cd734acf3e
[See RM 8114] - Reduce false positive if traffic is redirected
...
Fix complaint for hitting this false positive when the user has
all the traffic redirected.
2013-08-15 16:33:10 -05:00
83a179ff08
[Fix RM 8224] - undefined method `include?' for nil:NilClass
...
Bug due to registry_enumkeys returning nil.
2013-08-15 16:04:35 -05:00
6c1ba9c9c9
Switch to Failure vs Exploit::Failure
2013-08-15 14:14:46 -05:00
bec15ebf7c
Remove Failure (moved to parent class)
2013-08-15 13:31:21 -05:00
4706f8b54c
Add fail_with() stub and move Failure from Exploit
2013-08-15 13:30:47 -05:00
0ef4b4c982
Land #2222 , remove Version from module info
2013-08-15 11:56:21 -05:00
a65181d51b
new revision - cisco_ironport_enum
...
Added code to check successful conn first, so now if there is no connectivity on target port, script aborts run.
New check to ensure 'set-cookie' is set by the app as expected, before any further fingerprinting & b-f starts.
If the app is not Ironport, 'set-cookie' will not be set & remains null, and so script aborts run.
De-registered 'TARGETURI.'
Registered 'username' and 'password' with default value.
Changed some run messages.
And lastly, changed the csrf key piece cos I miss a cold beer right now.
2013-08-15 04:06:30 +05:30
5032ed8966
Land #2226 - Ensure checksum* methods return a Fixnum
2013-08-14 16:45:34 -05:00
d4a56a319e
Merge pull request #2112 from shuckins-r7/bug/remove-rname-validation
...
Update to MDM 0.16.6
2013-08-14 13:25:15 -07:00
ed00b8c19e
Ensure checksum* methods return a Fixnum
...
Fixes a bug in reverse_http* stagers where requests for the root URI
(i.e., "/") cause a NoMethodError on nil returned by checksum8.
[See #2216 ]
2013-08-14 14:09:37 -05:00
23c5f02e9a
Land #2225 - Fix dlink_dir300_exec_telnet
2013-08-14 13:11:42 -05:00
eac05ebcab
Land #2223 - MiniWeb (Build 300) Arbitrary File Upload
2013-08-14 13:07:32 -05:00
98e0053dc6
Fix indent level
2013-08-14 13:07:01 -05:00
178a7b0dbb
Fix author's email format
2013-08-14 11:56:47 -05:00
ec36970ffa
cisco_ironport_enum module
...
This module scans for Cisco Ironport SMA, WSA and ESA web login portals, finds AsyncOS version and performs login brute force to identify valid credentials.
2013-08-14 22:22:06 +05:30
2a4b8e4a64
Add useful comment
2013-08-14 11:49:32 -05:00
e6c36864c4
Fix telnet related stuff
2013-08-14 11:47:57 -05:00
d526663a53
Add module to brute force the Cisco IronPort application
2013-08-14 09:16:49 -07:00
bd6a45fffa
Get rid of version() use
2013-08-14 11:00:09 -05:00
7145a85fb4
Add MiniWeb (Build 300) Arbitrary File Upload
2013-08-15 01:01:46 +09:30
163c13526d
Land #2221 - Add more refs to joomla_media_upload_exec
2013-08-14 02:38:51 -05:00
83aec3b231
Remove module version display
...
Since modules no longer use the 'Version' key, there's no point to
collect and show them. It's all 0 anyway.
[See RM 8278]
2013-08-14 02:26:39 -05:00
1d82ed176f
Update joomla_media_upload_exec references
2013-08-13 23:27:01 -05:00
bce50d1b05
Land #2220 - OSX Password Prompt Spoof
2013-08-13 22:15:14 -05:00
919e0d1901
MSF license, make use of print_good
2013-08-13 22:14:35 -05:00
e1856651bc
Incorporate the suggested edits from the PR review.
...
* Rewrites helpers to just use cmd_exec, since that works in meterpreter and shell.
* Changes _EOF_ to EOF, since that threw a harmless error in shell
commits
* Prefer using Post mixin API instead of rolling-own implementation
* Fixes whitespace
[SeeRM #5940 ]
2013-08-13 19:35:55 -05:00
99ef714d00
Updates pps description.
2013-08-13 19:35:55 -05:00
52fa000211
Get password_prompt_spoof module working. [RM #5940 ]
2013-08-13 19:35:55 -05:00
54cffdb27d
Land #2219 - OSVDB-95933: Joomla Media Manager File Upload Vulnerability
2013-08-13 19:04:57 -05:00
e912a64ccc
Description change
2013-08-13 19:04:25 -05:00
c9799c1ee6
Land #2212 - Change migrate order & print target_pid
2013-08-13 18:56:54 -05:00
312ff1a20e
Delete period from regular expressions
2013-08-13 17:50:26 -05:00
04eed49310
Add support for FileDropper
2013-08-13 16:47:24 -05:00
e4a570d36b
Update metadata according to OSVDB
2013-08-13 16:42:53 -05:00
2086c51b67
Add module for Joomla Upload Exploit in the wild
2013-08-13 16:27:27 -05:00
73e9bf9fa8
Merge branch 'bug/smart_migrate' of github.com:/dmaloney-r7/metasploit-framework into bug/smart_migrate
...
Conflicts:
modules/post/windows/manage/smart_migrate.rb
2013-08-13 13:56:01 -05:00
6be4d9e583
missing interpolation
2013-08-13 13:52:44 -05:00
4bfb411411
Merge pull request #8 from tabassassin/retab/2212
...
Retab #2212
2013-08-13 11:51:40 -07:00
e6836c0353
Land #2218 , favor 'unless' over 'if' for negatives
...
This is a minor syntax fix for the issue brought up on
2013-08-13 10:53:53 -05:00
31cbc270fd
Favor unless over if for negative condition
2013-08-13 08:46:12 -05:00
92d57ef37d
Fix merge conflict
...
Conflicts:
msfvenom
2013-08-13 00:00:16 -05:00
1a34b746ee
Land #2217 - Fix browser detection
2013-08-12 23:30:19 -05:00
bc9a26d4ee
Fix condition
2013-08-12 23:05:26 -05:00
568181de84
Add sthetic spaces
2013-08-12 22:33:34 -05:00
6d70d4924e
Land #2206 , @PsychoSpy module for OSVDB 94097
2013-08-12 22:27:03 -05:00
7981601eb8
Do final cleanup on intrasrv_bof
2013-08-12 22:24:53 -05:00
5067d8a070
Land #2215 , really
...
Cool, now I have two lands of the same commit because I was in a funny
branch. Sorry about that.
2013-08-12 20:35:57 -05:00
ebd485349f
Retab smart_migrate.rb module
...
Retabs completely for PR #2212
2013-08-12 20:23:33 -05:00
d3a60135b8
Add retab util to this branch
2013-08-12 20:19:14 -05:00
2d3c2c1c87
Set default target to 0 because there's only one
2013-08-12 20:01:23 -05:00
sinn3r
HD Moore
Tod Beardsley
Karn Ganeshen
Brandon Turner
James Lee
jvazquez-r7
bcoles
Joe Vennix
Joff Thyer
David Maloney
Tab Assassin