1d6524b4d9
Revert #4593 , msftidy extraneous comma check
...
Fixes #4626 by ignoring the problem identified.
This reverts commit 7c3378b2e6cb0257bec7
2015-01-22 14:28:27 -06:00
980a010e15
Land #4627 , explicit rubygems require fix
...
And a couple extraneous comma fixes.
2015-01-22 13:49:31 -06:00
bd06b48b30
Extra commas.
2015-01-22 13:45:08 -06:00
2e606cd097
Don't require rubygems
2015-01-22 13:44:58 -06:00
75e04705d5
Land #4624 , Firefox 33-35 os.js support
2015-01-22 13:35:47 -06:00
0612e1906a
Land #4614 , {32,64}-bit Registry access
2015-01-22 13:25:51 -06:00
e46395f592
Land #4596 , @pdeardorff-r7's memcached extractor
2015-01-22 08:00:19 -08:00
1cdcd3ccfa
Use a more consistent format in Rex table and loot for memcache
2015-01-22 07:59:48 -08:00
e7c21f3205
Land #4503 , @m7x's post module for extracting McAfee VSE hashes
2015-01-21 20:44:41 -08:00
9cc58a8d69
Lastly, rename the file so that it is specific to McAfee VSE
2015-01-21 20:44:34 -08:00
683a541064
Tighten up prints to make it specific to VSE, not McAfee in general
2015-01-21 20:33:54 -08:00
52be3d80b7
Minor ruby style cleanup
2015-01-21 20:27:38 -08:00
ceed293969
Remove unnecessary requires
2015-01-21 20:23:03 -08:00
b61538e980
Land #4291 , @headlesszeke's module for ARRIS VAP2500 command execution
2015-01-21 20:52:31 -06:00
33195caff2
Mark compatible payloads
2015-01-21 20:52:04 -06:00
500d7159f1
Use PAYLOAD instead of CMD
2015-01-21 20:49:05 -06:00
f37ac39b4c
Split exploit cmd vs exploit session
2015-01-21 20:46:37 -06:00
e1d1ff17fd
Change failure code
2015-01-21 20:38:33 -06:00
169052af5c
Use cookie option
2015-01-21 20:37:38 -06:00
5bfb88d55c
Update os.js to detect newer firefox versions.
2015-01-21 16:12:17 -06:00
65805d43d7
Land #4612 , @wez3's suggestion to bump the Outlook gather time
2015-01-21 13:28:06 -08:00
f73052710d
Correct recent msftidy change in outlook gather
2015-01-21 13:27:48 -08:00
46a0ec8a68
Make timeout for Powershell scripts configurable
2015-01-21 13:24:43 -08:00
cf7555447c
Land #4621 , msftidy whitelist constant
...
Now I'm happy... almost.
2015-01-21 14:03:39 -06:00
bbe9fc208e
Update formatting (80 columns)
...
Piped to fmt -78 to account for the indent.
2015-01-21 14:01:44 -06:00
264adf14d1
Add 'tnftp' software to the title whitelist
2015-01-21 11:52:39 -06:00
efebaae251
Make the title whitelist a constant
2015-01-21 11:50:50 -06:00
a52f491d81
Land #4615 , stopgap fix for module load race
2015-01-21 07:39:07 -06:00
2f4ad9716c
Lands #4618 , clarifies error message in msfvenom
2015-01-21 00:33:36 -06:00
1dafedf23b
Clarify no encoder/badchars specified
2015-01-21 00:26:42 -06:00
d7cb1c5710
Lands #4617 , fixes msfvenom output with no encoder.
2015-01-21 00:26:30 -06:00
4cc027c4c1
Move "found" message to a saner location
...
Thanks to Peleus for the idea.
2015-01-20 23:58:12 -06:00
5954e2300f
updates based on feedback
...
Add documentation to the view constants.
Use include? rather than regexes
2015-01-20 16:57:49 -06:00
9017aa0f6b
Avoid magic number to make @wvu marginally happier
2015-01-20 16:29:59 -06:00
e88c4f1587
Switching from if mod.nil? to unless mod
...
Because it reads nicer, though `mod` will never be `FalseClass`
2015-01-20 16:21:00 -06:00
63c66f66a0
Add a second_chance on cmd_use
...
This is a weak attempt to solve a race condition between modules loading
and cmd_use being fired. Upon startup, saved configurations, running
resource scripts, and running commands will sometimes jump ahead of the
module loading procedure.
I have not discovered where the race actually is and how to cause the
race to happen. However, the timing seems to be fairly close to a second;
by waiting three seconds after trying use again, we seem to be in the
clear, at least according to testing.
Fixes #4549 , but better solutions are welcome!
2015-01-20 15:46:29 -06:00
a42cc2ef1f
add support for specifying 32 or 64-bit registry access
...
This adds an extra parameter to most of the post/windows/registry
methods called 'view' that specifies if a registry key should be
accessed as a native process, 32-bit or 64-bit.
Support is added to both the Meterpreter and command-line backends. For
the command backend, a lot of boilerplate is removed from each method in
favor of a few shared commands. There is an error hash that never gets
used, so I removed it as well.
This passes the post/test/registry module with meterpreter, but fails
the command line backend. However, it fails in the same way without
these changes (tested on Windows 8), so I suspect that the command line
session was already not working well, at least with newer versions of
Windows. I might look into figuring out how to fix that, but it looks
pretty fragile to me, parsing for english phrases in the output.
2015-01-20 15:26:59 -06:00
0d4d06fb83
Print table for all scans, add preview size option
2015-01-20 11:12:47 -08:00
f593c7d79a
Merge pull request #1 from jhart-r7/landing-4596-jhart
...
Improvements to memcached gather module
2015-01-20 09:08:35 -08:00
f1bf607386
Minor Ruby style cleanup
2015-01-20 08:47:47 -08:00
ef89a3d323
Add protocol reference
2015-01-20 08:34:08 -08:00
9c97824d5c
Move MAXKEYS to advanced
2015-01-20 08:28:49 -08:00
9d430eb1d5
Use the simpler 'version' command to get the version
2015-01-20 08:16:22 -08:00
6588f92206
Move rex connection errors to vprint since this is a Scanner
2015-01-20 08:11:09 -08:00
10100df054
report_service
2015-01-20 08:09:35 -08:00
b0bbce1190
Include peer in most prints
2015-01-20 08:00:02 -08:00
94fda6e617
Land #4600 , jvazquez-r7's Linux meterpreter bins
2015-01-20 09:38:35 -06:00
bd0a20a717
Update outlook.rb execute_script time_out
...
I have been using the script in real life cases which have bigger e-mailboxes then in the testing environment. Because of execute_script default time_out no results return, as the powershell scripts run longer then 15 seconds. Changed the timeout to 120.
2015-01-20 11:16:37 +01:00
0b6c324660
Land #4611 , add Hathaway's password
2015-01-19 22:06:24 -06:00
76746eb209
New password from Hathaway
2015-01-19 21:45:47 -06:00
Tod Beardsley