adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a3912e49131b4628faab5424b17235754ac28817
metasploit-gs/lib/msf/core/exploit
T
History
RageLtMan a3912e4913 Provide disconnect option to send_request_cgi 
The HTTP client mixin provides a #send_request_cgi method which
forcibly disconnects the client after receiving a response. This
terminates certain types of resulting sessions which depend on the
connection from the client to maintain a subprocess housing the
shell invocation.

Provide a disconnect boolean option to #send_request_cgi which
is checked in the disconnect(c) call after receiving the response.

Testing:
  Locally tested on in-house exploit module written for disclosure
report.

TODO:
  Discuss possibility of implementing fully asynchronous methods
like #send_request_cgi_async which won't bother getting a response
for cases such as the module mentioned above which is a command
injection via unfiltered POST var.
2017-10-19 21:22:31 -04:00
..
cmdstager
Add prints and better checking to HTTP CmdStagers
2017-10-11 14:01:56 -05:00
format
Tweak module->class
2015-07-28 04:13:35 -07:00
http
Provide disconnect option to send_request_cgi
2017-10-19 21:22:31 -04:00
java/rmi
handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations
2017-01-22 10:20:03 -06:00
kerberos
handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations
2017-01-22 10:20:03 -06:00
local
powershell
Sync build_net_code post module upstream
2016-10-08 14:06:35 -05:00
remote
Land #7992, Improve Signature Evasions for browser exploits
2017-02-23 16:32:49 -06:00
smb
Fix small typos in comments
2017-05-28 14:40:33 -05:00
afp.rb
Fix grammer in comments
2015-04-13 13:21:41 +05:00
android.rb
Add support for native target in addjsif exploit.
2016-01-03 01:07:36 -06:00
arkeia.rb
auto_target.rb
fix autotargeting failure
2017-01-10 14:12:28 -06:00
browser_autopwn2.rb
Fix #8675, Add Cache-Control header, also meta tag for BAP2
2017-07-10 16:05:09 -05:00
browser_autopwn.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
brute.rb
brutetargets.rb
capture.rb
Make sure GATEWAY_PROBE_PORT is 0
2016-07-11 12:10:46 -05:00
cmdstager.rb
Update CmdStager with new toys
2016-12-30 00:56:02 -06:00
db2.rb
dcerpc_epm.rb
dcerpc_lsa.rb
dcerpc_mgmt.rb
dcerpc.rb
dect_coa.rb
dhcp.rb
Inconstancy - If datastore['VERBOSE'] vs vprint
2015-06-18 09:27:01 +01:00
dialup.rb
egghunter.rb
exe.rb
Add bypassuac_injection_winsxs.rb module
2017-06-03 12:59:50 +02:00
file_dropper.rb
Tidy code, remove regex and use comparison for platform checks
2016-10-29 13:41:20 +10:00
fileformat.rb
fmtstr.rb
Fix grammer in comments
2015-04-13 13:21:41 +05:00
fortinet.rb
Recreate Msf::Exploit::Remote::Fortinet
2016-02-29 15:04:02 -06:00
ftp.rb
Fix data_disconnect to shutdown only if datasocket
2016-09-05 15:54:26 -05:00
ftpserver.rb
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
gdb.rb
Implement first pass of architecture/platform refactor
2016-10-28 07:16:05 +10:00
imap.rb
ip.rb
ipv6.rb
java.rb
File.exists? must die
2016-04-21 00:47:07 -04:00
jsobfu.rb
Fix bug in js_obfuscate
2016-02-02 11:25:39 -06:00
kernel_mode.rb
local.rb
rm print_warning
2015-11-20 19:38:33 -06:00
mixins.rb
Put remaining consts in exploit mixin...
2016-07-27 17:43:29 -05:00
mssql_commands.rb
mssql_sqli.rb
Fix grammer in comments
2015-04-13 13:21:41 +05:00
mssql.rb
Land #7279, Use the rubyntlm gem (again)
2016-09-07 16:33:35 -05:00
mysql.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
ndmp_socket.rb
Add module for CVE-2017-8895, UAF in Backup Exec Windows agent
2017-05-24 00:18:20 +12:00
ndmp.rb
Fix grammer in comments
2015-04-13 13:21:41 +05:00
ntlm.rb
check if constant aliases are already set before setting
2016-09-22 07:12:42 -05:00
omelet.rb
oracle.rb
handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations
2017-01-22 10:20:03 -06:00
pdf_parse.rb
Fix grammer in comments
2015-04-13 13:21:41 +05:00
pdf.rb
Fix grammer in comments
2015-04-13 13:21:41 +05:00
php_exe.rb
Push up the preamble and modernize style
2017-02-02 17:57:03 -06:00
pop2.rb
postgres.rb
handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations
2017-01-22 10:20:03 -06:00
powershell.rb
tidy up a bit while we're in here
2017-05-14 21:27:38 -05:00
realport.rb
riff.rb
ropdb.rb
seh.rb
sip.rb
smtp_deliver.rb
Change tab into space to be standard compliant
2017-07-18 16:17:53 -05:00
smtp.rb
snmp.rb
ssh.rb
add a hard require to the ssh mixin
2016-08-22 09:56:07 -05:00
sunrpc.rb
Rex::Encoder::XDR conflicts with the XDR gem
2017-07-12 11:52:10 -05:00
tcp_server.rb
Respect SSLCipher in server mixins
2016-05-20 16:59:36 -05:00
tcp.rb
unify the SSLVersion fields between modules and mixins
2016-03-06 22:06:27 -06:00
telnet.rb
tftp.rb
Inconstancy - If datastore['VERBOSE'] vs vprint
2015-06-18 09:27:01 +01:00
tincd.rb
Cipher::Cipher is deprecated
2017-01-22 10:20:03 -06:00
tns.rb
udp.rb
Sort methods
2016-02-02 10:02:32 -06:00
vim_soap.rb
Fix #6085, NoMethodError in vim_soap.rb
2015-10-30 11:02:02 -05:00
wbemexec.rb
wdbrpc_client.rb
wdbrpc.rb
web.rb
windows_constants.rb
Put remaining consts in exploit mixin...
2016-07-27 17:43:29 -05:00
winrm.rb
replace old rex::ui::text::table refs
2016-08-10 13:30:09 -05:00