Commit Graph

21273 Commits (da9ea0b85cc9211688a70f69246dd74f47557327)

Author SHA1 Message Date
Adam Cammack c5641c9681
Factor out mettle configuration
Also cleans up some stuff: s/url/uri/ and base-64 encodes UUIDs
2016-12-06 18:28:48 -06:00
Brent Cook 7346223a65
update payloads 2016-12-06 07:16:44 -06:00
OJ ffee0ff1b6
Fix payload cache size issue, fix shell/bind payloads 2016-12-06 11:12:02 +10:00
Jin Qian 4a35f8449a Fixed issue #7650 by matching Server header using regex as Wei suggested
The suggestion by Wei is simpler than the one I checked in which checks for presence of Server header before calling include method.
2016-12-02 20:26:38 -06:00
Jin Qian 35fdf1473b Fixed issue #7650 where etherpad_duo_login module may crash
Add check for presence of Server header.
2016-12-02 18:07:18 -06:00
William Vu ff8141c1b5
Land #7644, cred fix for vbulletin_vote_sqli_exec 2016-12-01 15:47:31 -06:00
Jin Qian 11906eb540 Fix issue #7645 where dolibarr_login module crashed
Add "res" (http response) when trying to retrieve the cookie
2016-12-01 15:38:26 -06:00
wchen-r7 41355898fa Remove extra def report_cred in vbulletin_vote_sqli_exec 2016-12-01 15:31:24 -06:00
wchen-r7 9325ef8d8f
Land #7573, Add WP Symposium Plugin SQLI aux mod to steal credentials 2016-12-01 14:56:30 -06:00
wchen-r7 6b5dba72d4 Update description 2016-12-01 14:55:16 -06:00
wchen-r7 64bc029106 Fix Ruby style 2016-12-01 14:53:55 -06:00
wchen-r7 90ec367a99 Add method to save creds to database 2016-12-01 14:52:51 -06:00
wchen-r7 174cd74900
Land #7532, Add bypass UAC local exploit via Event Viewer module 2016-12-01 11:16:49 -06:00
wchen-r7 1e9d80c998 Fix another typo 2016-12-01 11:16:06 -06:00
wchen-r7 b8243b5d10 Fix a typo 2016-12-01 11:15:26 -06:00
William Vu 54684d31bd
Land #7641, check_conn? fix for cisco_ssl_vpn 2016-11-30 21:14:19 -06:00
William Vu 032312d40b Properly check res 2016-11-30 21:03:29 -06:00
OJ 72a20ce464
Merge timwr's changes that fix android/reverse_http 2016-12-01 09:59:41 +10:00
William Vu 1d6ee7192a
Land #7427, new options for nagios_xi_chained_rce 2016-11-30 17:11:02 -06:00
William Vu 3e8cdd1f36 Polish up USER_ID and API_TOKEN options 2016-11-30 17:10:52 -06:00
Jin Qian ec83a861c8 Fix issue #7640 where cisco SSL VPN not move despite server responded
Add the "return true" statement that was missing.
2016-11-30 16:25:13 -06:00
OJ ebf5121359
Merge branch 'upstream/master' into add-bypassuac-eventvwr 2016-12-01 07:58:16 +10:00
OJ 6890e56b30
Remove call to missing function 2016-12-01 07:57:54 +10:00
wchen-r7 56505d2cc1 Resolve merge conflict 2016-11-30 14:33:23 -06:00
wchen-r7 c70c3701c5 Fix #7628, concrete5_member_list HTML parser
Fix #7628
2016-11-30 14:20:36 -06:00
William Webb b6bb1995ad Merge branch 'master' of github.com:rapid7/metasploit-framework into upstream-master 2016-11-30 12:00:45 -06:00
William Webb c31758e0ea
Land #7627, Fix typo in payloads/linux/armle/mettle 2016-11-30 11:58:47 -06:00
wchen-r7 530e9a9bc6
Land #7633, fix dell_idrac to stop trying on a user after a valid login 2016-11-30 11:46:31 -06:00
David Maloney d1be2d735f
Land #7578, pdf-shaper exploit
Land lsato's work on the pdf-shaper buffer overflow
exploit
2016-11-30 11:13:12 -06:00
Tim 78480e31e7
remove AutoLoadAndroid 2016-11-30 21:23:14 +08:00
Tim 92751714c1
fix android/meterpreter/reverse_http 2016-11-30 20:12:00 +08:00
OJ bdc2e7c3cd
Fix missing stager_config functions, payload sizes 2016-11-30 16:11:51 +10:00
OJ 3fad75641d
Final touches to make MSF happy with all refactorings 2016-11-30 11:30:59 +10:00
Jin Qian afed1f465e Fix issue 7632 where MSF keeps trying after success.
Thanks to Wei who suggested adding "return :next_user" after success.
2016-11-29 14:57:15 -06:00
David Maloney 3c9ebb97be
Land #7624, Wvu's style fixes
land's wvu's style and text fixes for the
OS X archived messages module
2016-11-29 14:05:05 -06:00
Javier Godinez 497e02955b Fixed checking for access keys being retrieved 2016-11-29 11:08:55 -08:00
Jin Qian 1beeb99d44 Fix issue 7628, username extracted became garbled
Make the regular expression less aggressive.
2016-11-29 12:52:57 -06:00
Adam Cammack 878779e14c
Fix typo in payloads/linux/armle/mettle 2016-11-29 10:12:17 -06:00
OJ 834756c337
Rework android structure to function with the multi arch payload 2016-11-29 17:55:31 +10:00
OJ bdfaaf01b2
Make multi work with https 2016-11-29 15:51:38 +10:00
OJ bd8f8fd6cb
More rework of payload structure to handle multi arch handlers 2016-11-29 15:21:13 +10:00
OJ beca63645e
Revamp of java payload structure 2016-11-29 11:54:30 +10:00
Javier Godinez cb0313642b Fixed setting IAM_USERNAME 2016-11-29 00:54:49 +00:00
Javier Godinez 46ce1dfaab Now using random string as IAM_USERNAME unless specified 2016-11-28 16:32:53 -08:00
Javier Godinez f8789fef38 Moved METADATA_IP to advanced options 2016-11-28 16:32:26 -08:00
William Vu b6fe6c1d38 Fix #7597, minor changes to enum_messages 2016-11-28 17:37:32 -06:00
William Vu c39c53b102 Prefer DefaultOptions to reregistering SSL option 2016-11-28 14:29:02 -06:00
Pearce Barry 8c54b0e5f4
Land #7622, Fix check_conn? method in cisco_ironport_enum 2016-11-28 14:19:02 -06:00
William Vu 777d5c1820 Fix check_conn? method in cisco_ironport_enum 2016-11-28 14:02:39 -06:00
Cantoni Matteo f0b5b5a153 call store_loot once at the end 2016-11-28 20:28:36 +01:00
wchen-r7 a7fa2941a8
Land #7597, Added post module for accessing OSX messages database 2016-11-28 11:43:06 -06:00
wchen-r7 4eb109b22f
Land #7609, set SSL to true by default for cisco_nac_manager_traversal 2016-11-28 11:30:41 -06:00
OJ 5e8a47ac00
Merge upstream/master into universal handler work 2016-11-28 15:26:43 +10:00
Brent Cook 60210f57e9
Land #7505, fixed some targets for cisco_asa_extrabacon 2016-11-27 22:19:45 -06:00
OJ e8158bd200
Add multi platform type, wire into the multi stage 2016-11-28 09:34:09 +10:00
jjarmoc 8824cc990a Use Auxilliary Actions for different behaviors. 2016-11-26 13:04:04 -06:00
John Q. Public 0935d31de1 Changed print_status to print_good
Changed line 315 print type to good instead of the general status indication, so that the result output is easier to see.
2016-11-25 16:54:58 -06:00
John Q. Public c286c708d9 Print file contents
Added a print_good statement at line 63 in order to print to contents of the newly discovered robots.txt file.
2016-11-25 15:57:37 -06:00
h00die efa191dd10 fixed some spacing 2016-11-25 11:50:56 -05:00
Javier Godinez b4add59a3d Moved metadata_creds() so Client can be included in Aux/Post modules 2016-11-24 21:03:38 -08:00
OJ 5fdd5a7326
More progress on http universal staged handler 2016-11-25 13:00:35 +10:00
h00die 00d9e69a98 potential double fix for #7582 2016-11-24 12:14:09 -05:00
Pearce Barry ec020e3d07
Land #7611, cisco_ironport_enum falsely claimed connection failed
Fixes #7610
2016-11-24 09:54:09 -06:00
Cantoni Matteo fd11e7c4df modified it as recommended (@brandonprry) and added Module Documentation 2016-11-24 10:36:32 +01:00
root dc64f63517 Removed useless comments 2016-11-24 01:33:20 +00:00
root 5284e20a52 Optimised SQL vars, removed unneeded requires and changed the "exec" function name 2016-11-24 01:27:03 +00:00
Jin Qian 65b858ac06 Fix issue 7610, cisco_ironport_enum falsely claimed connection failed.
Make sure we return 1 in check_conn method.
2016-11-23 14:59:07 -06:00
Jin Qian b7ae7a47be Fix issue #7608 where the SSL option was not turned on by default
Set the SSL option to be on by default.
2016-11-23 14:45:42 -06:00
Javier Godinez c48587066d Added reference and minor fixes 2016-11-23 10:58:37 -08:00
Jin Qian 0df3e17e0c Fix the issue in MS2132 where OWA_LOGIN doesn't continue on connection error.
The possibility of temporary connnection disruption means this module should keep trying other user/pass pairs upon error.
2016-11-23 09:56:27 -06:00
Javier Godinez 43e1b5bdd1 Adds module to create an AWS IAM user from a pwned AWS host 2016-11-22 14:55:03 -08:00
OJ c606eabbb9
Merge 'upstream/master' into universal-handlers 2016-11-22 14:06:46 +10:00
root ce514ed3e5 Fixed broken fail_with function call and whitespace on line ending 2016-11-22 03:04:12 +00:00
root e0f8d622ec Added metasploit module for access OSX messages database 2016-11-22 02:53:38 +00:00
Brent Cook 59f3c9e769
Land #7579, rename netfilter_priv_esc to rename netfilter_priv_esc_ipv4 2016-11-21 17:59:29 -06:00
wchen-r7 83a3a4e348 Fix #7463, check nil return value when using redis_command
Fix #7463
2016-11-21 15:52:12 -06:00
William Vu 6f8660f345
Land #7586, NameError fix for brute_dirs 2016-11-21 14:46:19 -06:00
William Vu 7b5c819430
Land #7588, disclosure date fix for OpenNMS sploit 2016-11-21 14:01:18 -06:00
William Vu c8320d661f
Land #7590, mixin order fix for buffalo_login 2016-11-21 13:57:27 -06:00
Jin Qian 90d360a592 Fix the issue 7589, both RHOST and RHOSTS options are quired
Thanks to Will who found it's due to the order of mixin.
2016-11-21 11:06:32 -06:00
Prateep Bandharangshi 8869ebfe9b Fix incorrect disclosure date for OpenNMS exploit
Disclosure date was Nov 2015, not Nov 2014
2016-11-21 16:44:36 +00:00
Jin Qian 18b873be47 Fix the exception issue reported in issue #7585
Fix the exception by initialize a key variable that caused the exception.
2016-11-21 10:00:23 -06:00
William Webb 6c6221445c
Land #7543, Create exploit for CVE-2016-6563 / Dlink DIR HNAP Login 2016-11-21 09:59:50 -06:00
OJ 6ae8a2dd2e
Remove unused/empty function body 2016-11-21 17:59:49 +10:00
OJ 8c036885bc
Fix msftidy issues 2016-11-21 17:23:03 +10:00
OJ e226047457
Merge 'upstream/master' into the bypassuac via eventvwr mod 2016-11-21 17:18:40 +10:00
Brent Cook 0504cae21f
Land #7536, fix get_ipv4_addr(@interface) usage 2016-11-21 01:09:05 -06:00
Brent Cook 0a3acf57d1 update payload sizes 2016-11-20 19:47:17 -06:00
Brent Cook 005d34991b update architecture 2016-11-20 19:09:33 -06:00
Brent Cook f313389be4 Merge remote-tracking branch 'upstream/master' into land-7507-uuid-arch 2016-11-20 19:08:56 -06:00
David Maloney 6a35b366bc
Land #7577, URPORT fix 2016-11-18 14:41:10 -06:00
h00die cfd31e32c6 renaming per @bwatters-r7 comment in #7491 2016-11-18 13:52:09 -05:00
wchen-r7 00e4a8881f
Land #7574, Update open_proxy aux module 2016-11-18 11:41:43 -06:00
wchen-r7 d3adfff663 Change syntax 2016-11-18 11:41:04 -06:00
wchen-r7 f894b9a4c5 Fix typo 2016-11-18 11:39:26 -06:00
Louis Sato 920ecf6fc5
finishing metacoms work for pdf-shaper-bo 2016-11-18 11:36:02 -06:00
David Maloney 8d1c718873
Land #7572, wireshark dos typos
Lands mcantoni's pr for fixing typos in the
wireshark dos modules
2016-11-18 11:01:32 -06:00
wchen-r7 4596785217
Land #7450, PowerShellEmpire Arbitrary File Upload 2016-11-17 17:47:15 -06:00
wchen-r7 22d70ddd09 Fix #7455, handle the URIPORT option properly in is_uxss_injection
Fix #7455
2016-11-17 15:50:35 -06:00
Brian Patterson abddeb5cd2 Land 7473, add censys search module 2016-11-17 13:44:00 -06:00