Commit Graph

35869 Commits (949a4c797be35efc2b813dc3f66adc067de6b020)

Author SHA1 Message Date
William Vu c642057fa0 Clean up module 2015-10-13 12:03:41 -05:00
jaguasch 772f9d8742 Changes based on espreto recommendations 2015-10-13 16:06:26 +01:00
jaguasch 7790f14af2 Auxiliary module to exploit CVE-2015-5531 (Directory traversal) in Elasticsearch before 1.6.1 2015-10-13 13:05:58 +01:00
William Vu a4f0666fea
Land #6081, DLink -> D-Link 2015-10-12 18:05:52 -05:00
William Vu 8c8ce17c3a
Land #6080, COPYING whitespace fixes 2015-10-12 18:05:00 -05:00
William Vu 4ee3e4b58f
Land #6076, 64-bit payloads for MSSQL modules 2015-10-12 18:04:15 -05:00
Tod Beardsley 185e947ce5
Spell 'D-Link' correctly 2015-10-12 17:12:01 -05:00
Tod Beardsley 336c56bb8d
Note the CAPTCHA exploit is good on 1.12. 2015-10-12 17:09:45 -05:00
Tod Beardsley cc5003b502
Get rid of some tabs in COPYING 2015-10-12 17:03:45 -05:00
HD Moore 6f3bd81b64 Enable 64-bit payloads for MSSQL modules 2015-10-11 12:52:46 -05:00
jvazquez-r7 ed0b9b0721
Land #6072, @hmoore-r7's lands Fix #6050 and moves RMI/JMX mixin namespace 2015-10-10 00:24:12 -05:00
jvazquez-r7 b9b488c109 Deleted unused exception handling 2015-10-09 23:38:52 -05:00
jvazquez-r7 c60fa496c7
Delete extra spaces 2015-10-09 23:37:11 -05:00
jvazquez-r7 e6fbca716c
Readd comment 2015-10-09 23:29:23 -05:00
jvazquez-r7 af445ee411
Re apply a couple of fixes 2015-10-09 23:24:51 -05:00
HD Moore a590b80211 Update autoregister_ports, try both addresses for the MBean 2015-10-09 20:20:35 -07:00
HD Moore 2b94b70365 Always connect to RHOST regardless of JMXRMI address 2015-10-09 17:49:22 -07:00
Brent Cook 209fd781b6
Land #6065, add SRVHOST tab completion 2015-10-09 17:52:18 -05:00
Brent Cook 47cd215cef
Land #6042, update rvm and jenkins to use Ruby 2.1.7 2015-10-09 17:26:16 -05:00
HD Moore cd2e9d4232 Move Msf::Java to the normal Msf::Exploit::Remote namespace 2015-10-09 13:24:34 -07:00
Tod Beardsley 84455c2167
Land #6701, HP SiteScope issue 2015-10-09 15:08:41 -05:00
Tod Beardsley 94bb94d33a
Working URL for real 2015-10-09 15:07:44 -05:00
Tod Beardsley b04f947272
Fix blog post date, derp 2015-10-09 14:59:57 -05:00
Tod Beardsley 55ef6ebe91
HP SiteScope vuln, R7-2015-17
On behalf of @l0gan, already reviewed once by @jvazquez-r7, reviewed
again by me.

For details, see:

https://community.rapid7.com/community/metasploit/blog/2017/10/09/r7-2015-17-hp-sitescope-dns-tool-command-injection
2015-10-09 14:55:48 -05:00
jvazquez-r7 5e9faad4dc Revert "Merge branch using Rex sockets as IO"
This reverts commit c48246c91c, reversing
changes made to 3cd9dc4fde.
2015-10-09 14:09:12 -05:00
jvazquez-r7 c48246c91c
Merge branch using Rex sockets as IO 2015-10-09 13:42:09 -05:00
jvazquez-r7 347495e2f5
Rescue Rex::StreamClosedError when there is a session 2015-10-09 13:41:41 -05:00
jvazquez-r7 3aa7b513d5
Delete safe_get_once 2015-10-09 13:34:38 -05:00
jvazquez-r7 3cd9dc4fde
Fix JMX Server specs 2015-10-09 12:17:44 -05:00
jvazquez-r7 62272e64ed
Fix RMI Registry specs 2015-10-09 12:16:59 -05:00
Jon Hart 7a16f28969
Land #6069 2015-10-09 10:14:19 -07:00
jvazquez-r7 12d2594095
Add StringIO stub to Msf::Java::Rmi::Client::Jmx::Connection 2015-10-09 12:00:35 -05:00
jvazquez-r7 3d1ec54f02
Stub has_read_data? 2015-10-09 11:36:24 -05:00
William Vu 8670224ea0 Prefer do/end 2015-10-09 11:26:33 -05:00
jvazquez-r7 eabe742b9d
Expose the timeout betweed reads as mixin option 2015-10-09 11:17:44 -05:00
William Vu b95d5790f6 Improve output 2015-10-09 11:13:50 -05:00
William Vu 6d2a89e9a6 Be more descriptive about EOFError
There are other modules that could be updated, surely.
2015-10-09 11:05:17 -05:00
jvazquez-r7 5fab1cc71a
Add loop timeout 2015-10-09 11:05:05 -05:00
wchen-r7 8aed503ad2 Change EXITFUNC acceptable options
This gets rid of the nil option because this is the same as "".
And then we change the empty value to ''.
2015-10-08 16:52:17 -05:00
jvazquez-r7 3dd7fdfd95
Land #6055, @wvu-r7's -q option for msfd
* Fixes #5770
2015-10-08 14:10:27 -05:00
jvazquez-r7 326141ffa8
Initialize the DisableBanner option 2015-10-08 14:08:45 -05:00
William Vu 2f50374bf9 Add SRVHOST tab completion
A trivial update to @jlee-r7's code.
2015-10-08 14:01:21 -05:00
wchen-r7 352535e15d
Land #6026, Add support for NewClass elements on Rex::Java::Serialization 2015-10-08 12:33:12 -05:00
brent morris 28454f3b2e MSFTidyness 2015-10-08 12:59:46 -04:00
Brent Cook 421ed382ab
Land #6052, update msftidy path 2015-10-07 16:52:32 -05:00
Brent Cook 9d51abe4b5 fix msftidy link 2015-10-07 16:52:21 -05:00
Brent Cook d26a299a14
Land #6052, organize tools into the new structure 2015-10-07 16:17:42 -05:00
wchen-r7 3a0f7ce699
Land #6044, ManageEngine ServiceDesk Plus Arbitrary File Download 2015-10-07 15:24:14 -05:00
wchen-r7 f0b6d3c68e Change error message to avoid an undef method bug 2015-10-07 15:23:29 -05:00
wchen-r7 871f46a14e
Land #6038, ManageEngine ServiceDesk Plus Arbitrary File Upload 2015-10-07 15:17:58 -05:00