69d2b8ffb1
Various code format, style changes, file moves
...
As per Egypt's suggestions.
2015-05-12 09:43:41 +10:00
fe51f552b8
Make stageless, and reverse_tcp x64 non-dynamic
2015-05-12 07:37:12 +10:00
518e28674e
Removed CGI dependency (@hmoore-r7, @wchen-r7)
2015-05-11 21:10:18 +01:00
78e310562b
Readability style change
2015-05-11 19:48:12 +01:00
8e3d803e74
Updated style as per @void-in's comments
2015-05-11 19:46:10 +01:00
62d67469da
Updated code style as per @hmoore-r7's instructions
2015-05-11 19:34:23 +01:00
b8f7c80fd2
Rubocop
2015-05-11 18:50:03 +01:00
8308c2a925
Added check for nonsensical options
2015-05-11 18:48:55 +01:00
99133deabb
Reran tests, sorted out strip problem
2015-05-11 18:29:44 +01:00
c25a5d3859
Fixed a bunch of rubocop errors
2015-05-11 18:14:37 +01:00
34cf90af59
Removed unnecessary include
2015-05-11 17:31:31 +01:00
c001f014ce
HTML Title Grabber
2015-05-11 17:29:22 +01:00
d8cc2c19d3
Fix #5315 , User configurable options for jenkins_login
...
Fix #5315 . This patch allows the user to configure the HTTP method
for the login, as well as the URL.
2015-05-11 10:15:49 -05:00
a97f24a12d
Update payload cached sizes
2015-05-11 10:00:14 +01:00
c0388a770e
Update cached sizes
2015-05-10 22:01:30 +01:00
c916021fc5
SSL Support for Powershell Payloads
2015-05-10 21:45:59 +01:00
efb226a55c
Fixed some minor errors
2015-05-10 02:59:57 -04:00
cc87df9123
Land #5323 , default creds fix for NETGEAR dirtrav
2015-05-09 14:36:00 -05:00
eeb87a3489
Polish up module
2015-05-09 14:33:41 -05:00
fe907dfe98
Fix the disclosure date
2015-05-09 10:44:28 -05:00
d2e1fdbbc3
Land #5324 , fixes #5318
...
Fixes enum_domain_group_users when running as SYSTEM.
2015-05-09 10:49:05 +01:00
028f9dd43b
Tidy and rubocop
2015-05-09 10:48:07 +01:00
e9dc93f345
Use cmd_exec
2015-05-09 10:44:02 +01:00
cb51bcc776
Land #5147 , @lightsey's exploit for CVE-2015-1592 MovableType deserialization
2015-05-09 01:56:38 -05:00
89bc405c54
Do minor code cleanup
2015-05-09 01:54:05 -05:00
a8adcda941
Redo port checks
2015-05-08 15:29:30 -05:00
156aac1dff
Use timeout options
2015-05-08 15:23:08 -05:00
bf9ca1f88f
Change module filename
2015-05-08 15:08:59 -05:00
f56115552f
Do code cleanup
2015-05-08 14:56:39 -05:00
b73241882b
Use datastore option
2015-05-08 14:48:19 -05:00
b5f5bacb8c
Use the connect/read timeout as used by the HTTPClient mixin
2015-05-08 14:46:08 -05:00
8c3a97667a
use get_env instead of client.sys.config.getenv
2015-05-08 15:25:20 -04:00
9fdbfd7031
Use vprint_error
2015-05-08 14:21:36 -05:00
017ae463ed
Fix description style
2015-05-08 14:18:29 -05:00
2e01eb519d
Do minor fixes
2015-05-08 14:04:44 -05:00
5588ad36b3
Print status message
2015-05-08 13:51:00 -05:00
7e62ba85a1
Do code cleanup
2015-05-08 13:33:28 -05:00
60c2c7a7cd
Delete unused variable
2015-05-08 13:19:39 -05:00
c0f21c3ae1
Fix metadata
2015-05-08 13:19:23 -05:00
b2ce2ddb05
determine the domain using env vars instead of parsing net.exe output
2015-05-08 14:17:49 -04:00
a7988f9e93
Change credentials to service:service
2015-05-08 22:52:59 +05:00
508574970c
Land #5307 , Brocade login scanner resurrection
2015-05-07 22:43:39 -05:00
8d3737d13c
Fix some stylistic issues
2015-05-07 22:43:23 -05:00
71518ef613
Land #5303 , metasploit-payloads Java binaries
2015-05-07 22:39:54 -05:00
2f2169af90
Use single quotes consistently
2015-05-07 22:39:36 -05:00
51bb4b5a9b
Add module for CVE-2015-0359
2015-05-07 17:00:00 -05:00
a066105a86
prefer reading directly with MetasploitPayloads where possible
2015-05-07 16:59:02 -05:00
134a674ef3
Land #5312 , @todb-r7's release fixes
2015-05-07 15:34:31 -05:00
c9cb9ad564
Fix extraneous comma
2015-05-07 15:32:48 -05:00
1469a151ad
Land #5290 , Wordpress RevSlider Module
2015-05-07 22:15:56 +02:00
fd827db6dd
Fix up bind stager payload sizes
2015-05-07 10:13:27 +10:00
9d7a7cb68d
Merge branch 'upstream/master' into multi-transport-support
...
Conflicts:
lib/msf/core/payload/linux/bind_tcp.rb
2015-05-07 07:24:22 +10:00
60e25170fa
Land #5313 : fixup bind_tcp stager
2015-05-07 07:09:19 +10:00
4df622c76b
Oops, one last for #5312 .
2015-05-06 14:48:17 -05:00
e8913e5620
Addressed most of @wvu's issues with #5312
2015-05-06 14:47:08 -05:00
f423306b6f
Various post-commit fixups
...
Edited modules/auxiliary/dos/http/ms15_034_ulonglongadd.rb first landed
in #5150 , @wchen-r7's DOS module for CVE-2015-1635 HTTP.sys
Edited modules/auxiliary/gather/apple_safari_ftp_url_cookie_theft.rb
first landed in #5192 , @joevennix's module for Safari CVE-2015-1126
Edited modules/auxiliary/gather/java_rmi_registry.rb first landed in
Edited modules/auxiliary/gather/ssllabs_scan.rb first landed in #5016 ,
add SSL Labs scanner
Edited modules/auxiliary/scanner/http/goahead_traversal.rb first landed
in #5101 , Add Directory Traversal for GoAhead Web Server
Edited modules/auxiliary/scanner/http/owa_iis_internal_ip.rb first
landed in #5158 , OWA internal IP disclosure scanner
Edited modules/auxiliary/scanner/http/wp_mobileedition_file_read.rb
first landed in #5159 , WordPress Mobile Edition Plugin File Read Vuln
Edited modules/exploits/linux/http/multi_ncc_ping_exec.rb first landed
in #4924 , @m-1-k-3's DLink CVE-2015-1187 exploit
Edited modules/exploits/unix/webapp/wp_slideshowgallery_upload.rb first
landed in #5131 , WordPress Slideshow Upload
Edited modules/exploits/windows/local/run_as.rb first landed in #4649 ,
improve post/windows/manage/run_as and as an exploit
(These results courtesy of a delightful git alias, here:
```
cleanup-prs = !"for i in `git status | grep modules | sed
s/#.*modules/modules/`; do echo -n \"Edited $i first landed in \" && git
log --oneline --first-parent $i | tail -1 | sed 's/.*Land //' && echo
''; done"
```
So that's kind of fun.
2015-05-06 11:39:15 -05:00
b8c7161819
Fix up NameError'd payload_exe
2015-05-06 11:34:05 -05:00
59ffe5d98f
Land #5306 , payload_exe NameError fix
2015-05-06 11:29:29 -05:00
4b0f54f0aa
Land #5305 , CVE-2015-0336 Flash NetConnection Type Confusion
2015-05-06 11:26:22 -05:00
97807e09ca
Lad #5125 , Group Policy startup exploit
2015-05-06 11:17:01 -05:00
5b57e4e9ca
Add info about the waiting time
2015-05-06 11:15:11 -05:00
0493f58834
Reenable metasm bind_tcp stager
2015-05-06 09:34:35 -05:00
3c2e6bb698
rollback linux bind_tcp stager metasm port
...
The new metasm port of the linux bind_tcp stager doesn't yet generate valid
executables. While we're debugging the problem, this reverts the bind_tcp.rb
stager to use the static ASM again.
2015-05-06 09:26:04 -05:00
94d1905fd6
Added WPVDB reference
...
Added a link to the new WPVDB article 7540 that @FireFart provided.
2015-05-06 05:41:02 -05:00
c293066198
Leverage check_version_from_custom_file in PR #5292
...
Change the 'check' code to leverage check_version_from_custom_file added to wordpress/version.rb by @FireFart in PR #5292
2015-05-06 05:41:02 -05:00
18697d8d02
Fixed the following based on feedback from @FireFart ( Thanks! )
...
- Adjusted references section
- Corrected call to normalize_uri
- Removed unnecessary require for rex/zip
2015-05-06 05:41:02 -05:00
8cb18f8afe
Initial commit of code
2015-05-06 05:41:02 -05:00
5cb8b9a20a
Fix #5304
2015-05-05 22:25:06 -04:00
93c785560b
remove brocade_telnet scanner, extend telnet
...
Rather than duplicate the entire telnet scanner, add a pre-login hook that a
module can use to extend the behavior on connect. This also adds a local
pass-through print_error method like http has.
2015-05-05 21:19:46 -05:00
dc053aeb58
Spelling Fix
...
s/Brocde/Brocade/ as per bcook-r7
2015-05-05 21:16:24 -05:00
fc1c0028a8
moved array definition to avoid error
2015-05-05 21:16:23 -05:00
7949daf42b
brocade_enable_login msftidy success
2015-05-05 21:16:23 -05:00
6b5aaa5479
brocade enable command bruteforcer
2015-05-05 21:16:23 -05:00
582919acac
Add module for CVE-2015-0336
2015-05-05 17:25:19 -05:00
a0c806c213
Update java meterpreter and payload references to use metasploit-payloads
2015-05-05 15:01:00 -05:00
c988447c18
title enhancement, OSVDB ref
...
touch up title and add OSVDB reference
2015-05-05 13:21:36 -06:00
c8123c147f
upnp vs hnap
2015-05-05 20:57:05 +02:00
4a6fec7f1e
Land #5439 , @Firefart's explanations on dlink_upnp_header_exec_noauth
2015-05-29 16:46:41 -05:00
b8a8e65c2c
Merge branch 'master' into land-5394-uuid-tracker
2015-05-29 16:22:45 -05:00
6669665d6d
Land #5402 , @nstarke's module to extract accouns information from a AVTECH744_DVR device
2015-05-29 16:14:50 -05:00
843572df6d
Change module filename
2015-05-29 16:14:16 -05:00
acb0af3826
Update description
2015-05-29 16:13:43 -05:00
39ae6263e9
Use Rex::Text.encode_base64
2015-05-29 16:12:21 -05:00
73f7885eea
add comment
2015-05-29 23:08:55 +02:00
8338b21f6c
Make some code cleanup
2015-05-29 16:04:29 -05:00
7b0006a1b2
Merge branch 'master' into land-5394-uuid-tracker
2015-05-29 15:41:31 -05:00
96a1e1b344
Land #5367 , add UUID stagers
2015-05-29 15:18:53 -05:00
1be04a9e7e
Land #5182 , @m-1-k-3's exploit for Dlink UPnP SOAP-Header Injection
2015-05-29 14:49:09 -05:00
8b2e49eabc
Do code cleanup
2015-05-29 14:45:47 -05:00
8c7d41c50c
Land #5426 , @wchen-r7's adds more restriction on Windows 7 target for MS14-064
2015-05-29 14:35:44 -05:00
c3fa52f443
Update description
2015-05-29 13:47:20 -05:00
9ccf04a63b
Land #5420 , @m-1-k-3's miniigd command injection module (ZDI-15-155)
2015-05-29 13:29:03 -05:00
9ebd6e5d6e
Use REXML
2015-05-29 13:27:19 -05:00
7d5af66fa0
Merge branch 'master' into land-5367-uuid-stagers
2015-05-29 13:00:35 -05:00
294fa78c1f
Land #5430 , @m-1-k-3's adding specific endianess Arch to some exploits
2015-05-29 11:43:25 -05:00
dd39d196f5
Land #5226 , @m-1-k-3's Airties login Buffer Overflow exploit
2015-05-29 10:51:32 -05:00
952f391fb4
Do minor code cleanup
2015-05-29 10:49:51 -05:00
bb444a8259
Land #5429 , Decrypt encrypted passwords in DBVisualizer
2015-05-29 09:57:08 -05:00
17c0af6380
Consistent column names
2015-05-29 11:08:24 +05:00
101f12b9d2
Remove base64 require
2015-05-29 10:38:06 +05:00
OJ
Stuart Morgan
wchen-r7
benpturner
Denis Kolegov
William Vu
HD Moore
Meatballs
jvazquez-r7
rwhitcroft
rwhitcroft
void-in
Brent Cook
Christian Mehlmauer
Tod Beardsley
Tom Sellers
Sam Roth
Mike
root
Darius Freamon
m-1-k-3
root