Commit Graph

38116 Commits (9713124e5443a06107cc16152fa48180cb9691cc)

Author SHA1 Message Date
William Vu 22d08fdf39 Revert #6748, premature Gemfile* changes 2016-04-06 14:52:22 -05:00
William Vu 1162a06d2d
Fix #6677, typo fix for atutor_sqli 2016-04-06 14:20:50 -05:00
William Vu 11bf1018aa Fix typo 2016-04-06 14:20:41 -05:00
Brian Patterson 78281213eb
Merge branch 'landing-6748' into upstream-master 2016-04-06 13:44:15 -05:00
wchen-r7 d240e0b3a2
Bring #6515 up to date with upstream-master 2016-04-06 11:27:32 -05:00
all3g 616bb8399f remove db_filter / format a json data 2016-04-06 18:39:34 +08:00
William Vu a4ef9980f4
Land #6677, atutor_sqli update 2016-04-05 19:52:44 -05:00
William Vu d9d257cb1a Fix some things 2016-04-05 19:23:11 -05:00
Brendan Watters fa95922547 Add unicode test examples 2016-04-05 16:06:51 -05:00
James Lee 8cc1d2ec89
Make advanced and evasion options readable 2016-04-05 15:05:58 -05:00
greg.mikeska@rapid7.com 08736c798d
Correct proftp version check at module runtime 2016-04-05 13:06:10 -05:00
wchen-r7 4d5695f7fc
Land #6743, reimplement HD's session interrupt handler
MS-385
2016-04-05 11:16:32 -05:00
Brian Patterson e5ee5b903b Merge branch 'master' of github.com:rapid7/metasploit-framework into bug/MS-247/OpenVas-default-workspace 2016-04-05 09:36:27 -05:00
David Maloney cde89b90cd
Land #6744, Deprecation on host eager load
Lands SemperVictus' pr for fixing a deprecation warning
on eager loading the hosts table
2016-04-05 09:19:16 -05:00
William Vu dcb6da306c
Land #6720, SSL scanner fixes 2016-04-04 23:37:52 -05:00
Brent Cook af7eef231c Fix a few issues with the SSL scanner
First, we need to handle public keys with strength not measured on the same bit
scale as RSA keys. This fixes handshakes for ECDSA and others.

Second, depending on the host we are talking to, we may not have a peer cert.
Handle this properly by checking first on the socket before using it.
2016-04-04 22:08:01 -05:00
OJ 1256a5bc88
Land #6749 - fix whitespace-only badchar handling 2016-04-05 10:38:30 +10:00
Justin Steven 3bcac49c21 Fix: badchars.present? is false for whitespace
badchars.present? is false in the case of badchars containing only whitespace.

Instead check for is not empty and is not nil.
2016-04-05 10:09:56 +10:00
Brian Patterson 2a7e3fb600
Fix an error in the OpenVas and Burp Issue importers where the vuln and host info would import into the default workspace instead of the current workspace 2016-04-04 17:35:31 -05:00
greg.mikeska@rapid7.com 403696d53a
Lands #6730 Modify the open_vas importer and the nessus importer 2016-04-04 17:30:15 -05:00
greg.mikeska@rapid7.com 5e8ed09b66 Merge branch 'task/MS-1354/OpenVAS-Nessus-Importer' of https://github.com/bpatterson-r7/metasploit-framework into bpatterson-r7-task/MS-1354/OpenVAS-Nessus-Importer 2016-04-04 17:07:05 -05:00
wchen-r7 d3eaae3e17
Land #6404, Add Snare Lite for Windows Registry Access module 2016-04-04 16:45:48 -05:00
wchen-r7 51b8b4a4d1
Bring #6404 up to date with upstream-master 2016-04-04 16:35:58 -05:00
wchen-r7 da3388248a Uses #blank? 2016-04-04 16:34:49 -05:00
wchen-r7 5a6d1ee0a9 Uses MetasploitModule class name 2016-04-04 16:30:55 -05:00
David Maloney c3452ab982
unlock gemspec deps
unlock version constraints on deps
defined inside the gemspec

MS-1330
2016-04-04 15:31:09 -05:00
David Maloney fea142dc6e
unlock gemfile deps first
unlock the gemfile deps

MS-1330
2016-04-04 13:55:53 -05:00
David Maloney 8de58e4b80
Merge branch 'master' into staging/rails-upgrade 2016-04-04 09:30:01 -05:00
wchen-r7 72d631a255
Land #6745, open_webrtc_browser fix for Windows 2016-04-02 13:54:05 -05:00
Brent Cook c6bdc3fa14 fix the path quoting in open_webrtc_browser 2016-04-02 13:18:23 -05:00
RageLtMan 992df12fa7 Address ActiveRecord deprecation warning
AR will start to complain about eager loading in command_dispatcher
/db.rb:519 because it references hosts as string without explicitly
stating that the table is being referenced.

Add a call .references in the AR call chain after the where clause
to silence this abysmal warning.
2016-04-02 00:22:26 -04:00
wchen-r7 f7dd326b16
Land #6455, Fix dns labels/names size limits for lib/net/dns/names/names 2016-04-01 21:57:09 -05:00
Brent Cook 04caa9affd
Land #6710, Add Powershell meterpreter bindings 2016-04-01 21:32:26 -05:00
Brent Cook 627615d47b update to payloads 1.1.6 2016-04-01 21:30:34 -05:00
Brent Cook 3d995546d9 check for true before empty string 2016-04-01 21:30:11 -05:00
Brent Cook 39bd501b73
Land #6735, bump rvm ruby version to 2.1.9 2016-04-01 20:05:44 -05:00
David Maloney 64b94dfe3b
reimplement HD's session interrupt handler
reimplement HD's work on a session interrupt handler
so that if an exploit fails the handler does not continue
waiting for a session that will never come

MS-385
2016-04-01 14:43:16 -05:00
William Vu 2e1e1ca839
Land #6742, psexec_psh restoration 2016-04-01 13:59:09 -05:00
William Vu d23a1c4551 Bump deprecation date 2016-04-01 13:57:58 -05:00
William Vu 60bee16e8c Restore psexec_psh
See @jabra-'s comments on #6222.
2016-04-01 13:56:22 -05:00
William Vu f3627b9b42
Land #6741, juniper_backdoor fixes 2016-04-01 13:55:21 -05:00
William Vu 41b802a8a2 Clean up module 2016-04-01 13:54:27 -05:00
Christian Mehlmauer 384f079fcd
revert travis.yml for now 2016-04-01 16:07:07 +02:00
Vex Woo 962acd0603 Merge pull request #13 from wchen-r7/pr6455
Add rspec for lib/net/dns/names/names.rb
2016-04-01 11:22:23 +08:00
Bigendian Smalls 6a4d7e3b58
Revshell cmd JCL payload for z/OS
Added a JCL-based reverse shell.  Uses the same source code as the
shellcode version does.  Source code is in
external/source/shellcode/mainframe/shell_reverse_tcp.s
2016-03-31 20:42:42 -05:00
wchen-r7 210cc8501c
Land #6507, Add PCMAN FTP Server Buffer Overflow (PUT command) 2016-03-31 19:36:33 -05:00
wchen-r7 ae0aecdd03 Change class name for exploits/windows/ftp/pcman_put.rb 2016-03-31 19:36:02 -05:00
wchen-r7 de0e02549c
Bring #6507 up to date with upstream-master 2016-03-31 19:30:45 -05:00
wchen-r7 d5bf82f1cc
Land #6488, Add Easy File Sharing FTP Server 7.2 SEH BoF 2016-03-31 19:24:34 -05:00
wchen-r7 f3336c7003 Update windows/http/easyfilesharing_seh 2016-03-31 19:24:06 -05:00