51f3f59d2f
cve and references available
2013-01-11 00:54:53 +01:00
19ff7f93ae
Merge remote-tracking branch 'wchen-r7/encoder_fixes' into rapid7
2013-01-10 17:41:08 -06:00
0f346dde9e
Some whitespace and ruby -c fixes
2013-01-10 17:29:54 -06:00
ab64c428ab
Merge remote-tracking branch 'kernelsmith/RM7676-migrate-h' into rapid7
2013-01-10 17:24:11 -06:00
70c8296856
Merge branch 'master' of github.com:rapid7/metasploit-framework into rapid7
2013-01-10 17:20:24 -06:00
d4854606f2
Cosmetic fixes
...
[FixRM #7223 ][See #1283 ]
2013-01-10 17:18:25 -06:00
192279544b
BufferRegister should be validated.
...
If BufferRegister is in lower-case, then gen_decoder_prefix will
return nil. When the return value is nil, other functions like
gen_decoder() will backtrace due to a "undefined method "+" for nil"
error. Therefore, this input should NOT be case-sensitive.
Also, if for some reason the user supplies an invalid BufferRegister,
the function should be aware of that and warn the user about the
bad input.
2013-01-10 17:14:38 -06:00
6a7f8758e0
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-01-11 00:14:22 +01:00
0527a7ee9b
Import datastore options when using an encoder
...
If you can't pass datastore options, sometimes you can't even
use an encoder. [FixRM #7681 ]
2013-01-10 17:11:58 -06:00
8c5847a13c
Make output compatible with an scanner module
2013-01-11 00:10:15 +01:00
9c652d1d55
Add a note about ruby 1.9 requirements
2013-01-10 17:10:03 -06:00
0e950997e6
Merge branch 'wordpress-pingback-access' of https://github.com/smilingraccoon/metasploit-framework into smilingraccoon-wordpress-pingback-access
2013-01-10 23:57:22 +01:00
afb12983ab
Merge branch 'rapid7' into kernelsmith-msfconsole-suspend
2013-01-10 16:40:27 -06:00
e8c239dc81
changed TODO to @todo per egypt
2013-01-10 16:35:01 -06:00
b702263bbf
Added fix form Eric Milam to simple.disconnect
2013-01-10 16:33:03 -06:00
b3266823ba
Addressed egypt's comments
...
-changed the suspend/resume loop logic to reduce code duplication.
-fixed up some print_*'s to remove embedded \n's
-changed formatting on some error messages
-switched comment to a TODO:
-change host_processes.select (blah} to use .find instead
-adjusted code due to remvoal of the pids.dup, resulting in arr_pids
disappearing
2013-01-10 15:40:54 -06:00
c89b2b2ec6
Once more, with feeling
2013-01-10 15:29:54 -06:00
7fd3440c1a
Fix hd's attempt to rename ruby payloads
2013-01-10 15:25:50 -06:00
4fcb8b6f8d
Revert "Rename again to be consistent with payload naming"
...
This reverts commit 0fa2fcd811
2013-01-10 15:24:25 -06:00
b11f941387
cleaned up at validate_pids conversion, fixed YARD doc
...
in validate_pids no longer need dup as conversion to ints was cleaned
up to use map. Which also improved readability and allowed adding uniq
and compact, thanks egypt.
YARD doc on cmd_suspend was incorrectly organized
2013-01-10 14:59:02 -06:00
6a10857daf
Merge remote-tracking branch 'bturner-r7/set_gem_path'
2013-01-10 12:55:55 -08:00
0fa2fcd811
Rename again to be consistent with payload naming
2013-01-10 14:16:37 -06:00
88b08087bf
Renamed and made more robust
2013-01-10 14:05:29 -06:00
0c58a118ff
Found the issue I believe, fixed two issues. One with 301/302 responses getting a bad URI due to switch from ip to dns in location header and other from res.to_s rather than res.body being passed to regex
2013-01-10 11:32:48 -05:00
fc5a0e22b2
stupid push, forgot to remove test puts
2013-01-10 10:43:57 -05:00
ed9d290a85
added status messages, made var blog_posts initalize as nil rather than empty string
2013-01-10 10:41:25 -05:00
5bafd6ddcc
added status message
2013-01-10 09:43:37 -05:00
19dad35337
Merge remote-tracking branch 'jlee-r7/stfu-travis'
2013-01-09 22:05:27 -08:00
de85ac5caf
STFU, travis
2013-01-10 13:53:47 -06:00
ea000d6ee0
updated authors
2013-01-10 20:48:54 +01:00
e503d596ed
code indention for exploit.java fixed
2013-01-10 20:34:58 +01:00
876d889d82
added exploit for j7u10 0day
2013-01-10 20:30:43 +01:00
d0478eb73f
Merge pull request #1284 from boukevanderbijl/patch-1
...
Change charlisome in the list of authors in rails_xml_yaml_code_exec.rb to charliesome
2013-01-10 08:22:44 -08:00
3b491ab998
Change charlisome in the list of authors to charliesome
2013-01-10 16:12:07 +01:00
6c2808423b
Merge branch 'gspillman-r7-cucumber_tests'
2013-01-10 03:23:12 -06:00
2b17a040ac
You can't use File.open like that. Broken code.
2013-01-10 03:16:15 -06:00
11642dcef1
I'm not Gary :-)
2013-01-10 02:38:15 -06:00
42ea64c21b
Merge in Rails2 support now that its in master
2013-01-10 02:14:08 -06:00
bf013ba65f
Add more words to ignore
2013-01-10 01:54:19 -06:00
0b74f98946
Rescue errors and update credits
2013-01-10 01:06:46 -06:00
e05f4ba927
Thread wrappers were causing instant session closure
2013-01-10 00:41:58 -06:00
1e94b090e7
The __END__ trick is no longer needed
2013-01-10 00:29:11 -06:00
acabc14ec3
This restores functionality across all rails 3.x
2013-01-10 00:28:12 -06:00
0e92de8f61
This works against a wider range of RoR 3.x targets
2013-01-10 00:10:26 -06:00
92e8def889
adds suspend to meterp and adds full pid validation
...
This fully fixes RM7223 and adds the suspend command to the meterpreter
interface.
Suspend allows you to suspend and resume running processes on the
targethost. It was originally written as a post module (and the dll
version will be submitted as such later), but egypt suggested I add it
to meterpreter
2013-01-09 23:25:32 -06:00
5e7a4f154e
Fix platform/arch
2013-01-09 23:24:37 -06:00
e15c731651
Clarify credit
2013-01-09 23:22:40 -06:00
4c1e501ed0
Exploit for CVE-2013-0156 and new ruby-platform modules
2013-01-09 23:10:13 -06:00
13140d05b1
Added some methods for checkout output and cleanup
2013-01-09 21:14:19 -06:00
ad3ca3a6bb
regex to check version fixed
2013-01-09 23:48:55 +01:00
jvazquez-r7
James Lee
sinn3r
HD Moore
kernelsmith
Royce Davis
Tod Beardsley
smilingraccoon
Bouke van der Bijl