infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
39,865 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

39865 Commits (05ffa0074c0cd420f4cf737b790edb605651e525)

Author SHA1 Message Date
zerosum0x0 455936ef70 Merge branch 'master' of github.com:RiskSense-Ops/metasploit-framework 2016-09-23 18:22:27 +00:00
zerosum0x0 480e97399f added all leaked versions 2016-09-23 18:22:21 +00:00
dmohanty-r7 00c02bb132
Land #7349, Add initialization of RHOST value prior to calling child check() 2016-09-23 12:28:08 -05:00
Metasploit 3ddf80dd7a
Bump version of framework to 4.12.28 2016-09-23 10:02:37 -07:00
Joshua J. Drake dbf66f27d5 Add a browser-based exploit module for CVE-2015-3864 2016-09-23 11:14:31 -05:00
Tijl Deneut 2fab62b14d Update profinet_siemens.rb 
Removed unnecessary rescue, gave "timeout" variable a better name.
 2016-09-23 18:05:45 +02:00
George Papakyriakopoulos f1f6184a99 Merge pull request #1 from gpapakyriakopoulos/gpapakyriakopoulos-prompt-fix 
Fixed interactive password prompt issue
 2016-09-23 17:04:14 +01:00
George Papakyriakopoulos 639dee993a Fixed interactive password prompt issue 
Fixed an issue where the exploit would drop to interactive password prompt by default on newer ruby version which rendered the exploit unusable. It now properly forces pubkey authentication instead and proceeds with the bypass as expected.
 2016-09-23 17:03:40 +01:00
TheNaterz 98cf5d8eb5 Changed 'build_offsets' to 'build_payload' 2016-09-23 09:32:17 -06:00
zerosum0x0 1868371ba7 fix merge conflicts 2016-09-23 14:49:36 +00:00
zerosum0x0 2591d0b7c6 numerous fixes as per @busterb 2016-09-23 14:46:40 +00:00
Pearce Barry 5de1d34869
Land #7341, add module metasploit_static_secret_key_base 2016-09-23 09:20:48 -05:00
h00die cba297644e post to local conversion 2016-09-22 22:08:24 -04:00
h00die 3dff41c833 documentation update 2016-09-22 21:06:31 -04:00
TheNaterz dda6b67928 Added basic error handling for unsupported ASA versions 2016-09-22 18:24:25 -06:00
TheNaterz cf070853e9 Moved required datastore option into constructor 2016-09-22 18:08:35 -06:00
h00die 7646771dec refactored for live compile or drop binary 2016-09-22 20:07:07 -04:00
TheNaterz df25f07b34 Replaced '+=' with '<<' 2016-09-22 17:53:28 -06:00
TheNaterz 48f024d22b Merge branch 'master' of github.com:RiskSense-Ops/metasploit-framework 2016-09-22 17:16:47 -06:00
TheNaterz f525c24a9f Added offsets for 8.4(7) 2016-09-22 17:16:37 -06:00
zerosum0x0 28a09c2d13 stupid comment 2016-09-22 22:57:42 +00:00
TheNaterz 7762f42dfa Added offsets for 8.3(1) 2016-09-22 16:17:37 -06:00
TheNaterz 064aed858b Added RiskSense contributor repo to references 2016-09-22 16:10:30 -06:00
TheNaterz 961524d648 Adding offsets for 9.1(1)4 2016-09-22 16:04:44 -06:00
TheNaterz 4e9459d876 Added offsets for 9.0(1) 2016-09-22 15:35:59 -06:00
TheNaterz 5ca6563c8f Fixed problem with 9.2(2)8 offsets 2016-09-22 15:24:49 -06:00
TheNaterz b77adc97f0 Removing redundant version check 2016-09-22 15:05:42 -06:00
TheNaterz c22a2a19e8 Added offsets for 9.2(2)8 2016-09-22 14:59:49 -06:00
TheNaterz e8d1f6d5a0 Added offsets for 8.2(3) 2016-09-22 14:38:52 -06:00
Jenna Magius a0ba8b7401 Fix whitespace per msftidy 2016-09-22 14:25:04 -06:00
TheNaterz 022189c075 Added offsets for 8.4(3) 2016-09-22 14:12:33 -06:00
zerosum0x0 4288c3fb46 added always_return_true variable 2016-09-22 19:44:55 +00:00
TheNaterz c18045128a Replaced global vars, made 'patched_code' value static 2016-09-22 13:42:23 -06:00
Pearce Barry 50eaaece1c
Land #7347, bump metasploit_data_model gem ver to pick up MAC validation. 2016-09-22 13:12:14 -05:00
zerosum0x0 3c7fc49788 Added module auxiliary/admin/cisco/cisco_asa_extrabacon 
This module patches the authentication functions of a Cisco ASA
to allow uncredentialed logins. Uses improved shellcode for payload.
 2016-09-22 18:06:03 +00:00
wchen-r7 3cd8d931c1
Land #7352, Update samsung_security_manager_put for reliability 2016-09-22 12:42:47 -05:00
wchen-r7 bc425b0378 Update samsung_security_manager_put 
This patch improves the following

* Stage 1 XSS/JS attack to use the body.onload callback
* Better timing for FF
 2016-09-22 12:02:49 -05:00
Tim c13ab28a5b remove debug statement 2016-09-22 16:27:11 +01:00
Tim 34e02fe097 stageless http 2016-09-22 16:26:26 +01:00
Tim acb3e66064 fix comments 2016-09-22 16:26:26 +01:00
Tim 1b911e7117 placate msftidy 2016-09-22 16:26:26 +01:00
Tim 32c2311b86 android meterpreter_reverse_tcp 2016-09-22 16:26:26 +01:00
Brent Cook 2ec87d1f67 check if constant aliases are already set before setting 
(I'm presuming that was what removing was intended to help with)
 2016-09-22 07:12:42 -05:00
Brent Cook 4acb29a129 restore NTLM constant class shortcuts 2016-09-22 07:01:38 -05:00
OJ 438ba0e065
Fix missing text in test coverage 2016-09-22 16:49:37 +10:00
OJ af4b1cf48f
Add the `sess` command to MSF and Meterp shells 
This new command is a simpler shortcut that allows for moving around sessions much faster from within the console.

* From inside MSF, `sess <id>` is shorthand for `sessions -i <id>`
* From inside Meterp, `sess <id>` is shorthand for `background; sessions -i <id>`

In the latter case, if the session being switched to is the same id, then no swiching happens.
 2016-09-22 16:09:59 +10:00
Brent Cook 9f3c8c7eee
Land #7268, add metasploit_webui_console_command_execution post-auth exploit 2016-09-22 00:50:58 -05:00
Brent Cook 52d0840a79
Land #7276, fix clipboard tlv usage 2016-09-22 00:47:18 -05:00
Brent Cook b4b709d921
Land #7342, remove OSVDB links and references from library code - leave in modules 2016-09-22 00:45:05 -05:00
Brent Cook 1016e4d394
Land #7345, Updated sap_icm_paths.txt to match the equivalent file in fuzzdb 
See https://github.com/fuzzdb-project/fuzzdb/blob/master/discovery/predictable-filepaths/webservers-appservers/SAP.txt
 2016-09-22 00:35:12 -05:00