adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
26,077 Commits 27 Branches 1,043 Tags
db345fcb587a577fc035eada43479ad1bde3e007
Commit Graph

817 Commits

Author SHA1 Message Date
Trevor Rosen bebf11c969 Resolves some Login::Status migration issues 
MSP-10730
 2014-07-16 21:52:08 -05:00
David Maloney aeda74f394 Merge branch 'master' into staging/electro-release 
Conflicts:
	Gemfile
	Gemfile.lock
 2014-07-07 16:41:23 -05:00
Spencer McIntyre 748589f56a Make cmdstager flavor explicit or from info 
Every module that uses cmdstager either passes the flavor
as an option to the execute_cmdstager function or relies
on the module / target info now.
 2014-06-28 17:40:49 -04:00
David Maloney b680674b95 Merge branch 'master' into staging/electro-release 2014-06-27 11:55:57 -05:00
Spencer McIntyre 219153c887 Raise NotImplementedError and let :flavor be guessed 2014-06-27 08:34:56 -04:00
jvazquez-r7 870fa96bd4 Allow quotes in CmdStagerFlavor metadata 2014-06-27 08:34:56 -04:00
jvazquez-r7 91e2e63f42 Add CmdStagerFlavor to metadata 2014-06-27 08:34:55 -04:00
jvazquez-r7 9e413670e5 Include the CMDStager 2014-06-27 08:34:55 -04:00
jvazquez-r7 d47994e009 Update modules to use the new generic CMDstager mixin 2014-06-27 08:34:55 -04:00
jvazquez-r7 8bf36e5915 AutoDetection should work 2014-06-27 08:34:55 -04:00
jvazquez-r7 7ced5927d8 Use One CMDStagermixin 2014-06-27 08:34:55 -04:00
Spencer McIntyre 2a442aac1f No long needs to extend bourne, and specify a flavor. 2014-06-27 08:34:55 -04:00
Spencer McIntyre 1a392e2292 Multi-fy the hyperic_hq_script_console exploit. 2014-06-27 08:34:55 -04:00
Spencer McIntyre ae25c300e5 Initial attempt to unify the command stagers. 2014-06-27 08:34:55 -04:00
jvazquez-r7 191c871e9b [SeeRM #8815] Dont try to exploit when generate_payload_exe fails 2014-06-20 14:07:49 -05:00
David Maloney 2b0bb608b1 Merge branch 'master' into staging/electro-release 2014-06-18 10:49:58 -05:00
Christian Mehlmauer 8e1949f3c8 Added newline at EOF 2014-06-17 21:03:18 +02:00
OJ b710014ece Land #3435 -- Rocket Servergraph ZDI-14-161/162 2014-06-17 18:06:03 +10:00
James Lee 4b78f0ad7c Merge branch 'feature/MSP-9723/glassfish_deployer' into staging/electro-release 2014-06-13 16:11:14 -05:00
David Maloney 96e492f572 Merge branch 'master' into staging/electro-release 2014-06-12 14:02:27 -05:00
HD Moore 0bac24778e Fix the case statements to match platform 2014-06-11 15:22:55 -05:00
HD Moore d5b32e31f8 Fix a typo where platform was 'windows' not 'win' 
This was reported by dracu on freenode
 2014-06-11 15:10:33 -05:00
William Vu af04d5dd05 Use the new hash syntax for consistency 2014-06-10 12:54:35 -05:00
William Vu 00fcdc25f2 Use getaddress on rhost 2014-06-10 12:50:53 -05:00
William Vu 384b65b3ec Refactor glassfish_deployer creds 2014-06-09 15:40:26 -05:00
David Maloney 8e35f5fa12 username and password flipped 
we reported the username as the password
and vice versa
 2014-06-09 13:45:12 -05:00
jvazquez-r7 e4d14194bb Add module for Rocket Servergraph ZDI-14-161 and ZDI-14-162 2014-06-08 11:07:10 -05:00
David Maloney da09a2725b we need the service data in the login! 
ooopsie #2
 2014-06-06 10:51:12 -05:00
David Maloney a84980fa9d login creation was missing! 2014-06-05 13:56:08 -05:00
David Maloney 62866374b8 refactor tomcat_mgr_deploy 2014-06-04 16:22:22 -05:00
David Maloney f22447f91e refactor tomcat_mgr_upload 2014-06-04 16:07:57 -05:00
William Vu 53ab2aefaa Land #3386, a few datastore msftidy error fixes 2014-05-29 10:44:37 -05:00
William Vu 8a2236ecbb Fix the last of the Set-Cookie msftidy warnings 2014-05-29 04:42:49 -05:00
William Vu 352e14c21a Land #3391, all vars_get msftidy warning fixes 2014-05-26 23:41:46 -05:00
Christian Mehlmauer da0a9f66ea Resolved all msftidy vars_get warnings 2014-05-25 19:29:39 +02:00
Christian Mehlmauer df97c66ff5 Fixed check 2014-05-24 00:37:52 +02:00
Christian Mehlmauer 8d4d40b8ba Resolved some Set-Cookie warnings 2014-05-24 00:34:46 +02:00
Tod Beardsley efffbf751a PHP module shouldnt zap CMD option (@wchen-r7) 
As far as I can tell, there is no purpose for this cleanup. No other CMD
exec module takes pains to clear out CMD after run, and it looks like a
bad idea -- what happens when you rexploit?
 2014-05-23 15:09:18 -05:00
Christian Mehlmauer df4b832019 Resolved some more Set-Cookie warnings 2014-05-13 22:56:12 +02:00
Jeff Jarmoc 638ae477d9 Fix up spec. Rex::Proto::Http::ClientRequest handles & and = outside of Rex::Text::uri_encode, so mode doesn't affect them. 
Fix erroneous typo char.
 2014-05-12 12:10:30 -05:00
Jeff Jarmoc 5f523e8a04 Rex::Text::uri_encode - make 'hex-all' really mean all. 
'hex-all' encoding was previously ignoring slashes.
This pull adds 'hex-noslashes' mode which carries forward the previous functionality, and replaces all existing references to 'hex-all' with 'hex-noslashes'  It then adds a replacement 'hex-all' mode, which really encodes *ALL* characters.
 2014-05-12 11:26:27 -05:00
Christian Mehlmauer dee6b53175 fix java payload struts module 2014-05-10 00:19:40 +02:00
jvazquez-r7 38f3a19673 Try to beautify description 2014-05-09 14:35:06 -05:00
Christian Mehlmauer 43a85fc645 additional GET parameters 2014-05-09 21:21:04 +02:00
Christian Mehlmauer ad83921a85 additional GET parameters 2014-05-09 21:15:28 +02:00
Christian Mehlmauer 53fde675e7 randomize meh parameter 2014-05-09 10:38:19 +02:00
Christian Mehlmauer a3fff5401f more code cleanup 2014-05-08 23:05:41 +02:00
Christian Mehlmauer e7b7af2f75 fixed apache struts module 2014-05-08 22:15:52 +02:00
Tod Beardsley 3536ec9a74 Description update 2014-05-05 13:43:44 -05:00
Christian Mehlmauer 073adc759d Land #3334, fix author by @julianvilas 2014-05-04 21:30:53 +02:00