infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
28,492 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

28492 Commits (0919f74a3de947d14100e5834771d54e7a4b712d)

Author SHA1 Message Date
jvazquez-r7 74ac16081f
Land #3981, @wchen-r7 Fixes #3974, axis_login.rb does not normalize URI 2014-10-20 17:51:13 -05:00
jvazquez-r7 00f137cdcf
Land #4040, @nullbind's MS SQL privilege escalation through SQLi 2014-10-20 16:23:50 -05:00
jvazquez-r7 acc590b59c Modify metadata 2014-10-20 16:22:10 -05:00
jvazquez-r7 1381c7fb37 Modify title 2014-10-20 16:17:47 -05:00
jvazquez-r7 323680c31a Clean code 2014-10-20 16:17:06 -05:00
jvazquez-r7 3d03a8c788 Land @jhart-r7's fix for decode_int 2014-10-20 14:44:06 -05:00
Luke Imhoff bf23926314
Spec all posts can be instantiated 
MSP-11145
 2014-10-20 13:42:21 -05:00
jvazquez-r7 c77a0984bd
Land #3989, @us3r777's exploit for CVE-2014-7228, Joomla Update unserialize 
the commit.
 empty message aborts
 2014-10-20 13:39:08 -05:00
Luke Imhoff 535dea1d7d
Spec all nops can be instantiated 
MSP-11145
 2014-10-20 13:35:57 -05:00
Luke Imhoff 594b0bf7bb
Spec all exploits can be instantiated 
MSP-11145
 2014-10-20 13:32:55 -05:00
jvazquez-r7 4e6f61766d Change module filename 2014-10-20 13:31:22 -05:00
Luke Imhoff 103382a2ef
Spec all encoders can be instantiated 
MSP-11145
 2014-10-20 13:31:12 -05:00
jvazquez-r7 e202bc10f0 Fix title 2014-10-20 13:30:44 -05:00
Jon Hart 82de2eb1f3
Fix Rex::Encoder::XDR.decode_int! to properly handle short data 2014-10-20 11:30:13 -07:00
jvazquez-r7 f07c5de711 Do code cleanup 2014-10-20 13:27:48 -05:00
Luke Imhoff 2c997d99b5
Extract module instantiation context to shared examples 
MSP-11145
 2014-10-20 13:21:22 -05:00
Luke Imhoff 7e9398e1af
Spec all auxiliary modules can be instantiated 
MSP-11145
 2014-10-20 12:52:07 -05:00
Tod Beardsley 85f48a3fb2
Land #3738, SMBServer file descriptor updates 2014-10-20 12:40:43 -05:00
sinn3r dbaf9c5857
Land #4001 - HP Data Protector EXEC_INTEGUTIL Remote Code Execution 2014-10-20 11:44:21 -05:00
HD Moore 935a23296d
Updates to NAT-PMP, lands #4041 2014-10-20 11:26:26 -05:00
sinn3r 6b9742b444
Land #3966 - Add exploit for CVE-2014-4872 BMC / Numara Track-It! 2014-10-20 11:23:23 -05:00
William Vu c1c5b0bf6a
Land #4051, typo and grammar fixes 2014-10-20 11:08:37 -05:00
Tod Beardsley 6812b8fa82
Typo and grammar 2014-10-20 11:02:09 -05:00
jvazquez-r7 052a9fec86 Delete return 2014-10-20 10:52:33 -05:00
jvazquez-r7 199f6eba76 Fix check method 2014-10-20 10:46:40 -05:00
James Lee 3051b6c5ba
Clean up exceptions 
Of particular note is mysql, who was rescuing Rex::ConnectionTimeout
*after* Rex::ConnectionError, which never would have fired anyway.
 2014-10-20 10:27:02 -05:00
us3r777 16101612a4 Some changes to use primer 
Follow wiki How-to-write-a-module-using-HttpServer-and-HttpClient
 2014-10-20 17:26:16 +02:00
James Lee b7d69bec83
Restore proxies to ssh scanners 2014-10-20 10:19:06 -05:00
us3r777 1e143fa300 Removed unused variables 2014-10-20 16:58:41 +02:00
jvazquez-r7 57fe829f96 Switch generic_sh's rank to ManualRanking 2014-10-20 09:34:19 -05:00
jvazquez-r7 c991c5e377 Readd generic_sh encoder 2014-10-20 09:33:34 -05:00
nullbind 036d43ba37 fixed logic bug 2014-10-19 20:56:29 -05:00
Martin Vigo a7dc0b9f07 Merge pull request #3 from jhart-r7/landing-4004-jhart 
Final cleanup of LastPass module -- track account, more *print_ cleaning
 2014-10-19 17:19:48 -07:00
Jon Hart 2985b39267
Land #3980, @wchen-r7 fixed #3975 2014-10-19 17:11:06 -07:00
Jon Hart 88c1647c80 Loot the passwords, obviously 2014-10-19 13:11:10 -07:00
Jon Hart 0971d7c3ac Remove ... from prints, only map a browser if we found something 2014-10-19 13:05:11 -07:00
Jon Hart 967800eed0 Track account name for more useful table and prints 2014-10-19 12:59:51 -07:00
Jon Hart 5a05246682 Consistent case in *print_* 2014-10-19 12:30:50 -07:00
William Vu 08715791ed
Land #4048, rsync scanner version check 2014-10-19 14:14:02 -05:00
fmunozs 4976b9a2d9 Merge pull request #1 from zeroSteiner/fix-pr4020-login 
Retry the script page request to get the token
 2014-10-19 13:51:18 -05:00
Spencer McIntyre 005baa7f7e Retry the script page request to get the token 
After logging in to Jenkins the script console page
needs to be requested again to get the CSRF token.
 2014-10-19 14:04:16 -04:00
Brendan Coles 0ede70e7f6 Add exploit module for CUPS shellshock 2014-10-19 17:58:49 +00:00
ikkini c2174c7910 return if no version response received 2014-10-19 00:29:36 +02:00
nullbind 1e2f1eaee0 cleaning up 2014-10-18 12:00:11 -05:00
Martin Vigo 09faf2584f Merge pull request #2 from jhart-r7/landing-4004-jhart 
Fix multiuser LastPass extraction, print/vprint cleanup
 2014-10-17 20:22:20 -07:00
sinn3r d1523c59a9
Land #3965 - BMC Track-It! Arbitrary File Upload 2014-10-17 19:47:42 -05:00
Jon Hart a30663e412
Fix multiuser LastPass extraction, print/vprint cleanup 2014-10-17 17:40:19 -07:00
James Lee 329a600b84
Add tcp evasion options to mssql_login 2014-10-17 17:40:21 -05:00
James Lee 6498ed0dc8
Report the actual host that failed to connect 
Instead of the eventual target where our proxy chain will connect. In
the usual case (no Proxies set), this will be the same output as before.
When proxies are given, the user will see that the first proxy
connection is actually what failed.
 2014-10-17 17:37:04 -05:00
sinn3r 8b5a33c23f
Land #4044 - MS14-060 "Sandworm" 2014-10-17 16:46:32 -05:00