Commit Graph

38383 Commits (9450906ca464e47b462cad5c22135b7ac688587d)

Author SHA1 Message Date
OJ d136844d3b Add error handling around double-bind of ports 2016-05-03 10:42:41 +10:00
thao doan 27542066fa Land #6843, Fixed info -d [module path] 2016-05-02 14:43:50 -07:00
thao doan a09fadc4fc Land #6840, Display the KB first if it's available for module docs 2016-05-02 14:38:49 -07:00
thao doan d617ca59f3 Land #6844, Add documentation for struts_dmi_exec 2016-05-02 14:31:34 -07:00
thao doan c3bd46f2c8 Land #6836, Add documentation for private_migrate module 2016-05-02 14:13:24 -07:00
wchen-r7 027855def4 Add module documentation for struts_dmi_exec 2016-05-02 15:43:34 -05:00
wchen-r7 68ad9b0b53
Land #6835, support Windows and Java platforms for struts_dmi_exec 2016-05-02 15:04:42 -05:00
wchen-r7 df44dc9c1c Deprecate exploits/linux/http/struts_dmi_exec
Please use exploits/multi/http/struts_dmi_exec, which supports
Windows and Java targets.
2016-05-02 15:03:25 -05:00
wchen-r7 ffc91a193c Fix #6841, info -d [module path] not spawning module documentation
Fix #6841
2016-05-02 14:23:29 -05:00
wchen-r7 71c8ad555e Resolve #6839, Make Knowledge Base as default
Resolve #6839
2016-05-02 14:12:09 -05:00
Brian Patterson be363411de
Land #6317, Add delay(with jitter) option to auxiliary scanner and portscan modules 2016-05-02 13:09:40 -05:00
David Maloney fb5b228984
Merge branch 'master' into staging/rails-upgrade 2016-05-02 11:33:35 -05:00
dmaloney-r7 3b893cf740 Merge pull request #6581 from bcook-r7/uuidretry
don't send a response on invalid UUID, allow stagers to survive another day
2016-05-02 11:23:02 -05:00
HD Moore 3300bcc5cb Make msftidy happier 2016-05-02 02:33:06 -05:00
HD Moore 67c9f6a1cf Add rails_web_console_v2_code_exec, abuse of a debug feature 2016-05-02 02:31:14 -05:00
Josh Hale 3aca699d09 Add priv_migrate.md 2016-04-30 19:02:45 -05:00
join-us 6a00f2fc5a mv exploits/linux/http/struts_dmi_exec.rb to exploits/multi/http/struts_dmi_exec.rb 2016-05-01 00:00:29 +08:00
join-us ec66410fab add java_stager / windows_stager | exploit with only one http request 2016-04-30 23:56:56 +08:00
Jenkins d4f1c78c5c
Bump version of framework to 4.11.24 2016-04-29 13:38:06 -07:00
wchen-r7 73ac6e6fef
Land #6831, Add CVE-2016-3081 Apache struts s2_032 DMI Code Exec 2016-04-29 11:53:47 -05:00
wchen-r7 d6a6577c5c Default payload to linux/x86/meterpreter/reverse_tcp_uuid
Default to linux/x86/meterpreter/reverse_tcp_uuid for now because
of issue #6833
2016-04-29 11:52:50 -05:00
join-us 288975a9ce rm modules/exploits/multi/http/struts_dmi_exec.rb 2016-04-30 00:44:31 +08:00
Security Corporation 9d279d2a74 Merge pull request #15 from wchen-r7/pr6831
Changes for Apache struts from @wchen-r7
2016-04-30 00:37:53 +08:00
join-us 15ffae4ae8 rename module name 2016-04-30 00:17:26 +08:00
join-us 1d95a8a76d rename struts_code_exec_dynamic_method_invocation.rb to struts_dmi_exec.rb 2016-04-30 00:13:34 +08:00
wchen-r7 97061c1b90 Update struts_dmi_exec.rb 2016-04-29 11:13:25 -05:00
join-us 9e56bb8358 send http request (get -> post) 2016-04-30 00:08:00 +08:00
wchen-r7 e9535dbc5b Address all @FireFart's feedback 2016-04-29 11:03:15 -05:00
wchen-r7 6f6558923b Rename module as struts_dmi_exec.rb 2016-04-29 10:34:48 -05:00
wchen-r7 2f66442f1d Fix #5191, bad LHOST format causes shell_to_meterpreter to backtrace
When using shell_to_meterpreter via a pivot, the LHOST input's format
might be invalid. This is kind of a design limitation, so first we
check the input, and there is a module doc to go with it to explain
a workaround.

Fix #5191
2016-04-28 23:03:54 -05:00
join-us 643591546e struts s2_032 rce - linux_stager 2016-04-29 10:49:56 +08:00
Sonny Gonzalez 8ade61d251
Land #6824, read large XML or .zip file fix
Replaces REXML with Nokogiri XML reader to
fix the out of memory error when importing
large XML or .zip files
2016-04-28 15:28:44 -05:00
dmohanty-r7 20ec56d06a Do not parse empty web_sites
MS-255
2016-04-28 13:17:03 -05:00
dmohanty-r7 5a4e70fdf0 Fixes indentation in check_msf_xml_version!
MS-255
2016-04-28 13:17:02 -05:00
dmohanty-r7 f4f607d815 Correct comments to use Nokogiri::XML::Element
MS-255
2016-04-28 13:17:02 -05:00
dmohanty-r7 56fd5a745e Do not parse element if empty
MS-255
2016-04-28 13:17:02 -05:00
dmohanty-r7 050061762b Fix db_manager rspec tests
MS-255
2016-04-28 13:17:02 -05:00
dmohanty-r7 0e568674d7 Add comments on parse functions
MS-255
2016-04-28 13:17:01 -05:00
dmohanty-r7 0759848ad5 Use Nokogiri Reader in zip import
MS-255
2016-04-28 13:17:01 -05:00
dmohanty-r7 83ff60c111 Force encoding on import xml
MS-255
2016-04-28 13:17:01 -05:00
dmohanty-r7 e4fcaefc8c Unpack and pack an unsigned integer per 8 bytes
MS-255
2016-04-28 13:17:01 -05:00
dmohanty-r7 e6a8d69b0b Force encoding of XML import
MS-255
2016-04-28 13:17:00 -05:00
dmohanty-r7 f1d8e1d693 Parse web_data in xml import
MS-255
2016-04-28 13:17:00 -05:00
dmohanty-r7 802dfabbe3 Converts XML importer to use Nokogiri Reader
MS-255
2016-04-28 13:17:00 -05:00
wchen-r7 d4b89edf9c Fix #6398, Missing Content-Length header in HTTP POST
RFC-7230 states that a Content-Length header is normally sent in
a POST request even when the value (length) is 0, indicating an
empty payload body. Rex HTTP client failed to follow this spec,
and caused some modules to fail (such as winrm_login).

Fix #6398
2016-04-28 11:44:10 -05:00
OJ 93ce0fe912
Land #6826 - Update payloads to 1.1.18 2016-04-28 07:55:49 +10:00
wchen-r7 2a91a876ff Update php/meterpreter_reverse_tcp size 2016-04-27 16:14:38 -05:00
wchen-r7 aa707fd63b Update gem metasploit-payloads to 1.1.8 2016-04-27 15:25:01 -05:00
wchen-r7 bf34ceeb76 Update gem metasploit-payloads to 1.1.8 2016-04-27 15:24:44 -05:00
wchen-r7 d80d2bb8d3 Land #6825, Fixed borders on code boxes 2016-04-27 11:59:52 -07:00