Commit Graph

36318 Commits (f4d35116bd677eacd40662b079642cd447ab58b9)

Author SHA1 Message Date
Brent Cook f4d35116bd
land #6288, fix regression using non-default port with reverse_http 2015-11-26 11:04:24 -06:00
Brent Cook eb57163db6
Land #6285, excellent new sound plugin scheme 2015-11-26 10:41:02 -06:00
Jon Cave d9655fc882 Use LPORT if opts[:lport] is undefined
`nil.to_i` returns 0 which will short circuit the || resulting in port 0
being used. nil should be checked for prior to casting to int.
2015-11-26 16:08:22 +00:00
wchen-r7 ecfcdbe875 rm extra "excellent" 2015-11-25 23:49:44 -06:00
Christian Mehlmauer 920d8c6ad7
Land #6278, wrong default option for RHOST 2015-11-26 06:49:25 +01:00
wchen-r7 d44224142e Update audio files 2015-11-25 23:41:18 -06:00
Louis Sato 90fb3e0118
Land #6277, jenkins domain cred recovery aux module 2015-11-25 22:58:43 -06:00
wchen-r7 776455d10a Add another sound and event
Add sound: "We've got a shell"
Add event on_session_fail
2015-11-25 22:46:51 -06:00
Brent Cook a7a89adfac
Land #6264, meterpreter per-extension init string support, update payloads to 1.0.17
This brings in the following changes:
	Changes to support maven 3.3+
	Don't fall back to 0.0.0.0
	Remove all debug builds from the Windows projects
	Add show_mount, ps_list, and some core tweaks
	Refactor TLV layout, add more debug output, token stealing
	Add incognito binding, code tidies
	Update packaged libs
	Add transport list binding
	Add transport add command to python binding
	Update python core lib archive
	change source perms back to non-executable
	First pass of stageless initialisation script
	Finalise stageless initialisation scripts
	add BOOT_COMPLETED receiver that starts the Payload
	Improve the implementation of the getuid command
	Switch to Utils.runCommand per timwr's suggestion
	Updated init script method

also bumps msgpack 0.7.1, which fixes a failure packing messages > 256k
2015-11-25 22:27:27 -06:00
Brent Cook 78e306e281 s/Initialision/Initialization/ 2015-11-25 22:07:25 -06:00
Brent Cook d984e5c781 update payload sizes 2015-11-25 22:04:52 -06:00
Brent Cook c8461bfb24 update to metasploit-payloads 1.0.17 2015-11-25 22:03:28 -06:00
wchen-r7 7dc268d601
Land #6283, increase the amount of space needed for ms08_067 2015-11-25 19:37:25 -06:00
wchen-r7 af8c557fa9 Add the MP3s 2015-11-25 18:09:27 -06:00
wchen-r7 fa32f43ee4 Muts says "Try harder!" or "Excellent" for the sounds plugin
With the sounds plugin, muts will say "excellent!" when a session
is received. If a session is terminated (either exited or lost),
muts will say "try harder!"
2015-11-25 18:06:58 -06:00
Jon Hart 8fd2522a59
Land #6257, @all3g's aux module for locating git repos over HTTP 2015-11-25 12:25:45 -08:00
Jon Hart a56571479f
Remove WmapScanServer mixin; not needed 2015-11-25 11:38:32 -08:00
William Vu e56aa96a66
Land #6281, TARGETURI/full_uri fixes 2015-11-25 13:15:50 -06:00
William Vu 8f459de064 Fix tomcat_enum for full_uri 2015-11-25 11:28:56 -06:00
William Vu 38a9efe4d6 Fix squiz_matrix_user_enum for full_uri 2015-11-25 11:28:53 -06:00
Brent Cook 35ea8c3f74 relax space needed a bit less, work with Windows XP and 2k3 2015-11-25 11:25:57 -06:00
William Vu 7d17c5741b Fix nginx_source_disclosure for full_uri 2015-11-25 11:19:27 -06:00
William Vu 035882702a Fix barracuda_directory_traversal for full_uri 2015-11-25 11:18:17 -06:00
William Vu 7a5f6495d0 Fix axis_local_file_include for full_uri 2015-11-25 11:16:59 -06:00
William Vu 42d12a4d40 Fix apache_userdir_enum for full_uri 2015-11-25 11:16:22 -06:00
Brent Cook 2a89a2bc9a increase the amount of space needed for ms08_067 2015-11-25 07:13:16 -06:00
Waqas Ali c09d8031c6 Remove default empty string 2015-11-25 12:19:16 +05:00
William Vu f9d3652e1a
Land #6282, deprecated module cleanup
rm modules/exploits/windows/browser/adobe_flash_pixel_bender_bof.rb
2015-11-24 23:48:09 -06:00
wchen-r7 6fbcb3d127
Land #6263, add BisonWare BisonFTP Server Buffer Overflow 2015-11-24 22:55:15 -06:00
wchen-r7 f57ebad0e6 Change hard tabs to spaces 2015-11-24 22:54:52 -06:00
JT 9a7e51daec Update bison_ftp_bof.rb 2015-11-25 11:47:21 +08:00
JT 3d6e4068cb Update bison_ftp_bof.rb 2015-11-25 11:17:07 +08:00
wchen-r7 591da3c97e Please use exploit/multi/browser/adobe_flash_pixel_bender_bof
Time to say goodbye to:
exploits/windows/browser/adobe_flash_pixel_bender_bof.rb

Please use:
exploit/multi/browser/adobe_flash_pixel_bender_bof

Reason: The replacement supports multiple platforms, so better.
2015-11-24 20:37:57 -06:00
Vex Woo a262c6bff5 Merge pull request #2 from jhart-r7/pr/fixup-6257
HTTP Git scanner for information disclosure in git repository.
2015-11-25 02:05:30 +00:00
Jon Hart eac4f02b66
Spelling and correct description 2015-11-24 17:57:56 -08:00
aushack 3ad7ef9814 Modify the printed URL to add https:// when SSL is used. 2015-11-25 12:46:56 +11:00
Kyle Gray 8923252de7
Land #6259, NoMethodError in vim_soap.rb fix
We haven't been able to get the XML data that would cause the error, all we have is a backtrace. So "verification" is purely code reading. Thanks @wchen-r7

Fixes #6085

Merge remote-tracking branch 'origin/pr/6259'
2015-11-24 17:33:35 -06:00
James Lee bd9ebeea53
Land #5851, meterpreter dispatcher queue 2015-11-24 15:32:15 -06:00
Brent Cook 7ad8adf67f
Land #6240, change default SMBDomain to '.' 2015-11-24 12:58:46 -06:00
Jon Hart ccdf814688
Use correct URIs in report_note 2015-11-24 09:52:07 -08:00
Jon Hart c66d56263a
Cleaner and more consistent print_ * 2015-11-24 09:43:05 -08:00
Louis Sato 55b3e10390
Land #6258, smart_migrate enhancement 2015-11-24 11:30:29 -06:00
Jon Hart 1e90a8004d
Correct printing of URIs when provided TARGETURI doesn't end with / 2015-11-24 09:11:04 -08:00
Jon Hart afa4d9e74d
Add legit git UserAgent 2015-11-24 08:57:19 -08:00
Jon Hart d59c563ee3
Don't store index file 2015-11-24 08:51:43 -08:00
Jon Hart e29a229336
Minor style cleanup 2015-11-24 08:50:21 -08:00
Waqas Ali 2152c310fe Remove the default true option of RHOST 2015-11-24 14:54:54 +05:00
wchen-r7 74e1b8d5ac Fix res nil 2015-11-24 00:15:05 -06:00
wchen-r7 95ca288f9d Modify check 2015-11-23 20:33:14 -06:00
wchen-r7 09e6a54886 In case anonymous is not allowed for decryption 2015-11-23 20:26:41 -06:00