This patch includes the following changes:
* Instead of the uploadFile action, this patch uses uploadImageCommon
to be able to support both Advantech WebAccess builds: 2014 and
2015.
* It uses an explicit check instead of the passive version check.
* It cleans up the malicious file after getting a session.
* Added module documentation to explain the differences between
different builds of Advantech WebAccess 8.0s, and 8.1.
Fix#6872
This exploit module allows a user with credentials to execute JCL on a
vulnerable mainframe system running z/OS and an appropriately configured
FTP server.
When using shell_to_meterpreter via a pivot, the LHOST input's format
might be invalid. This is kind of a design limitation, so first we
check the input, and there is a module doc to go with it to explain
a workaround.
Fix#5191
commit 7f659547b3b5d8de34a1e4b136b5e899ae7878da
Author: Tod Beardsley <todb@metasploit.com>
Date: Mon Dec 1 07:54:53 2014 -0600
Add a pointer to true and correct docs
See #4000. Seems kind of pointless to ship all these bytes when we host
everything on GitHub and provide tools to generate docs yourself.
commit 01668c8529454ffb0438aadef62eafb5045503ce
Author: Tod Beardsley <todb@metasploit.com>
Date: Mon Dec 1 07:39:11 2014 -0600
Remove old documentation
The last significant commit in this directory was a844b5c3 , which
touched a sample browser module. Before that, changes were either
ranging across the codebase, or surgical removal of out of date
documentation.
This all is looking to me like fairly useless historical artifacts.
See #4000 for more discussion.
This commit changes how os_name and os_flavor are handled
for client-side exploits, matching recent changes to the
server-side exploits and scanner fingerprints.
This commit also updates the client-side fingerprinting to
take into account Windows 8.1 and IE 9, 10, and 11.
[#45771305]
MetasploitDataModels 0.6.1 adds a re-usable yard.rake so that all
Metasploit project don't have to define their own. It also adds guards
so that the YARD tasks aren't defined (and don't cause errors) if YARD
is not available.
This also adds support for making the Rakefile work with `bundle install
--without development test` so it still functions in the bundle building
environment for Pro.
This switches the Metasploit Framework to a Rails 3 backend. If you run
into new problems (especially around Active Record or your postgresql
gem) you should try first updating your Ruby installation to 1.9.3 and
use a more recent 'pg' gem.
If that fails, we'd love to see your bug report (just drop all the
detail you can into an issue on GitHub). In the meantime, you can
checkout the rails2 branch, which was branched from master immediately
before this cutover.
Squashed commit of the following:
commit 5802ec851580341c6717dfea529027c12678d35f
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 23:30:12 2012 -0500
Enable MSF_BUNDLE_GEMS mode by default (set to N/F/0 to disable)
commit 8102f98dce9eb0c73c4374e40dce09af7b51d060
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 23:30:03 2012 -0500
Add a method to expand win32 file paths
commit bda6479d154cf75572dd5de8b66bfde661a55de9
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 18:53:44 2012 -0500
Fix 1.8.x compatibility
commit 101ce4eb17bfdf755ef8c0a5198174668b6cd6fd
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 18:40:59 2012 -0500
Use verbose instead of stringio
commit 5db467ffb593488285576d183b1662093e454b3e
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 18:30:06 2012 -0500
Hide the iconv warning, were stuck with it due to EBCDIC support
commit 63b9cb20eb6a61daf4effb4c8d2761c16ff0c4e0
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 18:29:58 2012 -0500
Dont use GEM_HOME by default
commit ca49271c22c314a4465fff934334df18c704cbc0
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 18:23:34 2012 -0500
Move Gemfile to root (there be dragons, lets find them) and catch failed bundler loads
commit 34af04076a068e9f60c5526045ddbba5fca359fd
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 18:18:29 2012 -0500
Fallback to bundler when not running inside of a installer env
commit ed1066a4f3f12fae7d4afc03eb1ab70ffe2f9cf3
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 16:26:55 2012 -0500
Remove a mess of gems that were not actually required
commit 21290a73926809e9049a59359449168f740d13d2
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 15:59:10 2012 -0500
Hack around a gem() call that is well-intentioned but an obstacle in this case
commit 8e414a8bfab9641c81088d22f73033be5b37a700
Author: Tod Beardsley <todb@metasploit.com>
Date: Sun Apr 15 15:06:08 2012 -0500
Ruby, come on. Ducktype this. Please.
Use interpolated strings to get the to_s behavior you don't get with
just plussing.
commit 0fa92c58750f8f84edbecfaab72cd2da5062743f
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 15:05:42 2012 -0500
Add new eventmachine/thin gems
commit 819d5e7d45e0a16741d3852df3ed110b4d7abc44
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 15:01:18 2012 -0500
Purge (reimport in a second)
commit ea6f3f6c434537ca15b6c6674e31081e27ce7f86
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 14:54:42 2012 -0500
Cleanup uncessary .so files (ext vs lib)
commit d219330a3cc563e9da9f01fade016c9ed8cda21c
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 14:53:02 2012 -0500
PG gems built against the older installation environment
commit d6e590cfa331ae7b25313ff1471c6148a6b36f3b
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 14:06:35 2012 -0500
Rename to include the version
commit a893de222b97ce1222a55324f1811b0262aae2d0
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 13:56:47 2012 -0500
Detect older installation environments and load the arch-lib directories into the search path
commit 6444bba0a421921e2ebe2df2323277a586f9736f
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 13:49:25 2012 -0500
Merge in windows gems
commit 95efbcfde220917bc7ee08e6083d7b383240d185
Author: Tod Beardsley <todb@metasploit.com>
Date: Sun Apr 15 13:49:33 2012 -0500
Report_vuln shouldn't use :include in finder
find_or_create_by doesn't take :include as a param.
commit c5f99eb87f0874ef7d32fa42828841c9a714b787
Author: David Maloney <DMaloney@rapid7.com>
Date: Sun Apr 15 12:44:09 2012 -0500
One more msised Mdm namespace issue
commit 2184e2bbc3dd9b0993e8f21d2811a65a0c694d68
Author: David Maloney <DMaloney@rapid7.com>
Date: Sun Apr 15 12:33:41 2012 -0500
Fixes some mroe Mdm namespace confusion
Fixes#6626
commit 10cee17f391f398bb2be3409137ff7348c7a66ee
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 03:40:44 2012 -0500
Add robots gem (required by webscan)
commit 327e674c83850101364c9cca8f8d16da1de3dfb5
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 03:39:05 2012 -0500
Fix missing error checks
commit a5a24641866e47e611d7636a3f19ba3b3ed10ac5
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 01:15:37 2012 -0500
Reorder requires and add a method for injecting a new migration path
commit 250a5fa5ae8cb05807af022aa4168907772c15f8
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 00:56:09 2012 -0500
Remove missing constant (use string) and add gemcache cleaner
commit 37ad6063fce0a41dddedb857fa49aa2c4834a508
Merge: d47ee82 4be0361
Author: Tod Beardsley <todb@metasploit.com>
Date: Sun Apr 15 00:40:16 2012 -0500
Merge branch 'master-clone' into rails3-clone
commit d47ee82ad7e66de53dd3d3a65649cc37299a2479
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 00:30:03 2012 -0500
cleanup leftovers from gems
commit 6d883b5aa8a3a7ddbcde5bfd4521d57c5b30d3c2
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Apr 15 00:25:47 2012 -0500
MDM update with purged DBSave module
commit 71e4f2d81f6da221b76150562a16c730888f5925
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Apr 14 23:19:37 2012 -0500
Add new mdm
commit 651cd5adac8211d65e0c8079371d8264e549533a
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Apr 14 23:19:13 2012 -0500
Update mdm
commit 0191a8bd0acec30ddb2a9e9c291111a12378537f
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Apr 14 22:30:40 2012 -0500
This fixes numerous cases of missed Mdm:: prefixes on db objects
commit a2a9bb3f2148622c135663dead80b3367b6f7695
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Apr 14 18:30:18 2012 -0500
Add eventmachine
commit 301ddeb12b906ed3c508613ca894347bedc3b499
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Apr 14 18:18:12 2012 -0500
A nicer error for folks who need to upgrade pg
commit fa6bde1e67b12e2d3d9978f59bbc98e0c1a1a707
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Apr 14 17:54:55 2012 -0500
Remove bundler requirements
commit 2e3ab9ed211303f1116e602b9a450141b71e56a4
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Apr 14 17:35:38 2012 -0500
Pull in eventmachine with actual .so's this time
commit 901fb33ff6b754ce2c2cfd51e3b0b669f6ec600b
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Apr 14 17:19:12 2012 -0500
Update deps, still need to add eventmachine
commit 6b0e17068e8caa0601f3ef81e8dbdb672758fcbe
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Apr 14 13:07:06 2012 -0500
Handle older installer environments and only allow binary gems when the
environment specifically asks for it
commit b98eb7873a6342834840424699caa414a5cb172a
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Apr 14 04:05:13 2012 -0500
Bump version to -testing
commit 6ac508c4ba3fdc278aaf8cfe2c58d01de3395431
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Apr 14 02:25:09 2012 -0500
Remove msf3 subdir
commit a27dac5067635a95b4cbb773df1985f2a2dc2c5a
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Apr 14 02:24:39 2012 -0500
Remove the old busted external
commit 5fb5a0fc642b6c301934c319db854cc3145427a1
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Apr 14 02:03:10 2012 -0500
Add the gemcache loader
commit 09e2d89dfd09b9ac0c123fcc4e19816c86725627
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Apr 14 02:02:23 2012 -0500
Purge gemfile/bundler configure in exchange for new gemcache setup
commit 3cc0264e1cfb027b515d7f24b95a74b023bd905c
Author: Tod Beardsley <todb@metasploit.com>
Date: Thu Apr 12 14:11:45 2012 -0500
Mode change on modicon_ladder.apx
commit c18b3d56efd639e461137acdc76b4b283fe978d4
Author: HD Moore <hd_moore@rapid7.com>
Date: Thu Apr 12 01:38:56 2012 -0500
The go faster button
commit ca2a67d51d6d4c7c3ca2e745f8b018279aef668a
Merge: 674ee09 b8129f9
Author: Tod Beardsley <todb@metasploit.com>
Date: Mon Apr 9 15:50:33 2012 -0500
Merge branch 'master-clone' into rails3-clone
Picking up Packetfu upstream changes, all pretty minor
commit 674ee097ab8a6bc9608bf377479ccd0b87e7302b
Merge: e9513e5 a26e844
Author: Tod Beardsley <todb@metasploit.com>
Date: Mon Apr 9 13:57:26 2012 -0500
Merge branch 'master-clone' into rails3-clone
Conflicts:
lib/msf/core/handler/reverse_http.rb
lib/msf/core/handler/reverse_https.rb
modules/auxiliary/scanner/discovery/udp_probe.rb
modules/auxiliary/scanner/discovery/udp_sweep.rb
Resolved conflicts with the reverse_http handlers and the udp probe /
scanners byt favoring the more recent changes (which happened to be the
intent anyway). The reverse_http and reverse_https changes were mine so
I know what the intent was, and @dmaloney-r7 changed udp_probe and
udp_sweep to use pcAnywhere_stat instead of merely pcAnywhere, so the
intent is clear there as well.
commit e9513e54f984fdb100c13b44a1724246779ccb76
Author: David Maloney <dmaloney@melodie.gateway.2wire.net>
Date: Fri Apr 6 18:21:46 2012 -0500
Some fixes to how services get reported to prevent issues with the web interface
commit adeb44e9aaf1a329a0e587d2b26e678398730422
Author: David Maloney <David_Maloney@rapid7.com>
Date: Mon Apr 2 15:39:46 2012 -0500
Some corrections to pcAnywhere discovery modules to distinguish between the two services
commit b13900176484fea8f5217a2ef925ae2ad9b7af47
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Mar 31 12:03:21 2012 -0500
Enable additional migration-path parameters, use a temporary directory to bring the database online
commit 526b4c56883f461417f71269404faef38639917c
Author: David Maloney <David_Maloney@rapid7.com>
Date: Wed Mar 28 23:24:56 2012 -0500
A bunch of Mdsm fixes for .kind_of? calls, to make sure we ponit to the right place
commit 2cf3143370af808637d164ce59400605300f922c
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Mar 26 16:22:09 2012 -0500
Check for ruby 2.0 as well as 1.9 for encoding override
commit 4d0f51b76d89f00f7acbce6b1f00dc6e4c4545ee
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Mar 26 15:36:04 2012 -0500
Remove debug statement
commit f5d2335e7745aa1a354f4d6c8fc9d0b3876c472a
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Mar 26 15:01:55 2012 -0500
Be explicit about the Mdm namespace
commit bc8be225606d6ea38dd2a85ab4310c1c181a94ee
Author: hdm <hdm@hypo.(none)>
Date: Mon Mar 26 11:49:51 2012 -0500
Precalculate some uri strings in case the 1000-round generation fails
commit 4254f419723349ffb93e4aebdaeabbd7d66bf8c0
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date: Sat Mar 24 14:03:44 2012 -0500
Removed some non-namespaced calls to Host
commit c8190e1bb8ad365fb0d7a1c4a9173e6c739be85c
Author: HD Moore <hd_moore@rapid7.com>
Date: Tue Mar 20 00:37:00 2012 -0500
Purge the rvmrc, this is causing major headaches
commit 76df18588917b7150a3bedf2569710a80bab51f8
Author: HD Moore <hd_moore@rapid7.com>
Date: Tue Mar 20 00:31:52 2012 -0500
Switch .rvmrc to the shipping 1.9.3 version
commit 7124971d0032b268f4ddf89aca125f15e284f345
Author: David Maloney <David_Maloney@rapid7.com>
Date: Mon Mar 12 16:56:40 2012 -0500
Adds mixin for looking up Mime Types by extension
commit b7ca8353164c43db6bacb2f3f16afa1269f66e43
Merge: a0b0c75 6b9a219
Author: Matt Buck <techpeace@gmail.com>
Date: Tue Mar 6 19:38:53 2012 -0600
Merge from develop.
commit a0b0c7528d2b8fabb76b2246a15004bc89239cf0
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date: Tue Mar 6 11:08:59 2012 -0600
Somehow migration file is new?
commit 84d2b3cb1ad6290413c3ea3222ddf9932270b105
Author: David Maloney <David_Maloney@rapid7.com>
Date: Wed Feb 29 16:38:55 2012 -0600
Added ability to specify headers to redirects in http server
commit e50d27cda83872c616722adb03dc1a6a5e685405
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Feb 4 04:44:50 2012 -0600
Tweak the event dispatcher to enable customer events without a category
and trigger http request events from the main exploit mixin.
Experimental
commit 0e4fd2040df49df2e6cb0e8d2c6240a03d108033
Author: Matt Buck <Matthew_Buck@rapid7.com>
Date: Thu Feb 2 22:09:05 2012 -0600
Change Msm -> Mdm in migrations. This is what was preventing migrations from finishing on first boot.
commit c94a2961d04eee84adfd42bb01ed7a3e3846b83a
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date: Wed Feb 1 12:48:48 2012 -0600
Changed Gemfile to use new gem name
commit 245c2063f06b4fddbfc607d243796669ef236136
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date: Wed Feb 1 12:47:42 2012 -0600
Did find/replace for final namespace of Mdm
commit 6ed9bf8430b555dcbe62daeddb2f33bd400ab5bc
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date: Tue Jan 24 10:47:44 2012 -0600
Fix a bunch of namespace issues
commit 2fe08d9e4226c27e78d07a00178c58f528cbc72e
Author: Matt Buck <Matthew_Buck@rapid7.com>
Date: Fri Jan 20 14:37:37 2012 -0600
Update Msm contstants in migrations for initial DB builds.
commit 4cc6b8fb0440c6258bf70de77a9153468fea4ea5
Author: Matt Buck <Matthew_Buck@rapid7.com>
Date: Fri Jan 20 14:37:25 2012 -0600
Update Gemfile.lock.
commit 1cc655b678f0a054a9a783da119237fe3f67faa4
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date: Thu Jan 19 11:48:29 2012 -0600
Errant Workspaces needed namespace
commit 607a78285582c530a68985add33ccf4d899c467a
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date: Tue Jan 17 15:44:02 2012 -0600
Refactored all models to use the new namespace
* Every model using DBManager::* namespace is now Msm namespace
* Almost all of this in msf/base/core
* Some in modules
commit a690cd959b3560fa2284975ca7ecca10c228fb05
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date: Tue Jan 17 13:41:44 2012 -0600
Move bundler setup
commit dae115cc8f7619ca7a827123079cb67fb4d9354b
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date: Mon Jan 9 15:51:07 2012 -0600
Moved ActiveSupport dep to gem
commit d32f8edb6e7f82079b775ffbc2b9a405d1f32b3b
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date: Mon Jan 9 14:40:05 2012 -0600
Removed model require file
commit d0c74cff8c44771e566ec63b03eda10d03b25c42
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date: Tue Jan 3 16:06:10 2012 -0600
Update some more finds
commit 4eb79ea6b58b74c309ab1f1bb0bd35fe9041de46
Author: Trevor Rosen <Trevor_Rosen@rapid7.com>
Date: Tue Jan 3 14:21:15 2012 -0600
Yet another dumb commit
commit a75febcb593d52fdfe930306b4275829759d81d1
Author: Trevor Rosen <trevor@catapult-creative.com>
Date: Thu Dec 29 19:20:51 2011 -0600
Fixing deletion
commit dc139ff2fdfc4e7cdee3901dfb863e70913d6b92
Author: Trevor Rosen <trevor@catapult-creative.com>
Date: Wed Dec 7 17:06:45 2011 -0600
Fixed erroneous commit
commit 531c1e611cf4d23aeb9c48350dabf7630d662d25
Author: Trevor Rosen <trevor@catapult-creative.com>
Date: Mon Nov 21 16:11:35 2011 -0600
Remove AR patch stuff; attempting to debug non-connection between MSF and Pro
commit 458611224189c7aa27e500aabd373d85dc2dc5c0
Author: Trevor Rosen <trevor@catapult-creative.com>
Date: Fri Nov 18 16:17:27 2011 -0600
Drop ActiveRecord/ActiveSupport in preparation for upgrade
Squashed commit of the following:
commit 2f4e8df33c5b4baa8d6fd67b400778a3f93482aa
Author: James Lee <egypt@metasploit.com>
Date: Tue Feb 28 16:31:03 2012 -0700
Clean up some rdoc comments
This adds categories for the various interfaces that meterpreter and
shell sessions implement so they are grouped logically in the docs.
commit 9d31bc1b35845f7279148412f49bda56a39c9d9d
Author: James Lee <egypt@metasploit.com>
Date: Tue Feb 28 13:00:25 2012 -0700
Combine the docs into one output dir
There's really no need to separate the API sections into their own
directory. Combining them makes it much easier to read.
commit eadd7fc136a9e7e4d9652d55dfb86e6f318332e0
Author: James Lee <egypt@metasploit.com>
Date: Tue Feb 28 08:27:22 2012 -0700
Keep the order of iface attributes the same accross rubies
1.8 doesn't maintain insertion order for Hash keys like 1.9 does so we
end up with ~random order for the display with the previous technique.
Switch to an Array instead of a Hash so it's always the same.
commit 6f66dd40f39959711f9bacbda99717253a375d21
Author: James Lee <egypt@metasploit.com>
Date: Tue Feb 28 08:23:35 2012 -0700
Fix a few more compiler warnings
commit f39cb536a80c5000a5b9ca1fec5902300ae4b440
Author: James Lee <egypt@metasploit.com>
Date: Tue Feb 28 08:17:39 2012 -0700
Fix a type-safety warning
commit 1e52785f38146515409da3724f858b9603d19454
Author: James Lee <egypt@metasploit.com>
Date: Mon Feb 27 15:21:36 2012 -0700
LHOST should be OptAddress, not OptAddressRange
commit acef978aa4233c7bd0b00ef63646eb4da5457f67
Author: James Lee <egypt@metasploit.com>
Date: Sun Feb 26 17:45:59 2012 -0700
Fix a couple of warnings and a typo
commit 29d87f88790aa1b3e5db6df650ecfb3fb93c675b
Author: HD Moore <hdm@digitaloffense.net>
Date: Mon Feb 27 11:54:29 2012 -0600
Fix ctype vs content_type typo
commit 83b5400356c47dd1973e6be3aa343084dfd09c73
Author: Gregory Man <man.gregory@gmail.com>
Date: Sun Feb 26 15:38:33 2012 +0200
Fixed scripts/meterpreter/enum_firefox to work with firefox > 3.6.x
commit 49c2c80b347820d02348d694cc71f1b3028b4365
Author: Steve Tornio <swtornio@gmail.com>
Date: Sun Feb 26 07:13:13 2012 -0600
add osvdb ref
commit e18e1fe97b89c3a2b8c22bc6c18726853d2c2bee
Author: Matt Andreko <mandreko@gmail.com>
Date: Sat Feb 25 18:02:56 2012 -0500
Added aspx target to msfvenom. This in turn added it to msfencode as well.
Ref: https://github.com/rapid7/metasploit-framework/pull/188
Tested on winxp with IIS in .net 1.1 and 2.0 modes
commit e6aa5072112d79bbf8a4d2289cf8d301db3932f5
Author: Joshua J. Drake <github.jdrake@qoop.org>
Date: Sat Feb 25 13:00:48 2012 -0600
Fixes#6308: Fall back to 127.0.0.1 when SocketError is raised from the resolver
commit b3371e8bfe
Author: James Lee <egypt@metasploit.com>
Date: Tue Feb 28 17:07:42 2012 -0700
Simplify logic for whether an inner iface has the same address
commit 5417419f35
Author: James Lee <egypt@metasploit.com>
Date: Tue Feb 28 16:58:16 2012 -0700
Whitespace
commit 9036875c29
Author: James Lee <egypt@metasploit.com>
Date: Tue Feb 28 16:53:45 2012 -0700
Set session info before worrying about address
get_interfaces can take a while on Linux, grab uid and hostname earlier
so we can give the user an idea of what they popped as soon as possible.
commit f34b51c629
Author: James Lee <egypt@metasploit.com>
Date: Tue Feb 28 16:48:42 2012 -0700
Clean up rdoc
commit e61a066345
Author: HD Moore <hd_moore@rapid7.com>
Date: Tue Feb 28 04:54:45 2012 -0600
Ensure the architecture is only the first word (not the full WOW64
message in some cases)
commit 4c70161097
Author: HD Moore <hd_moore@rapid7.com>
Date: Tue Feb 28 04:49:17 2012 -0600
More paranoia code, just in case RHOST is set to whitespace
commit c5ff89fe3d
Author: HD Moore <hd_moore@rapid7.com>
Date: Tue Feb 28 04:47:01 2012 -0600
A few more small bug fixes to handle cases with an empty string target
host resulting in a bad address
commit 462d0188a1
Author: HD Moore <hd_moore@rapid7.com>
Date: Tue Feb 28 03:55:10 2012 -0600
Fix up the logic (reversed by accident)
commit 2b2b0adaec
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Feb 27 23:29:52 2012 -0600
Automatically parse system information and populate the db, identify and
report NAT when detected, show the real session_host in the sessions -l
listing
commit 547a4ab4c6
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Feb 27 22:16:03 2012 -0600
Fix typo introduced
commit 27a7b7961e
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Feb 27 22:11:38 2012 -0600
More session.session_host tweaks
commit e447302a1a
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Feb 27 22:08:20 2012 -0600
Additional tunnel_peer changes
commit 93369fcffa
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Feb 27 22:06:21 2012 -0600
Additional changes to session.session_host
commit c3552f66d1
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Feb 27 22:00:19 2012 -0600
Merge changes into the new branch
This will make it easier to hopefully track down bugs.
exploitme-posix.c - make complete stack executable. On some kernel versions, execstack doesn't do the trick.
git-svn-id: file:///home/svn/framework3/trunk@10485 4d416f70-5f16-0410-b530-b9f4589650da
svn+ssh://metasploit.com/home/svn/framework3/branches/framework-3.1
........
r5391 | hdm | 2008-02-02 15:26:48 -0600 (Sat, 02 Feb 2008) | 3 lines
Prepend a library directory to the search path, if MSF_LOCAL_LIB is set. This lets folks maintain a set of modified libraries that will be used instead of the official ones. Documentation updates as well.
........
git-svn-id: file:///home/svn/framework3/trunk@5392 4d416f70-5f16-0410-b530-b9f4589650da
svn+ssh://metasploit.com/home/svn/framework3/branches/framework-3.1
........
r5366 | hdm | 2008-01-26 20:30:53 -0600 (Sat, 26 Jan 2008) | 2 lines
Update version information
........
r5367 | hdm | 2008-01-26 21:10:57 -0600 (Sat, 26 Jan 2008) | 3 lines
Updated for version 3.1
........
r5369 | hdm | 2008-01-26 21:13:31 -0600 (Sat, 26 Jan 2008) | 3 lines
Wipe the private directories from the branch.
........
r5371 | hdm | 2008-01-27 17:24:24 -0600 (Sun, 27 Jan 2008) | 5 lines
Timeout options added for dcerpc connect and read times. Addition of novell netware as a supported target platform. Inclusion of the serverprotect exploit (still works on the latest version). Addition of the first remote netware kernel exploit that leads to a shell, addition of netware stager and shell, and first draft of the release notes for 3.1
........
r5372 | hdm | 2008-01-27 17:30:08 -0600 (Sun, 27 Jan 2008) | 3 lines
Formatting, indentation, fixed the static IP embedded in the request
........
r5373 | hdm | 2008-01-27 20:02:48 -0600 (Sun, 27 Jan 2008) | 3 lines
Correctly trap exploit errors in a way that works with all of the UIs
........
r5374 | hdm | 2008-01-27 20:23:25 -0600 (Sun, 27 Jan 2008) | 3 lines
More last-minute bug fixes
........
r5375 | hdm | 2008-01-27 20:37:43 -0600 (Sun, 27 Jan 2008) | 3 lines
Force multi-bind off in netware, correct label display in gtk gui labels
........
r5376 | hdm | 2008-01-27 20:50:03 -0600 (Sun, 27 Jan 2008) | 3 lines
More exception handling fun
........
git-svn-id: file:///home/svn/framework3/trunk@5378 4d416f70-5f16-0410-b530-b9f4589650da
