e368cb0a5e
Add Win7 SP1 to WinXP SP3 target
2013-10-29 10:45:14 -05:00
1b75aef614
Land #2591 , @bcoles's exploit for ProcessMaker
2013-10-29 09:54:23 -05:00
c4c171d63f
Clean processmaker_exec
2013-10-29 09:53:39 -05:00
26af6452da
Land #2588 , @wvu-r7's permissions change for cmdstager_printf.rb
2013-10-29 08:07:19 -05:00
3eed800b85
Add ProcessMaker Open Source Authenticated PHP Code Execution
2013-10-29 23:27:29 +10:30
665f6c3e35
Land #2590 , gsub nil fix for mimikatz
2013-10-29 00:58:16 -05:00
606411de81
Fix mimikatz error when password is nil
...
In some cases the password value that comes out of mimikatz results
is `nil`, instead of an empty string. This fixes this so that if
the string is `nil` is falls back to an empty string, resulting in
the call to `gsub` working instead of failing.
2013-10-29 15:13:32 +10:00
ea7bba4035
Add Beetel Connection Manager NetConfig.ini BOF
2013-10-28 22:52:02 -05:00
333a0d5820
chmod -x cmdstager_printf.rb
2013-10-28 18:47:14 -05:00
4b7a438d45
Merge pull request #2587 from todb-r7/release-fixup
...
Release fixups
2013-10-28 12:26:17 -07:00
4128aa8c08
Resplat and tabs
2013-10-28 14:03:15 -05:00
9045eb06b0
Various title and description updates
2013-10-28 14:00:19 -05:00
9bb9f8b27b
Update descriptions on SMB file utils.
2013-10-28 13:48:25 -05:00
0f63420e9f
Be specific about the type of hash
...
See #2583 . Since there are several types of hashes, we need to be more
specific about this -- see modules/exploits/windows/smb/psexec.rb which
uses an "smb_hash" as a password type.
Also, the fixes in #2583 do not appear to address anything else reported
on the Redmine issue, namely, operating system and architecture
identification discovered with this module (assuming good credentials).
Therefore, the Redmine issue should not be considered resolved.
[SeeRM #4398 ]
2013-10-28 13:40:07 -05:00
1fee3ce952
Land #2584 , reporting for energizer_duo_detect
2013-10-28 10:48:20 -05:00
efcfc9eef7
Land #2273 , @kaospunk's enum domain feature for owa_login
2013-10-28 09:47:54 -05:00
71a1ccf771
Clean owa_login enum_domain feature
2013-10-28 09:46:41 -05:00
2b5e2df94e
Land #2568 , @h0ng10's update of SAP url's wordlist
2013-10-28 09:01:33 -05:00
e88e523eaa
Delete newline
2013-10-28 09:01:00 -05:00
87dc58191d
Land #2583 - Report creds to db
2013-10-26 23:22:40 -05:00
69823be7cf
Land #2586 - require 'msf/core/exploit/powershell'
2013-10-26 00:44:49 -05:00
278dff93e7
Add missing require for Msf::Exploit::Powershell
...
Thanks for the report, @mubix.
2013-10-25 21:41:24 -05:00
e0aec13ce1
[FixRM #4397 ] Add reporting for energizer_duo_detect
2013-10-25 16:51:44 -05:00
9276a839d4
[FixRM #4398 ] Report credentials to database
2013-10-25 16:19:47 -05:00
df83114f0b
Land #2578 , @wchen-r7's [FixRM #8525 ]
2013-10-25 13:28:59 -05:00
9d439b6925
Land #2580 - Don't try to create war without exe
2013-10-25 13:05:09 -05:00
9a9f94bfe9
Land #2579 - module platform to ms04_011_pct
2013-10-25 13:01:39 -05:00
3dd6814e93
Land #2581 , update global option display
2013-10-25 12:13:49 -05:00
84abdb4905
Land @todb-r7's fix to show all the default options
2013-10-25 12:03:09 -05:00
4bf041ec46
Use Rails, not Ruby, time formats.
...
Since MSF now equires ActiveSupport, may as well reference it correctly.
2013-10-25 11:52:54 -05:00
b781e58a67
Unformat the prompt and promptchar
2013-10-25 11:40:28 -05:00
0084f32ca2
Print default values when unset options
2013-10-25 11:21:42 -05:00
a95425de08
Check dec instead
2013-10-25 10:47:41 -05:00
d9f055f03f
[FixRM #8494 ] Don't try to create war without exe
2013-10-25 09:44:38 -05:00
b69ee1fc67
[FixRM #8419 ] Add module platform to ms04_011_pct
2013-10-25 09:29:19 -05:00
1d0a3aad70
[FixRM #8525 ] undefined method `+' for nil:NilClass in enum_ie
...
Looks like for some reason if CryptUnprotectData fails, the decrypt_reg()
method will return "". And when you unpack "", you produce an array of nils.
Since you cannot add something to nil, this should cause an
"undefined method `+' for nil:NilClass" error.
This will check if we get an array of nils, we jump to the next iteration.
2013-10-25 00:26:38 -05:00
36165cba88
Land #2575 - Update meterpreter DLLs
2013-10-24 21:10:24 -05:00
e18dd3ec0b
Use base64 to reduce size
2013-10-25 01:19:43 +01:00
27739a0351
Meterpreter bins after Meterpreter PR 32
...
Protects against potential BOFs due to strcpy usage.
These binaries were built against meterpreter master after
https://github.com/rapid7/meterpreter/pull/32 landed.
The CI tests can be seen here:
https://ci.metasploit.com/view/Meterpreter/job/MeterpreterWin/75/
Note, this commit is signed. Your merge commit should be signed, too, so
people can be assured that nobody is backdooring Meterpreter on the sly.
2013-10-24 15:15:49 -05:00
7d788fbf76
Land #2571 - HP Intelligent Management SOM FileDownloadServlet Arbitrary Download
2013-10-24 14:15:26 -05:00
7ee615223d
Land #2570 - HP Intelligent Management SOM Account Creation
2013-10-24 14:14:06 -05:00
811d1ca937
Land #2573 - Fix a typo
2013-10-24 11:35:56 -05:00
ea80c15c3b
Land #2383 , @jamcut's aux module for jenkins enum
2013-10-24 11:31:36 -05:00
8428671f32
Land #2455 , @juushya's aux module for radware
2013-10-24 10:54:02 -05:00
1673b66cbe
Delete some white lines
2013-10-24 10:50:14 -05:00
b589e9aa6e
Use the peer method
2013-10-24 10:45:02 -05:00
cb3b3022dc
Land #2572 , @bcoles's exploit for cve-2009-4140
2013-10-24 10:16:00 -05:00
2ef33aabe7
Clean open_flash_chart_upload_exec
2013-10-24 10:15:28 -05:00
6f605fb009
Typo
2013-10-24 16:33:26 +02:00
110daa6e96
Check for nil response from request in check method.
2013-10-24 09:12:37 -04:00
William Vu
jvazquez-r7
bcoles
OJ
Brandon Turner
Tod Beardsley
sinn3r
Meatballs
ethicalhack3r
AverageSecurityGuy