Commit Graph

29594 Commits (9de4137aa7e91626e19a670a9a9f206358104aa1)

Author SHA1 Message Date
HD Moore 9de4137aa7 Patch UA/Proxy settings during migration, lands #3632 2014-12-16 22:21:48 -06:00
Sean Verity 370f6003e3 Refactors metsrv patching in reverse_hop_htt.rb 2014-12-17 11:57:17 -05:00
Sean Verity 1930eb1bf8 Refactors metsrv patching in reverse_http.rb 2014-12-17 10:04:43 -05:00
William Vu f6af86a06d
Land #4402, ms12_020_check NilClass fix 2014-12-16 15:34:25 -06:00
William Vu 3a00db3c9c
Land #4404, Oracle scheduler exploit fix 2014-12-16 15:33:44 -06:00
William Vu c78685269f
Land #4403, msfvenom configurable variable name 2014-12-16 10:10:54 -06:00
David Maloney f237c56a13
This oracle scheduler exploit hangs if not vuln
When this exploit gets run against a system that isn't vulnerable
it can hang for a signifigant ammount of time. This change uses the check
method on the exploit to see whether it should proceed. Don't try to exploit
the host if it's not vulnerable.
2014-12-16 09:42:42 -06:00
sinn3r 513fd122b8 Update rpsec 2014-12-16 00:26:53 -06:00
sinn3r c2bc79c53c Resolves #4275 - Configurable variable name as an option
Resolves #4275
2014-12-15 23:59:34 -06:00
Sean Verity 52b3025351 Reworked to avoid extending String class on blob per hdm's rec. 2014-12-15 21:40:41 -05:00
William Vu 2604746fb7
Land #4361, Kippo detector 2014-12-15 14:54:48 -06:00
Andrew Morris 81a069d548 Merge pull request #1 from wvu-r7/pr/4361
Merging changes. Thanks for all the help!
2014-12-15 15:51:48 -05:00
Samuel Huckins 4c994d84e0
Updating version to 4.11 for Flood release 2014-12-15 14:42:09 -06:00
William Vu 8394cc13a8
Perform final cleanup of detect_kippo 2014-12-15 14:38:38 -06:00
sinn3r c611249723 Take full advantage of the check command 2014-12-15 12:50:59 -06:00
sinn3r 9edb2b4fab Fix #4378 - Do exception handling
Fix #4378
2014-12-15 12:37:36 -06:00
Jon Hart effb5b966f
Land #4328, @bcoles' exploit for ActualAnalyzer < 2.81 'ant' code execution 2014-12-15 09:57:27 -08:00
Jon Hart 025c0771f8
Have exploit call check. Have check report_vuln 2014-12-15 09:53:11 -08:00
sinn3r 4c714b3eaf
Land #4386 - Fix issue #3852 (support for other languages for enable_rdp) 2014-12-15 11:37:05 -06:00
Jon Hart f521e7d234
Use newer Ruby hash syntax 2014-12-15 09:17:32 -08:00
Jon Hart c93dc04a52
Resolve address before storing the working cred 2014-12-15 09:11:12 -08:00
Brent Cook c24fdb81b5
Land #4389, Meatballs1's fix for enum_ad_* post module regressions
Fixes #4387 by adjusting for the new return type from ADSI queries.
2014-12-15 10:45:12 -06:00
Jon Hart 5ca8f187b3 Merge remote-tracking branch 'upstream/pr/4328' into temp 2014-12-15 08:15:51 -08:00
Samuel Huckins 3ee60101cf
Updating lockfile for credential 0.13.8
Logfile cleanup
2014-12-14 21:12:32 -06:00
Samuel Huckins 63320ce7bd
Updating to latest metasploit-credential, 0.13.8
Drops test log files that are clogging build
2014-12-14 21:05:32 -06:00
Brendan Coles 4530066187 return nil 2014-12-15 01:04:39 +11:00
Brendan Coles 55d9e9cff6 Use list of potential analytics hosts 2014-12-14 23:15:41 +11:00
Brendan Coles f1f57c6ed9 Merge pull request #1 from jhart-r7/landing-4328
Minor improvements to actual analyzer ant cookie exploit
2014-12-14 23:04:13 +11:00
HD Moore e3943682a2
Improves linux/armle payloads, lands #3315 2014-12-13 18:27:14 -06:00
HD Moore e2617c7095
Return the workspace id in responses, lands #4142 2014-12-13 18:04:58 -06:00
HD Moore 00590f9f26
Adds Java serialization support, lands #4327 2014-12-13 17:47:53 -06:00
HD Moore 6ea5ed1a82
Shrinks windows payloads, lands #4391 2014-12-13 17:41:50 -06:00
HD Moore f67a32ef9c
Add missing commits from #3770, lands #4393 2014-12-13 17:36:26 -06:00
Jon Hart fa071930c3
Land #4390 2014-12-13 11:26:17 -08:00
Brandon Perry eb47ca593e update desc to include domain admin information 2014-12-13 13:01:41 -06:00
Brandon Perry 2e94280cba mv bmc to scanner/http 2014-12-13 12:58:16 -06:00
HD Moore 19adfca8ce Updated stubs from source 2014-12-13 12:55:41 -06:00
HD Moore 5a645c5eba Stagers updated from source 2014-12-13 12:50:47 -06:00
Meatballs e914061745
Gsub out funny character when storing to database 2014-12-13 18:35:31 +00:00
Meatballs 316710329b
Fix field.value 2014-12-13 18:31:29 +00:00
Meatballs 5d18de2ebf
Fix legacy railgun LDAP implementation 2014-12-13 18:26:26 +00:00
HD Moore 92490ab5e8 Singles updated from the source 2014-12-13 12:22:07 -06:00
Meatballs d3d744a7cb
Make sure we get the field :value 2014-12-13 18:13:36 +00:00
HD Moore 4681416a0f Update block_api with @schierlm's changes 2014-12-13 12:06:38 -06:00
Michael Schierl e8728943ec Shave off two more bytes for HTTP(s) stagers 2014-12-13 11:49:30 -06:00
Michael Schierl 69c938f65a More shellcode golf 2014-12-13 11:49:15 -06:00
Brandon Perry 8c6b95c39c Merge branch 'landing-4359' of https://github.com/jhart-r7/metasploit-framework into bmc_trackit 2014-12-13 11:37:57 -06:00
Brandon Perry cd1e61a201 Merge branch 'master' into bmc_trackit 2014-12-13 11:36:30 -06:00
Andrew Morris 8dd5da9d64 added blog post reference 2014-12-12 18:53:26 -08:00
jvazquez-r7 b1453afb52
Land #4297, fixes #4293, Use OperatingSystems::Match::WINDOWS
* instead of Msf::OperatingSystems::WINDOWS
2014-12-12 18:19:58 -06:00