Commit Graph

30928 Commits (f6c871a8e580e903abee5d6031cda8521f1fc716)

Author SHA1 Message Date
dnkolegov f6c871a8e5 Deleted spaces at EOL 2015-02-19 05:06:00 -05:00
dnkolegov caabb82975 Fixed indentation errors 2015-02-19 05:02:10 -05:00
dnkolegov 2a584da6d9 Added cookie value in print function 2015-02-19 00:43:57 -05:00
Nikita Oleksov 19cd00e6d5 Fix cookit name split 2015-02-16 23:53:32 +07:00
dnkolegov a44e858bd7 Fixed minor errors in F5 BigIP cookie disclosure module 2015-02-16 01:31:52 -05:00
dnkolegov 19144e143a Fixed some errors in F5 BigIP cookie disclosure module 2015-02-13 03:29:23 -05:00
William Vu 17437a3813
Land #4762, CVE reference for ie_uxss_injection 2015-02-12 22:04:41 -06:00
sinn3r 29163db7fc Add CVE reference for ie_uxss_injection 2015-02-12 17:16:59 -06:00
jvazquez-r7 3ae3d56caa
Land #4745, fixes #4711, BrowserAutoPwn failing due to getpeername 2015-02-12 16:51:09 -06:00
Christian Mehlmauer 55f57e0b9b
Land #4746, WordPress photo-gallery exploit 2015-02-12 22:24:12 +01:00
Christian Mehlmauer bce7211f86
added url and randomize upload directory 2015-02-12 22:16:37 +01:00
William Vu 39c0065560
Land #4758, SMTPDeliver DATA header fix 2015-02-12 15:07:31 -06:00
Matt Buck f0bf881cc3
Land #4720, update Rails 3-style .find(:first)
Eliminate the Rails 3-style .find(:first) calls, and replace with
Rails 4-compatible .first().

Fixes #4720, also see MSP-12012
2015-02-12 14:30:13 -06:00
David Maloney 72878e0c14
fixes bug with smtp header order
SMTP servers that support pipelining will not accept any
commands other than MAILFROM and RCPTTO before the DATA
command. We were sending Date and Subject before Data
which would cause some mailservers to suddenly drop
the connection refusing to send the mail.

MSP-12133
2015-02-12 14:13:39 -06:00
sinn3r 05d2703a98 Explain why obfuscation is disabled 2015-02-12 14:00:01 -06:00
William Vu 9b10cd5655
Land #4755, @todb-r7's release fixes 2015-02-12 13:16:08 -06:00
William Vu d7fa06de06 Fix off-by-one whitespace 2015-02-12 13:12:13 -06:00
Tod Beardsley c156ed62a9
on, not of. 2015-02-12 12:56:53 -06:00
Tod Beardsley e35f603888
Comma fascism 2015-02-12 12:49:45 -06:00
Tod Beardsley d89eda65fa
Moar fixes, thanks @wvu-r7
See #4755
2015-02-12 12:46:38 -06:00
Tod Beardsley e78d08e20d
Fix up titles, descriptions 2015-02-12 12:11:40 -06:00
sinn3r 50c72125a4 ::Errno::EINVAL, disable obfuscation, revoke ms14-064 2015-02-12 11:54:01 -06:00
jvazquez-r7 868bf4bc0f
Land #4752, @rastating's exploit for Maarch LetterBox file upload 2015-02-12 11:47:08 -06:00
jvazquez-r7 155651e187 Make filename shorter 2015-02-12 11:45:51 -06:00
jvazquez-r7 95bfe7a7de Do minor cleanup 2015-02-12 11:45:51 -06:00
rastating 30f310321d Added CVE reference 2015-02-12 11:45:51 -06:00
rastating 38ad960640 Add Maarch LetterBox file upload module 2015-02-12 11:45:51 -06:00
William Vu 309159d876
Land #4753, updated ms14_070_tcpip_ioctl info 2015-02-12 09:57:29 -06:00
Spencer McIntyre 8ab469d3bd Update ms14-070 module information and references 2015-02-12 09:51:01 -05:00
Tod Beardsley ab42bad460
Land #4751, enable autofail on msftidy checks
Also, removes the datastore check from msftidy.

Fixes #3853, finally.
2015-02-11 15:05:07 -06:00
William Vu 9b2fad24e0 Add new comment about post-merge hook 2015-02-11 13:48:13 -06:00
William Vu 987fdbaeec Remove extraneous comment 2015-02-11 13:46:25 -06:00
William Vu 4cd5e8f702 Reenable post-merge hook in Travis 2015-02-11 13:41:23 -06:00
Samuel Huckins 2397be6e45
Land #4749 2015-02-11 13:13:05 -06:00
Tod Beardsley e0314aa727
Land #4750, Deprecate and msftidy on pxe exploits 2015-02-11 12:57:25 -06:00
Tod Beardsley 02fe57e2a1
Bump out to April, 60ish days 2015-02-11 12:56:37 -06:00
William Vu c73892b721 Nuke datastore modification check from orbit 2015-02-11 12:46:40 -06:00
William Vu fd11afff1a Deprecate manage/pxexploit
modules/post/windows/manage/pxeexploit.rb
2015-02-11 12:39:10 -06:00
William Vu 58b6b7519a Deprecate server/pxexploit
modules/auxiliary/server/pxeexploit.rb
2015-02-11 12:38:38 -06:00
William Vu 6294cbf4de Fix manage/pxexploit datastore 2015-02-11 12:19:59 -06:00
William Vu b894050bba Fix local/pxeexploit datastore 2015-02-11 12:19:56 -06:00
William Vu 9e717084af Fix server/pxexploit datastore 2015-02-11 12:19:39 -06:00
Sonny Gonzalez 7c57b9fb57
Fix Master - Pro build
MSP-12138

* revert to previous Rails 3 syntax.
2015-02-11 12:02:34 -06:00
William Vu 1ced9a2dd7
Land #4748, msftidy fixes for futex_requeue 2015-02-11 11:36:01 -06:00
Brent Cook f99ef5c0f5 fix msftidy warnings about towelroot module 2015-02-11 11:17:44 -06:00
rastating cb1efa3edd Improved error handling, tidied up some code 2015-02-11 10:16:18 +00:00
rastating 80a086d5f6 Add WordPress Photo Gallery upload module 2015-02-11 01:03:51 +00:00
sinn3r d23c9b552f Trade MS12-004 for MS13-090 against Windows XP BrowserAutoPwn 2015-02-10 18:58:56 -06:00
sinn3r 22811257db Fix #4711 - Errno::EINVA (getpeername(2)) BrowserAutoPwn Fix
This patch fixes #4711.

The problem here is that the browser sometimes will shutdown some of our
exploit's connections (in my testing, all Java), and that will cause Ruby
to call a rb_sys_fail with "getpeername(2)". The error goes all the
way to Rex::IO::StreamServer's monitor_listener method, which triggers a
"break" to quit monitoring. And then this causes another chain of reactions
that eventually forces BrowserAutoPwn to quit completely (while the
JavaScript on the browser is still running)
2015-02-10 18:28:02 -06:00
OJ 73435c6d1c
Land #4743 - Bump met bins, update Linux bins.
Includes a merge of Gemfile.lock
2015-02-11 08:21:23 +10:00