ca
Land #4501, Wordpress readme regex update 2015-01-01 18:03:15 -06:00
Christian Mehlmauer 056046f38b
update wordpress readme regex 2015-01-01 23:13:20 +01:00
Tod Beardsley c1718fa490
Land #4440, git client exploit from @jhart-r7
Also fixes #4435 and makes progress against #4445.
2015-01-01 13:18:43 -06:00
Tod Beardsley d7564f47cc
Move Mercurial option to advanced, update ref url
See #4440
2015-01-01 13:08:36 -06:00
Tod Beardsley 914c724abe
Rename module
See rapid7#4440
2015-01-01 13:03:17 -06:00
William Vu 2d6571c735
Land #4497, end-of-year .mailmap refresh 2015-01-01 09:10:59 -06:00
William Vu c777bde42e
Land #4495, minor grammar fixes on modules 2015-01-01 09:10:16 -06:00
Tod Beardsley 3ebf5c6d5e
Land #4496, increment the year 2014-12-31 18:01:51 -06:00
Tod Beardsley 45a096208a
Land #4499, containerized builds 2014-12-31 15:53:36 -06:00
Tod Beardsley a61ce66571
Okay last dupe I swear 2014-12-31 14:29:59 -06:00
Tod Beardsley 893322c788
One more dupe, oops! 2014-12-31 14:27:43 -06:00
Tod Beardsley c790d61994
Miss a couple .mailmap updates 2014-12-31 14:22:01 -06:00
Tod Beardsley dc9847bebe
End of year .mailmap refresh 2014-12-31 14:15:13 -06:00
Luke Imhoff bb3e36fded
Cache bundle
MSP-11931
2014-12-31 14:00:11 -06:00
Luke Imhoff b179daeb56
Enable containerized builds
MSP-11931

Disable the need for sudo to allow use of the faster docker
infrastructure.
2014-12-31 13:26:35 -06:00
Luke Imhoff 91e03e1bbb
Remove need for sudo
MSP-11931
2014-12-31 13:25:48 -06:00
Jon Hart 65977c9762
Add some more useful URLs 2014-12-31 10:54:04 -08:00
HD Moore 15468aa6c0 Happy new year! 2014-12-31 12:12:45 -06:00
Tod Beardsley 264d3f9faa
Minor grammar fixes on modules 2014-12-31 11:45:14 -06:00
Spencer McIntyre 6d966dbbcf
Land #4203, @jvazquez-r7's cleanup for java_rmi_server 2014-12-31 11:25:19 -05:00
Brent Cook 92bdf42496
Land #3594, jvazquez-r7's linux meterpreter migration support 2014-12-31 09:20:44 -06:00
Christian Mehlmauer 4f11dc009a
fixes #4490, class.to_s should not be used for checks 2014-12-31 10:46:24 +01:00
Pedro Ribeiro e81e68bdaf Create me_dc9_admin.rb 2014-12-31 02:02:52 +00:00
Pedro Ribeiro 8f466cfbac Merge pull request #12 from rapid7/master
a
2014-12-31 02:00:01 +00:00
jvazquez-r7 dccf189600 Update binaries 2014-12-30 18:39:29 -06:00
jvazquez-r7 722f86f361 Try to guess TMPDIR folder 2014-12-30 18:39:29 -06:00
jvazquez-r7 7596d211e9 Use length for comparision 2014-12-30 18:39:18 -06:00
jvazquez-r7 e903044fd5 Allow to provide writable dir 2014-12-30 18:36:30 -06:00
jvazquez-r7 f17a7e8a61 Better handling of the unix domain socket argument 2014-12-30 18:36:28 -06:00
jvazquez-r7 4df4e8b9d6 Add support for linux meterpreter migration 2014-12-30 18:34:24 -06:00
jvazquez-r7 56df2d0062 Add support for linux meterpreter migrate types 2014-12-30 18:30:15 -06:00