Commit Graph

33815 Commits (b7f0fad72f0dbb276369bd6f22985eca64d33450)

Author SHA1 Message Date
jvazquez-r7 b7f0fad72f
Modify CVE-2014-0569 to use the flash exploitation code 2015-06-09 11:31:39 -05:00
jvazquez-r7 a39539f8ef
Land #5457, @wchen-r7 updates spark_im to use the new cred API 2015-06-07 20:45:42 -05:00
HD Moore 25aa96cfc1
Land #5456, removes obsolete comment 2015-06-07 14:25:23 -05:00
HD Moore edcd1e3bf9
Land #5504, handle cases where the script may be empty 2015-06-07 14:20:00 -05:00
HD Moore 1f11cd5470
Lands #5446, support for 64-bit native powershell payloads 2015-06-07 14:16:19 -05:00
benpturner 20b605e7cb Remove duplicate exec 2015-06-07 18:11:11 +01:00
RageLtMan 537dc6e218 Update Payload Cached Sizes fails in PSH Script
When attempting to update cached payload sizes which utilize the
Rex::Powershell functionality, the BRE block which appropriates
initial code is called with the 'code' variable being a nil which
results in:

```
lib/rex/powershell/script.rb:40:in `initialize': no implicit
conversion of nil into String (TypeError)
```

This throws a conditional into the File.open call which presents an
empty string instead of a nil. This still results in the rescue
block having to catch the exception, but manages to keep the
payload size updating script happy an retains consistent
behavior.
2015-06-07 11:42:24 -04:00
HD Moore 0557d213c1
Land #5503, fix a stack trace on legacy Windows payloads 2015-06-07 02:01:04 -05:00
RageLtMan a46510465d Fix older Windows payloads to not require UUID
Default Windows payload to not include_send_uuid for compatibility.
2015-06-07 02:58:31 -04:00
wchen-r7 93125a9f9d
Land #5501, check method response_timeout before using 2015-06-06 19:00:32 -05:00
HD Moore bd36908383 Fix #5500 by checking for session.respond_to?(:response_timeout) 2015-06-06 17:07:03 -05:00
William Vu d4ddc53856
Fix #5499, small fix for line clearing 2015-06-06 15:58:45 -05:00
William Vu f761d411c4 Adjust line clearing to cover only the text 2015-06-06 15:58:23 -05:00
William Vu 89e7dc6cf2
Land #5499, polish dem spinners 2015-06-06 15:21:09 -05:00
William Vu df6722ca4e
Land #5496, top 20 keyboard pattern passwords 2015-06-06 15:20:08 -05:00
HD Moore 2942cb165f
Land #5415, changes spaces in PSH shell output 2015-06-06 14:55:33 -05:00
HD Moore fe09d9888e Small rework of the spinners, clear the line when done 2015-06-06 14:30:42 -05:00
jvazquez-r7 dca2607d54
Land #5452, @wchen-r7 Update tortoisesvn to use the new cred API 2015-06-06 01:35:40 -05:00
jvazquez-r7 bf35b9bdf4
Minor fix 2015-06-06 01:35:09 -05:00
Tod Beardsley f29b38b602
Add the top 20 keyboard patterns as passwords
See https://wpengine.com/unmasked/ for lots more, but this
covers the gif at

https://wpengine.com/unmasked/assets/images/commonkeyboardpatterns.gif
2015-06-05 16:46:08 -05:00
jvazquez-r7 c3437dab2a
Land #5451, @wchen-r7 Update filezilla_client_cred to use the new cred API 2015-06-05 16:39:31 -05:00
jvazquez-r7 57b7d10ec5
Land #5449, @wchen-r7 updates total_commander to use the new cred API 2015-06-05 16:28:32 -05:00
Brent Cook 0f4304c2dd
Land #5494, handle short reads from mysql 2015-06-05 12:52:04 -05:00
Brent Cook bb9439e463
land #5487, refactor and fix save function for db_nmap 2015-06-05 12:31:23 -05:00
Brent Cook a3b61dc362
Land #5488, fix job stopping from RPC service 2015-06-05 12:29:26 -05:00
William Vu 15916f0ab0 Backport an upstream fix for a nil header
353d5951da
7c984ea66e
2015-06-05 11:51:40 -05:00
jvazquez-r7 e151e38181
Land #5489, @wchen-r7's flash exploit descriptions update 2015-06-05 09:01:57 -05:00
jvazquez-r7 318f67fcda
update descriptions 2015-06-05 09:01:20 -05:00
wchen-r7 71a8487091 Correct Flash version in the module description
There is no 11.2.202.404, mang.
2015-06-04 23:46:41 -05:00
wchen-r7 935ed415f4
Land #5486, exec code from the renderer process instead of Powershell 2015-06-04 23:32:02 -05:00
wchen-r7 910ae8a480 Fix #5461, actually stop a job from the RPC service
Fix #5461. The RPC service is incorrectly using the wrong method to
stop a job, this patch should fix that.
2015-06-04 23:09:55 -05:00
William Vu c003602993 Remove report_store_local from the spec 2015-06-04 18:54:15 -05:00
William Vu a53a68cfc2 Refactor db_nmap and fix the save option 2015-06-04 18:40:19 -05:00
jvazquez-r7 51d98e1008
Update AS code 2015-06-04 18:34:08 -05:00
jvazquez-r7 02181addc5
Update CVE-2014-0556 2015-06-04 18:23:50 -05:00
OJ 26785b34f1
Land #5483 : Use the correct help output for the ps command 2015-06-05 07:30:15 +10:00
Brent Cook 346ea40d66 fix some alignment, add usage 2015-06-04 16:14:31 -05:00
Brent Cook 06cc759080 Use the correct help output for the ps command
It should not look like this:

```
meterpreter > ps -h
Usage: ps [ options ]

OPTIONS:
 -S       Search string to filter by
 -h 		This help menu
```

It should not not look like this:

```
meterpreter > ps -h
Use the command with no arguments to see all running processes.
The following options can be used to filter those results:

OPTIONS:

    -A <opt>  Filters processes on architecture (x86 or x86_64)
    -S <opt>  String to search for (converts to regex)
    -U <opt>  Filters processes on the user using the supplied RegEx
    -h        Help menu.
    -s        Show only SYSTEM processes
```
2015-06-04 16:06:07 -05:00
root d4f418fe3f Style corrections
See #5480
2015-06-04 15:52:07 -05:00
wchen-r7 23df66bf3a
Land #5481, no powershell. exec shellcode from the renderer process. 2015-06-04 15:45:09 -05:00
Joshua Smith 503f6a125d
Land #4926, add request plugin for http(s) 2015-06-04 13:51:58 -05:00
wchen-r7 7de78c1d69
Land #5447, more info about using the deprecated report_auth_info 2015-06-04 12:37:22 -05:00
wchen-r7 487cc15b0b
Land #5476, multi-platform update for adobe_flash_net_connection_confusion 2015-06-04 12:32:42 -05:00
jvazquez-r7 75454f05c4
Update AS source code 2015-06-04 12:12:49 -05:00
jvazquez-r7 ab68d8429b Add more targets 2015-06-04 12:11:53 -05:00
jvazquez-r7 098f31c1da
Land support for Windows 8.1 2015-06-03 22:46:47 -05:00
jvazquez-r7 80cb70cacf
Add support for Windows 8.1/Firefox 2015-06-03 22:46:04 -05:00
HD Moore 4ee0a1438c
Land #5477, speed improvements to snmp_login 2015-06-03 19:19:13 -05:00
John Sherwood d3c3741478 Use run_host so that we can use THREADS
- The refactor left the module using run_batch even though the
  features of the code that made this desirable were removed (i.e.,
  it was no longer doing one batch per community string).  By now
  switching back to run_host, we can again take advantage of the
  built-in metasploit multithreading capabilities.

- Also, added back in the display of the result.proof field.  This
  aids in identifying false positives (which have a blank response)
  and is functionality worth keeping.
2015-06-03 18:08:38 -04:00
jvazquez-r7 74117a7a52
Allow to execute payload from the flash renderer 2015-06-03 16:33:41 -05:00