The previous version of the script had an off-by-one error that prevented
proper detection of the vulnerability. Changes made in this revision
include:
- Correction of the off-by-one error
- Use of match instead of == to check for valid RDP connection
- Change of the channel requests to use IDs actually provided by
the responses from the server
[#47720609]
Fix some docs and variable names to make it clearer when methods are
expecting module instance and module classes. Change some 'name'
variables to 'reference_name' since that's the proper terminology.
[#50179803]
[SeeRM #7967]
[SeeRM #7870]
Because metasploit-framework runs migrations with the same process and
with the same connection as it later accesses the database, the column
information can become cached prematurely and be incorrect by the end of
the migrations. Fix the bad cache by automatically resetting the column
information for all model classes after the migrations have run.
[#50179803]
Move Msf::DBManager#migrate and the migrated attribute to
Msf::DBManager::Migration module to lower complexity of db_manager.rb
and in preparation for more migration related code on this branch.
Allows console users to use the 'run' command for exploits as well as
auxiliary and post, in the same way that 'exploit' works for all three.
Saves some typing and makes it do the right thing so users don't have to
remember what kind of module they're using.
- Added sorting to cmd_notes
- Added make_sortable function so that sorts work happily even
when the disparate notes don't have content of the same types
in the fields the sort is requested over.
[#50099107]
If Msf::DBManager#initialize_metasploit_data_models is run multiple
times, such as during specs, ActiveRecord::Migrator.migrations_paths was
getting populated with multiple copies of the metasploit_data_models
db/migrate path, which would lead to 'DB.migrate threw an exception:
Multiple migrations have the version number 0' errors in framework.log.
[#49858419]
[SEERM #7958]
metasploit_data_models 0.14.3 relaxes the validation on
Mdm::Module::Detail#stance so it only needs to be in
Mdm::Module::Detail::STANCES if Mdm::Module::Detail#mtype is 'auxiliary'
or 'exploit' as framework only supplies a stance for those types when
using Mdm::Module::Detail.
Calls to `EXE.to_win32pe_old` would modify the payload in place,
potentially causing trouble if it is used after being turned into an
executable (which doesn't usually happen in exploits, which is probably
why no one noticed til now).
sinn3r
John Sherwood
Joe Vennix
ringt
dmaloney-r7
Luke Imhoff
jvazquez-r7
dcbz
James Lee
Brandon Turner
m-1-k-3
agix
Dejan Lukan
lsanchez-r7