07c99f821e
Land #1879 , @dcbz ARM stagers
2013-05-29 17:43:37 -05:00
f76a50ae38
Land #1881 , @todb's fix for Redmine Bug 7991
2013-05-29 16:17:18 -05:00
e7a1f06fbc
Modules shouldn't be +x
2013-05-29 15:11:35 -05:00
7c41e239b4
Fix author name
2013-05-29 14:19:10 -05:00
52aae8e04c
Add small fixes for stagers
2013-05-29 14:01:59 -05:00
10d8bebe73
Start with a random username to test 401 codes
...
SeeRM #7991
While this fixes the specific case of tomcat_mgr_login, it doesn't
address the general case where modules are attempting to test code 401
responses in order to determine if bruteforcing should continue.
2013-05-29 12:36:28 -05:00
f0e3b0c124
Merge pull request #1836 from dmaloney-r7/bug/anyuser_anypass_http
...
Verified MSF specs passing, Pro on develop functional tests working (ran Bruteforce, saw normal and verbose output concerning that bruteforce was skipped for such a case and why, verified no cred saved with 'anyuser' user).
2013-05-29 07:44:18 -07:00
2c0f0f5f04
Changed reverse payload as suggested.
2013-05-28 21:52:16 -05:00
07c3565e3c
Made changes as suggested, forgot to remove exit() after testing was complete.
2013-05-28 21:31:36 -05:00
ed5b8895bb
Fixes smart_migrate for a TypeError bug
...
Bug is: TypeError can't convert Rex::RuntimeError into String
[SeeRM: #7984 ]
2013-05-28 18:45:49 -05:00
63694a6c87
Landing #1875 - Also remove *.ts.rb files
2013-05-28 17:29:02 -05:00
14c4dbcf8c
Also remove *.ts.rb files
...
On the heels of #1862 , this gets rid of the "test suites" that bound
together all the old unit tests.
2013-05-28 17:05:44 -05:00
a486fff9a4
Land #1872 , @wchen-r7's improvement of cold_fusion_version
2013-05-28 16:35:45 -05:00
96888455a7
Add new signature for CF9
2013-05-28 16:04:08 -05:00
deea66b76f
Landing #1871 - fix an undefined variable bug in the DTP module
2013-05-28 15:13:20 -05:00
b9969a8b2b
Landing #1855 - Updates for coldfusion_pwd_props for CF9 by ringt
2013-05-28 14:43:09 -05:00
0ecffea66f
Updates fingerprint() for CF10
2013-05-28 14:42:11 -05:00
a6a46f82bb
Updates the description a little bit
2013-05-28 14:31:56 -05:00
e4e5edc619
Looks like we don't need to check MD5, let's keep it that way then.
2013-05-28 14:31:15 -05:00
8ab90e657c
Adds a check for Cold Fusion 10
2013-05-28 14:21:29 -05:00
3857507d73
fix an undefined variable bug in the DTP module
2013-05-28 14:52:58 -04:00
9843dc4cb4
Land #1708 , android meterpreter
...
Conflicts:
data/meterpreter/ext_server_stdapi.jar
2013-05-28 12:19:45 -05:00
d16d316658
Fixes mssql_findandsampledata & ms11_006_creat esizeddibsection
...
[FixRM:7987]
[FixRM:7986]
2013-05-28 11:15:17 -05:00
73aa14cb91
Landing #1868 - IBM SPSS SamplePower 3.0 module (CVE-2012-5946)
2013-05-28 11:02:21 -05:00
75d6c8079a
Spelling, whitespace
...
Please be sure to run msftidy.rb on new modules. Thanks!
2013-05-28 10:03:37 -05:00
e678b2c5d8
Add module for CVE-2012-5946
2013-05-26 00:21:20 -05:00
57b7e4ec44
Update ms11_006_createsizeddibsection.rb
2013-05-25 13:14:41 +06:00
6f2ddb3704
Update mssql_findandsampledata.rb
2013-05-25 11:33:57 +05:00
e169ccab4f
Landing #1862 - Remove inline unit tests
2013-05-23 22:19:29 -05:00
ea7805d3c8
Fixed a bug in the HSTS module around null headers
2013-05-23 15:02:39 -04:00
05916c079e
Inline unit tests are so last decade
...
Aside from codebase-wide changes, nearly all of these tests haven't been
touched since before 2010, and there is no effort to maintain this style
of testing. We've moved on to (correctly) seperating out our tests from
our codebase.
2013-05-23 12:41:14 -05:00
81ad280107
Landing #1856 - CVE-2013-0758 Firefox <= 17.0.1 + Flash RCE
...
Chained exploit using CVE-2013-0758 and CVE-2013-0757
2013-05-23 12:21:10 -05:00
8680aa8952
Landing #1857 - MS12-020 off-by-one fix
2013-05-22 22:57:08 -05:00
67861794f6
Fix automatic payload selection
2013-05-22 22:37:18 -05:00
23fe3146dc
Extra print_status I don't want
2013-05-22 14:38:30 -05:00
bfcd86022d
Add code cleanup for nginx_chunked_size.
2013-05-22 14:37:42 -05:00
0e6576747a
Fix target selection probs, and swf path
2013-05-22 14:34:00 -05:00
81b690ae4b
Initial check in of nginx module
2013-05-22 13:52:00 -04:00
ecb9d1d7fa
Landing #1848 - AdobeCollabSync Buffer Overflow on Adobe Reader X
2013-05-22 12:24:42 -05:00
d028f52dbd
Fix broken ms12-020 vulnerability detection
...
The previous version of the script had an off-by-one error that prevented
proper detection of the vulnerability. Changes made in this revision
include:
- Correction of the off-by-one error
- Use of match instead of == to check for valid RDP connection
- Change of the channel requests to use IDs actually provided by
the responses from the server
2013-05-22 00:08:25 -04:00
aae4768563
Fix whitespace issues from msftidy.
2013-05-21 14:31:36 -05:00
eaeb10742a
Add some comments and clean some things up.
2013-05-21 14:01:14 -05:00
978aafcb16
Add DEBUG option, pass args to .encoded_exe().
2013-05-21 14:01:14 -05:00
ee8a97419c
Add some debug print calls to investigate Auto platform selection.
2013-05-21 14:01:13 -05:00
60fdf48535
Use renegerate_payload(cli, ...).
2013-05-21 14:01:13 -05:00
54eeb8f000
Adding new version...old version does not work in windows, doesnt fingerprint, and a few other minor things
2013-05-21 13:13:21 -05:00
ee28a3a8d7
Update http_login.rb
...
add parens around conditional to make bikeshed prettier
2013-05-21 11:28:23 -05:00
53cb493bc9
Fix @jlee-r7's feedback
2013-05-20 18:44:21 -05:00
a53ab4cff9
Moved dupandexecve.rb to shell.rb due to pull request coments.
2013-05-20 17:05:57 -05:00
f4498c3916
Remove $Id tags
...
Also adds binary coding magic comment to a few files
2013-05-20 16:21:03 -05:00
jvazquez-r7