a6914df3e3
rename LOGIN_URL to TARGETURI
2015-12-31 22:21:34 +08:00
370351ca88
chinese caidao asp/aspx/php backdoor bruteforce
2015-12-31 15:17:01 +08:00
d1ceda39e9
Land #6408 , add json output format for module info
2015-12-30 16:36:04 -06:00
bcd1a6d45e
make JSON key format a little more standard, emit options
2015-12-30 16:00:09 -06:00
2a0ae144df
Fixup rubocop warnings for cleanup purposes
2015-12-30 14:33:02 -06:00
bb857e7a33
Add new line after json output for cleaner usability
2015-12-30 14:32:31 -06:00
8090bbc750
Changes to support framework as a gem
2015-12-30 11:00:45 -06:00
3f98511d7c
Cleanup logic to force an output type
2015-12-29 15:11:16 -06:00
29ea553e03
Adding a json formatting option to the info command
2015-12-29 13:57:35 -06:00
47f9880690
Land #6395 , grammar fixes for recovery_files.rb
...
Improves grammar and details within the description of /post/windows/gather/forensics/recovery_files.rb
2015-12-28 15:57:41 -06:00
cf0e982e83
Land #6386 , VNC creds module fix
2015-12-28 02:32:26 -06:00
6b9c74eec7
Prefer gsub and nix the return
2015-12-28 02:31:47 -06:00
0de69a9d40
Add post Windows privilege based migrate
2015-12-27 19:26:21 -06:00
9120a6aa76
iis_webdav_upload_asp: Add COPY and a few other tricks
2015-12-26 16:01:46 +00:00
e23b5c5435
Land #6179 , add NTP initial crypto nak spoofing module
2015-12-24 15:46:18 -06:00
eec6a6f905
Land #6304 , simplify Meterpreter livelness checks
2015-12-24 15:42:17 -06:00
04f755dd51
Land #6367 , MS15-134 Microsoft Windows Media Center MCL Information Disclosure
2015-12-24 15:24:42 -06:00
10c10f2f79
Land #6397 , Use bind_addresses rather than bind_address
2015-12-24 12:45:01 -06:00
d41c77641f
Land #6396 , Fix PACKETSTORM warnings
2015-12-24 12:38:21 -06:00
beb2fa9f92
Use bind_addresses rather than bind_address; fixes #6394
2015-12-24 09:20:21 -08:00
283cf5b869
Update msftidy to catch more potential URL vs PACKETSTORM warnings
...
Fix the affected modules
2015-12-24 09:12:24 -08:00
27a6aa0be1
Fix current msftidy warnings about PACKETSTORM vs URL
2015-12-24 09:05:02 -08:00
efdb6a8885
Land #6392 , @wchen-r7's 'def peer' cleanup, fixing #6362
2015-12-24 08:53:32 -08:00
3c2e2c65e2
Merge pull request #37 from jhart-r7/pr/fixup-6392
...
Remove more peers
2015-12-24 10:39:18 -06:00
e191bf8ac3
Update description, and fix a typo
2015-12-24 10:35:05 -06:00
43fb27d234
Land #6111 , geo and cell collection with Android Meterpreter
...
This also includes meterpreter python extension fixes.
2015-12-24 10:16:40 -06:00
5bd1c11d74
update to metasploit-payloads 1.0.21
2015-12-24 10:14:46 -06:00
9c410e02e3
Merge branch 'master' into land-6111-android
2015-12-24 10:13:25 -06:00
f8943f4821
Remove peer; defined in lib/msf/core/post/common.rb
2015-12-24 07:57:16 -08:00
3535cf3d18
Remove peer; included via HttpClient in lib/msf/core/exploit/mssql_sqli.rb
2015-12-24 07:51:12 -08:00
0f2f2a3d08
Remove peer; included via Exploit::Remote::Tcp in lib/msf/core/exploit/mysql.rb
2015-12-24 07:46:55 -08:00
cb752a4bcf
Remove peer; included via Exploit::Remote::Tcp in lib/msf/core/exploit/mysql.rb
2015-12-24 07:46:23 -08:00
c55f61d2d7
Remove peer; included via Exploit::Remote::Tcp in lib/msf/core/exploit/smtp.rb
2015-12-24 07:44:36 -08:00
431c6001a8
Fix recovery_files.rb Description grammar errors
2015-12-24 10:10:39 -05:00
5d0e868fd6
facebook.orca fixes
2015-12-24 12:21:08 +00:00
69b65e7d39
fix error handling
2015-12-24 09:13:56 +00:00
17ad41070b
Land #6380 , allow linux x86 meterpreter in the pref list
2015-12-23 16:10:26 -06:00
e4f9594646
Land #6331 , ensure generic payloads raise correct exceptions on failure
2015-12-23 15:43:12 -06:00
7444f24721
update whitespace / syntax for java_calendar_deserialize
2015-12-23 15:42:27 -06:00
e3eafff7c9
Land #6237 , @jww519's aux module for Android CVE-2012-6301
2015-12-23 13:27:09 -08:00
6eda702b25
Land #6292 , add reverse_tcp command shell for Z/OS (MVS)
2015-12-23 14:11:37 -06:00
6a52807673
Merge pull request #2 from jhart-r7/pr/fixup-6237
...
Address style/usability concerns in Android CVE-2012-6301 module
2015-12-23 14:42:09 -05:00
cea3bc27b9
Fix #6362 , avoid overriding def peer repeatedly
...
def peer is a method that gets repeated a lot in modules, so we
should have it in the tcp mixin. This commit also clears a few
modules that use the HttpClient mixin with def peer.
2015-12-23 11:44:55 -06:00
5a19caf10a
remove temp file
2015-12-23 11:42:09 -06:00
e8c0e334a2
Land #6391 , remove duplicate key warning from Ruby 2.2.x
2015-12-23 11:10:50 -06:00
493700be3a
remove duplicate key warning from Ruby 2.2.x
...
This gets rid of the warning:
modules/exploits/multi/http/uptime_file_upload_2.rb:283: warning: duplicated key at line 284 ignored: "newuser"
2015-12-23 10:39:35 -06:00
a16a10aaf6
Fix #6371 , being able to report an exception in #job_run_proc
...
Fix #6371
When a browser fails to bind (probably due to an invalid port or
server IP), the module actually fails to report this exception from
exception, the method calls exploit.handle_exception(e). But since
handle_exception is not a valid method for that object, it is unable
to do so, and as a result the module fails to properly terminate
the module, or show any error on the console. For the user, this will
make it look like the module has started, the payload listener is up,
but there is no exploit job.
Rex::BindFailed actually isn't the only error that could be raised
by #job_run_proc. As far as I can tell registering the same resource
again could, too. With this patch, the user should be able to see this
error too.
Since the exploit object does not have access to the methods in
Msf::Simple::Exploit, plus there is no other code using
handle_exception and setup_fail_detail_from_exception, I decided
to move these to lib/msf/core/exploit.rb so they are actually
callable.
2015-12-22 16:35:29 -06:00
424e7b6bfe
Land #6384 , more joomla rce references
2015-12-22 22:54:58 +01:00
84675e352b
Land #6249 , check for nil when using read_exactly_n_bytes
2015-12-22 15:48:39 -06:00
18398afb56
Update joomla_http_header_rce.rb
2015-12-23 05:48:26 +08:00
nixawk
Brent Cook
Chris Doughty
Kyle Gray
William Vu
Josh
g0tmi1k
wchen-r7
Jon Hart
karllll
Tim
jww519
Christian Mehlmauer
JT