MrXors
f345414832
Added correct spelling in info
2013-10-15 10:13:18 -07:00
jvazquez-r7
0b9cf24103
Convert vss_persistence to Local Exploit
2013-10-15 11:11:04 -05:00
jvazquez-r7
3b7be50d50
Fix typos
2013-10-15 10:03:00 -05:00
jvazquez-r7
18b4f80ca9
Add minor cleanup for vss_persistence
2013-10-15 09:56:18 -05:00
MrXors
6a1b1f35a8
Msftidy done.
2013-10-14 19:41:10 -07:00
MrXors
d444ed054f
Fixed RUNKEY, Fixed SCHTASKS, merged code
2013-10-14 19:36:44 -07:00
Meatballs
63e850505e
Land #2523 , WDS use read_response
...
This is more robust at correctly receiving the entire DCERPC response.
[Closes #2511 ]
2013-10-14 23:54:56 +01:00
Tod Beardsley
d0b1479d5b
Use the real timeout option for DCERPC
2013-10-14 17:41:51 -05:00
Tod Beardsley
e8d0292118
Use read_response class method
...
Looks like this was never implemented in other modules, but it collects
data from the socket in the usual get_once sort of way.
2013-10-14 17:24:22 -05:00
Tod Beardsley
14be85ea5d
Land #2511 , fix up NoMethodError and hanging connx
2013-10-14 16:30:19 -05:00
Meatballs
a3af5d681b
Ensure TCP connection is closed
2013-10-14 21:53:22 +01:00
William Vu
31dc7c0c08
Land #2522 , @todb-r7's pre-release module fixes
2013-10-14 15:37:23 -05:00
Tod Beardsley
63e40f9fba
Release time fixes to modules
...
* Period at the end of a description.
* Methods shouldn't be meth_name! unless the method is destructive.
* "Setup" is a noun, "set up" is a verb.
* Use the clunky post module naming convention.
2013-10-14 15:17:39 -05:00
James Lee
29ae6be403
Land #2521 , nil fix for ms13_069
2013-10-14 15:15:47 -05:00
kaospunk
4b4804538f
Fixes issues based on feedback
...
This commit addresses comments made by @jvazquez-r7.
2013-10-14 16:02:29 -04:00
joev
711fac08b7
Don't throw exception if createElement is missing.
2013-10-14 14:15:13 -05:00
sinn3r
15e8c3bcd6
[FixRM #8470 ] - can't convert nil into String
...
Target selection bug in ms13_069_caret.rb. Happens when the target
is Win 7 + IE8, which actually isn't a suitable target.
[FixRM #8470 ]
2013-10-14 14:10:08 -05:00
jvazquez-r7
75aaded842
Land #2471 , @pyoor's exploit for CVE-2013-5743
2013-10-14 14:03:28 -05:00
jvazquez-r7
a6f17c3ba0
Clean zabbix_sqli
2013-10-14 14:01:58 -05:00
William Vu
07772cebb0
Land #2519 , undefined method fix for msfcli
2013-10-14 13:56:07 -05:00
joev
183940308b
Add another nil check, just to be safe.
2013-10-14 13:55:54 -05:00
joev
20a145f1e7
Check for prop in prototype, not constructor.
2013-10-14 13:51:45 -05:00
joev
488ed5bd4a
Add new feature detection logic for FF 23 and 24.
2013-10-14 13:41:26 -05:00
William Vu
35dd94f0ac
Land #2518 , uninitialized JavascriptOSDetect fix
2013-10-14 13:32:04 -05:00
sinn3r
5514736deb
[FixRM 8489] undefined method `empty?' for nil:NilClass in msfcli
...
This fixes a undefined method `empty?' for nil:NilClass (NoMethodError)
in msfcli. [SeeRM 8489]
2013-10-14 13:13:56 -05:00
sinn3r
e10dbf8a5d
Land #2508 - Add nodejs payloads
2013-10-14 12:23:31 -05:00
sinn3r
da3081e1c8
[FixRM 8482] Fix uninit constant Rex::Exploitation::JavascriptOSDetect
...
This fixes an uninit constant Rex::Exploitation::JavascriptOSDetect
while using a module with js_os_detect. It was originally reported
by Metasploit user @viniciuskmax
[FixRM 8482]
2013-10-14 11:40:46 -05:00
MrXors
fc62b4c4ed
removed global var from file_on_target and useless code
2013-10-14 09:16:54 -07:00
William Vu
eab90e1a2e
Land #2491 , missing platform info update
2013-10-14 10:38:25 -05:00
MrXors
17e5c63f7f
removed debugging prompts
2013-10-14 00:29:24 -07:00
MrXors
b505234bf6
cleand up code and add run function
2013-10-14 00:12:37 -07:00
root
de156dc8da
new exploit module for CVE-2008-2286, Altiris DS
2013-10-13 22:39:49 -04:00
sinn3r
698ce6ec34
Land #2516 - DLink xmlset_roodkcableoj28840ybtide user-agent backdoor module
2013-10-13 19:30:41 -05:00
sinn3r
2a1ade2541
Add disclosure date and some explanation about it
2013-10-13 19:29:51 -05:00
jvazquez-r7
e2c5e6c19f
Fix email format
2013-10-13 18:28:35 -05:00
jvazquez-r7
008f787627
Add module for the dlink user-agent backdoor
2013-10-13 14:42:45 -05:00
sinn3r
74f37c58b2
Land #2514 - Update CVE reference for Joomla
2013-10-13 12:58:23 -05:00
joev
e2a9339592
Add CVE to joomla media upload module.
2013-10-12 21:20:11 -05:00
joev
ea9235c506
Better whitespace.
2013-10-12 20:53:16 -05:00
joev
78b29b5f20
Bring osx persistence module to the finish line.
2013-10-12 20:50:53 -05:00
jvazquez-r7
3dbdc9f848
Land #2510 , @wchen-r7's exploit for cve-2013-3897
2013-10-12 20:06:41 -05:00
sinn3r
9725918be8
Remove junk variables/params
2013-10-12 18:51:57 -05:00
Meatballs
fb858ae72c
Land #2506 , Python Meterpreter - Fixes Registry Endianess
2013-10-12 23:41:26 +01:00
Spencer McIntyre
6f23e95c14
Fix an endianess issue in pymeterpreter registry_query_value.
2013-10-12 23:39:22 +01:00
sinn3r
2153dd26eb
Land #2501 - HP Data Protector Cell Request Service Buffer Overflow
2013-10-12 16:55:48 -05:00
joev
5a1b099570
Make osx persistence a local exploit.
2013-10-12 16:47:35 -05:00
sinn3r
bc317760dc
Make the GET params a little bit harder to read.
2013-10-12 16:37:49 -05:00
jvazquez-r7
172c6b9b8f
Escape dots on regexs
2013-10-12 16:15:10 -05:00
joev
4fe407d7ee
Move osx persistence to a local exploit.
2013-10-12 16:08:22 -05:00
Icewall
f94b73a580
Adding persistence module for OSX
2013-10-12 16:06:19 -05:00