Commit Graph

31650 Commits (9dc99e420779625e7fe93adb7bf965758b412925)

Author SHA1 Message Date
jvazquez-r7 9dc99e4207 Update check 2015-03-10 09:26:22 -05:00
jvazquez-r7 fc4b312879 Add template 2015-03-09 23:04:32 -05:00
Brent Cook 603179176a
Land #4876, @hmoore-r7 give encoders and payloads space available 2015-03-09 11:50:46 -05:00
Samuel Huckins 08df0bfaca
Land #4858, RPC client true/truthy fix
* Misc ruby cleanup and fixing the issue that caused MSP-12235, rolling back the
full rollback of PR 4823
2015-03-09 11:35:57 -05:00
Tod Beardsley df80d56fda
Land #4898, prefer URI to open-uri 2015-03-09 09:14:10 -05:00
HD Moore c3479ba747 Update msfvenom & PayloadGenerator to pass in available_space 2015-03-09 01:14:56 -05:00
sinn3r 9e5231f951 More explicit and better readability
thanks Sam!
2015-03-09 00:16:56 -05:00
sinn3r a418410260 Change {} back to do/end
This seems to be the only one.
2015-03-09 00:00:49 -05:00
sinn3r a91a29d4e5 Add a comment explaining about the error key 2015-03-08 23:51:43 -05:00
HD Moore 6c71ae7fc3
Lands #4893, coerce to string to avoid stack trace
essage aborts
ssage aborts
2015-03-07 18:40:49 -06:00
William Vu c3e91c263f Fix NoMethodError in plugins/nessus.rb
Triggered by @port.length in nessus_login from YAML.
2015-03-07 17:56:12 -06:00
William Vu 5316e0f0ce
Land #4887, msfconsole -n store_loot fix 2015-03-07 17:14:21 -06:00
William Vu b79e99f55a
Land #4892, "response HTML" message fix 2015-03-07 17:09:13 -06:00
William Vu 3075c56064 Fix "response HTML" message
In modules/exploits/multi/browser/firefox_xpi_bootstrapped_addon.rb.
2015-03-07 17:08:08 -06:00
sinn3r f3494d9019 Correct grammar in BES 2015-03-07 16:04:06 -06:00
joev d7295959ca Remove open-uri usage in msf. 2015-03-05 23:45:28 -06:00
joev ca3b2220b5 Check to ensure Mdm is loaded to fix store_loot. 2015-03-05 23:27:13 -06:00
Brent Cook a13cd2bcb7
Land #4880: @wchen-r7 check if module has session before comparison 2015-03-05 20:48:42 -06:00
jvazquez-r7 2134cc3d22
Modify description 2015-03-05 16:55:24 -06:00
jvazquez-r7 c46c05f5ab
Land #4884, @Meatballs1's module for Nvidia arbitrary dll injection 2015-03-05 16:53:11 -06:00
jvazquez-r7 7b4776ee79 Deregister FOLDER_NAME 2015-03-05 16:42:07 -06:00
jvazquez-r7 1bc81ea723
Merge #4884 into updated master 2015-03-05 16:41:15 -06:00
Meatballs 33f089b1a5
Tidyup 2015-03-05 21:50:12 +00:00
jvazquez-r7 2da1b6cfda
Land #3323, @0x41414141's SMB target for struts_code_exec_classloader 2015-03-05 15:49:22 -06:00
jvazquez-r7 9f3f8bb727
Merging #3323 work 2015-03-05 15:44:15 -06:00
jvazquez-r7 c388fd49c2 Fix print message 2015-03-05 15:43:54 -06:00
jvazquez-r7 dd2559b748 Favor new target over new module 2015-03-05 15:41:53 -06:00
jvazquez-r7 ad0e287795
Modify struts_code_exec_classloader instead of adding a new module 2015-03-05 15:41:16 -06:00
jvazquez-r7 e1a4b046a0 Add support for tomcat 7 to struts_code_exec_classloader 2015-03-05 15:40:24 -06:00
Meatballs c56679f33e
Modify for new SMB mixin 2015-03-05 21:26:13 +00:00
William Vu 3e81bf073c
Land #4883, Postgres PTH reference 2015-03-05 15:05:27 -06:00
Tod Beardsley e429d4c04f Add reference and description for PTH on Postgres
Dave and William did most of the work already over on PR #4871, this
just points it out in the module.
2015-03-05 14:36:56 -06:00
Tod Beardsley 0c87e28208
Land #4882, workspace sort order
[Fixes #4881]
2015-03-05 14:30:00 -06:00
Matthew Hall fef8b89001 Merge pull request #6 from jvazquez-r7/final_3323_folder_support
Add support for a folder and update module.  Thanks @jvazquez-r7  - yeah I was using an older version of my code for the exploit (whoops - long day...). Landed. I'll look at merging this with the existing exploit over the weekend.
2015-03-05 20:08:10 +00:00
Samuel Huckins 7cb3e236fb
Adding back prepended colons
Don't seem to be needed but don't want to introduce that change.
2015-03-05 14:06:50 -06:00
Samuel Huckins 02d30b3d44
Changes workspace cmd ordering to updated_at asc 2015-03-05 14:05:24 -06:00
Samuel Huckins 84df403d11
Land #4852, vuln note import/export addition 2015-03-05 13:54:22 -06:00
jvazquez-r7 de08d8247b Do some module cleanup 2015-03-05 13:00:01 -06:00
sinn3r 31191bef39 Fix #4865, undef method 'ancestors' in lib/msf/core/payload_set.rb
Fix #4865
2015-03-05 12:49:51 -06:00
jvazquez-r7 82659aba93 Populate metadata from code to make test easier 2015-03-05 12:40:20 -06:00
jvazquez-r7 dc02f8332f Pass msftidy 2015-03-05 12:29:31 -06:00
jvazquez-r7 a06eb04d59 Deregister FOLDER_NAME on exploit modules 2015-03-05 12:27:12 -06:00
jvazquez-r7 38f8fe382c Update specs 2015-03-05 12:24:41 -06:00
jvazquez-r7 5ede40a39d Change the variable name 2015-03-05 12:21:33 -06:00
jvazquez-r7 e0a22a6794 Add support for folder 2015-03-05 12:19:33 -06:00
sinn3r cb9922ad39
Land #4874, Add PHPMoAdmin command injection 2015-03-05 11:30:44 -06:00
sinn3r 8978b1d7b5 Add a version 2015-03-05 11:29:44 -06:00
Matthew Hall 5b65811fb2 Merge pull request #5 from jvazquez-r7/land_3323
Update with rapid7 master changes. I'll take a further look at this module and add version support to pick the best exploit path for differing tomcat versions.
2015-03-05 14:46:01 +00:00
Ricardo Almeida 32188f09d6 Update phpmoadmin_exec.rb
Changes:
Added required comment at the top of the file;
Changed Class name "Metasploit3" >> "Metasploit4";
Standard name/email format for public PoC author.
2015-03-05 12:56:08 +00:00
Ricardo Almeida 95962aab0d Update phpmoadmin_exec.rb
Changes:
"Check if vulnerable" code improvement;
Payload delivery code improvement;
Minor indent issues.

Thanks for your feedback guys :)
2015-03-05 12:46:53 +00:00