infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
21,829 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

577 Commits (0a7c0eea7834f0ddd584c8719c5b91ffde9f5c11)

Author SHA1 Message Date
sinn3r a75a4906f2 Description update 2013-08-16 23:28:24 -05:00
jvazquez-r7 a8cc15db20 Add module for ZDI-13-178 2013-08-16 18:13:18 -05:00
HD Moore 6c1ba9c9c9 Switch to Failure vs Exploit::Failure 2013-08-15 14:14:46 -05:00
sinn3r 98e0053dc6 Fix indent level 2013-08-14 13:07:01 -05:00
bcoles 7145a85fb4 Add MiniWeb (Build 300) Arbitrary File Upload 2013-08-15 01:01:46 +09:30
jvazquez-r7 568181de84 Add sthetic spaces 2013-08-12 22:33:34 -05:00
jvazquez-r7 6d70d4924e Land #2206, @PsychoSpy module for OSVDB 94097 2013-08-12 22:27:03 -05:00
jvazquez-r7 7981601eb8 Do final cleanup on intrasrv_bof 2013-08-12 22:24:53 -05:00
sinn3r 2d3c2c1c87 Set default target to 0 because there's only one 2013-08-12 20:01:23 -05:00
sinn3r 51d9c59dcd Extra tabs, bye 2013-08-12 19:13:20 -05:00
Nathan Einwechter db78ffcc46 ... 2013-08-12 18:21:10 -04:00
Nathan Einwechter 49bcec5c92 Additional cleanup 2013-08-12 18:20:03 -04:00
Nathan Einwechter 7014322dfd Code cleanup 2013-08-12 18:16:00 -04:00
Nathan Einwechter 264fe32705 Added new badchars 2013-08-12 18:08:49 -04:00
Nathan Einwechter bbc93b2a58 msftidy 2013-08-12 15:14:01 -04:00
Nathan Einwechter 28f030494e Use tcp mixin/clean corrupt bytes 2013-08-12 15:12:15 -04:00
Nathan Einwechter 7854c452d2 Added more payload padding 2013-08-12 11:10:10 -04:00
Nathan Einwechter 9f33a59dc2 Fix target ret 2013-08-12 11:04:55 -04:00
Nathan Einwechter 6f96445b42 Change target ret/cleanup 2013-08-12 10:13:48 -04:00
Nathan Einwechter a35d548979 Use HttpClient 2013-08-12 10:01:01 -04:00
Nathan Einwechter 896320ed42 fix typo 2013-08-11 16:48:43 -04:00
Nathan Einwechter 4b14fa53e0 tidy debugs 2013-08-11 16:39:41 -04:00
Nathan Einwechter 90ef224c46 Implement CVE-2012-5019 2013-08-11 16:33:40 -04:00
Nathan Einwechter 185ef2ecae msftidy 2013-08-10 16:01:44 -04:00
Nathan Einwechter 6fe4e3dd0e Added Intrasrv 1.0 BOF 2013-08-10 15:56:07 -04:00
Markus Wulftange 8cc07cc571 Merge Linux and Windows exploit in multi platform exploit 2013-08-02 18:49:03 +02:00
Ruslaideemin f927d1d7d3 Increase exploit reliability 
From some limited testing, it appears that this exploit is
missing \x0d\x0a in the bad chars. If the generated payload / hunter
or egg contain that combination, it seems to cause reliability issues
and exploitation fails.

The home page for this software can be found at
http://www.leighb.com/intrasrv.htm
 2013-08-02 09:06:20 +10:00
Markus Wulftange 4a127c2ed2 Add hp_sys_mgmt_exec module for Linux and enhance module for Windows 
The hp_sys_mgmt_exec module for Linux is a port of the Windows module with minor changes due to the requirement of quotes. It also uses Perl instead of PHP as PHP may not always be in the environment PATH. Although the Windows module works perfectly, it now uses the same technique to encode the command (thankfully, PHP adopted major syntax characteristics and functions from Perl).
 2013-07-31 22:05:25 +02:00
Tod Beardsley 7e539332db Reverting disaster merge to 593363c5f with diff 
There was a disaster of a merge at 6f37cf22eb that is particularly
difficult to untangle (it was a bad merge from a long-running local
branch).

What this commit does is simulate a hard reset, by doing thing:

 git checkout -b reset-hard-ohmu
 git reset --hard 593363c5f9
 git checkout upstream-master
 git checkout -b revert-via-diff
 git diff --no-prefix upstream-master..reset-hard-ohmy > patch
 patch -p0 < patch

Since there was one binary change, also did this:

 git checkout upstream-master data/exploits/CVE-2012-1535/Main.swf

Now we have one commit that puts everything back. It screws up
file-level history a little, but it's at least at a point where we can
move on with our lives. Sorry.
 2013-07-29 21:47:52 -05:00
jvazquez-r7 99a345f8d1 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-22 13:54:26 -05:00
Tod Beardsley 164153f1e6 Minor updates to titles and descriptions 2013-07-22 13:04:54 -05:00
jvazquez-r7 15b0e39617 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-21 13:47:40 -05:00
jvazquez-r7 cb108a8253 Add module for ZDI-13-147 2013-07-18 15:37:11 -05:00
jvazquez-r7 1a5e0e10a5 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-18 13:53:57 -05:00
sinn3r b90e1d54e2 Land #2117 - HP Managed Printing Administration jobAcct Command Exec 2013-07-18 13:21:11 -05:00
sinn3r 280529f885 Make some changes to the description 2013-07-18 13:20:36 -05:00
jvazquez-r7 52079c960f Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-18 12:52:42 -05:00
sinn3r b94cde1d65 Name change for pyoor 2013-07-18 10:50:25 -05:00
jvazquez-r7 3780b1b59f Add module for ZDI-11-352 2013-07-18 09:39:55 -05:00
jvazquez-r7 90b30dc317 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-26 14:31:52 -05:00
Steve Tornio 6ea622c45e reference updates 2013-06-26 09:44:56 -05:00
jvazquez-r7 7ab4d4dcc4 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-25 17:34:29 -05:00
Steve Tornio 5b71013dde reference updates 2013-06-25 13:41:22 -05:00
jvazquez-r7 0c306260be Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-25 09:13:01 -05:00
sinn3r 4df943d1a2 CVE and OSVDB update 2013-06-25 02:06:20 -05:00
jvazquez-r7 2150d9efb0 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-22 12:06:18 -05:00
sinn3r 5de7fff685 Credit 2013-06-21 21:38:40 -05:00
Markus Wulftange afa0e6c42a Use CmdStagerVBS instead of CmdStagerTFTP 
By using `php.exe` as stager, the bad characters can be completely
bypassed. This allows the use of the CmdStagerVBS, which should be
working on all supported Windows systems.
 2013-06-22 01:13:03 +02:00
jvazquez-r7 785639148c Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-20 17:18:42 -05:00
sinn3r 8dfe9b5318 Add login feature 2013-06-20 04:16:23 -05:00
sinn3r ebde05b783 Improve check 2013-06-20 03:18:33 -05:00
sinn3r 20621d17de Add CVE-2013-3576 - HP System Management Homepage exploit 2013-06-20 03:08:42 -05:00
jvazquez-r7 b20a38add4 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-10 12:22:52 -05:00
Tod Beardsley f58e279066 Cleanup on module names, descriptions. 2013-06-10 10:52:22 -05:00
jvazquez-r7 e5a17ba227 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-05 09:41:23 -05:00
sinn3r 0c1d46c465 Add more references 2013-06-05 02:43:43 -05:00
sinn3r 46aa6d38f8 Add a check for it 2013-06-05 02:41:03 -05:00
sinn3r a270d37306 Take apart the version detection code 2013-06-05 02:34:35 -05:00
sinn3r 25fe03b981 People like this format better: IP:PORT - Message 2013-06-05 02:26:18 -05:00
sinn3r 02e29fff66 Make msftidy happy 2013-06-05 02:25:08 -05:00
sinn3r 35459f2657 Small name change, don't mind me 2013-06-05 02:18:11 -05:00
sinn3r 227fa4d779 Homie needs a default target 2013-06-05 02:16:59 -05:00
steponequit ed4766dc46 initial commit of novell mdm modules 2013-06-04 09:20:10 -07:00
jvazquez-r7 0f3b13e21d up to date 2013-05-16 15:02:41 -05:00
James Lee 3009bdb57e Add a few more references for those without 2013-05-16 14:32:02 -05:00
jvazquez-r7 352a7afcd6 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-14 22:29:24 -05:00
jvazquez-r7 ce594a3ba2 Deprecate modules/exploits/windows/http/sap_mgmt_con_osexec_payload 2013-05-12 08:46:40 -05:00
jvazquez-r7 a4632b773a Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-28 12:59:16 -05:00
jvazquez-r7 99b46202b9 Do final cleanup for sap_configservlet_exec_noauth 2013-04-26 08:45:34 -05:00
jvazquez-r7 308b880d79 Land #1759, @andrewkabai's exploit for SAP Portal Command Execution 2013-04-26 08:44:11 -05:00
Andras Kabai 5839e7bb16 simplify code 2013-04-26 12:14:42 +02:00
Andras Kabai 4aadd9363d improve description 2013-04-26 12:13:45 +02:00
sinn3r f3f60f3e02 Fixes P/P/R for target 0 (BadBlue 2.72b) 
Target 1, which covers 2.72b, uses an invalid P/P/R from some unknown
DLL, and appears to be broken.  Because 2.72b actually uses the same
ext.dll as BadBlue EE 2.7 (and that target 0 actually also works
against 2.72b), we might as well just use the same P/P/R again.

[FixRM #7875]
 2013-04-25 20:20:24 -05:00
Andras Kabai 9dd9b2d1ba implement cleanup functionality 
register DELETE_FILES advanced option to take control of the cleanup
functionality of CmdStagerVBS and FileDropper, implement the necessary
changes
 2013-04-25 20:02:24 +02:00
Andras Kabai a28ef1847b update references 2013-04-25 18:26:13 +02:00
Andras Kabai 676f2f5f4a implement "check" functionality 2013-04-25 07:47:30 +02:00
Andras Kabai 3b46d5d4cd fix typos 2013-04-25 07:22:16 +02:00
Andras Kabai 2759ef073e correction on error handling 2013-04-25 07:19:27 +02:00
Andras Kabai 6b14ac5e71 add rank to module 2013-04-25 07:07:35 +02:00
Andras Kabai f22d19a10c remove unused code block 
ARCH_CMD was implemented in previous version of this code.
 2013-04-24 21:51:35 +02:00
Andras Kabai 0339be229a implement dynamic timeout handling 2013-04-24 18:22:37 +02:00
Andras Kabai 6f8fc81497 improve error handling 2013-04-24 17:59:11 +02:00
Andras Kabai 57113bee80 fine correction 
add license
remove one unnecessary tab to make msftidy happy
 2013-04-24 15:07:32 +02:00
Andras Kabai 6485124cdf fix module name 2013-04-24 10:54:52 +02:00
Andras Kabai 358b8934bf clarify description 2013-04-24 10:31:40 +02:00
Andras Kabai 00e6eeca54 implement command line magick to prevent bad char usage 
commas in the HTTP queries are not allowed but the VBS stager contains
some, therefore it was necessary to find a way to echo out commas
without directly use them.
thanks to Laszlo Toth to help me figure out this windows command line
trick.
 2013-04-24 09:46:36 +02:00
Andras Kabai 783cca6c17 allow only ARCH_X86 payloads 2013-04-24 09:29:47 +02:00
Andras Kabai 750638e4d6 note on bad characters 2013-04-22 17:24:08 +02:00
Andras Kabai a1e52b5b27 command execution needs cmd /c 2013-04-22 10:20:45 +02:00
Andras Kabai d26289e05a proper output handling in case of CMD payloads 2013-04-20 17:38:58 +02:00
Andras Kabai d59ba37e6d resize linemax 2013-04-20 17:37:50 +02:00
Andras Kabai e36b58169b implement CmbStagerVBS payload execution 2013-04-20 16:37:47 +02:00
Andras Kabai 8244c4dcac multiple payload types, different paths to execute payloads 2013-04-20 14:20:30 +02:00
Andras Kabai 7b6a784a84 basic payload execution through OS command execution 2013-04-20 13:02:22 +02:00
Andras Kabai 223556a4e6 switch to exploit module environment 
switch to Msf::Exploit, change the necessary declarations, start to
change the exploitation process
 2013-04-20 12:30:44 +02:00
Andras Kabai cff47771a2 initial commit 
the original aux module will be the base of the exploit module
 2013-04-20 11:32:05 +02:00
jvazquez-r7 cc35591723 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-15 17:43:15 -05:00
Tod Beardsley 29101bad41 Removing VERBOSE offenders 2013-04-15 15:29:56 -05:00
jvazquez-r7 393d5d8bf5 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-25 19:09:42 +01:00
jvazquez-r7 d54687cb37 fix typo 2013-03-25 00:58:47 +01:00