m-1-k-3
4816925f83
feeback included
2013-05-19 16:19:45 +02:00
jvazquez-r7
85ceaa1a62
Add module for CVE-2013-2730
2013-05-18 12:44:24 -05:00
Luke Imhoff
1df08cfa49
Add specs to prevent dupe migrations_paths regression
...
[#50099107 ]
Add specs to verify that the duplicate migrations_paths protection
works.
2013-05-17 15:15:57 -05:00
Luke Imhoff
28e08aebc1
Merge branch 'master' into bug/multiple-migrations-have-version-in-specs
2013-05-17 15:05:52 -05:00
Brandon Turner
993a7335b9
Merge pull request #1844 from limhoff-r7/bug/conditional-stance
...
Fix Mdm::Module::Detail#stance bug
2013-05-17 12:58:23 -07:00
Luke Imhoff
82867fbb66
Prevent duplicate migrations_paths
...
[#50099107 ]
If Msf::DBManager#initialize_metasploit_data_models is run multiple
times, such as during specs, ActiveRecord::Migrator.migrations_paths was
getting populated with multiple copies of the metasploit_data_models
db/migrate path, which would lead to 'DB.migrate threw an exception:
Multiple migrations have the version number 0' errors in framework.log.
2013-05-17 14:56:17 -05:00
Luke Imhoff
c110acd0a5
Merge branch 'master' into bug/conditional-stance
...
Conflicts:
Gemfile
Gemfile.lock
2013-05-17 14:02:32 -05:00
Luke Imhoff
c8657fb46b
Fix Mdm::Module::Detail#stance bug
...
[#49858419 ]
[SEERM #7958 ]
metasploit_data_models 0.14.3 relaxes the validation on
Mdm::Module::Detail#stance so it only needs to be in
Mdm::Module::Detail::STANCES if Mdm::Module::Detail#mtype is 'auxiliary'
or 'exploit' as framework only supplies a stance for those types when
using Mdm::Module::Detail.
2013-05-17 11:58:10 -05:00
Brandon Turner
51a89c3c2c
Merge pull request #1841 from lsanchez-r7/bug/cannot_delete_vuln_refs_zero_length_delimiter
...
Update to metasploit_data_models 0.14.2
2013-05-17 07:46:09 -07:00
lsanchez-r7
abb73dd286
Update to metasploit_data_models 0.14.2
2013-05-16 17:46:33 -05:00
James Lee
41e23963fd
Land #1840 , fix exe-small modifying payload
...
Calls to `EXE.to_win32pe_old` would modify the payload in place,
potentially causing trouble if it is used after being turned into an
executable (which doesn't usually happen in exploits, which is probably
why no one noticed til now).
2013-05-16 16:10:24 -05:00
Brandon Turner
c248c7f7b9
Merge pull request #1839 from limhoff-r7/bug/mdm-web-vuln-params-export
...
Update to metasploit_data_models 0.14.1
2013-05-16 13:51:49 -07:00
Alexandre Maloteaux
2a9dbb2654
msfvenom and exe-small fmt bug fix
2013-05-16 21:13:45 +01:00
James Lee
42d8173d17
Land #1837 , broken references
2013-05-16 14:32:46 -05:00
James Lee
3009bdb57e
Add a few more references for those without
2013-05-16 14:32:02 -05:00
jvazquez-r7
d9bdf3d52e
Do final cleanup for sap_smb_relay
2013-05-16 14:25:10 -05:00
jvazquez-r7
9dd582c526
Land #1656 , @nmonkee's module for SMB Relay attacks against SAP
2013-05-16 14:23:39 -05:00
Luke Imhoff
d57b1df722
Update to metasploit_data_models 0.14.1
...
[#49617323 ]
0.14.1 is the jruby compatible version of 0.14.0.
2013-05-16 12:45:08 -05:00
h0ng10
ccef6e12d2
changed to array in array
2013-05-16 19:03:47 +02:00
h0ng10
460542506d
changed to array
2013-05-16 19:01:20 +02:00
h0ng10
378f0fff5b
added missing comma
2013-05-16 18:59:46 +02:00
jvazquez-r7
c21035c0b9
Add final cleanup for sap_ctc_verb_tampering_user_mgmt
2013-05-16 10:42:09 -05:00
jvazquez-r7
7823df0478
Change module filename
2013-05-16 10:41:25 -05:00
jvazquez-r7
f3f0272395
Land #1652 , @nmonkee's SAP CTC Verb Tampering for User Mgmt module
2013-05-16 10:40:17 -05:00
nmonkee
11286630d5
modifications to CLBA_ SOAP requests to fix XML kernel processor error
2013-05-16 11:24:29 +01:00
nmonkee
83f73c0119
Merge pull request #11 from jvazquez-r7/sap_smb_relay
...
SAP SMB Relay Abuses
2013-05-16 02:03:43 -07:00
Joe Vennix
1a5c747bb9
Update description.
2013-05-15 23:52:51 -05:00
Joe Vennix
178a43a772
Whitespace tweaks and minor bug fix. Wrong payloads still run.
2013-05-15 23:47:04 -05:00
Joe Vennix
f4b6db8c49
Tweak whitespace.
2013-05-15 23:35:59 -05:00
Joe Vennix
a7d79e2a51
Oops, don't cache payload_filename.
2013-05-15 23:34:14 -05:00
Joe Vennix
4d5c4f68cb
Initial commit, works on three OSes, but automatic mode fails.
2013-05-15 23:32:02 -05:00
jvazquez-r7
c82bb73347
Avoid super verbose output
2013-05-15 17:45:37 -05:00
Luke Imhoff
3d6f0402e4
Merge branch 'master' into bug/mdm-web-vuln-params-export
...
Conflicts:
Gemfile
Gemfile.lock
2013-05-15 14:01:57 -05:00
Luke Imhoff
5527f0300f
Update to metasploit_data_models 0.14.0
...
[#49617323 ]
0.14.0 adds validation for Mdm::WebVuln#params to prevent incorrect
values that can't be exported.
2013-05-15 13:46:41 -05:00
Brandon Turner
90f987de38
Merge branch 'release' to upgrade MDM to 0.12.1
2013-05-15 11:48:35 -05:00
Brandon Turner
88732bb1f4
Merge pull request #1832 from bug/shell_session_fix2
...
[Story #49893835 ]
2013-05-15 11:48:12 -05:00
David Maloney
3c278c2b50
Fix shell session record creation
...
use latest mdm version to fix issue with creation of Mdm::Session
objects for non-meterpreter sessions.
[Story #49893835 ]
2013-05-15 11:10:28 -05:00
James Lee
61afe1449e
Landing #1275 , bash cmdstager
...
Conflicts:
lib/rex/exploitation/cmdstager.rb
Conflict was just the $Id$ tag, which is no longer used anyway.
2013-05-15 10:44:05 -05:00
James Lee
2504aa4550
Land #1812 , mailvelope chrome extension key grabber
2013-05-15 10:10:36 -05:00
Luke Imhoff
724f934f46
Update to metasploit_data_models 0.13.0
...
[#49617323 ]
0.13.0 adds validator for format of Mdm::WebVuln#params.
2013-05-15 09:36:42 -05:00
jvazquez-r7
649a8829d3
Add modules for Mutiny vulnerabilities
2013-05-15 09:02:25 -05:00
Tod Beardsley
6457a968c9
Land #1829 , uninvert note searching.
2013-05-15 07:14:19 -05:00
jvazquez-r7
c410a54d44
Merge SAP SMB Relay abuses in just one module
2013-05-14 20:53:08 -05:00
jvazquez-r7
357ef001cc
Change module filename
2013-05-14 20:52:33 -05:00
Brandon Turner
34085e43eb
Merge pull request #1828 from limhoff-r7/bug/mdm-host-os-name-validation
...
Update to metasploit_data_models 0.12.0
2013-05-14 15:58:35 -07:00
John Sherwood
063ef487e2
Fix typo in cmd_notes
2013-05-14 18:58:31 -04:00
Luke Imhoff
3828458ccc
Update to metasploit_data_models 0.12.0
...
[#49878349 ]
0.12.0 removes validation on Mdm::Host#os_name.
2013-05-14 15:44:48 -05:00
jvazquez-r7
2454862496
Land #1827 , @wchen-r7's modification to add MS ref to ie_cgenericelement_uaf
2013-05-14 15:18:17 -05:00
sinn3r
e1111928c2
Adds patch info for ie_cgenericelement_uaf
...
This one is MS13-038
2013-05-14 14:55:02 -05:00
sinn3r
1e90f71360
Landing #1826 - Add Python format support to msfvenom
2013-05-14 14:50:12 -05:00