infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
34,531 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

34531 Commits (06ed7ba574d9d157b48c4951a9db18cd70462af9)

Author SHA1 Message Date
jvazquez-r7 858f63cdbf
Land #5693, @xistence VNC Keyboard EXEC module 2015-07-10 18:35:44 -05:00
jvazquez-r7 1326a26be5
Do code cleanup 2015-07-10 18:35:13 -05:00
Brent Cook 8349a274ea use and include git hash of Framework as part of the version 
Because we do not always update the version number, multiple releases have
shown version string, which is not useful for helping debug issues, or for
knowing what features are enabled.

This adds the git hash or reads from a file a copy of the git hash (useful for
doing packaged builds without git) so that it is clear the origin of a
particular metasploit-framework version.
 2015-07-10 18:03:37 -05:00
jvazquez-r7 917282a1f1
Fix ranking 2015-07-10 17:49:15 -05:00
jvazquez-r7 e063e26627
Land #5689, @xistence's module for Western Digital Arkeia command injection 2015-07-10 17:11:35 -05:00
jvazquez-r7 bdd8b56336
fix comment 2015-07-10 16:28:20 -05:00
jvazquez-r7 95ae7d8cae
Fix length limitation 2015-07-10 16:24:49 -05:00
Mo Sadek 3347b90db7 Land #5676, print_status with ms14_064 2015-07-10 14:40:49 -05:00
jvazquez-r7 29a497a616
Read header as 6 bytes 2015-07-10 14:25:57 -05:00
wchen-r7 c8c3e1a258 Fix rspec 2015-07-10 13:42:25 -05:00
wchen-r7 89aa00cfc4 Check job workspace 2015-07-10 13:09:42 -05:00
jvazquez-r7 bed3257a3f
Change default HTTP_DELAY 2015-07-10 12:50:26 -05:00
jvazquez-r7 c9d2ab58d3
Use HttpServer::HTML 
* And make the exploit Aggressive
 2015-07-10 12:48:21 -05:00
wchen-r7 086de2c030 Pass more options 2015-07-10 12:39:43 -05:00
wchen-r7 513dcf3574 We don't need these methods anymore 2015-07-10 12:12:53 -05:00
Brent Cook 493971245a switch nsock locally to TLS - don't assume self.sock is set 2015-07-10 12:10:53 -05:00
jvazquez-r7 e1192c75a9
Fix network communication on `communicate` 
* Some protocol handling just to not read amounts of data blindly
 2015-07-10 11:57:48 -05:00
Tod Beardsley 9206df077f
Land #5694, R7-2015-08 2015-07-10 11:42:57 -05:00
jvazquez-r7 9ba515f185
Fix network communication on `check` 
* Some protocol handling just to not read amounts of data blindly
 2015-07-10 11:32:49 -05:00
HD Moore 728b338593 Give msftidy a cookie 2015-07-10 11:28:10 -05:00
Brent Cook 3495d317b5 Do not lock SMTP STARTTLS to only use SSLv3 
SSLv3 has been deprecated for some time, and is being actively disabled more
and more (http://disablessl3.com, https://tools.ietf.org/html/rfc7568).

To maintain forward compatibility, do not specify a maximum version
and insteady use the default from the local OpenSSL library instead. Fallbacks
to older versions will happen on handshake as needed.
 2015-07-10 11:17:31 -05:00
HD Moore cf4b18700d Fix CVE reference 2015-07-10 11:14:59 -05:00
jvazquez-r7 c70be64517
Fix version check 2015-07-10 10:57:55 -05:00
jvazquez-r7 34a6984c1d
Fix variable name 2015-07-10 10:44:38 -05:00
jvazquez-r7 2c7cc83e38
Use single quotes 2015-07-10 10:34:47 -05:00
jvazquez-r7 f66cf91676
Fix metadata 2015-07-10 10:33:02 -05:00
HD Moore a74526a2d9
Land #5690, fix URL generation for reverse_http 2015-07-10 09:07:04 -05:00
xistence b916a9d267 VNC Keyboard Exec 2015-07-10 14:08:32 +07:00
OJ 85769808cc Update metasploit payloads to 1.0.6 2015-07-10 16:28:20 +10:00
OJ 51f59b3c8c Re-add URI generation to reverse_http 2015-07-10 16:21:55 +10:00
xistence 52d41c8309 Western Digital Arkeia 'ARKFS_EXEC_CMD' <= v11.0.12 Remote Code Execution 2015-07-10 09:51:28 +07:00
wchen-r7 f59c99e2ff Remove msfcli, please use msfconsole -x instead 
msfcli is no longer supported, please use msfconsole.

Announcement on SecurityStreet:
Weekly Metasploit Wrapup
Posted by Tod Beardsley in Metasploit on Jan 23, 2015 11:57:05 AM
 2015-07-09 12:50:02 -05:00
Michael Messner d7beb1a685 feedback included 2015-07-09 08:31:11 +02:00
HD Moore 67666160e8 Add patched server detection 2015-07-08 13:47:59 -05:00
HD Moore 25e0f888dd Initial commit of R7-2015-08 coverage 2015-07-08 13:42:11 -05:00
wchen-r7 21e44f235e Example of doing Flash detection with Flash 2015-07-08 13:18:57 -05:00
jvazquez-r7 768dca514a
Land #5685, @wchen-r7's check for IE11/Win8 2015-07-08 13:15:07 -05:00
wchen-r7 a3ec56c4cb Do it in on_request_exploit because it's too specific 2015-07-08 12:32:38 -05:00
wchen-r7 cefbdbb8d3 Avoid unreliable targets 
If we can't garantee GreatRanking on specific targets, avoid them.
 2015-07-08 12:12:53 -05:00
Brent Cook a12c84d537
Land #5411, proxy support for winhttp stagers 2015-07-07 23:23:19 -05:00
Brent Cook c86d16ffb6 update payload sizes 2015-07-07 23:15:57 -05:00
Brent Cook 0b59e63084 keep advanced options on the fat side of the conditional 2015-07-07 22:44:34 -05:00
Brent Cook 23abc288c8 Resolved conflicts with master 2015-07-07 22:34:30 -05:00
wchen-r7 adfb663343
Land #5682, Update Flash CVE-2015-5119 ranking 2015-07-07 15:57:28 -05:00
wchen-r7 6a33807d80 No Chrome for now 2015-07-07 15:56:58 -05:00
jvazquez-r7 f8b668e894
Update ranking and References 2015-07-07 15:43:02 -05:00
jvazquez-r7 6a50b1583a
Land #5681, @todb-r7 adds CVE for the last flash exploit 2015-07-07 14:56:45 -05:00
Tod Beardsley 116c3f0be1
Add CVE as a real ref, too 2015-07-07 14:46:44 -05:00
Tod Beardsley 3d630de353
Replace with a real CVE number 2015-07-07 14:44:12 -05:00
wchen-r7 fdb715c9dd
Merge branch 'upstream-master' into bapv2 2015-07-07 13:45:39 -05:00