HD Moore
fa4e835804
Fix up scanner mixin usage, actual test/bug fix
2014-06-12 11:52:34 -05:00
HD Moore
487bf219f0
Rename to match the title
2014-06-12 11:23:34 -05:00
HD Moore
81019ed850
Supermicro work
2014-06-11 15:03:54 -05:00
Tod Beardsley
4b8961a464
Land #3428 , deprecation warns for payloads
2014-06-11 09:57:07 -05:00
Meatballs1
165a65fdb4
Merge pull request #49 from todb-r7/fix-pr3428-deprecated
...
Avoid double-printing with setup and init_ui
2014-06-11 09:28:06 +01:00
Tod Beardsley
b379dc014a
Avoid double-printing with setup and init_ui
2014-06-10 13:57:25 -05:00
Tod Beardsley
44540e6d00
Land #3437 , CSS Injection MITM scanner
2014-06-10 13:36:35 -05:00
jvazquez-r7
4aa1fee398
Land #3326 , @FireFart's Heartbleed - server response parsing
2014-06-10 13:27:28 -05:00
jvazquez-r7
9aa2978589
Land jvazquez-r7/metasploit-framework#14 , @todb-r7's fixes
2014-06-10 10:42:34 -05:00
Tod Beardsley
521284253f
Be more clear about the vuln and impact
2014-06-10 10:29:23 -05:00
jvazquez-r7
2c8a99143b
Land #3426 , @Meatballs1's Python v2.3.3 Compatible Command Shell payloads
2014-06-10 09:55:58 -05:00
jvazquez-r7
3ec15b6512
Land #3431 , @bcoles's new targets for efs_easychatserver_username
2014-06-10 09:52:16 -05:00
jvazquez-r7
a554b25855
Use EXITFUNC
2014-06-10 09:51:06 -05:00
jvazquez-r7
9b55f5143a
Add module for CVE-2014-0224
2014-06-09 17:38:11 -05:00
Meatballs
dc69afebb1
License and Require
2014-06-09 21:41:38 +01:00
jvazquez-r7
e953fcbd97
Land #3436 , @todb-r7's cleanup for dtls_fragment_overflow
2014-06-09 13:47:27 -05:00
Tod Beardsley
4103f2295b
Missing comma
2014-06-09 13:44:46 -05:00
Tod Beardsley
0e14d77dba
Minor fixup on DTLS module
2014-06-09 13:42:30 -05:00
jvazquez-r7
0e611b5d64
Land #3429 , @jhart-r7's auxiliary module for CVE-2014-0195
2014-06-09 13:34:38 -05:00
jvazquez-r7
ed5d83a41b
Add vulnerability discoverer
2014-06-09 13:25:33 -05:00
jvazquez-r7
daf662b3c0
Do minor cleanup
2014-06-09 13:23:56 -05:00
jvazquez-r7
1f33566033
Land #3432 , @Meatballs1 sap_soap_rfc_brute_login's clean up
2014-06-09 11:39:52 -05:00
jvazquez-r7
b39b41e29f
Land #3371 , @Meatballs1 fix for sap_mgmt_con_getprocessparameter
2014-06-09 11:25:01 -05:00
Jon Hart
06e45e8253
Clean up TLS fragment building
2014-06-09 08:39:30 -07:00
Meatballs
76b5297d3f
Land #3434 , Fix original psh payload VirtualAlloc call
2014-06-08 17:39:39 +01:00
Meatballs
d868294d5b
MEM_RESERVE too
2014-06-08 17:37:57 +01:00
jvazquez-r7
9d08ebe273
Fix VirtualAlloc call on PSH old template
2014-06-08 11:09:03 -05:00
Meatballs
25ed68af6e
Land #3017 , Windows x86 Shell Hidden Bind
...
A bind shellcode that responds as 'closed' unless the client matches the
AHOST ip.
2014-06-08 13:49:49 +01:00
Christian Mehlmauer
099003708c
Land #3422 , SAP Bruterforcer datastore cleanup
2014-06-08 08:42:27 +02:00
Brendan Coles
6bef6edb81
Update efs_easychatserver_username.rb
...
Add targets for versions 2.0 to 3.1.
Add install path detection for junk size calculation.
Add version detection for auto targeting.
2014-06-08 06:36:18 +10:00
Jon Hart
a7a1a2bf3b
Move dtls_fragment_overflow.rb under ssl where it belongs
2014-06-07 12:56:34 -07:00
Borja Merino
5881f9453f
Merge pull request #5 from Meatballs1/hidden_bind
...
Remove bind hidden handler
2014-06-07 17:43:25 +02:00
Meatballs
2be6b8befe
Remove bind hidden handler
2014-06-07 14:34:20 +01:00
Meatballs
bf1a665259
Land #2657 , Dynamic generation of windows service executable functions
...
Allows a user to specify non service executables as EXE::Template as
long as the file has enough size to store the payload.
2014-06-07 13:28:20 +01:00
Meatballs
897ad6f963
Some service yarddoc
2014-06-07 13:27:32 +01:00
Jon Hart
8637a1fff1
OpenSSL DTLS CVE-2014-0195 POC
2014-06-06 19:24:47 -07:00
Meatballs
fe20e6e1c4
Merge remote-tracking branch 'upstream/master' into soap_brute_fix
...
Conflicts:
modules/auxiliary/scanner/sap/sap_soap_rfc_brute_login.rb
2014-06-07 02:44:16 +01:00
Meatballs
8624ddfc3e
Clean up SAP SOAP RFC Brute Login
...
Honour the user supplied settings
Abort a host on connection error
Check a 200 response for some appropriate data
Let datastore validation handle things like options being present
Be more verbose if needed
Use the HTTPClient more appropriately
2014-06-07 02:34:49 +01:00
Meatballs
b997c2ac1f
Further tidies
2014-06-07 02:00:35 +01:00
Meatballs
5218ca4d89
Give warning on module load
2014-06-06 23:04:40 +01:00
Brandon Turner
acced15d11
Merge branch 'release'
2014-06-06 10:17:00 -05:00
Brandon Turner
82464bd6aa
Update version spec
2014-06-06 10:16:44 -05:00
Brandon Turner
bacf82acb1
Merge branch 'release' into 'master'
2014-06-06 09:59:00 -05:00
Brandon Turner
21be4f21a6
Bump version to 4.9.3
2014-06-06 09:52:01 -05:00
Brandon Turner
d9a5002bd3
Merge branch 'release'
...
Updates meterpreter bins and closes #3425 and #3423 .
2014-06-05 17:33:11 -05:00
Brandon Turner
17ccc132a4
Land #3425 from todb-r7:release-meterpreter-bins
2014-06-05 17:32:34 -05:00
Tod Beardsley
97a70e49c8
Roll back the jar/py changes
2014-06-05 17:31:02 -05:00
Tod Beardsley
737f06f600
Add Meterpreter bins for release branch.
...
This contains the same bins as #3423 , but it is targeted at the release
branch for rapid7/metasploit-framework.
2014-06-05 17:17:32 -05:00
William Vu
00511b2aeb
Land #3421 , new @trosen-r7 in .mailmap
2014-06-05 10:59:47 -05:00
Tod Beardsley
8747273b01
Add @trosen-r7's alias for commits
...
Just so quick counts of contributors is slightly more accurate and
@trosen-r7 doesn't accidentally get double counted.
2014-06-05 10:40:38 -05:00