fb19ec1005
Merge branch 'rapid7' into feature/stage_encoding
2013-01-14 15:20:23 -06:00
347cc3f879
Merge branch 'bug/rm7680-psexec_command-convert-nil-into-integer' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-bug/rm7680-psexec_command-convert-nil-into-integer
2013-01-14 15:12:43 -06:00
a89db93891
psexec_command - Unable to execute specified command: can't convert nil into Integer
...
Patched as described in Redmine bug #7680
2013-01-14 15:54:40 -05:00
c6c59ace46
final cleanup
2013-01-14 20:53:19 +01:00
5ecb0701ea
Merge branch 'freesshd_authbypass' of https://github.com/danielemartini/metasploit-framework into danielemartini-freesshd_authbypass
2013-01-14 20:52:45 +01:00
702638a6a3
final cleanup
2013-01-14 17:36:24 +01:00
b0a339708d
Merge branch 'w3totalcache' of https://github.com/FireFart/metasploit-framework into FireFart-w3totalcache
2013-01-14 17:35:48 +01:00
b11fd48b05
implemented juans feedback
2013-01-14 17:06:52 +01:00
8b85f7d977
fix msftidy
2013-01-14 14:55:53 +01:00
0acbcfd964
fix url path
2013-01-14 14:39:50 +01:00
c17ee70e66
Use target_uri for the wordpress url
2013-01-14 14:34:34 +01:00
b3b68c1b90
Make stage encoding possible
...
* Fixes a bug in shikata where input greater than 0xffff length would
still use 16-bit counter
* Short circuits finding bad xor keys if there are no bad characters to
avoid
* Fixes huge performance issue with large inputs to xor-based encoders
due to the use of String#+ instead of String#<< in a loop. It now
takes ~3 seconds on modern hardware to encode a 750kB buffer with
shikata where it used to take more than 10 minutes. The decoding side
takes a similar amount of time and will increase the wait between
sending the second stage and opening a usable session by several
seconds.
I believe this addresses the intent of pull request 905
[See #905 ]
2013-01-13 21:07:39 -06:00
0c95938b1d
Added a request to force db caching
2013-01-13 20:12:37 +01:00
04fe1dae11
Added module for Freesshd Authentication Bypass (CVE-2012-6066)
...
This module works against FreeSSHD <= 1.2.6. Tested against
password and public key authentication methods. It will generate
a random key and password.
To use it you need to know a valid username. The module contains
a basic bruteforce methods, so you can specify more than one to try.
2013-01-13 17:08:04 +01:00
27f100d37c
fix email
2013-01-12 14:24:29 +01:00
d36c966931
spaces
2013-01-12 14:22:38 +01:00
93b5980210
fix
2013-01-12 14:13:54 +01:00
0b8094eb5d
w3_total_cache
2013-01-12 14:09:59 +01:00
0b130e49e7
Squashed commit of the following:
...
commit 1beebe758cCloses #1295 ]
2013-01-11 19:02:06 -06:00
ef6eec949c
Move impersonate_ssl
...
To 'gather', because it grabs stuff, not scans.
2013-01-11 17:22:27 -06:00
4adf429c31
Adds one more ref
2013-01-11 01:33:26 -06:00
23ef8280be
Merge branch 'java_0day_refs' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-java_0day_refs
...
Conflicts:
modules/exploits/multi/browser/java_jre17_jmxbean.rb
2013-01-11 01:33:11 -06:00
6471a70053
Pass the X-HTTP-Method-Override parameter for compat
2013-01-10 20:27:13 -06:00
e709811c5a
CVE update
2013-01-10 19:51:04 -06:00
2c05af721c
module also updated with refs
2013-01-11 00:57:05 +01:00
6a7f8758e0
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-01-11 00:14:22 +01:00
8c5847a13c
Make output compatible with an scanner module
2013-01-11 00:10:15 +01:00
9c652d1d55
Add a note about ruby 1.9 requirements
2013-01-10 17:10:03 -06:00
0e950997e6
Merge branch 'wordpress-pingback-access' of https://github.com/smilingraccoon/metasploit-framework into smilingraccoon-wordpress-pingback-access
2013-01-10 23:57:22 +01:00
c89b2b2ec6
Once more, with feeling
2013-01-10 15:29:54 -06:00
7fd3440c1a
Fix hd's attempt to rename ruby payloads
2013-01-10 15:25:50 -06:00
4fcb8b6f8d
Revert "Rename again to be consistent with payload naming"
...
This reverts commit 0fa2fcd811
2013-01-10 15:24:25 -06:00
0fa2fcd811
Rename again to be consistent with payload naming
2013-01-10 14:16:37 -06:00
88b08087bf
Renamed and made more robust
2013-01-10 14:05:29 -06:00
0c58a118ff
Found the issue I believe, fixed two issues. One with 301/302 responses getting a bad URI due to switch from ip to dns in location header and other from res.to_s rather than res.body being passed to regex
2013-01-10 11:32:48 -05:00
fc5a0e22b2
stupid push, forgot to remove test puts
2013-01-10 10:43:57 -05:00
ed9d290a85
added status messages, made var blog_posts initalize as nil rather than empty string
2013-01-10 10:41:25 -05:00
5bafd6ddcc
added status message
2013-01-10 09:43:37 -05:00
ea000d6ee0
updated authors
2013-01-10 20:48:54 +01:00
876d889d82
added exploit for j7u10 0day
2013-01-10 20:30:43 +01:00
3b491ab998
Change charlisome in the list of authors to charliesome
2013-01-10 16:12:07 +01:00
42ea64c21b
Merge in Rails2 support now that its in master
2013-01-10 02:14:08 -06:00
0b74f98946
Rescue errors and update credits
2013-01-10 01:06:46 -06:00
e05f4ba927
Thread wrappers were causing instant session closure
2013-01-10 00:41:58 -06:00
1e94b090e7
The __END__ trick is no longer needed
2013-01-10 00:29:11 -06:00
acabc14ec3
This restores functionality across all rails 3.x
2013-01-10 00:28:12 -06:00
0e92de8f61
This works against a wider range of RoR 3.x targets
2013-01-10 00:10:26 -06:00
5e7a4f154e
Fix platform/arch
2013-01-09 23:24:37 -06:00
e15c731651
Clarify credit
2013-01-09 23:22:40 -06:00
4c1e501ed0
Exploit for CVE-2013-0156 and new ruby-platform modules
2013-01-09 23:10:13 -06:00
James Lee