infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
18,173 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

18173 Commits (031bb2eb0bfb6287a009b3a61528d91c99739243)

Author SHA1 Message Date
Andras Kabai 7b6a784a84 basic payload execution through OS command execution 2013-04-20 13:02:22 +02:00
Andras Kabai 223556a4e6 switch to exploit module environment 
switch to Msf::Exploit, change the necessary declarations, start to
change the exploitation process
 2013-04-20 12:30:44 +02:00
Andras Kabai cff47771a2 initial commit 
the original aux module will be the base of the exploit module
 2013-04-20 11:32:05 +02:00
jvazquez-r7 1365dfe68c Add Oracle url 2013-04-20 01:43:14 -05:00
jvazquez-r7 9fca89f70b fix small issues 2013-04-20 01:43:14 -05:00
jvazquez-r7 b99fc06b6f description updated 2013-04-20 01:43:14 -05:00
jvazquez-r7 19f2e72dbb Added module for Java 7u17 sandboxy bypass 2013-04-20 01:43:13 -05:00
Andras Kabai 49b055e5fd make msftidy happy 2013-04-20 00:26:04 +02:00
Andras Kabai e4d9c45ce9 remove unnecessary rank rating 2013-04-20 00:23:55 +02:00
jvazquez-r7 c7fcd6931a Use vprint_error 2013-04-19 16:22:07 -05:00
jvazquez-r7 4ef33197dc Land #1745 - @FireFart's improvement for MediaWiki aux module 2013-04-19 16:20:33 -05:00
Meatballs 5fa81942db Initial comms 2013-04-19 22:19:50 +01:00
jvazquez-r7 19a158dce9 Do final cleanup for netgear_dgn2200b_pppoe_exec 2013-04-19 15:50:23 -05:00
jvazquez-r7 c1819e6ecc Land #1700, @m-1-k-3's exploit for Netgear DGN2200B 2013-04-19 15:49:30 -05:00
Tod Beardsley 881d16e701 Add some friendlier defaults to database.yml 
Actually let people get going out of the gate without forcing them to
puzzle out database.yml configurations. Also gives some hints on how to
set up a database.

Today, if you merely copy and paste from database.yml.example, you'll
get yelled at:

````
$ ./msfconsole -L -y config/database.yml
[-] No database definition for environment production
````
 2013-04-19 15:43:25 -05:00
Christian Mehlmauer eaff87879e added text 2013-04-19 22:03:05 +02:00
Christian Mehlmauer a6be72b019 fixes for mediawiki aux module 2013-04-19 21:43:12 +02:00
Andras Kabai 763d1ac2f1 remove unnecessary option declaration 2013-04-19 21:42:28 +02:00
Andras Kabai 85932a2445 improve URI path and parameter handling 
switch from PATH to TARGETURI datastore;
use normalize_uri to build uri;
use query in send_request_cgi to to prepare query string (instead of
vars_get that escapes the necessary semicolons)
 2013-04-19 21:37:39 +02:00
Andras Kabai c52588f579 remove Scanner mixin 
remove Scanner mixin because this module is not a scanner modul
 2013-04-19 20:28:44 +02:00
Luke Imhoff 3bf3cfccc6 Use be_within to loosen tolerance for Time comparisons 
[#47979793]
[#48414569]

Even though using Timecop locally on OS X makes the `should == <Time>`
work, it fails on travis-ci, so try using `should
be_within(1.second).of(<Time>)` instead.
 2013-04-19 12:07:12 -05:00
sinn3r 7fdf84ac45 Landing #1744 - Checks nil before using resp.headers['Server'] 
[Closes #1744]
 2013-04-19 10:37:05 -05:00
sinn3r 7f21239713 Landing #1741 - MediaWiki SVG File Access Auxiliary module 
[Closes #1741]
 2013-04-19 10:30:16 -05:00
Luke Imhoff e5befb7094 Msf::DBManager#report_session specs 
[#47979793]
 2013-04-19 10:11:33 -05:00
jvazquez-r7 31586770a0 Added module for OSVDB 92490 2013-04-18 14:34:02 -05:00
Andras Kabai 8f76c436d6 SAP ConfigServlet OS Command Execution module 
This module allows execution of operating system commands throug the
SAP ConfigServlet without any authentication.
 2013-04-18 20:26:48 +02:00
RageLtMan 15c6df1482 Check for nil before calling on value 2013-04-18 00:32:37 -04:00
m-1-k-3 2713991c64 timeout and HTTP_Delay 2013-04-17 20:25:59 +02:00
m-1-k-3 59045f97fb more testing, reworking of config restore, rework of execution 2013-04-17 18:10:27 +02:00
jvazquez-r7 4e8d32a89a cleanup for freefloatftp_user 2013-04-16 20:43:38 -05:00
jvazquez-r7 eedeb37047 Landing #1731, @dougsko's freefloat ftp server bof exploit 2013-04-16 20:42:01 -05:00
Josh c23cf47d74 Fix RM7896, global show opts has non-eval #{text} 
thx to mudge for reporting & jduck for properly blaming me.
This change also causes the actual DefaultPromptChar to be displayed vs a hard coded ">"
 2013-04-15 22:07:28 -05:00
root 830715dc07 Applying changes 2013-04-16 00:28:39 +02:00
Tod Beardsley 25fcbd4e70 Landing #1733, setting a sensible heapsray offset 
@wchen-r7 says that nobody's using it today, much less relying on the
default, so this should make no functional difference to any browser
exploits.
 2013-04-15 16:32:48 -05:00
Tod Beardsley d5e717a36c Alphabetized .mailmap 2013-04-15 15:40:26 -05:00
Tod Beardsley a36c6d2434 Lands #1730, adds a VERBOSE option checker 
Also removes VERBOSE options from extant modules. There were only 5 of
them, and one was a commented option.
 2013-04-15 15:32:56 -05:00
Tod Beardsley 29101bad41 Removing VERBOSE offenders 2013-04-15 15:29:56 -05:00
Tod Beardsley be39079830 Trailing whitespace fix 
Note that this commit needed a --no-verify because of the erroneous
check in msftidy for writing to stdout. The particular syntax of this
payload makes it look like we're doing that when we're really not.

So don't sweat it.
 2013-04-15 13:58:06 -05:00
Tod Beardsley efdf4e3983 Lands #1485, fixes for Windows-based Ruby targets 2013-04-15 13:56:41 -05:00
Tod Beardsley 4d21c7dff5 Landing #1727, adding @jlee-r7's new fingerprints 2013-04-15 13:49:59 -05:00
Tod Beardsley 7f8040c4e4 Lands #1722, Rex::Socket comment docs 2013-04-15 13:44:00 -05:00
Tod Beardsley 873bdbab57 Removing APSB13-03, not ready. 
This was landed by @todb-r7 on #1709 but that was premature. #1717 was
a proposed set of fixes, but it didn't go far enough.

@jhart-r7 and @jvazquez-r7 should revisit this module for sure, there's
some good stuff in there, but it's not ready for a real release quite
yet. Take a look at the issues discussed in those PRs and open a new PR
with a new module?

Sorry for the switcheroo, not trying to be a jerk.

[Closes #1717]
 2013-04-15 13:36:47 -05:00
Tod Beardsley 513b3b1455 Minor cleanup on DLink module 2013-04-15 13:27:47 -05:00
Luke Imhoff 2c681005c0 Msf::ModuleManager::Cache spec coverage 
[#47979793]
 2013-04-15 13:08:12 -05:00
scriptjunkie 2c41ca6598 Merge branch 'encoding_fix' of git://github.com/rsmudge/metasploit-framework 2013-04-12 21:10:44 -05:00
sinn3r d28db8a2a3 Forgot the comment 2013-04-12 20:21:10 -05:00
sinn3r f2cbbf43e8 Changes default offset 
Points to the beginning of the block
 2013-04-12 20:19:47 -05:00
Luke Imhoff 0709395570 Msf::ModuleManager::Loading shared example 
[#47979793]
 2013-04-12 15:18:16 -05:00
Luke Imhoff ff7a8e6351 Msf::ModuleManager::ModulePaths shared example 
[#47979793]
 2013-04-12 15:14:04 -05:00
h0ng10 4e42ffd51e msftidy cleanup 2013-04-12 21:39:11 +02:00