HD Moore
eda8a90cea
Fix merge issues with os.js
2014-05-19 13:04:36 -05:00
HD Moore
ddc8a4f103
Merge branch 'master' of github.com:rapid7/metasploit-framework into feature/recog
2014-05-19 11:42:30 -05:00
HD Moore
81194684ae
Require MDM >= 0.17.2 for Recog support
2014-05-19 11:41:44 -05:00
William Vu
a30d6b1f2d
Quick cleanup for sap_icm_urlscan
2014-05-19 09:21:26 -05:00
William Vu
dc0e649a10
Clean up case statement
2014-05-19 09:21:07 -05:00
William Vu
bc64e47698
Land #3370 , cleanup for sap_icm_urlscan
2014-05-19 09:16:18 -05:00
William Vu
8235556cec
Land #3372 , release fixes
2014-05-19 09:10:38 -05:00
Tod Beardsley
0ef2e07012
Minor desc and status updates, cosmetic
2014-05-19 08:59:54 -05:00
Tod Beardsley
1ef16fb722
Land #3367 , new wordlists from unhash
...
Thanks @tkisason!
2014-05-19 08:44:54 -05:00
Meatballs
848227e18a
401 should be a valid url
2014-05-19 10:59:38 +01:00
Meatballs
5d96f54410
Be verbose about 307
2014-05-19 10:52:06 +01:00
Meatballs
88b7dc3def
re-add content length
2014-05-19 10:46:47 +01:00
Meatballs
e59f104195
Use unless
2014-05-19 10:41:01 +01:00
sinn3r
bf52c0b888
Land #3364 - Symantec Workspace Streaming Arbitrary File Upload
2014-05-19 00:25:33 -05:00
jvazquez-r7
2fb0dbb7f8
Delete debug print_status
2014-05-18 23:34:04 -05:00
jvazquez-r7
d35ba208ed
Land #3369 @bugch3ck's support for plugin flash exploitation on adobe_flash_pixel_bender
2014-05-18 23:25:08 -05:00
jvazquez-r7
975cdcb537
Allow exploitation also on FF
2014-05-18 23:24:01 -05:00
Jonas Vestberg
033757812d
Updates to adobe_flash_pixel_bender_bof:
...
1. Added embed-element to work with IE11 (and Firefox). Removed browser-requirements for ActiveX (clsid and method).
2. Added Cache-Control header on SWF-download to avoid AV-detection (no disk caching = no antivirus-analysis :).
Testing performed:
Successfully tested with Adobe Flash Player 13.0.0.182 with IE9, IE10 and IE11 running on Windows 7SP1. (Exploit will trigger on FF29, although sandboxed.)
2014-05-18 22:43:51 +02:00
Tonimir Kisasondi
9b29c572a7
Comments dont work with auth_brute.rb
2014-05-18 21:14:17 +02:00
Tonimir Kisasondi
c9bb2d5165
Added headers to files
2014-05-18 20:55:50 +02:00
Tonimir Kisasondi
97b63d708c
Corrected naming to be in line with msf convention
2014-05-18 18:18:23 +02:00
Tonimir Kisasondi
7d79f8a4c2
Removed wrongly named list.
2014-05-18 18:15:17 +02:00
Tonimir Kisasondi
d7bf66973c
Fixed userpass delimiters.
2014-05-18 18:13:03 +02:00
HD Moore
1d205081cb
Merge Gemfile changes properly
2014-05-18 11:10:31 -05:00
HD Moore
a8bf53479d
Fix a merge error
2014-05-18 11:08:04 -05:00
HD Moore
a844b5c30a
Merge branch 'master' of github.com:hmoore-r7/metasploit-framework into feature/recog
...
Conflicts:
Gemfile
Gemfile.lock
data/js/detect/os.js
lib/msf/core/exploit/remote/browser_exploit_server.rb
2014-05-18 10:50:32 -05:00
Tonimir Kisasondi
6ec926b573
Added separate users/pass/userpass dictionaries
2014-05-18 10:18:07 +02:00
William Vu
a97d9ed54f
Land #3148 , check_urlprefixes for sap_icm_urlscan
2014-05-17 16:10:52 -05:00
sappirate
dd1a47f31f
Modified sap_icm_urlscan to check for authentication of custom URLs
...
Fixed ruby coding style
2014-05-17 22:47:49 +02:00
Tonimir Kisasondi
af82ae262c
Added a large default password list for services.
2014-05-16 23:27:18 +02:00
Christian Mehlmauer
488c3e6b93
Land #3358 , @jvazquez-r7 Advantech WebAccess 7.1 SQLI module
2014-05-16 21:26:41 +02:00
jvazquez-r7
2012d41b3d
Add origin of the user, and mark web users
2014-05-16 13:51:42 -05:00
jvazquez-r7
4143474da9
Add support for web databases
2014-05-16 11:47:01 -05:00
jvazquez-r7
883d2f14b5
delete debug print_status
2014-05-16 11:13:03 -05:00
jvazquez-r7
ea38a2c6e5
Handle ISO-8859-1 special chars
2014-05-16 11:11:58 -05:00
Tod Beardsley
10e4204829
Land #3365 , SNMP info leak vulns
2014-05-16 09:05:42 -05:00
jvazquez-r7
c9465a8922
Rescue when the recovered info is in a format we can't understand
2014-05-16 08:57:59 -05:00
Tod Beardsley
3c1363b990
Add new SNMP enumeration modules
2014-05-16 08:32:46 -05:00
jvazquez-r7
7ec85c9d3a
Delete blank lines
2014-05-16 01:03:04 -05:00
jvazquez-r7
9091ce443a
Add suport to decode passwords
2014-05-16 00:59:27 -05:00
jvazquez-r7
1b68abe955
Add module for ZDI-14-127
2014-05-15 13:41:52 -05:00
William Vu
773fd7a9cb
Fix up whitespace
2014-05-14 15:31:40 -05:00
William Vu
340956f294
Add a newline after DISCLOSURE_DATE_FORMAT
2014-05-14 15:28:07 -05:00
William Vu
f9982752f3
Land #3362 , ax rank for aux/dos mods
2014-05-14 15:20:07 -05:00
Tod Beardsley
dc57e31be1
Aux modules don't respect Rank anyway
2014-05-14 15:03:10 -05:00
Christian Mehlmauer
dc7a8d32d8
Land #3324 , msfconsole search timestamp fixes
2014-05-14 21:30:02 +02:00
nstarke
bb6201d66d
Fixing nil bug and making format constant
...
The date format has been moved into a constant variable.
Certain modules do not have a disclosure_date. For example,
‘checkvm’. This necessitated checking disclosure_date for nil
before attempting a format conversion. Also, there was an additional
location in core.rb that needed the formatting / nil check added. Specs
were also updated appropriately.
2014-05-14 15:51:42 +00:00
jvazquez-r7
5b3bb8fb3b
Fix @FireFart's review
2014-05-14 09:00:52 -05:00
William Vu
9fbda3eae0
Land #3183 , tab completion improvements
2014-05-14 02:20:12 -05:00
William Vu
fdbfaacdf6
Land #3313 , progress feedback for PASS_FILE
...
[FixRM #8704 ]
2014-05-14 02:03:39 -05:00