3e2a368823
Merge branch 'rails_json_yaml_scanner' of https://github.com/jjarmoc/metasploit-framework into jjarmoc-rails_json_yaml_scanner
2013-02-13 00:07:11 +01:00
846052a34d
s/URIPATH/TARGETURI/g per @jvasquez-r7 comments on another pull.
2013-02-12 15:13:06 -06:00
1d5d33f306
use normalize_uri()
2013-02-12 14:58:07 -06:00
c6a7a4e68d
/URIPATH/TARGETURI/g
2013-02-12 14:50:10 -06:00
f2cf4304d2
Merge remote-tracking branch 'upstream/master' into feature/web_crawler_skip_paths
2013-02-12 22:10:40 +02:00
9efd3f6c5e
scanner/http/crawler: added ExcludePathPatterns opt
...
Option 'ExcludePathPatterns' allows users to specify which paths should
be excluded from the crawl (and which forms to ignore) by passing a
list of patterns (only allows '*' wildcards).
2013-02-12 21:47:12 +02:00
c7719bf4cb
Verify response is non-nil.
2013-02-12 13:41:21 -06:00
9e1f106a87
msftidy cleanup
2013-02-12 13:38:58 -06:00
f58cc6a2e0
more fix version info
2013-02-12 18:51:04 +01:00
96b1cb3cfb
fix version info
2013-02-12 18:50:36 +01:00
69267b82b0
Make stable #1318 foxit reader exploit
2013-02-12 18:44:19 +01:00
e298866fdd
Merge branch 'bug/unmerge-1444-and-1476' of https://github.com/todb-r7/metasploit-framework into todb-r7-bug/unmerge-1444-and-1476
2013-02-12 15:55:30 +01:00
3a6cd6f395
Added module for requesting RFC_SYSTEM_INFO via ICF web interface
2013-02-12 14:42:59 +01:00
44d984dc48
Merge pull request #1483 from todb-r7/update-gemfile-lock
...
Update Gemfile.lock
2013-02-11 20:07:56 -08:00
71abcdbd1a
Update Gemfile.lock
2013-02-11 21:56:56 -06:00
5a0744934e
Let's not intro functionality as testing
...
That's a bad habit to get into.
2013-02-11 21:06:52 -06:00
ba7f5a7245
Actually run this spec.
2013-02-11 21:04:57 -06:00
8ddc19e842
Unmerge #1476 and #1444
...
In that order. #1476 was an attempt to salvage the functionality, but
sinn3r found some more bugs. So, undoing that, and undoing #1444 as
well.
First, do no harm. It's obvious we cannot be making sweeping changes in
libraries like this without a minimum of testing available. #1478 starts
to address that, by the way.
FixRM #7752
2013-02-11 20:49:55 -06:00
596b62b831
Armitage 02.12.13 - Distributed Operations
...
This update adds the ability to manage multiple team server instances
through one Armitage client. This update also adds nickname completion
to the event log. Several bug fixes are included too.
2013-02-11 21:20:03 -05:00
9040fcd5ae
Merge branch 'darkoperator-post2localexploit' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-post2localexploit
2013-02-12 01:52:05 +01:00
091322fef6
Merge pull request #2 from jvazquez-r7/persistence_vbs
...
using Post::File methods plus little more cleanup
2013-02-11 16:39:40 -08:00
42a6d96ff4
using Post::File methods plus little more cleanup
2013-02-12 01:33:07 +01:00
7485e425ef
Merge pull request #1 from jvazquez-r7/persistence_vbs
...
using always a vbs file to drop exe
2013-02-11 16:09:59 -08:00
97edbb7868
using always a vbs file to drop exe
2013-02-12 00:58:26 +01:00
ddd7d307e6
Add a scanner aux module for Rails JSON/YAML vuln CVE-2013-0333
2013-02-11 16:48:44 -06:00
039fd2b885
Adds some light testing for Rex's HTTP client lib
...
In light ofi PR #1476 , it would be nice to have some basic, modern,
maintained testing on Rex's HTTP Client proto library.
My rspec fu is quite weak, of course, but this should cover the very
basic cases. There are lots of pending holes, but hey, it's a start.
2013-02-11 15:54:40 -06:00
766257d26a
pointed by @m-1-k-3 while working on #1472
2013-02-11 21:21:43 +01:00
e5ad74f99c
Merge branch 'dmaloney-r7-bug/basic_auth', see also #1477 and #1444 , #1477 , #1472
2013-02-11 21:17:31 +01:00
d4d41f36d4
Merge branch 'bug/basic_auth' of https://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-bug/basic_auth
2013-02-11 21:16:35 +01:00
5f0a3c6b9e
Removes pry, oops.
2013-02-11 14:02:46 -06:00
753fa2c853
Handles error when TARGETEMAIL is invalid.
2013-02-11 13:58:56 -06:00
f90fdcd5eb
Missed nil check
2013-02-11 13:14:05 -06:00
0ccf7dd58a
trust any manualy set basic auth header
...
for now we will assume the module author knows what they are doing.
2013-02-11 13:06:26 -06:00
a43b902b5c
Fix tomcat_mgr_login auth
2013-02-11 12:00:40 -06:00
6e9232bf72
Merge branch 'addr_hex_dump' of github.com:Meatballs1/metasploit-framework into Meatballs1-addr_hex_dump
2013-02-11 11:31:54 -06:00
61ffcedbfd
Address HD's other comments, fixes mismatched var name in last commit.
2013-02-11 11:17:26 -06:00
e72dc47448
Uses REXML for encoding of password.
2013-02-11 11:12:29 -06:00
9fe75315f7
Merge branch 'gemfile-add-msgpack' of github.com:jlee-r7/metasploit-framework into jlee-r7-gemfile-add-msgpack
2013-02-11 10:54:44 -06:00
f3a1339a4c
Merge branch 'jvazquez-r7-novell_groupwise_gwcls1_actvx'
2013-02-11 10:40:33 -06:00
84534caae1
Fix expliciti basic_auth for http
2013-02-11 10:32:44 -06:00
6c85e5242e
change wildcard message to print_warning
2013-02-11 12:04:30 -04:00
431641fec9
added check for retry options
2013-02-11 12:02:15 -04:00
5edb138a8f
fixed nil issue
2013-02-11 11:51:33 -04:00
fd6f00f641
added report note for wildcard
2013-02-11 11:37:20 -04:00
5f10704697
applied fixes
2013-02-11 11:31:13 -04:00
55efe01bf7
Applied fixes
2013-02-11 11:23:06 -04:00
24c3f1b99d
fix msftidy
2013-02-11 15:07:49 +01:00
991e65770c
minor cleanup for word_unc_injector
2013-02-11 15:06:19 +01:00
41564fd51d
Merge branch 'aux-word_unc_injector.rb' of https://github.com/SphaZ/metasploit-framework into SphaZ-aux-word_unc_injector.rb
2013-02-11 15:05:27 +01:00
43a1fbb6f2
Make msftiday happy.
2013-02-10 21:13:18 -06:00
jvazquez-r7
Jeff Jarmoc
Tasos Laskos
Chris John Riley
Brandon Turner
Tod Beardsley
Raphael Mudge
Carlos Perez
David Maloney
sinn3r