Commit Graph

35942 Commits (d18b6ff9cdf4efada2cb0a98f5dc9cf0cb72efef)

Author SHA1 Message Date
Jon Hart d18b6ff9cd
More doc, error handling 2015-10-30 13:13:44 -07:00
Jon Hart ff1d0709e0
vprint if the thing isn't rsync 2015-10-30 12:39:06 -07:00
Jon Hart eb99aaa216
Print out modules before building/reporting table 2015-10-30 09:49:07 -07:00
Jon Hart 86b48490f0
Merge branch 'master' into poc/rsunk 2015-10-30 09:42:41 -07:00
Louis Sato 57304a30a8
Land #6139, remove bad ref links 2015-10-29 16:00:43 -05:00
wchen-r7 95920b7ff6 Bring back more working links 2015-10-29 15:57:16 -05:00
wchen-r7 da52c36687 Put back some links 2015-10-29 15:48:47 -05:00
Louis Sato da7c4ecac4
Land #6141, update description, authors, and references for zpanel_information_disclosure_rce 2015-10-29 13:50:27 -05:00
wchen-r7 93df45eff1
Land #6138, Land joomla plugin com_realestatemanager Error Based SQLi 2015-10-28 13:36:14 -05:00
wchen-r7 09b79414ee Report hash 2015-10-28 13:33:00 -05:00
Brent Cook 466536041f
Land #6143, treat powershell and shell the same for RPC read/write 2015-10-28 11:57:48 -05:00
Louis Sato 657a5481dc
fix rpc session conditional to allow powershell read/write 2015-10-28 11:49:32 -05:00
wchen-r7 e7d6493311 Replace links 2015-10-28 10:45:02 -05:00
Jon Hart b5d0804442 Detect if an rsync module requires authentication 2015-10-27 18:15:18 -07:00
Jon Hart 4a3848cc4f Handle rsync motd 2015-10-27 18:15:18 -07:00
Jon Hart 73a6b47606 Split out negotiation and listing 2015-10-27 18:15:18 -07:00
Jon Hart 6dd40ec063 Better reporting 2015-10-27 18:15:18 -07:00
Jon Hart caf848ddf4 Store table better 2015-10-27 18:15:18 -07:00
Jon Hart 3e7f7f2eec Remove unnecessary table options, as these are the default 2015-10-27 18:15:18 -07:00
Jon Hart 4f468dbcd7 Usability improvements for rsync modules_list 2015-10-27 18:15:18 -07:00
Jon Hart 6781dfa6ee Style cleanup for rsync modules_list 2015-10-27 18:15:18 -07:00
wchen-r7 5b86d2ef95 Fix #6133, update description, authors and references
Fix #6133

Thank you @japp-0xlabs
2015-10-27 14:38:18 -05:00
wchen-r7 154fb585f4 Remove bad references (dead links)
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
William Vu a65172bbcb
Land #6125, Joomla SQLi creds gather module 2015-10-27 11:21:30 -05:00
William Vu 9041f95511 Perform final cleanup 2015-10-27 11:21:17 -05:00
nixawk 132cbf0cd7 joomla plugin com_realestatemanager Error Based SQL Ijnection 2015-10-27 15:18:17 +00:00
William Vu 93a2507223
Land #6137, has_key -> has_key? 2015-10-27 09:39:13 -05:00
William Vu 74353686a3
Land #6136, rescue SMB error for psexec 2015-10-27 09:31:37 -05:00
wchen-r7 e0801b39ba Fix undef method has_key for module_references.rb tool
I made a typo. Should be has_key?, not has_key
2015-10-26 23:12:01 -05:00
Brandon Perry c7fe014854 remove global variables 2015-10-26 17:13:51 -05:00
jvazquez-r7 b2e3ce1f8a
Allow to finish when deletion fails 2015-10-26 16:40:36 -05:00
William Vu 5ad30d0070
Land #6067, @bigendiansmalls' MainframeShell class 2015-10-26 16:01:18 -05:00
wchen-r7 9adfd296a0
Land #6128, Th3 MMA mma.php Backdoor Arbitrary File Upload 2015-10-26 15:26:06 -05:00
wchen-r7 0d9ebe13a1 Modify check 2015-10-26 15:25:38 -05:00
bigendian smalls d70d30c003
Merged to most recent metasploit-framework/master 2015-10-26 15:09:32 -05:00
bigendian smalls 43dbdcea76
Removed process_autoruns from mainframe_shell
Removed process_autoruns until we can write a fully compatible one or
fully regression test the existing.  Likely the former because of
encoding issues
2015-10-26 14:55:40 -05:00
Bigendian Smalls 430a83b148 Merge pull request #1 from wvu-r7/pr/6067
Clean up Msf::Sessions::MainframeShell
2015-10-26 14:48:18 -05:00
William Vu bbc1e43149 Remove raise, since it broke things
Need to pass through silently.
2015-10-26 14:45:21 -05:00
William Vu 43eae0b97f Clean up Msf::Sessions::MainframeShell 2015-10-26 12:15:45 -05:00
wchen-r7 f4abc16c66
Land #6102, Add rsh/libmalloc privilege escalation exploit module 2015-10-26 10:54:05 -05:00
JT 4f244c54f8 Update mma_backdoor_upload.rb 2015-10-26 23:01:38 +08:00
bigendian smalls d53be873dc Updating master to metasploit/master 2015-10-26 09:24:24 -05:00
Sam H 5fcc70bea4 Fixed issue w/ msf payloads + added timeout rescue
Apparently when OS X payload shells get a sudo command, it requires a full path (even though it clearly has $PATH defined in its env...) to that file. The updates here take that into account. Also, the script more directly catches a timeout error when the maximum time for sudoers file to change has passed.
2015-10-25 23:38:48 -07:00
Brandon Perry 8b4f2290ed no more session ids in desc 2015-10-25 11:01:17 -05:00
Brandon Perry 4c40fbce27 Merge pull request #1 from open-security/joomla_contenthistory
rebuild joomla_contenthistory_sqli (cve-2015-7297)
2015-10-25 10:58:18 -05:00
nixawk f738dd2acb replace print_* with vprint_* / fix check method 2015-10-25 06:57:56 +00:00
nixawk a6628110f6 rebuild joomla_contenthistory_sqli (cve-2015-7297) 2015-10-25 03:56:36 +00:00
William Vu 69de8b92fd
Land #6134, PAYLOAD and LHOST for jobs (not -v) 2015-10-24 18:27:32 -05:00
Spencer McIntyre e0fef4890f
Land #6126, fix SSH_DEBUG from LoginScanner refactor 2015-10-24 17:51:35 -04:00
James Lee 71b8c97f0e
Always print PAYLOAD and LPORT in 'jobs' 2015-10-24 14:48:03 -05:00