a1cf9619d9
Be clear this is 64-bit only in the desc.
2013-10-11 16:52:50 -05:00
36af43a3cb
Added Changes and cleaned up code
2013-10-11 14:17:50 -07:00
181606e7cc
Single byte description update. Adds a period.
2013-10-11 15:04:25 -05:00
2c047cbf05
Fix an endianess issue in pymeterpreter registry_query_value.
2013-10-11 15:19:34 -04:00
dfe74ce36c
Factorize sock_sendpage
2013-10-11 13:40:01 -05:00
11b6512a98
Lnad #2502 , @bcoles's exploit for VMware Hyperic
2013-10-11 13:19:51 -05:00
0b93996b05
Clean and add Automatic target
2013-10-11 13:19:10 -05:00
66b82abb5d
Cleaned up running exe func to not run when false is selected
2013-10-11 08:05:18 -07:00
668d5cc3ae
Added the option to choose to run .exe
2013-10-11 07:57:15 -07:00
75c5e885f2
Land #2142 , @morisson's exploit for CVE-2013-3319
2013-10-11 09:17:58 -05:00
63349e4664
Add OSVDB and BID references
2013-10-11 09:14:59 -05:00
3c8318e001
Changed Nothing Really
2013-10-11 07:10:56 -07:00
b26085457f
Trying to prevent @jvazquez-r7 from crying when reading my code:
...
- Documented fields in the several tables;
- Fixed the "remote" field location on the fs_table (changed due to REXML parsing);
- Fixed Total Memory field on os_table (bug?);
2013-10-11 11:29:27 +01:00
d0a1b51d8d
Merge pull request #2 from jvazquez-r7/review-2142
...
merged @jvazquez-r7 Review 2142
2013-10-11 02:30:44 -07:00
49c629be5a
Land #2493 , vbulletin exploit
2013-10-10 22:11:32 -05:00
cad7329f2d
Minor updates to vbulletin admin exploit
2013-10-10 22:09:38 -05:00
171b70fa7c
Zabbix v2.0.8 SQLi and RCE Module
...
Conflicts:
modules/exploits/linux/http/zabbix_sqli.rb
Commit completed version of zabbix_sqli.rb
2013-10-10 22:50:02 -04:00
2ee1b1c1c2
VSS Persistence on Windows 7
2013-10-10 17:20:09 -07:00
b9b2c82023
Add some entropy
...
* Random filename
* Stop shipping debug strings to the exploit executable
Also makes the writable path configurable, so we don't always have to
use /tmp in case it is mounted noexec, etc.
2013-10-10 18:18:01 -05:00
b3e02d0fd8
Land #2477 , add specs for ROPDB
2013-10-10 15:05:52 -05:00
85112e8704
Land #2413 , axe callcc
...
This is the only time callcc is used in the entire codebase, too, so
this apparently removes a roadblack to non-MRI Rubies, so that's nice.
2013-10-10 14:55:55 -05:00
378f403fab
Land #2453 , Add stdapi_net_resolve_host(s) to Python Meterpreter.
...
Moves resolve_host post module to multi and depreciates Windows module.
Resolve will now return nil for failed lookups instead of an empty
string.
2013-10-10 20:13:06 +01:00
276ea22db3
Add VMware Hyperic HQ Groovy Script-Console Java Execution
2013-10-11 05:07:23 +10:30
09f0db7fdf
Switch to rexml parsing, add some comments and cleanup
2013-10-10 13:19:10 -05:00
de57cbc67d
Land #2497 , @todb-r7's author alphabetization
2013-10-10 13:00:50 -05:00
9b96351ba2
Land #2494 , OSVDB ref for flashchat_upload_exec
2013-10-10 12:58:55 -05:00
9516bc5cf7
Retab changes for PR #2142
2013-10-10 11:02:51 -05:00
cdc7b75a78
Merge for retab
2013-10-10 11:02:16 -05:00
f10078088c
Add module for ZDI-13-130
2013-10-10 10:06:17 -05:00
4870df14e6
Add another mailmap for joev.
2013-10-10 10:00:42 -05:00
c264480651
Code cleanup, tried to implement suggestions from @jvazquez-r7. Hopefully is much more readable.
2013-10-10 11:58:33 +01:00
3606aa90a6
Land Updated stdapi binaries with railgun fix
2013-10-10 01:20:57 -05:00
b477ae369b
Updated stdapi binaries with railgun fix
...
Changes are from https://github.com/rapid7/meterpreter/pull/28
2013-10-10 16:03:38 +10:00
adbcace9dd
Land #2458 , OJ's Meterpreter railgun multi call fix
...
also [FixRM #8269 ]
2013-10-10 00:38:44 -05:00
4f1e71e222
Also this isn't Lua. Deal with commas.
2013-10-09 17:30:57 -05:00
c8dc251042
Alphabetize authors
...
Because alphabetizing is cool and makes it easy for humans to find
things in long array lists quickly.
Also, I need to keep my lines changed count up.
2013-10-09 17:29:17 -05:00
947925e3a3
Use a proper main signature with arguments
...
Allows us to `unlink(argv[0])`
2013-10-09 17:22:01 -05:00
be139beb20
Remove windows from title of multi module.
2013-10-09 17:11:47 -04:00
c251596f0b
Fix some bugs in preparation for factorizing
...
* Stop removing \x0a characters with String#scan, which of course breaks
the shellcode
* Fork so the original session continues to work
2013-10-09 16:03:40 -05:00
6c382c8eb7
Return nil on error, and move the module to post/multi.
2013-10-09 16:52:53 -04:00
c91816c4b2
Land #2495 , fix module ref.
2013-10-09 15:05:59 -05:00
e3014a1e91
Fix ZDI Reference
2013-10-09 14:56:42 -05:00
4fd599b7e0
Land #2483 , @wchen-r7's patch for [SeeRM #8458 ]
2013-10-09 14:32:26 -05:00
52574b09cb
Add OSVDB reference
2013-10-09 14:13:45 -05:00
4f3bbaffd1
Clean module and add reporting
2013-10-09 13:54:28 -05:00
1e3b84d39b
Update ie_cgenericelement_uaf
2013-10-09 13:40:48 -05:00
5c36533742
Add module for the vbulletin exploit in the wild
2013-10-09 13:12:57 -05:00
9d34a8c894
Land #2465 , deal with missing cpuinfo bins
...
[FixRM #8456 ]
Thanks @ZeroChaos!
2013-10-09 13:03:48 -05:00
ce3584194f
Merge pull request #1 from todb-r7/land-2465
...
Fix up PR #2465
2013-10-09 10:23:08 -07:00
356263df56
Litter some more rescue nil's in there
...
I hate them but they were there when I got there.
A more sane way to deal with this should happen someday.
2013-10-09 12:17:13 -05:00
Tod Beardsley
MrXors
Spencer McIntyre
James Lee
jvazquez-r7
Bruno Morisson
pyoor
Meatballs
bcoles
William Vu
kernelsmith
OJ
sinn3r
ZeroChaos