1c88dea7d6
Exploitation also works with flash 13
2014-04-28 16:23:05 -05:00
8a4c7b22ed
Land #3296 - Refactors firefox js usage into a mixin
2014-04-28 15:22:55 -05:00
d530c9c128
Land #3304 - Adobe Flash Player Type Confusion Remote Code Execution
2014-04-28 15:06:50 -05:00
fd0183c414
Land #3311 - Fixup release
2014-04-28 14:04:02 -05:00
1b4fe90003
Fix msftidy warnings on wireshark exploits
2014-04-28 19:51:38 +01:00
3bfdfb5cab
Grammar
2014-04-28 19:49:56 +01:00
a5baea1a8e
Touch up print_ statements
2014-04-28 19:49:23 +01:00
a6edd94c7f
Just fix refs and desc for release
2014-04-28 19:47:15 +01:00
a7e110be9e
Add a peer method, elaborate desc and prints
2014-04-28 19:41:44 +01:00
cb247dfe67
Land #3291 , accept zip or jar for jar files
2014-04-28 19:12:18 +01:00
829b9ff4ff
Land #3308 - Fix smb_login using error_reason
2014-04-28 12:33:24 -05:00
9a1b216fdb
Move module to new location
2014-04-28 11:55:26 -05:00
51a5a901a8
Fix typo
2014-04-28 11:55:06 -05:00
887dfc5f40
Fix RequiredCmd
2014-04-28 11:54:56 -05:00
245b591247
Do module clean up
2014-04-28 11:45:40 -05:00
7fad215f3e
Merge branch 'bug/9582-metasploit-imports-and-tasks' into upstream-master
...
Land #3299
2014-04-28 10:47:23 -05:00
891118a3ef
Land #3307 , typo in oracle_demantra_file_retrieval
2014-04-28 10:12:15 -05:00
a0add34a7d
Removed warning message and changed default unit number to 1
2014-04-28 15:47:10 +02:00
ab913a533e
Update oracle_demantra_file_retrieval.rb
...
Fixed typo
2014-04-28 14:36:48 +01:00
a2ccbf9833
Add read/write capabilities to modbusclient
2014-04-28 15:29:55 +02:00
fb39e422aa
Fix smb_login calling nonexistent method
...
When a Rex::Proto::SMB::Exceptions::InvalidWordCount exception is thrown by this module, it attempts to call the nonexistent method error_reason and throws a NoMethodError:
Auxiliary failed: NoMethodError undefined method `error_reason' for #<Rex::Proto::SMB::Exceptions::InvalidWordCount:0x007f48fcda0e48>
This changes uses the built in method get_error to return an error code.
[-] x.x.x.x:445 SMB - [1/1] - \\Domain - FAILED LOGIN (xxxxxxxx) xxxx : xxxxx [STATUS_WAIT_0]
2014-04-28 09:28:29 -04:00
2396d497d8
move scanner to gather
2014-04-28 12:57:54 +02:00
3bfa8ea707
Pass msftidy
2014-04-28 12:53:49 +02:00
f34cfefb8f
Change hash to array
2014-04-28 12:52:46 +02:00
6610977e86
add cookie.match and alway return
2014-04-28 12:39:32 +02:00
d5fe8471ed
unless id
2014-04-28 12:16:49 +02:00
328acc44fa
Start cleaning as requested
2014-04-28 11:32:46 +02:00
2e04bc9e4e
AlienVault OSSIM 4.3.1 unauthenticated SQLi RCE
2014-04-28 10:59:15 +07:00
9ce5545034
Fix comments
2014-04-27 20:13:46 -05:00
60e7e9f515
Add module for CVE-2013-5331
2014-04-27 10:40:46 -05:00
b80d366bb7
Add filter to output WPA-PSK password on Netgear DG834GT
2014-04-26 15:52:31 +02:00
9964548b41
Amend spec for db_import help
2014-04-25 14:28:29 -05:00
696eee1ada
Add Outpost24 to db_import help
2014-04-25 14:27:44 -05:00
8f43c229b1
Passing the Mdm::Task down the chain
...
when reporting hosts from an Mdm::Task we need to pass the task all
the way down. this wasnt done for the metasploit import format.
2014-04-25 11:15:39 -05:00
c2bb26590c
Land #3250 , version handling for Heartbleed server
2014-04-25 00:17:26 -05:00
fd232b1acd
Use the protocol version from the handshake
...
I used the protocol version from the record layer thinking I was using
the protocol version from the handshake. This commit fix this and uses
the protocol version from the handshake instead of from the record layer
as in https://gist.github.com/rcvalle/10335282 , which is how it should
have been initially.
Thanks to @wvu-r7 for finding this out!
2014-04-25 01:48:17 -03:00
f94d1f6546
Refactors firefox js usage into a mixin.
2014-04-24 15:09:48 -05:00
fb3b6f577d
Land #3279 , upper bound check for AR
2014-04-24 15:09:07 -05:00
1353c62967
Land #3295 - Fix NoMethodError undefined method `body' for nil:NilClass
2014-04-24 13:53:58 -05:00
ba4b507cc7
Land #3280 - Multiplatform WLAN Enumeration and Geolocation
2014-04-24 13:52:32 -05:00
5c0664fb3b
Land #3292 - Mac OS X NFS Mount Privilege Escalation Exploit
2014-04-24 13:43:20 -05:00
656e60c35c
Land #3254 - Wireshark <= 1.8.12/1.10.5 wiretap/mpeg.c Stack BoF
2014-04-24 13:20:50 -05:00
cde9080a6a
Move module to fileformat
2014-04-24 13:17:08 -05:00
a39855e20d
Works for XP SP3 too
2014-04-24 13:16:24 -05:00
ba8d7801f4
Remove default target because there is no auto-select
2014-04-24 13:15:49 -05:00
2e76db01d7
Try to stick to the 100 columns per line rule
2014-04-24 13:15:12 -05:00
8f47edb899
JBoss_Maindeployer: improve feedback against CVE-2010-0738
...
The exploit against CVE-2010-0738 won't work when using GET or POST. In the existing code the request would fail and the function would return a nil. This would be passed to detect_platform without being checked and cause the module to crash ungracefully with the error:
Exploit failed: NoMethodError undefined method `body' for nil:NilClass
The first changes detect a 401 authentication message and provide useful feedback. Given that if, in any case, 'res' is not a valid or useful response the second change just terminates processing.
I've stayed with the module's coding style for consistency.
2014-04-24 12:37:14 -05:00
ef815ca992
Land #3288 , Postgres support for Heartbleed scanner
2014-04-24 18:03:13 +02:00
e556997bf7
Land #3269 (Pro) fix report import issue
2014-04-24 08:27:06 -05:00
d4c0d015c1
Update wlan_geolocate.rb
...
Updated based on feedback. Also added enumeration only support for BSD and Solaris.
2014-04-24 07:04:50 -05:00
jvazquez-r7
sinn3r
Tod Beardsley
Samuel Huckins
William Vu
Arnaud SOULLIE
Pedro Laguna
Zinterax
Thanat0s
xistence
nodeofgithub
lsanchez-r7
Ramon de C Valle
joev
Tom Sellers
Christian Mehlmauer
Trevor Rosen