m-1-k-3
89ef2ef061
db checks and new nessus_vulns_cleaner
2012-03-13 08:33:22 +01:00
m-1-k-3
0da5f798e5
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
...
Conflicts:
scripts/resource/wmap_autotest.rc
2012-03-13 08:19:02 +01:00
James Lee
b815955e09
Allow file argument for the `ls` command
...
Previously only worked for directories.
[Fixes #3055 ]
2012-03-13 00:52:42 -06:00
HD Moore
1a364df37e
Pull payload/exploit options into nop modules as well
2012-03-12 23:28:47 -05:00
HD Moore
606ca82432
Share the datastore with encoders
2012-03-12 23:23:15 -05:00
HD Moore
be6a64b3f7
Force option validation in exploit_simple for e & p
2012-03-12 22:57:23 -05:00
Jonathan Cran
b5fea8cd35
Merge branch 'release/2012030701'
2012-03-12 17:25:46 -05:00
Jonathan Cran
1ff6f6756c
updated to master
2012-03-12 17:25:16 -05:00
Jonathan Cran
1cf25e58d5
merge description change
2012-03-12 17:22:01 -05:00
HD Moore
7b32bc689f
Swap URIPATH to TARGETURI for consistency
2012-03-12 13:58:33 -05:00
James Lee
5dc03c6ac0
Fix up Linux after changes for Windows
2012-03-11 22:08:44 -06:00
James Lee
602408743c
Grab IPv6 addresses on Windows when possible
...
Tries to GetProcAddress of GetAdaptersAddresses and falls back to the
old GetIpAddrTable() function when it isn't available. This should work
on XPSP1 and newer, albeit without netmasks on versions before Vista.
Still trying to figure that one out.
2012-03-11 21:56:11 -06:00
sinn3r
7d95132eab
Use a cleaner way to calculate JRE ROP's NEG value
2012-03-11 17:27:47 -05:00
sinn3r
6c19466de8
Change output style
2012-03-11 13:59:18 -05:00
sinn3r
25a1552fbd
Dynamic VirtualProtect dwSize. Change output style.
2012-03-11 13:49:46 -05:00
Tod Beardsley
de888e50f0
Adding a cleaner RuntimeError to target_uri
...
The purpose of re-raising an error from a library method like this is to
tell the user in no uncertain terms what all actually went wrong with the
module. This fix will cause a somewhat more pleasant error message than
the default message. Here's the raise from URI:
```
[-] Auxiliary failed: URI::InvalidURIError bad URI(is not URI?): what%ever
[-] Call stack:
[-] /home/todb/.rvm/rubies/ruby-1.9.1-p378/lib/ruby/1.9.1/uri/common.rb:156:in `split'
[-] /home/todb/.rvm/rubies/ruby-1.9.1-p378/lib/ruby/1.9.1/uri/common.rb:174:in `parse'
[-] /home/todb/.rvm/rubies/ruby-1.9.1-p378/lib/ruby/1.9.1/uri/common.rb:626:in `parse'
[-] /home/todb/.rvm/rubies/ruby-1.9.1-p378/lib/ruby/1.9.1/uri/common.rb:724:in `URI'
[-] /home/todb/git/rapid7/metasploit-framework/lib/msf/core/exploit/http/client.rb:535:in `target_uri'
[-] /home/todb/.msf4/modules/auxiliary/test_uri.rb:20:in `run'
[*] Auxiliary module execution completed
```
And here's the new, Metasploit-specific one:
```
[-] Invalid URI: "what%ever"
[-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: URIPATH.
[*] Auxiliary module execution completed
```
The user can now tell easily what's wrong with the module configuration,
and doesn't have to parse through a stack trace that leads down into
the Ruby stdlib.
2012-03-10 10:58:16 -06:00
sinn3r
b0e7c048c9
This module fits the GoodRanking description
2012-03-10 00:50:41 -06:00
sinn3r
710c66dbb0
Merge branch 'venom_opts' of https://github.com/kernelsmith/metasploit-framework into kernelsmith-venom_opts
2012-03-10 00:48:24 -06:00
sinn3r
1d5bad469c
Add Windows 7 SP1 target
2012-03-10 00:11:25 -06:00
Joshua Smith
645f9b4f53
added -o,--options to list the options for a payload
2012-03-09 20:39:14 -05:00
sinn3r
cc87ed8428
Remove weird error handling unless someone explains to me why I need to raise errors when it does already
2012-03-09 18:42:06 -06:00
sinn3r
0530eb4b09
Add target_uri
2012-03-09 14:44:32 -06:00
sinn3r
1ae779157d
Disable Nops so we don't get an ugly crash after getting a shell
2012-03-08 18:56:58 -06:00
Tod Beardsley
8ab783d3d9
Replicating master's fixes to flash.
...
The Max Power way.
2012-03-08 17:00:58 -06:00
Tod Beardsley
1e4d4a5ba0
Removing EncoderType from flash module
...
Also not very useful
2012-03-08 16:57:41 -06:00
Tod Beardsley
302a42a495
Fixing up print statements
...
Dropping the ROP prints since they're not all that useful.
2012-03-08 16:56:44 -06:00
Tod Beardsley
1396fc19bd
Fixup bad merge on flash mp4
2012-03-08 16:52:53 -06:00
Tod Beardsley
19aaed05c9
Title change on .mp4 to MP4
...
and that's all.
2012-03-08 16:51:43 -06:00
sinn3r
cb04e47304
Attempt #2 : there's no cli in get_payload
2012-03-08 16:47:49 -06:00
sinn3r
3563fe1b36
The encoder "issue" was just a misconfig on my side. Also there's no cli in get_payload.
2012-03-08 16:41:32 -06:00
sinn3r
fee2e1eff9
Minor spray size change
2012-03-08 16:19:51 -06:00
HD Moore
12395c719f
Remove debugging code
2012-03-08 16:16:42 -06:00
HD Moore
c8c73b076d
Permisssions (ignore)
2012-03-08 16:16:13 -06:00
HD Moore
87274987c1
Remove the now obsolete text about SWF_PLAYER
2012-03-08 16:16:13 -06:00
HD Moore
28a58a39c2
Propagate the job_id back to the caller (often console's active_module)
...
to restore job handling
2012-03-08 16:14:52 -06:00
sinn3r
181fdb7365
A small title change
2012-03-08 16:10:16 -06:00
HD Moore
6b00848688
Propagate the job_id back to the caller (often console's active_module)
...
to restore job handling
2012-03-08 16:01:32 -06:00
HD Moore
0c70586625
Merge branch 'mp4-player'
2012-03-08 15:47:25 -06:00
HD Moore
1271368b6f
Redirect to a trailing slash to make sure relative resources load
...
properly
2012-03-08 15:37:06 -06:00
HD Moore
3e6cbe9486
Add source code to the player
2012-03-08 15:23:10 -06:00
James Lee
090674386f
Tell the user when we have to switch from a deleted workspace
2012-03-08 14:08:38 -07:00
HD Moore
b0db18674c
Test out new player code
2012-03-08 15:05:12 -06:00
James Lee
b79e79022a
Add a rename option to workspace command
...
[Fixes #6498 ]
2012-03-08 13:44:31 -07:00
HD Moore
eb847a3dfb
Add a nicer prefix to the target selection message
2012-03-08 13:46:14 -06:00
David Maloney
795a40218e
Addresses a race condition with checking a scanner's status before it's run method has executed.
2012-03-08 13:18:02 -06:00
David Maloney
67c7971bdf
Addresses a race condition with checking a scanner's status before it's run method has executed.
2012-03-08 13:07:03 -06:00
Tod Beardsley
5b566b43b4
Catching an update from @hdmoore-r7
...
wrt the nuclear option.
2012-03-08 12:08:39 -06:00
sinn3r
edb3f19c12
A little more padding for Win Vista target
2012-03-08 12:04:04 -06:00
Tod Beardsley
97ba37f0c0
Adding compiled SWF as well.
...
Dammit
2012-03-08 12:03:51 -06:00
Tod Beardsley
18962e1180
Checking in the new Flash exploit to the release
...
Using the checkout master directly:
git checkout master external/source/exploits/CVE-2012-0754/Exploit.as
git checkout master
modules/exploits/windows/browser/adobe_flash_mp4_cprt.rb
2012-03-08 11:55:01 -06:00