infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
17,393 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

2890 Commits (011b6899b0acb726d1f53139754849f70561fcbb)

Author SHA1 Message Date
Thomas McCarthy a8d574e4ce Updated one print_status 2013-02-17 14:08:33 -05:00
Jeff Jarmoc ade2c9ef56 msftidy - fix line endings. 2013-02-14 11:42:02 -06:00
Jeff Jarmoc 4c90cacffe Send iframe when URIPATH isnt '/' 2013-02-14 11:23:08 -06:00
Jeff Jarmoc 947aa24d44 MS13-009 / CVE-2013-0025 ie_slayout_uaf.rb by Scott Bell 2013-02-14 11:18:19 -06:00
Thomas McCarthy 7b2c1afadb I'm an idiot, fix logon xpath 2013-02-14 09:16:47 -05:00
smilingraccoon e78cbdd14d missed one line 2013-02-13 18:17:38 -05:00
smilingraccoon bbf8fe0213 Use Post::File methods and fail_with 2013-02-13 18:10:05 -05:00
sinn3r 4074a12fd7 Randomize some gadgets 2013-02-13 14:12:52 -06:00
jvazquez-r7 f58cc6a2e0 more fix version info 2013-02-12 18:51:04 +01:00
jvazquez-r7 96b1cb3cfb fix version info 2013-02-12 18:50:36 +01:00
jvazquez-r7 69267b82b0 Make stable #1318 foxit reader exploit 2013-02-12 18:44:19 +01:00
Tod Beardsley 8ddc19e842 Unmerge #1476 and #1444 
In that order. #1476 was an attempt to salvage the functionality, but
sinn3r found some more bugs. So, undoing that, and undoing #1444 as
well.

First, do no harm. It's obvious we cannot be making sweeping changes in
libraries like this without a minimum of testing available. #1478 starts
to address that, by the way.

FixRM #7752
 2013-02-11 20:49:55 -06:00
jvazquez-r7 9040fcd5ae Merge branch 'darkoperator-post2localexploit' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-post2localexploit 2013-02-12 01:52:05 +01:00
jvazquez-r7 42a6d96ff4 using Post::File methods plus little more cleanup 2013-02-12 01:33:07 +01:00
jvazquez-r7 97edbb7868 using always a vbs file to drop exe 2013-02-12 00:58:26 +01:00
Carlos Perez 5edb138a8f fixed nil issue 2013-02-11 11:51:33 -04:00
smilingraccoon 3a499b1a6d added s4u_persistence.rb 2013-02-10 14:22:36 -05:00
jvazquez-r7 17b349ab50 added crash to comments 2013-02-09 17:49:57 +01:00
jvazquez-r7 5b576c1ed0 fix ident and make happy msftidy 2013-02-09 17:40:45 +01:00
Carlos Perez fea84cad10 Fix additional typos per recomendation 2013-02-08 14:47:16 -04:00
James Lee 5b3b0a8b6d Merge branch 'dmaloney-r7-http/auth_methods' into rapid7 2013-02-08 12:45:35 -06:00
Carlos Perez b8f0a94c3f Fixed typos mentioned by Egypt 2013-02-08 14:42:10 -04:00
sinn3r 0ad548a777 I expect people to know what a share is. 2013-02-07 19:16:44 -06:00
sinn3r 9415e55211 Merge branch 'feature/rm5455-patch-smb_relay' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-feature/rm5455-patch-smb_relay 2013-02-07 19:12:58 -06:00
Carlos Perez c131b7ef0e Added exception handing and return checking as requested by Sinn3r 2013-02-07 21:06:05 -04:00
Carlos Perez 19e989dff9 Initial commit fo the migrated module 2013-02-07 19:11:44 -04:00
James Lee 1095fe198b Merge branch 'rapid7' into dmaloney-r7-http/auth_methods 2013-02-06 16:57:50 -06:00
sinn3r 0186e290d3 Merge branch 'ovftool_format_string_fileformat' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-ovftool_format_string_fileformat 2013-02-05 15:13:51 -06:00
sinn3r b706af54a0 Merge branch 'ovftool_format_string_browser' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-ovftool_format_string_browser 2013-02-05 15:12:24 -06:00
David Maloney 44d4e298dc Attempting to cleanup winrm auth 2013-02-04 15:48:31 -06:00
David Maloney 4c1e630bf3 BasicAuth datastore cleanup 
cleanup all the old BasicAuth datastore options
 2013-02-04 13:02:26 -06:00
David Maloney 2c3de43f4b datastore opts cleanup 
cleanuo digestauth datastore options in modules
 2013-02-04 12:10:44 -06:00
jvazquez-r7 9ce5f39bc6 added migrate as initial script 2013-02-04 16:42:56 +01:00
jvazquez-r7 e0d4bb5799 Added module for cve-2012-3569, browser version 2013-02-04 16:37:42 +01:00
jvazquez-r7 135718a97b Added module for cve-2012-3569, fileformat version 2013-02-04 16:36:33 +01:00
Tod Beardsley e8def29b4f Dropping all twitter handles 
Also adds "pbot" as an accepted lowercase word. This will come up pretty
routinley for functions and stuff.
 2013-02-01 16:33:52 -06:00
sinn3r 1a01d6d033 Fix scrutinizer checks 2013-01-31 14:48:54 -06:00
egypt 5332e80ae9 Fix errant use of .to_s instead of .path 2013-01-31 14:18:42 -06:00
sinn3r 4de5e475c3 Fix check 2013-01-31 02:15:50 -06:00
sinn3r c174e6a208 Correctly use normalize_uri() 
normalize_uri() should be used when you're joining URIs.  Because if
you're merging URIs after it's normalized, you could get double
slashes again.
 2013-01-30 23:23:41 -06:00
Tod Beardsley aaf18f0257 EOL whitespace, yo. 2013-01-29 14:22:30 -06:00
lmercer deb9385181 Patch for smb_relay.rb to allow the share written to, to be defined in an option 
As described in Redmine Feature #5455
 2013-01-29 15:19:35 -05:00
sinn3r 690ef85ac1 Fix trailing slash problem 
These modules require the target URI to be a directory path. So
if you remove the trailing slash, the web server might return a
301 or 404 instead of 200.

Related to: [SeeRM: #7727]
 2013-01-28 13:19:31 -06:00
jvazquez-r7 3faf4b3aca adding sinn3r as author 2013-01-24 18:13:30 +01:00
sinn3r 2cedcad810 Check PID 2013-01-24 10:46:23 -06:00
sinn3r ad108900d5 Why yes I know it's a module 2013-01-23 16:23:41 -06:00
sinn3r 22f7619892 Improve Carlos' payload injection module - See #1201 
Lots of changes, mainly:
* Description update
* Avoid accessing protected methods
* More careful exception & return value handling
 2013-01-23 16:15:14 -06:00
sinn3r e93b7ffcaf Add Carlos Perez's payload injection module 
See #1201
 2013-01-23 14:07:48 -06:00
jvazquez-r7 51ba500b9f msftidy compliant 2013-01-16 12:28:09 +01:00
sinn3r 0f24671cf7 Changes how the usernames are loaded. 
Allows usernames to be loaded as a file (wordlist), that way the
it's much easier to manage.  It defaults to unix_users.txt,
because these usernames are common in any SSH hosts out there.
If the user only wants to try a specific user (which is better,
because you reduce traffic noise that way), then he/she can set
the USERNAME option, and that should be the only one tried --
similar to how AuthBrute behaves.

I also fixed the regex in check().
 2013-01-16 02:14:52 -06:00
sinn3r 04b35a38ff Update MSB ref 2013-01-14 14:59:32 -06:00
jvazquez-r7 c6c59ace46 final cleanup 2013-01-14 20:53:19 +01:00
jvazquez-r7 5ecb0701ea Merge branch 'freesshd_authbypass' of https://github.com/danielemartini/metasploit-framework into danielemartini-freesshd_authbypass 2013-01-14 20:52:45 +01:00
Daniele Martini 04fe1dae11 Added module for Freesshd Authentication Bypass (CVE-2012-6066) 
This module works against FreeSSHD <= 1.2.6. Tested against
password and public key authentication methods. It will generate
a random key and password.

To use it you need to know a valid username. The module contains
a basic bruteforce methods, so you can specify more than one to try.
 2013-01-13 17:08:04 +01:00
jvazquez-r7 5901058a61 Merge branch 'ms11_081' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ms11_081 2013-01-09 23:24:14 +01:00
sinn3r fe8b9c24cf Merge branch 'jvazquez-r7-honeywell_tema_exec' 2013-01-09 16:08:19 -06:00
sinn3r f3b88d34c1 Add MS11-081 2013-01-09 15:52:33 -06:00
jvazquez-r7 736f8db6c0 Deleting from browser autopwn 2013-01-09 09:58:20 +01:00
jvazquez-r7 377905be7f Avoid FileDropper in this case 2013-01-09 09:15:38 +01:00
jvazquez-r7 52982c0785 Added BrowserAutopwn info 2013-01-08 19:53:34 +01:00
jvazquez-r7 0e475dfce1 improvements and testing 2013-01-08 19:43:58 +01:00
jvazquez-r7 b2575f0526 Added module for OSVDB 76681 2013-01-08 17:46:31 +01:00
sinn3r 5bc1066c69 Change how modules use the mysql login functions 2013-01-07 16:12:10 -06:00
sinn3r a59c474e3e Merge branch 'jvazquez-r7-ibm_cognos_tm1admsd_bof' 2013-01-07 13:34:52 -06:00
Tod Beardsley 33751c7ce4 Merges and resolves CJR's normalize_uri fixes 
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules

Note that this trips all kinds of msftidy warnings, but that's for another
day.

Conflicts:
	modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
	modules/exploits/windows/http/xampp_webdav_upload_php.rb
 2013-01-07 11:16:58 -06:00
jvazquez-r7 883b3446f3 license text 2013-01-05 08:03:25 +01:00
jvazquez-r7 0a13f01f23 Added module for ZDI-12-101 2013-01-05 07:40:32 +01:00
Christian Mehlmauer 6654faf55e Msftidy fixes 2013-01-04 09:29:34 +01:00
sinn3r 6d4abe947d Merge branch 'id_revision' of github.com:FireFart/metasploit-framework into FireFart-id_revision 2013-01-04 00:23:03 -06:00
sinn3r 38de5d63d8 Merge branch 'master' of github.com:rapid7/metasploit-framework 2013-01-03 17:49:24 -06:00
Christian Mehlmauer 8f2dd8e2ce msftidy: Remove $Revision$ 2013-01-04 00:48:10 +01:00
sinn3r b061a0f9c1 Merge branch 'enterasys_netsight_syslog_bof' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-enterasys_netsight_syslog_bof 2013-01-03 17:45:24 -06:00
Christian Mehlmauer 25aaf7a676 msftidy: Remove $Id$ 2013-01-04 00:41:44 +01:00
jvazquez-r7 a0b4045b4b trying to fix the variable offset length 2013-01-04 00:25:34 +01:00
sinn3r 724fa62019 Merge branch 'enterasys_netsight_syslog_bof' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-enterasys_netsight_syslog_bof 2013-01-03 15:35:29 -06:00
sinn3r 6fd35482cc This exploit should be in browser auto pwn 2013-01-03 14:45:00 -06:00
jvazquez-r7 9cea2d9af9 reference updated 2013-01-03 19:39:18 +01:00
jvazquez-r7 45808a3a44 Added module for ZDI-11-350 2013-01-03 19:17:45 +01:00
sinn3r 06b937ec11 Implements WTFUzz's no-spray technique 
Do not try to bend the spoon, that is impossible. Instead, only
try to realize the truth: there is no spoon.
 2013-01-03 11:57:47 -06:00
sinn3r 38157b86a9 Merge branch 'master' of git://github.com/rapid7/metasploit-framework 2012-12-31 11:15:44 -06:00
sinn3r f7543e18fe Your def of commit apparently is a little different than mine, git. 2012-12-31 00:35:13 -06:00
sinn3r 2b3f7c4430 Module rename 
Sorry, Tod, this must be done.
 2012-12-31 00:29:19 -06:00
sinn3r 5703274bc4 Merge branch 'master' of git://github.com/rapid7/metasploit-framework 2012-12-30 20:34:57 -06:00
sinn3r 1084334d5e Randomness 2012-12-30 20:34:14 -06:00
sinn3r 7cb42a5eb4 Add BID ref 2012-12-30 18:14:22 -06:00
sinn3r cc52e2c533 Where's Juan's name? 2012-12-30 12:58:16 -06:00
jvazquez-r7 14f21c0a29 using the rop as expected 2012-12-30 16:13:48 +01:00
jvazquez-r7 eed5a74f32 description updated and reference added 2012-12-30 16:08:01 +01:00
Christian Mehlmauer f7d6594314 re-deleted comma 2012-12-30 13:39:14 +01:00
jvazquez-r7 6be8ed6168 readd fix for #1219 2012-12-30 13:25:42 +01:00
jvazquez-r7 cd58cc73d9 fixed rop chain for w2003 2012-12-30 13:12:55 +01:00
Christian Mehlmauer cab84b5c27 Fix for issue #1219 2012-12-30 13:02:13 +01:00
Christian Mehlmauer dcf018c339 Comma 2012-12-30 12:54:44 +01:00
Christian Mehlmauer 14d197eeb2 Added Windows Server 2003 2012-12-30 11:35:29 +01:00
jvazquez-r7 6cb9106218 Added module for CVE-2012-4792 2012-12-30 01:46:56 +01:00
sinn3r eb2037bdba Merge branch 'inotes_dwa85w_bof' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-inotes_dwa85w_bof 2012-12-28 12:16:06 -06:00
jvazquez-r7 9ffb0dcf79 switch to some random data 2012-12-28 12:48:36 +01:00
jvazquez-r7 8f62cd5561 swith to some random data 2012-12-28 12:47:20 +01:00
jvazquez-r7 af61438b0b added module for zdi-12-132 2012-12-28 11:45:32 +01:00
jvazquez-r7 8ea5c993a2 added module for zdi-12-134 2012-12-28 11:44:30 +01:00