Jon Hart
377017a2d5
Include module name in advanced options output
2015-10-30 11:54:44 -07:00
Jon Hart
0091a05fa6
Add 'advanced' and 'options' commands to mirror 'info'
2015-10-30 11:54:40 -07:00
Jon Hart
6bfa6095c6
Add 'show info'; just calls 'info'
2015-10-30 11:54:35 -07:00
William Vu
f8a39ecc21
Land #6145 , better RPC exception handling
2015-10-30 13:25:52 -05:00
wchen-r7
db0518dd3c
Bump jsobfu to 0.3.0
2015-10-30 13:06:53 -05:00
Samuel Huckins
f064fec0f1
Bumped version to 4.11.5
...
MSP-13377
2015-10-30 09:37:00 -05:00
wchen-r7
82e600a53a
Suggest the correct replacement for the deprecated module
...
The deprecated module has been suggesting the wrong replacement,
it should be exploits/multi/browser/adobe_flash_pixel_bender_bof.rb
2015-10-29 16:24:29 -05:00
Louis Sato
57304a30a8
Land #6139 , remove bad ref links
2015-10-29 16:00:43 -05:00
wchen-r7
95920b7ff6
Bring back more working links
2015-10-29 15:57:16 -05:00
wchen-r7
da52c36687
Put back some links
2015-10-29 15:48:47 -05:00
Louis Sato
da7c4ecac4
Land #6141 , update description, authors, and references for zpanel_information_disclosure_rce
2015-10-29 13:50:27 -05:00
wchen-r7
4e20b8f369
Fix #5875 , Add report_vuln for Msf::Exploit::CheckCode::Vulnerable
...
Msf::Exploit::CheckCode::Vulnerable requires the module to be
explicit, as in actually triggering the bug and get a vulnerable
response, therefore it should be appropriate to use report_vuln
to report it.
Other vuln check codes (such as Appears, or Detected, etc) will
not call report_vuln, because it's not explicit enough.
2015-10-29 13:22:59 -05:00
nixawk
faf9be811a
delete caidao_php_backdoor_exec from exploits
2015-10-29 02:18:30 +00:00
nixawk
5d8ccd297e
Fix References / Exploit -> Auxiliary
2015-10-29 02:15:20 +00:00
OJ
c5643e52ff
Add support for the show_mount command (windows)
2015-10-29 07:28:33 +10:00
wchen-r7
93df45eff1
Land #6138 , Land joomla plugin com_realestatemanager Error Based SQLi
2015-10-28 13:36:14 -05:00
wchen-r7
09b79414ee
Report hash
2015-10-28 13:33:00 -05:00
Brent Cook
466536041f
Land #6143 , treat powershell and shell the same for RPC read/write
2015-10-28 11:57:48 -05:00
Louis Sato
657a5481dc
fix rpc session conditional to allow powershell read/write
2015-10-28 11:49:32 -05:00
nixawk
bc02993567
chinese caidao php backdoor command execution
2015-10-28 16:43:58 +00:00
wchen-r7
1805774b16
Resolve #6020 , Better RPC exception handling
...
Resolve #6020 . Avoid trying to rescue RuntimeError.
2015-10-28 11:16:44 -05:00
wchen-r7
e7d6493311
Replace links
2015-10-28 10:45:02 -05:00
g0tmi1k
3648004527
Merge pull request #1 from jvazquez-r7/review_5720
...
Fix download of files on linux
2015-10-28 10:27:42 +00:00
wchen-r7
5b86d2ef95
Fix #6133 , update description, authors and references
...
Fix #6133
Thank you @japp-0xlabs
2015-10-27 14:38:18 -05:00
wchen-r7
154fb585f4
Remove bad references (dead links)
...
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
William Vu
a65172bbcb
Land #6125 , Joomla SQLi creds gather module
2015-10-27 11:21:30 -05:00
William Vu
9041f95511
Perform final cleanup
2015-10-27 11:21:17 -05:00
nixawk
132cbf0cd7
joomla plugin com_realestatemanager Error Based SQL Ijnection
2015-10-27 15:18:17 +00:00
William Vu
93a2507223
Land #6137 , has_key -> has_key?
2015-10-27 09:39:13 -05:00
William Vu
74353686a3
Land #6136 , rescue SMB error for psexec
2015-10-27 09:31:37 -05:00
wchen-r7
e0801b39ba
Fix undef method has_key for module_references.rb tool
...
I made a typo. Should be has_key?, not has_key
2015-10-26 23:12:01 -05:00
Brandon Perry
c7fe014854
remove global variables
2015-10-26 17:13:51 -05:00
jvazquez-r7
b2e3ce1f8a
Allow to finish when deletion fails
2015-10-26 16:40:36 -05:00
William Vu
5ad30d0070
Land #6067 , @bigendiansmalls' MainframeShell class
2015-10-26 16:01:18 -05:00
wchen-r7
9adfd296a0
Land #6128 , Th3 MMA mma.php Backdoor Arbitrary File Upload
2015-10-26 15:26:06 -05:00
wchen-r7
0d9ebe13a1
Modify check
2015-10-26 15:25:38 -05:00
bigendian smalls
d70d30c003
Merged to most recent metasploit-framework/master
2015-10-26 15:09:32 -05:00
bigendian smalls
43dbdcea76
Removed process_autoruns from mainframe_shell
...
Removed process_autoruns until we can write a fully compatible one or
fully regression test the existing. Likely the former because of
encoding issues
2015-10-26 14:55:40 -05:00
Bigendian Smalls
430a83b148
Merge pull request #1 from wvu-r7/pr/6067
...
Clean up Msf::Sessions::MainframeShell
2015-10-26 14:48:18 -05:00
William Vu
bbc1e43149
Remove raise, since it broke things
...
Need to pass through silently.
2015-10-26 14:45:21 -05:00
William Vu
43eae0b97f
Clean up Msf::Sessions::MainframeShell
2015-10-26 12:15:45 -05:00
wchen-r7
f4abc16c66
Land #6102 , Add rsh/libmalloc privilege escalation exploit module
2015-10-26 10:54:05 -05:00
JT
4f244c54f8
Update mma_backdoor_upload.rb
2015-10-26 23:01:38 +08:00
bigendian smalls
d53be873dc
Updating master to metasploit/master
2015-10-26 09:24:24 -05:00
Sam H
5fcc70bea4
Fixed issue w/ msf payloads + added timeout rescue
...
Apparently when OS X payload shells get a sudo command, it requires a full path (even though it clearly has $PATH defined in its env...) to that file. The updates here take that into account. Also, the script more directly catches a timeout error when the maximum time for sudoers file to change has passed.
2015-10-25 23:38:48 -07:00
Brandon Perry
8b4f2290ed
no more session ids in desc
2015-10-25 11:01:17 -05:00
Brandon Perry
4c40fbce27
Merge pull request #1 from open-security/joomla_contenthistory
...
rebuild joomla_contenthistory_sqli (cve-2015-7297)
2015-10-25 10:58:18 -05:00
nixawk
f738dd2acb
replace print_* with vprint_* / fix check method
2015-10-25 06:57:56 +00:00
nixawk
a6628110f6
rebuild joomla_contenthistory_sqli (cve-2015-7297)
2015-10-25 03:56:36 +00:00
William Vu
69de8b92fd
Land #6134 , PAYLOAD and LHOST for jobs (not -v)
2015-10-24 18:27:32 -05:00