Commit Graph

18206 Commits (993a7335b96e1bba154eb821803aa300d5790451)

Author SHA1 Message Date
Meatballs bbd53a2dbd Add domain to get_cookies 2013-04-26 20:34:21 +01:00
Meatballs b25b9e769c Msftidy 2013-04-26 20:30:04 +01:00
Fernando Arias 71208b8dd3 Bumped Version and pointed to rubygems 2013-04-26 14:30:00 -05:00
Meatballs 1f2cab7aef Tidyup and getcookies 2013-04-26 20:26:04 +01:00
farias-r7 12f62ca99c Merge pull request #1760 from rapid7/creds-counter-cache
Bumps MDM version to latest

See PT#48827455 and PT#48595211
2013-04-26 11:50:18 -07:00
Fernando Arias 1c285fb47c Bumped MDM verstion to latest via github 2013-04-26 13:29:25 -05:00
Meatballs 0901d00da5 Remove redundant pay opts 2013-04-26 19:26:29 +01:00
Meatballs a17d61897d Change to send_rq_cgi 2013-04-26 19:19:11 +01:00
Luke Imhoff 249a09cd52 Update to metasploit_data_models 0.7.1
[#47979793]
2013-04-26 13:14:38 -05:00
Tod Beardsley bf6b1b4fbf Land #1773, fixes for Safari UXSS
Makes the module more user-friendly, doesn't barf on malformed paths for
keystroke logger catching.
2013-04-26 13:11:55 -05:00
Tod Beardsley c27245e092 Touch descriptions for module and options 2013-04-26 13:05:16 -05:00
Joe Vennix b4606ba60a Remove unnecessary puts call. 2013-04-26 12:55:02 -05:00
Tod Beardsley ca6d6fbc84 msftidy for whitespace 2013-04-26 12:44:11 -05:00
Tod Beardsley 16769a9260 Fixing path normalization 2013-04-26 12:40:24 -05:00
Tod Beardsley 5e2634f155 Merge the rest of #1765
This merge and commit f2838ee is for both. I was a little quick on the
draw for the last merge, didn't catch the latest commit.
2013-04-26 12:18:14 -05:00
Tod Beardsley f2838eed92 Land #1765, before each fixes to rspec 2013-04-26 12:09:05 -05:00
James Lee a12dbbaee7 Use :each instead of :all here, too 2013-04-26 11:49:30 -05:00
Meatballs 54233e9fba Better entropy 2013-04-26 17:46:43 +01:00
Meatballs c8da13cfa0 Add some entropy in request 2013-04-26 17:34:17 +01:00
Joe Vennix 2fa16f4d36 Rewrite relative script URLs to be absolute.
* Adds rescue clauses around URI parsing/pulling
* Actually use the URI_PATH datastore option.
2013-04-26 11:25:20 -05:00
Meatballs a043d3b456 Fix auth check and cookie handling 2013-04-26 17:10:24 +01:00
Meatballs 025315e4e4 Move to http 2013-04-26 15:42:26 +01:00
Meatballs 9ad19ed2bf Final tidyup 2013-04-26 15:41:28 +01:00
jvazquez-r7 99b46202b9 Do final cleanup for sap_configservlet_exec_noauth 2013-04-26 08:45:34 -05:00
jvazquez-r7 308b880d79 Land #1759, @andrewkabai's exploit for SAP Portal Command Execution 2013-04-26 08:44:11 -05:00
Meatballs c7ac647e4e Initial attempt lfi 2013-04-26 14:32:18 +01:00
Andras Kabai 5839e7bb16 simplify code 2013-04-26 12:14:42 +02:00
Andras Kabai 4aadd9363d improve description 2013-04-26 12:13:45 +02:00
jvazquez-r7 dcd54487b1 Land #1771, @wchen-r7's fix for ppr address on badblue_passthru 2013-04-25 21:16:35 -05:00
sinn3r d868aee994 Landing #1768 - Adds a delay option for file_dropper.rb
[Closes #1768]
2013-04-25 21:02:34 -05:00
sinn3r eae1cb5afa Let's word this a little differently 2013-04-25 21:01:53 -05:00
sinn3r b1e49e7116 Merge branch 'master' of github.com:rapid7/metasploit-framework into upstream-master 2013-04-25 20:54:28 -05:00
sinn3r d8be6b1b02 Landing #1768 - Adds a delay to file_dropper
[Closes #1768]
2013-04-25 20:52:58 -05:00
sinn3r 5b0ae1476b Let's word this a little differently 2013-04-25 20:52:51 -05:00
Meatballs b58a775af5 Added opt delay to file_dropper 2013-04-25 20:52:51 -05:00
sinn3r 71e055a5c2 Let's word this a little differently 2013-04-25 20:44:57 -05:00
jvazquez-r7 a217ca8bc7 Land #1763, @wchen-r7's modification to add js_ajax_download 2013-04-25 20:43:24 -05:00
sinn3r f3f60f3e02 Fixes P/P/R for target 0 (BadBlue 2.72b)
Target 1, which covers 2.72b, uses an invalid P/P/R from some unknown
DLL, and appears to be broken.  Because 2.72b actually uses the same
ext.dll as BadBlue EE 2.7 (and that target 0 actually also works
against 2.72b), we might as well just use the same P/P/R again.

[FixRM #7875]
2013-04-25 20:20:24 -05:00
sinn3r 008266a581 Corrects documentation. Thanks Meatballs1 2013-04-25 19:13:16 -05:00
jvazquez-r7 bf0375f0e9 Fix @jlee-r7's feedback 2013-04-25 18:43:21 -05:00
jvazquez-r7 8eea476cb8 Build the jnlp uri when resource is available 2013-04-25 18:43:21 -05:00
jvazquez-r7 cc961977a2 Add bypass for click2play 2013-04-25 18:43:21 -05:00
James Lee e2dece6f0e Make sure xor encoders work with odd padding 2013-04-25 15:45:06 -05:00
sinn3r ff87e3622b Changes made according to feedback from Juan and James 2013-04-25 15:19:44 -05:00
jvazquez-r7 9b5e96b66f Fix @jlee-r7's feedback 2013-04-25 14:53:09 -05:00
jvazquez-r7 52b721c334 Update description 2013-04-25 14:47:35 -05:00
jvazquez-r7 84e9f80ffa Add check for WP-Super-Cache 2013-04-25 14:43:16 -05:00
Luke Imhoff 9207ed6532 Msf::Ui::Console::CommandDispatcher::Core#search_modules_sql spec
[#47979793]
2013-04-25 14:33:13 -05:00
Andras Kabai 9dd9b2d1ba implement cleanup functionality
register DELETE_FILES advanced option to take control of the cleanup
functionality of CmdStagerVBS and FileDropper, implement the necessary
changes
2013-04-25 20:02:24 +02:00
jvazquez-r7 15c8d92148 Fix version checked and add reference 2013-04-25 12:48:36 -05:00