a11d16ea30
More strict on check_disclosure_date
2012-10-14 19:06:36 -05:00
97ac7fa184
Merge branch 'module-wle-service-permissions' of git://github.com/zeroSteiner/metasploit-framework
2012-10-14 18:27:32 -05:00
e00dbfcc0d
You mean.. FILEPATH.
2012-10-14 18:18:11 -05:00
2f04fdd71a
Merge branch 'apache_activemq_traversal' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-apache_activemq_traversal
2012-10-14 18:16:41 -05:00
d971abaeb9
deleted extra comma
2012-10-14 22:39:07 +02:00
14bd0373d3
deleted extra space
2012-10-14 22:38:14 +02:00
ac6a4c9283
Added module for CVE-2010-1587
2012-10-14 22:36:02 +02:00
2b644dbc45
added module for Apache ActiveMQ directory traversal
2012-10-14 22:30:38 +02:00
9597e44a95
Merge branch 'msftidy_cleanup' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-msftidy_cleanup
2012-10-13 09:05:34 +02:00
7196ca5b5e
Fix bad indent
2012-10-12 18:35:05 -05:00
7aa6776e4b
let's not rejoin threads we've already joined.
2012-10-12 17:12:42 -04:00
694eacfc4b
performance fix for host discovery post modules
2012-10-12 16:43:42 -04:00
2b9c04318f
No more check_executable, check extname instead.
...
When File.executable?() is used, it checks if the file is an
executable AND that exe permission is set. Well, we don't really
have to set the permission we can still load/use the module. So
really, all we care is the module must be a ".rb" to make sure
it loads at startup. So that's what we need to check.
2012-10-12 14:37:42 -05:00
f5302bfc49
add deprication warning to the original module
2012-10-12 13:49:25 -04:00
2bbbbee381
Make the check_executable warning easier to understand.
2012-10-12 09:33:18 -05:00
dc71771dda
Change some texts
...
Changes include:
* Make invalid ranking an error, because it may affect module
search in msfconsole, or the metasploit site.
* Make invalid disclosure format an error, same concern as above.
* Plus other changes
2012-10-12 09:11:34 -05:00
90ae5c1178
Add PhpEXE support to RateMyPet module
2012-10-12 04:53:01 -05:00
db12413b09
Convert vcms_upload to use PhpEXE
...
Incidentally adds a Linux x86 target
2012-10-12 04:29:57 -05:00
a5cdf5df90
Fix check_executable
2012-10-12 03:16:50 -05:00
b89c4d1b7c
Rank checking should only run against exploit modules
2012-10-12 03:01:48 -05:00
13a5892e95
Add a mixin for uploading/executing bins with PHP
...
And use it in three modules that had copy-paste versions of the same
idea.
2012-10-12 02:57:41 -05:00
82189d9f8c
Make msftidy's code more manageable, and more helpful output
2012-10-12 02:55:16 -05:00
3ab24cdbb9
added exploits/windows/local/service_permissions
2012-10-11 22:42:36 -04:00
0adabb1e06
Merge branch 'wchen-r7-projectpier' into rapid7
...
[Closes #889 ]
2012-10-11 18:32:04 -05:00
55c0cda86c
Merge branch 'fix_vprint_reduceright' of git://github.com/kernelsmith/metasploit-framework into kernelsmith-fix_vprint_reduceright
2012-10-11 16:55:52 -05:00
c911eeece2
change vprint_error to print_error
...
exploits/windows/browser/mozilla_reduceright does not tell you when an
incompatible browser connects like most other browser exploits do
(unless verbose is true). This change just changes the vprint to print
to be more consistent w/other browser exploits
2012-10-11 16:51:17 -05:00
9ea208d129
Oops, overwrote egypt's changes by accident
2012-10-11 16:40:52 -05:00
82eaa322fe
Make cleanup work better
2012-10-11 16:39:54 -05:00
3a66a07844
Proposed re-wording of description
...
[See #889 ]
2012-10-11 15:48:04 -05:00
24980e735b
I found an OSVDB ID
2012-10-11 15:28:07 -05:00
55128f5bb3
Make sure res has value before passing it on to exec_php
2012-10-11 14:43:38 -05:00
033a11eff5
Add Project Pier File Upload Vulnerability
2012-10-11 13:47:40 -05:00
7d848c7147
Merge remote branch 'origin/bug/fastlib-nested-pathnames'
2012-10-10 17:31:36 -05:00
b8e880bf82
Merge branch 'post-module-sdel' of https://github.com/bmerinofe/metasploit-framework into bmerinofe-post-module-sdel
2012-10-10 13:42:20 -05:00
32ad20d0e0
Merge branch 'jlee-r7-bug/activerecord-dep'
2012-10-10 13:41:51 -05:00
1ea73b7bd2
Small description change and favor the use of print_error
2012-10-10 13:37:23 -05:00
f32ce87071
delete comment added by error
2012-10-10 19:32:25 +02:00
13e914d65e
added on_new_session handler to warn users about cleanup
2012-10-10 19:31:38 +02:00
b4485fdb2b
added chm templates
2012-10-10 19:21:47 +02:00
37dc19951b
Added module for ZDI-12-169
2012-10-10 19:14:54 +02:00
98c387cc81
Merge pull request #886 from todb-r7/fix-msfupdate
...
Fix msfupdate for #7297
2012-10-10 09:23:28 -07:00
09f34268d2
Deal with blank or missing config-dir better
...
Just deleting at an index will be surprising when you've already deleted
the wait/nowait. Use an Array#compact strategy instead.
Also, always define a sensible config-dir, even if none is given. If the
user wants to pass one especially, they can.
[FixRM #7297 ]
2012-10-10 10:18:40 -05:00
f247379bb1
Handle the old wait/nowait shift behavior.
...
The old msfupdate would shift the first argument off the stack
regardless what it was. We have two possible candaidates now, wait and
nowait. Shouldn't be any others.
[SeeRM #7297 ]
2012-10-10 09:50:30 -05:00
21d1a5857a
Adding Iterations options
2012-10-10 12:32:30 +02:00
9a0a063048
Whitespace at EOL
2012-10-09 16:56:22 -05:00
32680df7ec
Merge branch 'todb-r7-fix-msfupdate' into rapid7
...
[Closes #883 ][Closes #882 ]
2012-10-09 16:54:25 -05:00
a31984c0ab
Always provide --config-dir for msfupdate
...
Otherwise, you will run into problems described in #882 .
2012-10-09 16:25:06 -05:00
7b45ef6038
Applying changes. Blocks -Begin .. End- deleted
2012-10-09 21:52:49 +02:00
db4ba472d5
[ Closes #881 ]
2012-10-09 13:29:31 -05:00
22f7c42b85
Merge branch 'master' into feature/updated-mobile
2012-10-09 12:58:19 -05:00
sinn3r
jvazquez-r7
Raphael Mudge
Spencer McIntyre
James Lee
kernelsmith
Tod Beardsley
HD Moore
Borja Merino