c6e8ffb7e3
Fix some "mistakes" following the style guide
2015-04-15 00:35:14 -03:00
9250869ace
Fix typo
2015-04-14 20:19:38 -03:00
6aad8b3a70
Changed the conditions if/elsif to case statements
2015-04-14 20:05:52 -03:00
75b559eea3
Land #5081 , meterpreter certificate hash check controls
2015-04-14 10:46:13 -05:00
0e864e1631
update bins to 0.0.21
2015-04-14 10:45:49 -05:00
7f56c07b64
add missing sslhash attribute
2015-04-14 10:45:44 -05:00
97e715b1ce
Land #5139 , metasm/ruby signedness fix
2015-04-14 10:26:23 -05:00
f6285991b3
Land #5140 , extraneous space fix
2015-04-14 01:38:21 -05:00
61b709b8c5
Extra space in message "Local IP:"
2015-04-14 01:34:07 -05:00
e114c85044
Land #5127 , x64 OS X prepend stubs 'n' stuff
2015-04-14 01:25:39 -05:00
8d1126eaa5
Land #5129 , x64 BSD prepend stubs 'n' stuff
2015-04-14 01:24:50 -05:00
3860bbabbb
Avoid generating labels with '..' in them with metasm
...
So, metasm generates labels for the assembler using "%x" % string.object_id. If
the pointer for string.object_id begins with the most significant digit set, it
looks like a sign-extended 2's complement number (negative), and gets formatted
by ruby as '..f1412300' or similar. On 32-bit platforms, there is rather high
chance of randomly ending up with a label like 'goto_test_uuid..f1234560:',
which is a parse error.
This patch simply takes the absolute value of the object_id to avoid negative
interpretations. This fixes hiesenbugs using metasm's C compiler on 32-bit
platforms.
2015-04-13 22:43:18 -05:00
52fc60b294
Merge pull request #1 from wvu-r7/pr/5127
...
Add Privileged to info hash
2015-04-13 17:08:14 -05:00
e324819feb
Add Privileged to info hash
...
Also remove default payload. Was set for CMD.
2015-04-13 15:23:30 -05:00
c2a252face
Land #5133 , grammar/spelling fixes from @void-in
2015-04-13 12:47:32 -05:00
c4084659a9
Check @void-in's fixes out
2015-04-13 12:44:40 -05:00
1a81938c6e
Land #5132 , @todb-r7's release fixes
2015-04-13 11:07:56 -05:00
bd3b6514fa
Dubbed. Whump whump.
2015-04-13 10:52:32 -05:00
d87483b28d
Squashed commit of the following:
...
commit 49f480af8b9d27e676c02006ae8873a119e1aae6
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Mon Apr 13 10:42:13 2015 -0500
Fix funny punctuation on rootpipe exploit title
See #5119
commit 0b439671efd6dabcf1a69fd0b089c28badf5ccff
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Mon Apr 13 10:37:39 2015 -0500
Fix vendor caps
Trusting the github repo README at
https://github.com/embedthis/goahead
See #5101
2015-04-13 10:46:47 -05:00
51dd88114b
Fix grammer in comments
2015-04-13 13:21:41 +05:00
2d3614f647
Implement x64 BSD exec and exe template.
...
- Fixes bug in CachedSize due to all options being set
- Adds new payload to payload_spec.
2015-04-12 12:17:25 -05:00
92c12de6db
Fix invalid datastore options.
2015-04-12 00:54:10 -05:00
ceadd1e6ec
Update osx x86 payload cached sizes to be accurate.
...
- Right now there is a bug in the payload_spec, which causes the payload's
datastore during the spec run to have things like 'PrependSetuid' => 'false',
where 'false' is a string, which means 'if (datastore['PrependSetuid'])'
branch will be taken, resulting in incorrect behavior.
2015-04-12 00:21:18 -05:00
eaab665a6d
Remove #generate patch, specs will fail again.
2015-04-12 00:07:39 -05:00
60d98ba892
Implement the remaining syscalls.
2015-04-12 00:02:29 -05:00
3fe6fb44b9
Prevent this from changing cache size.
2015-04-11 23:44:56 -05:00
c132a3fb0a
Fix OSX prepends and implement x64 setreuid.
2015-04-11 20:04:21 -05:00
d5903ca5b2
Land #5126 , Meterpreter edit command fix
2015-04-10 17:19:33 -05:00
9625504f5b
Land #5121 , timestomp arg/opt order fix
2015-04-10 17:18:14 -05:00
8acc768da7
Copy documentation
2015-04-10 17:17:54 -05:00
3ae533f995
Merge pull request #5117 from shuckins-r7/chore/MSP-12540/set-postgres93-travis
...
Land #5117 - Set postgres version for Travis to 9.3
2015-04-10 15:36:46 -05:00
64c2bf3227
don't raise exception if file download fails
2015-04-10 16:23:33 -04:00
284ef5bbbb
Land #5112 , Nessus REST Login Module
2015-04-10 13:32:53 -05:00
3313dac30f
Land #5119 , @wvu's addition of the OSX rootpipe privesc exploit.
...
orts
borts
2015-04-10 12:38:25 -05:00
0adc558395
Merge branch 'wchen-r7-pr5112_update' into aux-scanner-nessus
2015-04-10 22:38:22 +05:00
19fe226b30
Correct a minor typo
2015-04-10 22:37:14 +05:00
4419c1c728
Land #5120 , Adobe Flash Player casi32 Integer Overflow
2015-04-10 12:18:11 -05:00
90d525088c
Green rspec
2015-04-10 11:36:23 -05:00
e8e7a2a67a
Land #5122 , undefined "upload_path" fix
2015-04-10 11:30:50 -05:00
fc814a17ae
Add admin check
...
Also break out version check.
2015-04-10 11:24:49 -05:00
41885133d8
Refactor and clean
...
Finally breaking free of some stubborn old habits. :)
2015-04-10 11:22:27 -05:00
a7601c1b9a
Use zsh to avoid dropping privs
...
Also add some configurable options.
2015-04-10 11:22:00 -05:00
4cc6ac6eaa
Clarify vulnerable versions
2015-04-10 11:22:00 -05:00
c4b7b32745
Add Rootpipe exploit
2015-04-10 11:22:00 -05:00
289e24e009
Land #5123 , ms14_068_kerberos_checksum typo fix
2015-04-10 10:04:24 -05:00
7e6461aea0
Travis error correction
2015-04-10 15:48:48 +05:00
8c0d5d66d0
Add spec file
2015-04-10 15:32:03 +05:00
b2b7da2dc5
Fix spelling of Microsoft in module name
2015-04-10 11:09:16 +01:00
c6f062d49e
Ensure that local variable `upload_path` is defined
...
Merge `upload_payload` and `parse_upload_response` so that the
`upload_path` variable is defined for use in error messages in the event
of failure.
2015-04-10 10:58:20 +01:00
7810f3d9a3
Add previous nessus_xmlrpc_login file
2015-04-10 12:32:42 +05:00
Roberto Soares
Brent Cook
Tod Beardsley
William Vu
sinn3r
Joe Vennix
root
joev
Sonny Gonzalez
rwhitcroft
root
Jon Cave