Commit Graph

18012 Commits (c257f8945b888174ce74a9d54985a9198b41b107)

Author SHA1 Message Date
wchen-r7 b46e1be22f
Land #5371, Add file checking to the on_new_session cleanup 2015-06-26 13:33:57 -05:00
William Vu c04490e5eb Remove comma before coordinating conjunction
An independent clause does not follow.
2015-06-26 12:50:37 -05:00
Tod Beardsley 31eedbcfa0
Minor cleanups on recent modules
Edited modules/auxiliary/scanner/http/ms15_034_http_sys_memory_dump.rb
first landed in #5577, MS15-034 HTTP.SYS Information Disclosure

Edited modules/exploits/multi/browser/adobe_flash_shader_drawing_fill.rb
first landed in #5605, CVE-2015-3105 flash exploit

Edited modules/exploits/multi/browser/adobe_flash_shader_job_overflow.rb
first landed in #5559, Adobe Flash Player ShaderJob Buffer Overflow

Edited modules/auxiliary/test/report_auth_info.rb first landed in #5540,
@wchen-r7's changes for multiple auxiliary modules to use the new cred
API
2015-06-26 12:18:33 -05:00
jvazquez-r7 7ccc86d338
Use cmd_exec 2015-06-26 11:54:19 -05:00
jvazquez-r7 31b7ef49d6
Solve conficts 2015-06-26 11:36:17 -05:00
wchen-r7 eba1e24b96
Land #5605, CVE-2015-3105 flash exploit 2015-06-26 10:30:10 -05:00
Trevor Rosen 84c0e62fd3
Land #5493, update OWA scanner creds persistence 2015-06-26 08:46:27 -05:00
OJ a773979992 Java config wiring, tweak to include block counts
This commit adjusts the way that the config block is set for java and
android because behind the scenes the stageless connect-backs need to
know what to discard. as a result of connecting back to staged listeners
we need to be able to discard a number of bytes/blocks before we can
continue process (at least in the case of TCP).
2015-06-26 13:59:09 +10:00
wchen-r7 c70e38a14e Do more reporting 2015-06-25 22:39:56 -05:00
wchen-r7 5ef4cc2bb4 Save creds 2015-06-25 17:10:20 -05:00
wchen-r7 1a371b11b0 Update description 2015-06-25 17:04:31 -05:00
jvazquez-r7 ee0377ca16
Add module for CVE-2015-3105 2015-06-25 13:35:01 -05:00
root 63f584cbfd Add last_attempted_at 2015-06-25 12:08:38 +05:00
wchen-r7 c330d10403 Make SSL as a basic option
Also:

Fix #5558
2015-06-25 02:06:51 -05:00
wchen-r7 5c98da05fb This works for Glassfish 4.0 & 9.1 2015-06-25 01:58:24 -05:00
wchen-r7 c826785ebb Fix auth bypass 2015-06-24 19:49:04 -05:00
wchen-r7 8e4fa80728 This looks good so far 2015-06-24 19:30:02 -05:00
OJ d9b6e46685 Merge branch 'upstream/master' into android-java-transport-refactor 2015-06-25 09:50:42 +10:00
Spencer McIntyre 2206a6af73 Support older targets x86 for MS15-051 2015-06-25 09:33:15 +10:00
HD Moore cea8605365 Fix #5596 by catching RuntimeError from Rex::Poly 2015-06-24 15:17:33 -05:00
William Vu 827d241482
Land #5539, Quake scanner fix 2015-06-24 15:00:39 -05:00
William Vu a149fb5710
Land #5554, @g0tmi1k's persistence improvements
age aborts
age aborts
2015-06-24 14:37:25 -05:00
William Vu e7e8135acd Clean up module 2015-06-24 14:35:10 -05:00
Michael Messner c8dddbff70 server header 2015-06-24 21:32:01 +02:00
wchen-r7 380af29482 Progress? 2015-06-24 14:17:45 -05:00
OJ 0493ba83a0 Add transport configuration support 2015-06-24 21:26:47 +10:00
joev 8b6fba4988 Tweak and fix some things in Safari file URL module. 2015-06-24 02:08:06 -05:00
OJ e796e56c6c Modify the staging process 2015-06-24 13:22:33 +10:00
Meatballs 9c4a96761e
Small tidyup 2015-06-23 23:10:29 +01:00
Meatballs 4392b7c1de
Enum LAPS 2015-06-23 23:02:22 +01:00
Meatballs 221980820a Committed wrong file
This reverts commit 76c2198ef0.
2015-06-23 23:01:59 +01:00
Meatballs 76c2198ef0
LAPS enum 2015-06-23 22:56:53 +01:00
Tod Beardsley 18a9585f7a
Add safari module for CVE-2015-1155 2015-06-23 16:15:50 -05:00
Michael Messner 8bc012a665 echo stager via upload vulnerability 2015-06-23 23:09:08 +02:00
Trevor Rosen c45e42465a
Land #5492, update PCAnywhere login scanner 2015-06-23 14:48:25 -05:00
William Vu 5751e196bb Remove extraneous newline 2015-06-23 14:43:37 -05:00
wchen-r7 6046994138 version does not return nil 2015-06-23 10:31:01 -05:00
wchen-r7 59af7ef1fc Remove the extra target_uri 2015-06-23 10:27:50 -05:00
wchen-r7 a2a231c242
Land #5577, MS15-034 HTTP.SYS Information Disclosure 2015-06-23 10:20:54 -05:00
wchen-r7 11366971da Oh never mind, user-agent makes it more difficult to use (more crashes) 2015-06-23 01:24:17 -05:00
wchen-r7 6127b8a037 Pass user-agent 2015-06-23 01:23:01 -05:00
wchen-r7 8ce5cc23cf More consistent filename style 2015-06-23 01:08:34 -05:00
wchen-r7 e9b548e8a2 Changes for ms15034_http_sys_memory_dump.rb 2015-06-23 01:07:33 -05:00
root 302db36daa Add last_attempted_at to creds object 2015-06-23 09:46:01 +05:00
rwhitcroft 8086a6f8cc remove unnecessary begin/rescue, change print_* to vprint_* in check() 2015-06-22 20:25:12 -04:00
jvazquez-r7 f216841d01
Update enum_vbox 2015-06-22 17:54:17 -05:00
Brent Cook 8ade66027a update cached payload sizes 2015-06-22 17:19:02 -05:00
Brent Cook e696d2f3dc Merge branch 'master' into land-5348-ntds 2015-06-22 17:18:13 -05:00
jvazquez-r7 c20d2a1dd9
Update post/multi/gather/env
* Use cmd_exec
2015-06-22 16:20:46 -05:00
jvazquez-r7 a309d99da9
Fix enum_osx
* Use cmd_exec
2015-06-22 16:09:30 -05:00
wchen-r7 dedfca163d Change check() 2015-06-22 15:05:12 -05:00
rwhitcroft 90e17aee6b clarified affected OSes and error messages 2015-06-22 15:47:26 -04:00
jvazquez-r7 4475b7ec8e
Update enum_keychain
* Use cmd_exec
2015-06-22 14:30:46 -05:00
jvazquez-r7 784be06b6f
Update nmap
* Use cmd_exec
2015-06-22 14:20:02 -05:00
jvazquez-r7 d98d2ffd4d
Update setuid_viscosity
* Use cmd_exec
2015-06-22 14:04:04 -05:00
jvazquez-r7 60bdc10aed
Update setuid_tunnelblick
* Use cmd_exec
2015-06-22 13:57:33 -05:00
jvazquez-r7 6a00ce62de Update persistence module
* Delete unused method
2015-06-22 12:25:00 -05:00
rwhitcroft 774aef7241 add module to dump memory via MS15-034 2015-06-22 10:31:31 -04:00
OJ 3686accadd
Merge branch 'upstream/master' into cve-2015-1701 2015-06-22 07:52:17 +10:00
Spencer McIntyre efece12b40 Minor clean ups for ruby strings and check method 2015-06-21 16:07:44 -04:00
Pedro Ribeiro ea49fd2fdc Update sysaid_rdslogs_fle_upload.rb 2015-06-20 16:59:28 +01:00
Pedro Ribeiro 50a3a32bfd Update sysaid_sql_creds.rb 2015-06-20 16:58:42 +01:00
Pedro Ribeiro 78c2f8a3a3 Update sysaid_sql_creds.rb 2015-06-20 16:57:34 +01:00
Pedro Ribeiro 11aca8b27a Update sysaid_file_download.rb 2015-06-20 16:54:33 +01:00
Pedro Ribeiro 3181d76e63 Update sysaid_auth_file_upload.rb 2015-06-20 16:53:33 +01:00
Pedro Ribeiro cf8008ed38 Update sysaid_admin_acct.rb 2015-06-20 16:52:13 +01:00
Michael Messner d8e11789ea cmd_interact - first try 2015-06-20 07:59:25 +02:00
jvazquez-r7 74bc9f7a91
Land #5529, @omarix's Windows 2003 SP1 & SP2 French targets for MS08-067 2015-06-19 16:57:07 -05:00
jvazquez-r7 61ad4ada7d
Delete commas 2015-06-19 16:03:16 -05:00
jvazquez-r7 4762e9f62c
Land #5540, @wchen-r7's changes for multiple auxiliary modules to use the new cred API 2015-06-19 15:39:09 -05:00
jvazquez-r7 fa6e45964e
Provide context to the note 2015-06-19 15:38:26 -05:00
wchen-r7 83427583ea report_note for group info 2015-06-19 15:09:50 -05:00
wchen-r7 ef286fdfcf Remove report_auth_info 2015-06-19 15:06:02 -05:00
wchen-r7 b104155cf1 Do Metasploit::Model::Login::Status::UNTRIED 2015-06-19 15:05:42 -05:00
wchen-r7 bd097e3264
Land #5497, Refactor LoginScanner::SNMP to be fast and less buggy 2015-06-19 14:57:36 -05:00
jvazquez-r7 34d5d92646
Land #5555, @Th3R3p0's support for for RFB Version 4 2015-06-19 14:15:04 -05:00
Brent Cook d19c2e7206
Land #5544, track updates to SSL Labs API 2015-06-19 11:39:38 -05:00
Brent Cook bf170a195d the API sometimes returns negative percents - treat these as 0 2015-06-19 11:38:36 -05:00
Brent Cook 5a277389f2 remove some trailing commas 2015-06-19 11:38:22 -05:00
wchen-r7 9da99a8265
Merge branch 'upstream-master' into bapv2 2015-06-19 11:36:27 -05:00
wchen-r7 5a548c3792
Land #5453, Update dbvis_enum to use the new cred API 2015-06-19 11:35:07 -05:00
William Vu 2587595a92
Land #5556, vprint_status fix 2015-06-19 11:24:54 -05:00
William Vu b994801172 Revert auto tab replacement 2015-06-19 11:22:40 -05:00
jvazquez-r7 6ec8488929
Land #5560, @wchen-r7 Changes ExcellentRanking to GoodRanking for MS14-064 2015-06-19 11:15:41 -05:00
jvazquez-r7 ebd376e0f3
Land #5485, @wchen-r7 updates wordpress_login_enum to use the new cred API 2015-06-19 10:50:07 -05:00
jvazquez-r7 dfae4bbbf0
Do reporting more accurate 2015-06-19 10:48:12 -05:00
wchen-r7 7f56b4635c
Land #5546, Use the new cred API for auxiliary/server/capture/telnet 2015-06-19 10:46:01 -05:00
William Vu d86c21e94a
Land #5567, author fix 2015-06-19 10:41:41 -05:00
wchen-r7 15985e8b4f
Land #5559, Adobe Flash Player ShaderJob Buffer Overflow 2015-06-19 10:38:05 -05:00
jvazquez-r7 c95b3bb31d
Land #5479, @wchen-r7 Updates kloxo_sqli to use the new cred API 2015-06-19 10:32:21 -05:00
jvazquez-r7 c2f0973ed0
Report attempt_time 2015-06-19 10:31:50 -05:00
jvazquez-r7 1c357e6b3c
Land #5478, @wchen-r7 Updates ca_arcserve_rpc_authbypass to use the new cred API 2015-06-19 10:21:14 -05:00
jvazquez-r7 0f17f622c3
Report last_attempted_at 2015-06-19 10:20:47 -05:00
jvazquez-r7 357a3929a3
Trying to report more accurate status 2015-06-19 09:51:36 -05:00
jvazquez-r7 b349549754
Land #5464, @wchen-r7 Updates razer_synapse to use the new cred API 2015-06-19 09:42:44 -05:00
jvazquez-r7 6d2b7e05ef
Use downcase 2015-06-19 09:35:20 -05:00
jvazquez-r7 80f6e902b6
Land #5463, @wchen-r7 updates smartermail to use the new cred API 2015-06-19 09:29:34 -05:00
jvazquez-r7 0d7ef6f04e
Pass username as symbol 2015-06-19 09:29:00 -05:00
aushack 76cd9590a4 Fix author 2015-06-19 19:13:51 +10:00
wchen-r7 fc35a53ac5 Pass options correctly 2015-06-19 00:14:58 -05:00
wchen-r7 fc1417809e Support hash format 2015-06-19 00:09:08 -05:00
wchen-r7 7e91121afc Change to Metasploit::Model::Login::Status::SUCCESSFUL 2015-06-18 23:44:45 -05:00
wchen-r7 fb9ad663f7 Change to Metasploit::Model::Login::Status::SUCCESSFUL 2015-06-18 23:42:16 -05:00
wchen-r7 9b5770c966 Change to Metasploit::Model::Login::Status::SUCCESSFUL 2015-06-18 23:40:51 -05:00
g0tmi1k 0b55a889d3 persistence - better ruby/msf fu 2015-06-18 21:10:16 +01:00
Tod Beardsley afcb016814
Minor description fixups.
Edited modules/exploits/multi/browser/adobe_flash_pixel_bender_bof.rb
first landed in #5524, adobe_flash_pixel_bender_bof in flash renderer .
Removed ASCII bullets since those rarely render correctly.

Edited modules/exploits/unix/webapp/wp_frontend_editor_file_upload.rb
first landed in #5252, @espreto's module for WordPress Front-end Editor
File Upload Vuln . Fixed up some language usage, camel-cased "WordPress."
2015-06-18 13:25:39 -05:00
wchen-r7 13a3f2781d Change ExcellentRanking to GoodRanking for MS14-064
The ms14_064_ole_code_execution exploit's ranking is being lowered
to GoodRanking because of these two reasons:

1. The vulnerable component isn't in Internet Explorer. And BES can't
   check it so the exploit still fires even if the target is patched.
2. Although rare, we've seen the exploit crashing IE, and since this
   is a memory curruption type of bug, it should not be in Excellent
   ranking anyway.
2015-06-18 13:07:44 -05:00
jvazquez-r7 de1542e589
Add module for CVE-2015-3090 2015-06-18 12:36:14 -05:00
g0tmi1k ce9481d2b7 Inconstancy - If datastore['VERBOSE'] vs vprint 2015-06-18 09:27:01 +01:00
Th3R3p0 a6c7f93bbe changed text to show support for RFB version 4.001 2015-06-17 13:09:03 -04:00
g0tmi1k a3debe1621 persistence - more options, more verbose
...and less bugs!

+ Able to define the EXE payload filename
+ Able to setup a handler job
+ Able to execute persistence payload after installing
+ Performs various checks (should be more stable now)
+ Will display various warnings if your doing something 'different'
+ Added various verbose messages during the process
2015-06-17 13:57:06 +01:00
jvazquez-r7 f5b9be7814
Land #5468, @wchen-r7's updates razorsql to use the new creds api
* Also fixes #5469
2015-06-16 17:51:18 -05:00
William Vu ef825fb4bf
Land #5530, shell_to_meterpreter improvements 2015-06-16 14:29:15 -05:00
g0tmi1k 33139c4ecd shell_to_meterpreter minor improvements 2015-06-16 20:42:47 +01:00
root fcf6212d2f Update telnet capture module to use the new creds API 2015-06-16 16:37:36 +05:00
root a99b001bd7 payloads_spec.rb modified, payloads added 2015-06-16 05:33:30 -04:00
Denis Kolegov c3d2797f10 Fixed Info fields 2015-06-16 04:22:22 -04:00
Denis Kolegov 2778274e47 Added new SSL Labs API fields and fixed minor errors 2015-06-16 02:59:12 -04:00
wchen-r7 b6379b4d24 Update drupal_views_user_enum 2015-06-16 00:02:02 -05:00
jvazquez-r7 eb39eaac1d
Add support to decryption v2 2015-06-15 23:28:10 -05:00
wchen-r7 0b88e86a49 Using the new cred API for multiple auxiliary modules 2015-06-15 16:06:57 -05:00
Jon Hart fd0b42be4a
Properly store quake service info 2015-06-15 12:45:14 -07:00
Jon Hart 079a9d449c
Use peer 2015-06-15 11:45:55 -07:00
Jon Hart feb7263137
Wire in recog support for ssh_version 2015-06-15 11:42:20 -07:00
Jon Hart 80f1173fcf
Style and scanner usability cleanup for ssh_version 2015-06-15 10:12:07 -07:00
William Vu 8d640a0c8f
Land #5527, multi/handler -> exploit/multi/handler 2015-06-15 10:23:26 -05:00
wchen-r7 907f596de6
Land #5520, Update titan_ftp_admin_pwd to use the new creds API 2015-06-15 03:26:19 -05:00
wchen-r7 940d045029 Correctly report rport 2015-06-15 03:23:39 -05:00
wchen-r7 308b1a3d7f Don't deregister username & password 2015-06-15 03:21:09 -05:00
wchen-r7 ebce415957
Land #5507, Update nessus_xmlrpc_logic to use the new creds API 2015-06-15 02:59:01 -05:00
wchen-r7 c20cf15104 Msut have last_attempted_at key 2015-06-15 02:58:31 -05:00
wchen-r7 17b8ddc68a
Land #5524, adobe_flash_pixel_bender_bof in flash renderer 2015-06-15 02:42:16 -05:00
Michael Messner 145637470a port, email, cleanup 2015-06-14 08:27:23 +02:00
Joshua Abraham c801e52f60 Update smb_enumusers_domain.rb 2015-06-13 17:02:43 -04:00
Michael Messner 1b040f3374 dsp-w110-command-injection 2015-06-13 21:45:56 +02:00
0xFFFFFF c7cda25582 Empty lines removed at line 624 and line 721.
Empty lines removed at line 624 and line 721.
2015-06-13 14:54:10 +01:00
0xFFFFFF 7f0e334d78 Added Windows 2003 SP1 & SP2 French targets
msf exploit(ms08_067_netap) > show targets 

Exploit targets:

   Id  Name
   --  ----
   0   Automatic Targeting
   1   Windows 2000 Universal
   2   Windows XP SP0/SP1 Universal
   3   Windows 2003 SP0 Universal
   4   Windows XP SP2 English (AlwaysOn NX)
   [...]
   62  Windows 2003 SP1 French (NX)
   63  Windows 2003 SP2 English (NO NX)
   [...]
   71  Windows 2003 SP2 French (NO NX)
   72  Windows 2003 SP2 French (NX)
2015-06-13 13:30:02 +01:00
g0tmi1k 6dcc9b7dab More inconsistencies 2015-06-12 21:59:15 +01:00
jvazquez-r7 e628d71261
Land #5397, @espreto's module for WordPress Simple Backup File Read Vulnerability 2015-06-12 15:32:06 -05:00
jvazquez-r7 184c20cd46
Do minor cleanup 2015-06-12 15:31:42 -05:00
g0tmi1k a53ca53a6a Fix inconstancy - multi/handler 2015-06-12 21:23:51 +01:00
jvazquez-r7 f279c6ca3f
Land #5252, @espreto's module for WordPress Front-end Editor File Upload Vuln 2015-06-12 15:11:10 -05:00
wchen-r7 89d03a1472 Symbol to String 2015-06-12 15:02:36 -05:00
wchen-r7 20170bd630 Report as hash 2015-06-12 13:55:32 -05:00
jvazquez-r7 8f4a44ac97
Land #5474, @wchen-r7 Updates pptpd_chap_secrets to use the new cred API 2015-06-12 11:41:59 -05:00
jvazquez-r7 8ed13b1d1b
Add linux support for CVE-2014-0515 2015-06-11 16:18:50 -05:00
wchen-r7 ae21b0c260
Land #5523, adobe_flash_domain_memory_uaf in the flash renderer 2015-06-10 16:59:19 -05:00
wchen-r7 4c5b1fbcef
Land #5522, adobe_flash_worker_byte_array_uaf in the flash renderer 2015-06-10 14:49:41 -05:00
jvazquez-r7 6c7ee10520 Update to use the new flash Exploiter 2015-06-10 13:52:43 -05:00
wchen-r7 8dad739c76
Land #5508, Get Ready to Move VMware modules to the VMware directory 2015-06-10 11:59:40 -05:00
wchen-r7 d622c782ef
Land #5519, adobe_flash_uncompress_zlib_uninitialized in the flash renderer 2015-06-10 11:52:47 -05:00
wchen-r7 667db8bc30
Land #5517, adobe_flash_casi32_int_overflow (exec from the flash renderer) 2015-06-10 11:39:13 -05:00
William Vu b23647d5ae
Land #5521, @todb-r7's module cleanup 2015-06-10 11:29:41 -05:00
Tod Beardsley dc2fec76a9
Land #5509, remove msfencode and msfpayload
Fixes #4326

Thanks @wchen-r7!
2015-06-10 11:15:35 -05:00
Tod Beardsley 0d979f61ae
Minor fixups on newish modules 2015-06-10 11:09:42 -05:00
jvazquez-r7 fb531d0069
Update version coverage 2015-06-10 09:38:00 -05:00
jvazquez-r7 a6fe383852
Use AS Exploiter 2015-06-10 09:32:52 -05:00
root 7cb82f594b Add ftp port for service 2015-06-10 14:24:05 +05:00
root 3ffe006e09 Update titan_ftp_admin_pwd to use the new creds API 2015-06-10 13:36:26 +05:00
root 3fe6ddd10a Change credential status from untried to successful 2015-06-10 10:09:57 +05:00
root 78a6e1bc90 Change credential status from untried to successful 2015-06-10 10:07:33 +05:00
root 1b3f911f84 Change credential status from untried to successful 2015-06-10 09:54:10 +05:00
jvazquez-r7 e5d6c9a3cb Make last code cleanup 2015-06-09 16:01:57 -05:00
jvazquez-r7 cf8c6b510b
Debug version working 2015-06-09 15:46:21 -05:00
William Vu 9fa423464c
Fix #5224, comma fixes
My fault for missing these.
2015-06-09 14:28:01 -05:00
William Vu 8a69704d3e Fix up commas 2015-06-09 14:27:35 -05:00
William Vu d31a59cd22
Fix #5224, altered option description 2015-06-09 14:15:58 -05:00
William Vu cc8650f98a Fix TMPPATH description 2015-06-09 14:15:18 -05:00
William Vu 9c97da3b7c
Land #5224, ProFTPD mod_copy exploit 2015-06-09 14:11:27 -05:00
William Vu 5ab882a8d4 Clean up module 2015-06-09 14:10:46 -05:00
jvazquez-r7 b7f0fad72f
Modify CVE-2014-0569 to use the flash exploitation code 2015-06-09 11:31:39 -05:00
wchen-r7 6eb25743e3
Merge branch 'upstream-master' into bapv2 2015-06-09 10:10:00 -05:00
root 49e4820c57 Add depcrecated note to the existing modules 2015-06-09 10:42:53 +05:00
Josh Abraham 8381d4f994 update smb_enumusers_domain to store enumerated users in the DB 2015-06-08 19:42:03 -04:00
David Maloney bb56f6043e
explicitly use windows\temp
instead of using the user temp directory
trying to get around some intermittant permissions
issues

MSP-12358
2015-06-08 13:17:18 -05:00
David Maloney 2a474c8375
Merge branch 'master' into feature/MSP-12358/ntds-dump-module 2015-06-08 11:42:03 -05:00
wchen-r7 5a6a16c4ec Resolve #4326, remove msfpayload & msfencode. Use msfvenom instead!
msfpayload and msfencode are no longer in metasploit. Please use
msfvenom instead.

Resolves #4326
2015-06-08 11:30:04 -05:00
root 3279518bbd Move VMware modules to the VMware directory 2015-06-08 14:58:22 +05:00
root 245c76374d Update nessus_xmlrpc_logic to use the new creds API 2015-06-08 14:40:15 +05:00
jvazquez-r7 a39539f8ef
Land #5457, @wchen-r7 updates spark_im to use the new cred API 2015-06-07 20:45:42 -05:00
HD Moore 25aa96cfc1
Land #5456, removes obsolete comment 2015-06-07 14:25:23 -05:00
HD Moore 1f11cd5470
Lands #5446, support for 64-bit native powershell payloads 2015-06-07 14:16:19 -05:00
HD Moore c80017992a A dirty patch for a number of Net::DNS/dns_enum issues 2015-06-06 13:48:52 -05:00
jvazquez-r7 dca2607d54
Land #5452, @wchen-r7 Update tortoisesvn to use the new cred API 2015-06-06 01:35:40 -05:00
jvazquez-r7 bf35b9bdf4
Minor fix 2015-06-06 01:35:09 -05:00
HD Moore 135958a225 Cleanup the udp_(sweep|probe) SNMP generators 2015-06-06 00:54:08 -05:00
HD Moore 6b05302059 Fixes #5459, refactors LoginScanner::SNMP 2015-06-06 00:50:55 -05:00
wchen-r7 ea33d7060e Correct ranking 2015-06-05 21:07:27 -05:00
wchen-r7 ff39e32cc6 Single quote 2015-06-05 21:06:57 -05:00
jvazquez-r7 c3437dab2a
Land #5451, @wchen-r7 Update filezilla_client_cred to use the new cred API 2015-06-05 16:39:31 -05:00
jvazquez-r7 57b7d10ec5
Land #5449, @wchen-r7 updates total_commander to use the new cred API 2015-06-05 16:28:32 -05:00
wchen-r7 ee13a215e9
Merge branch 'upstream-master' into bapv2 2015-06-05 14:09:07 -05:00
jvazquez-r7 318f67fcda
update descriptions 2015-06-05 09:01:20 -05:00
root 3ec6d9b7aa Update owa_login to use new cred API 2015-06-05 15:41:07 +05:00
root b6936febbe Update pcanywhere_login to use the new cred API 2015-06-05 12:16:00 +05:00
wchen-r7 71a8487091 Correct Flash version in the module description
There is no 11.2.202.404, mang.
2015-06-04 23:46:41 -05:00
wchen-r7 5f4b2ed22a Newline 2015-06-04 23:36:36 -05:00
wchen-r7 69968fc9f1 Merge branch 'upstream-master' into bapv2 2015-06-04 23:36:24 -05:00
jvazquez-r7 02181addc5
Update CVE-2014-0556 2015-06-04 18:23:50 -05:00
wchen-r7 874e090aa1 Update wordpress_login_enum to use the new cred API 2015-06-04 18:16:14 -05:00
root d4f418fe3f Style corrections
See #5480
2015-06-04 15:52:07 -05:00
wchen-r7 23df66bf3a
Land #5481, no powershell. exec shellcode from the renderer process. 2015-06-04 15:45:09 -05:00
wchen-r7 487cc15b0b
Land #5476, multi-platform update for adobe_flash_net_connection_confusion 2015-06-04 12:32:42 -05:00
jvazquez-r7 ab68d8429b Add more targets 2015-06-04 12:11:53 -05:00
wchen-r7 be709ba370
Merge branch 'upstream-master' into bapv2 2015-06-04 10:33:07 -05:00
wchen-r7 744baf2d44 Update kloxo_sqli to use the new cred API 2015-06-03 23:28:35 -05:00
jvazquez-r7 80cb70cacf
Add support for Windows 8.1/Firefox 2015-06-03 22:46:04 -05:00
wchen-r7 78e4677bb1 Oops it blew up 2015-06-03 20:10:01 -05:00
wchen-r7 a0aa6135c5 Update ca_arcserve_rpc_authbypass to use the new cred API 2015-06-03 20:02:07 -05:00
John Sherwood d3c3741478 Use run_host so that we can use THREADS
- The refactor left the module using run_batch even though the
  features of the code that made this desirable were removed (i.e.,
  it was no longer doing one batch per community string).  By now
  switching back to run_host, we can again take advantage of the
  built-in metasploit multithreading capabilities.

- Also, added back in the display of the result.proof field.  This
  aids in identifying false positives (which have a blank response)
  and is functionality worth keeping.
2015-06-03 18:08:38 -04:00
jvazquez-r7 74117a7a52
Allow to execute payload from the flash renderer 2015-06-03 16:33:41 -05:00
wchen-r7 39d38f1641 Update pptpd_chap_secrets to use the new cred API 2015-06-03 16:33:10 -05:00
Pedro Ribeiro d5b33a0074 Update sysaid_rdslogs_fle_upload.rb 2015-06-03 22:01:13 +01:00
Pedro Ribeiro 37827be10f Update sysaid_auth_file_upload.rb 2015-06-03 22:00:44 +01:00
Pedro Ribeiro 7f35c3b4f5 Update sysaid_sql_creds.rb 2015-06-03 22:00:08 +01:00
Pedro Ribeiro 54bfe29527 Update and rename sysaid_file_ to sysaid_file_download.rb 2015-06-03 21:59:45 +01:00
Pedro Ribeiro 42e84cd7d5 Update sysaid_admin_acct.rb 2015-06-03 21:59:04 +01:00
Pedro Ribeiro 6683b86822 Create sysaid_sql_creds.rb 2015-06-03 21:46:48 +01:00
Pedro Ribeiro 72b7982e7a Create sysaid_file_ 2015-06-03 21:46:13 +01:00
Pedro Ribeiro 62993c35d3 Create sysaid_rdslogs_fle_upload.rb 2015-06-03 21:45:14 +01:00
Pedro Ribeiro 193b7bcd2e Create sysaid_auth_file_upload.rb 2015-06-03 21:44:02 +01:00
Pedro Ribeiro 765077d741 Create sysaid_admin_acct.rb 2015-06-03 21:38:43 +01:00
wchen-r7 656f64d9bd Update razorsql to use the new cred API 2015-06-03 13:49:06 -05:00
Roberto Soares b305fa62f4 Changed vprint_error when nothing was downloaded. 2015-06-03 14:46:59 -03:00
Roberto Soares 24ec3b2fb5 Changed vprint_error to fail_with method. 2015-06-03 13:46:59 -03:00
OJ a6467f49ec Update description 2015-06-03 22:17:25 +10:00
OJ 455a3b6b9d
Add butchered version of CVE-2015-1701 2015-06-03 21:48:23 +10:00
wchen-r7 b038760be7 Update razer_synapse to use the new cred API 2015-06-03 01:44:20 -05:00
wchen-r7 ef0d6490da Update smartermail to use the new cred API 2015-06-03 00:48:52 -05:00
wchen-r7 c64f025c4e Add module_fullname: fullname 2015-06-02 12:35:06 -05:00
wchen-r7 e43163135b Add module_fullname: fullname, 2015-06-02 12:33:34 -05:00
benpturner dddbf3886b Updated payload spec to be in the correct order and updated payload cached size 2015-06-02 18:33:06 +01:00
wchen-r7 63708f2bba Add module_fullname: fullname 2015-06-02 12:27:35 -05:00
wchen-r7 28556ea6e2 Update spark_im to use the new cred API 2015-06-02 12:16:07 -05:00
wchen-r7 aac2db826f Remove comment about report_auth_info
This module isn't using report_auth_info, so this comment is no
longer needed.
2015-06-02 10:24:55 -05:00
Tim ac2a52b522
fix android/java reverse_tcp 2015-06-02 10:54:49 +01:00
root 7485cf776e Remove unnecessary spaces 2015-06-02 14:18:36 +05:00
root b4cfe93977 Add creds API 2015-06-02 14:16:16 +05:00
wchen-r7 1ae9265fb9 Update tortoisesvn to use the new cred API 2015-06-02 00:52:43 -05:00
wchen-r7 b98cc89f0c Update filezilla_client_cred to use the new cred API 2015-06-02 00:22:17 -05:00
Tim c721cb6f4e
Land #5448, fix author name typo 2015-06-02 05:08:48 +01:00
wchen-r7 c3e15059a7 Update total_commander to use the new cred API 2015-06-01 21:17:58 -05:00
James Lee d03ee5667b
Remove assigned but unused local vars 2015-06-01 16:45:36 -05:00
James Lee 7133f0a68e
Fix typo in author's name 2015-06-01 16:45:09 -05:00
Brent Cook 449ce32f07 update for new UUID namespace 2015-06-01 15:16:04 -05:00
benpturner 9d1a7cead4 New modules to support 64bit process powershell. 2015-06-01 16:11:23 +01:00
Brent Cook 64e86165ef remove android meterpreter bins, update to payloads 1.0.2
This switches us to using the Android payload files from the
metasploit-payloads gem
2015-06-01 09:14:31 -05:00
Brent Cook 70ef1b83f9 Merge branch 'master' into land-5366-android 2015-06-01 09:07:55 -05:00
wchen-r7 e83677d29d rm deprecated mod 2015-05-29 17:43:26 -05:00
OJ 3dd3ef5edb
Merge branch 'upstrea/master' into winhttp-ie-proxy 2015-05-30 08:03:43 +10:00