f096c3bb99
Land #6821 Fix send_request_cgi! redirection
2016-05-05 09:09:30 -05:00
55b38ad089
Land #6398 , content length header
...
lands wei's content length header pr
2016-05-04 11:53:46 -05:00
e7ff4665e1
Bump version of framework to 4.11.26
2016-05-04 09:44:18 -07:00
4c9eba333e
Land #6753 , MSF-side support for reverse port forwards
...
Huge thanks to @OJ for making this happen.
Tested targets Win7,10,2008,2012
Tested payloads Win32 native, Win64 native, python
2016-05-04 07:39:05 -04:00
7490ab1c78
Bump version of framework to 4.11.25
2016-05-03 17:09:07 -07:00
60f81a69ea
Remove the pfservice close call on shutdown
2016-05-03 12:03:37 +10:00
d136844d3b
Add error handling around double-bind of ports
2016-05-03 10:42:41 +10:00
ffc91a193c
Fix #6841 , info -d [module path] not spawning module documentation
...
Fix #6841
2016-05-02 14:23:29 -05:00
be363411de
Land #6317 , Add delay(with jitter) option to auxiliary scanner and portscan modules
2016-05-02 13:09:40 -05:00
3b893cf740
Merge pull request #6581 from bcook-r7/uuidretry
...
don't send a response on invalid UUID, allow stagers to survive another day
2016-05-02 11:23:02 -05:00
d4f1c78c5c
Bump version of framework to 4.11.24
2016-04-29 13:38:06 -07:00
20ec56d06a
Do not parse empty web_sites
...
MS-255
2016-04-28 13:17:03 -05:00
5a4e70fdf0
Fixes indentation in check_msf_xml_version!
...
MS-255
2016-04-28 13:17:02 -05:00
f4f607d815
Correct comments to use Nokogiri::XML::Element
...
MS-255
2016-04-28 13:17:02 -05:00
56fd5a745e
Do not parse element if empty
...
MS-255
2016-04-28 13:17:02 -05:00
050061762b
Fix db_manager rspec tests
...
MS-255
2016-04-28 13:17:02 -05:00
0e568674d7
Add comments on parse functions
...
MS-255
2016-04-28 13:17:01 -05:00
0759848ad5
Use Nokogiri Reader in zip import
...
MS-255
2016-04-28 13:17:01 -05:00
83ff60c111
Force encoding on import xml
...
MS-255
2016-04-28 13:17:01 -05:00
e4fcaefc8c
Unpack and pack an unsigned integer per 8 bytes
...
MS-255
2016-04-28 13:17:01 -05:00
e6a8d69b0b
Force encoding of XML import
...
MS-255
2016-04-28 13:17:00 -05:00
f1d8e1d693
Parse web_data in xml import
...
MS-255
2016-04-28 13:17:00 -05:00
802dfabbe3
Converts XML importer to use Nokogiri Reader
...
MS-255
2016-04-28 13:17:00 -05:00
d4b89edf9c
Fix #6398 , Missing Content-Length header in HTTP POST
...
RFC-7230 states that a Content-Length header is normally sent in
a POST request even when the value (length) is 0, indicating an
empty payload body. Rex HTTP client failed to follow this spec,
and caused some modules to fail (such as winrm_login).
Fix #6398
2016-04-28 11:44:10 -05:00
c15a2e8787
Merge branch 'upstream/master' into reverse-port-forward
...
Signed-off-by: OJ <oj@buffered.io >
2016-04-26 09:48:40 +10:00
47d52a250e
Fix #6806 and #6820 - Fix send_request_cgi! redirection
...
This patch fixes two problems:
1. 6820 - If the HTTP server returns a relative path
(example: /test), there is no host to extract, therefore the HOST
header in the HTTP request ends up being empty. When the web
server sees this, it might return an HTTP 400 Bad Request, and
the redirection fails.
2. 6806 - If the HTTP server returns a relative path that begins
with a dot, send_request_cgi! will literally send that in the
GET request. Since that isn't a valid GET request path format,
the redirection fails.
Fix #6806
Fix #6820
2016-04-25 14:30:46 -05:00
f28d280199
Land #6814 , move stdapi to exist?
2016-04-24 13:41:11 -04:00
12a47b7fab
prefer &&
2016-04-24 11:56:32 -04:00
194a84c793
Modify stdapi so it also uses exist? over exists? for ruby parity
...
Also add an alias for backward compatibility.
2016-04-23 17:31:22 -04:00
45961f75d4
Fix the payload size updater for MetasploitModule
2016-04-23 11:38:42 -04:00
9713124e54
Land #6802 , resolve command for Meterpreter
2016-04-22 17:18:31 -05:00
7f8491149f
Fix minor whitespace issues
2016-04-22 17:18:10 -05:00
d70dcbf4a4
Bump version of framework to 4.11.23
2016-04-22 09:34:10 -07:00
c1a64b1f6f
fix: issues/6803 - info command references bug
2016-04-22 15:14:35 +08:00
540409e735
Add resolve to the meterpreter command line
...
I'm aware that this already exists as a post module, but there's nothing more annoying than having to bail out of Meterpreter, use the right module, set up the host list, etc all to just fire off a one-liner.
So this commit adds the command directly to Meterpreter's command line so that you don't have to do all that. This doesn't support specifying a file with the hosts in it (the post module does that). This is intended for quick resolution of particular hosts quickly.
2016-04-22 13:21:19 +10:00
98f89ca23a
Land #6794 , Fixed yard doc errors
2016-04-21 13:16:45 -05:00
6cb93f2af2
Make yard doc ignore @probe
2016-04-21 13:15:58 -05:00
5e36a3128c
Fix #5197 , Fixed yard doc errors
...
Fix #5197 Fixed issues that caused errors during yard doc generation
2016-04-21 13:06:00 -05:00
57ab974737
File.exists? must die
2016-04-21 00:47:07 -04:00
6b3326eab2
Land #6707 , support for LURI handler
2016-04-20 16:26:07 -05:00
3b280d45a4
fix some yardoc issues
2016-04-18 21:00:21 +02:00
fd603102db
Land #6765 , Fixed SQL error in lib/msf/core/exploit/postgres
2016-04-18 10:44:20 -07:00
4c0a53a809
replace 'and' with '&&'
2016-04-18 08:26:02 -05:00
555352b210
Force lurl string duplication to avoid stageless issues
...
I have NO idea why this is even a problem. Mutating state is the spawn of satan.
2016-04-18 08:25:19 -05:00
a74a7dde55
More fixies for LURI in Python, and native too
2016-04-18 08:25:19 -05:00
b95267997d
Fix LURI support for stageless, transport add/change and code tidies
2016-04-18 08:24:41 -05:00
63e478c826
fix sessions -l bug
2016-04-18 08:21:50 -05:00
a45d0aed53
show LURI in new connection log message
2016-04-18 08:21:50 -05:00
7eda08aa2e
windows/x64 support
2016-04-18 08:16:35 -05:00
1e16804c63
size considerations for LURI, stageless
2016-04-18 08:16:35 -05:00
dmohanty-r7