b02719e795
Attempt to appease Travis...
2017-06-20 11:36:08 -05:00
c7a55ef92f
Added exploit documentation
2017-06-20 09:03:40 +02:00
3cd28b28e2
Land #8569 , Add ability to specify API token instead of password
2017-06-19 17:42:35 -05:00
58cd432120
Added docs, minor code tweak to remove duplication.
2017-06-19 17:35:41 -05:00
700dfee963
Land #8584 , remove meterpreter TLVs for dead code
2017-06-19 15:56:15 -05:00
c0efb7bc76
Land #8573 , Adapted the authentitcity_token scheme
2017-06-19 15:45:20 -05:00
722d9a278c
Land #8580 , cachedump iteration count fix
...
lands rogdham's fixes for the ms cache dump post module
2017-06-19 14:04:07 -05:00
27469f8fac
Land #8582 , Rogdham Hashdump fixes
...
Land's Rogdham's fixes to the Hashdump post module
to support Windows 10!
2017-06-19 13:40:40 -05:00
6d38dffbe1
convert conditionals to case statements
...
just a little tidying up by using case statements
2017-06-19 13:40:00 -05:00
071dc09b1f
fix spelling
2017-06-19 10:31:24 -05:00
f7c133cdf7
Add OSX support to railgun
2017-06-19 11:11:55 -04:00
681f9f37a6
updated check if powershell is available
2017-06-19 08:35:57 +01:00
a48f0fcec6
Remove references to Meterpreter CRYPTO TLVs
...
This feature wasn't supported, and so the TLVs are no longer needed.
2017-06-19 16:53:33 +10:00
096469a8ec
added PROCESS persistence method
2017-06-18 20:42:07 +01:00
a01796d114
Make hashdump module work on Windows 10, fix #7936
2017-06-18 16:35:17 +02:00
03116d7933
Land #8543 , add error handling to ARM linux reverse tcp stager
2017-06-18 15:38:16 +08:00
210a4cb299
fix indent
2017-06-18 15:35:23 +08:00
8c23769cbc
Updated module to use an instance variable for using HTTP session tokens across functions.
2017-06-18 12:59:34 +10:00
7fb36edd50
corrected msftidy warnings
2017-06-17 22:58:47 +02:00
31a5cc94b2
Easy File Sharing HTTP Server 7.2 - Post Overflow exploit
2017-06-17 22:35:21 +02:00
75fab600c5
Add iteration count to cachedump module, fix #8560
2017-06-17 22:23:41 +02:00
19ceb53304
Modified payload handling and uploaded documentation
2017-06-18 02:04:22 +10:00
6096e373cc
removed whitespace
2017-06-17 10:44:30 +01:00
85173f36f7
moved exploit method moved to top
...
added logon persistence option
fixed typo
cleaned up formatting
2017-06-17 10:30:38 +01:00
86f5f3f002
Fix AES key length in cachedump module, fix #8525
2017-06-17 11:20:29 +02:00
b82051757d
Add SurgeNews User Credentials scanner module
2017-06-17 01:49:47 +00:00
c9e000e379
add new version
2017-06-16 20:59:19 -04:00
41e96f9ff1
updated docs
2017-06-16 20:54:25 -04:00
42d1fae2e6
Upstream console search additions and fixes
...
The -S flag for console commands, backed by search functionality
in Rex' tables, originally pushed upstream in #1604 (iirc), lacks
coverage for a number of commands which benefit a good deal from
inline filtering of the potentially large number of results.
Push more -S flags and surrounding table functionality upstream
to provide coverage for the console commands included in framework.
Include a fix for deleting hosts when DB references are a problem.
Include a fix for the upstream route command wherein scope must be
defined for the routing target by assuming a /32 without explicit
definition.
Note:
With this in place, console behavior when filtering results is
roughly analagous to the R7 filtering in web UI, which should help
those of us trying to use both maintain corresponding workflows.
Testing:
Used in-house for years, though changes to the diff from upstream
and our fork (expunging some internal code) are untested, so would
appreciate eyes and hands on.
2017-06-16 20:28:51 -04:00
07051d1f00
Removed whitespace
2017-06-17 09:59:46 +10:00
8eb59eac3f
Stuffed up regex.. left some random $ characters floating around and have now removed them.
2017-06-17 08:03:09 +10:00
6363a319d2
Fixed Typo
2017-06-17 07:32:17 +10:00
6245a91281
Merge branch 'master' of https://github.com/mccurls/metasploit-framework
2017-06-17 07:26:54 +10:00
b34bf76fea
Adding GoAutoDial RCE module
2017-06-17 07:22:41 +10:00
3b97bf3ddf
Adding GoAutoDial RCE module
2017-06-17 06:28:03 +10:00
652e237131
add missing .to_binary_s calls
2017-06-16 13:39:04 -05:00
9ce0bb9345
Bump version of framework to 4.14.28
2017-06-16 10:02:07 -07:00
ef7434b59b
added new authentitcity_token scheme
2017-06-16 16:54:38 +02:00
f008f2aa8f
working code
2017-06-16 08:24:54 -04:00
1773a5f188
fix indent
2017-06-16 15:57:09 +09:00
4647f3410a
Merge pull request #1 from timwr/fix-8543
...
fix mmap return cmp
2017-06-16 15:30:02 +09:00
55b71e115f
Land #8535 , MSGRPC module minor fixes
2017-06-15 21:44:34 -05:00
49d998f7d9
catch invalid tokens
2017-06-15 21:45:29 -04:00
53253bfa37
Land #8558 , Fix AMT scanner when parsing mangled HTML
2017-06-15 20:42:33 -05:00
f4158eeac9
Land #8568 : Move php_preamble before $ipaddr and $port
2017-06-16 11:16:30 +10:00
f4ffade406
add ability to specify API token instead of password
2017-06-15 21:05:53 -04:00
5f74da9023
Move php_preamble before $ipaddr and $port
...
php_preamble contains a <?php tag now, so we need to move it to the top.
2017-06-15 19:50:57 -05:00
c634931f0d
Updated payload cached size after the python3 fix
2017-06-16 09:05:31 +10:00
2c0f41ee8f
Fix session guid handling in python 3
...
I made the mistake of using str.decode() which isn't a thing in python3
(works fine in 2). So this commit fixes it so that the GUID string
itself is generated directly as a byte string, so that the call to
decode() isn't needed at all.
2017-06-16 09:01:29 +10:00
9cf9d22bae
fix mmap return cmp
2017-06-16 06:26:40 +08:00
Pearce Barry
Mzack9999
James Lee
David Maloney
h00die
Spencer McIntyre
NickTyrer
OJ
Rogdham
Tim
mccurls
Brendan Coles
RageLtMan
root
William Webb
Metasploit
SecureAB
tkmru
@tkmru
Brent Cook
thesubtlety
William Vu