Commit Graph

40104 Commits (e1ff37f3eb9a6acc147c0c438c6066ae66a32bd6)

Author SHA1 Message Date
Pearce Barry 43fd0a8813
Land #7436, Put Rex-exploitation Gem Back 2016-10-18 16:03:54 -05:00
William Webb 260257a144
Land #7446, Update Capcom exploit module to support Windows 10 2016-10-17 14:57:21 -05:00
Tim 67d07a715c
add android_hide_app_icon 2016-10-17 19:02:48 +08:00
Brent Cook 6fb418d4d2
Land #7447, unify Android meterpreter method names, add missing stageless class 2016-10-17 04:48:43 -05:00
Brent Cook c5faffddbd
bump gems 2016-10-17 04:48:12 -05:00
William Vu ebf52759cc
Land #7449, unsuitable language fix 2016-10-16 03:23:05 -05:00
Justin Steven 2ae62cfce1
Fix typo: Use a better adjective 2016-10-16 18:01:42 +10:00
h00die 0d1fe20ae5 revamped 2016-10-15 20:57:31 -04:00
dana-at-cp d7ac8eba45
Create new signing certificate with dname value copied from original certificate. 2016-10-15 14:05:53 -07:00
Tim 5fad8d8efa
prefix android commands with android_ 2016-10-15 23:57:20 +08:00
OJ 25238f1a26
Update capcom exploit module to support Windows 10 2016-10-15 11:56:48 +10:00
Metasploit 74340e9eb7
Bump version of framework to 4.12.35 2016-10-14 15:13:45 -07:00
William Webb 8e2ff8df80
Land #7433, Add IP Addresses to HTTP PUT/DELETE scanner output 2016-10-14 13:27:17 -05:00
William Webb 5e7d546fa2
Land #7094, OpenNMS Java Object Deserialization RCE Module 2016-10-14 13:19:11 -05:00
Brent Cook dd1e8ff964
fix a few typos in KB 2016-10-14 13:01:51 -05:00
Brent Cook cfddc734a8
Land #7286, WiFi pineapple preconfig command injection module 2016-10-14 12:57:42 -05:00
Brent Cook e05a325786
Land #7285, WiFi pineapple command injection via authentication bypass 2016-10-14 12:57:05 -05:00
Brent Cook 1c9914acb1 add module doc 2016-10-14 12:46:19 -05:00
Brent Cook d36940260f add module doc 2016-10-14 12:44:17 -05:00
Thao Doan 9111d8598c
Land #7440, Add docs for Chrome User Data Enum 2016-10-14 10:39:53 -07:00
Brent Cook 5736b2c821
add missing require 2016-10-14 12:15:45 -05:00
Metasploit b3666ff7ab
Bump version of framework to 4.12.34 2016-10-14 10:04:05 -07:00
William Vu 1da40b5deb Change HAVE_POPEN to USE_POPEN
PS target doesn't support it, so the option should be renamed.
2016-10-14 11:58:39 -05:00
Brent Cook 5ab3401f98
Land #7430, Refactor Android payload configuration into a byte array, add evasions 2016-10-14 10:01:23 -05:00
Brent Cook 741c4b8916 updated android payload gem, removed unused extension jar 2016-10-14 09:59:06 -05:00
Brent Cook 4c248ebe9e Merge branch 'master' into land-7430- 2016-10-14 09:48:33 -05:00
Brent Cook a1d63a629a
update gems 2016-10-14 09:47:02 -05:00
Brent Cook a2fe934c15
Land #7435, NTLM Util change to support Unicode hostnames 2016-10-14 09:46:10 -05:00
Brent Cook 933dc1df84 updated gems 2016-10-14 09:17:27 -05:00
Brent Cook acec45c8b3
Land #7409, CVE-2013-5093 Graphite Pickle Handling - Add Version Check 2016-10-14 08:54:57 -05:00
Brent Cook 9fbe1ddd9d
Land #7384, CVE-2016-6415 - Cisco IKE Information Disclosure 2016-10-14 08:41:34 -05:00
h00die 12493d5c06 moved c code to external sources 2016-10-13 20:37:03 -04:00
William Vu 5b46e72aea Update module logic 2016-10-13 17:40:16 -05:00
William Vu 9b15899d91 Add PS template 2016-10-13 17:40:15 -05:00
William Vu 6f4f2bfa5f Add PS target and remove MIFF 2016-10-13 17:39:55 -05:00
William Vu e70ba8110d Update references 2016-10-13 17:35:55 -05:00
William Vu 88bb2e2295 Update description 2016-10-13 17:35:30 -05:00
Daniel Werner 8adcb96435 Add KB for post/windows/gather/enum_chrome. 2016-10-13 23:23:21 +02:00
wchen-r7 9e97febcd1
Land #7429, Ruby on Rails Dynamic Render File Upload Remote Code Exec 2016-10-13 11:45:46 -05:00
nixawk b74539be44 check if isakmp payload is same to IKE Leak data 2016-10-13 04:20:23 -05:00
Brent Cook 2014b2d2ab
Land #7432, Fix erroneous cred reporting in SonicWALL exploit 2016-10-12 22:39:15 -05:00
Pearce Barry a2a1d6c28a
Land #7411, Add an HTA server module using Powershell 2016-10-12 13:05:40 -05:00
nixawk 884a8b29e7 add doc for auxiliary/scanner/ike/cisco_ike_benigncertain.rb 2016-10-12 03:33:22 -05:00
nixawk 7536d1d94a print leak data 2016-10-12 02:42:50 -05:00
nixawk 70d4833654 Fix report_vuln 2016-10-12 02:16:00 -05:00
Brent Cook 1415c34724
Land #7423, add localtime support for mettle, fix bad mettle gem 2016-10-11 21:12:30 -05:00
Brent Cook aa748ecc83 update to working mettle gem 0.0.8 2016-10-11 21:12:00 -05:00
William Vu e78d3d6bf0 Fix erroneous cred reporting in SonicWALL exploit
A session ID will be returned in the parsed JSON if the login succeeded.

Bad user:

{"noldapnouser"=>1, "loginfailed"=>1}

Bad password:

{"loginfailed"=>1}

Good user/password:

{"userid"=>"1", "sessionid"=>"4WJ9cNg1TkBrwjzX"}
2016-10-11 19:25:52 -05:00
David Maloney 7894d5b2c1 Revert "Revert "use the new rex-exploitation gem""
This reverts commit f3166070ba.
2016-10-11 17:40:43 -05:00
David Maloney 2493ff1886 Revert "Revert "remove leftover cruft""
This reverts commit 74e0256448.
2016-10-11 17:40:18 -05:00