e103b2365a
Update payload sizes and add new payloads to spec
2015-05-25 11:31:15 +10:00
9e50114082
Merge branch 'upstream/master' into uuid-stagers
2015-05-25 11:22:35 +10:00
9042f141ff
Implement the IPv6 UUID bind stagers
2015-05-25 11:21:28 +10:00
f953dc08d9
Land #5280 , @m-1-k-3's support for Airties devices to miniupnpd_soap_bof
2015-05-24 15:17:38 -05:00
d10b20b7a3
Land #5251 , @hmoore-r7's second opportunity to Oracle connect
...
SYSTEM shouldn't have SYSDBA privileges by default anymore
2015-05-22 17:47:41 -05:00
41a86b2e9b
add vprint_status
2015-05-22 17:46:56 -05:00
5bceeb4f27
Land #5349 , @h0ng10's module for CVE-2015-2219 Lenovo System Update Local Privilege Escalation
2015-05-22 17:14:20 -05:00
eb5aadfb4e
Land #5401 , multi-platform CVE-2015-0311 - Flash uncompress() UAF
2015-05-22 16:50:13 -05:00
3aa1ffb4f5
Do minor code cleanup
2015-05-22 16:20:36 -05:00
c201955fdf
Land #5387 , @wchen-r7's user-configurable HTTP timeout
...
Fixes #5219 , Add connection timeout and response timeout for HttpClient
2015-05-22 15:36:11 -05:00
e0d9ee062f
Use HttpClientTimeout
2015-05-22 13:35:37 -05:00
03b70e3714
Land #5388 , @wchen-r7's fixes #5373 by add info to BrowserRequiements
2015-05-22 10:21:59 -05:00
c07ff70f19
Add check for UUID payloads
...
Thankfully those payloads already had a flag that could be reused.
2015-05-22 15:11:12 +10:00
1c73c190fc
Add machine_id support to windows php meterp
2015-05-22 14:55:29 +10:00
9ce669f878
Land #5328 : reworked x64 http/https stagers
2015-05-21 23:26:34 -05:00
10bd75348c
Merge branch 'upstream/master' into uuid-stagers
2015-05-22 13:07:25 +10:00
a6a274d3a3
Merge recent stager changes
2015-05-22 13:01:45 +10:00
c63077f037
Land #5405 - larger service templates
...
Fixes #5403
2015-05-22 12:33:18 +10:00
9b17b63259
Switch to append mode for x86 service templates, fixes #5403
2015-05-21 20:42:20 -05:00
ea9059f930
Fix broken endian specification (<I vs I<)
2015-05-21 20:00:22 -05:00
305da46491
Land #5301 , @m-1-k-3's aux module to extract passwords from Netgear soap interfaces
2015-05-21 16:07:05 -05:00
f35d7a85d3
Adjust numbers
2015-05-21 15:56:11 -05:00
6da94b1dd5
Deprecate windows module
2015-05-21 15:01:41 -05:00
a8e9b0fb54
Update ActionScript
2015-05-21 14:58:38 -05:00
80d4f3cfb0
Update swf
2015-05-21 14:55:00 -05:00
13e673cc7e
Land #5400 , bump metasploit_data_models
2015-05-21 14:27:26 -05:00
b9f9647ab1
Use all the BES power
2015-05-21 14:06:41 -05:00
91c26643dc
Add polymorphic relationship to Mdm::Vuln
...
and :origin
MSP-12395
* update db/schema.rb
2015-05-21 13:39:25 -05:00
7d46f428e8
Add polymorphic relationship to Mdm::Vuln
...
and :origin
MSP-12395
* Update Gemfile.lock to use metasploit_data_models 1.1.0,
which support the polymorphic relationship
2015-05-21 13:18:38 -05:00
4a5d2d1d24
Revert BrowserExploitServer mixin
2015-05-21 13:18:15 -05:00
c29bb35e28
Change datastore name
2015-05-21 10:15:03 -05:00
5fce00f827
Land #5395 , fixes #5378 , corrects search -S
2015-05-21 01:14:46 -05:00
ee1a366e2b
Use select with ActiveRecord::Associations::CollectionProxy for subset selection
2015-05-21 11:04:03 +05:00
bdf30dd383
Land #5374 , --smallest option in msfvenom
2015-05-20 21:06:10 -05:00
aa919da84d
Add the multiplatform exploit
2015-05-20 18:57:59 -05:00
8d6cbf0568
Make adobe_flash_uncompress_zlib_af multiplatform
2015-05-20 18:57:37 -05:00
0fc8abc6a7
Land #5341 , session command search and Rex table improvements
2015-05-20 17:28:21 -05:00
2cadd5e658
Resolve #5373 , Add ActiveX info in BrowserRequirements
...
Resolve #5373
2015-05-20 16:34:09 -05:00
b9ac612db1
Land #5358 , set uniqueness constraint on http title notes
2015-05-20 16:30:03 -05:00
a4df3468de
unique: should be update:, include uri in data hash
2015-05-20 16:20:09 -05:00
c85b82e8a7
Merge branch 'master' into land-5358-notes
2015-05-20 16:02:59 -05:00
93900087c7
Resolve #5219 , user-configurable HTTP timeout
...
Resolve #5219
2015-05-20 13:30:45 -05:00
e34c751034
only use regex matches if they are specified
2015-05-20 12:22:36 -05:00
23c77adc68
Land #5377 , Update cred reporting method for http_ntlm
2015-05-20 11:57:42 -05:00
e9be0d3f7a
Allow cmd_arp to use -S flag
...
Allow searching for regex' through ARP output using Table's new
'SearchTerm' parameter.
Example:
```
meterpreter > arp -S 10.2.1.1
ARP cache
=========
IP address MAC address Interface
---------- ----------- ---------
10.2.1.1 00:01:02:03:04:05 15
```
2015-05-20 11:26:06 -05:00
b20c1c51b5
Import -S option for netstat
...
Allow searching through netstat output tables for specific strings.
Example:
```
meterpreter > netstat -S 192
Connection list
===============
Proto Local address Remote address State User Inode PID/Program name
----- ------------- -------------- ----- ---- ----- ----------------
tcp 10.1.1.20:3389 192.168.100.186:38470 ESTABLISHED 0 0 3076/svchost.exe
tcp 10.1.1.20:63826 192.168.100.186:31158 ESTABLISHED 0 0 4568/powershell.exe
tcp 10.1.1.20:64887 192.168.100.186:31158 ESTABLISHED 0 0 -
```
2015-05-20 11:26:06 -05:00
e4165d3ae0
whitespace fixes
...
from @sempervictus
2015-05-20 11:26:04 -05:00
66bd881ac5
support filtering on processes with a regex
...
from @sempervictus
Merge forked changes to cmd_ps allowing for the use of string
matching on listing output via Rex::Ui::Text::Table's SearchTerm
facility
Example:
```
meterpreter > ps -S x64.*Auth.*Sys
Process list
============
PID Name Arch Session User Path
--- ---- ---- ------- ---- ----
400 smss.exe x64 0 NT AUTHORITY\SYSTEM C:\Windows\System32\smss.exe
...
```
2015-05-20 11:25:56 -05:00
d97ad5f8e4
support more consistent table output formatting
...
from @sempervictus
2015-05-20 11:25:55 -05:00
8a0bb6735e
support creating Rex Tables from CSV
...
from @sempervictus
2015-05-20 11:25:53 -05:00
OJ
jvazquez-r7
wchen-r7
Brent Cook
HD Moore
Sonny Gonzalez
root
RageLtMan