Commit Graph

723 Commits (ecce28e8b9106f98203cfbf1b675d7563081e4ee)

Author SHA1 Message Date
David Maloney ecce28e8b9
revert rex-powershell back to previous version
some things need to be worked out in framework before
this gem version is ready for release
2017-07-17 15:04:43 -05:00
Metasploit f80c053114
Bump version of framework to 4.15.2 2017-07-17 12:01:22 -07:00
Brent Cook ea02558390 bump prerelease gems to fix specific issues with Framework
rb-readline has an issue with the latest curses release
  dnsruby changes the global thread behavior to abort on exception
2017-07-17 09:26:14 -05:00
dmaloney-r7 d6ee0ca94d Merge branch 'master' into kill-cucumber 2017-07-14 10:23:38 -05:00
Metasploit 03691cc35f
Bump version of framework to 4.15.1 2017-07-12 20:08:07 -07:00
Brent Cook dbef4ee816 kill cucumber in framework 2017-07-12 08:00:29 -05:00
Brent Cook 8d23d1e05d
move the xpath pin to test group instead 2017-07-12 05:11:09 -05:00
dmohanty-r7 38d5258c12
Lock xpath version to 2.0 2017-07-11 16:19:25 -05:00
Brendan Coles 6a29b87a4c Add pdf-reader dependency 2017-07-07 11:19:06 +00:00
Brent Cook 4393b6e563 Improve compatibility with Rubinius (alternate Ruby implementation) 2017-06-30 11:08:17 -04:00
Brent Cook fa79f90e4e bump rex-socket, add client cert, mac address matching support 2017-06-30 10:46:15 -04:00
William Webb 6349026134
Land #8442, Exploit module for Backup Exec Windows Agent UaF 2017-06-28 10:39:28 -05:00
Brent Cook eba8979914 bump payloads 2017-06-27 04:08:15 -05:00
Rob Fuller 2918b3af13
Land #8599, Dynamic DNS updater module 2017-06-25 15:08:22 -05:00
Brent Cook 7a006e0f71 bump payloads 2017-06-23 18:13:52 -05:00
Rob Fuller fdd62ab112
Land #8604, Incorporate fix for workspace delete 2017-06-23 17:30:57 -05:00
Brent Cook 714b7d0a02 bump metasploit_data_models, speedup workspace deletion 2017-06-23 17:02:32 -05:00
OJ 87cee65a06
Bump payloads to 1.2.35 to include kiwi updates 2017-06-23 13:43:00 +10:00
Brent Cook fda2e8c73d
Land #8523, Add support for session GUIDs 2017-06-22 20:10:10 -05:00
Metasploit fad696ed58
Bump version of framework to 4.15.0 2017-06-22 18:02:38 -07:00
KINGSABRI 5528084e27 add Dnsruby 2017-06-22 15:55:04 -05:00
William Vu 3293a8fe67
Land #8594, rspec-retry Heisenspec fix 2017-06-21 19:57:57 -05:00
Brent Cook 22db17a87a bind ruby-pg back to version 0.20 2017-06-21 03:11:11 -05:00
darkbushido e873c87f0b
trying rspec-retry 2017-06-20 14:02:32 -05:00
Metasploit 9ce0bb9345
Bump version of framework to 4.14.28 2017-06-16 10:02:07 -07:00
Metasploit 0515980138
Bump version of framework to 4.14.27 2017-06-12 07:39:14 -07:00
Metasploit 77b1125e77
Bump version of framework to 4.14.26 2017-06-09 10:03:35 -07:00
OJ a3f3dc0a70
Upload payloads/mettle gems, update cache sizes
Updated both the metasploit-payload and metasploit-payload-mettle gems
to the versions that match for the session GUID pull requests. Updated
the payload cached sizes to match the new payloads.
2017-06-09 17:15:52 +10:00
Brent Cook 153611e9fa bump metasploit-credential to allow handling string addresses gracefully 2017-06-09 01:43:45 -05:00
Brent Cook 5f10e63923 bump payloads 2017-06-05 08:43:16 -05:00
Metasploit 92a65f5c63
Bump version of framework to 4.14.25 2017-06-02 10:03:44 -07:00
David Maloney 3ee77d1b50
update ruby_smb version 2017-05-30 14:17:51 -05:00
David Maloney d5e74ffdf3
Merge branch 'master' into feature/eternal_blue/rubysmb_refactor 2017-05-30 13:59:31 -05:00
Metasploit 0c792798a7
Bump version of framework to 4.14.24 2017-05-30 07:26:35 -07:00
Brent Cook a01a2ead1a
Land #8467, Samba CVE-2017-7494 Improvements 2017-05-30 00:15:03 -05:00
Brent Cook e31e3fc545 add additional architectures and targets 2017-05-30 00:07:37 -05:00
Brent Cook 63ae70f061 remove pry/method_source git binding, this is not a vital update 2017-05-26 23:03:44 -05:00
Brent Cook ce9cfa5727 bit-struct updated, no need for my branch anymore 2017-05-26 23:00:21 -05:00
David Maloney f0f99ad479
nttrans packet setup correctly,everything broken
got the nttrans packet setup correctly but somewhere
along the line i broke the whole exploit wtf?
2017-05-26 14:54:46 -05:00
David Maloney b3e99ee9d2
point to local gem copy for testing and dev
remove this later, use a local copy of rubysmb
2017-05-26 12:30:19 -05:00
Metasploit 15b3b7de41
Bump version of framework to 4.14.23 2017-05-26 10:02:14 -07:00
David Maloney dc67fcd5a8
use RubySMB for anonymous login
use the new anonymous login capabilities in
RubySMB
2017-05-24 15:40:05 -05:00
Matthew Daley 52363aec13 Add module for CVE-2017-8895, UAF in Backup Exec Windows agent
This module exploits a use-after-free vulnerability in the handling of
SSL NDMP connections in Veritas/Symantec Backup Exec's Remote Agent for
Windows. When SSL is re-established on a NDMP connection that previously
has had SSL established, the BIO struct for the connection's previous
SSL session is reused, even though it has previously been freed.

Successful exploitation will give remote code execution as the user of
the Backup Exec Remote Agent for Windows service, almost always
NT AUTHORITY\SYSTEM.
2017-05-24 00:18:20 +12:00
Metasploit 18f520382b
Bump version of framework to 4.14.22 2017-05-19 12:12:27 -07:00
Metasploit c54c999efc
Bump version of framework to 4.14.21 2017-05-19 10:02:32 -07:00
Brent Cook 22828fcc0f
Land #8406, add compatibility shims for older Ruby versions 2017-05-18 21:50:45 -05:00
Metasploit 126c078ced
Bump version of framework to 4.14.20 2017-05-18 11:53:33 -07:00
David Maloney 94e4dc2938
fix for smb_login errors
do not try the TreeConnect if the SESSION_SETUP
has already failed.
2017-05-18 11:26:03 -05:00
Brent Cook c59371dd5e add ruby backports compat library 2017-05-17 23:41:20 -05:00
Metasploit 729f2a9ab8
Bump version of framework to 4.14.19 2017-05-16 14:09:45 -07:00