wchen-r7
b46e1be22f
Land #5371 , Add file checking to the on_new_session cleanup
2015-06-26 13:33:57 -05:00
William Vu
c04490e5eb
Remove comma before coordinating conjunction
...
An independent clause does not follow.
2015-06-26 12:50:37 -05:00
Tod Beardsley
31eedbcfa0
Minor cleanups on recent modules
...
Edited modules/auxiliary/scanner/http/ms15_034_http_sys_memory_dump.rb
first landed in #5577 , MS15-034 HTTP.SYS Information Disclosure
Edited modules/exploits/multi/browser/adobe_flash_shader_drawing_fill.rb
first landed in #5605 , CVE-2015-3105 flash exploit
Edited modules/exploits/multi/browser/adobe_flash_shader_job_overflow.rb
first landed in #5559 , Adobe Flash Player ShaderJob Buffer Overflow
Edited modules/auxiliary/test/report_auth_info.rb first landed in #5540 ,
@wchen-r7's changes for multiple auxiliary modules to use the new cred
API
2015-06-26 12:18:33 -05:00
jvazquez-r7
7ccc86d338
Use cmd_exec
2015-06-26 11:54:19 -05:00
jvazquez-r7
31b7ef49d6
Solve conficts
2015-06-26 11:36:17 -05:00
wchen-r7
eba1e24b96
Land #5605 , CVE-2015-3105 flash exploit
2015-06-26 10:30:10 -05:00
Trevor Rosen
84c0e62fd3
Land #5493 , update OWA scanner creds persistence
2015-06-26 08:46:27 -05:00
OJ
a773979992
Java config wiring, tweak to include block counts
...
This commit adjusts the way that the config block is set for java and
android because behind the scenes the stageless connect-backs need to
know what to discard. as a result of connecting back to staged listeners
we need to be able to discard a number of bytes/blocks before we can
continue process (at least in the case of TCP).
2015-06-26 13:59:09 +10:00
wchen-r7
c70e38a14e
Do more reporting
2015-06-25 22:39:56 -05:00
wchen-r7
5ef4cc2bb4
Save creds
2015-06-25 17:10:20 -05:00
wchen-r7
1a371b11b0
Update description
2015-06-25 17:04:31 -05:00
jvazquez-r7
ee0377ca16
Add module for CVE-2015-3105
2015-06-25 13:35:01 -05:00
root
63f584cbfd
Add last_attempted_at
2015-06-25 12:08:38 +05:00
wchen-r7
c330d10403
Make SSL as a basic option
...
Also:
Fix #5558
2015-06-25 02:06:51 -05:00
wchen-r7
5c98da05fb
This works for Glassfish 4.0 & 9.1
2015-06-25 01:58:24 -05:00
wchen-r7
c826785ebb
Fix auth bypass
2015-06-24 19:49:04 -05:00
wchen-r7
8e4fa80728
This looks good so far
2015-06-24 19:30:02 -05:00
OJ
d9b6e46685
Merge branch 'upstream/master' into android-java-transport-refactor
2015-06-25 09:50:42 +10:00
Spencer McIntyre
2206a6af73
Support older targets x86 for MS15-051
2015-06-25 09:33:15 +10:00
HD Moore
cea8605365
Fix #5596 by catching RuntimeError from Rex::Poly
2015-06-24 15:17:33 -05:00
William Vu
827d241482
Land #5539 , Quake scanner fix
2015-06-24 15:00:39 -05:00
William Vu
a149fb5710
Land #5554 , @g0tmi1k's persistence improvements
...
age aborts
age aborts
2015-06-24 14:37:25 -05:00
William Vu
e7e8135acd
Clean up module
2015-06-24 14:35:10 -05:00
Michael Messner
c8dddbff70
server header
2015-06-24 21:32:01 +02:00
wchen-r7
380af29482
Progress?
2015-06-24 14:17:45 -05:00
OJ
0493ba83a0
Add transport configuration support
2015-06-24 21:26:47 +10:00
joev
8b6fba4988
Tweak and fix some things in Safari file URL module.
2015-06-24 02:08:06 -05:00
OJ
e796e56c6c
Modify the staging process
2015-06-24 13:22:33 +10:00
Meatballs
9c4a96761e
Small tidyup
2015-06-23 23:10:29 +01:00
Meatballs
4392b7c1de
Enum LAPS
2015-06-23 23:02:22 +01:00
Meatballs
221980820a
Committed wrong file
...
This reverts commit 76c2198ef0
.
2015-06-23 23:01:59 +01:00
Meatballs
76c2198ef0
LAPS enum
2015-06-23 22:56:53 +01:00
Tod Beardsley
18a9585f7a
Add safari module for CVE-2015-1155
2015-06-23 16:15:50 -05:00
Michael Messner
8bc012a665
echo stager via upload vulnerability
2015-06-23 23:09:08 +02:00
Trevor Rosen
c45e42465a
Land #5492 , update PCAnywhere login scanner
2015-06-23 14:48:25 -05:00
William Vu
5751e196bb
Remove extraneous newline
2015-06-23 14:43:37 -05:00
wchen-r7
6046994138
version does not return nil
2015-06-23 10:31:01 -05:00
wchen-r7
59af7ef1fc
Remove the extra target_uri
2015-06-23 10:27:50 -05:00
wchen-r7
a2a231c242
Land #5577 , MS15-034 HTTP.SYS Information Disclosure
2015-06-23 10:20:54 -05:00
wchen-r7
11366971da
Oh never mind, user-agent makes it more difficult to use (more crashes)
2015-06-23 01:24:17 -05:00
wchen-r7
6127b8a037
Pass user-agent
2015-06-23 01:23:01 -05:00
wchen-r7
8ce5cc23cf
More consistent filename style
2015-06-23 01:08:34 -05:00
wchen-r7
e9b548e8a2
Changes for ms15034_http_sys_memory_dump.rb
2015-06-23 01:07:33 -05:00
root
302db36daa
Add last_attempted_at to creds object
2015-06-23 09:46:01 +05:00
rwhitcroft
8086a6f8cc
remove unnecessary begin/rescue, change print_* to vprint_* in check()
2015-06-22 20:25:12 -04:00
jvazquez-r7
f216841d01
Update enum_vbox
2015-06-22 17:54:17 -05:00
Brent Cook
8ade66027a
update cached payload sizes
2015-06-22 17:19:02 -05:00
Brent Cook
e696d2f3dc
Merge branch 'master' into land-5348-ntds
2015-06-22 17:18:13 -05:00
jvazquez-r7
c20d2a1dd9
Update post/multi/gather/env
...
* Use cmd_exec
2015-06-22 16:20:46 -05:00
jvazquez-r7
a309d99da9
Fix enum_osx
...
* Use cmd_exec
2015-06-22 16:09:30 -05:00
wchen-r7
dedfca163d
Change check()
2015-06-22 15:05:12 -05:00
rwhitcroft
90e17aee6b
clarified affected OSes and error messages
2015-06-22 15:47:26 -04:00
jvazquez-r7
4475b7ec8e
Update enum_keychain
...
* Use cmd_exec
2015-06-22 14:30:46 -05:00
jvazquez-r7
784be06b6f
Update nmap
...
* Use cmd_exec
2015-06-22 14:20:02 -05:00
jvazquez-r7
d98d2ffd4d
Update setuid_viscosity
...
* Use cmd_exec
2015-06-22 14:04:04 -05:00
jvazquez-r7
60bdc10aed
Update setuid_tunnelblick
...
* Use cmd_exec
2015-06-22 13:57:33 -05:00
jvazquez-r7
6a00ce62de
Update persistence module
...
* Delete unused method
2015-06-22 12:25:00 -05:00
rwhitcroft
774aef7241
add module to dump memory via MS15-034
2015-06-22 10:31:31 -04:00
OJ
3686accadd
Merge branch 'upstream/master' into cve-2015-1701
2015-06-22 07:52:17 +10:00
Spencer McIntyre
efece12b40
Minor clean ups for ruby strings and check method
2015-06-21 16:07:44 -04:00
Pedro Ribeiro
ea49fd2fdc
Update sysaid_rdslogs_fle_upload.rb
2015-06-20 16:59:28 +01:00
Pedro Ribeiro
50a3a32bfd
Update sysaid_sql_creds.rb
2015-06-20 16:58:42 +01:00
Pedro Ribeiro
78c2f8a3a3
Update sysaid_sql_creds.rb
2015-06-20 16:57:34 +01:00
Pedro Ribeiro
11aca8b27a
Update sysaid_file_download.rb
2015-06-20 16:54:33 +01:00
Pedro Ribeiro
3181d76e63
Update sysaid_auth_file_upload.rb
2015-06-20 16:53:33 +01:00
Pedro Ribeiro
cf8008ed38
Update sysaid_admin_acct.rb
2015-06-20 16:52:13 +01:00
Michael Messner
d8e11789ea
cmd_interact - first try
2015-06-20 07:59:25 +02:00
jvazquez-r7
74bc9f7a91
Land #5529 , @omarix's Windows 2003 SP1 & SP2 French targets for MS08-067
2015-06-19 16:57:07 -05:00
jvazquez-r7
61ad4ada7d
Delete commas
2015-06-19 16:03:16 -05:00
jvazquez-r7
4762e9f62c
Land #5540 , @wchen-r7's changes for multiple auxiliary modules to use the new cred API
2015-06-19 15:39:09 -05:00
jvazquez-r7
fa6e45964e
Provide context to the note
2015-06-19 15:38:26 -05:00
wchen-r7
83427583ea
report_note for group info
2015-06-19 15:09:50 -05:00
wchen-r7
ef286fdfcf
Remove report_auth_info
2015-06-19 15:06:02 -05:00
wchen-r7
b104155cf1
Do Metasploit::Model::Login::Status::UNTRIED
2015-06-19 15:05:42 -05:00
wchen-r7
bd097e3264
Land #5497 , Refactor LoginScanner::SNMP to be fast and less buggy
2015-06-19 14:57:36 -05:00
jvazquez-r7
34d5d92646
Land #5555 , @Th3R3p0's support for for RFB Version 4
2015-06-19 14:15:04 -05:00
Brent Cook
d19c2e7206
Land #5544 , track updates to SSL Labs API
2015-06-19 11:39:38 -05:00
Brent Cook
bf170a195d
the API sometimes returns negative percents - treat these as 0
2015-06-19 11:38:36 -05:00
Brent Cook
5a277389f2
remove some trailing commas
2015-06-19 11:38:22 -05:00
wchen-r7
9da99a8265
Merge branch 'upstream-master' into bapv2
2015-06-19 11:36:27 -05:00
wchen-r7
5a548c3792
Land #5453 , Update dbvis_enum to use the new cred API
2015-06-19 11:35:07 -05:00
William Vu
2587595a92
Land #5556 , vprint_status fix
2015-06-19 11:24:54 -05:00
William Vu
b994801172
Revert auto tab replacement
2015-06-19 11:22:40 -05:00
jvazquez-r7
6ec8488929
Land #5560 , @wchen-r7 Changes ExcellentRanking to GoodRanking for MS14-064
2015-06-19 11:15:41 -05:00
jvazquez-r7
ebd376e0f3
Land #5485 , @wchen-r7 updates wordpress_login_enum to use the new cred API
2015-06-19 10:50:07 -05:00
jvazquez-r7
dfae4bbbf0
Do reporting more accurate
2015-06-19 10:48:12 -05:00
wchen-r7
7f56b4635c
Land #5546 , Use the new cred API for auxiliary/server/capture/telnet
2015-06-19 10:46:01 -05:00
William Vu
d86c21e94a
Land #5567 , author fix
2015-06-19 10:41:41 -05:00
wchen-r7
15985e8b4f
Land #5559 , Adobe Flash Player ShaderJob Buffer Overflow
2015-06-19 10:38:05 -05:00
jvazquez-r7
c95b3bb31d
Land #5479 , @wchen-r7 Updates kloxo_sqli to use the new cred API
2015-06-19 10:32:21 -05:00
jvazquez-r7
c2f0973ed0
Report attempt_time
2015-06-19 10:31:50 -05:00
jvazquez-r7
1c357e6b3c
Land #5478 , @wchen-r7 Updates ca_arcserve_rpc_authbypass to use the new cred API
2015-06-19 10:21:14 -05:00
jvazquez-r7
0f17f622c3
Report last_attempted_at
2015-06-19 10:20:47 -05:00
jvazquez-r7
357a3929a3
Trying to report more accurate status
2015-06-19 09:51:36 -05:00
jvazquez-r7
b349549754
Land #5464 , @wchen-r7 Updates razer_synapse to use the new cred API
2015-06-19 09:42:44 -05:00
jvazquez-r7
6d2b7e05ef
Use downcase
2015-06-19 09:35:20 -05:00
jvazquez-r7
80f6e902b6
Land #5463 , @wchen-r7 updates smartermail to use the new cred API
2015-06-19 09:29:34 -05:00
jvazquez-r7
0d7ef6f04e
Pass username as symbol
2015-06-19 09:29:00 -05:00
aushack
76cd9590a4
Fix author
2015-06-19 19:13:51 +10:00
wchen-r7
fc35a53ac5
Pass options correctly
2015-06-19 00:14:58 -05:00
wchen-r7
fc1417809e
Support hash format
2015-06-19 00:09:08 -05:00
wchen-r7
7e91121afc
Change to Metasploit::Model::Login::Status::SUCCESSFUL
2015-06-18 23:44:45 -05:00
wchen-r7
fb9ad663f7
Change to Metasploit::Model::Login::Status::SUCCESSFUL
2015-06-18 23:42:16 -05:00
wchen-r7
9b5770c966
Change to Metasploit::Model::Login::Status::SUCCESSFUL
2015-06-18 23:40:51 -05:00
g0tmi1k
0b55a889d3
persistence - better ruby/msf fu
2015-06-18 21:10:16 +01:00
Tod Beardsley
afcb016814
Minor description fixups.
...
Edited modules/exploits/multi/browser/adobe_flash_pixel_bender_bof.rb
first landed in #5524 , adobe_flash_pixel_bender_bof in flash renderer .
Removed ASCII bullets since those rarely render correctly.
Edited modules/exploits/unix/webapp/wp_frontend_editor_file_upload.rb
first landed in #5252 , @espreto's module for WordPress Front-end Editor
File Upload Vuln . Fixed up some language usage, camel-cased "WordPress."
2015-06-18 13:25:39 -05:00
wchen-r7
13a3f2781d
Change ExcellentRanking to GoodRanking for MS14-064
...
The ms14_064_ole_code_execution exploit's ranking is being lowered
to GoodRanking because of these two reasons:
1. The vulnerable component isn't in Internet Explorer. And BES can't
check it so the exploit still fires even if the target is patched.
2. Although rare, we've seen the exploit crashing IE, and since this
is a memory curruption type of bug, it should not be in Excellent
ranking anyway.
2015-06-18 13:07:44 -05:00
jvazquez-r7
de1542e589
Add module for CVE-2015-3090
2015-06-18 12:36:14 -05:00
g0tmi1k
ce9481d2b7
Inconstancy - If datastore['VERBOSE'] vs vprint
2015-06-18 09:27:01 +01:00
Th3R3p0
a6c7f93bbe
changed text to show support for RFB version 4.001
2015-06-17 13:09:03 -04:00
g0tmi1k
a3debe1621
persistence - more options, more verbose
...
...and less bugs!
+ Able to define the EXE payload filename
+ Able to setup a handler job
+ Able to execute persistence payload after installing
+ Performs various checks (should be more stable now)
+ Will display various warnings if your doing something 'different'
+ Added various verbose messages during the process
2015-06-17 13:57:06 +01:00
jvazquez-r7
f5b9be7814
Land #5468 , @wchen-r7's updates razorsql to use the new creds api
...
* Also fixes #5469
2015-06-16 17:51:18 -05:00
William Vu
ef825fb4bf
Land #5530 , shell_to_meterpreter improvements
2015-06-16 14:29:15 -05:00
g0tmi1k
33139c4ecd
shell_to_meterpreter minor improvements
2015-06-16 20:42:47 +01:00
root
fcf6212d2f
Update telnet capture module to use the new creds API
2015-06-16 16:37:36 +05:00
root
a99b001bd7
payloads_spec.rb modified, payloads added
2015-06-16 05:33:30 -04:00
Denis Kolegov
c3d2797f10
Fixed Info fields
2015-06-16 04:22:22 -04:00
Denis Kolegov
2778274e47
Added new SSL Labs API fields and fixed minor errors
2015-06-16 02:59:12 -04:00
wchen-r7
b6379b4d24
Update drupal_views_user_enum
2015-06-16 00:02:02 -05:00
jvazquez-r7
eb39eaac1d
Add support to decryption v2
2015-06-15 23:28:10 -05:00
wchen-r7
0b88e86a49
Using the new cred API for multiple auxiliary modules
2015-06-15 16:06:57 -05:00
Jon Hart
fd0b42be4a
Properly store quake service info
2015-06-15 12:45:14 -07:00
Jon Hart
079a9d449c
Use peer
2015-06-15 11:45:55 -07:00
Jon Hart
feb7263137
Wire in recog support for ssh_version
2015-06-15 11:42:20 -07:00
Jon Hart
80f1173fcf
Style and scanner usability cleanup for ssh_version
2015-06-15 10:12:07 -07:00
William Vu
8d640a0c8f
Land #5527 , multi/handler -> exploit/multi/handler
2015-06-15 10:23:26 -05:00
wchen-r7
907f596de6
Land #5520 , Update titan_ftp_admin_pwd to use the new creds API
2015-06-15 03:26:19 -05:00
wchen-r7
940d045029
Correctly report rport
2015-06-15 03:23:39 -05:00
wchen-r7
308b1a3d7f
Don't deregister username & password
2015-06-15 03:21:09 -05:00
wchen-r7
ebce415957
Land #5507 , Update nessus_xmlrpc_logic to use the new creds API
2015-06-15 02:59:01 -05:00
wchen-r7
c20cf15104
Msut have last_attempted_at key
2015-06-15 02:58:31 -05:00
wchen-r7
17b8ddc68a
Land #5524 , adobe_flash_pixel_bender_bof in flash renderer
2015-06-15 02:42:16 -05:00
Michael Messner
145637470a
port, email, cleanup
2015-06-14 08:27:23 +02:00
Joshua Abraham
c801e52f60
Update smb_enumusers_domain.rb
2015-06-13 17:02:43 -04:00
Michael Messner
1b040f3374
dsp-w110-command-injection
2015-06-13 21:45:56 +02:00
0xFFFFFF
c7cda25582
Empty lines removed at line 624 and line 721.
...
Empty lines removed at line 624 and line 721.
2015-06-13 14:54:10 +01:00
0xFFFFFF
7f0e334d78
Added Windows 2003 SP1 & SP2 French targets
...
msf exploit(ms08_067_netap) > show targets
Exploit targets:
Id Name
-- ----
0 Automatic Targeting
1 Windows 2000 Universal
2 Windows XP SP0/SP1 Universal
3 Windows 2003 SP0 Universal
4 Windows XP SP2 English (AlwaysOn NX)
[...]
62 Windows 2003 SP1 French (NX)
63 Windows 2003 SP2 English (NO NX)
[...]
71 Windows 2003 SP2 French (NO NX)
72 Windows 2003 SP2 French (NX)
2015-06-13 13:30:02 +01:00
g0tmi1k
6dcc9b7dab
More inconsistencies
2015-06-12 21:59:15 +01:00
jvazquez-r7
e628d71261
Land #5397 , @espreto's module for WordPress Simple Backup File Read Vulnerability
2015-06-12 15:32:06 -05:00
jvazquez-r7
184c20cd46
Do minor cleanup
2015-06-12 15:31:42 -05:00
g0tmi1k
a53ca53a6a
Fix inconstancy - multi/handler
2015-06-12 21:23:51 +01:00
jvazquez-r7
f279c6ca3f
Land #5252 , @espreto's module for WordPress Front-end Editor File Upload Vuln
2015-06-12 15:11:10 -05:00
wchen-r7
89d03a1472
Symbol to String
2015-06-12 15:02:36 -05:00
wchen-r7
20170bd630
Report as hash
2015-06-12 13:55:32 -05:00
jvazquez-r7
8f4a44ac97
Land #5474 , @wchen-r7 Updates pptpd_chap_secrets to use the new cred API
2015-06-12 11:41:59 -05:00
jvazquez-r7
8ed13b1d1b
Add linux support for CVE-2014-0515
2015-06-11 16:18:50 -05:00
wchen-r7
ae21b0c260
Land #5523 , adobe_flash_domain_memory_uaf in the flash renderer
2015-06-10 16:59:19 -05:00
wchen-r7
4c5b1fbcef
Land #5522 , adobe_flash_worker_byte_array_uaf in the flash renderer
2015-06-10 14:49:41 -05:00
jvazquez-r7
6c7ee10520
Update to use the new flash Exploiter
2015-06-10 13:52:43 -05:00
wchen-r7
8dad739c76
Land #5508 , Get Ready to Move VMware modules to the VMware directory
2015-06-10 11:59:40 -05:00
wchen-r7
d622c782ef
Land #5519 , adobe_flash_uncompress_zlib_uninitialized in the flash renderer
2015-06-10 11:52:47 -05:00
wchen-r7
667db8bc30
Land #5517 , adobe_flash_casi32_int_overflow (exec from the flash renderer)
2015-06-10 11:39:13 -05:00
William Vu
b23647d5ae
Land #5521 , @todb-r7's module cleanup
2015-06-10 11:29:41 -05:00
Tod Beardsley
dc2fec76a9
Land #5509 , remove msfencode and msfpayload
...
Fixes #4326
Thanks @wchen-r7!
2015-06-10 11:15:35 -05:00
Tod Beardsley
0d979f61ae
Minor fixups on newish modules
2015-06-10 11:09:42 -05:00
jvazquez-r7
fb531d0069
Update version coverage
2015-06-10 09:38:00 -05:00
jvazquez-r7
a6fe383852
Use AS Exploiter
2015-06-10 09:32:52 -05:00
root
7cb82f594b
Add ftp port for service
2015-06-10 14:24:05 +05:00
root
3ffe006e09
Update titan_ftp_admin_pwd to use the new creds API
2015-06-10 13:36:26 +05:00
root
3fe6ddd10a
Change credential status from untried to successful
2015-06-10 10:09:57 +05:00
root
78a6e1bc90
Change credential status from untried to successful
2015-06-10 10:07:33 +05:00
root
1b3f911f84
Change credential status from untried to successful
2015-06-10 09:54:10 +05:00
jvazquez-r7
e5d6c9a3cb
Make last code cleanup
2015-06-09 16:01:57 -05:00
jvazquez-r7
cf8c6b510b
Debug version working
2015-06-09 15:46:21 -05:00
William Vu
9fa423464c
Fix #5224 , comma fixes
...
My fault for missing these.
2015-06-09 14:28:01 -05:00
William Vu
8a69704d3e
Fix up commas
2015-06-09 14:27:35 -05:00
William Vu
d31a59cd22
Fix #5224 , altered option description
2015-06-09 14:15:58 -05:00
William Vu
cc8650f98a
Fix TMPPATH description
2015-06-09 14:15:18 -05:00
William Vu
9c97da3b7c
Land #5224 , ProFTPD mod_copy exploit
2015-06-09 14:11:27 -05:00
William Vu
5ab882a8d4
Clean up module
2015-06-09 14:10:46 -05:00
jvazquez-r7
b7f0fad72f
Modify CVE-2014-0569 to use the flash exploitation code
2015-06-09 11:31:39 -05:00
wchen-r7
6eb25743e3
Merge branch 'upstream-master' into bapv2
2015-06-09 10:10:00 -05:00
root
49e4820c57
Add depcrecated note to the existing modules
2015-06-09 10:42:53 +05:00
Josh Abraham
8381d4f994
update smb_enumusers_domain to store enumerated users in the DB
2015-06-08 19:42:03 -04:00
David Maloney
bb56f6043e
explicitly use windows\temp
...
instead of using the user temp directory
trying to get around some intermittant permissions
issues
MSP-12358
2015-06-08 13:17:18 -05:00
David Maloney
2a474c8375
Merge branch 'master' into feature/MSP-12358/ntds-dump-module
2015-06-08 11:42:03 -05:00
wchen-r7
5a6a16c4ec
Resolve #4326 , remove msfpayload & msfencode. Use msfvenom instead!
...
msfpayload and msfencode are no longer in metasploit. Please use
msfvenom instead.
Resolves #4326
2015-06-08 11:30:04 -05:00
root
3279518bbd
Move VMware modules to the VMware directory
2015-06-08 14:58:22 +05:00
root
245c76374d
Update nessus_xmlrpc_logic to use the new creds API
2015-06-08 14:40:15 +05:00
jvazquez-r7
a39539f8ef
Land #5457 , @wchen-r7 updates spark_im to use the new cred API
2015-06-07 20:45:42 -05:00
HD Moore
25aa96cfc1
Land #5456 , removes obsolete comment
2015-06-07 14:25:23 -05:00
HD Moore
1f11cd5470
Lands #5446 , support for 64-bit native powershell payloads
2015-06-07 14:16:19 -05:00
HD Moore
c80017992a
A dirty patch for a number of Net::DNS/dns_enum issues
2015-06-06 13:48:52 -05:00
jvazquez-r7
dca2607d54
Land #5452 , @wchen-r7 Update tortoisesvn to use the new cred API
2015-06-06 01:35:40 -05:00
jvazquez-r7
bf35b9bdf4
Minor fix
2015-06-06 01:35:09 -05:00
HD Moore
135958a225
Cleanup the udp_(sweep|probe) SNMP generators
2015-06-06 00:54:08 -05:00
HD Moore
6b05302059
Fixes #5459 , refactors LoginScanner::SNMP
2015-06-06 00:50:55 -05:00
wchen-r7
ea33d7060e
Correct ranking
2015-06-05 21:07:27 -05:00
wchen-r7
ff39e32cc6
Single quote
2015-06-05 21:06:57 -05:00
jvazquez-r7
c3437dab2a
Land #5451 , @wchen-r7 Update filezilla_client_cred to use the new cred API
2015-06-05 16:39:31 -05:00
jvazquez-r7
57b7d10ec5
Land #5449 , @wchen-r7 updates total_commander to use the new cred API
2015-06-05 16:28:32 -05:00
wchen-r7
ee13a215e9
Merge branch 'upstream-master' into bapv2
2015-06-05 14:09:07 -05:00
jvazquez-r7
318f67fcda
update descriptions
2015-06-05 09:01:20 -05:00
root
3ec6d9b7aa
Update owa_login to use new cred API
2015-06-05 15:41:07 +05:00
root
b6936febbe
Update pcanywhere_login to use the new cred API
2015-06-05 12:16:00 +05:00
wchen-r7
71a8487091
Correct Flash version in the module description
...
There is no 11.2.202.404, mang.
2015-06-04 23:46:41 -05:00
wchen-r7
5f4b2ed22a
Newline
2015-06-04 23:36:36 -05:00
wchen-r7
69968fc9f1
Merge branch 'upstream-master' into bapv2
2015-06-04 23:36:24 -05:00
jvazquez-r7
02181addc5
Update CVE-2014-0556
2015-06-04 18:23:50 -05:00
wchen-r7
874e090aa1
Update wordpress_login_enum to use the new cred API
2015-06-04 18:16:14 -05:00
root
d4f418fe3f
Style corrections
...
See #5480
2015-06-04 15:52:07 -05:00
wchen-r7
23df66bf3a
Land #5481 , no powershell. exec shellcode from the renderer process.
2015-06-04 15:45:09 -05:00
wchen-r7
487cc15b0b
Land #5476 , multi-platform update for adobe_flash_net_connection_confusion
2015-06-04 12:32:42 -05:00
jvazquez-r7
ab68d8429b
Add more targets
2015-06-04 12:11:53 -05:00
wchen-r7
be709ba370
Merge branch 'upstream-master' into bapv2
2015-06-04 10:33:07 -05:00
wchen-r7
744baf2d44
Update kloxo_sqli to use the new cred API
2015-06-03 23:28:35 -05:00
jvazquez-r7
80cb70cacf
Add support for Windows 8.1/Firefox
2015-06-03 22:46:04 -05:00
wchen-r7
78e4677bb1
Oops it blew up
2015-06-03 20:10:01 -05:00
wchen-r7
a0aa6135c5
Update ca_arcserve_rpc_authbypass to use the new cred API
2015-06-03 20:02:07 -05:00
John Sherwood
d3c3741478
Use run_host so that we can use THREADS
...
- The refactor left the module using run_batch even though the
features of the code that made this desirable were removed (i.e.,
it was no longer doing one batch per community string). By now
switching back to run_host, we can again take advantage of the
built-in metasploit multithreading capabilities.
- Also, added back in the display of the result.proof field. This
aids in identifying false positives (which have a blank response)
and is functionality worth keeping.
2015-06-03 18:08:38 -04:00
jvazquez-r7
74117a7a52
Allow to execute payload from the flash renderer
2015-06-03 16:33:41 -05:00
wchen-r7
39d38f1641
Update pptpd_chap_secrets to use the new cred API
2015-06-03 16:33:10 -05:00
Pedro Ribeiro
d5b33a0074
Update sysaid_rdslogs_fle_upload.rb
2015-06-03 22:01:13 +01:00
Pedro Ribeiro
37827be10f
Update sysaid_auth_file_upload.rb
2015-06-03 22:00:44 +01:00
Pedro Ribeiro
7f35c3b4f5
Update sysaid_sql_creds.rb
2015-06-03 22:00:08 +01:00
Pedro Ribeiro
54bfe29527
Update and rename sysaid_file_ to sysaid_file_download.rb
2015-06-03 21:59:45 +01:00
Pedro Ribeiro
42e84cd7d5
Update sysaid_admin_acct.rb
2015-06-03 21:59:04 +01:00
Pedro Ribeiro
6683b86822
Create sysaid_sql_creds.rb
2015-06-03 21:46:48 +01:00
Pedro Ribeiro
72b7982e7a
Create sysaid_file_
2015-06-03 21:46:13 +01:00
Pedro Ribeiro
62993c35d3
Create sysaid_rdslogs_fle_upload.rb
2015-06-03 21:45:14 +01:00
Pedro Ribeiro
193b7bcd2e
Create sysaid_auth_file_upload.rb
2015-06-03 21:44:02 +01:00
Pedro Ribeiro
765077d741
Create sysaid_admin_acct.rb
2015-06-03 21:38:43 +01:00
wchen-r7
656f64d9bd
Update razorsql to use the new cred API
2015-06-03 13:49:06 -05:00
Roberto Soares
b305fa62f4
Changed vprint_error when nothing was downloaded.
2015-06-03 14:46:59 -03:00
Roberto Soares
24ec3b2fb5
Changed vprint_error to fail_with method.
2015-06-03 13:46:59 -03:00
OJ
a6467f49ec
Update description
2015-06-03 22:17:25 +10:00
OJ
455a3b6b9d
Add butchered version of CVE-2015-1701
2015-06-03 21:48:23 +10:00
wchen-r7
b038760be7
Update razer_synapse to use the new cred API
2015-06-03 01:44:20 -05:00
wchen-r7
ef0d6490da
Update smartermail to use the new cred API
2015-06-03 00:48:52 -05:00
wchen-r7
c64f025c4e
Add module_fullname: fullname
2015-06-02 12:35:06 -05:00
wchen-r7
e43163135b
Add module_fullname: fullname,
2015-06-02 12:33:34 -05:00
benpturner
dddbf3886b
Updated payload spec to be in the correct order and updated payload cached size
2015-06-02 18:33:06 +01:00
wchen-r7
63708f2bba
Add module_fullname: fullname
2015-06-02 12:27:35 -05:00
wchen-r7
28556ea6e2
Update spark_im to use the new cred API
2015-06-02 12:16:07 -05:00
wchen-r7
aac2db826f
Remove comment about report_auth_info
...
This module isn't using report_auth_info, so this comment is no
longer needed.
2015-06-02 10:24:55 -05:00
Tim
ac2a52b522
fix android/java reverse_tcp
2015-06-02 10:54:49 +01:00
root
7485cf776e
Remove unnecessary spaces
2015-06-02 14:18:36 +05:00
root
b4cfe93977
Add creds API
2015-06-02 14:16:16 +05:00
wchen-r7
1ae9265fb9
Update tortoisesvn to use the new cred API
2015-06-02 00:52:43 -05:00
wchen-r7
b98cc89f0c
Update filezilla_client_cred to use the new cred API
2015-06-02 00:22:17 -05:00
Tim
c721cb6f4e
Land #5448 , fix author name typo
2015-06-02 05:08:48 +01:00
wchen-r7
c3e15059a7
Update total_commander to use the new cred API
2015-06-01 21:17:58 -05:00
James Lee
d03ee5667b
Remove assigned but unused local vars
2015-06-01 16:45:36 -05:00
James Lee
7133f0a68e
Fix typo in author's name
2015-06-01 16:45:09 -05:00
Brent Cook
449ce32f07
update for new UUID namespace
2015-06-01 15:16:04 -05:00
benpturner
9d1a7cead4
New modules to support 64bit process powershell.
2015-06-01 16:11:23 +01:00
Brent Cook
64e86165ef
remove android meterpreter bins, update to payloads 1.0.2
...
This switches us to using the Android payload files from the
metasploit-payloads gem
2015-06-01 09:14:31 -05:00
Brent Cook
70ef1b83f9
Merge branch 'master' into land-5366-android
2015-06-01 09:07:55 -05:00
wchen-r7
e83677d29d
rm deprecated mod
2015-05-29 17:43:26 -05:00
OJ
3dd3ef5edb
Merge branch 'upstrea/master' into winhttp-ie-proxy
2015-05-30 08:03:43 +10:00