64452de06d
Fix msf/core and self.class msftidy warnings
...
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e02167b1d9596c7
2016-07-15 12:00:31 -05:00
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
1375600780
Land #6644 , datastore validation on assignment
2016-03-17 11:16:12 -05:00
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
2016-03-07 13:19:55 -06:00
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
c7c0e12bb3
remove various module hacks for the datastore defaults not preserving types
2016-03-05 23:11:39 -06:00
360f40249c
Land #6122 , user-assisted Safari applescript:// module (CVE-2015-7007)
2015-10-22 15:07:42 -05:00
9d2e2df1f1
Update description
2015-10-22 15:07:11 -05:00
35578c7292
Add refs.
2015-10-22 09:48:11 -05:00
6a87e7cd77
Add osx safari cmd-R applescript exploit.
2015-10-22 09:46:56 -05:00
203c231b74
Fix #5659 : Update CMD exploits payload compatibility options
2015-08-10 17:12:59 -05:00
35d3bbf74d
Fix up comment splats with the correct URI
...
See the complaint on #4039 . This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
583dab62b2
Introduce and use OS matching constants
2014-05-28 14:35:22 -05:00
7e227581a7
Rework OS fingerprinting to match Recog changes
...
This commit changes how os_name and os_flavor are handled
for client-side exploits, matching recent changes to the
server-side exploits and scanner fingerprints.
This commit also updates the client-side fingerprinting to
take into account Windows 8.1 and IE 9, 10, and 11.
2014-04-01 08:14:58 -07:00
2086224a4c
Minor fixes. Includes a test module.
2014-03-10 14:49:45 -05:00
26be236896
Pass MSFTidy please
2014-03-10 14:45:56 -05:00
9638bc7061
Allow a custom .app bundle.
...
* adds a method to Rex::Zip::Archive to allow recursive packing
2014-03-06 16:11:30 -06:00
5abb442757
Adds more descriptive explanation of 10.8+ settings.
2014-03-06 15:15:27 -06:00
43d315abd5
Hardcode the platform in the safari exploit.
2014-03-06 13:04:47 -06:00
38a2e6e436
Minor fixes.
2014-03-05 19:03:54 -06:00
dca807abe9
Tweaks for BES.
2014-03-05 19:00:15 -06:00
12cf5a5138
Add BES, change extra_plist -> plist_extra.
2014-03-05 18:51:42 -06:00
cd3c2f9979
Move osx-app format to EXE.
2014-03-04 22:54:00 -06:00
32c27f6be0
Tweak timeouts.
2014-03-04 17:16:23 -06:00
40047f01d3
Adds Safari User Assisted download launch module.
2014-03-04 17:02:51 -06:00
7f9f4ba4db
Make gsubs compliant with the new indentation standard
2013-12-31 11:06:53 -06:00
004c1bac78
Reduce number of modules available on BrowserAutopwn
2013-11-12 12:37:29 -06:00
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
0acb170ee8
Bug #8419 - Added platform info missing on exploits
2013-10-08 22:41:50 -04:00
c547e84fa7
Prefer Ruby style for single word collections
...
According to the Ruby style guide, %w{} collections for arrays of single
words are preferred. They're easier to type, and if you want a quick
grep, they're easier to search.
This change converts all Payloads to this format if there is more than
one payload to choose from.
It also alphabetizes the payloads, so the order can be more predictable,
and for long sets, easier to scan with eyeballs.
See:
https://github.com/bbatsov/ruby-style-guide#collections
2013-09-24 12:33:31 -05:00
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
6c1ba9c9c9
Switch to Failure vs Exploit::Failure
2013-08-15 14:14:46 -05:00
abea7e6a47
add osvdb ref 76389
2013-06-20 07:55:50 -05:00
8f2dd8e2ce
msftidy: Remove $Revision$
2013-01-04 00:48:10 +01:00
25aaf7a676
msftidy: Remove $Id$
2013-01-04 00:41:44 +01:00
eb972eaf0a
Add a maxver for the safari_metadata_archive exploit.
...
* Apple Security Update 2006-001 (http://support.apple.com/kb/TA23971 )
* Update applied to 10.4.5, where safari 2.0.3 is default browser.
* Because update did not bump Safari version, not all 2.0.3 browsers will be affected.
2012-12-14 02:17:25 -06:00
fbbed2262b
Updated iOS modules
2012-09-10 17:42:17 -05:00
6a0271fb11
Correct OSX naming. See ticket #7182
2012-08-14 15:29:21 -05:00
fb7f6b49f0
This mega-diff adds better error classification to existing modules
2012-06-19 12:59:15 -05:00
f6c88377f4
Fixes #362 by changing the exitfunction arguments to be the correct type
2012-05-07 02:41:08 -05:00
cc76438a75
Merge branch 'jlee-r7-http-print-standardization'
2012-04-25 15:38:46 -05:00
86a1a58d2c
Fixes #6689 by moving to 7za which is included in the installer
2012-04-23 16:25:24 -05:00
9cdd8912c5
Remove spurious cli.peerhost in output
2012-04-20 13:31:42 -06:00
4a631e463c
Module title normalization
...
Module titles should read like titles. For
capitalization rules in English, see:
http://owl.english.purdue.edu/owl/resource/592/01/
The only exceptions are function names (like 'thisFunc()') and specific
filenames (like thisfile.ocx).
2012-02-21 11:07:44 -06:00
ceb4888772
Fix up the boilerplate comment to use a better url
2012-02-20 19:40:50 -06:00
ed34fd70fd
Modified (and tested) to work on Lion 10.7.2 and 10.7.3
2012-02-03 12:39:22 +02:00
1dec4c0c45
These modules should use vprint_xxx() instead of print_xxx() ... if datastore['VERBOSE']
2012-01-30 13:08:35 -06:00
ad6f8257e1
MSFTidy fixes.
2012-01-18 15:01:32 -06:00
William Vu
Brent Cook
wchen-r7
James Lee
Christian Mehlmauer
joev
jvazquez-r7
URI Assassin
HD Moore
Tod Beardsley
Winterspite
Steve Tornio
joe
sinn3r
Tod Beardsley
Patroklos Argyroudis