Commit Graph

28483 Commits (e71ba1ad4a082c993e06d7a93829a4790b13c652)

Author SHA1 Message Date
Pedro Ribeiro e71ba1ad4a Push exploit for CVE-2014-6038/39 2014-11-05 20:12:03 +00:00
Pedro Ribeiro 490d6d046b Merge pull request #6 from rapid7/master
merge
2014-11-05 20:10:42 +00:00
Tod Beardsley cca30b536f
Land #4094, fixes for OWA brute forcer
Fixes #4083

Thanks TONS to @jhart-r7 for doing most of the work on this!
2014-11-05 14:00:26 -06:00
Tod Beardsley a46839726e
Make OWA 2013 the default, other fixes
Thanks @jhart-r7!

See rapid7#4083 and see rapid7#4094
2014-11-05 13:56:37 -06:00
William Vu 40ee03ee63
Land #4126, rm Travis testing for 2.0 2014-11-05 10:18:57 -06:00
Jon Hart ff8d481eec Update description to remove comments about defaults. Default to 2013 2014-11-04 21:21:19 -08:00
Jon Hart 2c028ca7a6 Move redirect check before body check -- a redirect won't have a body 2014-11-04 14:19:21 -08:00
Jon Hart 7855ede2de Move userpass emptiness checking into setup 2014-11-04 14:07:39 -08:00
William Vu ebb8b70472
Land #4015, another Android < 4.4 UXSS module 2014-11-04 15:52:29 -06:00
Tod Beardsley f8593ca1b5
Land #4109, tnftp savefile exploit from @wvu-r7 2014-11-04 15:44:13 -06:00
Tod Beardsley 5fb268bbdf
Updates to better OWA fix 2014-11-04 14:32:54 -06:00
Tod Beardsley 714fd0bec6
Incorporate @jhart-r7's better fix 2014-11-04 14:02:37 -06:00
Jon Hart b0e388f4c3
Land #3516, @midnitesnake's snmp_enumusers fix for Solaris, OS X 2014-11-04 08:23:16 -08:00
Joshua Smith b45cbfdf53
Land 4127, fix broken refactor in util/exe 2014-11-04 07:51:12 -06:00
agix 333d420c94 Fix refactoring bug from 23 october in util/exe
23 October, {} instead of #{} totally break windows service generation
f19b093529 (diff-0f5729034d8b0b321e738f2fc047854fL578)
2014-11-04 11:59:36 +01:00
midnitesnake 1a2b1db0d5 Merge pull request #3 from jhart-r7/landing-3516-jhart
Numerous cleanups for snmp_enumusers
2014-11-04 06:46:32 +00:00
jvazquez-r7 400ef51897
Land #4076, exploit for x7chat PHP application 2014-11-03 18:22:04 -06:00
jvazquez-r7 3bf7473ac2 Add github pull request as reference 2014-11-03 18:18:42 -06:00
jvazquez-r7 44a2f366cf Switch ranking 2014-11-03 18:06:09 -06:00
jvazquez-r7 039d3cf9ae Do minor cleanup 2014-11-03 18:04:30 -06:00
William Vu 277fd5c7a1
Land #4123, release fixes 2014-11-03 16:20:00 -06:00
Juan Escobar 7e4248b601 Added compatibility with older versions, Updated descriptions and fixed issue with Ubuntu 12.04 2014-11-03 16:42:50 -05:00
Tod Beardsley 30ff0a3f55
Remove 2.0 Travis testing
Fixes #4125
2014-11-03 15:32:20 -06:00
Tod Beardsley 0199e4d658
Land #3770, resolve random stager bugs 2014-11-03 14:15:14 -06:00
Tod Beardsley 0b39c2ed85
Land #4084, prep for Ruby 2.1 2014-11-03 13:43:50 -06:00
Tod Beardsley 51b96cb85b
Cosmetic title/desc updates 2014-11-03 13:37:45 -06:00
HD Moore 8aecd5e4a5 Address the two open comments from @jlee-r7 2014-11-03 12:33:11 -06:00
OJ 4f0fbaa60c
Land #4112 - Fix pointer types 2014-11-01 10:55:19 +10:00
jvazquez-r7 83360ba9d2
Land #4114, @wchen-r7's change to handle Rex::HostUnreachable 2014-10-31 19:23:45 -05:00
sinn3r 6f013cdcaf Missed these 2014-10-31 18:48:48 -05:00
jvazquez-r7 f43a6e9be0 Use PDWORD_PTR and DWORD_PTR 2014-10-31 17:35:50 -05:00
sinn3r d6a830eb6e Rescue the correct exception: Rex::HostUnreachable 2014-10-31 16:43:33 -05:00
jvazquez-r7 6154b7d55f Fix style again 2014-10-31 12:51:48 -05:00
jvazquez-r7 203af90a44 Fix style 2014-10-31 12:50:23 -05:00
jvazquez-r7 0c23733722 Use hungarian notation 2014-10-31 12:47:50 -05:00
jvazquez-r7 8e547e27b3 Use correct types 2014-10-31 12:37:21 -05:00
Joe Vennix 1e9f9ce425
Handle invalid JSON errors and fix typo. 2014-10-31 11:01:49 -05:00
sinn3r cd16ee8791
Land #4107 - Bump to ruby-1.9.3-p550 for CVE-2014-8080 2014-10-31 10:27:09 -05:00
sinn3r f6f7d93fa2
Land #4111 - a little something for the holiday 2014-10-30 23:45:21 -05:00
HD Moore 9b61ae5f63 This is halloween.
THISISHALLOWEEN=1 ./msfconsole
2014-10-30 23:35:12 -05:00
William Vu 953a642b0e
Finally write a decent description 2014-10-30 22:51:42 -05:00
sinn3r 64f4777407
Land #4091 - Xerox DLM injection 2014-10-30 22:15:16 -05:00
sinn3r b7a1722b46 Pass msftidy, more descriptive name and description 2014-10-30 22:14:18 -05:00
William Vu e3ed7905f1
Add tnftp_savefile exploit
Also add URI{HOST,PORT} and {,v}print_good to HttpServer.
2014-10-30 20:38:16 -05:00
Jon Hart 77433a6504
Land #3507/#3463, a communal effort around improving splunk_upload_app_exec 2014-10-30 18:29:43 -07:00
Jon Hart 1a37a6638c Fix splunk_upload_app_exec to work on new installs. Style 2014-10-30 18:28:56 -07:00
Jon Hart 55f245f20f
Merge #3507 into local, recently updated branch of master for landing 2014-10-30 17:28:20 -07:00
OJ cc7f7c9986
Land #4108 - Avoid local offsets in CVE-2014-4113 2014-10-31 09:08:51 +10:00
OJ cbd616bbf5 A few sneaky style changes, but no functional ones
Changes were purely for style, and Juan was happy to let me make them
as part of the merge.
2014-10-31 09:08:11 +10:00
jvazquez-r7 6574db5dbb Fix the 64 bits code 2014-10-30 17:01:59 -05:00