cecc8aba2c
Land #5052 , fix bug with session creation
...
Fix the bug that attempted to use a session before it was added to the
database.
MSP-12493 #land
2015-04-01 14:38:42 -05:00
db5293eeee
Lands #5054 , adds a module for the Ceragon mateidu SSH issue
2015-04-01 14:32:56 -05:00
b17727d244
Switching to privileged => false
2015-04-01 14:35:45 -05:00
a592f645f0
Land #5039 , Webdorado gallery wd 1.2.5 unauthenticated SQLi scanner
2015-04-01 14:34:58 -05:00
0825534d2c
Fix reference
2015-04-01 14:16:45 -05:00
8ec71e9daf
Add a module for R7-2015-05
2015-04-01 14:05:41 -05:00
8c1a597a25
Make a Session record before using it
...
How about that.
2015-04-01 13:12:28 -05:00
f4977bf606
Land #5006 @jlee-r7 adds meterpreter specs
2015-04-01 11:05:47 -05:00
46dca23ffe
Land #5047 : Metasploit is magic (Banner Adjustments)
2015-04-01 21:51:10 +10:00
293cbfc8f3
Slightly wanged one of the text bubbles
2015-04-01 06:46:50 -05:00
24171a1a08
Land #5045 : Convert stageless proxy to new format
2015-04-01 12:06:57 +10:00
be575bb108
Merge pull request #10 from OJ/hd-stageless-proxy
...
Fix up the proxy patching
2015-03-31 20:54:50 -05:00
1a313ad943
Fix up the proxy patching
...
Patching of the proxy details was failing, so this commit fixes that.
Also, added code that makes the proxy type check case-insensitive.
2015-04-01 11:48:22 +10:00
e5cd88a51e
Land #5044 , missing HKLM in regkey
2015-03-31 17:50:03 -05:00
d5030f7e53
Land 5036, vuln push to NX updates into master
2015-03-31 17:32:02 -05:00
835a66cc95
Land 5042, fix issues on reporting exploit success
2015-03-31 17:14:01 -05:00
2fc22132e0
Link the new constant as default in documentation
2015-03-31 16:48:02 -05:00
44dd45e48d
Use a const instead of hardcoding "tcp" everywhere
2015-03-31 16:15:04 -05:00
df15892958
Convert stageless proxy settings to the new format
2015-03-31 15:46:15 -05:00
76bfaa6ce9
Fix dumb inverted logic. Thanks, rspec!
2015-03-31 14:28:07 -05:00
63da27ece0
add missing HKLM root to regkey
...
the chevkm windows psot module had HKLM
missing from the front of one of it's reg key
paths. This was missed in Rails 3 due to the
error being swallowed unexpectedly. in rails 4
we actually see this cause a stack trace
MSP-12384
2015-03-31 14:17:18 -05:00
8b8ec5990a
Ask the database how long the column should be
...
Instead of hardcoding a number
2015-03-31 14:12:22 -05:00
34d637c7b8
Needs more ponies
2015-03-31 13:59:37 -05:00
c666d0494f
Land #5043 @todb-r7's release fixups
2015-03-31 13:41:24 -05:00
a8ef465b46
Use the variables we worked so hard to create
2015-03-31 13:34:27 -05:00
3695d4b0c7
Don't modify argument in place
2015-03-31 13:32:28 -05:00
adcf88761d
Save ref names for easier debugging
2015-03-31 13:07:09 -05:00
176cdcb836
Use sym-to-proc instead of reimplementing it
2015-03-31 11:21:53 -05:00
d1318d1b48
Fixups for release
2015-03-31 11:02:12 -05:00
a1a7faa77a
Don't modify argument in place
2015-03-31 10:41:24 -05:00
7e559f7b13
Don't modify argument in place
2015-03-31 10:16:14 -05:00
971120ce98
Use create! instead of new ... save!
2015-03-31 10:15:23 -05:00
86d8aab854
Land #5040 : Remove wininet hack for http/s meterp
2015-03-31 14:50:13 +10:00
d89cd118e0
remove wininet workaround in meterpreter http/s
...
We had a workaround to close connections on very old wininet implementations
that would not do it themselves. With the new WinHttp API-using meterpreters
and stagers, we no longer should use this workaround. It can actually be
actively bad and prematurely close the connection.
This needs testing around different payloads, and they should be on real
networks, ideally where TCP really has to work to get data transfered.
2015-03-30 23:38:32 -05:00
dfaf1b3a8f
Stub monitor_sock so we don't leak threads
2015-03-30 22:03:39 -05:00
47d85af811
Really truly update schema for reals
...
Srsly
2015-03-30 18:35:17 -05:00
e73286cfa5
update stale references
2015-03-30 17:17:48 -05:00
790a08a848
It's pronounced "exploit", not "assoc_exploit"
2015-03-30 16:21:17 -05:00
3f0f659eaf
Land #5019 , add rescues to some LoginScanners
2015-03-30 16:06:51 -05:00
bf2d37c511
Axe superfluous line in Gemfile
...
Covered by the gemspec
2015-03-30 14:57:12 -05:00
d3dd7ecfc5
Update to latest schema
2015-03-30 14:10:06 -05:00
2394d4bae8
Merge branch 'staging/single-vuln-push' into feature/MSP-11934/refactor-report-exploit-success
...
Conflicts:
Gemfile
Gemfile.lock
spec/support/shared/examples/msf/db_manager/exploit_attempt.rb
2015-03-30 14:08:54 -05:00
2ab4584079
Merge remote-tracking branch 'upstream/master' into staging/single-vuln-push
2015-03-30 13:50:52 -05:00
46d4d6b588
Update to latest Mdm
2015-03-30 13:48:21 -05:00
1b0e3f13c6
Remove unnecessary extra assignment
2015-03-30 13:14:36 -05:00
310779d7bf
Death to hashrockets
2015-03-30 13:13:58 -05:00
6386289d80
Remove bogus spec
...
No longer necessary to check that we're instantiating an Msf::Module
because we get the same information by reusing an existing
Mdm::Module::Detail
2015-03-30 13:10:36 -05:00
e65f4e92ea
Separate the two ways to make `Mdm::Session`s
...
Failing spec due to reuse of Mdm::Module::Detail instead of also
instantiating an Msf::Module
2015-03-30 13:05:20 -05:00
b770f8dca4
Land #5026 , #5027 , #5028 : Doc grammar
...
This merge covers three PRs. It /should/ autoresolve #5026 and #5028 , but
I will have to manually close #5027 with this comment.
2015-03-30 12:55:19 -05:00
18e3a78285
Using latest released MDM
2015-03-30 12:51:12 -05:00
Matt Buck
HD Moore
Tod Beardsley
sinn3r
James Lee
Brent Cook
OJ
Samuel Huckins
David Maloney
Brandon Perry