Daniel Miller
db4f31de76
Fix use of URI option for glassfish_login
...
auxiliary/scanner/http/glassfish_login offers URI option to set the path
where Glassfish is installed, but it doesn't work. Replaced it with
TARGETURI and call target_uri.path to get a base path.
2012-08-10 15:44:53 -05:00
James Lee
67cdea1788
Fix load order issues (again)
...
This is getting annoying. Some day we'll have autoload and never have
to deal with this.
2012-08-10 13:52:54 -06:00
HD Moore
9c0703f488
Merge pull request #682 from bonsaiviking/persistence-type
...
Fix handling of PAYLOAD_TYPE in persistence
2012-08-10 11:42:05 -07:00
Daniel Miller
c8b8d7b8db
Fix handling of PAYLOAD_TYPE in persistence
...
post/windows/manage/persistence incorrectly checked the STARTUP option
to set the payload, which meant it was always the default (reverse_tcp).
Changed to check PAYLOAD_TYPE instead, as intended.
2012-08-10 13:34:09 -05:00
James Lee
ce94bc2628
Add posix bins for previous commits
...
This includes 2 bug fixes:
1) Returning a handle with execute
2) Bug in process_channel_read that caused the following to always
return nil or a single byte:
p = client.sys.process.execute("id", "-u", "Channelized"=>true)
p.channel.read
[SeeRM #7005 ][See #681 ]
2012-08-09 18:35:01 -06:00
James Lee
9d2c1e36dd
Store the value, not the comparison
...
Fixes client.sys.process.execute for posix, which previously (since
2010!) would always return nil, or a single byte. This makes sense
considering the value of bytesRead would always be either 0 or 1 because
it was being assigned the result of the comparison instead of the return
value of read().
[Fixes #681 ]
2012-08-09 18:18:45 -06:00
James Lee
c19102c6f1
Return the PID as handle in posix
...
Fixes some TypeError exceptions when attempting most operations on
spawned processes, e.g.:
p = client.sys.process.execute("/bin/sh", nil, "Channelized"=>true)
p.close
# raises TypeError: can't convert nil into Integer
[FIXRM #7005 ]
2012-08-08 15:23:00 -06:00
sinn3r
b4b860f356
Correct MC's name
2012-08-08 14:16:02 -05:00
sinn3r
9473d9f7c4
Merge branch 'osx_keychain' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-osx_keychain
2012-08-08 14:09:22 -05:00
sinn3r
880491c52f
Update description
2012-08-08 14:07:51 -05:00
sinn3r
8a787f8342
typo
2012-08-08 14:04:49 -05:00
sinn3r
0fe385138f
Merge branch 'netdecision_tftp_exploit' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-netdecision_tftp_exploit
2012-08-08 13:44:49 -05:00
sinn3r
5f46a1e239
Based on #676 , with some changes
2012-08-08 12:44:39 -05:00
sinn3r
7cff1365a2
Merge branch 'master' of https://github.com/ipwnstuff/metasploit-framework into osx_keychain
2012-08-08 11:12:07 -05:00
Erran Carey
189a4ffb78
Edited spaceing
2012-08-08 10:40:33 -05:00
jvazquez-r7
8587ff535a
Added exploit module for CVE-2009-1730
2012-08-08 16:28:03 +02:00
jvazquez-r7
d04fdc9382
Added aux module for CVE-2009-1730
2012-08-08 16:26:41 +02:00
Erran Carey
bb588d338b
Add Keychain Enumeration Mac OS X Post Module
...
Based off my `Keyjacker` script this module runs through an account's
keychains and returns internet accounts associated.
Setting the GETPASS option to true will return both many plain text
passwords given that the user allows their system to use the keychain
when prompted.
2012-08-08 03:03:19 -05:00
sinn3r
b46fb260a6
Comply with msftidy
...
*Knock, knock!* Who's there? Me, the msftidy nazi!
2012-08-07 15:59:01 -05:00
sinn3r
7221420267
When it hangs, it's actually the correct behavior, not a failure.
2012-08-07 15:00:08 -05:00
Tod Beardsley
955a5af8cf
Adding OSVDB ref
2012-08-07 12:56:29 -05:00
sinn3r
dc47551a5c
Merge branch 'scrutinizer_add_admin' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-scrutinizer_add_admin
2012-08-07 12:40:04 -05:00
sinn3r
ddcee6fee0
And the war between spaces and tabs goes on....
2012-08-07 12:36:53 -05:00
sinn3r
540f6253ef
Merge branch 'pbot_exec' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-pbot_exec
2012-08-07 12:26:07 -05:00
sinn3r
57c32c9c7b
Slip Plixer's name in there, because it's their product.
2012-08-07 12:20:44 -05:00
jvazquez-r7
fb452d75a3
Added module for pbot RCE
2012-08-07 19:20:32 +02:00
sinn3r
0f37c1704d
Add vendor's name in there fore better searching
2012-08-07 12:17:41 -05:00
sinn3r
f26053c2c3
Add vendor's name in there for easier searching
2012-08-07 12:16:52 -05:00
sinn3r
614ae02a26
Add CVE-2012-2626 Scrutinizer add-user aux mod
2012-08-07 12:13:25 -05:00
sinn3r
747a8aa54a
Merge branch 'scrutinizer_upload' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-scrutinizer_upload
2012-08-07 11:02:40 -05:00
sinn3r
5f4297a68a
I tested it 9.5.2 too
2012-08-07 11:01:08 -05:00
sinn3r
3ba73c4f7f
Fix check() function
2012-08-07 11:00:12 -05:00
Tod Beardsley
1485f74670
Out of 4.4.0, and into 4.5.0-dev
2012-08-07 09:53:01 -05:00
sinn3r
6b4ae94dce
Add CVE-2012-3951 Scrutinizer NetFlow and sFlow Analyzer exploit
...
This uses a default MySQL admin credential to write a php file to
the web directory, extracts our malicious executable, and then
finally execute it. We get SYSTEM.
2012-08-07 03:19:44 -05:00
RageLtMan
1d5af3d825
Alex' patch to Rex::Oui
2012-08-06 21:34:36 -04:00
RageLtMan
a65e3b22ba
Revert "Fix report_note fail @ L77 when vendor MAC is not in OUI list"
...
This reverts commit 4dd0c2e368caf77873302d34ccf6faf7bd882fad.
2012-08-06 21:34:36 -04:00
RageLtMan
061b60e3e1
Fix report_note fail @ L77 when vendor MAC is not in OUI list
2012-08-06 21:34:36 -04:00
jvazquez-r7
44dd8b0cc5
Merge branch 'update_juan_author' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-update_juan_author
2012-08-06 19:04:26 +02:00
jvazquez-r7
c2cc4b3b15
juan author name updated
2012-08-06 18:59:16 +02:00
sinn3r
349c841f6b
Blah, OSVDB ref shouldn't be a link
2012-08-06 11:57:59 -05:00
sinn3r
e31e7e8afe
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-08-06 11:56:06 -05:00
sinn3r
647b587f75
Merge branch 'Meatballs1-uplay'
2012-08-06 11:54:51 -05:00
sinn3r
69ff9e7c1c
Lots of changes before commit.
2012-08-06 11:54:08 -05:00
sinn3r
25b2b2de68
Merge branch 'uplay' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-uplay
2012-08-06 11:33:27 -05:00
Tod Beardsley
58ce6fbac4
Adding author info for juan
2012-08-06 08:55:54 -05:00
sinn3r
99d3ee6fc4
Merge branch 'webpagetest_traversal' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-webpagetest_traversal
2012-08-06 03:15:16 -05:00
sinn3r
13aca3fe4c
Merge branch 'oracle_autovue_setmarkupmode' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-oracle_autovue_setmarkupmode
2012-08-06 03:13:27 -05:00
sinn3r
f1e7ef06cc
Add webpagetest dir traversal module
...
How did I forget this while writing the exploit?
2012-08-06 03:11:07 -05:00
HD Moore
b3d32edcc8
Merge pull request #667 from swtornio/ref-updates
...
Ref updates
2012-08-05 18:19:40 -07:00
Steve Tornio
54ed27c1b3
add osvdb ref
2012-08-05 09:02:54 -05:00