Commit Graph

36034 Commits (a28ab216d3faebc2fd482689b3a86f82727d5f8c)

Author SHA1 Message Date
Brent Cook be23da1c1f Merge branch 'upstream-master' into land-6120-python-stageless 2015-10-30 17:26:26 -05:00
Brent Cook cddbcc52ab
Land #6171, update to metasploit 4.11.5 2015-10-30 17:09:57 -05:00
Brent Cook 4a52b62275 bump to 4.11.5, update a few other gems 2015-10-30 17:08:29 -05:00
Louis Sato 78416724f8
Land #6167, fix deprecation warning + expiration
adobe flash player buffer overlow deprecation warning replacement
and expiration extended
2015-10-30 15:49:40 -05:00
Louis Sato 2bd792f693
remove .rb file extension 2015-10-30 15:26:45 -05:00
Jon Hart 15a9bccb2f
Use correct order for help ... 2015-10-30 13:17:15 -07:00
Jon Hart c54f034f62
Correct help feature 2015-10-30 12:34:34 -07:00
Jon Hart 377017a2d5 Include module name in advanced options output 2015-10-30 11:54:44 -07:00
Jon Hart 0091a05fa6 Add 'advanced' and 'options' commands to mirror 'info' 2015-10-30 11:54:40 -07:00
Jon Hart 6bfa6095c6 Add 'show info'; just calls 'info' 2015-10-30 11:54:35 -07:00
William Vu f8a39ecc21
Land #6145, better RPC exception handling 2015-10-30 13:25:52 -05:00
wchen-r7 db0518dd3c Bump jsobfu to 0.3.0 2015-10-30 13:06:53 -05:00
Samuel Huckins f064fec0f1
Bumped version to 4.11.5
MSP-13377
2015-10-30 09:37:00 -05:00
wchen-r7 82e600a53a Suggest the correct replacement for the deprecated module
The deprecated module has been suggesting the wrong replacement,
it should be exploits/multi/browser/adobe_flash_pixel_bender_bof.rb
2015-10-29 16:24:29 -05:00
Louis Sato 57304a30a8
Land #6139, remove bad ref links 2015-10-29 16:00:43 -05:00
wchen-r7 95920b7ff6 Bring back more working links 2015-10-29 15:57:16 -05:00
wchen-r7 da52c36687 Put back some links 2015-10-29 15:48:47 -05:00
Louis Sato da7c4ecac4
Land #6141, update description, authors, and references for zpanel_information_disclosure_rce 2015-10-29 13:50:27 -05:00
wchen-r7 4e20b8f369 Fix #5875, Add report_vuln for Msf::Exploit::CheckCode::Vulnerable
Msf::Exploit::CheckCode::Vulnerable requires the module to be
explicit, as in actually triggering the bug and get a vulnerable
response, therefore it should be appropriate to use report_vuln
to report it.

Other vuln check codes (such as Appears, or Detected, etc) will
not call report_vuln, because it's not explicit enough.
2015-10-29 13:22:59 -05:00
nixawk faf9be811a delete caidao_php_backdoor_exec from exploits 2015-10-29 02:18:30 +00:00
nixawk 5d8ccd297e Fix References / Exploit -> Auxiliary 2015-10-29 02:15:20 +00:00
OJ c5643e52ff Add support for the show_mount command (windows) 2015-10-29 07:28:33 +10:00
wchen-r7 93df45eff1
Land #6138, Land joomla plugin com_realestatemanager Error Based SQLi 2015-10-28 13:36:14 -05:00
wchen-r7 09b79414ee Report hash 2015-10-28 13:33:00 -05:00
Brent Cook 466536041f
Land #6143, treat powershell and shell the same for RPC read/write 2015-10-28 11:57:48 -05:00
Louis Sato 657a5481dc
fix rpc session conditional to allow powershell read/write 2015-10-28 11:49:32 -05:00
nixawk bc02993567 chinese caidao php backdoor command execution 2015-10-28 16:43:58 +00:00
wchen-r7 1805774b16 Resolve #6020, Better RPC exception handling
Resolve #6020. Avoid trying to rescue RuntimeError.
2015-10-28 11:16:44 -05:00
wchen-r7 e7d6493311 Replace links 2015-10-28 10:45:02 -05:00
g0tmi1k 3648004527 Merge pull request #1 from jvazquez-r7/review_5720
Fix download of files on linux
2015-10-28 10:27:42 +00:00
wchen-r7 5b86d2ef95 Fix #6133, update description, authors and references
Fix #6133

Thank you @japp-0xlabs
2015-10-27 14:38:18 -05:00
wchen-r7 154fb585f4 Remove bad references (dead links)
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
William Vu a65172bbcb
Land #6125, Joomla SQLi creds gather module 2015-10-27 11:21:30 -05:00
William Vu 9041f95511 Perform final cleanup 2015-10-27 11:21:17 -05:00
nixawk 132cbf0cd7 joomla plugin com_realestatemanager Error Based SQL Ijnection 2015-10-27 15:18:17 +00:00
William Vu 93a2507223
Land #6137, has_key -> has_key? 2015-10-27 09:39:13 -05:00
William Vu 74353686a3
Land #6136, rescue SMB error for psexec 2015-10-27 09:31:37 -05:00
wchen-r7 e0801b39ba Fix undef method has_key for module_references.rb tool
I made a typo. Should be has_key?, not has_key
2015-10-26 23:12:01 -05:00
Brandon Perry c7fe014854 remove global variables 2015-10-26 17:13:51 -05:00
jvazquez-r7 b2e3ce1f8a
Allow to finish when deletion fails 2015-10-26 16:40:36 -05:00
William Vu 5ad30d0070
Land #6067, @bigendiansmalls' MainframeShell class 2015-10-26 16:01:18 -05:00
wchen-r7 9adfd296a0
Land #6128, Th3 MMA mma.php Backdoor Arbitrary File Upload 2015-10-26 15:26:06 -05:00
wchen-r7 0d9ebe13a1 Modify check 2015-10-26 15:25:38 -05:00
bigendian smalls d70d30c003
Merged to most recent metasploit-framework/master 2015-10-26 15:09:32 -05:00
bigendian smalls 43dbdcea76
Removed process_autoruns from mainframe_shell
Removed process_autoruns until we can write a fully compatible one or
fully regression test the existing.  Likely the former because of
encoding issues
2015-10-26 14:55:40 -05:00
Bigendian Smalls 430a83b148 Merge pull request #1 from wvu-r7/pr/6067
Clean up Msf::Sessions::MainframeShell
2015-10-26 14:48:18 -05:00
William Vu bbc1e43149 Remove raise, since it broke things
Need to pass through silently.
2015-10-26 14:45:21 -05:00
William Vu 43eae0b97f Clean up Msf::Sessions::MainframeShell 2015-10-26 12:15:45 -05:00
wchen-r7 f4abc16c66
Land #6102, Add rsh/libmalloc privilege escalation exploit module 2015-10-26 10:54:05 -05:00
JT 4f244c54f8 Update mma_backdoor_upload.rb 2015-10-26 23:01:38 +08:00