7e31c2cf76
Land #9942 , IPv6 channel fixes for Python and Linux/macOS Meterpreters
2018-04-30 15:14:12 -05:00
53da6ad8b9
Weekly dependency update
2018-04-30 08:06:54 -07:00
8164379f7a
Land #9908 , msfd_rce_remote and msfd_rce_browser
2018-04-28 00:33:48 -05:00
c4bca03fea
Land #9908 , msfd_rce_remote and msfd_rce_browser
2018-04-27 18:54:17 -05:00
82fc4aba64
Land #9918 , XDebug Unauthenticated OS command execution
2018-04-27 17:08:58 -05:00
f6f115396b
Land #9943 move super call in merge! so that it returns the proper value
2018-04-27 14:54:58 -05:00
ee2ad8affe
move super call in merge! so that it returns the proper value
2018-04-27 14:21:57 -05:00
8fd7448e48
bump payloads, ipv6 channel fixes
2018-04-27 14:18:54 -05:00
916b4b2261
Land #9936 , Narrow rescue scope to StandardError with database
2018-04-26 17:45:15 -05:00
d2725d9280
Land #9934 , change NoteDataService to raise RuntimeError
2018-04-26 17:44:28 -05:00
79d8f5e86c
autofilter = false means skip, which is reverse of intuition
2018-04-26 17:20:55 -05:00
54aaf1f718
Land #9937 , enable autofilter on tp-link camera exploit
2018-04-26 16:08:09 -05:00
4789cdc596
enable autofilter on tp-link camera exploit
2018-04-26 14:56:39 -05:00
0fa0358993
Land #9853 , Update Linux sock_sendpage local exploit module
2018-04-26 14:30:51 -05:00
c79e39377e
Narrow rescue scope to StandardError
2018-04-26 14:55:41 -04:00
67e7f917e7
Weekly dependency update
2018-04-26 10:05:16 -07:00
1aad9f0879
Revert NoteDataService to raise RuntimeError
2018-04-26 10:43:03 -04:00
dbdb35cf08
Land #9877 , Add kernel feature post API methods
2018-04-25 22:18:28 -05:00
fc83a130f8
Land #9885 , datastore fixes for stager retry code
2018-04-25 18:53:00 -05:00
31563a977c
use OO rather than duck typing for parameter copying
2018-04-25 18:41:14 -05:00
9bdba7e234
s/clone/ds/g
2018-04-25 18:35:45 -05:00
fdc11ac607
Land #9931 , minor fixes for #9876 (Drupalgeddon 2)
2018-04-25 18:14:12 -05:00
873cbcee27
Fix #9876 , minor updates to Drupalgeddon 2
...
1. Tested versions are already listed in the module doc, and we've
tested more than just 7.57 and 8.4.5 now. Removing a source of potential
inconsistency in the future.
2. No problem with ivars anymore. No idea what happened, but maybe I was
just too tired to code. Removing cleanup method.
2018-04-25 18:09:54 -05:00
eb79bc47f0
update module metadata
2018-04-25 17:09:39 -05:00
2487314821
Land #9869 , Add support for shellcode encryption for msfvenom
2018-04-25 15:51:05 -05:00
f52e6a18a2
Land #9876 , Drupalgeddon 2
2018-04-25 15:49:53 -05:00
644889a324
Add TurnKey Linux ISOs to module doc setup section
2018-04-25 14:32:26 -05:00
a5172e066d
Land #9926 , check remote data service before connecting
...
This PR adds a check prior to connecting to a remote data service
to verify it is online and returning expected data. This prevents
crashes that were occurring when unexpected responses were returned
2018-04-25 14:07:33 -05:00
b8eb7f2a86
Set target type instead of regexing names
...
We're no longer matching multiple targets like /In-Memory/ or /Dropper/,
so it makes sense to match on a specific value now.
Old matching in this commit: 1900aa2708
2018-04-25 11:53:26 -05:00
2cd0228db2
Land #9900 , add base64 encoder for ruby
2018-04-25 04:06:50 -05:00
d1fc112441
Land #9924 , Improve debug output in ETERNALBLUE's verify_arch
2018-04-25 03:57:52 -05:00
4cba6d1df4
suggest a reason if we get no server response
2018-04-25 03:57:12 -05:00
3eac989fb0
Land #9886 , ignore unused tags on host import
2018-04-25 03:41:55 -05:00
675ed78948
Update module doc with patch level detection
2018-04-24 23:30:05 -05:00
910e9337fb
Use print_good for patch level check, oops
2018-04-24 23:21:22 -05:00
b7ac16038b
Correct comment about PHP CLI (it's not our last!)
2018-04-24 23:18:51 -05:00
ec43801564
Add check for patch level in CHANGELOG.txt
...
Looks like 8.x has core/CHANGELOG.txt instead.
2018-04-24 23:12:33 -05:00
2ff0e597a0
Add SA-CORE-2018-002 as an AKA ref
...
Makes sense to me. Even though it's technically the advisory.
2018-04-24 22:51:33 -05:00
8bc1417c8c
Use PHP_FUNC as a fallback in case assert() fails
...
Additionally drop a file in a writable directory in case CWD fails.
2018-04-24 22:29:27 -05:00
e03ebf9446
Don't make a header out of tested version
...
Reads a little better now.
2018-04-24 21:06:38 -05:00
89c95cae08
Remove block quote and add version to sample run
...
The block quote was ripped directly from the module description. It
isn't necessary in the dedicated documentation. Reads better now.
2018-04-24 21:02:30 -05:00
8ff4407ca6
Clarify version detection error message
...
This was supposed to imply that we couldn't configure the exploit for a
targetable version. Instead, it just read weirdly. I think it was
missing "to target" at the end. "Determine" is a much better word,
though, since we may be doing detection instead of mere configuration.
2018-04-24 20:51:51 -05:00
1040713d30
Land #9925 , fix db_import for workspaces
2018-04-24 18:19:15 -05:00
43edf46c43
Fix set data service for no database YAML case
2018-04-24 18:34:16 -04:00
359ef27834
Narrow rescue scope to StandardError
2018-04-24 17:19:54 -04:00
f66029d129
Validate remote data service instance
...
Adds simple data service instance validation when registering and
setting a data service.
2018-04-24 16:54:10 -04:00
01dd79173b
Add data proxy and service for online check
2018-04-24 15:11:16 -04:00
0d284197cb
Add MsfServlet to host endpoint for online check
2018-04-24 15:01:17 -04:00
e5513409db
Include :workspace in db_import opts
2018-04-24 13:53:55 -05:00
c81ad8fec0
Changes after review
2018-04-24 18:33:27 +02:00
Brent Cook