7e1446d8fa
Land #6400 , iis_webdav_upload_asp improvements
2016-01-14 12:12:33 -06:00
6deb57dca3
Deprecate post/windows/manage/smart_migrate and other things
...
This includes:
* Give credit to thelightcosine in priv_migrate
* Deprecate smart_migrate
* Update InitialAutoRunScript for winrm_script_exec
2016-01-12 23:14:13 -06:00
d7061e8110
OCD fixes
2016-01-05 23:28:56 +00:00
9120a6aa76
iis_webdav_upload_asp: Add COPY and a few other tricks
2015-12-26 16:01:46 +00:00
283cf5b869
Update msftidy to catch more potential URL vs PACKETSTORM warnings
...
Fix the affected modules
2015-12-24 09:12:24 -08:00
27a6aa0be1
Fix current msftidy warnings about PACKETSTORM vs URL
2015-12-24 09:05:02 -08:00
efdb6a8885
Land #6392 , @wchen-r7's 'def peer' cleanup, fixing #6362
2015-12-24 08:53:32 -08:00
0f2f2a3d08
Remove peer; included via Exploit::Remote::Tcp in lib/msf/core/exploit/mysql.rb
2015-12-24 07:46:55 -08:00
e4f9594646
Land #6331 , ensure generic payloads raise correct exceptions on failure
2015-12-23 15:43:12 -06:00
cea3bc27b9
Fix #6362 , avoid overriding def peer repeatedly
...
def peer is a method that gets repeated a lot in modules, so we
should have it in the tcp mixin. This commit also clears a few
modules that use the HttpClient mixin with def peer.
2015-12-23 11:44:55 -06:00
f129c0363e
Fix broken logic
...
Forgot to set retval when I removed the ensure.
2015-12-21 10:52:03 -06:00
afe4861195
Fix nil bug and missing return
2015-12-18 15:54:51 -06:00
b25aae3602
Add refs to module
...
See rapid7#6344.
2015-12-14 12:05:46 -06:00
5ffc80dc20
Add ManageEngine ConnectionId Arbitrary File Upload Vulnerability
2015-12-14 10:51:59 -06:00
11c1eb6c78
Raise Msf::NoCompatiblePayloadError if generate_payload_exe fails
...
Most exploits don't check nil for generate_payload_exe, they just
assume they will always have a payload. If the method returns nil,
it ends up making debugging more difficult. Instead of checking nil
one by one, we just raise.
2015-12-08 21:13:23 -06:00
0f24ca7d13
Land #6280 , @wchen-r7's module for Oracle Beehive processEvaluation Vulnerability
2015-12-01 21:38:09 -06:00
d269be22e7
Land #6223 , @wchen-r7's module for Oracle Beehive prepareAudioToPlay exploit
2015-12-01 21:36:18 -06:00
ea363dd495
priv to true
2015-12-01 10:23:36 -06:00
2621753417
priv to true
2015-12-01 10:21:56 -06:00
d5d4a4acdc
Register the correct jsp to cleanup
2015-12-01 10:21:15 -06:00
7dc268d601
Land #6283 , increase the amount of space needed for ms08_067
2015-11-25 19:37:25 -06:00
35ea8c3f74
relax space needed a bit less, work with Windows XP and 2k3
2015-11-25 11:25:57 -06:00
2a89a2bc9a
increase the amount of space needed for ms08_067
2015-11-25 07:13:16 -06:00
f9d3652e1a
Land #6282 , deprecated module cleanup
...
rm modules/exploits/windows/browser/adobe_flash_pixel_bender_bof.rb
2015-11-24 23:48:09 -06:00
f57ebad0e6
Change hard tabs to spaces
2015-11-24 22:54:52 -06:00
9a7e51daec
Update bison_ftp_bof.rb
2015-11-25 11:47:21 +08:00
3d6e4068cb
Update bison_ftp_bof.rb
2015-11-25 11:17:07 +08:00
591da3c97e
Please use exploit/multi/browser/adobe_flash_pixel_bender_bof
...
Time to say goodbye to:
exploits/windows/browser/adobe_flash_pixel_bender_bof.rb
Please use:
exploit/multi/browser/adobe_flash_pixel_bender_bof
Reason: The replacement supports multiple platforms, so better.
2015-11-24 20:37:57 -06:00
4e2eb7ca65
Add Oracle Beehive processEvaluation Vulnerability
2015-11-24 19:17:57 -06:00
441fff4b7c
Update bison_ftp_bof.rb
...
Adding constant NOP
2015-11-23 06:53:12 +08:00
e3bca890c1
Update bison_ftp_bof.rb
2015-11-20 23:45:15 +08:00
1dee6dca1b
Update bison_ftp_bof.rb
2015-11-20 13:37:46 +08:00
bd856322e0
Update bison_ftp_bof.rb
2015-11-20 09:58:44 +08:00
335944aa9a
Update bison_ftp_bof.rb
2015-11-20 09:38:55 +08:00
fcc7520230
Create bison_ftp_bof.rb
2015-11-20 09:07:40 +08:00
3c72135a2f
No to_i
...
What happens here is it converts to a Fixnum, and then it converts
back to a String anway because it's in a String.
2015-11-18 15:25:18 -06:00
a484b318eb
Update registry_persistence.rb
2015-11-18 16:13:18 +00:00
1fe8bc9cea
Added a SLEEP_TIME option
...
Added a SLEEP_TIME options which is the number of seconds to sleep prior to executing the initial IEX request. This is useful in cases where a machine would have to establish a VPN connection, initiated by the user, after a reboot.
Alternatively, as opposed to a sleep time, it could have a loop that attempts to retry for a certain period of item.
2015-11-18 11:17:57 +00:00
8ea0a864db
Add a reference for patching
2015-11-10 23:32:22 -06:00
66f3582991
Add Oracle Beehive prepareAudioToPlay Exploit Module
2015-11-10 23:05:11 -06:00
43229c16e7
Correct some authors with unbalanced angle brackets
2015-11-06 13:24:58 -08:00
ee6d6258a5
Land #6180 , add PSH as a target for psexec directly, implement autodetect
2015-11-05 10:38:50 -06:00
862dff964a
Integrate psexec_psh into psexec
2015-11-04 17:31:33 -06:00
6a01efa394
Deprecate psexec_psh
2015-10-30 17:41:58 -05:00
2bd792f693
remove .rb file extension
2015-10-30 15:26:45 -05:00
82e600a53a
Suggest the correct replacement for the deprecated module
...
The deprecated module has been suggesting the wrong replacement,
it should be exploits/multi/browser/adobe_flash_pixel_bender_bof.rb
2015-10-29 16:24:29 -05:00
95920b7ff6
Bring back more working links
2015-10-29 15:57:16 -05:00
da52c36687
Put back some links
2015-10-29 15:48:47 -05:00
154fb585f4
Remove bad references (dead links)
...
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
b2e3ce1f8a
Allow to finish when deletion fails
2015-10-26 16:40:36 -05:00
William Vu