Commit Graph

40220 Commits (f082fd539968964203a0dadf292047490fa1d227)

Author SHA1 Message Date
wchen-r7 f082fd5399 Fix #7603, Race condition when loading auto_win32_multihandler.rc 2016-11-23 15:08:54 -06:00
Pearce Barry 3640e87a37
Land #7599, Don't complain when Proxies is an empty string 2016-11-22 10:14:40 -06:00
James Lee b45a36180e
Don't complain when Proxies is an empty string 2016-11-22 09:29:04 -06:00
Brent Cook 6d85330dad
Land #7594, check if opts['var_get'] exists before using it 2016-11-21 18:06:32 -06:00
Brent Cook 59f3c9e769
Land #7579, rename netfilter_priv_esc to rename netfilter_priv_esc_ipv4 2016-11-21 17:59:29 -06:00
Jin Qian cdc82891d8 Fix the issue 7593 where I get a stacktrace when running module auxiliary/scanner/http/blind_sql_query
Add a guard against the case when opts['vars_get'] is nil
2016-11-21 17:39:09 -06:00
William Vu 6f8660f345
Land #7586, NameError fix for brute_dirs 2016-11-21 14:46:19 -06:00
William Vu 7b5c819430
Land #7588, disclosure date fix for OpenNMS sploit 2016-11-21 14:01:18 -06:00
William Vu c8320d661f
Land #7590, mixin order fix for buffalo_login 2016-11-21 13:57:27 -06:00
Jin Qian 90d360a592 Fix the issue 7589, both RHOST and RHOSTS options are quired
Thanks to Will who found it's due to the order of mixin.
2016-11-21 11:06:32 -06:00
Prateep Bandharangshi 8869ebfe9b Fix incorrect disclosure date for OpenNMS exploit
Disclosure date was Nov 2015, not Nov 2014
2016-11-21 16:44:36 +00:00
Jin Qian 18b873be47 Fix the exception issue reported in issue #7585
Fix the exception by initialize a key variable that caused the exception.
2016-11-21 10:00:23 -06:00
William Webb 6c6221445c
Land #7543, Create exploit for CVE-2016-6563 / Dlink DIR HNAP Login 2016-11-21 09:59:50 -06:00
Brent Cook 0504cae21f
Land #7536, fix get_ipv4_addr(@interface) usage 2016-11-21 01:09:05 -06:00
Brent Cook d8f59a9d62
Land #7507, Fix payload uuid/arch/platform tracking 2016-11-21 00:58:37 -06:00
Brent Cook d7dce28018 bump mettle to get fix for UUID encoding 2016-11-21 00:57:50 -06:00
Brent Cook 0a3acf57d1 update payload sizes 2016-11-20 19:47:17 -06:00
Brent Cook fcb2ef3933 bump ruby, get new openssl fixes 2016-11-20 19:35:44 -06:00
Brent Cook 05cb5edaac update payload gems 2016-11-20 19:10:27 -06:00
Brent Cook 16b5f40dae Revert "Rework XOR code to make more sense"
This reverts commit 699a8e91d2.
2016-11-20 19:09:45 -06:00
Brent Cook 005d34991b update architecture 2016-11-20 19:09:33 -06:00
Brent Cook e52d67cb8c add architecture check 2016-11-20 19:09:26 -06:00
Brent Cook f313389be4 Merge remote-tracking branch 'upstream/master' into land-7507-uuid-arch 2016-11-20 19:08:56 -06:00
David Maloney 6a35b366bc
Land #7577, URPORT fix 2016-11-18 14:41:10 -06:00
h00die 0182594fb0 fix docs to reflect name change 2016-11-18 13:55:29 -05:00
h00die cfd31e32c6 renaming per @bwatters-r7 comment in #7491 2016-11-18 13:52:09 -05:00
Metasploit 643a5511cf
Bump version of framework to 4.13.1 2016-11-18 10:01:48 -08:00
wchen-r7 00e4a8881f
Land #7574, Update open_proxy aux module 2016-11-18 11:41:43 -06:00
h00die cd01b07682
Land #7565
Lands print_bad and vprint_bad from todb-r7
2016-11-18 13:29:39 -05:00
wchen-r7 d3adfff663 Change syntax 2016-11-18 11:41:04 -06:00
wchen-r7 f894b9a4c5 Fix typo 2016-11-18 11:39:26 -06:00
David Maloney 202009b50b
Land #7570, async print fix
Land's jennamagius' fix for async console printing
outoupt from jobs no longers screws the console prompt
up. w00t!
2016-11-18 11:25:18 -06:00
David Maloney 8d1c718873
Land #7572, wireshark dos typos
Lands mcantoni's pr for fixing typos in the
wireshark dos modules
2016-11-18 11:01:32 -06:00
wchen-r7 4596785217
Land #7450, PowerShellEmpire Arbitrary File Upload 2016-11-17 17:47:15 -06:00
wchen-r7 22d70ddd09 Fix #7455, handle the URIPORT option properly in is_uxss_injection
Fix #7455
2016-11-17 15:50:35 -06:00
Brian Patterson abddeb5cd2 Land 7473, add censys search module 2016-11-17 13:44:00 -06:00
Brendan f2b9498643
Land #7576, Fix RHOSTS use in auxiliary/scanner/ftp/titanftp_xcrc_traversal 2016-11-17 13:06:29 -06:00
Jin Qian c03f35ef13 Fix the hanging of module auxiliary/scanner/ftp/titanftp_xcrc_traversal.rb
Thanks for Wei who pointed out the error: in store_loop call, it used "rhosts", should have been ip.
2016-11-17 10:08:59 -06:00
Cantoni Matteo c9b9be9328 Update open_proxy aux module 2016-11-17 15:44:03 +01:00
Cantoni Matteo 30f7006b5b Fixed typos of an old commit 2016-11-17 14:39:33 +01:00
Tim 66ba2b077b
Land #7567, fix apk injection when template has no permissions 2016-11-17 11:42:54 +00:00
Dylan Davis 739c9c1315 Ensure cursor is positioned appropriately if it is not at the end of a line when async prints arrive 2016-11-16 21:07:50 -07:00
Dylan Davis 491a3a3162 Prevent the input prompt from being mangled by asynchronous prints. 2016-11-16 20:43:07 -07:00
wchen-r7 c0af5b690d
Land #6638, add local exploit module to execute payload w/ stealth 2016-11-16 16:25:15 -06:00
wchen-r7 e1ff37f3eb Title change and handling Rex::TimeoutError exception 2016-11-16 16:23:44 -06:00
Brendan 18bafaa2e7
Land #7531, Fix drb_remote_codeexec and create targets 2016-11-16 12:58:22 -06:00
Metasploit 383314530a
Bump version of framework to 4.13.0 2016-11-16 07:48:26 -08:00
OJ be2aabb873
Merge updates to mettle stages from acammack-r7 2016-11-16 19:13:20 +10:00
Brian Yip 927e195e28 Generate payload apk from permissionless apk 2016-11-16 00:48:10 -04:00
Tod Beardsley 1deacad2be
Add a print_bad alias for print_error
Came up on Twitter, where Justin may have been trolling a little:

https://twitter.com/jstnkndy/status/798671298302017536

We have a `print_good` method, but not a `print_bad`, which seems a
little weird for Ruby -- opposite methods should be intuitive as Justin
is implying.

Anyway, I went with alias_method, thanks to the compelling argument at

https://github.com/bbatsov/ruby-style-guide#alias-method

...since Metasploit is all about the singleton, and didn't want to risk
some unexpected scoping thing.

Also dang, we define the `print_` methods like fifty billion times!
Really should fix that some day.
2016-11-15 19:20:42 -06:00