wchen-r7
95920b7ff6
Bring back more working links
2015-10-29 15:57:16 -05:00
wchen-r7
da52c36687
Put back some links
2015-10-29 15:48:47 -05:00
wchen-r7
e7d6493311
Replace links
2015-10-28 10:45:02 -05:00
wchen-r7
154fb585f4
Remove bad references (dead links)
...
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
William Vu
93a2507223
Land #6137 , has_key -> has_key?
2015-10-27 09:39:13 -05:00
William Vu
74353686a3
Land #6136 , rescue SMB error for psexec
2015-10-27 09:31:37 -05:00
wchen-r7
e0801b39ba
Fix undef method has_key for module_references.rb tool
...
I made a typo. Should be has_key?, not has_key
2015-10-26 23:12:01 -05:00
jvazquez-r7
b2e3ce1f8a
Allow to finish when deletion fails
2015-10-26 16:40:36 -05:00
William Vu
5ad30d0070
Land #6067 , @bigendiansmalls' MainframeShell class
2015-10-26 16:01:18 -05:00
wchen-r7
9adfd296a0
Land #6128 , Th3 MMA mma.php Backdoor Arbitrary File Upload
2015-10-26 15:26:06 -05:00
wchen-r7
0d9ebe13a1
Modify check
2015-10-26 15:25:38 -05:00
bigendian smalls
d70d30c003
Merged to most recent metasploit-framework/master
2015-10-26 15:09:32 -05:00
bigendian smalls
43dbdcea76
Removed process_autoruns from mainframe_shell
...
Removed process_autoruns until we can write a fully compatible one or
fully regression test the existing. Likely the former because of
encoding issues
2015-10-26 14:55:40 -05:00
Bigendian Smalls
430a83b148
Merge pull request #1 from wvu-r7/pr/6067
...
Clean up Msf::Sessions::MainframeShell
2015-10-26 14:48:18 -05:00
William Vu
bbc1e43149
Remove raise, since it broke things
...
Need to pass through silently.
2015-10-26 14:45:21 -05:00
William Vu
43eae0b97f
Clean up Msf::Sessions::MainframeShell
2015-10-26 12:15:45 -05:00
wchen-r7
f4abc16c66
Land #6102 , Add rsh/libmalloc privilege escalation exploit module
2015-10-26 10:54:05 -05:00
JT
4f244c54f8
Update mma_backdoor_upload.rb
2015-10-26 23:01:38 +08:00
bigendian smalls
d53be873dc
Updating master to metasploit/master
2015-10-26 09:24:24 -05:00
Sam H
5fcc70bea4
Fixed issue w/ msf payloads + added timeout rescue
...
Apparently when OS X payload shells get a sudo command, it requires a full path (even though it clearly has $PATH defined in its env...) to that file. The updates here take that into account. Also, the script more directly catches a timeout error when the maximum time for sudoers file to change has passed.
2015-10-25 23:38:48 -07:00
William Vu
69de8b92fd
Land #6134 , PAYLOAD and LHOST for jobs (not -v)
2015-10-24 18:27:32 -05:00
Spencer McIntyre
e0fef4890f
Land #6126 , fix SSH_DEBUG from LoginScanner refactor
2015-10-24 17:51:35 -04:00
James Lee
71b8c97f0e
Always print PAYLOAD and LPORT in 'jobs'
2015-10-24 14:48:03 -05:00
JT
ad80f00159
Update mma_backdoor_upload.rb
2015-10-24 11:16:49 +08:00
JT
f461c4682b
Update mma_backdoor_upload.rb
2015-10-24 11:15:26 +08:00
Brent Cook
2e1f1fd6aa
Land #6130 , include hostname in vuln query scope
2015-10-23 15:30:40 -07:00
Brent Cook
065fe57ad7
bundler 1.10 :(
2015-10-23 15:30:04 -07:00
Louis Sato
84e8708900
bump mdm to 1.2.9
...
MS-120
* search scope for vulns now queries host name
2015-10-23 11:07:17 -05:00
wchen-r7
f2b4737e4a
Land #6127 , Fix #3859 Add support for registry_key_exist?
2015-10-23 10:59:57 -05:00
wchen-r7
b76192dbcb
Land #6099 , make_nops doesn't take into account all the compatible encoders
2015-10-22 21:26:25 -05:00
JT
be89cb32c9
Th3 MMA mma.php Backdoor Arbitrary File Upload
2015-10-23 08:47:40 +08:00
jvazquez-r7
d5a010c230
Add support for registry_key_exist?
2015-10-22 16:07:38 -05:00
William Vu
f00f90532a
Fix SSH_DEBUG for ssh_login{,_pubkey}
2015-10-22 15:14:45 -05:00
wchen-r7
360f40249c
Land #6122 , user-assisted Safari applescript:// module (CVE-2015-7007)
2015-10-22 15:07:42 -05:00
wchen-r7
9d2e2df1f1
Update description
2015-10-22 15:07:11 -05:00
joev
35578c7292
Add refs.
2015-10-22 09:48:11 -05:00
joev
6a87e7cd77
Add osx safari cmd-R applescript exploit.
2015-10-22 09:46:56 -05:00
Sam H
348a0f9e3d
Cleaned up "cleanup" method and crontab check
...
The script now searches for the full line "ALL ALL=(ALL) NOPASSWD: ALL" written in the crontab file to ensure that it is successful rather than just "NOPASSWD". Additionally, the required argument used in the cleanup method was removed and simply turned into an instance method so it could be accessed without needing to call it with any arguments.
2015-10-21 22:53:32 -07:00
Brent Cook
190181301d
Land #6119 , update to mdm 1.2.8 (fixes search queries)
2015-10-21 17:09:36 -05:00
Brent Cook
7596f13407
remove bundled-with message
2015-10-21 17:08:54 -05:00
Louis Sato
867bf340ab
bump mdm to 1.2.8
...
MSP-13273
2015-10-21 16:58:27 -05:00
Kyle Gray
3f556c6fee
Land #6117 , Fix nil http_method in php_include
2015-10-21 13:45:32 -05:00
William Vu
997e8005ce
Fix nil http_method in php_include
2015-10-21 13:22:09 -05:00
William Vu
129544c18b
Land #6112 , splat for ZPanel exploit
2015-10-21 13:07:51 -05:00
William Vu
ccc0e55e0c
Land #6116 , target for minishare_get_overflow
2015-10-21 13:06:34 -05:00
Boumediene Kaddour
e188bce4c9
Update minishare_get_overflow.rb
2015-10-21 16:48:31 +02:00
wchen-r7
f06d7591d6
Add header for zpanel_information_disclosure_rce.rb
2015-10-20 16:19:44 -05:00
wchen-r7
70b005de7f
Land #6041 , Zpanel info disclosure exploit
2015-10-20 16:08:16 -05:00
wchen-r7
728fd17856
Make code changes for zpanel_information_disclosure_rce.rb
...
Use Nokogiri and URI, as well as indent fixes and other things
2015-10-20 16:07:02 -05:00
Brent Cook
cb2d5a6c54
Land #6110 , fix typos in exec_powershell, datstore confusion
2015-10-20 13:10:13 -05:00