sinn3r
37e75dc644
Make this description a little more sense
2012-04-20 12:25:51 -05:00
James Lee
6cb0fe9fbf
Use the framework thread spawner instead of Rex
...
Not sure why this was Rex before, changed for consistency and to avail
of the ActiveRecord connection release code recently added to the
framework version.
2012-04-20 01:13:12 -06:00
sinn3r
b955569b10
Update the use of get2() in order to support ruby 1.9.3
2012-04-20 01:37:24 -05:00
James Lee
6d0e4fba5e
Go ahead and wrap the db commands as well.
...
Most of this probably isn't necessary, but better safe than sorry.
2012-04-19 23:53:00 -06:00
James Lee
29e01760f0
Wrap more database usage in with_connection block
2012-04-19 23:51:20 -06:00
James Lee
d79f8b0492
Add with_connection wrappers to the database rpc calls
...
Certainly not all of these methods require a connection, but it is
better to check one out when we don't need it than to risk grabbing an
implicit connection that will never be handed back to the pool.
2012-04-19 22:58:24 -06:00
sinn3r
c68a775106
Fix EDB references
2012-04-19 23:53:32 -05:00
David Maloney
5db3e5aa34
Fixes some issues with the nexpose integration library
...
Should now work for all cases
2012-04-19 23:04:14 -05:00
sinn3r
12bf301d2b
Correct file name
2012-04-19 21:17:19 -05:00
sinn3r
05459ca3ff
Change module description
2012-04-19 21:17:19 -05:00
sinn3r
072faa65ec
Massive code cleanup
2012-04-19 21:17:19 -05:00
sinn3r
93134e6fd2
Change default target
2012-04-19 21:17:19 -05:00
unknown
47ecd36805
Implemented Changes suggested by wchen-r7 (sinn3r)
2012-04-19 21:17:19 -05:00
unknown
feb625cab0
Updated module
2012-04-19 21:17:19 -05:00
unknown
8caec4777f
TFTPserverST addition
2012-04-19 21:17:18 -05:00
Tod Beardsley
d33cd386a8
Merge pull request #340 from rsmudge/armitage
...
fix a compatability issue with latest msf changes.
2012-04-19 17:50:43 -07:00
Alexander Klink
8c06e0d46e
Squashed commit of the following:
...
commit 5c82f0acade617d8314858170752c498eac4b4fb
Author: Alexander Klink <git@alech.de>
Date: Thu Apr 19 20:57:21 2012 +0200
pdf2xdp.rb script to convert PDF file to XDP format
XDP is an equivalent format for PDF, but is pretty useful in evading AV
software.
See
https://www.metasploit.com/redmine/issues/3679
http://shiftordie.de/blog/2011/02/09/evading-avs-using-the-xml-data-package-xdp-format/
[Closes #345 ]
2012-04-19 18:27:18 -06:00
sinn3r
93390fa6e2
Fix metadata and some cosmetic stuff
2012-04-19 19:12:27 -05:00
sinn3r
bce6c9abcf
Verify checksum to avoid jumping to a corrupt payload
2012-04-19 18:52:43 -05:00
sinn3r
ae7c2acf9d
Merge branch 'xradio-exploit-module' of https://github.com/b0telh0/metasploit-framework into b0telh0-xradio-exploit-module
2012-04-19 18:09:20 -05:00
sinn3r
9a00823828
Merge branch '0a2940-CVE-2008-5499_adobe_flashplayer_aslaunch'
2012-04-19 18:08:22 -05:00
sinn3r
f5e8f57497
Minor fixes
2012-04-19 18:07:35 -05:00
James Lee
06b3ed2e13
Add with_connection wrappers to the methods I missed
2012-04-19 15:45:23 -06:00
James Lee
876c59b192
Make use of the new ActiveRecord 3.x concurrency contract
...
All Database usage must go through framework.db (which should have been
the case before, anyways) or explicitly checkout and checkin a
connection. Failure to do so causes thread starvation and bizarre
random failures when attempting to use the database.
This commit also explicitly releases database connections at the end of
all threads created via framework.threads.spawn, which should alleviate
Deprecation Warning messages from ActiveRecord.
[Fixes #6613 ]
2012-04-19 14:21:21 -06:00
sinn3r
8d1d63dda8
Correct OSVDB reference, thanks modpr0be
2012-04-19 12:04:11 -05:00
sinn3r
45997b8dd4
Fix typos
2012-04-19 10:54:05 -05:00
sinn3r
37f4e7b3b9
Fix bug #6714 , thanks Scott
2012-04-19 10:22:31 -05:00
Tod Beardsley
8edf3fc8bd
Service info shouldn't be blanked if it exists.
...
Check service.info at the end of reporting a service instead of the
beginning. This will preserve an existing service info in the event
we're re-reporting a service.
[See #6701 ]
2012-04-19 09:47:41 -05:00
Tod Beardsley
ce3d98bc88
vcms_login.rb description
2012-04-19 07:44:28 -05:00
sinn3r
5fde6b759f
Add VCMS brute-force module
2012-04-19 02:25:03 -05:00
sinn3r
81b6e76619
Correct CVE/OSVDB/BID references, thanks Chad.
2012-04-19 00:24:56 -05:00
sinn3r
946ab1514e
Correct module naming style
2012-04-18 20:45:25 -05:00
sinn3r
1065111817
Correct TARGETURI description
2012-04-18 18:57:37 -05:00
sinn3r
7071c30b4b
These modules don't really print anything out with print_status(), which makes it weird to look now that we've implemented egypt's output style changes
2012-04-18 16:07:41 -05:00
sinn3r
0e45b6c06c
Avoid printing ip:port twice
2012-04-18 16:01:10 -05:00
James Lee
1f577b24b2
Merge branch 'rapid7' into http-print-standardization
2012-04-18 08:51:42 -06:00
sinn3r
f3ebe284ca
Minor cosmetic changes
2012-04-18 02:38:25 -05:00
sinn3r
15539c633b
Merge branch 'chap0-gsm' of https://github.com/chap0/metasploit-framework into chap0-chap0-gsm
2012-04-18 02:32:42 -05:00
sinn3r
e52f40daf1
Cosmetic changes
2012-04-18 02:25:43 -05:00
sinn3r
01beddc609
Merge branch 'cyberlink' of https://github.com/mrmee/metasploit-framework into mrmee-cyberlink
...
Conflicts:
modules/exploits/windows/fileformat/cyberlink_p2g_bof.rb
2012-04-18 02:03:59 -05:00
sinn3r
862869e4f2
Strip ms03_020_ie_objecttype from Browser AutoPwn because:
...
1. We have newer browser modules that can replace it, and already do.
2. It uses an egghunter that we don't favor in BAP
3. It uses system addresses, which we no longer favor.
2012-04-17 22:26:14 -05:00
sinn3r
120f2e5795
Merge pull request #341 from jlee-r7/bap-refactor
...
Fix an issue where ie_createobject and others weren't getting tried
2012-04-17 20:14:20 -07:00
James Lee
a2dc890cfa
Don't puke if the connection came from localhost
2012-04-17 19:49:42 -06:00
James Lee
f9b2fe89b2
Merge branch 'rapid7' into http-print-standardization
...
Conflicts:
modules/exploits/windows/browser/apple_quicktime_marshaled_punk.rb
modules/exploits/windows/browser/apple_quicktime_rtsp.rb
modules/exploits/windows/browser/apple_quicktime_smil_debug.rb
2012-04-17 19:15:06 -06:00
James Lee
afe28523f3
Puts testAXO() on window so we can access it from anywhere
...
Also uses the new :method property which allows an array syntax. See
ie_createobject for a usage example.
2012-04-17 18:54:26 -06:00
James Lee
f9a48ace48
Switch to using :method, see previous commit
2012-04-17 18:48:14 -06:00
James Lee
741de34d92
Add a :method property for autopwn_info
...
Replaces the previous overloading of :vuln_test
2012-04-17 18:32:11 -06:00
James Lee
eedf4520be
Merge branch 'rapid7' into bap-refactor
2012-04-17 16:20:11 -06:00
James Lee
c83f2460c5
Use framework's db wrapper instead of Mdm directly
2012-04-17 16:12:25 -06:00
sinn3r
0fccc67774
Add MS12-004 to BAP
2012-04-17 16:40:32 -05:00