forked from rapid7/metasploit-framework
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
merge #2
Merged
Merged
merge #2
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Module now uses Chrome itself as a websocket client, reading websockets via js. It no longer downloads and executes `websocat`.
Noticed while @asoto-r7 was reviewing Code Climate results, and it highlighted some metasm code as having unusual code structure. Rather than fixing it, we can delete it, since this is from upstream metasm presumably, which we've used as a Gem for some time (thanks @egypt). All payloads should still be regenerable, and evasion modules as well.
The changes ensure that updates to an Mdm::Session are reflected on a remote data service.
The longxor encoder for mipsbe does not work correctly. At the end of the decoding, it should invoke cacheflush() with the correct parameters: int cacheflush(char *addr, int nbytes, int cache) The encoder previously did not setup the arguments, as it even said so in the comments: ; addiu $4, $16, -4 ; not checked by Linux ; li $5,40 ; not checked by Linux ; li $6,3 ; $6 is set above I think this is because the encoder is pretty old (2008), and before kernel 2.6.11, cacheflush() did not need any parameters (from the cacheflush man page): BUGS Linux kernels older than version 2.6.11 ignore the addr and nbytes arguments, making this function fairly expensive. Therefore, the whole cache is always flushed. This commit fixes that by setting up the parameters correctly. As an unfortunate side effect this increases the shellcode by 16 bytes, but it is absolutely necessary for it to work properly. Note that this bug is not present when testing the encoder output on an emulator like qemu; emulators do not need to flush the caches to work properly. As an added bonus I have also made it compatible with toupper() restrictions, which is common in web server exploits too. This did not add any extra bytes to the encoder.
pedrib
pushed a commit
that referenced
this pull request
Jun 8, 2019
pedrib
pushed a commit
that referenced
this pull request
Jun 25, 2020
fixing up some styling and rubocop run
pedrib
pushed a commit
that referenced
this pull request
Jul 30, 2020
refactor mixin as factory for SQLi classes
pedrib
pushed a commit
that referenced
this pull request
Jul 30, 2020
Replace ret CheckCode with fail_with()
pedrib
pushed a commit
that referenced
this pull request
Jul 30, 2020
add cracking support for dynamic_82
pedrib
pushed a commit
that referenced
this pull request
Oct 1, 2020
Validate the PE file early on to raise errors
pedrib
pushed a commit
that referenced
this pull request
Oct 1, 2020
pedrib
pushed a commit
that referenced
this pull request
Jul 7, 2021
pedrib
pushed a commit
that referenced
this pull request
Jul 7, 2021
add cookie jar usage and AutoCheck
pedrib
pushed a commit
that referenced
this pull request
Jul 7, 2021
adjust history context to thread file write
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Tell us what this change does. If you're fixing a bug, please mention
the github issue number.
Verification
List the steps needed to make sure this thing works
msfconsole
use exploit/windows/smb/ms08_067_netapi