jvazquez-r7
cf239c2234
Add module for ZDI-13-238
2013-10-19 00:05:09 -05:00
William Vu
5a0b8095c0
Land #2382 , Lua bind and reverse shells
2013-10-18 17:11:37 -05:00
William Vu
b44f0f7e18
Land #2546 , minor OS X persistence fixes
2013-10-18 17:07:53 -05:00
jvazquez-r7
70fced1d74
Delete unnecessary requires and make msftidy compliant
2013-10-18 16:54:20 -05:00
jvazquez-r7
2339cdc713
Land #2513 , @joev-r7's osx persistence local exploit
2013-10-18 15:13:50 -05:00
joev
83f27296d3
Fix some bugs in osx persistence.
...
- the RUN_NOW datastore option did not work as expected
- Adds support for OSX < 10.4 KeepAlive option
- organizes private methods alphabetically.
2013-10-18 14:12:33 -05:00
Tod Beardsley
ffcb86eba2
Land #2541 , Outpost24 importer
...
Sample data is currently secret. If we get a hold of non-secret sample
data, it'll be tacked on to the Redmine bug referenced below.
[FixRM #8384 ]
2013-10-18 13:21:58 -05:00
Tod Beardsley
f6675f3120
Reordered case statements
2013-10-18 13:21:28 -05:00
William Vu
93ff9ec501
Create methods for start_element for readability
2013-10-18 12:20:43 -05:00
William Vu
ff69e9fd05
Move product info code to a better location
2013-10-18 12:07:34 -05:00
William Vu
e6cccedad0
Append vuln info to vuln description
2013-10-18 11:31:54 -05:00
joev
681db6cb41
Use fully qualified constant in include.
2013-10-18 11:31:02 -05:00
joev
05bea41458
mkdir -p the dirname, not the file.
2013-10-18 11:27:37 -05:00
Meatballs
9112157897
Land #2543 , Fixes Meterpreter Railgun Crashes
...
Sometimes FormatMessage would return null when trying to retrieve
the string for GetLastError(). This fixes the crash and attempts to
give some message feedback depending on the Error.
See:
https://github.com/rapid7/meterpreter/pull/35
https://github.com/rapid7/meterpreter/pull/33
[FixRM 8505][FixRM 8503]
2013-10-18 11:16:42 +01:00
OJ
827bf23979
Updated binaries with railgun crash fixes
2013-10-18 19:43:17 +10:00
joev
7a47059e1d
Fix a couple more shellescapes.
2013-10-18 00:47:22 -05:00
joev
a2e3c6244e
Remove unnecessary Exe::Custom logic.
...
- this is handled by the exe.rb mixin.
- adds support for a RUN_NOW datastore option.
- tested working on java meterpreter and x86 shell session.
2013-10-18 00:41:18 -05:00
William Vu
12151650e4
Add product info to hosts and services :)
2013-10-17 16:18:27 -05:00
William Vu
06c7943f54
Import hostnames without breaking everything
2013-10-17 15:31:48 -05:00
William Vu
920e406526
Import CVE refs and db.emit all the things
2013-10-17 14:29:54 -05:00
sinn3r
bcb584ea50
Land #2525 - Change module boilerplate
2013-10-17 14:15:15 -05:00
Tod Beardsley
22b4bf2e94
Resplat webtester_exec.rb
2013-10-17 13:30:54 -05:00
Tod Beardsley
07ab53ab39
Merge from master to clear conflict
...
Conflicts:
modules/exploits/windows/brightstor/tape_engine_8A.rb
modules/exploits/windows/fileformat/a-pdf_wav_to_mp3.rb
2013-10-17 13:29:24 -05:00
sinn3r
064ebb5945
Land #2537 - Add a default Samsung community string
2013-10-17 11:35:04 -05:00
Tod Beardsley
bd405277d9
Add a default Samsung community string
...
See http://www.kb.cert.org/vuls/id/281284
and
http://www.h-online.com/security/news/item/Samsung-network-printer-vulnerability-discovered-Update-2-1757967.html
2013-10-17 10:35:59 -05:00
jvazquez-r7
955fc4e29e
Land #2534 , @bcoles's exploit for webtester 5
2013-10-17 09:32:49 -05:00
jvazquez-r7
352eca1147
Fix check method and set a big space available for payload
2013-10-17 09:30:59 -05:00
bcoles
54cf7855a2
Add WebTester 5.x Command Execution exploit module
2013-10-17 16:57:57 +10:30
sinn3r
7a0671eba9
Land #2531 - rm deprecated mods
2013-10-16 20:02:58 -05:00
James Lee
a54b4c7370
Land #2482 , use runas when UAC is DoNotPrompt
2013-10-16 17:51:11 -05:00
Tod Beardsley
f1a67ecafe
Remove overdue deprecated modules
...
[See PT #56795804 ]
[See PT #56796034 ]
2013-10-16 17:02:28 -05:00
sinn3r
855d183926
Land #2530 - Add IE7 support for MS13-080
...
by egypt
2013-10-16 16:42:00 -05:00
sinn3r
0ce221274b
Change JS comments in Ruby.
2013-10-16 16:40:54 -05:00
Tod Beardsley
3e31235a14
Minor Ruby changes to resplat.rb
2013-10-16 16:37:15 -05:00
Tod Beardsley
f0aedd932d
More stragglers
2013-10-16 16:29:55 -05:00
Tod Beardsley
ba2c52c5de
Fixed up some more weird splat formatting.
2013-10-16 16:25:48 -05:00
James Lee
721ce8f6b7
Land #2526 , use Find.find in msftidy
...
[SeeRM #8497 ]
2013-10-16 16:17:33 -05:00
James Lee
ca2620f0f6
Land #2527 , addonsdetect
2013-10-16 16:15:31 -05:00
James Lee
4fa3b8f820
Add support for IE7 on XP
2013-10-16 15:56:34 -05:00
James Lee
d13fa7e9a5
Land #2528 , base64 for ms13-080
2013-10-16 15:54:56 -05:00
Tod Beardsley
2833d58387
Add OSVDB for vbulletin exploit
2013-10-16 15:01:28 -05:00
Tod Beardsley
3c2dddd7aa
Update reference with a non-plagarised source
2013-10-16 14:44:18 -05:00
Tod Beardsley
3fc1a75a6b
Simplify msftidy with Find.find and add fixed()
...
Also, enforce binary encoding like the other Metasploit tools.
This opens the door to fixing files that have things that could be fixed
programmatically.
[SeeRM #8497 ]
2013-10-16 10:40:42 -05:00
sinn3r
06a212207e
Put PrependMigrate on hold because of #1674
...
But I will probably still want this.
2013-10-16 09:24:46 -05:00
sinn3r
0081e186f7
Make sure i var is local
2013-10-15 23:59:23 -05:00
sinn3r
ac78f1cc5b
Use Base64 encoding for OS parameter
...
I didn't even realize we already added this in server.rb. So instead
of just escaping the OS parameter, we also encode the data in base64.
I also added prependmigrate to avoid unstable conditions for the payload.
2013-10-15 23:37:11 -05:00
William Vu
ad8af02021
Add my wonderfully simplistic Outpost24 parser
2013-10-15 16:34:46 -05:00
sinn3r
4c91f2e0f5
Add detection code MS Office
...
Add detection code for MS Office XP, 2003, 2007, 2010, and 2012.
[SeeRM #8413 ]
2013-10-15 16:27:23 -05:00
William Vu
38965f91ee
Add Outpost24 importer code to core/db.rb
2013-10-15 15:32:28 -05:00
sinn3r
41ab4739e3
Land #2520 - Add detection for FF 22 - 24
2013-10-15 15:17:43 -05:00