James Lee
db12413b09
Convert vcms_upload to use PhpEXE
...
Incidentally adds a Linux x86 target
2012-10-12 04:29:57 -05:00
James Lee
13a5892e95
Add a mixin for uploading/executing bins with PHP
...
And use it in three modules that had copy-paste versions of the same
idea.
2012-10-12 02:57:41 -05:00
James Lee
0adabb1e06
Merge branch 'wchen-r7-projectpier' into rapid7
...
[Closes #889 ]
2012-10-11 18:32:04 -05:00
sinn3r
55c0cda86c
Merge branch 'fix_vprint_reduceright' of git://github.com/kernelsmith/metasploit-framework into kernelsmith-fix_vprint_reduceright
2012-10-11 16:55:52 -05:00
kernelsmith
c911eeece2
change vprint_error to print_error
...
exploits/windows/browser/mozilla_reduceright does not tell you when an
incompatible browser connects like most other browser exploits do
(unless verbose is true). This change just changes the vprint to print
to be more consistent w/other browser exploits
2012-10-11 16:51:17 -05:00
sinn3r
9ea208d129
Oops, overwrote egypt's changes by accident
2012-10-11 16:40:52 -05:00
sinn3r
82eaa322fe
Make cleanup work better
2012-10-11 16:39:54 -05:00
James Lee
3a66a07844
Proposed re-wording of description
...
[See #889 ]
2012-10-11 15:48:04 -05:00
sinn3r
24980e735b
I found an OSVDB ID
2012-10-11 15:28:07 -05:00
sinn3r
55128f5bb3
Make sure res has value before passing it on to exec_php
2012-10-11 14:43:38 -05:00
sinn3r
033a11eff5
Add Project Pier File Upload Vulnerability
2012-10-11 13:47:40 -05:00
Tod Beardsley
7d848c7147
Merge remote branch 'origin/bug/fastlib-nested-pathnames'
2012-10-10 17:31:36 -05:00
sinn3r
b8e880bf82
Merge branch 'post-module-sdel' of https://github.com/bmerinofe/metasploit-framework into bmerinofe-post-module-sdel
2012-10-10 13:42:20 -05:00
sinn3r
32ad20d0e0
Merge branch 'jlee-r7-bug/activerecord-dep'
2012-10-10 13:41:51 -05:00
sinn3r
1ea73b7bd2
Small description change and favor the use of print_error
2012-10-10 13:37:23 -05:00
jvazquez-r7
f32ce87071
delete comment added by error
2012-10-10 19:32:25 +02:00
jvazquez-r7
13e914d65e
added on_new_session handler to warn users about cleanup
2012-10-10 19:31:38 +02:00
jvazquez-r7
b4485fdb2b
added chm templates
2012-10-10 19:21:47 +02:00
jvazquez-r7
37dc19951b
Added module for ZDI-12-169
2012-10-10 19:14:54 +02:00
HD Moore
98c387cc81
Merge pull request #886 from todb-r7/fix-msfupdate
...
Fix msfupdate for #7297
2012-10-10 09:23:28 -07:00
Tod Beardsley
09f34268d2
Deal with blank or missing config-dir better
...
Just deleting at an index will be surprising when you've already deleted
the wait/nowait. Use an Array#compact strategy instead.
Also, always define a sensible config-dir, even if none is given. If the
user wants to pass one especially, they can.
[FixRM #7297 ]
2012-10-10 10:18:40 -05:00
Tod Beardsley
f247379bb1
Handle the old wait/nowait shift behavior.
...
The old msfupdate would shift the first argument off the stack
regardless what it was. We have two possible candaidates now, wait and
nowait. Shouldn't be any others.
[SeeRM #7297 ]
2012-10-10 09:50:30 -05:00
Borja Merino
21d1a5857a
Adding Iterations options
2012-10-10 12:32:30 +02:00
James Lee
9a0a063048
Whitespace at EOL
2012-10-09 16:56:22 -05:00
James Lee
32680df7ec
Merge branch 'todb-r7-fix-msfupdate' into rapid7
...
[Closes #883 ][Closes #882 ]
2012-10-09 16:54:25 -05:00
Tod Beardsley
a31984c0ab
Always provide --config-dir for msfupdate
...
Otherwise, you will run into problems described in #882 .
2012-10-09 16:25:06 -05:00
Borja Merino
7b45ef6038
Applying changes. Blocks -Begin .. End- deleted
2012-10-09 21:52:49 +02:00
James Lee
db4ba472d5
[ Closes #881 ]
2012-10-09 13:29:31 -05:00
HD Moore
22f7c42b85
Merge branch 'master' into feature/updated-mobile
2012-10-09 12:58:19 -05:00
sinn3r
5ce26c4524
Merge branch 'bug/activerecord-dep' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-bug/activerecord-dep
2012-10-09 11:18:02 -05:00
sinn3r
1ba57af00a
Merge branch 'master' into bug/windows-pro-modules
2012-10-09 11:15:45 -05:00
Luke Imhoff
2d1fd1c305
Pass file size to read for faster reads on Windows
2012-10-09 11:04:05 -05:00
jvazquez-r7
4fa3631e34
avoiding the python support on the barracuda one if cannot be tested
2012-10-09 18:01:23 +02:00
jvazquez-r7
f33411abd1
Merge branch 'python_payload_support' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-python_payload_support
2012-10-09 18:00:44 +02:00
James Lee
592851e155
Add requires for active_support deps in use
...
Hash for #assert_valid_keys, Module for #parent.
2012-10-09 02:05:08 -05:00
James Lee
b3e27b16d5
Derp, include is a class method
2012-10-09 01:52:19 -05:00
sinn3r
a12aed7ffc
Don't really need these keywords
2012-10-09 00:49:05 -05:00
sinn3r
b657fd31cc
Merge branch 'php_include' of https://github.com/ethicalhack3r/metasploit-framework into ethicalhack3r-php_include
2012-10-09 00:45:46 -05:00
James Lee
227418bd11
Make AR a soft dependency again
...
Ensures that the absence of activerecord does not prevent msfconsole
from loading. This returns us to the previous state of affairs where it
is possible to use the framework entirely without a database.
To test:
1. rm -rf lib/gemcache/ruby/1.9.1/gems/activerecord*
2. remove any locally installed versions of activerecord
3. msfconsole
msfconsole should load up with a warning like so:
[-] ***
[-] * WARNING: No database support: LoadError cannot load such file -- active_record
[-] ***
... and should still be functional.
2012-10-08 23:07:04 -05:00
sinn3r
c094508119
Support Python payload
...
Pretty sure if the app is run on Unix/Apache, or supports perl and
ruby, chances are python works too.
2012-10-08 22:17:11 -05:00
James Lee
3888c5212f
Change file header comment to new format
2012-10-08 21:30:42 -05:00
James Lee
03e2cda9e1
Make sample modules conform to modern mod format
...
Wow, these are old.
2012-10-08 21:23:38 -05:00
Tod Beardsley
562612f96c
Merge branch 'hmoore-r7-module-loader'
2012-10-08 17:52:26 -05:00
HD Moore
8f07a18d74
Fix comment indentation
2012-10-08 17:29:36 -05:00
HD Moore
eb0f0fee0c
Correct an extra parenthesis
2012-10-08 17:20:25 -05:00
HD Moore
8cdb76d269
Switch to normal String API vs ActiveSupport method
2012-10-08 17:18:40 -05:00
jvazquez-r7
b356b403b0
Merge branch 'phptax' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-phptax
2012-10-09 00:10:31 +02:00
HD Moore
2dce6e6347
FIXRM #7292 by using hex class names
2012-10-08 17:03:41 -05:00
Luke Imhoff
93469604a7
Fix missed rename when adding fastlib under directory
...
I missed a spot where I referenced the nested_paths as nested_pathnams
after I renamed the variable. Now, Msf::ModuleManager#add_module_paths
has rspec tests.
Rspec can be invoked with `rake` as the default task or `rake spec`
explicitly.
I changed RuntimeError to ArgumentError since that error was more
specific to having a bad argument error. I adding missing dependencies
to the Gemfile and a require to msf/core/db_manager.rb where it errored
out trying to access Msf::Config when I just did require 'msf/core' in
the spec.
2012-10-08 16:14:37 -05:00
HD Moore
6bb1b83de3
Align the comments with the space indents for now
2012-10-08 16:09:12 -05:00