HD Moore
f8d738d062
Fix QWORD usage, merges #3498
2014-07-07 10:43:48 -05:00
OJ
bdf27b1834
Fix up the TLVs that are now QWORD values in MSF
...
Various values were adjusted to become QWORD values in MSF an windows
meterpreter, but the changes were not ported over to python, php and
java. This commit fixes this inconsistency.
2014-07-07 10:42:58 -05:00
HD Moore
8f39590f0f
Framework is currently pegged to 0.17.0. Closes #3495
2014-07-07 09:43:05 -05:00
OJ
ddfd912354
Fix up the TLVs that are now QWORD values in MSF
...
Various values were adjusted to become QWORD values in MSF an windows
meterpreter, but the changes were not ported over to python, php and
java. This commit fixes this inconsistency.
2014-07-07 19:46:54 +10:00
HD Moore
5961861c97
Merge #2809 into master
2014-07-06 23:46:10 -05:00
HD Moore
6f433db609
Minor typo fix
2014-07-06 23:44:17 -05:00
HD Moore
3ef35f19dc
Prefer strip over chomp
2014-07-06 23:17:09 -05:00
HD Moore
d76081bcef
Prefer strip over chomp
2014-07-06 23:16:56 -05:00
HD Moore
ab7848a895
Merge master for testing of #2809
2014-07-06 22:27:58 -05:00
jvazquez-r7
14b1ed5290
Add spec for comma separated cookies
2014-07-06 16:23:43 -05:00
Michael Messner
e7ade9f84d
migrate from wget to echo mechanism
2014-07-06 21:45:53 +02:00
jvazquez-r7
f51feb7f52
Modify get_cookies regular expression
2014-07-06 13:22:31 -05:00
jvazquez-r7
5e7f356f31
Land #3494 , @Firefart's update for Mailpoet's exploit
2014-07-06 11:27:18 -05:00
Christian Mehlmauer
d5843f8eaf
Updated Mailpoet exploit to work with another version
2014-07-06 10:53:40 +02:00
William Vu
cf5d29c53b
Add EOF newline to satisfy msftidy
2014-07-05 13:51:12 -05:00
William Vu
84a3b94679
Land #3493 , small fixes for WP MailPoet module
2014-07-05 13:50:09 -05:00
HD Moore
6d9bf83ded
Small fixes for the recent WP MailPoet module
...
Correct casing in the title
Anchor the use of ::File
Force body.to_s since it can be nil in corner cases
2014-07-05 13:17:23 -05:00
jvazquez-r7
98a82bd145
Land #3486 , @brandonprry's exploit for CVE-2014-4511 gitlist RCE
2014-07-04 16:41:04 -05:00
jvazquez-r7
59881323b9
Clean code
2014-07-04 16:40:16 -05:00
Brandon Perry
6c18ee884e
Create sqlmap.rb
2014-07-04 10:54:07 -05:00
Brandon Perry
68a0e7c16e
Create sqlmap_session.rb
2014-07-04 10:53:37 -05:00
Brandon Perry
88c44bf4f5
Create sqlmap_manager.rb
2014-07-04 10:53:14 -05:00
Tod Beardsley
a471f298a5
Merge #3476 into #3481 for meterpreter smilies
...
This incoporates @OJ's fixes as a result of gemification.
2014-07-03 22:54:56 -05:00
jvazquez-r7
aedd347191
Land all the commits on #3491 , @jlee-r7's patch for php meterpreter
2014-07-03 18:14:52 -05:00
jvazquez-r7
20cf25da7e
Land #3491 , @jlee-r7's fix for php meterpreter on php 5.5.0
2014-07-03 18:11:20 -05:00
Brandon Perry
a33a6dc79d
add bash to requiredcmd
2014-07-03 16:52:52 -05:00
James Lee
41cd5527c8
Close the server socket in php bind stager
...
This was previously left dangling, which leaves the port open, but
doesn't do anything with subsequent connections.
2014-07-03 16:52:09 -05:00
Brandon Perry
806f26424c
&& not and
2014-07-03 16:50:21 -05:00
Brandon Perry
6fb2fc85a0
address @jvasquez-r7 review points
2014-07-03 16:43:01 -05:00
James Lee
9246f7a0ce
Strip the NULL that PHP no longer strips
...
As of PHP 5.5.0, unpack("a", ...) no longer strips the NULL byte from
the end of the string. A new format specifier, Z, was introduced to
perform the old behavior, but we don't have a good way to test for its
existence. Instead, just remove it with str_replace
2014-07-03 15:58:05 -05:00
jvazquez-r7
2efa3d6bc0
Land #3487 , @FireFart's exploit for WordPress MailPoet file upload
2014-07-03 14:34:58 -05:00
sinn3r
f1b7a9f421
Land #3488 - loot storage into the enum_services post module
2014-07-03 14:18:16 -05:00
sinn3r
79c433e7ea
Land #3480 - Oracle Event Processing FileUploadServlet Arbitrary File Upload
2014-07-03 14:09:12 -05:00
sinn3r
c207d14d1f
Update description
2014-07-03 14:08:31 -05:00
jvazquez-r7
97a6b298a8
Use print_warning
2014-07-03 13:38:20 -05:00
Chris
bb54fecdd1
Merge pull request #1 from wchen-r7/pr3488_fix
...
More cosmetic fixes for enum_services
2014-07-03 19:31:38 +01:00
Christian Mehlmauer
dcba357ec3
implement feedback
2014-07-03 20:27:08 +02:00
sinn3r
2c999d3099
Better describe the problem
2014-07-03 13:06:19 -05:00
sinn3r
9aa3c75234
Do something for the shut-everything-up event handling practice
2014-07-03 13:04:56 -05:00
sinn3r
8a513058f6
Fix comments
2014-07-03 12:59:10 -05:00
sinn3r
ebeb9880a6
Favor "unless" over "if" for negative conditions
...
Please refer to https://github.com/bbatsov/ruby-style-guide
2014-07-03 12:55:13 -05:00
sinn3r
1d828a951f
string interpolation is preferred over concatenation
...
Please refer to https://github.com/bbatsov/ruby-style-guide
2014-07-03 12:46:56 -05:00
sinn3r
b781b87d74
Avoid unnecessary "if not"
2014-07-03 12:44:17 -05:00
Brandon Perry
86a31b1896
Update gitlist_exec.rb
2014-07-03 12:40:37 -05:00
Christian Mehlmauer
aeb4fff796
Added FileDropper
2014-07-03 19:25:31 +02:00
jvazquez-r7
51695c4932
Land #2484 , @zeroSteiner's refactoring for CmdStager
2014-07-03 11:33:46 -05:00
Spencer McIntyre
c041682c9b
Land additional cmdstager specs from @jvazquez-r7
2014-07-03 11:46:56 -04:00
jvazquez-r7
405de05e4b
Add specs for module_flavors
2014-07-03 10:31:39 -05:00
Jon Hart
bc3ac1ee36
Correct private message format, update tests
2014-07-03 08:27:27 -07:00
jvazquez-r7
17da89927e
Merge @zeroSteiner's updates
2014-07-03 10:18:15 -05:00