a0c473f29e
Upload memory usage optimization
...
Optimize xor_bytes memory usage, use small buffer for upload,
add verbosity
2018-02-15 17:05:22 +05:00
651ddbb7eb
Disk Savvy Server Buffer Overflow
2018-02-15 10:09:07 +00:00
177e1321ae
Aux command dispatcher in exploit ctx with action
...
The Auxiliary command dispatcher checks modules for passive actions
expecting them to have included Msf::Module::HasActions mixin. The
mixin is included in post and aux modules already, but not in
exploits. When the aux dispatcher handles an exploit module, it
may get upset along the lines of:
```
[-] Error while running command exploit: undefined method 'passive'
for #<Msf::Modules::M...3::MetasploitModule:0x0000000d83de0428>
Did you mean? passive?
Call stack:
/opt/metasploit4/msf4/lib/msf/ui/console/command_dispatcher/
auxiliary.rb:106:in `cmd_run'
```
Avoid this mess by having the conditional which checks the methods
included by that mixin depend on the module having included the
mixin in the first place.
Testing:
In local fork (hence the lineno) it seems to fix the problem.
The problem condition and fix should be independently tested
upstream.
2018-02-15 04:20:09 -05:00
630e9dd0de
Verification steps update
2018-02-14 20:40:32 +00:00
929027ab96
Disk Savvy Server Buffer Overflow
2018-02-14 20:35:32 +00:00
07763ccd6a
Disk Savvy Server Buffer Overflow Documentation
2018-02-14 20:35:03 +00:00
d5ab7b127b
Land #9557 , add back udp_probe for now
2018-02-14 11:24:21 -06:00
9a293cd30e
Fix #8120 , Fix undef method 'gsub' in bavision_cam_login
...
Fix #8120
2018-02-14 11:03:03 -06:00
ef948ccc38
Fix #9417 , map timeout exp to a var for telnet_encrypt_overflow
...
Fix #9417
2018-02-14 09:19:28 -06:00
7cfc17860d
udp_probe is necessary for pivot scans
2018-02-14 08:45:46 -06:00
ef13f01820
Remove actually deprecated modules
2018-02-14 08:43:20 -06:00
234f5a316b
Revert "Remove old deprecated modules"
...
This reverts commit a2c5cc0ffb
2018-02-14 08:42:44 -06:00
9611bfdd01
Land #9547 , Delete meterpreter scripts, imporve spelling
2018-02-14 02:24:07 -06:00
5063415b79
Land #9552 , add private_type for stored tomcat pw
...
Fixes #9513
2018-02-13 19:25:27 -05:00
3811665b69
Land #7699 , Add UDP handlers and payloads (redux)
2018-02-13 14:50:09 -06:00
f5768e7ced
gate session reported when using bind udp
...
While this method here is somewhat noisy on the network it eliminates
a poor user experience when the handler is started but the payload is
not yet running on the target.
When a target is sent a udp packet and it is not rejected push down
an initial "echo syn" command that will respond with output. This
allows framework to be aware that the payload is what is running on
the server port instead of assuming a non-existent target is a valid
session.
2018-02-13 14:44:57 -06:00
d56111a33c
update cache sizes from new tests
2018-02-13 14:34:21 -06:00
fbeba8bfd2
Fix #9513 , Add private_type to be able to store password for Tomcat
...
If there is no :private_type, the create_credential method in
Metasploit::Credential::Creation will quietly skip the password,
which makes it look like a bug when the user is trying to view
the password from the creds command.
Fix #9513
2018-02-13 14:31:56 -06:00
b80445e448
add missing payload tests
2018-02-13 14:20:43 -06:00
2221779ddd
update package namespaces
2018-02-13 13:33:36 -06:00
b21f5d7036
Land #9546 , Correct Typo
2018-02-13 09:59:34 -06:00
18983d1fae
s/imporve/improve/g
2018-02-13 05:30:05 -06:00
252e80b9bf
remove a couple of broken meterpreter scripts (upstream is dead)
2018-02-13 05:28:09 -06:00
de24451035
Correct Typo
2018-02-13 15:57:09 +05:30
aefd0d3875
Land #9542 , Correct Typo
2018-02-13 02:41:12 -06:00
9800d450f5
Land #9543 , bump gems, remove rbnacl/ffi since unneeded
2018-02-12 11:47:15 -06:00
316e657d10
bump gems, remove rbnacl/ffi since unneeded
2018-02-12 11:21:04 -06:00
ecb5fffb0b
Typo fix: "withint" --> "within"
2018-02-13 06:20:57 +13:00
bad1429989
reverted CachedSize values
2018-02-11 19:07:41 -07:00
8ae8a0d94b
added bind_named_pipe payload
2018-02-11 18:56:50 -07:00
285b329ee1
Land #9422 abrt race condition priv esc on linux
2018-02-11 11:58:39 -05:00
add7ae8fa1
Land #9536 , Add Ubuntu notes to documentation
2018-02-11 07:27:00 -06:00
321b78b0fe
Land #9408 , Add Juju-run Agent Privilege Escalation module (CVE-2017-9232)
2018-02-11 07:19:49 -06:00
4e5cbd68b9
Add Ubuntu notes to documentation
2018-02-11 06:52:36 +00:00
4b6362a37d
Minor doc tweaks.
2018-02-10 16:14:14 -06:00
1177efef89
Update tested versions
2018-02-10 16:32:20 +00:00
fcaee81fba
Land #9467 linux priv esc against glibc origin
2018-02-10 07:20:35 -05:00
38252e4384
success against x64
2018-02-10 07:17:15 -05:00
b9faa9e92b
Fix a typo
2018-02-09 20:28:55 -06:00
81e0d56261
Always write the file as long as the option is set
2018-02-09 20:28:12 -06:00
8aa8b6df3d
Land #9532 , Fix a bug in the MD docs references
...
Land #9532
2018-02-09 20:22:35 -06:00
46a0ea6582
Fix db_spec
2018-02-09 20:06:43 -06:00
958513bd86
Fix #9522 , Add output file support to the vulns command
...
This adds a new feature for the vulns command for msfconsole. It
allows the user to be able to save the vulnerability as a CSV
file.
Fix #9522
2018-02-09 19:45:46 -06:00
0d573e1434
Support shell sessions
2018-02-09 16:15:04 -05:00
45249d582d
Add partition check
2018-02-09 16:15:04 -05:00
9e11632608
Add documentation
2018-02-09 16:15:04 -05:00
0ba37f8104
Add glibc $ORIGIN Expansion Privilege Escalation exploit
2018-02-09 16:15:04 -05:00
c612dbfdbf
Also fix GitHub related pull request links
2018-02-09 15:16:10 -05:00
7a18aaa74a
Fix the normalizer_spec to expect the md syntax
2018-02-09 14:56:42 -05:00
cb1b59545b
Land #9469 linux local exploit for glibc ld audit
2018-02-09 14:00:42 -05:00
a1exdandy
Daniel Teixeira
RageLtMan
Brent Cook
Wei Chen
HD Moore
Jacob Robles
Spencer McIntyre
Jeffrey Martin
Agahlot
follower
UserExistsError
h00die
Pearce Barry
Brendan Coles