Commit Graph

19991 Commits (b9360b9de6f1c4fd1311022244fec07112d03035)

Author SHA1 Message Date
jvazquez-r7 b9360b9de6 Land #2286, @wchen-r7's patch for undefined method errors 2013-08-26 20:46:05 -05:00
William Vu 8e9bcb4cc2 Land #2287, @frank2's updated contact info 2013-08-26 17:18:06 -06:00
violet 4cbdf38377 updated contact info
MASTER OF DISASTER

ULTRA LASER

:::::::-.  :::::::..        :::::::-.      ...         ...     .        :
 ;;,   `';,;;;;``;;;;        ;;,   `';, .;;;;;;;.   .;;;;;;;.  ;;,.    ;;;
 `[[     [[ [[[,/[[['        `[[     [[,[[     \[[,,[[     \[[,[[[[, ,[[[[,
  $$,    $$ $$$$$$c           $$,    $$$$$,     $$$$$$,     $$$$$$$$$$$"$$$
  888_,o8P' 888b "88bo,d8b    888_,o8P'"888,_ _,88P"888,_ _,88P888 Y88" 888o
  MMMMP"`   MMMM   "W" YMP    MMMMP"`    "YMMMMMP"   "YMMMMMP" MMM  M'  "MMM
2013-08-26 16:14:49 -07:00
sinn3r 85ed9167f2 Print target endpoint
If a module consistently print the target endpoint in all its print
functions, then we'll follow that.
2013-08-26 17:51:43 -05:00
sinn3r 9f8051161f Properly implement normalize_uri 2013-08-26 17:18:00 -05:00
sinn3r 7fad26968c More fix to jboss_seam_exec 2013-08-26 17:16:15 -05:00
lsanchez-r7 007b3de06d Merge pull request #2271 from bturner-r7/bug/db-leaks
Land #2271, Fix database connection leaks
2013-08-26 14:39:11 -07:00
jvazquez-r7 c660279963 Land #2259, @wchen-r7's patch for [SeeRM #8319] 2013-08-26 16:36:45 -05:00
jvazquez-r7 a58750fbbb Land #2266, @wchen-r7's patch forn [SeeRM #8345] and [SeeRM #8344] 2013-08-26 16:14:50 -05:00
Tod Beardsley 6b15a079ea Update for grammar in descriptions on new modules. 2013-08-26 14:52:51 -05:00
Tod Beardsley 5b4890f5b9 Fix caps on typo3_winstaller module 2013-08-26 14:47:42 -05:00
sinn3r 3769da2722 Better fixes 2013-08-26 14:02:45 -05:00
sinn3r 6b8feaff8c Type conversion 2013-08-26 13:56:11 -05:00
sinn3r 8c7f4b3e1f Avoid using inline rescue 2013-08-26 13:54:06 -05:00
jvazquez-r7 252f48aeee Land #2272, @jvennix-r7's exploit for CVE-2013-1775 2013-08-26 13:21:58 -05:00
jvazquez-r7 0baaf989fb Delete on_new_session cleanup, as discusses with @jlee-r7 2013-08-26 13:20:43 -05:00
dmaloney-r7 355c311fc8 Merge pull request #2277 from Meatballs1/service_exes
Looks good. Surprised we didn't have this before.

I also agree with the sentiment about refactor. I think we should get all these changes in and deconflicted, then we can look towards cleanup/refactor. or we'll end up down a rabbit-hole.
2013-08-25 10:24:46 -07:00
Joe Vennix bf89c956c4 Just the one file, please 2013-08-24 14:53:51 -05:00
Joe Vennix 757886bece Remove some extra wip files. 2013-08-24 14:52:52 -05:00
Joe Vennix 29320f5b7f Fix vn refs. Add juan as an @author. 2013-08-24 13:07:35 -05:00
jvennix-r7 90d2dab69b Merge pull request #5 from jvazquez-r7/work_osx
Add references
2013-08-24 10:14:46 -07:00
jvazquez-r7 5b812b0c22 Add references 2013-08-24 12:12:21 -05:00
jvennix-r7 546397e66f Merge pull request #4 from jvazquez-r7/work_osx
Beautify module
2013-08-24 10:12:20 -07:00
jvazquez-r7 b4ad8c8867 Beautify module 2013-08-24 12:08:38 -05:00
Joe Vennix 0e116730a1 Polishing module. Tested on 10.8, 10.8.2, and 10.8.4. 2013-08-24 12:01:38 -05:00
jvennix-r7 d44a33c04e Merge pull request #3 from jvazquez-r7/work_osx
Merge in juan's improvements to module
2013-08-24 09:44:09 -07:00
jvazquez-r7 b13d357000 Add ranking 2013-08-24 11:35:35 -05:00
jvazquez-r7 3ce23ffb49 Make a test before running the payload 2013-08-24 11:20:47 -05:00
jvazquez-r7 ab293d2ad9 Make msftidy happy 2013-08-24 10:51:19 -05:00
jvazquez-r7 480794a9ab Make small fixes 2013-08-24 10:40:08 -05:00
jvazquez-r7 832fa8838b Change the command to launch after background the payload job 2013-08-24 09:57:33 -05:00
jvazquez-r7 4532474309 Allow cleanup from the new session 2013-08-24 09:47:40 -05:00
Meatballs 9786f84a6e Service exes 2013-08-24 03:45:07 +01:00
Meatballs 9ea17ef1e1 Merge upstream 2013-08-24 03:34:02 +01:00
Meatballs 3fae6c51c8 Initial exe-service 2013-08-24 03:28:47 +01:00
Joe Vennix 3cdc6abec6 Clean up some code, get CMD working. 2013-08-23 20:19:21 -05:00
Joe Vennix 140d8ae42f Need to set timezone first. 2013-08-23 20:09:18 -05:00
Joe Vennix a4c2ba04f3 Pass cmd through /bin/sh to set default /Users/joe/.rvm/gems/ruby-1.9.3-p392@pro-dev/bin /Users/joe/.rvm/gems/ruby-1.9.3-p392@global/bin /Users/joe/.rvm/rubies/ruby-1.9.3-p392/bin /Users/joe/.rvm/bin /usr/local/sbin /usr/local/bin /usr/bin /bin /usr/sbin /sbin /usr/X11/bin /opt/bin /opt/X11/bin. CMD and native payloads now working. 2013-08-23 19:39:21 -05:00
jvennix-r7 155f336b6f Merge pull request #2 from jvazquez-r7/test_osx
merge in @jvazquez-r7's fixes for osx sudo module
2013-08-23 17:06:26 -07:00
jvazquez-r7 fc91380ebc Add work code 2013-08-23 17:54:21 -05:00
sinn3r 7b5e98d57e Land #2269 - Oracle Endeca Server Remote Command Execution 2013-08-23 15:40:31 -05:00
jvazquez-r7 a5c9f8d670 Beautify targets metadata 2013-08-23 15:15:04 -05:00
jvazquez-r7 f3415f4147 Make msftidy compliant 2013-08-23 15:14:13 -05:00
jvazquez-r7 413474f417 Move module to the correct path 2013-08-23 15:08:25 -05:00
Joe Vennix ba27eab0d6 Comment out ctrl-z hax. 2013-08-23 19:44:39 +00:00
jvazquez-r7 ad214da3de Switch to powershell to exec payload 2013-08-23 14:39:29 -05:00
jvazquez-r7 9aba91a819 Land #2275, @Ruslaideemin's badchars improve for intrasrv_bof 2013-08-23 08:51:33 -05:00
jvazquez-r7 a45f49e3b7 Use a new Ranking 2013-08-23 08:49:58 -05:00
Brandon Turner cd45c77080 Fix a few database leaks
All database access should be wrapped in with_connection blocks.

To avoid breaking git blame with a bunch of whitespace, I outdented
the with_connection blocks as seems to be common in db.rb.

[Story #55586616]
2013-08-21 18:53:17 -05:00
Brandon Turner c0700673e7 Fix SessionManager database leak
All database access should be wrapped in with_connection blocks.

Much of this commit is whitespace.  It may help to view it with
--ignore-all-space or the w=0 parameter on GitHub.

[Story #55586616]
2013-08-21 17:34:25 -05:00