ac94f8e861
Refactor bulletproof_ftp creds
2014-06-11 13:04:58 -05:00
943a4285e4
update schema.rb
2014-06-11 10:57:13 -05:00
9593422f9c
Merge branch 'master' into staging/electro-release
2014-06-11 10:23:56 -05:00
4b8961a464
Land #3428 , deprecation warns for payloads
2014-06-11 09:57:07 -05:00
165a65fdb4
Merge pull request #49 from todb-r7/fix-pr3428-deprecated
...
Avoid double-printing with setup and init_ui
2014-06-11 09:28:06 +01:00
8e34b0b4bd
Updated metasploit-credential tag
...
MSP-10004
2014-06-10 19:51:50 -05:00
b379dc014a
Avoid double-printing with setup and init_ui
2014-06-10 13:57:25 -05:00
44540e6d00
Land #3437 , CSS Injection MITM scanner
2014-06-10 13:36:35 -05:00
4aa1fee398
Land #3326 , @FireFart's Heartbleed - server response parsing
2014-06-10 13:27:28 -05:00
9826a57429
Update coreftp.rb
2014-06-10 13:01:19 -05:00
92414d3688
Merge pull request #53 from rapid7/bug/MSP-9994/framework-db-driver
...
Set `framework.db.driver` when connection already established.
2014-06-10 10:49:00 -05:00
9aa2978589
Land jvazquez-r7/metasploit-framework#14 , @todb-r7's fixes
2014-06-10 10:42:34 -05:00
521284253f
Be more clear about the vuln and impact
2014-06-10 10:29:23 -05:00
2c8a99143b
Land #3426 , @Meatballs1's Python v2.3.3 Compatible Command Shell payloads
2014-06-10 09:55:58 -05:00
3ec15b6512
Land #3431 , @bcoles's new targets for efs_easychatserver_username
2014-06-10 09:52:16 -05:00
a554b25855
Use EXITFUNC
2014-06-10 09:51:06 -05:00
2c8c4f238c
Merge pull request #49 from rapid7/feature/MSP-9746/ssh_creds
...
refactor ssh_creds post module
MSP-9746 #land
2014-06-10 09:32:11 -05:00
dcca5802e4
Merge pull request #48 from rapid7/feature/MSP-9745/linux_hashdump
...
refactor linux hashdump post module
MSP-9745 #land
2014-06-10 09:23:31 -05:00
9b55f5143a
Add module for CVE-2014-0224
2014-06-09 17:38:11 -05:00
dc69afebb1
License and Require
2014-06-09 21:41:38 +01:00
2cbbaad6b4
Set drivers and driver when connection already established
...
MSP-9994
3 database commands in msfconsole check for framework.db.driver to be
set, so driver must be set when the connection is already established by
the Rails initialization.
2014-06-09 14:26:59 -05:00
1ee35ec68a
Handle unconnected config in connection_established?
...
MSP-9994
Rescue `ActiveRecord::ConnectionNotEstablished` in
`Msf::DBManager#connection_established?` in addition to
`PG::ConnectionBad` to handle when the connection has been removed.
2014-06-09 14:26:45 -05:00
c7a43ecced
Update Gemfile.lock
...
MSP-9994
2014-06-09 14:24:44 -05:00
e953fcbd97
Land #3436 , @todb-r7's cleanup for dtls_fragment_overflow
2014-06-09 13:47:27 -05:00
8e35f5fa12
username and password flipped
...
we reported the username as the password
and vice versa
2014-06-09 13:45:12 -05:00
4103f2295b
Missing comma
2014-06-09 13:44:46 -05:00
0e14d77dba
Minor fixup on DTLS module
2014-06-09 13:42:30 -05:00
0e611b5d64
Land #3429 , @jhart-r7's auxiliary module for CVE-2014-0195
2014-06-09 13:34:38 -05:00
ed5d83a41b
Add vulnerability discoverer
2014-06-09 13:25:33 -05:00
daf662b3c0
Do minor cleanup
2014-06-09 13:23:56 -05:00
a4e96d8f59
Merge branch 'master' into staging/electro-release
2014-06-09 13:07:22 -05:00
90c63efaeb
refactor ssh_creds post module
...
the sssh_ creds post module now stores
SSH Keys as Metasploit::Credential objects
2014-06-09 11:49:49 -05:00
1f33566033
Land #3432 , @Meatballs1 sap_soap_rfc_brute_login's clean up
2014-06-09 11:39:52 -05:00
b39b41e29f
Land #3371 , @Meatballs1 fix for sap_mgmt_con_getprocessparameter
2014-06-09 11:25:01 -05:00
06e45e8253
Clean up TLS fragment building
2014-06-09 08:39:30 -07:00
482aa2ea08
Merge branch 'master' into staging/electro-release
2014-06-09 10:27:22 -05:00
76b5297d3f
Land #3434 , Fix original psh payload VirtualAlloc call
2014-06-08 17:39:39 +01:00
d868294d5b
MEM_RESERVE too
2014-06-08 17:37:57 +01:00
9d08ebe273
Fix VirtualAlloc call on PSH old template
2014-06-08 11:09:03 -05:00
25ed68af6e
Land #3017 , Windows x86 Shell Hidden Bind
...
A bind shellcode that responds as 'closed' unless the client matches the
AHOST ip.
2014-06-08 13:49:49 +01:00
099003708c
Land #3422 , SAP Bruterforcer datastore cleanup
2014-06-08 08:42:27 +02:00
6bef6edb81
Update efs_easychatserver_username.rb
...
Add targets for versions 2.0 to 3.1.
Add install path detection for junk size calculation.
Add version detection for auto targeting.
2014-06-08 06:36:18 +10:00
a7a1a2bf3b
Move dtls_fragment_overflow.rb under ssl where it belongs
2014-06-07 12:56:34 -07:00
5881f9453f
Merge pull request #5 from Meatballs1/hidden_bind
...
Remove bind hidden handler
2014-06-07 17:43:25 +02:00
2be6b8befe
Remove bind hidden handler
2014-06-07 14:34:20 +01:00
bf1a665259
Land #2657 , Dynamic generation of windows service executable functions
...
Allows a user to specify non service executables as EXE::Template as
long as the file has enough size to store the payload.
2014-06-07 13:28:20 +01:00
897ad6f963
Some service yarddoc
2014-06-07 13:27:32 +01:00
8637a1fff1
OpenSSL DTLS CVE-2014-0195 POC
2014-06-06 19:24:47 -07:00
fe20e6e1c4
Merge remote-tracking branch 'upstream/master' into soap_brute_fix
...
Conflicts:
modules/auxiliary/scanner/sap/sap_soap_rfc_brute_login.rb
2014-06-07 02:44:16 +01:00
8624ddfc3e
Clean up SAP SOAP RFC Brute Login
...
Honour the user supplied settings
Abort a host on connection error
Check a 200 response for some appropriate data
Let datastore validation handle things like options being present
Be more verbose if needed
Use the HTTPClient more appropriately
2014-06-07 02:34:49 +01:00
William Vu
David Maloney
Tod Beardsley
Meatballs1
Samuel Huckins
jvazquez-r7
jvennix-r7
Trevor Rosen
Meatballs
Luke Imhoff
Jon Hart
Christian Mehlmauer
Brendan Coles
Borja Merino