jvazquez-r7
dbad1a5e4c
Clean up description
2013-07-24 12:02:33 -05:00
jvazquez-r7
18dbdb828f
Land #2133 , @Meatballs1's exploit for PSH Web Delivery
2013-07-24 12:01:37 -05:00
Meatballs
f79d3f7591
Shorten cmd
2013-07-24 17:48:03 +01:00
Meatballs
8103baf21a
Update title
2013-07-24 17:29:23 +01:00
Meatballs
18ac83bec1
Final updates and tidy
2013-07-24 17:28:19 +01:00
Tod Beardsley
00630376c3
Revert the default call to firefox
...
This reverts commit 0928a370f3
.
No, no, you guys are right in the comments for #2148 . The call to
system is inside the else, but the tabbing made my eyes cross.
Sorry about that. Someday soon, @tabassassin will save us all from these
kinds of screw ups in mental parsing.
2013-07-23 16:13:02 -05:00
William Vu
d493346691
Land #2137 , fixes and specs for Opt containers
2013-07-23 15:58:09 -05:00
jvazquez-r7
b0c17fdebc
Land #2002 , @jlee-r7's patch for better handling uri resources
2013-07-23 15:49:21 -05:00
David Maloney
621568bf8f
Another Error Type needs caught
...
Different systems throw a different error
Need to rescue that error too
2013-07-23 15:47:42 -05:00
William Vu
86ab942435
Land #2146 , Unix and Windows path normalization
2013-07-23 15:23:41 -05:00
Tod Beardsley
0928a370f3
Adding back default firefox
...
the default is triggered only outside the case statement, which itself
is totally bizarre. I can't tell if anyone is relying on this behavior
right now, but it's too premature to just remove it out at this point.
2013-07-23 14:43:30 -05:00
Tod Beardsley
5736f65d4e
Land #2148 , prefer xdg-open over sensible-browser
2013-07-23 14:39:18 -05:00
Tod Beardsley
53c3fd2ce7
Update comment docs on Rex::Compat.open_browser
2013-07-23 14:38:04 -05:00
William Vu
adef046c74
Land #2149 , another good @todb-r7 English thing
2013-07-23 14:18:16 -05:00
Tod Beardsley
147d432b1d
Move from DLink to D-Link
2013-07-23 14:11:16 -05:00
ZeroChaos
ce5742461a
update open_browser functionality
...
open_browser didn't support xdg-open or firefox-bin. xdg-open was made the default as it is the most likely to succeed afaik.
the fallback to firefox was removed because since we check for the existence of firefox is makes no sense to try to run it after we failed to find it. This will silently fail if no supported browser is found due to suggestions from the msf team:
< Zero_Chaos> more importantly, it would be great if someone told me how to spit out a message to the user
< Zero_Chaos> because I have no clue :-)
<@egypt> Zero_Chaos: it's in rex, so the answer is "don't"
2013-07-23 14:58:16 -04:00
Tod Beardsley
bb16683415
Land #2087 , @egypt's random ID generator
2013-07-23 13:52:08 -05:00
William Vu
173661c77d
Land #2147 , msfcli help optimization
2013-07-23 11:10:45 -05:00
sinn3r
0035f2ee64
Speed up msfcli help
...
If the user only wants to see help, then no point to load things
that will actually never be used by msfcli. Only rex is needed.
2013-07-22 23:26:44 -05:00
sinn3r
8b0aac2d3c
Add another test case for having a trailing slash for unix path
...
If a trailing path exists in the original input, should keep it.
This test case should verify that.
2013-07-22 23:23:40 -05:00
sinn3r
2be0b84ba8
Not Windows format, Unix.
2013-07-22 22:37:36 -05:00
sinn3r
4ea176b5ee
Add another test case
2013-07-22 22:35:19 -05:00
sinn3r
958a4edd73
Keep the trailing slash if the user wishes
2013-07-22 20:46:18 -05:00
sinn3r
359009583f
Drop support for UNC path parsing in normalize_win_path
...
Not really a good idea to try to parse UNC format. Confuses the
purpose of the function.
2013-07-22 20:20:45 -05:00
sinn3r
8656fcf5e0
Update the test description a little better
2013-07-22 19:35:52 -05:00
sinn3r
4b3fce9349
Add functions to normalize Winodws & Unix paths
...
The purpose of these functions is to be able to join file/dir paths
safely without trailing slashes, basically for the same reason as
normalize_uri. Some modules are really buggy when merging paths,
so instead of letting them do it, it's better to use these functions.
2013-07-22 19:26:04 -05:00
William Vu
48666f1466
Land #2145 , consistent datastore options
2013-07-22 17:06:36 -05:00
jvazquez-r7
af1bd01b62
Change datastore options names for consistency
2013-07-22 16:57:32 -05:00
William Vu
b0c74dbb8b
Land #2120 , specs for command_dispatcher
2013-07-22 16:33:19 -05:00
lsanchez-r7
03cd3ff4eb
adding new lines to the end of files.
2013-07-22 16:26:45 -05:00
Tod Beardsley
6055ae7ba5
Land #2132 , adding logging to hostname resolver
...
Also incidentally updated the description.
2013-07-22 15:19:47 -05:00
Tod Beardsley
b4589c3c82
Expanding description
2013-07-22 15:19:30 -05:00
jvazquez-r7
70900cfe5e
Final cleanup for foreman_openstack_satellite_priv_esc
2013-07-22 14:59:23 -05:00
jvazquez-r7
6346f80ff0
Land #2143 , @rcvalle's module for CVE-2013-2113
2013-07-22 14:58:07 -05:00
Tod Beardsley
5e55c506cd
Land #2140 , add CWS as a first-class reference.
2013-07-22 13:50:38 -05:00
Ramon de C Valle
b6c9fd4723
Add foreman_openstack_satellite_priv_esc.rb
...
This module exploits a mass assignment vulnerability in the 'create'
action of 'users' controller of Foreman and Red Hat OpenStack/Satellite
(Foreman 1.2.0-RC1 and earlier) by creating an arbitrary administrator
account.
2013-07-22 15:24:25 -03:00
William Vu
20baf68efb
Land #2141 , @todb-r7's weekly English thing
2013-07-22 13:18:48 -05:00
Rich Lundeen
aa159f12b7
changed options wording
2013-07-22 11:15:22 -07:00
Rich Lundeen
57055ab754
added optional option
2013-07-22 11:13:29 -07:00
Tod Beardsley
164153f1e6
Minor updates to titles and descriptions
2013-07-22 13:04:54 -05:00
jvazquez-r7
77e8250349
Add support for CWE
2013-07-22 12:13:56 -05:00
jvazquez-r7
6158415bd3
Clean CWE reference, will ad in new pr
2013-07-22 12:03:55 -05:00
jvazquez-r7
da4fda6cb1
Land #2110 , @rcvalle's exploit for Foreman Ruby Injection
2013-07-22 12:02:43 -05:00
Ramon de C Valle
9577639b7d
Revert "Add support to CWE in module references"
...
This reverts commit 7a9c228772
.
2013-07-22 13:16:42 -03:00
Ramon de C Valle
04e9398ddd
Fix CSRF regular expressions as per review
2013-07-22 13:10:56 -03:00
jvazquez-r7
de6e2ef6f4
Final cleanup for dlink_upnp_exec_noauth
2013-07-22 10:53:09 -05:00
jvazquez-r7
c1c72dea38
Land @2127, @m-1-k-3's exploit for DLink UPNP SOAP Injection
2013-07-22 10:52:13 -05:00
Ramon de C Valle
11ef4263a4
Remove call to handler as per review
2013-07-22 12:49:42 -03:00
David Maloney
6976bfd032
Remove pry from gemfile
2013-07-21 15:20:34 -05:00
jvazquez-r7
3c3a951d7e
Land #2138 , @wchen-r7's CVE-2013-1017 fileformat exploit
2013-07-21 11:00:34 -05:00