8b430826c6
merge screwed up gesmepc
...
add net-ssh back into the gemspec
2016-07-05 11:08:57 -05:00
5f9f3259f8
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup
2016-07-05 10:48:38 -05:00
7f341336b2
Land #7067 , bcook's rex tools fix
...
this pr fixes rex requires in the various tools that were
disrupted by the new gemification of rex
2016-07-05 10:34:59 -05:00
85937ab839
require new gems inside rex.rb
...
have the root rex namespace require the new rex gems
to prevent broken requires when things greedily require all of rex
2016-07-05 10:33:45 -05:00
054ac5ac19
Bump version of framework to 4.12.11
2016-07-05 07:49:37 -07:00
e29d5b9efe
Land #6954 , Fix the available size of payload for exploit/.../payload_inject
2016-07-05 07:38:27 -07:00
f9f47f7a79
fix tools that need rex-text to function
2016-07-05 02:38:40 -05:00
5dc7d4b16e
Land #7043 , Fix-up double slash handling with the LURI parameter
2016-07-05 01:21:33 -05:00
85dfec0cf5
minor whitespace
2016-07-05 01:20:54 -05:00
58e37931c5
Land #7040 , Decrease chance of an error when exiting a interactive shell
2016-07-05 01:15:39 -05:00
5a8469d1cb
Land #7053 , Account for the newer R7 committers in mailmap
2016-07-05 01:07:22 -05:00
ef322ab9aa
Land #7066 - revert #6581 as it causes a regression
2016-07-05 16:05:48 +10:00
4b77de2174
Land #7030 , Ensure 'show options' reflects correct values
2016-07-05 00:48:46 -05:00
cfc368ab65
Land #6959 , Add Linux ARM big endian ipv4 bind shellcode
2016-07-05 00:41:00 -05:00
6575be72de
Land #7059 , restore default pattern length for pattern_offset
2016-07-05 00:33:40 -05:00
5181fa53ba
Land #7052 , Update nokogiri to v1.6.8, fixes #7051
2016-07-05 00:27:19 -05:00
b9891aab27
Land #7007 , Added JCL header data to mainframe payload module
2016-07-05 00:22:20 -05:00
9b4028d2d7
Revert #6581 , it causes regressions
...
We need a more clever solution without breaking HttpUnknownRequestResponse.
2016-07-05 00:11:15 -05:00
54dfcee665
Land #7055 , add netgear_soap_password_extractor docs
2016-07-04 23:59:10 -05:00
3fe4ffb225
Change default pattern length
...
Changed from 1024 to 8192 per previous version.
2016-07-03 16:08:54 -04:00
12812650c0
Land #7054 , Fix busted alpha encoding on ms02_018_htr
2016-07-02 17:07:25 -05:00
844c13dc17
added new vuln device to netgear list, plus docs
2016-07-01 18:32:30 -04:00
3850431966
Fix busted alpha encoding on this old-ass exploit
2016-07-01 17:20:00 -05:00
6108352683
And Thao, too!
2016-07-01 16:10:21 -04:00
10e45bbebe
Account for the newer R7'ers in mailmap
2016-07-01 15:55:49 -04:00
c45f30a7a9
Update nokogiri to v1.6.8, fixes #7051 .
2016-07-01 14:53:25 -05:00
bca0d716c0
Land #7047 , Ensure http_login scanner module saves passwds
2016-07-01 12:21:28 -05:00
1bf03ab4ec
Merge pull request #1 from wvu-r7/pr/6954
...
Fix some silly things in payload land
2016-07-02 01:01:52 +09:00
70a79bb0e8
Land #7014 , Nagios remote root shell exploit
2016-07-01 08:17:38 -07:00
2e97a08954
Land #7046 , Pad host field in notes -d command
2016-07-01 10:14:45 -05:00
02d40eb576
Land #7044 , Pass exploit SRVPORT in BrowserAutopwn2
2016-07-01 09:49:05 -05:00
4b01213fb5
Rewrite the logic to be positive
...
unless is the devil. unless/else doubly so.
2016-07-01 09:15:42 -05:00
a1bd640eff
Fix hashrocket alignment
2016-07-01 09:05:03 -05:00
d42d9f8557
Add module docs to appease the Thao god
2016-07-01 01:17:27 -05:00
9663f88fdc
Download profile.zip instead of including it
...
profile.zip is GPL-licensed...
2016-07-01 01:17:23 -05:00
159446ce92
Ensure http_login scanner module saves passwds.
...
Fixes #6983 . When the auxiliary/scanner/http/http_login module discovers a successful basic auth user+password combination, make sure we properly store the password by specifically telling the credentials gem that the private data we're storing is a :password.
2016-06-30 16:58:39 -05:00
6e1b6e96a9
Land #7032 , rm -rf lib/rex/encoders
...
Dead code!
2016-06-30 16:32:14 -05:00
f0cd25dcee
Land #7035 , lib/sshkey* swap to gem
2016-06-30 16:25:27 -05:00
1401a61f59
Land #6998 , Fix #6984 Undefined method 'winver' in ms10_092_schelevator
2016-06-30 16:14:09 -05:00
fec2301fc8
Land #7037 , db_export -f xml stack trace fix
...
Missed during the Rails upgrade.
2016-06-30 15:58:38 -05:00
cdf3c63af9
Land #7045 , Fix interactive shell with Windows Meterpreter
2016-06-30 15:51:33 -05:00
343f4010bd
Prefer newer hash syntax
2016-06-30 15:43:06 -05:00
dbcdc300e5
Fix #7019 , Pad host field in notes -d command
...
The notes -d command is always expecting a host address, but
fileformat exploits don't have this type of information when the
exploit file is generated, therefore there isn't enough fields
provided for Rex table.
Fix #7019
2016-06-30 15:38:58 -05:00
d6c7ac51d6
Fix interactive shell with Windows Meterpreter
...
see https://github.com/rapid7/metasploit-payloads/pull/105
2016-06-30 15:34:40 -05:00
20c2a10e8a
Add note about issues to CONTRIBUTING.md
2016-06-30 15:14:59 -05:00
118caa13bf
Fix #7021 , Pass exploit SRVPORT in BrowserAutopwn2
...
In BrowserAutoPwn2, the mixin forgets to pass the SRVPORT datastore
option to the exploits, so they always use the default 8080. As a
result, if a different SRVPORT is set, BAP2 would be serving the
target machine with bad exploit links.
Fix #7021
2016-06-30 14:20:53 -05:00
23399326c2
Fix up double slashes, tweak syntax
2016-06-30 12:56:29 -05:00
afbeb2b668
Land #7023 , fixes for swagger exploit
...
Thanks @sdavis-r7!
See #7015 as well.
2016-06-30 10:54:34 -04:00
d1281b6594
Chmod to remove the exec bit.
2016-06-30 10:43:46 -04:00
0a85f1d233
Fix an error when exiting a interactive shell
2016-06-30 16:19:10 +09:00
David Maloney
Metasploit
Brendan
Brent Cook
OJ
x90" * 365
Pearce Barry
h00die
James Lee
Tod Beardsley
wchen-r7
ssyy201506
William Webb
William Vu
HD Moore