Commit Graph

50247 Commits (9375ee2ffc0bdc65e90ee8e9636caf2404473d97)

Author SHA1 Message Date
Jacob Robles 307cc8c107
fix comment 2019-01-09 11:12:51 -06:00
Jacob Robles 984ff284ac
Land #11199, update joomla wordlists 2019-01-09 10:07:09 -06:00
Clément Notin cf1b4b43cb
auxiliary/fileformat/badpdf: fix syntax and logic error in options handling 2019-01-09 14:30:24 +01:00
Jacob Robles 0c984fa232
Fix messages /successfuly/successfully 2019-01-09 06:32:22 -06:00
Matthew Kienow e83e1b23bd
Add support for starting JSON-RPC server 2019-01-08 22:40:15 -05:00
Matthew Kienow b6cfb5f697
Add Msf::Util::ServiceHelper class 2019-01-08 22:39:26 -05:00
James Barnett f77eab1522
Land #11180, add search and filter options to session-events API endpoint 2019-01-08 16:39:34 -06:00
Matthew Kienow e71aac715b
Move common parameter information to RootApiDoc 2019-01-08 17:20:13 -05:00
Matthew Kienow 48c3f1c92d
Fix typo 2019-01-08 17:11:01 -05:00
James Barnett a2548fe92d
Only lookup db connections by name
Matching on all attributes was causing issues when the connection
criteria would change for a db service at a host that already existed.
It would find the existing connection and load that outdated connection
and fail to connect.

The new functionality will save a new, valid connection with a randomly
generated name, unless the -n flag is specified to overwrite an existing
connection.
2019-01-08 15:21:14 -06:00
Jacob Robles 16b8cf7059
Land #11148, Adding Module MailCleaner RCE 2019-01-08 14:10:31 -06:00
Jacob Robles a0acfa79d7
Target payloads 2019-01-08 13:27:26 -06:00
Jacob Robles 5f8d8c3637
Update doc 2019-01-08 13:25:13 -06:00
Matthew Kienow 84a8c9b638
Minor method comment change 2019-01-08 14:02:40 -05:00
Matthew Kienow 3510a3daa2
Correct documentation errors 2019-01-08 14:02:40 -05:00
Matthew Kienow c55ef72437
Update OpenAPI documentation for GET operation 2019-01-08 14:02:40 -05:00
Matthew Kienow 63c3404f64
Add test for session_events method 2019-01-08 14:02:40 -05:00
Matthew Kienow 8c29319b25
Add session_events method 2019-01-08 14:02:40 -05:00
Matthew Kienow fa783256eb
Remove unnecessary argument default value 2019-01-08 14:02:39 -05:00
Matthew Kienow d677eb16a9
Enhance session_events query 2019-01-08 14:02:32 -05:00
Matthew Kienow d117e6a1d1
Land #11142, use POST for API token generation 2019-01-08 11:59:30 -05:00
James Barnett 466b0004e1
Land #11163, add API endpoint for retrieving Mdm::Events 2019-01-08 09:26:53 -06:00
Jacob Robles c2da3dbbd3
Land #11052, Add gather chrome cookies post module 2019-01-08 07:32:16 -06:00
Jacob Robles 8ca8206303
Update docs 2019-01-08 07:15:50 -06:00
Jacob Robles a95384e288
Additional support and code cleanup 2019-01-08 06:57:56 -06:00
James Barnett 69ee3a4a26
Land #11187, Conform LoginServlet to API standards 2019-01-07 17:03:39 -06:00
James Barnett f23142c19c
Land #11183, add authentication to LoginServlet endpoints 2019-01-07 17:02:31 -06:00
Erin Bleiweiss cfa22bb4ec
Exclude key from VulnDetail update 2019-01-07 16:33:50 -06:00
Erin Bleiweiss 771469f4cd
Update all Mdm::xx.update() instances 2019-01-07 16:24:13 -06:00
Erin Bleiweiss 6641c606b2
Add support for db import from remote data service 2019-01-07 14:32:27 -06:00
James Barnett 02fda8625a
Address code review comments.
- Fix CSS on submit button
- Dont generate a new token when logging in to web form
- Also added text to account page to send the user to the login page when not logged in
2019-01-07 13:52:01 -06:00
William Vu f96514528b
Land #10648, auth bypass for couchdb_enum 2019-01-07 12:53:11 -06:00
William Vu 3a726554e9 Fix review comments 2019-01-07 12:51:52 -06:00
Qazeer a63c057c3a Integrate bcoles' comments (filename generation, conditional block improvement, etc.) 2019-01-06 22:50:46 +01:00
Qazeer c03466d2f2 Fixed date format issue and added Bugtraq ID 2019-01-06 14:34:40 +01:00
Qazeer 4644ad8966 Add CVE-2018-15961 Adobe ColdFusion CKEditor unrestricted file upload 2019-01-06 04:55:20 +01:00
h00die ed98fc8b71 update PR template to ask for unique branch 2019-01-04 21:53:25 -05:00
h00die 49b8552d59 update joomla wordlists 2019-01-04 21:38:49 -05:00
asoto-r7 ddebc291f2
Added partial 'ysoserial-modified' support, along with debug flags 2019-01-04 16:43:06 -06:00
asoto-r7 0ca4dd829e
Fixed an off-by-one error in fingerprinting string randomization 2019-01-04 16:31:43 -06:00
Matthew Kienow b5c4ac6af3
Land #11113, fixes for vuln and credential APIs 2019-01-04 17:05:12 -05:00
Metasploit 9ac96b213f
Weekly dependency update 2019-01-04 14:00:12 -08:00
James Barnett 101fbb7aa5
Address code review comments 2019-01-04 15:23:24 -06:00
James Barnett 83267d08e0
Update jquery version and use SRI 2019-01-04 15:23:24 -06:00
James Barnett 4bbf84b949
Update login test page to use POST for generate-token 2019-01-04 15:22:32 -06:00
James Barnett 4ea2c5bc49
Update msfdb to use POST generate-token 2019-01-04 15:22:32 -06:00
James Barnett 60681e4385
Use POST for token generation 2019-01-04 15:22:32 -06:00
James Barnett 1b29e17827
Dont array wrap refs 2019-01-04 15:10:21 -06:00
James Barnett b875d391fc
WIP: updating ref lookup based on code review comments 2019-01-04 15:10:20 -06:00
James Barnett 5f43ec0a79
Address code review comment 2019-01-04 15:10:20 -06:00