f6b2a3a173
bump gems
2016-10-02 21:23:34 -05:00
3afe1538ef
Land #7392 , stance check fix for HttpServer
2016-10-02 20:21:47 -05:00
63d13f0f49
check if there is a stance set before checking the value
2016-10-02 19:48:49 -05:00
30d5b22914
Land #7093 , nessus_scan_workspace
...
lands sjcaldwell's pr for the nessus_scan_workspace
command
2016-09-30 15:15:57 -05:00
3f9540d906
fix trailing whitespace
...
this commit got dropped during landing
2016-09-30 14:30:31 -05:00
72bd75e681
Land #7253 , x64 xor encoder fix
...
Land fullmetalcache's fix for the x64 xor encoder
2016-09-30 14:28:10 -05:00
5a05bd6a16
Land #7385 , Add post module to enumerate AWS EC2 instance metadata
2016-09-30 14:01:01 -05:00
73c11a63b4
Bump version of framework to 4.12.30
2016-09-30 10:03:42 -07:00
cf20ccaccd
Add kb for aws_ec2_instance_metadata
2016-09-30 07:02:33 -07:00
b3c6ec09a0
Show status when gathering, which can take a bit
2016-09-30 06:42:22 -07:00
abed3bf6c2
Rename
2016-09-30 06:35:26 -07:00
9ee6e1931a
target_uri simplification, cleanup
2016-09-30 06:24:50 -07:00
60cfe6216a
mstfidy
2016-09-29 22:00:35 -07:00
558adb5e1e
Uncork module and address style issues
2016-09-29 21:59:19 -07:00
b2e06bed66
Initial commit of post module to gather AWS EC2 instance metadata
2016-09-29 21:52:22 -07:00
e628fab86e
Land #7378 , run zipalign during apk injection process
2016-09-30 12:27:27 +08:00
6241e48b34
Land #7350 , add 'sess' command for direct session switching support
2016-09-29 23:18:53 -05:00
de9434870c
Land #7375 , mock some rex tests for DNS lookups
...
Fixes #6467 , as far as @lsato-r7 and I can tell.
2016-09-29 16:37:38 -05:00
e0cd4d082a
Bump MDM ver to get pro and msf back in sync.
...
Per discussion with @dmaloney-r7
2016-09-29 13:42:13 -05:00
b06a3d3c68
Refactor code that calls zipalign on injected APK
2016-09-29 07:49:50 -07:00
e8d99fb3f5
Run zipalign as last step during APK injection process
...
Running zipalign on an APK after signing and before distribution
is considered general best practice. Also, properly aligning an APK
makes it less likely to be flagged as suspicious by mobile security
solutions.
More on zipalign from Google:
https://developer.android.com/studio/command-line/zipalign.html
2016-09-28 20:05:17 -07:00
bcb040c1ac
Land #7377 , read_file for some modules
2016-09-28 18:00:23 -05:00
2272e15ca2
Remove some anti-patterns, in the same spirit than #7372
2016-09-29 00:15:01 +02:00
075401d702
Update dynamic_size for andterp spec
2016-09-28 16:58:34 -05:00
988471b860
Land #7372 , useless use of cat fix
...
Obligatory: modules/exploits/linux/local/kloxo_lxsuexec.rb.
2016-09-28 16:37:11 -05:00
3033c16da6
Add missing rank
2016-09-28 16:37:04 -05:00
21ec4915a7
Land #7292 , android stageless with new payload gem
2016-09-28 16:31:45 -05:00
b46073b34a
Replace `cat` with Ruby's `read_file`
...
Thanks to wvu-r7 for the comment
2016-09-28 23:22:19 +02:00
a457f64e2a
update to latest release payload gem
2016-09-28 16:14:29 -05:00
1689f10890
Land #7292 , add android stageless meterpreter_reverse_tcp
2016-09-28 16:05:22 -05:00
45ee59581b
Fix inverted logic in Docker exploit
...
Positive condition should be tested first, imo. Confusing otherwise. My
bad, though.
Credit to @fslavin-r7.
2016-09-28 15:36:09 -05:00
ab94bb9cdd
Land #7365 , nonce fix for Ninja Forms exploit
2016-09-28 13:57:08 -05:00
ea625d4ea3
Enhance #7360 , more stance fixes
2016-09-28 13:49:29 -05:00
5a611b0ec4
use the correct scope for the Stance names
2016-09-28 13:48:28 -05:00
ca683576d0
Mock rex-socket getaddress call for loginscanner
...
Since we're using the rex-socket gem, we don't need to
test the getaddress call for each one of the login scanner specs
2016-09-28 11:32:06 -05:00
76124af8b4
Land #7363 , Add LPE exploit module for the capcom driver flaw
2016-09-28 11:02:14 -05:00
dbb2abeda1
Remove the `cat $FILE | grep $PATTERN` anti-pattern
...
The `kloxo_lxsuexec.rb` and `netfilter_pvi_esc.rb` exploits
were using the infamous `cat+grep` anti-pattern, this commit
replaces it with `cat` and Ruby's `.include?` method.
2016-09-28 13:41:25 +02:00
b4a1adaf0f
refactor into android.rb
2016-09-28 18:23:34 +08:00
dc43f59dcf
dalvik -> android
2016-09-28 14:50:52 +08:00
f838c9990f
Fix nonce bug in wp_ninja_forms_unauthenticated_file_upload
...
If wordpress saves the nonce value in JavaScript, we could get an
undefined method for nil.
2016-09-27 11:30:52 -05:00
cdf544be9e
Land #7364 , update to latest metasploit-payloads
2016-09-27 11:26:16 -05:00
8f9be92b1b
update to latest metasploit-payloads
2016-09-27 11:06:34 -05:00
76b3c37262
Fix msftidy errors
2016-09-27 22:56:07 +10:00
0e82ced082
Add LPE exploit module for the capcom driver flaw
...
This commit includes:
* RDI binary that abuses the SMEP bypass and userland function pointer
invocation that is provided by the driver.
* Related metasploit module.
* Associated make.build to build from command line.
* Updated command line build file.
This also includes the beginnings of a new set of functions that help
with the management/automation of kernel-related work on Windows for
local priv esc exploits.
2016-09-27 22:37:45 +10:00
de1e0aae99
add missing payload tests
2016-09-27 11:05:19 +08:00
b87911bd0b
Land #7340 , auxiliary/server/socks4a docs
2016-09-26 17:34:45 -05:00
edbe1c3e14
Land #7361 , Make OSX screencapture silent
2016-09-26 17:24:03 -05:00
8bef4e4ec6
Land #7360 , restore passive?/aggressive? behavior
...
This PR restores the mod.aggressive? and mod.passive? methods to the
implementation prior to 0f7e3e9
2016-09-26 15:05:41 -05:00
b9de73e803
Land #7334 , Add aux module to exploit WINDOWS based (java) Colorado
...
FTP server directory traversal
2016-09-26 14:15:23 -05:00
5ea1e7b379
Bump version of framework to 4.12.29
2016-09-26 12:06:21 -07:00
Brent Cook
William Vu
David Maloney
dmohanty-r7
Metasploit
Jon Hart
Tim
Tod Beardsley
Pearce Barry
dana-at-cp
jvoisin
Jeffrey Martin
Louis Sato
Julien (jvoisin) Voisin
wchen-r7
OJ
HD Moore
Brendan