e79c3ba7c0
Tiki Wiki unauth rce
2016-07-11 22:44:07 +03:00
108c3961e2
Make sure GATEWAY_PROBE_PORT is 0
...
This ensures that dst_port is set for UDPSocket#send.
2016-07-11 12:10:46 -05:00
963437d5e7
Land #7063 , Add module for WebNMS 5.2 Arbitrary File Download
2016-07-11 10:05:21 -07:00
c2a5da08af
Land #7064 , Add moule to steal creds from WebNMS 5.2
2016-07-11 06:38:50 -07:00
ffa340500f
Tweek migration - Check rights to process before migrate
2016-07-10 19:05:59 -05:00
52c6daa0f2
Land #7048 , Riverbed SteelCentral NetProfiler and NetExpress Remote
...
Command Injection
2016-07-10 18:54:12 -05:00
b75084249a
Removed duplicate 'Privileged' key
2016-07-10 01:37:03 -04:00
92a592d303
Land #7083 , Fix description for linux/misc/mongod_native_helper.rb
2016-07-09 14:25:47 -05:00
fdce5bc30c
add disclosure date
2016-07-09 09:30:00 -04:00
0a40e7d8f5
Merge pull request #28 from bwatters-r7/updates-7063
...
Added error checking and some suggested style changes
2016-07-09 12:49:56 +01:00
55f27fb6fe
Merge pull request #27 from bwatters-r7/changes-7064
...
Added version check and error handling, changed regex to ruby syntax.
2016-07-09 12:47:46 +01:00
25f49c0091
Fixed Description
...
Just cleaned up Description.
2016-07-08 16:17:39 -07:00
202969fae9
Land #7081 , Add module documentation for linux/x86/meterpreter/reverse_tcp
2016-07-08 15:51:27 -05:00
48410f3ab2
Bump version of framework to 4.12.13
2016-07-08 10:01:58 -07:00
bbe4162320
Added error checking and some suggested style changes
2016-07-08 08:27:56 -07:00
d0e1c67c18
Land #7026 , Add Action Pack render exploit CVE-2016-2098
2016-07-07 16:16:37 -05:00
201750a31b
Add documentation for rails_actionpack_inline_exec
2016-07-07 16:15:51 -05:00
2cc6565cc9
Update rails_actionpack_inline_exec
2016-07-07 15:56:50 -05:00
09dcd1dade
Added version check and error handling, changed regex to ruby syntax.
...
Also made a few syntax changes to placate rubocop.
2016-07-07 10:35:18 -07:00
deecb24967
Update doc
2016-07-07 11:43:03 -05:00
54fa43030d
Add module documentation for linux/x86/meterpreter/reverse_tcp
2016-07-07 11:39:28 -05:00
892f354ece
give me some credit
2016-07-06 21:39:45 -04:00
47cf6d5edf
better docs, extract more data
2016-07-06 21:28:57 -04:00
1c8556d8e0
add mettle payload tests
2016-07-06 15:53:20 -05:00
a362d8b9c8
update payload test generator to work with MetasploitModules
2016-07-06 15:53:06 -05:00
fee361dae0
Land #7075 , Add ms16-016 local privilege escalation
2016-07-06 12:01:01 -05:00
532ea5d4c4
Make sure there's a ref and checkcode
2016-07-06 12:00:20 -05:00
7a321c7350
Import, sign, and publish signed dev keys
...
This largely automates the process of importing developer keys,
much like `import-dev-keys.sh`, but also takes the additional, sadly
manual step of signing the key with your default key, and uploading
those keys to https://sks-keyservers.net .
In effect, you are stating that you trust keys published on keybase.io
and are listed as such on the official Metasploit-Framework development
wiki.
If your own default key either has no passphrase, or has a passphrase
cached in a keymanager, the process merely requires you hit `y` for
every key, and `y` again for keys with multiple IDs. Otherwise, you
will need to provide your passphrase for each signing. Temporarily
removing the passphrase alleviates this pain.
Of course, this assumes you actually trust the development wiki
and keybase to do the right thing. The tradition is to individually
verify each key through some personally invented means, such as in
person with a government ID check.
Note that `import-dev-keys.sh` currently lists a number of keys
not on Keybase, and that functionality has not been carried over
to this script.
2016-07-06 10:33:02 -05:00
c23be2bb79
Land #7077 , add module doc for py/met/rev_tcp
2016-07-06 11:22:43 -04:00
bd566da5ca
Minor grammar changes and versions note
2016-07-06 11:10:05 -04:00
45401bfe45
Land #7069 , modify check codes in multiple local exploits
2016-07-06 00:04:24 -05:00
4ec69236d2
Add module documentation for python/meterpreter/reverse_tcp
2016-07-05 23:56:11 -05:00
d923a5d42d
typos in mod docs
2016-07-05 22:52:35 -05:00
899ea558e3
added module doc for ms16_016_webdav
2016-07-05 22:12:35 -05:00
b4b3a84fa5
refactor ms16-016 code
2016-07-05 20:50:43 -05:00
82e092c2df
Bump version of framework to 4.12.12
2016-07-05 14:57:43 -07:00
a14f4992ab
Merge branch 'landing-7074' into upstream-master
2016-07-05 16:48:15 -05:00
1164c025a2
Revert "Land #7009 , egypt's rubyntlm cleanup"
...
This reverts commit d90f0779f8e3e360cc83
2016-07-05 15:22:44 -05:00
1e0dcb9268
Land #7071 , Fix off-by-one error in #6954
2016-07-05 10:07:09 -07:00
21bede1166
unify stager style
2016-07-05 11:24:54 -05:00
e404dfeaea
update to gem 0.0.5 (with libev/eio support)
2016-07-05 11:24:54 -05:00
049b322ae4
add x86 and x64 stagers for mettle
2016-07-05 11:24:54 -05:00
8490a3b775
Remove hard-float requirement for MIPS O32
2016-07-05 11:24:54 -05:00
0390ed4d6e
Add MIPS O32 Linux support (big and little endian)
2016-07-05 11:24:54 -05:00
8de508c4e0
Add mettle module for ARM
2016-07-05 11:24:54 -05:00
2f3f655352
Add gem for mettle
...
This adds the gem for the mettle binaries, which contains reflective
payloads for a variety of Linux architectures (and more OSs in the
future)
2016-07-05 11:24:54 -05:00
74b4087d5c
Land #7072 , update module class to MetasploitModule
2016-07-05 11:17:03 -05:00
6290cb681f
Change class name Metasploit4 to MetasploitModule
2016-07-05 11:12:49 -05:00
6e7f07f0f3
Fix off-by-one error in #6954
...
Props to @egypt for noticing. My bad. :-)
2016-07-05 11:12:12 -05:00
7f341336b2
Land #7067 , bcook's rex tools fix
...
this pr fixes rex requires in the various tools that were
disrupted by the new gemification of rex
2016-07-05 10:34:59 -05:00
Mehmet Ince
William Vu
Brendan
Josh Hale
William Webb
Francesco
h00die
Pedro Ribeiro
sho-luv
Metasploit
wchen-r7
Brent Cook
Tod Beardsley
Spencer McIntyre
Sonny Gonzalez
James Lee
Adam Cammack
David Maloney