Raphael Mudge
3fae5ada9f
Armitage 12.30.11 - This release improves performance for Armitage's collaboration mode, rewrites the MSF Scans feature,
...
and adds a drag'n'drop feature to launch a module against a particular host.
2011-12-30 03:14:43 -05:00
HD Moore
409970ec36
Merge pull request #88 from andurin/small_fixes
...
RPC Client exception handling
2011-12-29 22:13:35 -08:00
andurin
898df592be
Fix2 rpc exception handling
...
HD suggested a small tweak to use error_code OR res.code for the raise
2011-12-30 07:05:26 +01:00
andurin
7b4de2380f
Small fix: RPC client exception handling
...
IMHO rpc client should transform the error code from Msf::RPC::Exception
into it's own Msf::RPC::ServerException and should not take the msgpack
response code.
In deep:
I ran into a '401 invalid auth token' after a token timeout (300s).
RPC Daemon raised a 401 - invalid auth token as expected but rpc client
transformed it to a '200 - invalid auth token' using the successful http
transaction to transport the exception.
2011-12-30 05:44:26 +01:00
Tod Beardsley
bc22b7de99
MSFConsole should display hostless loot, also typo fix.
...
Fixes the console to display loot not associated with a host, as when
the CorpWatch modules save loot. Also fixes a typo on
corpwatch_lookup_id.rb
Fixes #6177
2011-12-29 15:11:15 -06:00
Tod Beardsley
78da15ed15
Always check for the current workspace when calling Report#myworkspace().
...
Fixes #6175
2011-12-29 13:48:05 -06:00
sinn3r
b202c29153
Correct e-mail format
2011-12-29 11:27:10 -06:00
sinn3r
d484e18300
Add e-mail for tecr0c
2011-12-29 11:14:15 -06:00
sinn3r
9972f42953
Add e-mail for mr_me for consistency
2011-12-29 11:01:38 -06:00
sinn3r
b5b2c57b9f
Correct e-mail format
2011-12-29 10:57:00 -06:00
sinn3r
a330a5c63a
Add e-mail for Brandon
2011-12-29 10:53:39 -06:00
sinn3r
9b154972cf
Merge branch 'master' of https://github.com/swtornio/metasploit-framework into swtornio-master
2011-12-29 09:36:15 -06:00
Tod Beardsley
4d8aea4ef8
Missed a session.options.
2011-12-29 08:59:16 -06:00
Steve Tornio
778d396bc6
add osvdb ref
2011-12-29 07:54:15 -06:00
Steve Tornio
6d72dbb609
add osvdb ref
2011-12-29 07:54:01 -06:00
Steve Tornio
a00dad32fe
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
2011-12-29 07:50:33 -06:00
Steve Tornio
27d1601028
add osvdb ref
2011-12-29 07:49:16 -06:00
chao-mu
ebe461cce7
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
2011-12-28 20:14:01 -05:00
chao-mu
0054fb5167
using select! instead of delete_if to avoid double negatives...
2011-12-28 20:05:54 -05:00
Tod Beardsley
84dfd46006
Merge pull request #83 from dirtyfilthy/rename_ssh_forward_options_var
...
rename non existent local variable 'options' to correct session.options
2011-12-28 13:52:28 -08:00
Brandon Perry
c88b582f97
Add CorpWatch Name lookup module by bperry
2011-12-28 15:43:21 -06:00
Brandon Perry
d896f128e5
Add CorpWatch ID Lookup module by bperry
2011-12-28 15:41:28 -06:00
Tod Beardsley
dc1b9570b8
Grammar and spelling on splunk and oracle exploits
2011-12-28 13:44:44 -06:00
Tod Beardsley
65b4cb3a40
Merge branch 'master' of github_r7:rapid7/metasploit-framework
2011-12-28 13:43:16 -06:00
Tod Beardsley
0e3370f1fe
Grammar and spelling on splunk and oracle exploits
2011-12-28 13:42:56 -06:00
David Maloney
5a860f45ef
Fixed typo in validation routine
2011-12-28 12:10:38 -06:00
David Maloney
3bb2b5b7fd
Fixed typo in validation routine
2011-12-28 09:40:36 -08:00
David Maloney
9e1e87508f
Fix to boundary validation for when no db is present
...
Fixes #6171
2011-12-28 08:47:22 -08:00
HD Moore
5dc647a125
Make it clear that this exploit is for RHEL 3 (White Box 3 uses the same
...
packages)
2011-12-28 02:02:03 -06:00
HD Moore
5d67bd2a5e
Phew. Exhaustive test of all i386 FreeBSD versions complete
2011-12-28 01:38:55 -06:00
HD Moore
1ff0cb2eef
More testing - looks like 5.5 is not exploitable, at least not the same
...
way
2011-12-28 01:30:25 -06:00
HD Moore
e071944a1a
Allow ff in payloads but double them back up
2011-12-28 00:04:24 -06:00
HD Moore
edb9843ef9
Add Linux exploit with one sample target (Whitebox Linux 3)
2011-12-28 00:00:10 -06:00
chao-mu
5560c6b17e
Moved and adapted code relating to looking up constant names by constant value
2011-12-28 00:40:08 -05:00
HD Moore
79103074cb
Add credit for Dan's advice
2011-12-27 23:39:02 -06:00
HD Moore
f9224d6010
Adds basic coverage for CVE-2011-4862. Ported from Jaime Penalba
...
Estebanez's code, mostly written by Brandon Perry, exploit method (jmp
edx) by Dan Rosenberg, and general mangling/targets by hdm.
2011-12-27 23:37:30 -06:00
chao-mu
ffcf5af9b0
Merge remote branch 'upstream/master'
2011-12-27 22:06:51 -05:00
HD Moore
2ad5c56d48
Typo in comment
2011-12-27 19:11:09 -06:00
HD Moore
617f3250cf
Handle patched systems accurately (requires actually triggering the bug)
2011-12-27 19:04:34 -06:00
HD Moore
f8e3119215
Add references
2011-12-27 17:50:06 -06:00
David Maloney
a2760b219d
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-12-27 11:34:36 -08:00
David Maloney
9b995bc0a5
Adds boundary validation to the framework
...
enforces boudnary checking on netbios probes
2011-12-27 11:33:52 -08:00
Jonathan Cran
b409560088
bring up to date with master
2011-12-27 11:33:08 -06:00
sinn3r
101eba6aa5
Add CVE-2011-3587 Plone/Zope Remote CMD Injection (Feature #6151 )
2011-12-27 00:59:26 -06:00
James Lee
80603e03cb
grab the appropriate shell from mult-platform meterpreters and use /bin/sh instead of /bin/bash for linux to improve compatibility, fixes #5996
2011-12-26 14:41:24 -07:00
David Maloney
05f3af1e77
Fixed typo in the windows autlogin post module
2011-12-26 11:17:17 -08:00
alhazred
39b365702f
rename non existent local variable 'options' to correct session.options
2011-12-26 21:40:46 +13:00
sinn3r
a00937b4d8
Fix typo.
2011-12-24 15:32:08 -06:00
sinn3r
87cf4cefea
Fix bug #6164
2011-12-24 15:26:20 -06:00
sinn3r
062f661991
Fix bug #6161 - Must explicitly convert e to e.to_s
2011-12-24 15:11:26 -06:00