Commit Graph

45757 Commits (8c88c53e5d858acb1ba146ef86aa255cd7b34682)

Author SHA1 Message Date
Wei Chen 8c88c53e5d
Land #9670, Gitstack v2.3.10 RCE
Land #9670
2018-03-27 13:00:47 -05:00
Wei Chen df49345f5d Update gitstack_rce.md 2018-03-27 12:59:49 -05:00
Brent Cook d90451eb18
Land #9773, update Gemfile.lock for current master 2018-03-27 12:49:02 -05:00
Jeffrey Martin b97ed7f425
updates to Gemfile.lock for current master 2018-03-27 12:28:07 -05:00
Brent Cook a129eb4040
Land #9740, replace factory_girl with factory_bot 2018-03-27 12:00:26 -05:00
Brent Cook b134a33877 Merge branch 'master' into land-9740 2018-03-27 11:59:55 -05:00
James Barnett 9559c06c10
Land #9762, Fix OpenSSL deprecation in Ruby 2.5
This PR replaces a deprecated method in the Ruby 2.5
OpenSSL library. It also bumps the ruby-version to use 2.5.

Fixes #9576
2018-03-27 11:02:44 -05:00
Brent Cook 7445706ca9
Land #9768, Use a better error in scriptable sessions 2018-03-26 20:10:17 -05:00
William Vu a4ad7de4e0 Use a better error in scriptable sessions 2018-03-26 17:56:44 -05:00
Jacob Robles 26463b33a2
Land #9636, Improve post module persistence_exe 2018-03-26 17:48:53 -05:00
Jacob Robles 57b048fbf7
Remove requires, changed in-place modification 2018-03-26 17:46:18 -05:00
William Vu e761d211b9
Land #9708, reload_lib command for msfconsole 2018-03-26 17:10:11 -05:00
William Vu c19fc4c18f
Land #9423, PSH for jenkins_xstream_deserialize 2018-03-26 17:09:16 -05:00
William Vu 862a3ff74d
Land #9618, pipe auditing improvements 2018-03-26 17:01:48 -05:00
h00die 0249fe1e72
Land #9767 land magick number blog link update 2018-03-26 17:40:59 -04:00
Andrew Morris 217dea60fc
Update blog link to up-to-date blog post 2018-03-26 15:43:10 -04:00
William Vu 62c2b433cc
Land #9765, missed Rex require in msfvenom
My bad. I thought I had caught them all. No idea how that happened. :(
2018-03-26 13:00:54 -05:00
William Vu a541e72b92 Update Rex require for consistency
The speedup is minimal at best.
2018-03-26 13:00:11 -05:00
Jeffrey Martin 64a478c41b
fix -b as only options when calling msfvenom 2018-03-26 11:19:57 -05:00
Brent Cook 689a586365 bump Dockerfile to Ruby 2.5 2018-03-26 09:41:41 -05:00
Brent Cook d0fa550cfd bump travis, 2.2 is EOL 2018-03-26 03:42:13 -05:00
Brent Cook 3fb5137c2d use Rex::Socket::SslTcp.supported_ssl_methods for SSLVersion option 2018-03-26 03:40:49 -05:00
Brent Cook d67ae503bf Update base to Ruby 2.5
mask metasploit-aggregator and dependencies on Ruby 2.5
2018-03-26 02:52:52 -05:00
andrea 38af667094 Support for Ruby 2.5.0 fixing OpenSSL warnings 2018-03-26 02:52:02 -05:00
Brent Cook b39e935c5b
Land #9656, add initial Komand plugin stub for evaluation 2018-03-25 07:47:06 -05:00
Brent Cook 4194b6d991
Land #9586, fix #9112, improve android screenshot error message on failure 2018-03-25 07:36:15 -05:00
Brent Cook 1610db482a minor style nits 2018-03-25 07:34:45 -05:00
Brent Cook 95424b781b update android payloads 2018-03-25 07:32:04 -05:00
Brent Cook 7c5c5513eb Merge remote-tracking branch 'upstream/master' into land-9586- 2018-03-25 07:29:55 -05:00
Brent Cook f662049b27 clarify screenshot on android scenario 2018-03-25 07:29:39 -05:00
h00die 80c4d59560
Land #9702 exploit for clipbucket 2018-03-24 19:59:17 -04:00
h00die 0028e2c5ba documentation update 2018-03-24 19:25:59 -04:00
Matthew Kienow eb1fc949d1
Land #9747, make notes -o status similar to hosts 2018-03-23 17:54:33 -04:00
Jon Hart d0ef5617fa
Merge master and resolve conflict 2018-03-23 14:25:21 -07:00
Brent Cook 778906d836
Land #9717, add new remote data service 2018-03-23 13:55:12 -05:00
James Barnett 6b3a4a56dc Merge branch 'rapid7/master' into goliath 2018-03-23 11:26:31 -05:00
Matthew Kienow eb47962050
Land #19, externalize db_export command 2018-03-23 10:58:21 -04:00
Touhid M Shaikh 230c0a295f
Delete playsms_uploadcsv_exec.rb 2018-03-23 12:29:07 +05:30
Touhid M Shaikh b18912447f
playsms_uploadcsv_exec.rb
import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows remote code execution via vectors involving the User-Agent HTTP header
2018-03-23 12:24:04 +05:30
James Barnett ed5b22a541
Address more code review comments 2018-03-22 21:47:59 -05:00
James Barnett 6c5a7a663a
Merge branch 'goliath' into MS-2879_db_export 2018-03-22 21:22:23 -05:00
Jon Hart a1287a0776
Remove blank before services output 2018-03-22 18:26:50 -07:00
Jon Hart 2ce8423883
Make vulns and notes with -o similar to services and hosts
Now all of them will simply save the requested information to an output
file if specified and will let you know where the file is when done.
Previously, notes and vulns would also print out all of the notes and
vulns, which just felt weird and inconsistent.  So, I fixed it.
2018-03-22 18:18:12 -07:00
Jeffrey Martin b9fc786d24
Land #9744, Add synchronization around public module metadata cache methods 2018-03-22 17:24:39 -05:00
Christopher Lee f5b1d27345
Merge pull request #20 from clee-r7/MS-2910-remote-vuln-read-update-delete
MS-2910: Remote Vuln Read Update Delete
2018-03-22 15:41:07 -05:00
William Vu 09cb4a52df Update smb_ms17_010 scanner with PipeAuditor mixin 2018-03-22 15:37:45 -05:00
William Vu e4c026fffd Update pipe_auditor module with PipeAuditor mixin 2018-03-22 15:37:45 -05:00
William Vu 23a7444646 Add PipeAuditor mixin to Psexec_MS17_010 mixin 2018-03-22 15:37:44 -05:00
William Vu 558ecbcb49 Add PipeAuditor mixin 2018-03-22 15:37:36 -05:00
Metasploit 880f8eee9d
Weekly dependency update 2018-03-22 10:07:18 -07:00