af174639cd
Land #2468 - Hwnd Broadcast Performance
2013-10-22 17:03:02 -05:00
079c82d11d
Land #2565 - Show full path in msftidy
2013-10-22 16:05:56 -05:00
2e8c369c69
Land #2559 - remove content-length
2013-10-22 16:03:42 -05:00
ee95ca5e2b
Land #2158 - Fix NoMethodError undefined method `split' for nil:NilClass
2013-10-22 16:01:27 -05:00
dc0d9ae21d
Land #2560 , ZDI references
...
[FixRM #8513 ]
2013-10-22 15:58:21 -05:00
e1c4aef805
Land #1789 - Windows SSO Post Module
2013-10-22 15:48:15 -05:00
ba1edc6fa8
Land #2402 - Windows Management Instrumentation Local -> Peers
2013-10-22 15:39:32 -05:00
6989f16661
Land #2548 , @titanous's aux module for CVE-2013-4450
2013-10-22 15:02:54 -05:00
bdf07456ba
Last cleanup for nodejs_pipelining
2013-10-22 15:00:58 -05:00
33c3167362
Show full path instead of just the basename
...
Since @todb-r7 and I hate having to use find. :/
2013-10-22 14:54:54 -05:00
db447b65f9
Add exploit for Node.js HTTP Pipelining DoS
2013-10-22 15:12:14 -04:00
11b2719ccc
Change module plate
2013-10-22 12:36:58 -05:00
df42dfe863
Land #2536 , @ddouhine's exploit for ZDI-11-061
2013-10-22 12:35:40 -05:00
c34155b8be
Clean replication_manager_exec
2013-10-22 12:34:35 -05:00
dc19aa0340
Land #2500 , msfupdate/msfconsole SVN purge
...
Tested a reasonable set of platforms, all looks good.
2013-10-22 12:28:20 -05:00
7c6c0ee450
Land #2563 - Fix misleading statement in Outlook post module
2013-10-22 12:16:42 -05:00
e447aff0ec
Fix misleading statement in Outlook post module
...
Since this module doesn't retrieve domain exchange information as it isn't stored there it shouldn't say that Outlook isn't installed at all.
2013-10-22 11:53:15 -04:00
72f3d4f86c
Land #2496 - Added ability to generate multiple payloads
...
Thx Dave!
2013-10-22 01:42:03 -05:00
71fab72e06
Delete duplicate content-length from axis2_deployer
2013-10-21 15:35:51 -05:00
36a7d02001
Update msftidy to check new ZDI reference
2013-10-21 15:31:37 -05:00
2aed8a3aea
Update modules to use new ZDI reference
2013-10-21 15:13:46 -05:00
9258d79978
Add ZDI references to reference.rb
2013-10-21 15:13:46 -05:00
10a4ff41de
Delete Content-Length duplicate header
2013-10-21 15:11:37 -05:00
b72b13322b
Empty test commit for #2500
...
Just dropping a marker here so I can see that msfupdate actually hits
this after applying #2500 .
2013-10-21 15:05:24 -05:00
57e39c2b2c
Land #2498 - multiple payload capabilities
2013-10-21 14:51:24 -05:00
03adb48d48
Resolve NoMethodError undefined method `empty?' for nil:NilClass
...
blank? should fix this.
2013-10-21 14:50:25 -05:00
824dd84982
Merge remote-tracking branch 'upstream/pr/2500' into temp
2013-10-21 14:26:05 -05:00
1599d1171d
Land #2558 - Release fixes
2013-10-21 13:48:11 -05:00
c1954c458c
Just warn, don't bail
...
Even if the OS detection returns non-Win7, maybe it's Win 8 or something
where it'll still work. We rarely bail out on checks like these.
If I'm crazy, feel free to skip or revert this commit (it shouldn't hold
up the release at all)
For details on this module, see #2503 . I don't see any comments about
this line in particular
2013-10-21 13:39:45 -05:00
bce8d9a90f
Update license comments with resplat.
2013-10-21 13:36:15 -05:00
c070108da6
Release-related updates
...
* Lua is not an acronym
* Adds an OSVDB ref
* credit @jvazquez-r7, not HD, for the Windows CMD thing
2013-10-21 13:33:00 -05:00
4c14595525
Land #2535 - Use %PATH% for notepad
2013-10-21 13:14:44 -05:00
032da9be10
Land #2426 - make use of Msf::Config.data_directory
2013-10-21 13:07:33 -05:00
0255f92e60
Land #2556 , msfcli rspec failures fix for #2505
2013-10-21 12:52:05 -05:00
e7d3206dc9
Revert "Land #2505" to resolve new rspec fails
...
This reverts commit 717dfefead6430fa3354
2013-10-21 12:47:57 -05:00
c929fbd7f4
Land #2555 - Retry shell without thread impersonation
2013-10-21 12:25:15 -05:00
cacaf40276
Land #2542 - D-Link DIR-605L Captcha Handling Buffer Overflow
2013-10-21 12:03:07 -05:00
9bfd98b001
Change plate
2013-10-21 11:54:42 -05:00
717dfefead
Land #2505 , missing source fix for sock_sendpage
2013-10-21 11:47:55 -05:00
6430fa3354
Land #2539 - Support Windows CMD generic payload
...
This also upgrades auxiliary/admin/scada/igss_exec_17 to an exploit
2013-10-21 11:26:13 -05:00
45d06dd28d
Change plate
2013-10-21 11:24:30 -05:00
0670020701
Land #2553 - HP Intelligent Management BIMS DownloadServlet Directory Traversal
2013-10-21 11:20:16 -05:00
61aff635b1
Land #2547 , typo fix for Meterpreter screenspy
2013-10-21 11:15:42 -05:00
8c05f8cf51
Land #2550 - Add HP Intelligent Managemetn UploadServlet dir traversal
2013-10-21 11:14:22 -05:00
d22e4ac2f1
Check timeout condition
2013-10-21 11:13:48 -05:00
36dace26fa
Land #2538 - Fix redirect URLs
2013-10-21 11:08:03 -05:00
4591d34436
Merge pull request #3 from jvazquez-r7/pr_2536
...
Add the ARCH_CMD target
2013-10-21 06:32:09 -07:00
cf65f59a28
Retry shell without thread impersonation
...
In certain scenarios on Windows XP there are times when creating a
shell fails with the error `ERROR_PRIVILEGE_NOT_HELD`. When this
happens the user will usuall fallback to a non-impersonated shell
via the command: `execute -f cmd.exe -H -i -c`
This patch catches the error, warns the use of the failure and then retries
to create the interactive shell without the `-t` flag.
2013-10-21 15:29:19 +10:00
183116c81f
Make module work, and final cleanup
2013-10-20 18:39:41 -05:00
27078eb5a6
Add support for HP imc /BIMS 5.1
2013-10-20 18:18:34 -05:00
sinn3r
Tod Beardsley
jvazquez-r7
William Vu
Jonathan Rudenberg
Rob Fuller
ddouhine
OJ