jvazquez-r7
b02e21a1d3
Land #2779 , @wchen-r7's mod to raise Msf::OptionValidateError when PORTS is invalid
2013-12-26 09:27:27 -06:00
jvazquez-r7
c2783c2746
Land #2798 , @wchen-r7 update to safari post module
2013-12-25 10:24:39 -06:00
Timothy Swartz
a20e888551
Added YARD tags/comments to readable_text.rb
...
Also fixed a few other tags.
2013-12-25 02:24:26 -08:00
Timothy Swartz
6c871a7e43
Added YARD comments to persistent_storage.rb
...
Also, fixed logging.rb link to Msf::Session
Added --no-private to .yardopts. This will hide anything marked with
@private from the generated documentation.
Previous additions in the msf/base directory and not msf/core.
2013-12-24 19:45:11 -08:00
Timothy Swartz
b07dfc4f44
Added YARD tags to msf/core/logging.rb
2013-12-24 19:42:24 -08:00
Timothy Swartz
ff4e94cd91
Added YARD comments to msf/core/config.rb
2013-12-24 19:42:24 -08:00
sinn3r
78db7429d0
Turns out the latest Safari is still vulnerable.
...
The version check is currently disabled because turns out the latest
Safari (6.1.1) is still vulnerable - I can still loot it in plain
text.
2013-12-24 19:27:45 -06:00
sinn3r
a26e12b746
Updates descriiption and improves regex for safari_lastsession.rb
...
This updates two things for the safari_lastsession post module:
1. The description is updated: More information is added to describe
how Safari would end up storing the Gmail credential in the last
session state, and what it means to you as an attacker.
2. Regex update for the domain to search for: Before the module starts
extract the session data, it needs to know which domain to extract from.
Originally I only added mail.google.com, but turns out the sensitive info
can be found in accounts.google.com, so I added that one.
2013-12-24 14:00:55 -06:00
jvazquez-r7
95c4092f0f
Land #2797 , @rbsec's patch for lotus domino regex
2013-12-24 07:28:57 -06:00
jvazquez-r7
136d635300
Land #2796 , @Meatballs1's patch for [FixRM #8716 ]
2013-12-24 07:20:38 -06:00
rbsec
86a94022c0
Fix lotus_domino_hashes not working.
...
Some Lotus Domino servers prefix the "dspHTTPPassword" with a dollar
sign. Updated regex to take this into account.
2013-12-24 11:57:13 +00:00
sinn3r
90ce761681
Land #2790 - RealNetworks RealPlayer Version Attribute Buffer Overflow
2013-12-24 00:39:54 -06:00
sinn3r
367dce505b
Minor details
2013-12-24 00:39:15 -06:00
sgabe
f687a14539
Added support for opening via menu.
2013-12-24 03:12:49 +01:00
sinn3r
213556761a
Land #2765 - Added Poison Ivy Command and Control Scanner
2013-12-23 17:36:18 -06:00
sinn3r
0a07bbdf2e
Minor changes
2013-12-23 17:35:42 -06:00
Bruno Morisson
03d552c087
Merge pull request #3 from jvazquez-r7/review_2791
...
Switch RHOSTS to TARGETS and add validation
2013-12-23 15:24:02 -08:00
Meatballs
075f48a49f
Fix path
2013-12-23 22:44:56 +00:00
sinn3r
8a1f701081
Land #2795 - Increment MDM version to 0.16.9
2013-12-23 15:09:22 -06:00
Tod Beardsley
1599d9a134
Update Gemfile.lock
2013-12-23 14:47:32 -06:00
jvazquez-r7
2cc4fa35cf
Land #2785 , @todb-r7's support for post modules on msfcli
2013-12-23 12:05:40 -06:00
jvazquez-r7
88b3b2c78e
Switch RHOSTS to TARGETS and add validation
2013-12-23 11:58:26 -06:00
Tod Beardsley
c156d2a694
Increment MDM version to 0.16.9
...
[SeeRM #8725 ]
2013-12-23 10:29:36 -06:00
sinn3r
9c484dd0a3
Land #2786 - HP SiteScope issueSiebelCmd Remote Code Execution
2013-12-23 02:34:01 -06:00
sinn3r
5b647ba6f8
Change description
...
Pre-auth is implied.
2013-12-23 02:33:17 -06:00
Meatballs
dc87575b9d
Retab and whitespace
2013-12-22 21:04:44 +00:00
Meatballs
f112e78de9
Fixes .war file creation
2013-12-22 20:58:21 +00:00
sgabe
287271cf98
Fixed date format.
2013-12-22 01:32:16 +01:00
sgabe
0ac495fef8
Replaced hex with plain text.
2013-12-22 01:31:37 +01:00
Bruno Morisson
94da642f5c
fixed typo: innacurated -> inaccurate
2013-12-21 20:36:43 +00:00
Bruno Morisson
c387a850ca
Fixed default value for RESOLVE (local)
2013-12-21 19:21:57 +00:00
Timothy Swartz
fc792bdaae
Fix for Rspec failure in Msf::Util::EXE
...
[FixRM #8723 ]
2013-12-21 02:49:44 -07:00
Meatballs
bf8c0b10fa
Dont store n/a creds
2013-12-21 09:04:02 +00:00
Bruno Morisson
6ce0bab036
Cleanup, also split IP addresses separated by commas.
2013-12-21 00:15:00 +00:00
jvazquez-r7
f43bc02297
Land #2787 , @mwulftange's exploit for CVE-2013-6955
2013-12-20 17:03:10 -06:00
jvazquez-r7
163a54f8b1
Do send_request_cgi final clean up
2013-12-20 17:00:57 -06:00
sgabe
44ab583611
Added newline to end of file.
2013-12-20 22:40:45 +01:00
sgabe
62f71f6282
Added module for CVE-2013-6877
2013-12-20 22:37:09 +01:00
SeawolfRN
bf2dc97595
Merge branch 'poisonivyscanner' of github.com:SeawolfRN/metasploit-framework into poisonivyscanner
2013-12-20 18:46:35 +00:00
SeawolfRN
ae7a0159e7
Changed to Puts and get_once - also forgot the timeout...
2013-12-20 18:44:42 +00:00
Markus Wulftange
13a4c62b0d
Merge pull request #2 from jvazquez-r7/review_2787
...
Do final (minor) cleanup
2013-12-20 09:53:23 -08:00
jvazquez-r7
8be481f324
Land #2681 , @mcantoni and @todb-r7's support for chargen
2013-12-20 11:53:08 -06:00
sinn3r
7b80fadc5d
Land #2780 - Convert gendocs.sh to use rake yard
2013-12-20 11:48:03 -06:00
jvazquez-r7
12efa99ce5
Fix udp_sweep
2013-12-20 11:47:48 -06:00
jvazquez-r7
2dc7ef4398
Fix udp_probe
2013-12-20 11:45:27 -06:00
jvazquez-r7
af13334c84
Revert gsub!
2013-12-20 11:39:49 -06:00
sinn3r
ce8b8e8ef9
Land #2783 - OpenSIS 'modname' PHP Code Execution
2013-12-20 11:29:10 -06:00
sinn3r
d0ef860f75
Strip default username/password
...
There isn't one. So force the user to supply one.
2013-12-20 11:28:18 -06:00
sinn3r
52a4e55804
Land #2781 - Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
2013-12-20 11:25:50 -06:00
jvazquez-r7
1da961343a
Do final (minor) cleanup
2013-12-20 11:20:29 -06:00