945a2a296a
Fix outstanding issues
2014-01-08 17:09:41 -06:00
4e581a35ac
Fix encoder architecture
2014-01-08 16:18:30 -06:00
35ac9712ab
Added auxiliary check for MS08_067
...
I simply copied the check from ms08_0867_netapi.rb and put them in
a auxiliary check so I could scan for it. This was done because
Nmap's check is not safe and this is more stable.
2014-01-08 16:41:44 -05:00
a0879b39e0
Add mips be shell_bind_tcp payload
2014-01-08 14:48:54 -06:00
4bfe6b1b08
Remove pointless checks and add some docs
2014-01-08 14:37:40 -06:00
4ba0020934
Simplify the logic deciding when we're finished
2014-01-08 14:22:44 -06:00
9ddef2fbc9
Update rpsec and the script
2014-01-08 13:22:38 -06:00
1727b7fb37
Allow the Msf::Payload::Linux's generate to make its work
2014-01-08 12:41:10 -06:00
83e5169734
Don't use temporal register between syscals and save some bytes on the execve
2014-01-08 11:45:27 -06:00
cc51c2033e
Fix unreliable spec
...
Sometimes "localhost" resolves to more than one address
2014-01-08 10:16:32 -06:00
b7ce3c5812
Add rspec
2014-01-08 02:34:43 -06:00
60138aba67
Use $stdout
2014-01-08 02:34:27 -06:00
44f89f839d
Update documentation
2014-01-07 19:11:08 -06:00
4f7cf0994a
Adds a timeout to wait_report method
...
In case it takes too long to get a report, the method will give up
checking after one hour. The user can still manually check the report
from the analysis link given earlier.
2014-01-07 19:03:42 -06:00
481ec7b9ec
Add VirusTotal Scanner Utility
...
[SeeRM #8733 ] This a tool that uses VirusTotal's public API to submit
a malware sample for analysis. As an offensive tool developer, this
would provide a convenient way to check and see how AVs react to
something we write.
2014-01-07 18:29:26 -06:00
5f7582b72d
Don't use a temporary registerfor the dup2 loop counter
2014-01-07 18:02:55 -06:00
c2dce19768
Don't use a temporary registerfor the dup2 loop counter
2014-01-07 17:39:27 -06:00
22bdca92f4
Remove the ipv6 attr on Range
...
Makes more sense in the option hash.
2014-01-07 16:52:34 -06:00
9c23910b69
Refactor Socket::Range
...
There was really no reason for it to inherit from Array. Also adds a few
more specs and gets coverage up to a more respectable percentage.
2014-01-07 16:31:55 -06:00
a85492a2d7
Fix my own busted dup2 sequence
2014-01-07 16:27:01 -06:00
7af8fe9cd1
Catch exceptions in an XSS script and return the error.
2014-01-07 16:23:24 -06:00
fb1a038024
Update async API to actually be async in all cases.
...
This avoids zalgo. Also optionally checks the return value
of the compiled Function in XSS to allow you to use send()
or an explicit return, which is maybe more natural for
synchronous xss payloads.
2014-01-07 16:17:34 -06:00
3230b193e1
Make better comment
2014-01-07 15:32:46 -06:00
80dcda6f76
Fix bind call
2014-01-07 15:31:42 -06:00
266b040457
Update cachedump.rb
...
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:14:10 +01:00
d567737657
Update reverse_tcp_rc4_dns.rb
...
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:12:38 +01:00
385ae7ec38
Update reverse_tcp_rc4.rb
...
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:11:16 +01:00
693d95526b
Update bind_tcp_rc4.rb
...
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:09:53 +01:00
1479ef3903
Update typo3_winstaller_default_enc_keys.rb
...
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:08:10 +01:00
73e359ede1
Update reverse_tcp.rb
...
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:06:11 +01:00
e3a3b560e2
Update bind_tcp.rb
...
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:02:52 +01:00
b5524654d5
Delete comment
2014-01-07 14:50:26 -06:00
45c86d149f
Modify authors field
2014-01-07 14:50:12 -06:00
d6639294aa
Save some instructions with dup2
2014-01-07 14:41:33 -06:00
e79ccb08cb
Update rails_secret_deserialization.rb
...
When using aws-sdk with Ruby 2.1.0-rc1, many "Digest::Digest is deprecated; use Digest" warnings are printed.
Even in Ruby 1.8.7-p374, OpenSSL::Digest::Digest is only provided for backward compatibility.
2014-01-07 21:41:15 +01:00
9cf221cdd6
Delete delay slots after syscall
2014-01-07 13:18:20 -06:00
21b146fab3
Land #2834 , @joev-r7's linksys_wrt110_cmd_exec update
2014-01-07 13:01:35 -06:00
590547ebc7
Modify title to avoid versions
2014-01-07 13:01:10 -06:00
2ed9772080
Fix unhandled exceptions when resolution fails
2014-01-07 12:00:04 -06:00
c34af35230
Add wrt100 to the description and title.
...
* The wrt110 and wrt100 share the same firmware, and are both vulnerable to this
bug.
2014-01-07 10:26:15 -06:00
1057cbafee
Remove deprecated linksys module.
2014-01-07 10:22:35 -06:00
70d4082c0c
Add formatting blank lines and delete comment
2014-01-07 09:55:36 -06:00
3edd2a50e2
Shorter mipsle shell_reverse_tcp
2014-01-07 09:45:28 -06:00
3bf728da61
Dont store in DB by default
2014-01-07 12:20:44 +00:00
a6b25d3323
Add failing spec for invalid hostname bug
2014-01-06 17:49:27 -06:00
db8eeac82c
Land #2830 , vtiger_soap_upload title fix
2014-01-06 14:03:21 -06:00
c0a82ec091
Avoid specific versions in module names
...
They tend to be a lie and give people the idea that only that version is
vulnerable.
2014-01-06 13:47:24 -06:00
185e15c50c
Land #2829 - Fix Travis's build failure
2014-01-06 13:21:19 -06:00
5c77f4dc0f
Don't try to bundle exec before bundle install
2014-01-06 12:47:36 -06:00
e168b92b0c
Add bundle exec rake to avoid system rake
2014-01-06 12:29:50 -06:00
William Vu
jvazquez-r7
sho-luv
James Lee
sinn3r
Joe Vennix
Niel Nielsen
Meatballs
Tod Beardsley