53ea7e577f
Add sanitized new XML format
2019-06-07 00:07:50 -05:00
10dccfcedb
Remove warning
...
<context> provides service info now:
<context>TCP:443 ([redacted]), SHA256[=][redacted], Serial[=][redacted]</context>
2019-06-06 23:45:07 -05:00
40eeae541b
Fix style
2019-06-06 23:38:41 -05:00
f646a973a7
Update retina imports to better handle parsing
2019-06-06 19:13:06 -05:00
37414b5760
Land #11948 , surface errors returned from remote data service in console
2019-06-06 12:40:42 -05:00
614c1afc41
Bump version of framework to 5.0.28
2019-06-06 10:07:53 -07:00
e76fd32bc1
automatic module_metadata_base.json update
2019-06-05 13:30:30 -07:00
af1afca1e3
Land #11940 , Add files to test that may not be open
2019-06-05 15:03:33 -05:00
0516441549
Land #11949 , Fix wordpress_content_injection CVE
2019-06-05 14:54:01 -05:00
3c4699c848
Remove unnecessary leading slash from log message
2019-06-05 15:10:00 -04:00
25f45144e8
Handle exceptions raised by get_msf_version call
...
Exceptions may be raised via the remote data service response handling
while making the call to check the MSF version.
2019-06-05 15:09:33 -04:00
69ab2154ad
wordpress_content_injection: fix CVE number
2019-06-05 12:43:16 +02:00
8c3d7b3900
automatic module_metadata_base.json update
2019-06-04 10:58:45 -07:00
9edf92434c
Land #11895 , CVE-2018-20434 LibreNMS cmd injection exploit
2019-06-04 12:28:24 -05:00
7366994f7b
automatic module_metadata_base.json update
2019-06-04 10:26:24 -07:00
c93c65cef5
Update date format
2019-06-04 12:24:00 -05:00
749501d449
Refactor remote data service response handling
...
Raises exceptions for error responses rather than failing silently.
This exposes the server-side error message to the user in console.
2019-06-04 12:09:06 -05:00
8fe11744bd
Use the revised ResponseWrapper error classes
2019-06-04 11:59:00 -05:00
52c67a6952
Modify ResponseWrapper to support three states
...
There is a success response, an error response and a failed response.
An error response contains a body with an error message from the
server-side, while a failed response represents an invalid response
caused by an issue with the request or response.
2019-06-04 11:56:12 -05:00
c1572c89a8
Land #11841 , IBM WAS Network Deployment RCE CVE-2019-4279
2019-06-04 11:49:05 -05:00
129bb898d8
Merge CMD Target Update
2019-06-04 11:47:28 -05:00
eff819b523
Land #11945 , Make auto_cl more selective based on HTTP method
...
Merge branch 'land-11945' into upstream-master
2019-06-04 09:04:13 -05:00
c28b15e9fe
Land #11823 , Handle invalid payloads more clearly
...
Merge branch 'land-11823' into upstream-master
2019-06-04 08:34:41 -05:00
cd182e2014
Land #11938 , fix cmd_exec tests on python/windows
...
Merge branch 'land-11938' into upstream-master
2019-06-04 08:01:49 -05:00
e5a4c2d341
Make auto_cl more selective based on HTTP method
...
According to https://tools.ietf.org/html/rfc7230#section-3.3.2 , a zero content-length is valid for some kinds of HTTP methods.
Instead of implicitly disabling auto_cl if there is no actual content, disable auto_cl default for HTTP methods where semantics of the message do not anticipate any content. This can still be overridden by a caller if it still wants to add an empty content-length for HTTP methods where it does not normally make sense (e.g. if it exploits a bug.)
2019-06-04 04:04:08 -05:00
d50cf542cf
automatic module_metadata_base.json update
2019-06-03 23:13:42 -07:00
b8abb550e6
Land #11924 , Update adobe_flash_opaque_background_uaf for Win 10
2019-06-04 00:51:34 -05:00
191d73f3ef
Update rex-exploitation
2019-06-04 00:40:01 -05:00
30a0f25eae
automatic module_metadata_base.json update
2019-06-03 17:13:46 -07:00
17170e2152
Land #11937 , make content-length header optional
2019-06-03 18:56:27 -05:00
6f711dfab4
Land #11918 , replace trivial usage of expand_path with getenv
...
Merge branch 'land-11918' into upstream-master
2019-06-03 16:59:39 -05:00
e425547398
Add some files to the test that are not likely to be open
2019-06-03 08:25:46 -05:00
cdce03f42d
fix_os_check
2019-06-03 16:17:23 +09:00
22e8d3488d
Land #11862 , wordlists for wordpress plugin/theme directories
...
Add wordlists for enumerating WordPress plugin/theme directories
2019-06-03 00:54:43 -05:00
cd460aa2cb
fix cmd_exec tests on python/windows
2019-06-03 03:47:52 +08:00
76aeeafe7b
Land #11936 , rename a few module docs
2019-06-02 13:54:03 -05:00
ba947eab20
another rename
2019-06-02 13:53:44 -05:00
3cf375c05c
if there is no content, don't include content length
2019-06-02 13:27:11 -05:00
6ffc6b9b18
Fix #11934 , frontpage_credential_dump.md file move
2019-06-02 12:40:18 -05:00
f70a56edcf
automatic module_metadata_base.json update
2019-06-02 09:56:15 -07:00
b5bdc06c4c
Land #11933 , add default VID and cmd/unix support to post/multi/manage/play_youtube
2019-06-03 00:39:11 +08:00
42082f0bcf
Add unix platform
2019-06-02 11:31:43 -05:00
fe5bc8242f
Add cmd/unix support
2019-06-02 11:19:44 -05:00
852cd6c6c6
Note unused variables
2019-06-02 11:19:30 -05:00
290741719c
Add default VID to post/multi/manage/play_youtube
2019-06-02 11:01:57 -05:00
d3354152ab
Land #11913 , remove older Ruby's from test matrix
2019-06-02 10:48:27 -05:00
3ddd68394b
automatic module_metadata_base.json update
2019-06-01 19:46:11 -07:00
817d3ce081
Land #11477 , add Exploit for CVE-2018-4233 and async_wait for iOS 10 to 11.2
2019-06-01 21:24:44 -05:00
18c825d7fa
update mettle payloads gem to include dylib
2019-06-02 10:22:30 +08:00
6921ca74d8
add exploit binary
2019-06-02 10:19:24 +08:00
William Vu