1c20122648
fedora compatibility, added naming options
2016-06-25 08:43:55 -04:00
6c3871bd0c
update ssh modules to use new SSHFactory
...
updated all of our SSh based module to use the
new SSHFactory class to plug Rex::Sockets into
Net::SSH
MS-1688
2016-06-24 13:55:28 -05:00
18a3bf5f62
service persistence
2016-06-22 19:22:18 -04:00
de5152401a
Land #6992 , Add tiki calendar exec exploit
2016-06-22 11:18:14 -05:00
8697d3d6fb
Update tiki_calendar_exec module and documentation
2016-06-22 11:17:45 -05:00
0f2c1d886c
append over read and write
2016-06-21 16:56:34 -04:00
9cb57d78d7
updated check and docs that 14.2 may not be vuln
2016-06-21 16:48:09 -04:00
c7bacebd5b
slight issues found by void-in
2016-06-21 05:12:10 -04:00
4b8f572976
cron persistence
2016-06-20 21:45:04 -04:00
15a3d739c0
fix per wchen
2016-06-20 17:57:10 -04:00
6fe7698b13
follow redirect automatically
2016-06-19 20:24:54 -04:00
3f25c27e34
2 void-in fixes of 3
2016-06-19 14:35:27 -04:00
ddfd015310
functionalized calendar call, updated docs
2016-06-19 08:53:22 -04:00
3feff7533b
tiki calendar
2016-06-18 13:11:11 -04:00
ebde552982
gem version
2016-06-16 21:09:56 -04:00
9ea0b8f944
Land #6934 , Adds exploit for op5 configuration command execution
2016-06-16 14:36:10 -05:00
ea988eaa72
Add setsid to persist the shell
...
Prevents the watchdog from killing our session.
2016-06-16 11:31:35 -05:00
cfb034fa95
fixes all previously identified issues
2016-06-15 20:58:04 -04:00
81fa068ef0
pulling out the get params
2016-06-15 12:27:31 -04:00
52db99bfae
vars_post for post request
2016-06-15 07:24:41 -04:00
625d60b52a
fix the other normalize_uri
2016-06-14 15:03:07 -04:00
afc942c680
fix travis
2016-06-13 19:07:14 -04:00
bd4dacdbc3
added Rank
2016-06-13 19:04:06 -04:00
72ed478b59
added exploit rank
2016-06-13 18:56:33 -04:00
40f7fd46f9
changes outlined by wvu-r7
2016-06-13 18:52:25 -04:00
f63273b172
email change
2016-06-11 21:05:34 -04:00
bd6eecf7b0
centreon useralias first add
2016-06-11 20:57:18 -04:00
ec1248d7af
Convert to CmdStager
2016-06-10 20:42:01 -05:00
46239d5b0d
Add Apache Continuum exploit
2016-06-09 22:35:38 -05:00
d63dc5845e
wvu-r7 comment fixes
2016-06-09 21:52:21 -04:00
6da8c22171
Rename hash method to crypt
...
To avoid a conflict with Object#hash in Pro.
MS-1636
2016-06-09 15:21:40 -05:00
6f5edb08fe
pull uri from datastore consistently
2016-06-08 20:28:36 -04:00
c4aa99fdac
Land #6925 , ipfire proxy exec
2016-06-07 10:24:59 -05:00
7e84c808b2
Merge remote-tracking branch 'upstream/pr/6924' into dev
2016-06-07 09:24:25 -05:00
c2699ef194
rubocop fixes
2016-06-03 17:43:11 -04:00
2f837d5d60
fixed EDB spelling
2016-06-03 17:17:36 -04:00
8d76bdb8af
fixed EDB reference
2016-06-03 17:13:36 -04:00
d7cd10f586
Suggested updates for style and clarity
2016-06-03 14:04:58 -05:00
91658d2a61
Changes per rubocop and sinn3r
2016-06-03 12:42:38 -05:00
68d647edf1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into op5
2016-06-01 18:05:18 -04:00
52d5028548
op5 config exec
2016-06-01 15:07:31 -04:00
8ce59ae330
travis fixes
2016-05-31 05:46:20 -04:00
057947d7e8
ipfire proxy exec
2016-05-30 10:24:17 -04:00
9b5e3010ef
doc/module cleanup
2016-05-30 06:33:48 -04:00
df55f9a57c
first add of ipfire shellshock
2016-05-29 20:40:12 -04:00
14adcce8bf
Missed the HTTPUSERNAME fix
2016-05-27 18:37:04 -05:00
61f9cc360b
Correct casing - should be HttpUsername and HttpPassword
2016-05-27 18:31:54 -05:00
4dcddb2399
Fix #4885 , Support basic and form auth at the same time
...
When a module uses the HttpClient mixin but registers the USERNAME
and PASSWORD datastore options in order to perform a form auth,
it ruins the ability to also perform a basic auth (sometimes it's
possible to see both). To avoid option naming conflicts, basic auth
options are now HTTPUSERNAME and HTTPPASSWORD.
Fix #4885
2016-05-27 16:25:42 -05:00
6581fbd294
Add note about "mf" malware
...
This is the malware I found upon shelling my friend's device.
2016-05-20 23:09:10 -05:00
a16f4b5167
Return nil properly in rescue
...
Missed this because I copypasta'd myself.
2016-05-19 15:35:38 -05:00
h00die