Roberto Soares
e94ca0bdd1
Add EDB, OSVDB and author.
2015-04-13 18:42:17 -03:00
Roberto Soares
d5d975c450
Add Module WordPress Creative Contact Form Upload
2015-04-13 18:38:43 -03:00
William Vu
e324819feb
Add Privileged to info hash
...
Also remove default payload. Was set for CMD.
2015-04-13 15:23:30 -05:00
Tod Beardsley
c2a252face
Land #5133 , grammar/spelling fixes from @void-in
2015-04-13 12:47:32 -05:00
Tod Beardsley
c4084659a9
Check @void-in's fixes out
2015-04-13 12:44:40 -05:00
William Vu
1a81938c6e
Land #5132 , @todb-r7's release fixes
2015-04-13 11:07:56 -05:00
Tod Beardsley
bd3b6514fa
Dubbed. Whump whump.
2015-04-13 10:52:32 -05:00
Tod Beardsley
d87483b28d
Squashed commit of the following:
...
commit 49f480af8b9d27e676c02006ae8873a119e1aae6
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Mon Apr 13 10:42:13 2015 -0500
Fix funny punctuation on rootpipe exploit title
See #5119
commit 0b439671efd6dabcf1a69fd0b089c28badf5ccff
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Mon Apr 13 10:37:39 2015 -0500
Fix vendor caps
Trusting the github repo README at
https://github.com/embedthis/goahead
See #5101
2015-04-13 10:46:47 -05:00
root
51dd88114b
Fix grammer in comments
2015-04-13 13:21:41 +05:00
Roberto Soares
2d1f8c510e
Add author and references
2015-04-12 21:21:49 -03:00
Roberto Soares
9f06cee53d
Add Module WordPress WorkTheFlow Shell Upload
2015-04-12 21:09:44 -03:00
joev
2d3614f647
Implement x64 BSD exec and exe template.
...
- Fixes bug in CachedSize due to all options being set
- Adds new payload to payload_spec.
2015-04-12 12:17:25 -05:00
joev
92c12de6db
Fix invalid datastore options.
2015-04-12 00:54:10 -05:00
joev
ceadd1e6ec
Update osx x86 payload cached sizes to be accurate.
...
- Right now there is a bug in the payload_spec, which causes the payload's
datastore during the spec run to have things like 'PrependSetuid' => 'false',
where 'false' is a string, which means 'if (datastore['PrependSetuid'])'
branch will be taken, resulting in incorrect behavior.
2015-04-12 00:21:18 -05:00
joev
eaab665a6d
Remove #generate patch, specs will fail again.
2015-04-12 00:07:39 -05:00
joev
60d98ba892
Implement the remaining syscalls.
2015-04-12 00:02:29 -05:00
joev
3fe6fb44b9
Prevent this from changing cache size.
2015-04-11 23:44:56 -05:00
joev
c132a3fb0a
Fix OSX prepends and implement x64 setreuid.
2015-04-11 20:04:21 -05:00
William Vu
d5903ca5b2
Land #5126 , Meterpreter edit command fix
2015-04-10 17:19:33 -05:00
William Vu
9625504f5b
Land #5121 , timestomp arg/opt order fix
2015-04-10 17:18:14 -05:00
William Vu
8acc768da7
Copy documentation
2015-04-10 17:17:54 -05:00
Sonny Gonzalez
3ae533f995
Merge pull request #5117 from shuckins-r7/chore/MSP-12540/set-postgres93-travis
...
Land #5117 - Set postgres version for Travis to 9.3
2015-04-10 15:36:46 -05:00
rwhitcroft
64c2bf3227
don't raise exception if file download fails
2015-04-10 16:23:33 -04:00
sinn3r
284ef5bbbb
Land #5112 , Nessus REST Login Module
2015-04-10 13:32:53 -05:00
joev
3313dac30f
Land #5119 , @wvu's addition of the OSX rootpipe privesc exploit.
...
orts
borts
2015-04-10 12:38:25 -05:00
root
0adc558395
Merge branch 'wchen-r7-pr5112_update' into aux-scanner-nessus
2015-04-10 22:38:22 +05:00
root
19fe226b30
Correct a minor typo
2015-04-10 22:37:14 +05:00
sinn3r
4419c1c728
Land #5120 , Adobe Flash Player casi32 Integer Overflow
2015-04-10 12:18:11 -05:00
sinn3r
90d525088c
Green rspec
2015-04-10 11:36:23 -05:00
William Vu
e8e7a2a67a
Land #5122 , undefined "upload_path" fix
2015-04-10 11:30:50 -05:00
William Vu
fc814a17ae
Add admin check
...
Also break out version check.
2015-04-10 11:24:49 -05:00
William Vu
41885133d8
Refactor and clean
...
Finally breaking free of some stubborn old habits. :)
2015-04-10 11:22:27 -05:00
William Vu
a7601c1b9a
Use zsh to avoid dropping privs
...
Also add some configurable options.
2015-04-10 11:22:00 -05:00
William Vu
4cc6ac6eaa
Clarify vulnerable versions
2015-04-10 11:22:00 -05:00
William Vu
c4b7b32745
Add Rootpipe exploit
2015-04-10 11:22:00 -05:00
William Vu
289e24e009
Land #5123 , ms14_068_kerberos_checksum typo fix
2015-04-10 10:04:24 -05:00
root
7e6461aea0
Travis error correction
2015-04-10 15:48:48 +05:00
root
8c0d5d66d0
Add spec file
2015-04-10 15:32:03 +05:00
Jon Cave
b2b7da2dc5
Fix spelling of Microsoft in module name
2015-04-10 11:09:16 +01:00
Jon Cave
c6f062d49e
Ensure that local variable `upload_path` is defined
...
Merge `upload_payload` and `parse_upload_response` so that the
`upload_path` variable is defined for use in error messages in the event
of failure.
2015-04-10 10:58:20 +01:00
root
7810f3d9a3
Add previous nessus_xmlrpc_login file
2015-04-10 12:32:42 +05:00
root
bbbd4d3634
change name to keep both XML and REST modules
2015-04-10 12:20:43 +05:00
William Vu
38037062b2
Land #5115 , vulns -R support
2015-04-10 01:51:41 -05:00
rwhitcroft
b5f4b72b51
fix timestomp arg parsing
2015-04-10 00:28:35 -04:00
jvazquez-r7
91f5d0af5a
Add module for CVE-2014-0569
...
* Adobe flash, Integer overflow on casi32
2015-04-09 19:37:26 -05:00
OJ
298b20ba74
Land #5118 - prevent stack trace in https x64
2015-04-10 08:58:06 +10:00
HD Moore
1d166c1ef6
Don't lookup nil platform, prevents a stack trace w/64-bit reverse_https
2015-04-09 17:18:42 -05:00
Samuel Huckins
20514051bc
Set postgres version for Travis to 9.3
2015-04-09 17:16:37 -05:00
sekritskwurl
bd2136427e
Merge pull request #1 from wvu-r7/pr/5115
...
Fix up vulns -R
2015-04-09 18:04:55 -04:00
William Vu
6fbdb51246
Clean up vulns -R and a few others
2015-04-09 16:52:23 -05:00