Commit Graph

33875 Commits (c8dddbff70260321a17ee80497307af10c028c11)

Author SHA1 Message Date
wchen-r7 d43706b65e It doesn't look like Vista shows the powershell prompt 2015-05-27 18:04:35 -05:00
wchen-r7 53774fed56 Be more strict with Win 7 for MS14-064
The Powershell prompt can cause BAP to hang so we need to be more
strict about that.
2015-05-27 18:01:40 -05:00
jvazquez-r7 e5d42850c1
Add support for Linux to CVE-2015-0336 2015-05-27 17:05:10 -05:00
jvazquez-r7 801deeaddf Fix CVE-2015-0336 2015-05-27 15:42:06 -05:00
wchen-r7 2ae9e39719
Land #5376, Report ipmi_dumphashes credentials with create_credential_login 2015-05-27 13:11:07 -05:00
Brent Cook f81c08e0d9
Land #5418, module wording fixes 2015-05-26 17:36:07 -05:00
jvazquez-r7 bd1bdf22b5
Fix CVE-2015-0359 2015-05-26 17:27:20 -05:00
jvazquez-r7 19c7445d9d
Fix CVE-2015-0336 2015-05-26 17:20:49 -05:00
Tod Beardsley 95b5ff6bea
Minor fixups on recent modules.
Edited modules/auxiliary/admin/http/netgear_soap_password_extractor.rb
first landed in #5301, @m-1-k-3's aux module to extract passwords from
Netgear soap interfaces

Edited modules/auxiliary/scanner/http/influxdb_enum.rb first landed in

Edited modules/auxiliary/scanner/http/title.rb first landed in #5333,
HTML Title Grabber

Edited modules/exploits/multi/browser/adobe_flash_uncompress_zlib_uaf.rb
first landed in #5401, multi-platform CVE-2015-0311 - Flash uncompress()
UAF

Edited modules/exploits/unix/webapp/wp_revslider_upload_execute.rb first
landed in #5290, Wordpress RevSlider Module
2015-05-26 17:00:10 -05:00
jvazquez-r7 23d244b1fa
Fix CVE-2015-0313 2015-05-26 16:11:44 -05:00
jvazquez-r7 5c8c5aef37
Fix CVE-2014-8440 2015-05-26 16:05:08 -05:00
wchen-r7 b7f9d28976
Land #5417, Improve reliability for CVE-2015-0311 on Ubuntu 2015-05-26 15:55:52 -05:00
jvazquez-r7 da362914e2
Fix indentation 2015-05-26 15:50:31 -05:00
jvazquez-r7 d78d04e070
Fix CVE-2014-0569 2015-05-26 15:49:22 -05:00
jvazquez-r7 e0a1fa4ef6
Fix indentation 2015-05-26 15:38:56 -05:00
jvazquez-r7 1742876757
Fix CVE-2014-0556 2015-05-26 15:30:39 -05:00
jvazquez-r7 a1538fc3ba
Update AS code 2015-05-26 15:18:01 -05:00
jvazquez-r7 3e122fe87c
Fix b64 decoding 2015-05-26 15:15:33 -05:00
jvazquez-r7 29ccc8367b
Add More messages 2015-05-26 14:47:47 -05:00
jvazquez-r7 1bf1c37cfa
Add exception handling 2015-05-26 14:31:07 -05:00
jvazquez-r7 fb8a927941
Hardcode params 2015-05-26 14:20:43 -05:00
jvazquez-r7 f119da94ca
Add one more message 2015-05-26 14:14:38 -05:00
jvazquez-r7 15533fabe6
Log messages 2015-05-26 14:08:24 -05:00
jvazquez-r7 91357ee45b
Improve reliability 2015-05-26 13:47:33 -05:00
HD Moore 2934dcbf35 Bump Gemfile.lock w/Recog/MDM 2015-05-26 10:40:27 -05:00
Brent Cook d76a9c6565
Land #5409, update cmd stager documentation.
Merge remote-tracking branch 'upstream/pr/5409' into upstream-master
2015-05-26 10:34:03 -05:00
Brent Cook 82d494ced3
Land #5414, update contact details for miniupnpd_soap_bof 2015-05-26 10:32:13 -05:00
benpturner abd4ab548d Edit spaces within the powershell session command 2015-05-25 20:10:29 +01:00
Michael Messner 43f505b462 fix contact details 2015-05-25 19:31:50 +02:00
OJ 7f59a7482e Update authors and stuff 2015-05-25 12:02:52 +10:00
OJ 43f7054a5c Refactor base64 stub into base module
As per @zeroSteiner's suggestion.
2015-05-25 11:51:01 +10:00
OJ e103b2365a Update payload sizes and add new payloads to spec 2015-05-25 11:31:15 +10:00
OJ 9e50114082
Merge branch 'upstream/master' into uuid-stagers 2015-05-25 11:22:35 +10:00
OJ 9042f141ff Implement the IPv6 UUID bind stagers 2015-05-25 11:21:28 +10:00
jvazquez-r7 f953dc08d9
Land #5280, @m-1-k-3's support for Airties devices to miniupnpd_soap_bof 2015-05-24 15:17:38 -05:00
Nicholas Starke a3ff9859c8 Adding Credentials Capabilities
This commit adds the ability for credentials
to be retrieved via the 'creds' command.  It
also contains a few miscellaneous stylistic
syntax changes.
2015-05-24 15:03:06 -05:00
Spencer McIntyre 6fb2da4f62 Fix #5391, cmd stager documentation fixes 2015-05-23 13:56:49 -04:00
Michael Messner 10baf1ebb6 echo stager 2015-05-23 15:50:35 +02:00
jvazquez-r7 d10b20b7a3
Land #5251, @hmoore-r7's second opportunity to Oracle connect
SYSTEM shouldn't have SYSDBA privileges by default anymore
2015-05-22 17:47:41 -05:00
jvazquez-r7 41a86b2e9b
add vprint_status 2015-05-22 17:46:56 -05:00
jvazquez-r7 5bceeb4f27
Land #5349, @h0ng10's module for CVE-2015-2219 Lenovo System Update Local Privilege Escalation 2015-05-22 17:14:20 -05:00
wchen-r7 eb5aadfb4e
Land #5401, multi-platform CVE-2015-0311 - Flash uncompress() UAF 2015-05-22 16:50:13 -05:00
jvazquez-r7 3aa1ffb4f5
Do minor code cleanup 2015-05-22 16:20:36 -05:00
jvazquez-r7 c201955fdf
Land #5387, @wchen-r7's user-configurable HTTP timeout
Fixes #5219, Add connection timeout and response timeout for HttpClient
2015-05-22 15:36:11 -05:00
jvazquez-r7 e0d9ee062f
Use HttpClientTimeout 2015-05-22 13:35:37 -05:00
jvazquez-r7 03b70e3714
Land #5388, @wchen-r7's fixes #5373 by add info to BrowserRequiements 2015-05-22 10:21:59 -05:00
Samuel Huckins 7a566ef347 Merge branch 'master' of git://github.com/rapid7/metasploit-framework 2015-05-22 08:00:17 -05:00
HD Moore 078438f66e Update UUIDOptions -> UUID::Options 2015-05-22 00:30:05 -05:00
HD Moore c17ee64d81 Merge branch 'master' into feature/uuid-registration 2015-05-22 00:29:16 -05:00
OJ c07ff70f19 Add check for UUID payloads
Thankfully those payloads already had a flag that could be reused.
2015-05-22 15:11:12 +10:00