adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,247 Commits 27 Branches 1,043 Tags
5383900a54ef6e9dab353bbf4e29d024cb6cba4d
Commit Graph

12791 Commits

Author SHA1 Message Date
William Webb 076848e904 Land #7993, Keep sessions in progress alive 2017-02-24 16:57:47 -06:00
Metasploit f9e4fd54fe Bump version of framework to 4.14.1 2017-02-24 13:31:17 -08:00
Jeffrey Martin a954521d75 bump minor version 2017-02-24 15:07:07 -06:00
James Barnett 2631259919 Land #7973, Enable cert validation for Nexpose 
This PR enables connection to a Nexpose console using the
nexpose client gem.

It also allows you to connect using a trusted certificate
instead of simply overriding the SSL validation.
 2017-02-24 14:27:24 -06:00
Pearce Barry e5d0370a94 Fixes MS-1716, keep sessions in progress alive. 2017-02-24 12:56:05 -06:00
Metasploit 0f4e03be7b Bump version of framework to 4.13.27 2017-02-24 10:03:33 -08:00
wchen-r7 f27ef55391 Land #7992, Improve Signature Evasions for browser exploits 2017-02-23 16:32:49 -06:00
Jeff Tang e3f613ecc6 Bypass: Metasploit OS detection 
SEP is triggering on HTTP POSTs which start with `os_name`
 2017-02-23 15:42:04 -05:00
Jeff Tang 84ab3c66cc Use obfuscated JS in BES 2017-02-22 12:47:36 -05:00
bwatters-r7 4f839299f1 Land #7978, Add a test module for railgun API calls 2017-02-21 17:15:49 -06:00
Metasploit 01558d3d51 Bump version of framework to 4.13.26 2017-02-21 14:01:15 -08:00
James Barnett d738b63fa6 Land #7985, Fix bug in check_setup for bavision 
@wchen-r7 fix uncovered another bug in the logic for the
check_setup return. This switches the return to the expected
values.

Fixes #7984
 2017-02-21 14:29:21 -06:00
James Barnett 93f75746c4 Fix logic error in #7985 
The check_setup method expects an error message if the
web server is not compatible with the module, and false otherwise.
We were previously returning the opposite of the expected behavior.
 2017-02-21 13:49:59 -06:00
William Webb 2a20d24c29 Land #7966, Fix 'rm' to handle multiple files 2017-02-21 13:32:19 -06:00
wchen-r7 adf1385427 Fix #7984, Fix NoMethodError `match' for bavision_cameras.rb 
Fix #7984
 2017-02-21 12:00:01 -06:00
Spencer McIntyre 7d1fadb84f Add a test module for railgun api calls 2017-02-18 17:37:49 -05:00
Metasploit 647020289f Bump version of framework to 4.13.25 2017-02-17 17:03:42 -08:00
dmohanty-r7 c4f1e0db1f Land #7913, Fix Console Route Print with ipv4 and ipv6 2017-02-17 17:42:57 -06:00
Brent Cook 17b88da080 Land #7964, fix running a scanner with USER_AS_PASS and USER_FILE 2017-02-17 17:16:49 -06:00
Brent Cook 566bafe65d Land #7962, Uploading files without specifying the destination closes a Meterpreter session. 2017-02-17 17:04:22 -06:00
Brent Cook 5207cb6c3a Land #7914, send the correct exception on channel open failure 2017-02-17 17:00:30 -06:00
Brent Cook 807a27e73d clarify error handling when a channel cannot be opened 2017-02-17 16:59:09 -06:00
Brent Cook 0e3eba18b3 simplify guard logic 2017-02-17 16:00:15 -06:00
Brent Cook f4befda59b inherit the options from the default target so we can autocomplete before the rhost resolution occurs 2017-02-17 15:50:45 -06:00
Metasploit 6e62899e1c Bump version of framework to 4.13.24 2017-02-17 10:02:51 -08:00
Brent Cook da82f0891e Land #7860, Add OverrideScheme option to reverse_http/s handler 2017-02-17 11:12:49 -06:00
Rich Whitcroft 5bd38af8d6 fix rm to handle multiple files 2017-02-15 19:22:39 -05:00
Rich Whitcroft 4e5dabf35f fix cred_scanner's has_privates? method 2017-02-15 16:05:49 -05:00
Rich Whitcroft 24a4211bb9 fix upload when dest not specified 2017-02-14 22:08:49 -05:00
wchen-r7 f600fa1caa Be aware of logout 2017-02-14 17:03:57 -06:00
wchen-r7 81abbfba46 Resolve #7959, Automatically login to RPC service after expiration 
When the RPC client token expires, it will automatically login
again, and renew the token during the next RPC request.

Resolves #7959
 2017-02-14 16:41:08 -06:00
Brent Cook b741c8b2f7 fix typo in failure path, pointed out by rw- 2017-02-13 21:16:48 -06:00
Metasploit 184707c6fc Bump version of framework to 4.13.23 2017-02-13 16:04:35 -08:00
Brent Cook c1d08b9574 rename udp_sock to udp_socket to avoid mixin collisions 2017-02-12 22:31:56 -06:00
Metasploit 44d229ad49 Bump version of framework to 4.13.22 2017-02-10 10:02:43 -08:00
James Lee 4f13bde471 Override empty? for the weird ones 
Fixes #7899
 2017-02-09 14:57:20 -06:00
wchen-r7 4b5bc84f5c Land #7918, Fix report_vuln for aux/scanner checks 2017-02-09 12:18:33 -06:00
Christian Mehlmauer 8ade9b8aae Land #7905, WordPress content injection module 2017-02-09 15:49:50 +01:00
Tim 095831e029 fix silly typo 2017-02-08 23:41:15 +08:00
William Vu b06895b604 Hide RPORT more intelligently 2017-02-08 09:40:42 -06:00
Tim 870621d169 Add OverrideScheme option, fixes #7841 2017-02-08 23:30:29 +08:00
Metasploit d81bdc1c02 Bump version of framework to 4.13.21 2017-02-07 17:27:47 -08:00
Brent Cook 74e029f3b1 Land #7932, Fix CVE-2017-5229 2017-02-07 19:22:36 -06:00
Brent Cook 522c6dce8e Land #7931, Fix CVE-2017-5231 and respect user's dest 2017-02-07 19:22:17 -06:00
Brent Cook 68a5d300fe minor style issues 2017-02-07 18:35:35 -06:00
Brent Cook b370dd0654 Fix CVE-2017-5229 - extapi Clipboard.parse_dump() Directory Traversal 2017-02-07 18:24:06 -06:00
Justin Steven 56cf6b129d Fix CVE-2017-5228 2017-02-07 23:44:23 +10:00
Justin Steven cb74d3b05b Fix CVE-2017-5231 and respect user's dest 2017-02-07 23:41:59 +10:00
William Vu 31f93de150 Update HttpClient and WordPress mixins 2017-02-06 04:40:26 -06:00
William Vu ba80e1d9e5 Fix report_vuln for aux/scanner checks 
Msf::Auxiliary::Scanner#setup sets it to nil in instance.check_simple.
 2017-02-06 01:20:18 -06:00