infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
39,053 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

39053 Commits (05afaa1162e2ec65db5dd32093a9f32c72766642)

Author SHA1 Message Date
wchen-r7 bca0d716c0
Land #7047, Ensure http_login scanner module saves passwds 2016-07-01 12:21:28 -05:00
ssyy201506 1bf03ab4ec Merge pull request #1 from wvu-r7/pr/6954 
Fix some silly things in payload land
 2016-07-02 01:01:52 +09:00
Brendan 70a79bb0e8
Land #7014, Nagios remote root shell exploit 2016-07-01 08:17:38 -07:00
William Webb 2e97a08954
Land #7046, Pad host field in notes -d command 2016-07-01 10:14:45 -05:00
William Webb 02d40eb576
Land #7044, Pass exploit SRVPORT in BrowserAutopwn2 2016-07-01 09:49:05 -05:00
William Vu 4b01213fb5 Rewrite the logic to be positive 
unless is the devil. unless/else doubly so.
 2016-07-01 09:15:42 -05:00
William Vu a1bd640eff Fix hashrocket alignment 2016-07-01 09:05:03 -05:00
William Vu d42d9f8557 Add module docs to appease the Thao god 2016-07-01 01:17:27 -05:00
William Vu 9663f88fdc Download profile.zip instead of including it 
profile.zip is GPL-licensed...
 2016-07-01 01:17:23 -05:00
Pearce Barry 159446ce92 Ensure http_login scanner module saves passwds. 
Fixes #6983.  When the auxiliary/scanner/http/http_login module discovers a successful basic auth user+password combination, make sure we properly store the password by specifically telling the credentials gem that the private data we're storing is a :password.
 2016-06-30 16:58:39 -05:00
William Vu 6e1b6e96a9
Land #7032, rm -rf lib/rex/encoders 
Dead code!
 2016-06-30 16:32:14 -05:00
William Vu f0cd25dcee
Land #7035, lib/sshkey* swap to gem 2016-06-30 16:25:27 -05:00
William Webb 1401a61f59
Land #6998, Fix #6984 Undefined method 'winver' in ms10_092_schelevator 2016-06-30 16:14:09 -05:00
William Vu fec2301fc8
Land #7037, db_export -f xml stack trace fix 
Missed during the Rails upgrade.
 2016-06-30 15:58:38 -05:00
Brent Cook cdf3c63af9
Land #7045, Fix interactive shell with Windows Meterpreter 2016-06-30 15:51:33 -05:00
William Vu 343f4010bd Prefer newer hash syntax 2016-06-30 15:43:06 -05:00
wchen-r7 dbcdc300e5 Fix #7019, Pad host field in notes -d command 
The notes -d command is always expecting a host address, but
fileformat exploits don't have this type of information when the
exploit file is generated, therefore there isn't enough fields
provided for Rex table.

Fix #7019
 2016-06-30 15:38:58 -05:00
Brent Cook d6c7ac51d6 Fix interactive shell with Windows Meterpreter 
see https://github.com/rapid7/metasploit-payloads/pull/105
 2016-06-30 15:34:40 -05:00
William Vu 20c2a10e8a
Add note about issues to CONTRIBUTING.md 2016-06-30 15:14:59 -05:00
wchen-r7 118caa13bf Fix #7021, Pass exploit SRVPORT in BrowserAutopwn2 
In BrowserAutoPwn2, the mixin forgets to pass the SRVPORT datastore
option to the exploits, so they always use the default 8080. As a
result, if a different SRVPORT is set, BAP2 would be serving the
target machine with bad exploit links.

Fix #7021
 2016-06-30 14:20:53 -05:00
HD Moore 23399326c2 Fix up double slashes, tweak syntax 2016-06-30 12:56:29 -05:00
agix 3edb0b3625 Reduce chance to get a null byte in the decoder stub 2016-06-30 19:14:32 +02:00
agix 31ea58d7f0 Inherit from Msf::Encoder::Xor to get key preventing badchars 
I guess it what Msf::Encoder::Xor find_bad_keys is for.
 2016-06-30 18:29:30 +02:00
wchen-r7 1ecef265a1 Do a fail_with in case nonce is not found at all 2016-06-30 11:21:45 -05:00
wchen-r7 e2b9225907 Fix #7022, Failing to find wpnonce in fetch_ninja_form_nonce 
This patch fixes a problem when the module is used against an older
version of ninja forms (such as 2.9.27), the nonce is found in a
hidden input instead of the JavaScript code, which actually causes
an undefined method 'gsub' bug in the module.

Fix #7022
 2016-06-30 11:15:38 -05:00
Tod Beardsley afbeb2b668
Land #7023, fixes for swagger exploit 
Thanks @sdavis-r7!

See #7015 as well.
 2016-06-30 10:54:34 -04:00
Tod Beardsley d1281b6594
Chmod to remove the exec bit. 2016-06-30 10:43:46 -04:00
ssyy201506 0a85f1d233 Fix an error when exiting a interactive shell 2016-06-30 16:19:10 +09:00
Francesco 068a4007de Riverbed SteelCentral NetProfiler & NetExpress Exploit Module 
Changes to be committed:
    new file:   modules/exploits/linux/http/riverbed_netprofiler_netexpress_exec.rb
 2016-06-29 22:27:40 -04:00
agix 8a777bec41 Forget to rename function after msftidy correction 2016-06-29 23:30:48 +02:00
agix c489c5ce3e Add two x64 encoders to improve anti-virus evasion 2016-06-29 23:11:24 +02:00
Pearce Barry 5e39f895cf Fix exception on msf 'db_export' cmd (see #7008) 
Users reported (in GitHub issue #7008) hitting an exception when attempting to export the contents of the msf database (i.e. workspaces, hosts, events, etc.) via the 'db_export' command.  After some digging, it appears there were a few ActiveRecord changes with the new Rails upgrade that require a couple mods to the way we are querying.
 2016-06-29 16:02:31 -05:00
William Vu 68bd4e2375 Fire and forget the shell 
Edge case where reverse_perl returns 302 when app is unconfigured.
 2016-06-29 14:51:05 -05:00
David Maloney 80563b2c0f
Merge branch 'master' into feature/MS-1700/sshkey-gem 2016-06-29 09:44:57 -05:00
Brendan 55457ef977
Land #7034, use the bit-struct gem 2016-06-29 07:35:00 -07:00
thao doan 80c65ec4fc Land #7020, Added documentation for Netbios Spoof module 2016-06-28 14:26:26 -07:00
Pearce Barry d186844cde
Land #7033, Use the proper Author key, not Authors 2016-06-28 16:20:43 -05:00
David Maloney a796a1bc63
wierd namespace issues? 2016-06-28 16:13:49 -05:00
David Maloney 2dba09a9ce
unvendor sshkey gem 
use the actual maintained gem rather than our vendored
copy

MS-1700
 2016-06-28 16:10:48 -05:00
David Maloney dcddd2d671
use the bit-struct gem 
removed vendored copy of bit-struct and use the gem
instead

MS-1699
 2016-06-28 15:58:47 -05:00
David Maloney 39fa8bf2d4
missing require 2016-06-28 15:40:56 -05:00
David Maloney 3d93c55174
move sshfactory into a mixin method 
use a convience method to DRY up creation
of the SSHFactory inside modules. This will make it easier
to apply changes as needed in future. Also changed msframework attr
to just framework as per our normal convention

MS-1688
 2016-06-28 15:23:12 -05:00
James Lee 4e63591ce8
Use the proper Author key, not Authors 2016-06-28 15:21:19 -05:00
David Maloney ee2d1d4fdc
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup 2016-06-28 15:00:35 -05:00
David Maloney 356f4fd54d
delete deprecated lib/rex/encoders 
this directory is all dead code and has been replaced with
the lib/rex/encoder directory. these files should have been
purge a long time ago for cleanlieness

MS-1692
 2016-06-28 14:43:39 -05:00
David Maloney 0a83b34a85
Land #7025, dev's PR for rex-java 
lands the pr for moving Rex::Java into it's own gem
 2016-06-28 14:40:02 -05:00
David Maloney d90f0779f8
Land #7009, egypt's rubyntlm cleanup 
Land egypt's PR to replace all of our NTLM code with
the rubyntlm gem
 2016-06-28 14:15:34 -05:00
David Maloney 97f9ca4028
Merge branch 'master' into egypt/ruby-ntlm 2016-06-28 14:14:56 -05:00
Metasploit e3e360cc83
Bump version of framework to 4.12.10 2016-06-28 12:13:26 -07:00
Adam Cammack ac5d2709cf
Land #7031, Revert #6729 2016-06-28 13:52:53 -05:00