infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
26,027 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

26027 Commits (04541ac724cbf11a0801230cf9cb3274de020a03)

Author SHA1 Message Date
Michael Messner 6f45eb13c7 moved module file 2014-06-17 08:56:07 +02:00
Michael Messner a5eed71d50 renamed and other module removed 2014-06-17 08:50:09 +02:00
Michael Messner e908b7bc25 renamed and other module removed 2014-06-17 08:49:46 +02:00
James Lee 6237d56398
Refactor ssh_login_pubkey 
* Fix a bug in LoginScanner::SSHKey (which was copy-pasted from SSH)
   where the ssh_socket accessor was not being set because of a
   shadowing local var
 * Fix a bug in the db command dispatcher where an extra column was
   added to the table, causing an unhandled exception when running the
   creds command
 * Add a big, ugly, untested class for imitating
   Metasploit::Framework::CredentialCollection for ssh keys. This class
   continues the current behavoir of silently ignoring files that are a)
   encrypted or b) not private keys.
 * Remove unnecessary proof gathering in the module (it's already
   handled by the LoginScanner class)
 2014-06-16 18:38:20 -05:00
David Maloney a81b0ed17b
rename method to_file 
change method name from write to to_file
as it makes more sense for what it is is doing
and what it returns
 2014-06-16 18:03:06 -05:00
David Maloney 95beaa4f7e
correct self-eating array nature 
we never noticed we were modifying the array in place
because we were reculaculating. now with a memoized
version we would get decreasing results
 2014-06-16 17:37:18 -05:00
David Maloney a92a58417f
memoize the mutation keys 
it was recalculating the mutation rules
everytime, and there is no reason to do this
 2014-06-16 17:18:52 -05:00
Samuel Huckins 4a7ee57866 Merge pull request #76 from rapid7/bug/MSP-10006 
PRs complete

MSP-10006 #land
 2014-06-16 15:35:27 -05:00
Samuel Huckins 57c7d30bc4
Updated MC tag to 0.4.2 
MSP-10006
 2014-06-16 15:34:42 -05:00
Michael Messner f464c5ee97 dlink msearch commmand injection 2014-06-16 22:12:15 +02:00
jvazquez-r7 d44d409ff2
Land #3407, @julianvilas's exploit for Java JDWP RCE 2014-06-16 13:38:51 -05:00
jvazquez-r7 6a780987d5 Do minor cleanup 2014-06-16 13:37:44 -05:00
David Maloney f1a39ef973
enumerators all done with specs 
the enumeration chains are now all complete with specs
so we can enumerate all the words generated by the given options.
 2014-06-16 13:31:30 -05:00
jvazquez-r7 f7b892e55b Add module for AlienVault's ZDI-14-202 2014-06-16 12:10:30 -05:00
William Vu 0bc3099acf
Land #3453, release fixes 2014-06-16 11:48:37 -05:00
Tod Beardsley 19da7d551e
Kill newline (race @wvu-r7 on this) 
See PR #3453
 2014-06-16 11:46:08 -05:00
Tod Beardsley 2aa26fa290
Minor spacing and word choice fixups 2014-06-16 11:40:21 -05:00
jvennix-r7 2cedee1aef Merge pull request #74 from rapid7/feature/MSP-9744/autologin_password 
Land #74, @wvu-r7's refactor of osx autologin_password module.
 2014-06-16 11:29:49 -05:00
William Vu 29f5344d26
Drop merge of service_data, since it doesn't exist 2014-06-16 09:27:01 -05:00
William Vu e02a134bf5
Land #3452, addjsif regression fix 2014-06-16 00:03:17 -05:00
joev 461fba97d7
Update forgotten call to js() in webview exploit. 2014-06-15 23:43:05 -05:00
David Maloney 9af811a2ed
we need to pass in a workspace 2014-06-15 15:52:57 -05:00
scriptjunkie fc8bb54eb7
Land #3330 check admin in smb_login 2014-06-15 14:51:25 -05:00
scriptjunkie 5fe8814af6
Land #3330 adding admin check to smb_login 2014-06-15 14:42:26 -05:00
scriptjunkie 121ab76d09
Merge branch 'nstarke-bugfixes/post-module-execution-causing-duplicate-search-results' 2014-06-15 14:14:50 -05:00
David Maloney 897b0b1ee5
wordlist enumerators with some specs 
started the enumerators on the wordlist class
and began adding the specs for them
 2014-06-15 13:37:50 -05:00
Julian Vilas caa1e10370 Add feature for disabling Java Security Manager 2014-06-15 20:35:19 +02:00
scriptjunkie d38a95a352 Merge branch 'bugfixes/post-module-execution-causing-duplicate-search-results' of github.com:nstarke/metasploit-framework into nstarke-bugfixes/post-module-execution-causing-duplicate-search-results 2014-06-15 13:15:57 -05:00
David Maloney a00ff5aeef
yield custom_wordlist words 2014-06-15 12:16:21 -05:00
David Maloney 8ada0804bd
add valid! spec 2014-06-15 11:22:43 -05:00
David Maloney 41d6b326f2
specs for wordlist validations 
added specs to cover the validations on
the JtR wordlist class.
 2014-06-15 11:14:11 -05:00
David Maloney a5fb898904
actually set max run time 
make maxrutnime affect the crack command
 2014-06-14 20:03:56 -05:00
David Maloney 33519b1fcd
cracker validations and specs 
more validations and specs for the cracker class
 2014-06-14 19:59:59 -05:00
David Maloney 529e5da00a
make sure laoder finds new validator 2014-06-14 18:02:51 -05:00
David Maloney 10f3531bbb
add exectuable validator 
like the filepath validator but also checks
to see if the file is exectuable by the current
users.
 2014-06-14 18:01:24 -05:00
David Maloney 21f29c4da9
more filepath validators 
added filepath validations to cracker
also made them all conditional validations
 2014-06-14 17:54:37 -05:00
David Maloney 1dd69a5228
wordlist validators 
added custom fielpath vaidator and
added validations to the wordlist class
 2014-06-14 17:49:47 -05:00
David Maloney 466576d03f
jtr wordlist validations started 
start adding validations and exceptions for the
JtR Wordlist class.
 2014-06-14 16:16:30 -05:00
David Maloney 19231b7c8f
starting skeleton on wordlist class 
start framing out JtR wordlist class that
will generate Wordlists to be passed to our
JtR cracker.
 2014-06-14 15:48:25 -05:00
David Maloney 41f7bc1372
add common root words wordlist 
this adds a new wordlist to the data directory.
This wordlist is compiled from statistical analysis of
common Numeric passwords and Common rootwords across
6 years of colleted password breach dumps. Every word in
this list has been seen thousands of times in password
breaches
 2014-06-14 14:13:59 -05:00
David Maloney 873d6e5b99
add all the specs 2014-06-14 12:28:17 -05:00
Michael Messner 12ec785bdb clean up, echo stager, concator handling 2014-06-14 17:37:09 +02:00
Michael Messner 8eb21ded97 clean up 2014-06-14 17:02:55 +02:00
Tim Wright 9b43749916
Land #3418 - android adobe reader addjisf pdf exploit 
Merge branch 'landing-3418' into upstream-master
 2014-06-14 11:25:29 +01:00
jakxx 3abfa3e12e change to case switch 2014-06-13 19:17:28 -04:00
David Maloney 300baa577c
moar specs! 2014-06-13 17:34:16 -05:00
James Lee 4b78f0ad7c
Merge branch 'feature/MSP-9723/glassfish_deployer' into staging/electro-release 2014-06-13 16:11:14 -05:00
David Maloney b784bea48e
slow roll of specs for jtr cracker 
slowly adding spec coverage for the JtR cracker
 2014-06-13 16:08:56 -05:00
James Lee 07d8921b0b
Merge branch 'feature/MSP-9747/pgpass_creds' into staging/electro-release 2014-06-13 16:06:15 -05:00
James Lee d246e28cb3
Merge branch 'feature/MSP-9733/ftpnavigator' into staging/electro-release 2014-06-13 16:03:06 -05:00