bd8177bf6c
Merge remote-tracking branch 'origin/pr/6284'
...
Land #6284 , fix for false negatives found in #6281
@wvu found some false negatives while testing a server for #6281
2015-11-30 16:09:42 -06:00
388edd3207
Fix the scheme for the pymet ProxyHandler
2015-11-30 13:45:24 -05:00
6483eca00a
Update payloads_spec for pymet stageless reverse http
2015-11-30 11:28:36 -05:00
9e2f795f64
Land #6290 , correctly override reverse_http Host
2015-11-30 09:56:28 -06:00
fba9715a56
Add stageless python meterpreter http & https payloads
2015-11-28 17:41:55 -05:00
59bd88ff70
msftidy
2015-11-27 16:45:52 -05:00
9c016343c7
Update to logic and reliability
...
Included support for Windows Defender
Rewrote logic to support hosts with multiple AV products installed
2015-11-27 16:41:40 -05:00
070a156925
-Recovrey +Recovery
2015-11-27 13:58:19 +01:00
0c8eb6fb37
Display ReverseListenerBindPort if it is set
...
ReverseListenerBindPort overrides LPORT if it is used. The `listener_uri`
method should use the output `bind_port` to account for this.
2015-11-27 09:16:20 +00:00
c888726a1a
Fix #6287 , check DisablePayloadHandler value in exploit.rb
...
It looks active_module datastore options are always strings. They
are actually different than what the module uses (normalized), so
we have to always have to check it.
2015-11-26 18:30:31 -06:00
e5119e6446
use payload_uri's result to derive lhost / lport
2015-11-26 15:21:51 -06:00
216119c05c
unfold override lhost/lport logic
2015-11-26 15:15:21 -06:00
1b495e73ac
Further reduce python reverse_http duplicate code
2015-11-26 14:31:00 -05:00
bd25ffa48c
Consolidate py reverse http uri code into a mixin
2015-11-26 13:32:50 -05:00
f4d35116bd
land #6288 , fix regression using non-default port with reverse_http
2015-11-26 11:04:24 -06:00
eb57163db6
Land #6285 , excellent new sound plugin scheme
2015-11-26 10:41:02 -06:00
d9655fc882
Use LPORT if opts[:lport] is undefined
...
`nil.to_i` returns 0 which will short circuit the || resulting in port 0
being used. nil should be checked for prior to casting to int.
2015-11-26 16:08:22 +00:00
87507e19a9
Change job view to show bind port if applicable
2015-11-26 16:18:00 +10:00
ecfcdbe875
rm extra "excellent"
2015-11-25 23:49:44 -06:00
920d8c6ad7
Land #6278 , wrong default option for RHOST
2015-11-26 06:49:25 +01:00
d44224142e
Update audio files
2015-11-25 23:41:18 -06:00
90fb3e0118
Land #6277 , jenkins domain cred recovery aux module
2015-11-25 22:58:43 -06:00
776455d10a
Add another sound and event
...
Add sound: "We've got a shell"
Add event on_session_fail
2015-11-25 22:46:51 -06:00
a7a89adfac
Land #6264 , meterpreter per-extension init string support, update payloads to 1.0.17
...
This brings in the following changes:
Changes to support maven 3.3+
Don't fall back to 0.0.0.0
Remove all debug builds from the Windows projects
Add show_mount, ps_list, and some core tweaks
Refactor TLV layout, add more debug output, token stealing
Add incognito binding, code tidies
Update packaged libs
Add transport list binding
Add transport add command to python binding
Update python core lib archive
change source perms back to non-executable
First pass of stageless initialisation script
Finalise stageless initialisation scripts
add BOOT_COMPLETED receiver that starts the Payload
Improve the implementation of the getuid command
Switch to Utils.runCommand per timwr's suggestion
Updated init script method
also bumps msgpack 0.7.1, which fixes a failure packing messages > 256k
2015-11-25 22:27:27 -06:00
78e306e281
s/Initialision/Initialization/
2015-11-25 22:07:25 -06:00
d984e5c781
update payload sizes
2015-11-25 22:04:52 -06:00
c8461bfb24
update to metasploit-payloads 1.0.17
2015-11-25 22:03:28 -06:00
7dc268d601
Land #6283 , increase the amount of space needed for ms08_067
2015-11-25 19:37:25 -06:00
af8c557fa9
Add the MP3s
2015-11-25 18:09:27 -06:00
fa32f43ee4
Muts says "Try harder!" or "Excellent" for the sounds plugin
...
With the sounds plugin, muts will say "excellent!" when a session
is received. If a session is terminated (either exited or lost),
muts will say "try harder!"
2015-11-25 18:06:58 -06:00
8fd2522a59
Land #6257 , @all3g's aux module for locating git repos over HTTP
2015-11-25 12:25:45 -08:00
a56571479f
Remove WmapScanServer mixin; not needed
2015-11-25 11:38:32 -08:00
2da9bb8578
Follow redirects in apache_userdir_enum
...
Found false negatives while testing a server for #6281 .
2015-11-25 13:27:06 -06:00
e56aa96a66
Land #6281 , TARGETURI/full_uri fixes
2015-11-25 13:15:50 -06:00
8f459de064
Fix tomcat_enum for full_uri
2015-11-25 11:28:56 -06:00
38a9efe4d6
Fix squiz_matrix_user_enum for full_uri
2015-11-25 11:28:53 -06:00
35ea8c3f74
relax space needed a bit less, work with Windows XP and 2k3
2015-11-25 11:25:57 -06:00
7d17c5741b
Fix nginx_source_disclosure for full_uri
2015-11-25 11:19:27 -06:00
035882702a
Fix barracuda_directory_traversal for full_uri
2015-11-25 11:18:17 -06:00
7a5f6495d0
Fix axis_local_file_include for full_uri
2015-11-25 11:16:59 -06:00
42d12a4d40
Fix apache_userdir_enum for full_uri
2015-11-25 11:16:22 -06:00
2a89a2bc9a
increase the amount of space needed for ms08_067
2015-11-25 07:13:16 -06:00
c09d8031c6
Remove default empty string
2015-11-25 12:19:16 +05:00
f9d3652e1a
Land #6282 , deprecated module cleanup
...
rm modules/exploits/windows/browser/adobe_flash_pixel_bender_bof.rb
2015-11-24 23:48:09 -06:00
6fbcb3d127
Land #6263 , add BisonWare BisonFTP Server Buffer Overflow
2015-11-24 22:55:15 -06:00
f57ebad0e6
Change hard tabs to spaces
2015-11-24 22:54:52 -06:00
9a7e51daec
Update bison_ftp_bof.rb
2015-11-25 11:47:21 +08:00
3d6e4068cb
Update bison_ftp_bof.rb
2015-11-25 11:17:07 +08:00
591da3c97e
Please use exploit/multi/browser/adobe_flash_pixel_bender_bof
...
Time to say goodbye to:
exploits/windows/browser/adobe_flash_pixel_bender_bof.rb
Please use:
exploit/multi/browser/adobe_flash_pixel_bender_bof
Reason: The replacement supports multiple platforms, so better.
2015-11-24 20:37:57 -06:00
a262c6bff5
Merge pull request #2 from jhart-r7/pr/fixup-6257
...
HTTP Git scanner for information disclosure in git repository.
2015-11-25 02:05:30 +00:00
Kyle Gray