cf9b94a964
Set needs_cleanup flag for exploits that need it
...
The `needs_cleanup` flag needs to be set per-module when an exploit
needs an interactive session to clean up. Some `FileDropper` exploits
need additional cleanup to what the mixin provides, but since all
`FileDropper`s already mark themselves as needing cleanup those are not
covered here. A few of these could potentially be refactored to use the
original exploitation method to clean up or to compile the list of
files/commands to clean up ahead of time, but that is out of the scope
of this fix.
2019-08-02 10:23:53 -05:00
6126a627cc
Land #10570 , AKA Metadata Refactor
2018-09-17 22:29:20 -05:00
4c036e70c1
Fix http://seclists.org links to https://
...
I have no idea how this happened in my own code. I was seeing https://.
2018-09-15 18:54:45 -05:00
eb17d9b198
Refactor AKA references for modules
2018-08-31 16:56:05 -05:00
f4bb00b9a5
Remove stray PayloadType outside Compat
2018-06-12 14:59:29 -05:00
93e9c96a1c
Adjust link / name ordering to be alphabetical by key (not sorted by value)
2018-05-21 14:42:13 -04:00
c665a32eb9
Add privileged and fix PayloadType hash style
2018-05-19 19:06:50 -04:00
d9d226376c
Fix missing comma
2018-05-19 09:23:23 -04:00
4bf259e767
Add github and EDB ID number
2018-05-19 09:04:18 -04:00
b0f556639f
Change rand text length and remove disable nops
2018-05-19 09:02:00 -04:00
6d0c6a7051
Randomize the starting letter
2018-05-18 15:14:40 -04:00
1efa5c4061
Move to PayloadType instead of Compat
2018-05-18 14:55:33 -04:00
599979be37
Add AKA and remove filename
2018-05-18 14:49:12 -04:00
0951aca881
Fix require that’s included by mixin
2018-05-18 13:31:20 -04:00
35ee1b5fa1
Use https instead of http in the comments
2018-05-18 13:10:47 -04:00
8f0242344d
Fix style to use curly braces instead of pipes
2018-05-18 13:06:38 -04:00
f1b9088609
Fix msf/core include requirement
...
```
modules/exploits/unix/dhcp/rhel_dhcp_client_command_injection.rb - [WARNING] Explicitly requiring/loading msf/core is not necessary
```
removes `require msf/core`
2018-05-18 13:04:55 -04:00
164f3ef48d
Add CVE-2018-1111 exploit
2018-05-18 12:47:08 -04:00
6300758c46
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
b8d80d87f1
Remove last newline after class - Make @wvu-r7 happy
2017-07-19 11:19:49 +01:00
d20036e0fb
revise spelling, add heartbleed and tidy checks
2017-06-28 18:50:20 -04:00
461ab4501d
add 'Also known as', AKA 'AKA', to module references
2017-06-28 15:53:00 -04:00
64452de06d
Fix msf/core and self.class msftidy warnings
...
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e02167b1d9596c7
2016-07-15 12:00:31 -05:00
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
2016-03-07 13:19:55 -06:00
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
16d0d53150
Update Shellshock modules, add Advantech coverage
2015-12-01 10:40:46 -06:00
203c231b74
Fix #5659 : Update CMD exploits payload compatibility options
2015-08-10 17:12:59 -05:00
35d3bbf74d
Fix up comment splats with the correct URI
...
See the complaint on #4039 . This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
df44dfb01a
Add OSVDB and EDB references to Shellshock modules
2014-09-29 21:39:07 -05:00
6e2d297e0c
Credit the original vuln discoverer
2014-09-26 13:45:09 -05:00
a4bc17ef89
deregister options needed for exploitation
2014-09-26 10:15:46 -05:00
54e6763990
Add injection to HOSTNAME and URL
2014-09-26 10:13:24 -05:00
86f85a356d
Add DHCP server module for CVE-2014-6271
2014-09-26 01:24:42 -05:00
Adam Cammack