jvazquez-r7
0eac17083a
Clean cfme_manageiq_evm_pass_reset
2013-12-18 16:16:32 -06:00
Mekanismen
7173e1e2f3
Merge pull request #2 from jvazquez-r7/review_2774
...
Clean zimbra_lfi
2013-12-18 13:57:22 -08:00
Tod Beardsley
718111429b
Convert gendocs.sh to use rake yard
2013-12-18 15:53:09 -06:00
SeawolfRN
60b5771476
Merge pull request #1 from wchen-r7/poison_ivy_ports_check
...
Add an input check for datastore option PORTS
2013-12-18 13:48:08 -08:00
jvazquez-r7
d4ec858051
Clean zimbra_lfi
2013-12-18 15:46:37 -06:00
sinn3r
8dfa2e6963
Land #2734 - OSX Gather Autologin Password as Root
2013-12-18 15:37:45 -06:00
sinn3r
5011c4d928
The "unless" Ruby nazi is in town
2013-12-18 15:28:31 -06:00
sinn3r
5ec3d5f3f6
Raise specific exceptions
2013-12-18 15:27:49 -06:00
sinn3r
4bddd077ec
Land #2762 - Use new ntdll railgun functions
2013-12-18 15:18:47 -06:00
sinn3r
ee87f357b0
Raise Msf::OptionValidateError when the PORTS option is invalid
...
Instead of print_error for invalid ports, modules should be raising
Msf::OptionValidateError to warn the user about the invalid input.
2013-12-18 15:04:53 -06:00
sinn3r
4028dcede7
Add an input check for datastore option PORTS
...
If Rex::Socket.portspec_crack returns an empty array, we assume
there are no valid ports to test, so we raise an OptionValidateError
to warn the user about it.
2013-12-18 14:55:51 -06:00
Joe Vennix
9ff82b5422
Move datastore options to mixin.
2013-12-18 14:52:41 -06:00
Joe Vennix
64273fe41d
Move addon datastore options into mixin.
2013-12-18 14:42:01 -06:00
Joe Vennix
ca2de73879
It helps to actually commit the exploit.
2013-12-18 14:31:42 -06:00
Joe Vennix
1235615f5f
Add firefox 15 chrome privilege exploit.
...
* Moves the logic for generating a firefox addon into its own mixin
* Updates the firefox_xpi_bootstrapped_addon module to use the mixin
* Module only works if you move your mouse 1px in any direction.
2013-12-18 14:30:35 -06:00
sinn3r
8af81c98c8
Land #2778 - Correct camelCase of YouTube
2013-12-18 14:24:39 -06:00
Ramon de C Valle
0f56579765
Add the Gemfile.lock file
2013-12-18 18:14:51 -02:00
Tod Beardsley
c4b8178663
Correct camelCase of YouTube
2013-12-18 14:06:45 -06:00
Mekanismen
0c0e8c3a49
various updates
2013-12-18 20:54:35 +01:00
Ramon de C Valle
166e2ec224
Fix bcrypt gem name
2013-12-18 16:51:57 -02:00
Ramon de C Valle
b9a9b90088
Update module to use added bcrypt gem
2013-12-18 16:15:35 -02:00
Ramon de C Valle
d4a86902a6
Add the bcrypt gem
...
The bcrypt gem is needed for some admin modules (i.e.,
cfme_manageiq_evm_pass_reset.rb). For more information, see
https://github.com/rapid7/metasploit-framework/pull/2744 .
2013-12-18 16:15:35 -02:00
Ramon de C Valle
e20569181b
Remove EzCrypto-related code as per review
2013-12-18 16:15:22 -02:00
jvazquez-r7
ab69454f89
Land #2745 , @rcvalle's exploit for CVE-2013-2068
2013-12-18 12:06:27 -06:00
Ramon de C Valle
6487d677f9
Merge pull request #2 from jvazquez-r7/review_2745
...
Fix cfme_manageiq_evm_upload_exec according to chat with @rcvalle
2013-12-18 09:58:31 -08:00
jvazquez-r7
ec64382efc
Fix cfme_manageiq_evm_upload_exec according to chat with @rcvalle
2013-12-18 11:53:30 -06:00
Ramon de C Valle
ef081cec49
Add missing disclosure date as per review
2013-12-18 15:47:23 -02:00
Ramon de C Valle
819236c6ec
Merge pull request #1 from jvazquez-r7/review_2745
...
Clean pull request
2013-12-18 09:38:56 -08:00
jvazquez-r7
a28ea18798
Clean pull request
2013-12-18 11:32:34 -06:00
OJ
a4811bd0c3
Land #2760
2013-12-18 17:17:10 +10:00
OJ
5e4c395f86
Fix small spacing issue
2013-12-18 17:14:47 +10:00
jvazquez-r7
c34638c5e7
Land #2777 , @wchen-r7's fix for safari_lastsession
2013-12-17 17:06:28 -06:00
sinn3r
10e16673a7
There must be read_file
2013-12-17 16:42:49 -06:00
sinn3r
21feae0bbc
Make sure the file path is readable when it's ~/
2013-12-17 16:38:58 -06:00
jvazquez-r7
345e1711b1
Land #2775 , @wchen-r7's post module to Safari get LastSession.plist
2013-12-17 15:57:50 -06:00
jvazquez-r7
7ec96876d9
Delete unnecessary includes
2013-12-17 15:57:09 -06:00
sinn3r
374ef71c12
Favor read_file instead
2013-12-17 15:34:52 -06:00
jvazquez-r7
80eea97ccd
ChrisJohnRiley fix for sap_service_discovery
2013-12-17 13:31:56 -06:00
sinn3r
ea6ba2b159
Add post module to get LastSession.plist
...
LastSession.plist sometimes contains sensitive information such as
usernames and passwords. It'd be nice to keep this in loot.
2013-12-17 13:07:30 -06:00
Mekanismen
2de15bdc8b
added module for Zimbra Collaboration Server CVE-2013-7091
2013-12-17 19:32:04 +01:00
William Vu
252909a609
Land #2448 , @OJ's ReverseListenerBindPort :)
2013-12-17 11:24:09 -06:00
bmerinofe
89ffafad0e
Changes to Service mixin
2013-12-17 13:10:27 +01:00
sinn3r
ad2ec497c2
Land #2773 - Fix ms_ndproxy to work under a sandboxed Reader
2013-12-16 20:32:27 -06:00
jvazquez-r7
52cb43e6a8
Fix typo
2013-12-16 20:28:49 -06:00
zeknox
2eee34babf
added timeout options and rescue timeout
2013-12-16 20:00:13 -06:00
zeknox
fe34d0e36e
fixed syntax
2013-12-16 19:26:40 -06:00
zeknox
7b8de95f6b
fixed database overwriting issues
2013-12-16 19:16:12 -06:00
zeknox
07f686bb1a
added ResolverArgumentError rescue statement
2013-12-16 18:46:14 -06:00
James Lee
c88f2622ff
Land #2769 , windows error constants
2013-12-16 18:25:42 -06:00
Meatballs
6ee1a9c6e1
Fix duplicate error
2013-12-17 00:11:37 +00:00