bcoles
Many modules are missing Notes. ``` $ rubocop --only Lint/ModuleEnforceNotes modules/exploits/ [...] 2306 files inspected, 1937 offenses detected ``` This causes rubocop to fail, which causes these modules to be...
Review the [exploit/windows/winrm/winrm_script_exec module](https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/winrm/winrm_script_exec.rb). This module is old and hasn't been maintained. Why is `CmdStager::Flavor` deregistered, and instead a `ForceVBS` option used + a million other questions.
https://github.com/rapid7/mettle/issues/239 On Meterpreter sessions on Windows `session.sys.config.sysinfo['Computer']` returns the system hostname, whereas on Linux the host IP address is returned instead. ``` msf6 exploit(multi/handler) > [*] Sending stage (3045348 bytes)...
Note the text overlap in the address bar.   **Edit:** Note that the `HTTP/1.1 [...]` portion of the URL is from a test file used to test the HTTP...
The `-e` argument clobbers `stdin` with file contents as a string: https://github.com/smicallef/spiderfoot/blob/e84db07ffa681f1acd9445a2ffdc9f28ffe0330a/sfcli.py#L1368-L1379 Where as Python `Cmd` expects `_io.TextIOWrapper` not `str`: ``` # ./sfcli.py -e /tmp/asdf Traceback (most recent call last):...
Bug report from discord. Each TLD is a single byte. Clearly one or more URLs are treated as TLDs for some reason. You can see each byte of `h t...
Based on reported issue #17885, a quick grep through the code base indicates that every module which offers a "Start an exploit/multi/handler" option with a per-module `create_multihandler` method likely suffers...
Yahoo API version 7 is superior to the current implementation. The new API has more accurate data. The data in the old API does not appear to updated any more...
You may be pleased to note that a value of `-1` will prevent the device from beeping. This comes at the cost of one additional byte, thus decreasing the available...
pdf-reader hangs with 100% CPU usage when parsing the attached corrupt/malformed PDFs. ``` $ grep -rn 'execution expired' crashes/*.trace -A 1 crashes/20220417003806867869681_crash_493.pdf.trace:1:execution expired crashes/20220417003806867869681_crash_493.pdf.trace-2-/var/lib/gems/2.7.0/gems/pdf-reader-2.9.2/lib/pdf/reader/buffer.rb:369:in `===' -- crashes/20220417003946304391404_crash_46.pdf.trace:1:execution expired crashes/20220417003946304391404_crash_46.pdf.trace-2-/var/lib/gems/2.7.0/gems/pdf-reader-2.9.2/lib/pdf/reader/buffer.rb:212:in `last'...