Commit Graph

20335 Commits (a2f0834877bb05ea8725407ae7a41bb20007c2c3)

Author SHA1 Message Date
Tod Beardsley a2f0834877 Bump requirement for packetfu
Not sure why this version is pinned, I'm pretty trustworthy.

I would love to see @jlee-r7 or @hdm-r7 land this, since they were the
ones who so a problem with binary regexes in 1.1.8
2013-09-12 17:24:11 -05:00
Tod Beardsley 32d2f7ffce Hard tabs for now 2013-09-12 16:15:50 -05:00
Tod Beardsley 52843c6a67 Revert whitespace change to msf_tidy.rb
Causing merge conflicts, I'll re-tab it after this PR lands.

This reverts commit 1178da46c6.
2013-09-12 16:14:42 -05:00
Tod Beardsley 1178da46c6 Normalize indentation or @wchen-r7 will be cross 2013-09-12 16:10:43 -05:00
Tod Beardsley 0b481d86bf Empty commit to trigger PT tracking
Let's see if PT actually sees this.

[#56795804]
[#56796034]
2013-09-12 16:08:14 -05:00
Tod Beardsley cf27b0b457 Add msftidy check for snake_case.rb filenames 2013-09-12 16:06:17 -05:00
Tod Beardsley 76f27ecde8 Require the deprecation mixin in all modules
Because rememberin to require it, and hoping against a race is not how we
roll any more.
2013-09-12 15:49:33 -05:00
Tod Beardsley 761042f14b require the deprecated mixin 2013-09-12 15:42:01 -05:00
Tod Beardsley 968f299772 Deprecate A-PDF exploit for filename change
See PT 56796034
See PT 56795804
2013-09-12 15:30:26 -05:00
Tod Beardsley d47de46d94 Deprecate brightstor/tape_engine_8A
This module is getting renamed to 8a, instead of 8A.
2013-09-12 13:59:44 -05:00
James Lee 6ba9693d5d
Land #2349 pymeterp fixes 2013-09-10 16:42:58 -05:00
Spencer McIntyre e3e2c69de1 Fix additional issues in the python meterpreter. 2013-09-10 15:06:33 -04:00
Tod Beardsley c40b68f252
Land #2347, nail down the require paths 2013-09-10 11:41:13 -05:00
jvazquez-r7 4f1db80c24 Fix requires in new post modules 2013-09-10 11:13:07 -05:00
Tod Beardsley cf8c11ca89
Land #2335, Gemfile updates (run bundle install!)
FAQ:

Q: I get an error telling me to run bundle install when I try to start
msfconsole. What do I do?

A: Type: "bundle install" (or msfupdate which runs it, too)
2013-09-10 11:08:23 -05:00
jvazquez-r7 df3aae0cae Land #2341, @todb-r7's grammar fixes 2013-09-10 09:20:29 -05:00
Tod Beardsley adddf2b188
Land #2343 protect vs int wrap on ARM/Android
[FixRM #8034]
2013-09-09 20:37:25 -05:00
HD Moore 06f7abc552 Helps to put the rand() wrapper in 2013-09-09 20:26:11 -05:00
HD Moore baff3577e5 FixRM #8034 Pick a valid certificate expiration 2013-09-09 20:24:52 -05:00
Tod Beardsley 93c0b02b3b
Land #2342, fix for smb_enumshares Array-ness 2013-09-09 16:55:01 -05:00
James Lee f73c18ccd9 Store the Array, not human-readable version
[SeeRM #8389]
2013-09-09 16:44:47 -05:00
Tod Beardsley aff35a615b Grammar fixes in descriptions 2013-09-09 15:09:53 -05:00
Tod Beardsley fd7501d729 Land #2340, fix ltype on proficy module. 2013-09-09 14:28:38 -05:00
jvazquez-r7 2252aee398 Fix ltype on store_loot 2013-09-09 14:02:28 -05:00
jvazquez-r7 791b6f69c2 Land #2337, @wchen-r7's exploit for MS13-055 2013-09-09 11:12:03 -05:00
sinn3r e9e7fe670d Land #2331 - Change rules on tabbing 2013-09-09 10:35:23 -05:00
sinn3r 0ee0168556 Retabbed
One kills a man, one is an assassin; one kills millions, one is a
conqueror; one kills a tab, one is a Metasploit dev.
2013-09-09 10:01:01 -05:00
sinn3r 6ab905e9e0 Less alignment 2013-09-09 09:39:02 -05:00
Tod Beardsley 2d9eb9e89b Be more explicit about two-space tabs 2013-09-09 09:34:48 -05:00
sinn3r 992bdcf530 Not from the future 2013-09-09 00:36:28 -05:00
sinn3r ae659507d2 Land #2336 - GE Proficy Cimplicity WebView Directory Traversal 2013-09-08 23:05:57 -05:00
jvazquez-r7 3d48ba5cda Escape dot on regex 2013-09-08 20:26:20 -05:00
sinn3r 47147444af Land #2327 HP SiteScope Remote Code Execution 2013-09-08 20:14:27 -05:00
sinn3r c3db41334b Add MS13-055 Internet Explorer Use-After-Free Vulnerability
In IE8 standards mode, it's possible to cause a use-after-free condition by first
creating an illogical table tree, where a CPhraseElement comes after CTableRow,
with the final node being a sub table element. When the CPhraseElement's outer
content is reset by using either outerText or outerHTML through an event handler,
this triggers a free of its child element (in this case, a CAnchorElement, but
some other objects apply too), but a reference is still kept in function
SRunPointer::SpanQualifier. This function will then pass on the invalid reference
to the next functions, eventually used in mshtml!CElement::Doc when it's trying to
make a call to the object's SecurityContext virtual function at offset +0x70, which
results a crash. An attacker can take advantage of this by first creating an
CAnchorElement object, let it free, and then replace the freed memory with another
fake object. Successfully doing so may allow arbitrary code execution under the
context of the user.

This bug is specific to Internet Explorer 8 only. It was originally discovered by
Orange Tsai at Hitcon 2013, but was silently patched in the July 2013 update, so
no CVE as of now.
2013-09-08 20:02:23 -05:00
jvazquez-r7 02cc53e893 Land #2298, @dzruyk's DoS aux module for CVE-2013-4124 2013-09-07 16:11:49 -05:00
jvazquez-r7 a40e0ba704 Clean up read_nttrans_ea_list 2013-09-07 16:11:00 -05:00
jvazquez-r7 be9b0da595 Update print message 2013-09-06 16:09:38 -05:00
jvazquez-r7 830bc2ae64 Update OSVDB reference 2013-09-06 13:01:39 -05:00
jvazquez-r7 4e3d4994c3 Update description 2013-09-06 12:58:54 -05:00
jvazquez-r7 45821a505b Add module for CVE-2013-0653 2013-09-06 12:42:34 -05:00
jvazquez-r7 5e16580c68 Land #2280, @jvennix-r7's exploit for CVE-2012-5519 2013-09-06 10:22:06 -05:00
jvazquez-r7 ffa600ff8b Fix really the check method 2013-09-06 10:21:18 -05:00
jvazquez-r7 9b9e1592fd Retab changes 2013-09-06 10:13:38 -05:00
jvazquez-r7 a64f960bfc Merge for retab 2013-09-06 10:12:55 -05:00
jvazquez-r7 d9fed860a5 Fix check method 2013-09-06 10:11:06 -05:00
Brandon Turner 83a827095b Older versions of rake break specs 2013-09-06 09:34:05 -05:00
Brandon Turner c1e3884e5a Update active* and other gems 2013-09-06 09:34:05 -05:00
Brandon Turner 35ec21cc97 Update test gems
This should not affect core Metasploit Framework as it only updates gems
in the test group (and dependencies of those gems).
2013-09-06 09:34:05 -05:00
Brandon Turner cf69577433 Remove rpsec should_not raise_error deprecations
Checking that a specifc error is not raised is deprecated in rspec:
https://github.com/rspec/rspec-expectations/pull/244
2013-09-06 09:34:05 -05:00
Brandon Turner 4760000bca Replace mock with double in specs
mock is deprecated - https://www.relishapp.com/rspec/rspec-mocks/docs
2013-09-06 09:34:05 -05:00