8654baf3dd
Land #6880 , add a module for netcore/netdis udp 53413 backdoor
2016-08-08 15:43:34 -05:00
f98efb1345
Fix typos
2016-08-08 15:41:03 -05:00
864989cf6c
For echo command
2016-07-26 20:27:23 -05:00
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e02167b1d9596c7
2016-07-15 12:00:31 -05:00
2b016e0216
Land #6812 , remove broken OSVDB references
2016-07-11 22:59:11 -05:00
25f49c0091
Fixed Description
...
Just cleaned up Description.
2016-07-08 16:17:39 -07:00
4a4904149b
ruby conditional operator -> expression
2016-05-16 10:45:04 -05:00
4a3ab9d464
add a module for netcore/netdis udp 53413 backdoor
2016-05-16 02:11:53 -05:00
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
2016-03-07 13:19:55 -06:00
44990e9721
Revert "change Metasploit4 class names"
...
This reverts commit 3da9535e22
2016-03-07 13:19:48 -06:00
3da9535e22
change Metasploit4 class names
2016-03-07 09:57:22 +01:00
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
3d1861b3f4
Land #6526 , integrate {peer} string into logging by default
2016-02-15 15:19:26 -06:00
c67360f436
Remove extraneous whitespace
2016-02-10 09:44:01 -06:00
1d6b782cc8
Change logic
...
I just can't deal with this "unless" syntax...
2016-02-08 18:40:48 -06:00
d60dcf72f9
Resolve #6546 , support manual config for X-Jenkins-CLI-Port
...
Resolve #6546
2016-02-08 18:16:48 -06:00
12256a6423
Remove now-redundant peer
...
These all include either Msf::Exploit::Remote:Tcp or Msf::Exploit::Remote:HttpClient
2016-02-01 15:12:03 -06:00
cea3bc27b9
Fix #6362 , avoid overriding def peer repeatedly
...
def peer is a method that gets repeated a lot in modules, so we
should have it in the tcp mixin. This commit also clears a few
modules that use the HttpClient mixin with def peer.
2015-12-23 11:44:55 -06:00
ab3fe64b6e
Add method peer for jenkins_java_deserialize.rb
2015-12-15 01:18:27 -06:00
bd8aea2618
Fix check for jenkins_java_deserialize.rb
...
This fixes the following:
* nil return value checks
* handle missing X-Jenkins-CLI-Port scenario more properly
* proper HTTP path normalization
2015-12-14 11:25:59 -06:00
eb4611642d
Add Jenkins CLI Java serialization exploit module
...
CVE-2015-8103
2015-12-11 14:57:10 -06:00
a5c6e260f2
Update hp_vsa_login_bof.rb
...
Updated reference URL to latest location
2015-12-10 10:56:39 -05:00
154fb585f4
Remove bad references (dead links)
...
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
cd65478d29
Land #5826 , swap ExitFunction -> EXITFUNC
2015-09-01 13:58:12 -05:00
3e613dc333
change exitfunc to thread
2015-09-01 10:43:45 +02:00
648c034d17
change exitfunc to thread
2015-09-01 10:42:15 +02:00
80a22412d9
use EXITFUNC instead of ExitFunction
2015-08-13 21:22:32 +02:00
203c231b74
Fix #5659 : Update CMD exploits payload compatibility options
2015-08-10 17:12:59 -05:00
25e0f888dd
Initial commit of R7-2015-08 coverage
2015-07-08 13:42:11 -05:00
4224008709
Delete print_debug/vprint_debug
2015-04-21 11:14:03 -05:00
d45cdd61aa
Resolve #4507 - respond_to? + send = evil
...
Since Ruby 2.1, the respond_to? method is more strict because it does
not check protected methods. So when you use send(), clearly you're
ignoring this type of access control. The patch is meant to preserve
this behavior to avoid potential breakage.
Resolve #4507
2015-01-02 13:29:17 -06:00
d3050de862
Remove references to Redmine in code
...
See #4400 . This should be all of them, except for, of course, the module
that targets Redmine itself.
Note that this also updates the README.md with more current information
as well.
2014-12-19 17:27:08 -06:00
544f75e7be
fix invalid URI scheme, closes #4362
2014-12-11 23:34:10 +01:00
9e9954e831
fix placeholder to show the firmware version I used
2014-11-19 21:23:39 +01:00
a718e6f83e
add exploit for r7-2014-18 / CVE-2014-4880
2014-11-19 21:07:02 +01:00
35d3bbf74d
Fix up comment splats with the correct URI
...
See the complaint on #4039 . This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
4fbab43f27
Release fixes, all titles and descs
2014-10-01 14:26:09 -05:00
f2cfbebbfb
Add module for ZDI-14-305
2014-09-24 00:22:16 -05:00
ff6c8bd5de
Land #3479 , broken sock.get fix
2014-07-16 14:57:32 -05:00
748589f56a
Make cmdstager flavor explicit or from info
...
Every module that uses cmdstager either passes the flavor
as an option to the execute_cmdstager function or relies
on the module / target info now.
2014-06-28 17:40:49 -04:00
3868348045
Fix incorrect use of sock.get that leads to indefinite hang
2014-06-28 15:48:58 -05:00
d47994e009
Update modules to use the new generic CMDstager mixin
2014-06-27 08:34:55 -04:00
cdc425e4eb
Update some checks
2014-01-24 12:08:23 -06:00
646f7835a3
Saving progress
2014-01-21 17:14:55 -06:00
272fe5ddfd
Delete debug comments
2014-01-16 16:12:12 -06:00
8213eed49f
Delete Netgear N150 target, ist's a Netgear DGN1000 model
2014-01-16 15:14:31 -06:00
139119d32c
Add Manual targets to sercomm_exec
2014-01-16 12:44:26 -06:00
0922aef8d1
Update module description
2014-01-16 11:16:11 -06:00
wchen-r7