Commit Graph

50226 Commits (f49acae86ad494a816784a8280bccca1bc1cec52)

Author SHA1 Message Date
Brendan Coles 005b2664b8
Land #11140, Ensure MIPS Long XOR Encoder uses cacheflush() 2018-12-29 10:14:47 +00:00
bwatters 9e109c7e7c
Update cache size 2018-12-28 16:08:15 -06:00
bwatters c6e83d109d
Update Gemfile.lock with mettle 0.5.1 2018-12-28 15:45:33 -06:00
bwatters f81c11bbe5
Update gemspec to mettle 0.5.1 2018-12-28 15:44:42 -06:00
Matthew Kienow 66d0ffd602
Correct documentation error 2018-12-28 16:30:23 -05:00
Matthew Kienow 12f4222b2e
Fix to ensure authentication 2018-12-28 16:29:33 -05:00
Metasploit 2418dcf6aa
automatic module_metadata_base.json update 2018-12-28 07:22:50 -08:00
Shelby Pace 29e7c49332
Land #10444, add Consul rexec RCE module 2018-12-28 09:14:28 -06:00
Shelby Pace b1ad271cb8
fixed link 2018-12-28 09:12:31 -06:00
Metasploit 8cfc16ce4e
automatic module_metadata_base.json update 2018-12-28 06:50:05 -08:00
Shelby Pace fb8f06b2f5
Land #10443, add Consul service RCE module 2018-12-28 08:33:56 -06:00
Matthew Kienow 8361dab983
Minor method comment change 2018-12-27 21:57:31 -05:00
Metasploit a7e44e39f1
Weekly dependency update 2018-12-27 10:05:39 -08:00
Brent Cook 66505790f9
Land #11179, Replace Sysrandom with Ruby default SecureRandom 2018-12-27 11:33:29 -06:00
Matthew Kienow 34e99c3857
Modify GET error message to match other servlets 2018-12-26 22:45:33 -05:00
Brent Cook 0d0356ccdd
Land #11126, Update sessions through the DBManager 2018-12-26 13:15:43 -06:00
Matthew Kienow ebc7a3a315
Replace sysrandom with ruby default securerandom 2018-12-26 13:40:44 -05:00
Wei Chen f5210abb55 Add rspec 2018-12-26 11:18:44 -06:00
Mehmet İnce 4e8ad22a7a Adding CVE number 2018-12-26 13:15:36 +03:00
Metasploit 10be720843
automatic module_metadata_base.json update 2018-12-25 19:45:11 -08:00
Green-m 69e7956adf
Land #11174, Fix platform bug when upgrade shell.
The platform on windows powershell should be 'win', rather than
'windows', this bug leads to failure when upgrade powershell session
to meterpreter.
2018-12-26 11:31:39 +08:00
Mehmet İnce fa542b9691 Adding platform and arch to top level 2018-12-25 15:56:25 +03:00
L ee7120d63a fixed post/multi/manage/shell_to_meterpreter 2018-12-25 15:00:39 +08:00
Quentin Kaiser 53a3caba2b List the vulnerable application and versions affected + cleaner cleanup script. 2018-12-24 13:54:02 +01:00
Quentin Kaiser 18c844623a Remove extra spaces. 2018-12-24 13:48:07 +01:00
Quentin Kaiser b9d4a46972 And the output that corresponds to the new script. 2018-12-24 13:42:25 +01:00
Quentin Kaiser 46ee2a6c94 Add vulnerable version information + new reference regarding this exact vulnerability. 2018-12-24 13:40:12 +01:00
Quentin Kaiser e10792f4e6 Remove extra space. 2018-12-24 13:30:03 +01:00
Brendan Coles fc691af5b1 \n 2018-12-24 08:08:16 +00:00
Brendan Coles 98dc59728e Add blueman set_dhcp_handler D-Bus Privilege Escalation 2018-12-24 08:03:55 +00:00
Green-m 12a948dde5
Move down cmd_rerun to fix rspec issue. 2018-12-24 11:30:02 +08:00
@shellfail e6b2b6cee5
Update documentation/modules/exploit/linux/http/mailcleaner_exec.md
Co-Authored-By: mmetince <mmetince@users.noreply.github.com>
2018-12-22 23:16:51 +03:00
@shellfail 9a43507416
Update documentation/modules/exploit/linux/http/mailcleaner_exec.md
Co-Authored-By: mmetince <mmetince@users.noreply.github.com>
2018-12-22 23:16:43 +03:00
Matthew Kienow bad8176548
Change event info example specification
Allows API documentation to display the event model example correctly.
2018-12-21 22:24:59 -05:00
Matthew Kienow e9d40248f4
Add OpenAPI documentation for events GET operation 2018-12-21 22:24:20 -05:00
Matthew Kienow ff8c70f6af
Restore events test for remote DB 2018-12-21 22:19:09 -05:00
Matthew Kienow b5bc65c3bd
Add GET handler to query events 2018-12-21 22:18:10 -05:00
Matthew Kienow a448b26f73
Remove unnecessary argument default value 2018-12-21 22:13:52 -05:00
Matthew Kienow 5e971132f3
Enhance events method to fully query events 2018-12-21 22:07:43 -05:00
Matthew Kienow 7e10b38421
Add events method 2018-12-21 21:37:42 -05:00
Metasploit a457973702
automatic module_metadata_base.json update 2018-12-21 15:14:24 -08:00
Brent Cook b9742802aa
Land #11137, Clean up linux/local/vmware_alsa_config exploit module 2018-12-21 17:04:11 -06:00
Brent Cook af60cb642e
Land #11038, add REG_MULTI_SZ support for Meterpreter registry reads 2018-12-21 17:00:16 -06:00
Brent Cook 69d882eb54 bump payloads with REG_MULTI_SZ support 2018-12-21 16:53:51 -06:00
Brent Cook 9736e8252c Merge branch 'master' into land-11038- 2018-12-21 16:31:53 -06:00
Brent Cook 620c411d1f
Land #11160, Add CMDSTAGER::SSL datastore option 2018-12-21 15:33:19 -06:00
Metasploit 8f61fe457a
automatic module_metadata_base.json update 2018-12-21 13:16:16 -08:00
William Vu b4ff3b544f Add CMDSTAGER::SSL datastore option
It has come to my attention that since I added the HTTP(S) command
stagers, no one has used HTTPS. This is probably why.

The CmdStager options hash takes precedence over any datastore options.
2018-12-21 14:51:49 -06:00
Brent Cook 2e8e927a93
Land #11156, Add CmdStager to erlang_cookie_rce 2018-12-21 14:43:49 -06:00
William Vu 5cff330a38
Land #11128, Rex::Exploitation::CmdStagerFetch 2018-12-21 14:16:57 -06:00