William Vu
9713124e54
Land #6802 , resolve command for Meterpreter
2016-04-22 17:18:31 -05:00
William Vu
7f8491149f
Fix minor whitespace issues
2016-04-22 17:18:10 -05:00
wchen-r7
0756ede128
Land #6801 , Add post mod Windows Gather EMET Protected Paths
2016-04-22 16:04:16 -05:00
wchen-r7
da9f156913
Print IP in print_*
2016-04-22 16:03:31 -05:00
wchen-r7
3aa02891e9
Bring #6801 up to date with upstream-master
2016-04-22 14:04:26 -05:00
wchen-r7
e1ce5bdc9a
Land #6464 , Add CVE-2011-0922 HP Data Protector 6.10/6.11/6.20 exploit
2016-04-22 13:55:41 -05:00
wchen-r7
4a435e8d13
Bring hp_dataprotector_install_service up to date w/ upstream-master
2016-04-22 13:42:41 -05:00
wchen-r7
db1d973ef0
Cosmetic changes for hp_dataprotector_install_service
2016-04-22 13:41:18 -05:00
Jenkins
d70dcbf4a4
Bump version of framework to 4.11.23
2016-04-22 09:34:10 -07:00
Brent Cook
50a77af5b9
Land #6804 , fix #6803 , info command fails to show module references
2016-04-22 08:32:25 -04:00
Vincent Yiu
e9f43c3645
Merge pull request #2 from open-security/enum_emet
...
syntax check / code reduce
2016-04-22 09:16:16 +01:00
join-us
c1a64b1f6f
fix: issues/6803 - info command references bug
2016-04-22 15:14:35 +08:00
OJ
540409e735
Add `resolve` to the meterpreter command line
...
I'm aware that this already exists as a post module, but there's nothing more annoying than having to bail out of Meterpreter, use the right module, set up the host list, etc all to just fire off a one-liner.
So this commit adds the command directly to Meterpreter's command line so that you don't have to do all that. This doesn't support specifying a file with the hosts in it (the post module does that). This is intended for quick resolution of particular hosts quickly.
2016-04-22 13:21:19 +10:00
join-us
16ff74e293
syntax check / code reduce
2016-04-22 10:53:03 +08:00
Vincent Yiu
ca4bcfe62a
Update enum_emet.rb
...
Cleaned up a bit more
2016-04-22 00:41:10 +01:00
Vincent Yiu
c81d0ade3f
Update, implemented
...
Took @bcook-r7's advice
2016-04-22 00:37:03 +01:00
Vincent Yiu
30ac6b4a93
enum_emet
...
A module to enumerate all the EMET wildcard paths.
2016-04-22 00:20:25 +01:00
wchen-r7
98f89ca23a
Land #6794 , Fixed yard doc errors
2016-04-21 13:16:45 -05:00
wchen-r7
6cb93f2af2
Make yard doc ignore @probe
2016-04-21 13:15:58 -05:00
thao doan
5e36a3128c
Fix #5197 , Fixed yard doc errors
...
Fix #5197 Fixed issues that caused errors during yard doc generation
2016-04-21 13:06:00 -05:00
dmohanty-r7
67968e912c
Land #6785 Add CVE-2016-0854 Advantech WebAccess Arbitrary File Upload
2016-04-21 12:02:04 -05:00
Brent Cook
e75ce8b248
update test to hook exist? rather than exists?
2016-04-21 06:56:48 -04:00
Brent Cook
57ab974737
File.exists? must die
2016-04-21 00:47:07 -04:00
504137480
c08872144f
Update advantech_webaccess_dashboard_file_upload.rb
2016-04-21 09:33:03 +08:00
504137480
dcb9c83f98
Update advantech_webaccess_dashboard_file_upload.rb
2016-04-21 09:28:42 +08:00
Louis Sato
6b3326eab2
Land #6707 , support for LURI handler
2016-04-20 16:26:07 -05:00
wchen-r7
e1e43db551
Land #6789 , remove overwritten keys from hashes
2016-04-20 13:33:31 -05:00
wchen-r7
f32bae8cf3
Land #6791 , fix 127.0.0.1 regex for autoroute post module
2016-04-20 13:28:20 -05:00
Josh Hale
57467b94d9
Fix RegExp evaluation in is_routable? function
2016-04-20 10:22:46 -05:00
Brent Cook
57cb8e49a2
remove overwritten keys from hashes
2016-04-20 07:43:57 -04:00
Brian Patterson
b74930f5c9
Land #6771 , Deprecate dns_bruteforce / dns_cache_scraper / dns_info / dns_reverse_lookup / dns_srv_enum
2016-04-19 16:30:36 -05:00
thao doan
62eae867df
Land #6787 , Fixed yard doc errors
2016-04-19 09:17:11 -07:00
504137480
2400345fff
Merge pull request #2 from open-security/advantech_webaccess_dashboard_file_upload
...
Advantech webaccess dashboard file upload
2016-04-19 12:59:32 +08:00
join-us
0407acc0ec
add print_status with vuln_version?
2016-04-19 11:22:00 +08:00
join-us
c88ddf1cc4
fix NilClass for res.body
2016-04-19 10:27:20 +08:00
Christian Mehlmauer
3b280d45a4
fix some yardoc issues
2016-04-18 21:00:21 +02:00
thao doan
fd603102db
Land #6765 , Fixed SQL error in lib/msf/core/exploit/postgres
2016-04-18 10:44:20 -07:00
wchen-r7
89a3755754
Land #6786 , post/windows/manage/autoroute improvements
...
Resolve #6781
2016-04-18 12:11:42 -05:00
thao doan
e70d967b4e
Land #6763 , Add rspec for lib/metasploit/framework/login_scanner/redis
2016-04-18 10:05:24 -07:00
xiaozhouzhou
e59a91cddf
Merge branch 'open-security-advantech_webaccess_dashboard_file_upload' into CVE-2016-0854
2016-04-19 00:23:10 +08:00
xiaozhouzhou
a895b452e6
fix
2016-04-19 00:21:26 +08:00
Brent Cook
4c0a53a809
replace 'and' with '&&'
2016-04-18 08:26:02 -05:00
Brent Cook
c596421b01
use generate_uri_uuid_mode for java reverse_http
2016-04-18 08:26:02 -05:00
Tim
edd30e433e
https tweaks
2016-04-18 08:26:02 -05:00
OJ
555352b210
Force lurl string duplication to avoid stageless issues
...
I have NO idea why this is even a problem. Mutating state is the spawn of satan.
2016-04-18 08:25:19 -05:00
OJ
a74a7dde55
More fixies for LURI in Python, and native too
2016-04-18 08:25:19 -05:00
OJ
06d53112e3
Add support for LURI to the java and android payloads
2016-04-18 08:24:41 -05:00
OJ
b95267997d
Fix LURI support for stageless, transport add/change and code tidies
2016-04-18 08:24:41 -05:00
Rory McNamara
63e478c826
fix sessions -l bug
2016-04-18 08:21:50 -05:00
Rory McNamara
a45d0aed53
show LURI in new connection log message
2016-04-18 08:21:50 -05:00