Tod Beardsley
a2f0834877
Bump requirement for packetfu
...
Not sure why this version is pinned, I'm pretty trustworthy.
I would love to see @jlee-r7 or @hdm-r7 land this, since they were the
ones who so a problem with binary regexes in 1.1.8
2013-09-12 17:24:11 -05:00
Tod Beardsley
32d2f7ffce
Hard tabs for now
2013-09-12 16:15:50 -05:00
Tod Beardsley
52843c6a67
Revert whitespace change to msf_tidy.rb
...
Causing merge conflicts, I'll re-tab it after this PR lands.
This reverts commit 1178da46c6
.
2013-09-12 16:14:42 -05:00
Tod Beardsley
1178da46c6
Normalize indentation or @wchen-r7 will be cross
2013-09-12 16:10:43 -05:00
Tod Beardsley
0b481d86bf
Empty commit to trigger PT tracking
...
Let's see if PT actually sees this.
[#56795804 ]
[#56796034 ]
2013-09-12 16:08:14 -05:00
Tod Beardsley
cf27b0b457
Add msftidy check for snake_case.rb filenames
2013-09-12 16:06:17 -05:00
Tod Beardsley
76f27ecde8
Require the deprecation mixin in all modules
...
Because rememberin to require it, and hoping against a race is not how we
roll any more.
2013-09-12 15:49:33 -05:00
Tod Beardsley
761042f14b
require the deprecated mixin
2013-09-12 15:42:01 -05:00
Tod Beardsley
968f299772
Deprecate A-PDF exploit for filename change
...
See PT 56796034
See PT 56795804
2013-09-12 15:30:26 -05:00
Tod Beardsley
d47de46d94
Deprecate brightstor/tape_engine_8A
...
This module is getting renamed to 8a, instead of 8A.
2013-09-12 13:59:44 -05:00
James Lee
6ba9693d5d
Land #2349 pymeterp fixes
2013-09-10 16:42:58 -05:00
Spencer McIntyre
e3e2c69de1
Fix additional issues in the python meterpreter.
2013-09-10 15:06:33 -04:00
Tod Beardsley
c40b68f252
Land #2347 , nail down the require paths
2013-09-10 11:41:13 -05:00
jvazquez-r7
4f1db80c24
Fix requires in new post modules
2013-09-10 11:13:07 -05:00
Tod Beardsley
cf8c11ca89
Land #2335 , Gemfile updates (run bundle install!)
...
FAQ:
Q: I get an error telling me to run bundle install when I try to start
msfconsole. What do I do?
A: Type: "bundle install" (or msfupdate which runs it, too)
2013-09-10 11:08:23 -05:00
jvazquez-r7
df3aae0cae
Land #2341 , @todb-r7's grammar fixes
2013-09-10 09:20:29 -05:00
Tod Beardsley
adddf2b188
Land #2343 protect vs int wrap on ARM/Android
...
[FixRM #8034 ]
2013-09-09 20:37:25 -05:00
HD Moore
06f7abc552
Helps to put the rand() wrapper in
2013-09-09 20:26:11 -05:00
HD Moore
baff3577e5
FixRM #8034 Pick a valid certificate expiration
2013-09-09 20:24:52 -05:00
Tod Beardsley
93c0b02b3b
Land #2342 , fix for smb_enumshares Array-ness
2013-09-09 16:55:01 -05:00
James Lee
f73c18ccd9
Store the Array, not human-readable version
...
[SeeRM #8389 ]
2013-09-09 16:44:47 -05:00
Tod Beardsley
aff35a615b
Grammar fixes in descriptions
2013-09-09 15:09:53 -05:00
Tod Beardsley
fd7501d729
Land #2340 , fix ltype on proficy module.
2013-09-09 14:28:38 -05:00
jvazquez-r7
2252aee398
Fix ltype on store_loot
2013-09-09 14:02:28 -05:00
jvazquez-r7
791b6f69c2
Land #2337 , @wchen-r7's exploit for MS13-055
2013-09-09 11:12:03 -05:00
sinn3r
e9e7fe670d
Land #2331 - Change rules on tabbing
2013-09-09 10:35:23 -05:00
sinn3r
0ee0168556
Retabbed
...
One kills a man, one is an assassin; one kills millions, one is a
conqueror; one kills a tab, one is a Metasploit dev.
2013-09-09 10:01:01 -05:00
sinn3r
6ab905e9e0
Less alignment
2013-09-09 09:39:02 -05:00
Tod Beardsley
2d9eb9e89b
Be more explicit about two-space tabs
2013-09-09 09:34:48 -05:00
sinn3r
992bdcf530
Not from the future
2013-09-09 00:36:28 -05:00
sinn3r
ae659507d2
Land #2336 - GE Proficy Cimplicity WebView Directory Traversal
2013-09-08 23:05:57 -05:00
jvazquez-r7
3d48ba5cda
Escape dot on regex
2013-09-08 20:26:20 -05:00
sinn3r
47147444af
Land #2327 HP SiteScope Remote Code Execution
2013-09-08 20:14:27 -05:00
sinn3r
c3db41334b
Add MS13-055 Internet Explorer Use-After-Free Vulnerability
...
In IE8 standards mode, it's possible to cause a use-after-free condition by first
creating an illogical table tree, where a CPhraseElement comes after CTableRow,
with the final node being a sub table element. When the CPhraseElement's outer
content is reset by using either outerText or outerHTML through an event handler,
this triggers a free of its child element (in this case, a CAnchorElement, but
some other objects apply too), but a reference is still kept in function
SRunPointer::SpanQualifier. This function will then pass on the invalid reference
to the next functions, eventually used in mshtml!CElement::Doc when it's trying to
make a call to the object's SecurityContext virtual function at offset +0x70, which
results a crash. An attacker can take advantage of this by first creating an
CAnchorElement object, let it free, and then replace the freed memory with another
fake object. Successfully doing so may allow arbitrary code execution under the
context of the user.
This bug is specific to Internet Explorer 8 only. It was originally discovered by
Orange Tsai at Hitcon 2013, but was silently patched in the July 2013 update, so
no CVE as of now.
2013-09-08 20:02:23 -05:00
jvazquez-r7
02cc53e893
Land #2298 , @dzruyk's DoS aux module for CVE-2013-4124
2013-09-07 16:11:49 -05:00
jvazquez-r7
a40e0ba704
Clean up read_nttrans_ea_list
2013-09-07 16:11:00 -05:00
jvazquez-r7
be9b0da595
Update print message
2013-09-06 16:09:38 -05:00
jvazquez-r7
830bc2ae64
Update OSVDB reference
2013-09-06 13:01:39 -05:00
jvazquez-r7
4e3d4994c3
Update description
2013-09-06 12:58:54 -05:00
jvazquez-r7
45821a505b
Add module for CVE-2013-0653
2013-09-06 12:42:34 -05:00
jvazquez-r7
5e16580c68
Land #2280 , @jvennix-r7's exploit for CVE-2012-5519
2013-09-06 10:22:06 -05:00
jvazquez-r7
ffa600ff8b
Fix really the check method
2013-09-06 10:21:18 -05:00
jvazquez-r7
9b9e1592fd
Retab changes
2013-09-06 10:13:38 -05:00
jvazquez-r7
a64f960bfc
Merge for retab
2013-09-06 10:12:55 -05:00
jvazquez-r7
d9fed860a5
Fix check method
2013-09-06 10:11:06 -05:00
Brandon Turner
83a827095b
Older versions of rake break specs
2013-09-06 09:34:05 -05:00
Brandon Turner
c1e3884e5a
Update active* and other gems
2013-09-06 09:34:05 -05:00
Brandon Turner
35ec21cc97
Update test gems
...
This should not affect core Metasploit Framework as it only updates gems
in the test group (and dependencies of those gems).
2013-09-06 09:34:05 -05:00
Brandon Turner
cf69577433
Remove rpsec should_not raise_error deprecations
...
Checking that a specifc error is not raised is deprecated in rspec:
https://github.com/rspec/rspec-expectations/pull/244
2013-09-06 09:34:05 -05:00
Brandon Turner
4760000bca
Replace mock with double in specs
...
mock is deprecated - https://www.relishapp.com/rspec/rspec-mocks/docs
2013-09-06 09:34:05 -05:00