68ceb08957
Fixing minor issues such as err codes
2018-12-19 22:17:34 +03:00
d601837e03
Land #10401 , java_jmx_server scanner for Java JMX MBean servers
2018-12-19 13:12:03 -06:00
b52a4f91ac
java_jmx_scanner: Final draft of documentation
2018-12-19 13:10:21 -06:00
50b7d93a18
java_jmx_scanner: Incorporate @bcoles suggestions
2018-12-19 12:56:53 -06:00
3232b60ede
automatic module_metadata_base.json update
2018-12-19 09:52:48 -08:00
f7eb3452be
Land #11083 , set user agent in Windows reverse_http(s) stagers
2018-12-19 11:38:12 -06:00
09f9b887b9
don't bother handholding the empty string
2018-12-19 10:52:51 -06:00
e5c8c18ded
Adding Mailcleaner exec
2018-12-19 17:35:40 +03:00
a4af89bb75
automatic module_metadata_base.json update
2018-12-19 06:31:13 -08:00
6921b79890
Land #11089 , Erlang cookie rce exploit module
2018-12-19 08:02:40 -06:00
5bfdc7009c
Minor Doc Changes
2018-12-19 07:58:32 -06:00
3838be0a03
Windows Hide Chrome Window
2018-12-19 05:58:11 -06:00
1b8b3bbb95
Update nc -j check in cups_root_file_read
2018-12-18 17:38:33 -06:00
51ce96a2b4
Merge branch 'jmx_scanner' of https://github.com/sgorbaty/metasploit-framework into sgorbaty-jmx_scanner
2018-12-18 16:05:03 -06:00
7557624c00
ysoserial: Generated more compact JSON and renamed script
2018-12-18 15:42:50 -06:00
e20c250977
ysoserial: Removed newlines from ysoserial_payloads.json
2018-12-18 15:21:56 -06:00
60f3cfbb79
ysoserial: Cleaned up ysoserial payload in `hp_imc_java_deserialize`
2018-12-18 15:17:51 -06:00
bb758f9a61
I didn't forget msftidy I swear
2018-12-18 14:55:12 -06:00
8a2a605a99
added targets
2018-12-18 14:50:57 -06:00
0464f941a7
Add Windows Support
2018-12-18 14:17:10 -06:00
2c0c9bf3c5
Merge branch 'consul_service_exec' of github.com:QKaiser/metasploit-framework into consul_service_exec
2018-12-18 19:42:38 +01:00
ef8601aa71
Bail early if we receive an unexpected response.
2018-12-18 19:42:26 +01:00
552b13c91d
Randomized service length.
...
Co-Authored-By: QKaiser <QKaiser@users.noreply.github.com>
2018-12-18 19:38:04 +01:00
4ee7bdee6c
Merge branch 'consul_service_exec' of github.com:QKaiser/metasploit-framework into consul_service_exec
2018-12-18 19:33:51 +01:00
b3563b1bc2
Cleaner version of check function thanks to @bcoles.
2018-12-18 19:33:30 +01:00
5e134d7d8d
Update modules/exploits/multi/misc/consul_service_exec.rb
...
Co-Authored-By: QKaiser <QKaiser@users.noreply.github.com>
2018-12-18 19:27:19 +01:00
5192c081ee
Update modules/exploits/multi/misc/consul_service_exec.rb
...
Co-Authored-By: QKaiser <QKaiser@users.noreply.github.com>
2018-12-18 19:27:08 +01:00
6ad40deac3
print_status will never throw a JSON::ParseError exception.
2018-12-18 19:15:13 +01:00
b2b410cbbe
DoS Exploitation of Allen-Bradley legacy protocol (PCCC)
2018-12-18 16:49:53 +00:00
1e88ce9a3d
Edit the comments to -84
2018-12-18 16:33:44 +00:00
05218654f4
adjust the offset to -84
2018-12-18 16:30:47 +00:00
af418ec7f7
Fix mipsle byte_xori too
2018-12-18 16:05:23 +00:00
a52ffbcead
Missing disclosure date.
2018-12-18 17:03:09 +01:00
a3d020a7e2
Add support for authorization with X-Consul-Token ACL header.
2018-12-18 16:56:03 +01:00
1839144978
Cleaner to define this as a Hash, then call .to_json on it.
2018-12-18 16:53:49 +01:00
d40d6c4e3d
Update longxor.rb
...
Suffers from the same problem as the mipsbe version
2018-12-18 15:48:29 +00:00
34c9555717
Fix byte_xori encoder
...
The byte_xori encoder for mipsbe does not work correctly. At the end of the decoding, it should invoke cacheflush() with the correct parameters:
int cacheflush(char *addr, int nbytes, int cache)
I think this is because the encoder is based of the longxori encoder, which itself is pretty old (2008), and before kernel 2.6.11, cacheflush() did not need any parameters (from the cacheflush man page):
BUGS
Linux kernels older than version 2.6.11 ignore the addr and nbytes arguments, making this function fairly expensive. Therefore, the whole cache is always flushed.
This commit fixes that by setting up the parameters correctly. As an unfortunate side effect this increases the shellcode by 16 bytes, but it is absolutely necessary for it to work properly.
Note that this bug is not present when testing the encoder output on an emulator like qemu; emulators do not need to flush the caches to work properly.
2018-12-18 15:37:47 +00:00
177ae2f927
fail_with is not allowed in check method. Use vprint_error and return a CheckCode instead. Cleaner response check in check function. Usage of CheckCode instead of Exploit::CheckCode.
2018-12-18 16:33:53 +01:00
0feadf636b
Define in RPORT and SSL in register_options rather than DefaultOptions. Support for echo and printf command stager flavors + support for curl and wget command stager flavors (hence reactivation of SRVHOST, SRVPORT, URIPATH and SSLCert).
2018-12-18 16:29:36 +01:00
0acdcd98f2
Merge branch 'master' into consul_service_exec
2018-12-18 16:27:08 +01:00
f487f978c2
Merge branch 'consul_exec' of github.com:QKaiser/metasploit-framework into consul_exec
2018-12-18 16:09:18 +01:00
08541cd7b9
Merge branch 'master' into consul_exec
2018-12-18 16:07:08 +01:00
a1e1e4a4f4
Remove useless comment.
2018-12-18 16:05:50 +01:00
b80e5715d4
Add support for authorization with X-Consul-Token ACL header.
2018-12-18 16:02:39 +01:00
847e3232ab
Land #11102 , remove old metasm remnants
2018-12-18 08:53:53 -06:00
551f8c5e92
Support for echo and printf command stager flavors + support for curl and wget command stager flavors (hence reactivation of SRVHOST, SRVPORT, URIPATH and SSLCert).
2018-12-18 15:48:58 +01:00
f290221a66
Cleaner response check in check function. Usage of CheckCode instead of Exploit::CheckCode.
2018-12-18 15:36:52 +01:00
aeec5cf23e
Cleaner to define this as a Hash, then call .to_json on it. Better support of agent definition in check function.
2018-12-18 15:31:30 +01:00
e51530688b
fail_with is not allowed in check method. Use vprint_error and return a CheckCode instead.
2018-12-18 15:09:04 +01:00
4682cf5796
Define in register_options rather than DefaultOptions.
2018-12-18 15:04:28 +01:00
Mehmet İnce
asoto-r7
Metasploit
Wei Chen
Brent Cook
Jacob Robles
William Vu
Milton-Valencia
Quentin Kaiser
Brendan Coles
jdiog0
Pedro Ribeiro
Quentin Kaiser