William Vu
9713124e54
Land #6802 , resolve command for Meterpreter
2016-04-22 17:18:31 -05:00
William Vu
7f8491149f
Fix minor whitespace issues
2016-04-22 17:18:10 -05:00
wchen-r7
0756ede128
Land #6801 , Add post mod Windows Gather EMET Protected Paths
2016-04-22 16:04:16 -05:00
wchen-r7
da9f156913
Print IP in print_*
2016-04-22 16:03:31 -05:00
wchen-r7
3aa02891e9
Bring #6801 up to date with upstream-master
2016-04-22 14:04:26 -05:00
wchen-r7
e1ce5bdc9a
Land #6464 , Add CVE-2011-0922 HP Data Protector 6.10/6.11/6.20 exploit
2016-04-22 13:55:41 -05:00
wchen-r7
4a435e8d13
Bring hp_dataprotector_install_service up to date w/ upstream-master
2016-04-22 13:42:41 -05:00
wchen-r7
db1d973ef0
Cosmetic changes for hp_dataprotector_install_service
2016-04-22 13:41:18 -05:00
Jenkins
d70dcbf4a4
Bump version of framework to 4.11.23
2016-04-22 09:34:10 -07:00
Brent Cook
50a77af5b9
Land #6804 , fix #6803 , info command fails to show module references
2016-04-22 08:32:25 -04:00
Vincent Yiu
e9f43c3645
Merge pull request #2 from open-security/enum_emet
...
syntax check / code reduce
2016-04-22 09:16:16 +01:00
join-us
c1a64b1f6f
fix: issues/6803 - info command references bug
2016-04-22 15:14:35 +08:00
OJ
540409e735
Add `resolve` to the meterpreter command line
...
I'm aware that this already exists as a post module, but there's nothing more annoying than having to bail out of Meterpreter, use the right module, set up the host list, etc all to just fire off a one-liner.
So this commit adds the command directly to Meterpreter's command line so that you don't have to do all that. This doesn't support specifying a file with the hosts in it (the post module does that). This is intended for quick resolution of particular hosts quickly.
2016-04-22 13:21:19 +10:00
join-us
16ff74e293
syntax check / code reduce
2016-04-22 10:53:03 +08:00
Vincent Yiu
ca4bcfe62a
Update enum_emet.rb
...
Cleaned up a bit more
2016-04-22 00:41:10 +01:00
Vincent Yiu
c81d0ade3f
Update, implemented
...
Took @bcook-r7's advice
2016-04-22 00:37:03 +01:00
Vincent Yiu
30ac6b4a93
enum_emet
...
A module to enumerate all the EMET wildcard paths.
2016-04-22 00:20:25 +01:00
wchen-r7
98f89ca23a
Land #6794 , Fixed yard doc errors
2016-04-21 13:16:45 -05:00
wchen-r7
6cb93f2af2
Make yard doc ignore @probe
2016-04-21 13:15:58 -05:00
thao doan
5e36a3128c
Fix #5197 , Fixed yard doc errors
...
Fix #5197 Fixed issues that caused errors during yard doc generation
2016-04-21 13:06:00 -05:00
dmohanty-r7
67968e912c
Land #6785 Add CVE-2016-0854 Advantech WebAccess Arbitrary File Upload
2016-04-21 12:02:04 -05:00
Brent Cook
e75ce8b248
update test to hook exist? rather than exists?
2016-04-21 06:56:48 -04:00
Brent Cook
57ab974737
File.exists? must die
2016-04-21 00:47:07 -04:00
504137480
c08872144f
Update advantech_webaccess_dashboard_file_upload.rb
2016-04-21 09:33:03 +08:00
504137480
dcb9c83f98
Update advantech_webaccess_dashboard_file_upload.rb
2016-04-21 09:28:42 +08:00
Louis Sato
6b3326eab2
Land #6707 , support for LURI handler
2016-04-20 16:26:07 -05:00
wchen-r7
e1e43db551
Land #6789 , remove overwritten keys from hashes
2016-04-20 13:33:31 -05:00
wchen-r7
f32bae8cf3
Land #6791 , fix 127.0.0.1 regex for autoroute post module
2016-04-20 13:28:20 -05:00
Josh Hale
57467b94d9
Fix RegExp evaluation in is_routable? function
2016-04-20 10:22:46 -05:00
Brent Cook
57cb8e49a2
remove overwritten keys from hashes
2016-04-20 07:43:57 -04:00
Brian Patterson
b74930f5c9
Land #6771 , Deprecate dns_bruteforce / dns_cache_scraper / dns_info / dns_reverse_lookup / dns_srv_enum
2016-04-19 16:30:36 -05:00
David Maloney
5d0de63dc7
fiddling bits on db migrations
...
getting duplicate migrations errors in pro,
trying to isolate
2016-04-19 15:00:55 -05:00
David Maloney
1006902aea
fix migrations from deps
...
the mgirations from mdm and credential were not
being pulled in correctly by the rake db tasks
fixed this in the databases.rake file
2016-04-19 14:46:05 -05:00
thao doan
62eae867df
Land #6787 , Fixed yard doc errors
2016-04-19 09:17:11 -07:00
504137480
2400345fff
Merge pull request #2 from open-security/advantech_webaccess_dashboard_file_upload
...
Advantech webaccess dashboard file upload
2016-04-19 12:59:32 +08:00
join-us
0407acc0ec
add print_status with vuln_version?
2016-04-19 11:22:00 +08:00
join-us
c88ddf1cc4
fix NilClass for res.body
2016-04-19 10:27:20 +08:00
Christian Mehlmauer
3b280d45a4
fix some yardoc issues
2016-04-18 21:00:21 +02:00
thao doan
fd603102db
Land #6765 , Fixed SQL error in lib/msf/core/exploit/postgres
2016-04-18 10:44:20 -07:00
wchen-r7
89a3755754
Land #6786 , post/windows/manage/autoroute improvements
...
Resolve #6781
2016-04-18 12:11:42 -05:00
thao doan
e70d967b4e
Land #6763 , Add rspec for lib/metasploit/framework/login_scanner/redis
2016-04-18 10:05:24 -07:00
xiaozhouzhou
e59a91cddf
Merge branch 'open-security-advantech_webaccess_dashboard_file_upload' into CVE-2016-0854
2016-04-19 00:23:10 +08:00
xiaozhouzhou
a895b452e6
fix
2016-04-19 00:21:26 +08:00
Brent Cook
4c0a53a809
replace 'and' with '&&'
2016-04-18 08:26:02 -05:00
Brent Cook
c596421b01
use generate_uri_uuid_mode for java reverse_http
2016-04-18 08:26:02 -05:00
Tim
edd30e433e
https tweaks
2016-04-18 08:26:02 -05:00
OJ
555352b210
Force lurl string duplication to avoid stageless issues
...
I have NO idea why this is even a problem. Mutating state is the spawn of satan.
2016-04-18 08:25:19 -05:00
OJ
a74a7dde55
More fixies for LURI in Python, and native too
2016-04-18 08:25:19 -05:00
OJ
06d53112e3
Add support for LURI to the java and android payloads
2016-04-18 08:24:41 -05:00
OJ
b95267997d
Fix LURI support for stageless, transport add/change and code tidies
2016-04-18 08:24:41 -05:00