Commit Graph

38116 Commits (9713124e5443a06107cc16152fa48180cb9691cc)

Author SHA1 Message Date
William Vu 9713124e54
Land #6802, resolve command for Meterpreter 2016-04-22 17:18:31 -05:00
William Vu 7f8491149f Fix minor whitespace issues 2016-04-22 17:18:10 -05:00
wchen-r7 0756ede128
Land #6801, Add post mod Windows Gather EMET Protected Paths 2016-04-22 16:04:16 -05:00
wchen-r7 da9f156913 Print IP in print_* 2016-04-22 16:03:31 -05:00
wchen-r7 3aa02891e9
Bring #6801 up to date with upstream-master 2016-04-22 14:04:26 -05:00
wchen-r7 e1ce5bdc9a
Land #6464, Add CVE-2011-0922 HP Data Protector 6.10/6.11/6.20 exploit 2016-04-22 13:55:41 -05:00
wchen-r7 4a435e8d13
Bring hp_dataprotector_install_service up to date w/ upstream-master 2016-04-22 13:42:41 -05:00
wchen-r7 db1d973ef0 Cosmetic changes for hp_dataprotector_install_service 2016-04-22 13:41:18 -05:00
Jenkins d70dcbf4a4
Bump version of framework to 4.11.23 2016-04-22 09:34:10 -07:00
Brent Cook 50a77af5b9
Land #6804, fix #6803, info command fails to show module references 2016-04-22 08:32:25 -04:00
Vincent Yiu e9f43c3645 Merge pull request #2 from open-security/enum_emet
syntax check / code reduce
2016-04-22 09:16:16 +01:00
join-us c1a64b1f6f fix: issues/6803 - info command references bug 2016-04-22 15:14:35 +08:00
OJ 540409e735 Add `resolve` to the meterpreter command line
I'm aware that this already exists as a post module, but there's nothing more annoying than having to bail out of Meterpreter, use the right module, set up the host list, etc all to just fire off a one-liner.

So this commit adds the command directly to Meterpreter's command line so that you don't have to do all that. This doesn't support specifying a file with the hosts in it (the post module does that). This is intended for quick resolution of particular hosts quickly.
2016-04-22 13:21:19 +10:00
join-us 16ff74e293 syntax check / code reduce 2016-04-22 10:53:03 +08:00
Vincent Yiu ca4bcfe62a Update enum_emet.rb
Cleaned up a bit more
2016-04-22 00:41:10 +01:00
Vincent Yiu c81d0ade3f Update, implemented
Took @bcook-r7's advice
2016-04-22 00:37:03 +01:00
Vincent Yiu 30ac6b4a93 enum_emet
A module to enumerate all the EMET wildcard paths.
2016-04-22 00:20:25 +01:00
wchen-r7 98f89ca23a
Land #6794, Fixed yard doc errors 2016-04-21 13:16:45 -05:00
wchen-r7 6cb93f2af2 Make yard doc ignore @probe 2016-04-21 13:15:58 -05:00
thao doan 5e36a3128c Fix #5197, Fixed yard doc errors
Fix #5197 Fixed issues that caused errors during yard doc generation
2016-04-21 13:06:00 -05:00
dmohanty-r7 67968e912c
Land #6785 Add CVE-2016-0854 Advantech WebAccess Arbitrary File Upload 2016-04-21 12:02:04 -05:00
Brent Cook e75ce8b248 update test to hook exist? rather than exists? 2016-04-21 06:56:48 -04:00
Brent Cook 57ab974737 File.exists? must die 2016-04-21 00:47:07 -04:00
504137480 c08872144f Update advantech_webaccess_dashboard_file_upload.rb 2016-04-21 09:33:03 +08:00
504137480 dcb9c83f98 Update advantech_webaccess_dashboard_file_upload.rb 2016-04-21 09:28:42 +08:00
Louis Sato 6b3326eab2
Land #6707, support for LURI handler 2016-04-20 16:26:07 -05:00
wchen-r7 e1e43db551
Land #6789, remove overwritten keys from hashes 2016-04-20 13:33:31 -05:00
wchen-r7 f32bae8cf3
Land #6791, fix 127.0.0.1 regex for autoroute post module 2016-04-20 13:28:20 -05:00
Josh Hale 57467b94d9 Fix RegExp evaluation in is_routable? function 2016-04-20 10:22:46 -05:00
Brent Cook 57cb8e49a2 remove overwritten keys from hashes 2016-04-20 07:43:57 -04:00
Brian Patterson b74930f5c9
Land #6771, Deprecate dns_bruteforce / dns_cache_scraper / dns_info / dns_reverse_lookup / dns_srv_enum 2016-04-19 16:30:36 -05:00
thao doan 62eae867df Land #6787, Fixed yard doc errors 2016-04-19 09:17:11 -07:00
504137480 2400345fff Merge pull request #2 from open-security/advantech_webaccess_dashboard_file_upload
Advantech webaccess dashboard file upload
2016-04-19 12:59:32 +08:00
join-us 0407acc0ec add print_status with vuln_version? 2016-04-19 11:22:00 +08:00
join-us c88ddf1cc4 fix NilClass for res.body 2016-04-19 10:27:20 +08:00
Christian Mehlmauer 3b280d45a4
fix some yardoc issues 2016-04-18 21:00:21 +02:00
thao doan fd603102db Land #6765, Fixed SQL error in lib/msf/core/exploit/postgres 2016-04-18 10:44:20 -07:00
wchen-r7 89a3755754
Land #6786, post/windows/manage/autoroute improvements
Resolve #6781
2016-04-18 12:11:42 -05:00
thao doan e70d967b4e Land #6763, Add rspec for lib/metasploit/framework/login_scanner/redis 2016-04-18 10:05:24 -07:00
xiaozhouzhou e59a91cddf Merge branch 'open-security-advantech_webaccess_dashboard_file_upload' into CVE-2016-0854 2016-04-19 00:23:10 +08:00
xiaozhouzhou a895b452e6 fix 2016-04-19 00:21:26 +08:00
Brent Cook 4c0a53a809 replace 'and' with '&&' 2016-04-18 08:26:02 -05:00
Brent Cook c596421b01 use generate_uri_uuid_mode for java reverse_http 2016-04-18 08:26:02 -05:00
Tim edd30e433e https tweaks 2016-04-18 08:26:02 -05:00
OJ 555352b210 Force lurl string duplication to avoid stageless issues
I have NO idea why this is even a problem. Mutating state is the spawn of satan.
2016-04-18 08:25:19 -05:00
OJ a74a7dde55 More fixies for LURI in Python, and native too 2016-04-18 08:25:19 -05:00
OJ 06d53112e3 Add support for LURI to the java and android payloads 2016-04-18 08:24:41 -05:00
OJ b95267997d Fix LURI support for stageless, transport add/change and code tidies 2016-04-18 08:24:41 -05:00
Rory McNamara 63e478c826 fix sessions -l bug 2016-04-18 08:21:50 -05:00
Rory McNamara a45d0aed53 show LURI in new connection log message 2016-04-18 08:21:50 -05:00