88ef3076e4
Land #6441 , x86/BMP polyglot encoder
2016-01-08 17:09:24 -06:00
78bc394f80
Fix #6268 , Use FileDropper for axis2_deployer
...
Fix #6268
2016-01-08 17:09:09 -06:00
7dacf20fca
Merge pull request #1 from dmaloney-r7/feature/priv-migrate/minor-tweaks
...
Some minor Tweaks to priv_migrate
2016-01-08 15:17:45 -07:00
5e6620f2cf
add yard doc and lexical sorting
...
lexical sort methods and add missing YARD docs
2016-01-08 14:36:21 -06:00
536378e023
move datastore kill check to kill method
...
move the datastore check for datatstore['KILL']
into the actual kill method for sake of DRYness
2016-01-08 14:31:42 -06:00
9716b97e1c
split up the migration efforts
...
move admin and suer migrations into
seperate methods for enhanced readability
and maintainability
2016-01-08 14:26:39 -06:00
ad50f9a047
move default targets to constants
...
cleanup the way the target lists get populated
to use constants and be a little cleaner and dryer
2016-01-08 14:03:30 -06:00
e82d4e364d
Land #6437 , Code of Conduct
...
"Don't be a jerk."
2016-01-08 11:21:18 -06:00
1e54b00016
bump Gemfile.lock for latest framework version
...
The release automation did not update this automatically with the last release,
so this is a one-time manual update to match the current framework version.rb.
2016-01-08 09:44:47 -06:00
3a5805faaf
add CTR mode to support the new ciphers
2016-01-08 01:43:21 +00:00
5a710e4969
add aes128-ctr encryption algorithm
2016-01-08 01:15:17 +00:00
f82e32372e
add aes192-ctr encryption algorithm
2016-01-08 01:14:09 +00:00
3dc822588f
add aes256-ctr encryption algorithm
2016-01-08 01:12:27 +00:00
77cd28c136
add dh group exchange sha256 kex to net-ssh lib
2016-01-08 00:58:48 +00:00
192505fe2d
killing threads and closing sockets more elegantly
2016-01-07 17:57:32 -06:00
dea4f35b0e
Bump to 4.11.7
2016-01-07 15:56:59 -08:00
5266860cec
Squashed more commits back into 1
2016-01-07 17:53:49 -06:00
675100946b
Initial SSL working OK
2016-01-07 17:53:48 -06:00
6a2b4c2530
Fix #6445 , Unexpected HttpServer terminations
...
Fix #6445
Problem:
When an HttpServer instance is trying to register a resource that
is already taken, it causes all HttpServers to terminate, which
is not a desired behavior.
Root Cause:
It appears the Msf::Exploit::Remote::TcpServer#stop_service method
is causing the problem. When the service is being detected as an
HttpServer, the #stop method used actually causes all servers to
stop, not just for a specific one. This stopping route was
introduced in 04772c8946
2016-01-07 16:55:41 -06:00
8cead41f74
Land #6448 , set the high-level require to metasploit/credential
2016-01-07 16:18:22 -06:00
e38ff7079a
changing the require to start at metasploit_credentials
2016-01-07 15:49:49 -06:00
24290dc169
Address x86/Bmp polyglot encoder feedback
2016-01-07 10:23:32 -05:00
22a0d970da
Don't delete the payload after running.
2016-01-07 02:26:01 -06:00
fb99c61089
Remove print_status statement.
2016-01-07 01:17:49 -06:00
210f065427
Add a background option for the echo cmdstager.
2016-01-07 01:16:08 -06:00
eb0b66a4cf
Land #6390 , report exceptions on bind/listen failure
2016-01-06 21:44:06 -06:00
4e99c873c8
Fix issue when target_pid == current_pid
2016-01-06 19:58:07 -06:00
60c506d7fb
Replace error handling methods
2016-01-06 18:53:54 -06:00
6062d991ec
Land #6410 , update to metasploit-framework 4.11.6
2016-01-06 14:41:59 -06:00
6d157aafdb
update for metasploit-framework 4.11.6
2016-01-06 14:41:24 -06:00
7f9b804060
Land #6410 , remove JtR binaries, update for independent framework releases
2016-01-06 14:16:49 -06:00
97ae09729c
Add john.conf to data dir as referenced by: lib/metasploit/framework/jtr/cracker.rb
2016-01-06 13:00:05 -06:00
ae57bce262
Adding wordlists back to path
2016-01-06 12:54:25 -06:00
388bfec46c
Land #6415 , update rspec3 conventions
2016-01-06 12:14:15 -06:00
6e65d1d871
Land #6411 , chinese caidao asp/aspx/php backdoor bruteforce
2016-01-06 12:03:17 -06:00
92503c0ff6
Remove extra check_setup call
2016-01-06 11:01:35 -06:00
d23119a07c
Land #6440 , SCADAPASS wordlist
2016-01-06 10:36:44 -06:00
741180c761
Merge pull request #8 from wchen-r7/pr6411
...
rspec and username fix for caidao LoginScanner
2016-01-06 16:26:06 +08:00
bdda8650a2
Do not support username, because the backdoor doesn't use one
2016-01-06 02:02:11 -06:00
480913cb32
Add rspec
2016-01-06 01:41:13 -06:00
bf764deefb
Add SCADA Default UserPass List
...
This list was based on SCADAPASS: https://github.com/scadastrangelove/SCADAPASS
2016-01-06 12:25:29 +08:00
cca0ba3efe
Add an x86/Bitmap polyglot encoder
2016-01-05 23:17:34 -05:00
d626d7f0c9
Land #6416 , @all3g's rewrite/improvements to redis_server
2016-01-05 19:02:26 -08:00
f2fb8f7cc4
Merge pull request #7 from jhart-r7/pr/fixup-6416
...
Make Redis command configurable
2016-01-06 09:30:40 +08:00
b20ade416b
Land #6425 , @bcook-r7's update to Nokogiri. security++
2016-01-05 16:32:26 -08:00
90ea88e5ba
Make command used configurable
2016-01-05 16:23:10 -08:00
3ccdd12ecb
Put peer first in all prints
2016-01-05 16:09:50 -08:00
1d997234cb
Remove unnecessary degistering of RHOST
2016-01-05 16:08:18 -08:00
d7061e8110
OCD fixes
2016-01-05 23:28:56 +00:00
6cfaf93337
Land #6433 , Add D-Link DCS-931L File Upload
2016-01-05 13:16:11 -06:00
James Lee
wchen-r7
Josh Hale
David Maloney
Tod Beardsley
Brent Cook
Christopher Moore
Louis Sato
Metasploit
Jonathan Harms
darkbushido
Spencer McIntyre
joev
Chris Doughty
William Vu
Vex Woo
JT
Jon Hart
g0tmi1k