infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,613 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

2732 Commits (0b86ceb52853df94e692f94cec13519aad06d109)

Author SHA1 Message Date
sinn3r cb04e47304 Attempt #2: there's no cli in get_payload 2012-03-08 16:47:49 -06:00
sinn3r 3563fe1b36 The encoder "issue" was just a misconfig on my side. Also there's no cli in get_payload. 2012-03-08 16:41:32 -06:00
sinn3r fee2e1eff9 Minor spray size change 2012-03-08 16:19:51 -06:00
HD Moore 12395c719f Remove debugging code 2012-03-08 16:16:42 -06:00
HD Moore 87274987c1 Remove the now obsolete text about SWF_PLAYER 2012-03-08 16:16:13 -06:00
sinn3r 181fdb7365 A small title change 2012-03-08 16:10:16 -06:00
HD Moore 1271368b6f Redirect to a trailing slash to make sure relative resources load 
properly
 2012-03-08 15:37:06 -06:00
HD Moore b0db18674c Test out new player code 2012-03-08 15:05:12 -06:00
HD Moore eb847a3dfb Add a nicer prefix to the target selection message 2012-03-08 13:46:14 -06:00
Tod Beardsley 5b566b43b4 Catching an update from @hdmoore-r7 
wrt the nuclear option.
 2012-03-08 12:08:39 -06:00
sinn3r edb3f19c12 A little more padding for Win Vista target 2012-03-08 12:04:04 -06:00
Tod Beardsley 18962e1180 Checking in the new Flash exploit to the release 
Using the checkout master directly:

 git checkout master external/source/exploits/CVE-2012-0754/Exploit.as
 git checkout master
modules/exploits/windows/browser/adobe_flash_mp4_cprt.rb
 2012-03-08 11:55:01 -06:00
HD Moore 86fc45810b Remove the resource during cleanup 2012-03-07 23:04:53 -06:00
HD Moore b4e0daf3ca Small tweaks to the adobe mp4 exploit 2012-03-07 22:53:47 -06:00
James Lee 8d93e3ad44 Actually use the password we were given... 2012-03-08 10:17:39 -07:00
sinn3r 9ece7b08fc Add vendor's advisory as a reference 2012-03-08 00:46:34 -06:00
sinn3r 5f92bff697 Make sure no encoder will break the exploit again 2012-03-08 00:44:57 -06:00
sinn3r 2e94b97c82 Fix description 2012-03-07 23:59:51 -06:00
Tod Beardsley 57376a976d Fixes descriptions on new modules. 
Fixing up grammar and removing some editorial verbiage.
 2012-03-07 09:18:47 -06:00
sinn3r 0550b77522 Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-03-07 20:04:04 -06:00
sinn3r 3b4ed13aee Fix typo 2012-03-07 20:03:46 -06:00
Tod Beardsley 33460b6bf4 Fixups on the Adobe Flash exploit description 
Massaged the lines about the phishing campagin use in the wild.
 2012-03-07 19:37:49 -06:00
sinn3r c76f43c066 Add CVE-2012-0754: Adobe Flash Player MP4 cprt overflow 2012-03-07 19:24:00 -06:00
Tod Beardsley f97dc8dee7 Fix spelling of the IBM product iSeries 
Was I-Series.
 2012-03-07 15:24:15 -06:00
sinn3r 7dfba9c00d Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-03-07 14:51:39 -06:00
sinn3r 0ee7788028 Add a check to detect the vulnerable version of Sysax SSH 2012-03-07 14:51:21 -06:00
Tod Beardsley ba2bf194fd Fixes descriptions on new modules. 
Fixing up grammar and removing some editorial verbiage.
 2012-03-07 09:17:22 -06:00
James Lee 02ea38516f Add a check method for tomcat_mgr_deploy 2012-03-06 23:22:44 -07:00
James Lee 2b9acb61ad Clean up some incosistent verbosity 
Modules should use `vprint_*` instead of `print... if
datastore["VERBOSE"]` or similar constructs
 2012-03-06 12:01:20 -07:00
sinn3r 22a12a6dfc Add Lotus CMS exploit (OSVDB-75095) 2012-03-06 11:36:28 -06:00
HD Moore 99177e9d5e Small commit to fix bad reference and old comment 2012-03-06 01:44:26 -06:00
James Lee 70162fde73 A few more author typos 2012-03-05 13:28:46 -07:00
sinn3r 4b1e67f94f Add ROP target for Win2k3 SP1 and SP2 2012-03-04 17:18:34 -06:00
Steve Tornio 8f93a5abbb add osvdb ref 2012-03-03 12:28:30 -06:00
sinn3r fa916d863d Add Sysax SSH buffer overflow exploit 2012-03-03 10:11:51 -06:00
sinn3r 67f788768d Fix tabs 2012-03-01 22:31:08 -06:00
sinn3r fd2d9ae0ea Add MP4 file generating function. Update the description regarding exploit usage. 2012-03-01 22:24:35 -06:00
sinn3r b1b2ec2c7d Merge branch 'CVE-2008-5036_vlc_realtext' of https://github.com/juanvazquez/metasploit-framework into juanvazquez-CVE-2008-5036_vlc_realtext 2012-03-01 21:13:33 -06:00
sinn3r 8bad0033d3 Update description 2012-03-01 19:16:29 -06:00
sinn3r 0bc26c1665 Add CVE-2009-4656: DJ Studio .pls buffer overflow 2012-03-01 19:09:25 -06:00
juan f1a6d8f535 Added exploit module for CVE-2008-5036 2012-03-01 23:06:40 +01:00
sinn3r 5a5e5eab95 Add msvcrt ROP target for IE8 2012-03-01 15:23:41 -06:00
Steve Tornio 2d802750e3 fix osvdb ref 2012-03-01 08:07:11 -06:00
Steve Tornio 256fee3626 add osvdb ref 2012-03-01 08:06:53 -06:00
Tod Beardsley 4369f73c7a Msftidy fixes on new modules 
Dropped a cryptic year reference from jducks' java module, found a
spurious space in thelightcosine's telnet module.
 2012-02-29 10:42:43 -06:00
sinn3r 74cdb5dabc It's a two-space tab, not one space. OMG. 2012-02-29 10:13:29 -06:00
sinn3r 986807e525 Add CVE-2012-0201 IBM Personal Communications .ws buffer overflow 2012-02-28 19:01:54 -06:00
sinn3r 5560087006 Add OSVDB 79438 Asus Net4Switch ActiveX Buffer Overflow 2012-02-28 18:58:28 -06:00
Steve Tornio ef4cdb516d add osvdb ref 2012-02-26 07:13:13 -06:00
sinn3r 7281a0ebdd Add CVE-2011-0923: HP Data Protector CMD_EXEC module (submitted by wireghoul) 2012-02-24 12:06:47 -06:00
sinn3r 339fb8d266 eh, I mean Win2k3 SP0 to SP1 2012-02-23 17:33:49 -06:00
Joshua J. Drake e262d7a7ff Add CVE-2012-0500 Sun Java Web Start exploit 2012-02-23 13:30:45 -06:00
Steve Tornio 08fb03276f add osvdb ref 2012-02-23 07:39:31 -06:00
sinn3r 144fa0dc0e Comment what \x0b\x04 is for 2012-02-22 22:59:43 -06:00
sinn3r 291e083d65 Add CVE-2011-5001: TrendMicro Control Manager 5.5 CmdProcessor Stack Bof 2012-02-22 19:44:47 -06:00
sinn3r 4ee1f989a6 Merge branch 'CVE-2008-1602_orbit_download_failed_bof' of https://github.com/juanvazquez/metasploit-framework 2012-02-22 19:40:56 -06:00
James Lee 5e6c40edfd Remove unnecessary space restrictions. 
This allows using the full range of PHP payloads
 2012-02-21 23:21:07 -07:00
James Lee 464cf7f65f Normalize service names 
Downcases lots and standardizes a few.  Notably, modules that reported a
service name of "TNS" are now "oracle".  Modules that report http
now check for SSL and report https instead.

[Fixes #6437]
 2012-02-21 22:59:20 -07:00
James Lee 7ca573a1b4 Give these two old modules a chance to work by setting a proper arch 
These must have been broken for quite some time.  =/  They should
probably both be ARCH_PHP but I'm reluctant to make that big of a change
without having the target software to test.
 2012-02-21 22:59:20 -07:00
HD Moore 4932a9ca25 Dont dump an HTML document to the console 2012-02-21 23:45:25 -06:00
juan d6310829ea Added module for CVE-2008-1602 2012-02-21 22:36:57 +01:00
Tod Beardsley 4a631e463c Module title normalization 
Module titles should read like titles. For
capitalization rules in English, see:
http://owl.english.purdue.edu/owl/resource/592/01/

The only exceptions are function names (like 'thisFunc()') and specific
filenames (like thisfile.ocx).
 2012-02-21 11:07:44 -06:00
HD Moore ceb4888772 Fix up the boilerplate comment to use a better url 2012-02-20 19:40:50 -06:00
HD Moore ab92e38628 Small cosmetic change to module descriptions 2012-02-20 19:29:51 -06:00
HD Moore af56807668 Cleanup the titles of many exploit modules 2012-02-20 19:25:55 -06:00
sinn3r dc4bade78c Use OptEnum to validate delivery method 2012-02-17 21:03:05 -06:00
sinn3r 5bb9afe789 Correct disclosure date format 2012-02-16 18:15:51 -06:00
Joshua J. Drake 01a6b02c3e Add exploit for CVE-2012-0209, thx eromang! 2012-02-16 03:10:55 -06:00
Joshua J. Drake d2444e1cf6 fix a few typos 2012-02-16 03:10:22 -06:00
juan e69037959f Added CVE-2010-0842 2012-02-15 23:32:31 +01:00
Tod Beardsley 829040d527 A bunch of msftidy fixes, no functional changes. 2012-02-10 19:44:03 -06:00
Steve Tornio daca3e93a5 add osvdb ref 2012-02-10 07:05:42 -06:00
Steve Tornio 782fcb040d add osvdb ref 2012-02-10 07:05:26 -06:00
Steve Tornio 1a240648fa Merge branch 'master' of git://github.com/rapid7/metasploit-framework 2012-02-10 06:51:02 -06:00
sinn3r 5ea20a332b Clearly I had the wrong disclosure date. This one is based on Adobe's security bulletin. 2012-02-10 00:13:39 -06:00
sinn3r e5ea2961f5 Add CVE-2011-2140 Adobe Flash SequenceParameterSetNALUnit (mp4) bof 2012-02-10 00:10:28 -06:00
sinn3r 2bd330da33 Add ZDI-12-009 Citrix Provisioning Services 5.6 streamprocess buffer overflow exploit 2012-02-10 00:06:48 -06:00
Steve Tornio 1b7fffbf8a Merge branch 'master' of git://github.com/rapid7/metasploit-framework 2012-02-05 07:30:08 -06:00
Patroklos Argyroudis ed34fd70fd Modified (and tested) to work on Lion 10.7.2 and 10.7.3 2012-02-03 12:39:22 +02:00
Steve Tornio d90fe9b9b7 add osvdb ref 2012-02-02 13:43:03 -06:00
sinn3r aa44eb955e Correct author e-mail format 2012-02-02 11:27:43 -06:00
sinn3r 6b29af5c23 Add user-agent check. Auto-migrate. 2012-02-02 03:11:10 -06:00
sinn3r 6be65acfe2 Merge branch 'CVE-2008-2551_c6_DownloaderActiveX' of https://github.com/juanvazquez/metasploit-framework into juanvazquez-CVE-2008-2551_c6_DownloaderActiveX 2012-02-02 02:54:02 -06:00
sinn3r de675c349a Upgrade exploit rank, because it fits the description 2012-02-02 02:49:06 -06:00
sinn3r 28b4f4b60d Add Sunway ForceControl NetDBServer.exe Buffer Overflow (Feature #6331) 2012-02-02 02:43:32 -06:00
juan 82eacbe2fd Added module for CVE-2008-2551 2012-02-01 23:26:28 +01:00
Tod Beardsley e371f0f64c MSFTidy commits 
Whitespace fixes, grammar fixes, and breaking up a multiline SOAP
request.

Squashed commit of the following:

commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:58:53 2012 -0600

    Break up the multiline SOAP thing

commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:48:16 2012 -0600

    More whitespace and indent

commit 12c42aa1efdbf633773096418172e60277162e22
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:39:36 2012 -0600

    Whitespace fixes

commit 32d57444132fef3306ba2bc42743bfa063e498df
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:35:37 2012 -0600

    Grammar fixes for new modules.
 2012-02-01 10:59:58 -06:00
Jonathan Cran c3bd151197 add a ranking 2012-01-31 20:43:32 -06:00
Jonathan Cran 47c7f47f4e Merge branch 'master' of r7.github.com:rapid7/metasploit-framework 2012-01-31 20:38:30 -06:00
Jonathan Cran d9ee43d3dc add disclosure date 2012-01-31 20:38:05 -06:00
Jonathan Cran a814a9dce7 add disclosure date 2012-01-31 20:35:58 -06:00
Oliver-Tobias Ripka 0ba7557865 Fix typo in seattlelab_pass.rb exploit. 
Also remove the $ from the end of the regex which stopped
the exploit from being executed.
 2012-01-31 21:09:51 +01:00
Steve Tornio e392958d90 add osvdb ref 2012-01-31 07:06:33 -06:00
sinn3r bfd4734cbf Forgot to add CMD as a datastore option, here it is 2012-01-30 17:34:58 -06:00
sinn3r 08134ad600 Add Exploit-DB reference 2012-01-30 16:17:25 -06:00
sinn3r f3c340a9ab Add vBSEO proc_deutf() Remote Code Execution (Feature #6307) 2012-01-30 16:15:27 -06:00
sinn3r 1dec4c0c45 These modules should use vprint_xxx() instead of print_xxx() ... if datastore['VERBOSE'] 2012-01-30 13:08:35 -06:00
sinn3r fbac9a7239 Forgot to remove this comment 2012-01-28 13:18:15 -06:00
sinn3r 7b866eee86 Use the proper function for verbose prints 2012-01-27 12:50:01 -06:00
sinn3r 64651e52a8 Credit Shane of X-Force for the discovery 2012-01-27 11:18:34 -06:00