5bd5eacd77
Added option to ignore banner checks
2013-11-15 15:01:11 +01:00
2c485c509e
Fix caps on module titles (first pass)
2013-11-15 00:03:42 -06:00
2035983d3c
Fix a handful of msftidy warnings, and XXX SSL
...
Marked the SSL stuff as something that needs to be resolved in order to
fix a future bug in datastore manipulation. Also, fixed some whitespace
and exec complaints
[SeeRM #8498 ]
2013-11-11 21:23:35 -06:00
40f8e80775
Fix jlee-r7's feedback
2013-11-08 14:28:19 -06:00
b7e360922d
Update ranking
2013-11-07 15:10:26 -06:00
decf6ff6a0
Add module for CVE-2013-3623
2013-11-07 14:59:40 -06:00
9e30c58495
Blow away remnants of Local::Unix
2013-11-05 13:51:45 -06:00
36f96d343e
Revert "Revert "Land #2505 " to resolve new rspec fails"
...
This reverts commit e7d3206dc9
2013-11-05 13:45:00 -06:00
c92e8ff98d
Delete extra space
2013-10-30 19:34:54 -05:00
9045eb06b0
Various title and description updates
2013-10-28 14:00:19 -05:00
dd094eee04
Use 443 by default with SSL
2013-10-24 16:30:26 -05:00
72f686d99a
Add module for CVE-2013-2751
2013-10-24 16:10:32 -05:00
2aed8a3aea
Update modules to use new ZDI reference
2013-10-21 15:13:46 -05:00
032da9be10
Land #2426 - make use of Msf::Config.data_directory
2013-10-21 13:07:33 -05:00
e7d3206dc9
Revert "Land #2505 " to resolve new rspec fails
...
This reverts commit 717dfefead6430fa3354
2013-10-21 12:47:57 -05:00
cacaf40276
Land #2542 - D-Link DIR-605L Captcha Handling Buffer Overflow
2013-10-21 12:03:07 -05:00
9bfd98b001
Change plate
2013-10-21 11:54:42 -05:00
717dfefead
Land #2505 , missing source fix for sock_sendpage
2013-10-21 11:47:55 -05:00
7dd39ae5e6
Update ranking
2013-10-17 22:43:47 -05:00
a00a813649
Add real device libraries base addresses
2013-10-17 22:34:54 -05:00
3d3a7b3818
Add support for OSVDB 86824
2013-10-17 01:08:01 -05:00
ba2c52c5de
Fixed up some more weird splat formatting.
2013-10-16 16:25:48 -05:00
ed0b84b7f7
Another round of re-splatting.
2013-10-15 14:14:15 -05:00
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
63e40f9fba
Release time fixes to modules
...
* Period at the end of a description.
* Methods shouldn't be meth_name! unless the method is destructive.
* "Setup" is a noun, "set up" is a verb.
* Use the clunky post module naming convention.
2013-10-14 15:17:39 -05:00
75aaded842
Land #2471 , @pyoor's exploit for CVE-2013-5743
2013-10-14 14:03:28 -05:00
a6f17c3ba0
Clean zabbix_sqli
2013-10-14 14:01:58 -05:00
d929bdfaab
Re-fixing 8419, consistency is important.
2013-10-12 08:09:19 -04:00
dfe74ce36c
Factorize sock_sendpage
2013-10-11 13:40:01 -05:00
171b70fa7c
Zabbix v2.0.8 SQLi and RCE Module
...
Conflicts:
modules/exploits/linux/http/zabbix_sqli.rb
Commit completed version of zabbix_sqli.rb
2013-10-10 22:50:02 -04:00
b9b2c82023
Add some entropy
...
* Random filename
* Stop shipping debug strings to the exploit executable
Also makes the writable path configurable, so we don't always have to
use /tmp in case it is mounted noexec, etc.
2013-10-10 18:18:01 -05:00
9ca9b4ab29
Merge branch 'master' into data_dir
...
Conflicts:
lib/msf/core/auxiliary/jtr.rb
2013-10-10 19:55:26 +01:00
947925e3a3
Use a proper main signature with arguments
...
Allows us to `unlink(argv[0])`
2013-10-09 17:22:01 -05:00
c251596f0b
Fix some bugs in preparation for factorizing
...
* Stop removing \x0a characters with String#scan, which of course breaks
the shellcode
* Fork so the original session continues to work
2013-10-09 16:03:40 -05:00
0acb170ee8
Bug #8419 - Added platform info missing on exploits
2013-10-08 22:41:50 -04:00
4ba001d6dd
Put my short name to prevent conflicts.
2013-10-07 14:10:47 -05:00
ec6516d87c
Deprecate misnamed module.
...
* Renames to a linux linksys module.
2013-10-07 14:06:13 -05:00
fcba424308
Kill off EOL spaces on astium_sqli_upload.
2013-10-03 11:01:27 -05:00
c460f943f7
Merge branch 'master' into data_dir
...
Conflicts:
modules/exploits/windows/local/always_install_elevated.rb
plugins/sounds.rb
scripts/meterpreter/powerdump.rb
scripts/shell/spawn_meterpreter.rb
2013-10-02 20:17:11 +01:00
23b0c3b723
Add Metasploit blog references
...
These modules have blogs from the Rapid7 community, we should add them.
2013-10-01 20:50:16 -05:00
7ba846ca24
Find and replace
2013-09-26 20:34:48 +01:00
813bd2c9a5
Land #2379 , @xistence's exploit for OSVDB 88860
2013-09-26 13:52:15 -05:00
c2ff5accee
stability fixes to astium_sqli_upload
2013-09-26 10:23:33 +07:00
c547e84fa7
Prefer Ruby style for single word collections
...
According to the Ruby style guide, %w{} collections for arrays of single
words are preferred. They're easier to type, and if you want a quick
grep, they're easier to search.
This change converts all Payloads to this format if there is more than
one payload to choose from.
It also alphabetizes the payloads, so the order can be more predictable,
and for long sets, easier to scan with eyeballs.
See:
https://github.com/bbatsov/ruby-style-guide#collections
2013-09-24 12:33:31 -05:00
8db1a389eb
Land #2304 fix post module require order
...
Incidentally resolve conflict on current_user_psexec to account for the
new powershell require.
2013-09-23 16:52:23 -05:00
4bff8f2cdc
Update descriptions for clarity.
2013-09-23 13:48:23 -05:00
1fc849bdd5
Land #2188 , @m-1-k-3's module for OSVDB 90221
2013-09-23 11:44:43 -05:00
71d74655f9
Modify description
2013-09-23 11:44:04 -05:00
0eb838156b
Land #2390 - Use payload.encoded because BadChars are defined
2013-09-19 22:10:55 -05:00
Chris John Riley