Commit Graph

13621 Commits (b55f425ec0d332796edf9df2f0b133d9c38fcb22)

Author SHA1 Message Date
jvazquez-r7 eb9d2f130c Change title 2014-07-11 12:03:09 -05:00
jvazquez-r7 a356a0e818 Code cleanup 2014-07-11 12:00:31 -05:00
jvazquez-r7 6fd1ff6870 Merge master 2014-07-11 11:40:39 -05:00
jvazquez-r7 d637171ac0 Change module filename 2014-07-11 11:39:32 -05:00
jvazquez-r7 c55117d455 Some cleanup 2014-07-11 11:39:01 -05:00
jvazquez-r7 a7a700c70d
Land #3502, @m-1-k-3's DLink devices HNAP Buffer Overflow CVE-2014-3936 2014-07-11 11:25:03 -05:00
jvazquez-r7 b9cda5110c Add target info to message 2014-07-11 11:24:33 -05:00
jvazquez-r7 dea68c66f4 Update title and description 2014-07-11 10:38:53 -05:00
jvazquez-r7 f238c2a93f change module filename 2014-07-11 10:30:50 -05:00
jvazquez-r7 f7d60bebdc Do clean up 2014-07-11 10:28:31 -05:00
William Vu 43f41de124
Land #3508, CVE-2014-4671 Flash JSONP disclosure 2014-07-11 10:11:48 -05:00
jvazquez-r7 8f3197c192
Land #3496, @m-1-k-3's switch to CmdStager on dlink_upnp_exec_noauth 2014-07-11 09:50:57 -05:00
jvazquez-r7 4ea2daa96a Minor cleanup 2014-07-11 09:50:22 -05:00
jvazquez-r7 51cfa168b1 Fix deprecation information 2014-07-11 09:47:30 -05:00
jvazquez-r7 46f5282fd3
Land #3455, @m-1-k-3's exploit for DLink UPNP M-Search Command Injection 2014-07-11 09:39:05 -05:00
jvazquez-r7 611b8a1b6d Modify title and ranking 2014-07-11 09:35:21 -05:00
jvazquez-r7 a9b92ee581 Change module filename 2014-07-11 09:17:56 -05:00
jvazquez-r7 36c6e74221 Do minor fixes 2014-07-11 09:17:34 -05:00
joev b8225ae2dc
Remove unnecessary ||= and ivars. 2014-07-10 16:06:28 -05:00
joev e0389dfbc3
Update code as per @wvu's code review. 2014-07-10 15:03:40 -05:00
Michael Messner 109201a5da little auto detect fix 2014-07-10 20:45:49 +02:00
Michael Messner 781149f13f little auto detect fix 2014-07-10 20:40:39 +02:00
joev dd439066ca
Patch rhost to display hostname of JSONP_URL. 2014-07-10 12:02:22 -05:00
Tod Beardsley bcec2df0a4
Fix Meterpreter PHP hop description 2014-07-10 11:35:48 -05:00
joev 841cb6a590
STEAL_URL -> STEAL_URLS. 2014-07-10 09:14:32 -05:00
joev fad30bc874
Add flash rosetta exploit module for stealing URLs. 2014-07-10 09:09:10 -05:00
Tod Beardsley 038d1e210a
Merge upstream/master to deconflict.
Conflicts:
	Gemfile.lock
2014-07-09 17:43:42 -05:00
Michael Messner f068006f05 auto target 2014-07-09 21:53:11 +02:00
Michael Messner 6a765ae3b0 small cleanup 2014-07-09 21:16:29 +02:00
Michael Messner 0674314c74 auto target included 2014-07-09 20:56:04 +02:00
Michael Messner b4812c1b7d auto target included 2014-07-09 20:53:24 +02:00
jvazquez-r7 42823fe15e Test download_exec with linux meterpreter 2014-07-09 09:41:10 -05:00
jvazquez-r7 f4c6505351 Test mount_cifs_creds on linux meterpreter 2014-07-09 09:20:30 -05:00
jvazquez-r7 14b218dce5 Make hashdump compatible with meterpreter 2014-07-09 08:48:20 -05:00
jvazquez-r7 73fdc06d1d Fix enum_xchat to work with meterpreter 2014-07-09 08:37:17 -05:00
jvazquez-r7 b47650580a Fix bugs 2014-07-08 16:51:39 -05:00
jvazquez-r7 a364172978 Add meterpreter as session type 2014-07-08 16:25:50 -05:00
jvazquez-r7 c25c5f6806 Make linux gather post modules compatible with meterpreter 2014-07-08 16:23:57 -05:00
Michael Messner f89f47c4d0 dlink_dspw215_info_cgi_rop 2014-07-08 22:29:57 +02:00
Michael Messner 6fbd6bb4a0 stager 2014-07-08 22:17:02 +02:00
Michael Messner ac727dae89 dlink_dsp_w215_hnap_exploit 2014-07-08 22:13:13 +02:00
Michael Messner 579ce0a858 cleanup 2014-07-08 21:58:15 +02:00
Michael Messner 51001f9cb3 Merge branch 'master' of git://github.com/rapid7/metasploit-framework into dlink_upnp_msearch_command_injection 2014-07-08 21:39:53 +02:00
Michael Messner 84d6d56e15 cleanup, deprecated 2014-07-08 21:36:07 +02:00
Michael Messner 10bcef0c33 cleanup, deprecated 2014-07-08 21:34:28 +02:00
Tod Beardsley 9fef2ca0f3
Description/whitespace changes (minor)
Four modules updated for the weekly release with minor cosmetic fixes.

- [ ] See all affected modules still load.
- [ ] See all affected modules have expected `info`
2014-07-07 12:39:05 -05:00
jvazquez-r7 cd6b83858b
Add new Yokogawa SCADA exploit 2014-07-07 11:20:49 -05:00
HD Moore 6f433db609
Minor typo fix 2014-07-06 23:44:17 -05:00
HD Moore 3ef35f19dc Prefer strip over chomp 2014-07-06 23:17:09 -05:00
HD Moore d76081bcef Prefer strip over chomp 2014-07-06 23:16:56 -05:00
HD Moore ab7848a895
Merge master for testing of #2809 2014-07-06 22:27:58 -05:00
Michael Messner e7ade9f84d migrate from wget to echo mechanism 2014-07-06 21:45:53 +02:00
Christian Mehlmauer d5843f8eaf
Updated Mailpoet exploit to work with another version 2014-07-06 10:53:40 +02:00
William Vu cf5d29c53b
Add EOF newline to satisfy msftidy 2014-07-05 13:51:12 -05:00
HD Moore 6d9bf83ded Small fixes for the recent WP MailPoet module
Correct casing in the title
Anchor the use of ::File
Force body.to_s since it can be nil in corner cases
2014-07-05 13:17:23 -05:00
jvazquez-r7 98a82bd145
Land #3486, @brandonprry's exploit for CVE-2014-4511 gitlist RCE 2014-07-04 16:41:04 -05:00
jvazquez-r7 59881323b9 Clean code 2014-07-04 16:40:16 -05:00
Brandon Perry a33a6dc79d add bash to requiredcmd 2014-07-03 16:52:52 -05:00
Brandon Perry 806f26424c && not and 2014-07-03 16:50:21 -05:00
Brandon Perry 6fb2fc85a0 address @jvasquez-r7 review points 2014-07-03 16:43:01 -05:00
jvazquez-r7 2efa3d6bc0
Land #3487, @FireFart's exploit for WordPress MailPoet file upload 2014-07-03 14:34:58 -05:00
sinn3r f1b7a9f421
Land #3488 - loot storage into the enum_services post module 2014-07-03 14:18:16 -05:00
sinn3r 79c433e7ea
Land #3480 - Oracle Event Processing FileUploadServlet Arbitrary File Upload 2014-07-03 14:09:12 -05:00
sinn3r c207d14d1f Update description 2014-07-03 14:08:31 -05:00
jvazquez-r7 97a6b298a8 Use print_warning 2014-07-03 13:38:20 -05:00
Christian Mehlmauer dcba357ec3
implement feedback 2014-07-03 20:27:08 +02:00
sinn3r 2c999d3099 Better describe the problem 2014-07-03 13:06:19 -05:00
sinn3r 9aa3c75234 Do something for the shut-everything-up event handling practice 2014-07-03 13:04:56 -05:00
sinn3r 8a513058f6 Fix comments 2014-07-03 12:59:10 -05:00
sinn3r ebeb9880a6 Favor "unless" over "if" for negative conditions
Please refer to https://github.com/bbatsov/ruby-style-guide
2014-07-03 12:55:13 -05:00
sinn3r 1d828a951f string interpolation is preferred over concatenation
Please refer to https://github.com/bbatsov/ruby-style-guide
2014-07-03 12:46:56 -05:00
sinn3r b781b87d74 Avoid unnecessary "if not" 2014-07-03 12:44:17 -05:00
Brandon Perry 86a31b1896 Update gitlist_exec.rb 2014-07-03 12:40:37 -05:00
Christian Mehlmauer aeb4fff796
Added FileDropper 2014-07-03 19:25:31 +02:00
jvazquez-r7 51695c4932
Land #2484, @zeroSteiner's refactoring for CmdStager 2014-07-03 11:33:46 -05:00
Christian Mehlmauer b15297eee0
Land #3490, @Meatballs1 tns listener verbose output 2014-07-03 16:20:38 +02:00
jvazquez-r7 5e0211016d Merge to solve conflicts 2014-07-03 09:16:04 -05:00
Christian Mehlmauer 071f236946
Changed check method 2014-07-02 22:31:02 +02:00
Christian Mehlmauer a58ff816c5
Changed check method 2014-07-02 22:29:00 +02:00
sinn3r 90df0f1bb5
Land #3489 - Add verbosity to Jenkins Enum 2014-07-02 14:40:25 -05:00
sinn3r ecba95644d
Land #3473 - skype post module to extract password hash 2014-07-02 14:34:10 -05:00
Michael Messner e5b441314c removed wrong edit ... 2014-07-02 21:33:49 +02:00
Michael Messner 8f55af5f9d UPnP check included 2014-07-02 21:28:39 +02:00
Michael Messner ac2e84bfd6 check included 2014-07-02 21:24:50 +02:00
Rob Fuller c6675a2900 Add verbosity to Jenkins Enum 2014-07-02 13:25:18 -04:00
Your Name 9981a60b27 Add loot storage into the enum_service post module 2014-07-02 17:56:16 +01:00
Your Name 83abf4b523 Add loot storage into the enum_service post module 2014-07-02 17:48:48 +01:00
Christian Mehlmauer 40175d3526
added check method 2014-07-02 11:07:58 +02:00
Christian Mehlmauer 54a28a103c
Updated description 2014-07-02 10:49:28 +02:00
Christian Mehlmauer 1ff549f9c1
Replaced Tab 2014-07-02 10:35:30 +02:00
Christian Mehlmauer 09131fec28
Added wysija file upload exploit 2014-07-02 10:24:27 +02:00
jakxx a735fd3c59 Update web_delivery.rb 2014-07-01 16:52:18 -04:00
sinn3r 21f6e7bf6c Change description 2014-07-01 10:44:21 -05:00
sinn3r 449fde5e7c Description update 2014-07-01 10:26:52 -05:00
sinn3r c43006f820 Update cogent module description, fix msftidy warnings 2014-07-01 10:06:33 -05:00
Rob Fuller d341fc20a8 switch to use file? instead of stat 2014-07-01 00:58:17 -04:00
Brandon Perry db6524106e one more typo, last one I swear 2014-06-30 22:33:19 -05:00
Brandon Perry d7dfa67e94 typo 2014-06-30 20:15:25 -05:00
Brandon Perry acedf5e847 Update gitlist_exec.rb
Fix EDB ref and no twitter handles.
2014-06-30 20:12:08 -05:00
Brandon Perry ecc1b08994 Create gitlist_exec.rb
This adds a metasploit module for CVE-2014-4511
2014-06-30 20:10:24 -05:00