us3r777
ae2cd63391
Refactored Jboss mixin
...
Moved TARGETURI option to the JBoss mixin. The mixin now includes
Msf::Exploit::Remote::HttpClient which provides USERNAME and PASSWORD
2014-07-21 23:41:58 +02:00
us3r777
088f208c7c
Added auxiliary module jboss_bshdeployer
...
The module allows to deploy a WAR (a webshell for instance) using the
BSHDeployer.
Also refactored modules/exploits/multi/http/jboss_bshdeployer.rb to
use the new Mixin (lib/msf/http/jboss).
2014-07-18 11:51:46 +02:00
us3r777
58adc350b5
Refactor: Creation of a JBoss mixin
...
The jboss_bsheployer as is does not allow to deploy a custom WAR file.
It is convenient when ports are blocked to be able to deploy a webshell
instead of just launching a payload. This will require a auxiliary
module which will use the JBoss mixin methods.
2014-07-18 00:56:32 +02:00
Vincent Herbulot
bea660ad4d
Added possibility to upload a custom WAR file
...
Added 2 options, one for uploading a custom WAR file. The other
to specify if you want or not to undeploy the war at the end of
the exploit.
The module as is does not allow to deploy a custom WAR file. It is
convenient when ports are blocked to be able to deploy a webshell
instead of just launching a payload.
2014-07-17 17:13:19 +02:00
William Vu
a07656fec6
Land #3536 , msftidy INFO messages aren't blockers
2014-07-16 17:57:48 -05:00
Tod Beardsley
58558e8dfa
Allow INFO msftidy messages
...
INFO level messages should not block commits or be complained about on
merges. They should merely inform the user.
2014-07-16 15:29:23 -05:00
sinn3r
8733dcb2f8
Land #3531 - Windows 2008 Update for HP AutoPass License
2014-07-16 15:13:05 -05:00
William Vu
0ef1f56163
Land #3479 , this time for real
...
Missed a commit.
2014-07-16 15:06:46 -05:00
William Vu
ff6c8bd5de
Land #3479 , broken sock.get fix
2014-07-16 14:57:32 -05:00
William Vu
b6ded9813a
Remove EOL whitespace
2014-07-16 14:56:34 -05:00
William Vu
25f74b79b8
Land #3484 , bad pack/unpack specifier fix
2014-07-16 14:52:23 -05:00
Meatballs
b95a5ebe12
Land #3535 , Depreciate psh_web_delivery
2014-07-16 19:58:59 +01:00
sinn3r
4fb58202fa
Land #3529 - Handle Rex::AddressInUse exception
2014-07-16 13:57:41 -05:00
Tod Beardsley
5fa639c640
Land #3528 , add Rubocop from @jhart-r7
...
This adds the gem to the :development group in the Gemfile, as well as
wires up msftidy to use it.
2014-07-16 13:45:44 -05:00
Spencer McIntyre
82abe49754
Mark windows/misc/psh_web_delivery as deprecated
2014-07-16 14:02:05 -04:00
Jon Hart
fa472c7752
Merge pull request #2 from todb-r7/rubocop-is-optional
...
Rubocop checks are optional and info only
2014-07-16 09:34:25 -07:00
Tod Beardsley
68980157c8
Just skip if info is suppressed.
2014-07-16 11:20:40 -05:00
Tod Beardsley
81a98081d9
Rubocop checks are optional and info only
...
I like the change but it means that basically everything will fail
forever until we tweak up the config.
2014-07-16 10:26:35 -05:00
Jon Hart
ab73c16d0d
Add Rubocop to msftidy. You now have 15 seconds to comply. You are in direct violation of Penal Code 1.13, Section 9.
2014-07-15 17:11:04 -07:00
Jon Hart
7f860a7cdc
Add more sensible Rubocop defaults for line length. disable top-level class documentation requirement for modules and don't require big numbers like 12737341238 to be separated with _ -- who does that?
2014-07-15 16:58:11 -07:00
jvazquez-r7
6d05a24653
Add target information
2014-07-15 17:45:45 -05:00
sinn3r
f8e47a5c61
Land #3524 - WPTouch fileupload exploit
2014-07-15 16:29:59 -05:00
Spencer McIntyre
e58100fe85
Land #3419 , multi script delivery module by @jakxx
2014-07-15 17:07:51 -04:00
Spencer McIntyre
1a8d73fca8
Minor whitespace and grammar changes
2014-07-15 17:00:28 -04:00
HD Moore
b045e5b14a
Merge pull request #1 from wvu-r7/pr/3479
...
Fix @source and prefer &&
2014-07-15 17:00:13 -04:00
jvazquez-r7
604a612393
Have into account differences between windows default installs
2014-07-15 15:03:07 -05:00
jvazquez-r7
4098979448
Add spec
2014-07-15 13:06:53 -05:00
Jon Hart
73736c70b6
Add Rubocop to the Metasploit project
...
This is a work in progress because the code base is old and the style
varies wildly, however .rubocop.yml can (and should) be tweaked over
time to change standards as we see fit. As it stands right now there
are few (if any) modules that pass Rubocop.
2014-07-15 10:43:08 -07:00
sinn3r
57b1023592
Land #3522 - Multi Gather Dbvis Connections Settings
2014-07-15 11:34:02 -05:00
sinn3r
1d6f088eab
Pass msftidy
2014-07-15 11:31:37 -05:00
jvazquez-r7
09619abe79
Catch AddressInUse when running commands from the meterpreter console
2014-07-15 11:15:10 -05:00
Tod Beardsley
1cac801158
Land #3527 from @wchen-r7, doc update
2014-07-15 10:50:36 -05:00
sinn3r
de4133a83a
Update link for The Metasploit Development Environment
...
The HACKING file still uses the old link, which redirects to this
one, why not just use this one?
2014-07-15 10:16:47 -05:00
David Bloom
526538ecd6
Added dbvis version find and print
2014-07-15 15:04:46 +02:00
David Bloom
97dcc56225
Update dbvis_enum.rb
2014-07-15 14:23:40 +02:00
David Bloom
400b0f4276
parse url to report host in old config
2014-07-15 14:21:09 +02:00
David Bloom
f3d953f829
Old config file update
...
Added functions to parse old and new config files.
2014-07-15 14:00:29 +02:00
David Bloom
ac3d453002
Update dbvis_enum.rb
2014-07-15 12:33:07 +02:00
David Bloom
a53341f520
Added compatibility with dbvis <= 6
...
Checking for "config" folder existence if "config70" is not found.
2014-07-15 12:14:38 +02:00
David Bloom
e66cc003ae
Merge branch 'wchen-r7-pr3522'
...
Changes ok
2014-07-15 09:18:40 +02:00
Christian Mehlmauer
29bb788d96
Better login detection for wordpress
2014-07-15 07:04:14 +02:00
Christian Mehlmauer
c1f612b82a
Use vprint_ instead of print_
2014-07-15 06:58:33 +02:00
OJ
77be5d3e0a
Land #3520 : Update Linux Meterpreter Binaries
...
Includes fixes for the sniffer which stop it breaking on x64 and make
it work with the `any` interface.
[FixRM #6355 ]
2014-07-15 09:27:30 +10:00
James Lee
de22aeba41
Land #3481 , meterpreter bins
2014-07-14 15:57:52 -05:00
sinn3r
cc1ba265cb
Change module name for consistency
2014-07-14 15:49:19 -05:00
sinn3r
4d7bffd713
Change header
2014-07-14 15:45:17 -05:00
sinn3r
5a821cea9d
Account for EOFError condition
2014-07-14 15:27:40 -05:00
sinn3r
89a877031f
I mean "unless", not "if"
2014-07-14 15:24:53 -05:00
sinn3r
bec32a01ab
For for missing an end
2014-07-14 15:17:54 -05:00
sinn3r
cecdcef2e2
+ not preferred
2014-07-14 15:14:54 -05:00