2a3855c5af
Skip the psh prepend sleep time error when it is 0
2015-02-09 14:20:04 -05:00
985641dbc4
Add missing Context, fixes #4723
2015-02-07 11:27:57 -06:00
4e0a62cb3a
Land #4664 , MS14-070 Server 2003 tcpip.sys priv esc
2015-02-05 18:49:15 -05:00
5a39ba32f6
Make the ret instruction for token stealing optional
2015-02-05 14:00:38 -05:00
434bca0b27
Land #4613 , auxiliary/server/capture/smb credential creation
2015-02-04 22:45:36 -06:00
1fbed1dcfc
Autoload instead of require
2015-01-30 15:42:16 -06:00
062529ce3b
Move HttpServer::HTML into its own file
2015-01-30 15:24:15 -06:00
3572ce9a37
Break PHPInclude into its own file
2015-01-30 15:16:54 -06:00
457598eb02
print_error about unknown request.uri
2015-01-27 20:21:18 -06:00
acf02647fb
Add a check for Custom404
2015-01-27 20:18:10 -06:00
66703bfe5a
Allow custom 404 as an option for BrowserExploitServer
...
When something fails, the target is given a hardcoded 404 message
generated by the framework. But the user (attacker) now can configure
this. When the Custom404 option is set, the mixin will actually
redirect (302) to that URL.
There are several scenarios that can trigger a 404 by BES (custom or
default):
* When the browser doesn't allow javascript
* When the browser directly visits the exploit URL, which is forbidden.
If this actually happens, it probably means the attacker gave the
wrong URL.
* The attacker doesn't allow the browser auto-recovery to retry the
URL.
* If some browser requirements aren't met.
* The browser attempts to go to access a resource not set up by the
mixin.
2015-01-27 18:53:02 -06:00
ee922d141c
Fix #4646 - get_module_resource should check nil before using get_resource
...
Fix #4646 . The get_module_resource needs to check nil first before
using the get_resource method (from HttpServer)
2015-01-27 00:21:43 -06:00
273ba54a21
Fix server/capture/smb to use create_credential
2015-01-15 22:39:11 -06:00
f0de45c371
Fix typo and add Subject support
2015-01-14 02:17:29 -06:00
6dad66c04c
add Date header support to SMTP deliver
...
the SMTP mixin now supports the Date header.
The user can supply a a value for the Date Header
or else it will automatically use the current local
DateTime. This will help alleviate certain issues
caused by servers setting this field for the cliebnt incorrectly
MSP-9390
2015-01-12 11:18:07 -06:00
478505c17a
ruby 2.2 compatibility
...
https://bugs.ruby-lang.org/issues/10314
2015-01-07 11:41:34 +02:00
609c490b3c
I missed nobfu
2015-01-06 12:49:39 -06:00
2ed05869b8
Make Msf::Exploit::PDF follow the Ruby method naming convention
...
Just changing method names.
It will actually also fix #4520
2015-01-06 12:42:06 -06:00
0bece137c1
Land #4494 , Object.class.to_s fix
2015-01-06 02:27:35 -06:00
d45cdd61aa
Resolve #4507 - respond_to? + send = evil
...
Since Ruby 2.1, the respond_to? method is more strict because it does
not check protected methods. So when you use send(), clearly you're
ignoring this type of access control. The patch is meant to preserve
this behavior to avoid potential breakage.
Resolve #4507
2015-01-02 13:29:17 -06:00
6d966dbbcf
Land #4203 , @jvazquez-r7's cleanup for java_rmi_server
2014-12-31 11:25:19 -05:00
4f11dc009a
fixes #4490 , class.to_s should not be used for checks
2014-12-31 10:46:24 +01:00
0857d74a7d
Clean up rspec
2014-12-30 11:29:30 -08:00
f8d432dfc1
Support reading a list of local/remote files for smb admin modules ( #3994 )
2014-12-30 09:21:29 -08:00
04772c8946
Ensure stop_service closes Rex::Proto::Http::Server
2014-12-26 13:50:03 -06:00
e974d272f0
Remove stray line comment that ruined things when minified.
2014-12-23 00:22:50 -06:00
d3050de862
Remove references to Redmine in code
...
See #4400 . This should be all of them, except for, of course, the module
that targets Redmine itself.
Note that this also updates the README.md with more current information
as well.
2014-12-19 17:27:08 -06:00
9545b6e4d6
Land #4343 , os_flavor reduction
2014-12-12 14:49:15 -06:00
177cade6a5
Merge branch 'land-4274-ssl' into temp
2014-12-12 13:25:54 -06:00
0eea9a02a1
Land #3144 , psexec refactoring
2014-12-10 17:30:39 -06:00
9202c4f2a1
No mercy for os_flavor
2014-12-10 11:46:21 -06:00
a584a5982f
Clarify about how BES uses os_flavor
...
We don't. We don't use os_flavor anymore because it is no longer
implemented. We get the information from os_name instead.
2014-12-09 12:21:59 -06:00
743e9fca9d
Correctly set default SECRET
2014-12-04 14:06:22 -08:00
1e423f415e
Add missing opt ,
2014-12-04 14:05:17 -08:00
7f425fc3ab
Configurable fix for #4305
...
Rename UDP_SECRET to just SECRET, as it is used for more than just UDP
Rename and properly document GATEWAY option
Introduce an option to configure what UDP port will be probed
2014-12-04 13:17:34 -08:00
f22d7191cd
Test fix for #4305
2014-12-04 10:59:57 -08:00
d8b1401545
Test fix for #4306
2014-12-03 19:54:31 -08:00
394d132d33
Land #2756 , tincd post-auth BOF exploit
2014-12-01 12:13:37 -06:00
823b4e259a
Make it clear SSLVersion is not advertised since it isn't used
2014-11-22 14:25:09 -06:00
2f92a83092
Change to example.com as the default domain
2014-11-20 14:53:36 -06:00
7004c501f8
Merge remote-tracking branch 'upstream/master' into psexec_refactor_round2
...
Conflicts:
modules/exploits/windows/smb/psexec.rb
2014-11-19 14:40:50 +00:00
dff6af0747
Restore timeout
2014-11-18 12:17:10 -08:00
4844447d17
Use 20 seconds as default timeout
...
* Because it's the default timeout on Rex::Proto::SunRPC::Client
2014-11-18 12:17:10 -08:00
694561dd0f
Dont shadow methods with local variables, just in case...
2014-11-18 12:17:10 -08:00
bfde6047d5
Introduce a user-controlled timeout for SunRPC stuff
2014-11-18 12:17:10 -08:00
a9f9a8b116
Introduce new ::Rex::Proto::SunRPC::RPCError, making run_host cleaner
2014-11-18 12:17:10 -08:00
286827c6e5
Land #4186 , Samsung KNOX exploit. Ty @jvennix-r7!
2014-11-17 13:29:39 -06:00
9243cfdbb7
Minor fixes to ruby style things
2014-11-17 17:12:17 +01:00
91aa5fa3cf
Some simple ruby convention changes that hopefully make ruby people happy
2014-11-17 16:48:52 +01:00
3c1ce5072c
Replaced camel case states with snail_case
2014-11-17 16:37:04 +01:00
Spencer McIntyre