James Lee
d0ee521c8f
Land #2982 , make getenv smarter
2014-02-12 10:54:30 -06:00
jvazquez-r7
a59ce95901
Land #2970 , @sgabe exploit for CVE-2010-2343
2014-02-12 08:10:53 -06:00
jvazquez-r7
9845970e12
Use pop#ret to jump over the overwritten seh
2014-02-12 08:10:14 -06:00
sgabe
11513d94f5
Add Juan as author
2014-02-12 12:17:02 +01:00
sgabe
3283880d65
Partially revert "Replace unnecessary NOP sled with random text" to improve reliability.
...
This partially reverts commit 12471660e9
.
2014-02-12 12:09:16 +01:00
sinn3r
0f620f5aba
Fix Uninitialized Constant RequestError
...
[SeeRM #8765 ] NameError uninitialized constant
2014-02-12 00:23:23 -06:00
sinn3r
750ce3c4db
Make server configurable
2014-02-11 23:07:43 -06:00
OJ
beca4b8bc3
Fix issue with getenv failing
...
The call to `getenv` failed when `%` or `$` were used because of the
differences between Meterpreter handling and MSF handling.
Meterpreter effectively ignores (ie. strips out) the platform-specific
characters which are used for environment variables. In the `getenv`
call, MSF was invoking `getenvs` and getting a full hash of values, then
attempting to index into the hash using a string which may be "polluted"
with those platform-specific characters. This meant that there was a
discrepency between what was returned and what was used to index and
as a result, the value would come out as `nil`.
For example, calling `getenv('%FOO%')` would result in a hash with
`{'FOO'=>'bar'}`, so looking for '%FOO%' in this result would yield
nothing.
This commit changes this so that the name is ignored and the first
value is returned.
2014-02-12 13:51:30 +10:00
sinn3r
7eb20a37d4
offerer's interface gets a makeover
2014-02-11 19:43:52 -06:00
sgabe
7195416a04
Increase the size of the NOP sled
2014-02-12 02:35:53 +01:00
William Vu
5a488b310d
Use a more correct error message
...
-1 is a valid session ID, even though it's a fake one.
2014-02-11 18:06:43 -06:00
sgabe
3f09456ce8
Minor code formatting
2014-02-11 23:53:04 +01:00
sgabe
7fc3511ba9
Remove unnecessary NOPs
2014-02-11 23:48:54 +01:00
sgabe
12471660e9
Replace unnecessary NOP sled with random text
2014-02-11 23:48:04 +01:00
sgabe
184ccb9e1e
Fix payload size
2014-02-11 23:42:58 +01:00
William Vu
4a603b9a8d
Merge remote-tracking branch 'upstream/master' into beug/session
...
Conflicts:
lib/msf/base/simple/post.rb
2014-02-11 16:38:16 -06:00
William Vu
18816f3d5e
Land #2952 , -1 for last session ID
2014-02-11 16:22:36 -06:00
Spencer McIntyre
303ed9a85e
Land #4 @jvazquez-r7's bug fix for on_session_module_run
2014-02-11 17:03:21 -05:00
William Vu
c67c0dde8f
Land #2972 , enum_system find/save logs/S[UG]ID
2014-02-11 15:45:27 -06:00
William Vu
2476d9be2d
Fix invalid session ID bug
...
This fix should work seamlessly with #2952 .
2014-02-11 15:43:35 -06:00
jvazquez-r7
1f0020a61c
Land #2946 , @jlee-r7's optimization of the x86 block_api code
2014-02-11 15:00:00 -06:00
bwall
783e62ea85
Applied changes from @wchen-r7's comments
2014-02-11 10:14:52 -08:00
jvazquez-r7
e3aa838e52
Fix on_session_module_run bug
2014-02-11 11:37:58 -06:00
jvazquez-r7
3717374896
Fix and improve reliability
2014-02-11 10:44:58 -06:00
jvazquez-r7
51df2d8b51
Use the fixed API on the mediawiki exploit
2014-02-11 08:28:58 -06:00
Roberto Soares Espreto
68578c15a3
find command modified
2014-02-11 10:08:12 -02:00
sinn3r
2bb15d3a87
answerer's interface gets a makeover
2014-02-11 02:15:22 -06:00
jvazquez-r7
79d559a0c9
Fix MIME message to_s
2014-02-10 22:23:23 -06:00
Spencer McIntyre
a67a14ff60
Land #2975 @wchen-r7's extra vprint_debug statements for ms13-090
2014-02-10 20:57:55 -05:00
Roberto Soares Espreto
f181134ef8
Removed hard tabs
2014-02-10 23:16:04 -02:00
sinn3r
fdd696fc31
Drop Opera support
...
It's sad nobody is actually using it. See article: "Across desktop and
mobile, Chrome is used more than Firefox, IE, and Opera combined" -
thenextweb.com
2014-02-10 18:03:42 -06:00
sinn3r
1414f6794c
Change the name of the video chat command
2014-02-10 17:44:47 -06:00
Meatballs
d8ea11b851
Redirect HTTP too
2014-02-10 23:41:15 +00:00
sinn3r
7704c388f3
Land #2974 - Recover missing code in method exists?
2014-02-10 17:38:20 -06:00
sinn3r
442d212a94
Add vprint_debug to show what requirements are being compared
2014-02-10 17:33:36 -06:00
sgabe
e8a3984c85
Fix ROP NOP address and reduce/remove NOPs
2014-02-11 00:29:37 +01:00
Meatballs
4a0f37dc21
Save lost changes
2014-02-10 23:24:26 +00:00
sinn3r
44282d8a83
Add an exception handling
2014-02-10 17:06:56 -06:00
sinn3r
1114913298
Automatically turn on webcam in Firefox
2014-02-10 17:05:08 -06:00
William Vu
e6905837eb
Land #2960 , rand_text_alpha for amaya_bdo
2014-02-10 16:44:11 -06:00
bwall
13fadffe7e
Dexter panel (CasinoLoader) SQLi to PHP code exec - Initial
2014-02-10 13:44:30 -08:00
Meatballs
a87f604c98
Merge remote-tracking branch 'upstream/master' into mediawiki
2014-02-10 21:43:56 +00:00
Meatballs1
d05a68f158
Merge pull request #34 from jvazquez-r7/review_2939_5
...
Review MediaWiki RCE pr
2014-02-10 21:42:14 +00:00
Brandon Turner
1aa176604c
Merge branch 'release' into 'master'
2014-02-10 15:29:04 -06:00
Roberto Soares Espreto
2e720f8f0f
Post::Linux - Added to search for files with setuid/setgid and logfiles
2014-02-10 19:24:51 -02:00
sinn3r
575ee09b77
Change messages
2014-02-10 14:59:44 -06:00
sinn3r
0709aac3c5
Land #2971 - Fixup on description and some option descrips
2014-02-10 14:50:39 -06:00
sinn3r
48fdb08164
Add flag --use-fake-ui-for-media-stream
...
Thanks Joev!!
2014-02-10 14:47:25 -06:00
Tod Beardsley
1236a4eb07
Fixup on description and some option descrips
2014-02-10 14:41:59 -06:00
jvazquez-r7
3d4d5a84b6
Land #2957 , @zeroSteiner's exploit for CVE-2013-3881
2014-02-10 13:59:45 -06:00