joev
5f85ede389
Prevent xhr shim from leaking.
2013-11-02 16:47:50 -05:00
joev
90d8da6a21
Fix some bugs in my edits, add a spec.
2013-11-02 16:46:33 -05:00
joev
c7c1fcfa98
Pull shared XHR shim out, add option to static Js module method.
...
* Moves shim to data/js/network/xhr_shim.js
* Add some yardoc comments
2013-11-02 14:52:50 -05:00
sinn3r
094abdd093
rspec this
2013-11-01 14:59:21 -05:00
sinn3r
a806b1aa5e
Update test example
2013-11-01 12:11:49 -05:00
sinn3r
abc06aa8aa
Use mutex
2013-11-01 11:35:23 -05:00
sinn3r
5fb261a974
Change var name
2013-10-31 23:48:41 -05:00
sinn3r
d54c8a359b
Fix bug in proxy detection
2013-10-31 23:42:43 -05:00
sinn3r
7a33c48a0f
No double slash
2013-10-31 23:17:38 -05:00
sinn3r
5851d502b5
Rename some stuff
2013-10-31 23:12:20 -05:00
sinn3r
21891a8337
Make sure the browser can't retry by going to the first URL
2013-10-31 23:08:17 -05:00
sinn3r
94d62613ab
Pretty much done with these, remove these comments.
2013-10-31 19:04:11 -05:00
sinn3r
828ef9c64c
Adds target-specific payload generator
2013-10-31 18:54:01 -05:00
Brandon Turner
41d51053a0
Add support for offline updates via msfupdate
...
If using a binary installer, you may install an offline update with:
msfupdate offline-update.bin
2013-10-31 16:56:10 -05:00
sinn3r
391360d67f
Update xmlhttprequest
2013-10-31 16:09:05 -05:00
sinn3r
8a0ebcbac7
Adds method get_module_resource
2013-10-31 14:34:38 -05:00
sinn3r
10fd892827
Fix a "undefined method to_sym" bug
...
If something is undetectable, the value may be empty, which triggers
a undefined method error because the regex always assumes there is
something. So instead of +, we use *.
2013-10-31 14:06:05 -05:00
sinn3r
6e7e5a0ff9
Put postInfo() in the js directory
2013-10-31 13:55:22 -05:00
sinn3r
735b879e3c
Add an example/testcase for BrowserExploitServer
2013-10-31 13:18:45 -05:00
sinn3r
00efad5c5d
Initial commit for BrowserExploitServer mixin
2013-10-31 13:17:06 -05:00
jvazquez-r7
c5778f51d7
Land #2594 , @jvennix-r7's firefox 25 js detection
2013-10-31 09:22:37 -05:00
jvazquez-r7
58fa67faa3
Land #2597 , @wvu-r7's fix for files permissions
2013-10-31 08:18:42 -05:00
root
5c923757e8
Removed generic command execution capability
2013-10-30 21:35:24 -04:00
William Vu
f5d1d8eace
chmod -x .rb files without #! in modules and lib
...
It wasn't just cmdstager_printf.rb. :/
2013-10-30 19:51:25 -05:00
William Vu
3e1ae4c9b3
Land #2504 , @todb-r7's edit command for msfconsole
2013-10-30 15:38:07 -05:00
William Vu
b76c13b57d
Land #2596 , resplat new WMI module
2013-10-30 15:34:24 -05:00
Tod Beardsley
900ccc7ec9
VISUAL is okay. Also doesn't need to be a path.
...
I don't believe this opens an untoward attack vector -- if your attacker
can run Metasploit locally, you have much bigger problems.
2013-10-30 15:34:23 -05:00
Tod Beardsley
e488a54a06
Resplat new WMI module
2013-10-30 15:14:16 -05:00
William Vu
0735bee635
Land #2595 , CVE update for vtiger_php_exec
2013-10-30 14:03:06 -05:00
Tod Beardsley
98224ee89f
CVE update for vtiger issue
2013-10-30 13:48:35 -05:00
William Vu
b3c4dfcb04
Land #2593 , updated refs for @brandonprry's stuff
2013-10-30 12:29:47 -05:00
Tod Beardsley
344413b74d
Reorder refs for some reason.
2013-10-30 12:25:55 -05:00
Tod Beardsley
32794f9d37
Move OpenBravo to aux module land
2013-10-30 12:20:04 -05:00
joev
4425cf1dc1
Add support for firefox 25.
...
Also replaces a bunch of missing semicolons.
2013-10-30 12:19:22 -05:00
Tod Beardsley
17d796296c
Un-dupe References for ispconfig
2013-10-30 12:03:35 -05:00
Tod Beardsley
0d480f3a7d
Typo fix
2013-10-30 11:38:04 -05:00
Tod Beardsley
97a4ca0752
Update references for FOSS modules
2013-10-30 11:36:16 -05:00
Tod Beardsley
78381316a2
Add @brandonprry's seven new modules
...
Already reviewed privately, no associated PR.
2013-10-30 11:04:21 -05:00
Tod Beardsley
5b76947767
Add a few more modules.
2013-10-30 10:25:48 -05:00
OJ
2fbac9b129
Add `getproxy` command
...
This command pulls out system proxy details on windows machines.
2013-10-30 18:40:51 +10:00
jvazquez-r7
c8ceaa25c6
Land #2589 , @wvu-r7's exploit for OSVDB 98714
2013-10-29 14:56:30 -05:00
jvazquez-r7
9f81aeb4ad
Fix style
2013-10-29 14:55:16 -05:00
William Vu
5af42f2c28
Add short comment on why the padding is necessary
2013-10-29 11:46:10 -05:00
William Vu
e368cb0a5e
Add Win7 SP1 to WinXP SP3 target
2013-10-29 10:45:14 -05:00
jvazquez-r7
1b75aef614
Land #2591 , @bcoles's exploit for ProcessMaker
2013-10-29 09:54:23 -05:00
jvazquez-r7
c4c171d63f
Clean processmaker_exec
2013-10-29 09:53:39 -05:00
jvazquez-r7
26af6452da
Land #2588 , @wvu-r7's permissions change for cmdstager_printf.rb
2013-10-29 08:07:19 -05:00
bcoles
3eed800b85
Add ProcessMaker Open Source Authenticated PHP Code Execution
2013-10-29 23:27:29 +10:30
William Vu
665f6c3e35
Land #2590 , gsub nil fix for mimikatz
2013-10-29 00:58:16 -05:00
OJ
606411de81
Fix mimikatz error when password is nil
...
In some cases the password value that comes out of mimikatz results
is `nil`, instead of an empty string. This fixes this so that if
the string is `nil` is falls back to an empty string, resulting in
the call to `gsub` working instead of failing.
2013-10-29 15:13:32 +10:00