9450906ca4
Correctly set Dummy param
2016-06-07 14:42:51 -05:00
f47128ccdd
Cleanup canon_irav_pwd_extract module
2016-06-07 14:31:37 -05:00
a15c79347b
Add canon printer credential harvest module
...
Praedasploit
2016-06-02 16:07:28 -05:00
3ea2f62376
Land #6875 , update description for auxiliary/spoof/nbns/nbns_response
2016-05-15 12:34:53 -05:00
8e85e8f9d7
Land #6859 , Add TP-Link sc2020n Module
2016-05-15 12:33:54 -05:00
5361aaadbd
Update nbns_response.rb
...
Just correcting the description section of this module
2016-05-14 15:24:38 -07:00
21d74a64fe
Land #6874 , Improve exploit for CVE-2016-0854
2016-05-14 11:08:17 -05:00
0d176f2c92
remove a couple of unnecessary ternary ops
2016-05-14 11:07:43 -05:00
c7cbaa08c8
Land #6576 , add Search Engine Subdomains Collector (Bing / Yahoo / ..)
2016-05-14 10:50:53 -05:00
10dcc44e2d
Land #6446 , Speedup pattern_create/offset options parsing
2016-05-14 09:50:19 -05:00
680709c5f2
move requires into run
2016-05-14 09:50:02 -05:00
dd0d68a2b4
speed up options parsing (only require framework when running)
2016-05-14 09:47:08 -05:00
2e3e4f0069
Land #6296 , Added a multi-platform post module to generate TCP & UDP egress traffic
2016-05-14 00:03:00 -05:00
3542d907f7
simplify description, move the bulk of documentation to documentation/
2016-05-14 00:01:51 -05:00
8ce0365c7f
See rapid7/metasploit-payloads#98 , update cached payload sizes
2016-05-13 23:05:34 -05:00
307e565859
Land rapid7/metasploit-payloads#98 , Fix python meterpreter reverse_tcp reconnect.
2016-05-13 22:59:52 -05:00
f9af8446aa
Land #6873 , Resolve Rails 5.0 warning about default log levels
2016-05-13 22:54:12 -05:00
d398419971
Land #6832 , Check LHOST value before running shell_to_meterpreter, add docs
2016-05-13 22:50:22 -05:00
057c25e188
Land #6446 , Cleanup pattern_create/pattern_offset and document options
2016-05-13 22:09:35 -05:00
7cfc4d4523
fix odd indentation and style issues
2016-05-13 22:06:18 -05:00
901b793406
fix some minor indent and style issues
2016-05-13 21:51:54 -05:00
7b83b06ad5
whitespace and remove useless comments
2016-05-13 21:45:41 -05:00
a940481f62
Land #6834 , Authorized FTP JCL exploit for z/OS
2016-05-13 21:29:45 -05:00
5c494480e6
handle failure more gracefully
2016-05-13 21:29:25 -05:00
3b5db26ff5
Fix #6872 , change upload action for CVE-2016-0854 exploit
...
This patch includes the following changes:
* Instead of the uploadFile action, this patch uses uploadImageCommon
to be able to support both Advantech WebAccess builds: 2014 and
2015.
* It uses an explicit check instead of the passive version check.
* It cleans up the malicious file after getting a session.
* Added module documentation to explain the differences between
different builds of Advantech WebAccess 8.0s, and 8.1.
Fix #6872
2016-05-13 19:47:18 -05:00
1adca04c30
Add default config value for log levels (silence Rails 5.0 warning in msfconsole)
2016-05-13 16:51:27 -05:00
621a908b2d
Bump version of framework to 4.12.2
2016-05-13 12:51:58 -07:00
ba4bfca806
Revert "arg bad build, resetting version back one"
...
This reverts commit d86392e96b
2016-05-13 14:48:35 -05:00
d86392e96b
arg bad build, resetting version back one
2016-05-13 14:44:02 -05:00
b6a83f734d
Bump version of framework to 4.12.1
2016-05-13 12:39:43 -07:00
31050a8da7
Rails upgrade to 4.2.6
...
lands all of the rails 4.2 upgrade work
Merge branch 'staging/rails-upgrade'
2016-05-13 14:34:50 -05:00
6c11054d5a
Bump version of framework to 4.12.0
2016-05-13 11:46:03 -07:00
fd543f13af
fix deps
2016-05-13 13:34:18 -05:00
348a4f9fa8
Merge branch 'master' into staging/rails-upgrade
2016-05-13 13:03:22 -05:00
2d5cf6cfe4
Authorized FTP JCL exploit for z/OS
...
This exploit module allows a user with credentials to execute JCL on a
vulnerable mainframe system running z/OS and an appropriately configured
FTP server.
2016-05-12 14:46:31 -05:00
13adc3ee0a
Land #6865 , Add CVE-2015-3224 support to rails_web_console_v2_code_exec
2016-05-12 13:56:01 -05:00
a69432abe5
update module class and move to recon from manage
2016-05-12 12:42:04 -05:00
9f923cdb00
Merge branch 'master' into land-6296-egress
2016-05-12 12:36:47 -05:00
d9abb06a5a
Merge branch 'master' into staging/rails-upgrade
2016-05-12 11:18:51 -05:00
11a672e31d
use raw file write for cuke
...
the write_file method from aruba
was not working properly anymore, replaced it
with a raw ruby file write
2016-05-12 11:17:53 -05:00
4b23d2dc58
Adjusting exception handling
...
This commit adjusts the error handling to close the socket before
calling fail_with and adds specific exceptions to catch
2016-05-11 17:18:51 -05:00
7edaa2abcc
still trying to fix these migrations
...
seeing odd behaviour with mgirations in
rspec
2016-05-11 14:54:40 -05:00
4c2fed37f9
tweak cucumber scenario
...
tweak the database.yml scenario slightly
2016-05-11 14:28:02 -05:00
2fb3123ef2
fix migration crazieness
...
MS-1486
2016-05-11 14:05:34 -05:00
993709e076
Land #6862 , jar payloads
...
lands FireFarts jar payload pr
2016-05-11 09:56:41 -05:00
32e1a19875
Fix up the disclosure date
2016-05-11 00:18:22 -05:00
ded79ce1ff
Fix CVE syntax
2016-05-10 23:18:45 -05:00
4a5d150716
Fixups to continue supporting Rails 4.2.x
2016-05-10 23:12:48 -05:00
04bb493ccb
Small typo fixed
2016-05-10 23:07:51 -05:00
32ae3e881e
Adding save_cred and exception handling to module
...
This commit adds a save_cred method for saving off the credentials
upon a successful login attempt. Also, exception handling surrounding
the opening of the telnet socket has been added to avoid any accidental
resource leaking.
2016-05-10 20:54:44 -05:00
dmohanty-r7
wchen-r7
sho-luv
Brent Cook
Jenkins
David Maloney
Bigendian Smalls
Nicholas Starke
HD Moore