Jay Turla
62a611a472
Adding PHP Utility Belt Remote Code Execution
2016-03-01 09:22:25 +08:00
wchen-r7
274b9acb75
rm #push
2016-02-29 18:58:05 -06:00
wchen-r7
f55835cceb
Merge new code changes from mr_me
2016-02-29 18:39:52 -06:00
wchen-r7
638d91197e
Override print_* to always print the IP and port
2016-02-29 16:18:03 -06:00
wchen-r7
54ede19150
Use FileDropper to cleanup
2016-02-29 16:15:50 -06:00
wchen-r7
727a119e5b
Report cred
2016-02-29 16:06:31 -06:00
wchen-r7
4cc690fd8d
Let the user specify username/password
2016-02-29 15:45:33 -06:00
wchen-r7
726c1c8d1e
There is no http_send_command, so I guess the check should not work
2016-02-29 15:43:47 -06:00
William Vu
c5a9d59455
Land #6612 , one final missing change
2016-02-29 15:08:42 -06:00
William Vu
cb0493e5bb
Recreate Msf::Exploit::Remote::Fortinet
...
To match the path, even though it's kinda lame including it just for the
monkeypatch.
2016-02-29 15:04:02 -06:00
net-ninja
a3fa57c8f6
Add CVE-2016-2555: ATutor 2.2.1 SQL Injection Exploit Module
2016-02-29 14:59:26 -06:00
Brent Cook
8c2ce9687a
Land #6620 , fix typo in jtr_linux
2016-02-29 14:58:58 -06:00
Gregory Mikeska
c2f7360a9a
replace deprecated 'ignore' with 'transient'
2016-02-29 14:57:09 -06:00
Brent Cook
d955c6a8f6
style fixes
2016-02-29 14:06:49 -06:00
William Vu
a6a37b3089
Land #6612 , missing commits included
2016-02-29 14:06:21 -06:00
wchen-r7
f5ad1286d2
Fix #6615 , fix typo "format"
...
Fix #6615
2016-02-29 12:44:25 -06:00
William Vu
300fdc87bb
Move Fortinet backdoor to module and library
2016-02-29 12:06:33 -06:00
wchen-r7
2950996cb8
Land #6612 , Add aux module for Fortinet backdoor
2016-02-29 12:02:49 -06:00
William Vu
53d703355f
Move Fortinet backdoor to module and library
2016-02-29 11:57:42 -06:00
wchen-r7
bff4b4d5fc
Fix #6609 and #6587 - Change Content-Length behavior in Rex HTTP
...
This patches changes two things:
1. If a module has a custom Content-Length, it will respect that
instead of forcing its own.
2. If a request does not have anything in the body, the
Content-Length header will not be set.
Fix #6609
Fix #6587
2016-02-29 10:50:21 -06:00
Tim
afc6f6ff74
fix options
2016-02-29 15:21:33 +00:00
Tim
bd6fdbb545
android sqlite_read command
2016-02-29 15:05:57 +00:00
Fernando Arias
cbcd431772
Updated Gemfile.lock
2016-02-26 15:41:39 -06:00
Fernando Arias
c4c5944b25
Merge branch 'staging/rails-upgrade' into staging/MS-888/engines-is-deprecated
...
Conflicts:
Gemfile.lock
metasploit-framework.gemspec
2016-02-26 15:35:34 -06:00
David Maloney
b7ba38a4c6
update mdm version
2016-02-26 14:32:03 -06:00
wchen-r7
53ff3051e1
Land #6531 , NETGEAR ProSafe Network Management System 300 auth'd File Download
2016-02-26 10:53:16 -06:00
wchen-r7
bc050410a6
Allow max traversal depth as an option, and report cred
2016-02-26 10:52:30 -06:00
wchen-r7
7731fbf48f
Land #6530 , NETGEAR ProSafe Network Management System 300 File Upload
2016-02-26 10:39:09 -06:00
Brent Cook
7acba69e37
Land #6577 , add controls for Android ringer
2016-02-26 07:02:49 -06:00
Brent Cook
1427887efe
update payloads
2016-02-26 06:10:02 -06:00
Brent Cook
5899b8afc8
make help show up when things are not specified correctly
2016-02-26 06:09:05 -06:00
Brent Cook
89b0c8a27a
Land #6571 , use intent to unlock Android screens, support <= 4.3
2016-02-26 05:55:35 -06:00
HD Moore
9010dac7bc
Wrap up the current WIP, still not functional
2016-02-26 05:36:40 +00:00
HD Moore
5bf308e720
WIP checkin
2016-02-26 05:36:40 +00:00
wchen-r7
6188da054d
Remove //
2016-02-25 22:20:48 -06:00
Brent Cook
d891e27cdd
Land #6597 , prefer Timeout.timeout since Object#timeout is deprecated
2016-02-25 22:17:49 -06:00
wchen-r7
051506694f
Land #6574 , add Linknat Vos Manager Traversal aux module
2016-02-25 22:02:56 -06:00
William Vu
83fad3e328
Add Fortinet backdoor
2016-02-25 21:29:08 -06:00
Brent Cook
5314dae9ae
Land #6601 , clarify preferred licensing for new code
2016-02-25 20:26:54 -06:00
Brent Cook
a87cf02b50
Land #6524 , fix reverse_http to try binding to LHOST first
2016-02-25 20:25:02 -06:00
wchen-r7
3422bd1646
Land #6374 , Update the Lastpass creds module with new attack vectors
2016-02-25 14:52:51 -06:00
wchen-r7
f3cf5a8a41
Resolve merge conflict with upstream-master
...
Out of date author field
2016-02-25 14:49:53 -06:00
wchen-r7
d14ec657e2
Land #6564 , Add Apache Karaf Command Execution Module
2016-02-25 14:47:40 -06:00
wchen-r7
1d2ec7a239
Rescue OpenSSL::Cipher::CipherError
...
Our current net/ssh library is out of date, so we need to rescue
OpenSSL::Cipher::CipherError.
2016-02-25 14:46:53 -06:00
wchen-r7
2e268a25da
Land #6596 , Apache Karaf Login Utility
2016-02-25 14:39:51 -06:00
wchen-r7
aa7c3f01a8
Update name and description
2016-02-25 14:39:19 -06:00
wchen-r7
7e25c7b87b
Handle OpenSSL::Cipher::CipherError
...
Our current net/ssh is petty outdated, so it is possible not being
able to connect to certain SSH servers.
2016-02-25 14:35:37 -06:00
Dev Mohanty
c4d80a7c16
Merge pull request #1 from wvu-r7/pr/6596
...
Fix some things
2016-02-25 13:57:14 -06:00
James Barnett
17447bea35
Put the code in the wrong block.
2016-02-25 13:39:04 -06:00
James Barnett
2366a7baa8
Use the correct step definition.
2016-02-25 13:26:11 -06:00