Thomas Hibbert
960f7c9bbb
Add DesktopCentral arbitrary file upload exploit.
2013-11-18 16:11:28 +13:00
joev
8e889c61f7
Update description.
2013-11-17 15:48:27 -06:00
joev
f7820139dc
Add a content_type datastore option.
2013-11-17 15:38:55 -06:00
joev
43d2711b98
Default to 1 round compression.
2013-11-17 15:35:35 -06:00
joev
1e3860d648
Add gzip bomb dos aux module.
2013-11-17 14:44:33 -06:00
jvazquez-r7
7d22312cd8
Fix redis communication
2013-11-15 19:36:18 -06:00
William Vu
d5d69ab8f1
Merge remote-tracking branch 'origin/pr/1' into beug/titles
2013-11-15 18:59:16 -06:00
Brandon Turner
2ae67d22dc
Always use maybe_wait_and_exit in msfupdate
...
This allows error messages to be seen on windows where exit closes the
console.
2013-11-15 17:26:21 -06:00
Brandon Turner
e6c43bfe34
Allow stubbing stdin in msfupdate
2013-11-15 17:15:15 -06:00
Brandon Turner
faf8099edf
Clean up msfupdate help messages
...
Don't display options that aren't valid for the platform we are on
2013-11-15 17:07:12 -06:00
Brandon Turner
823aa3a6f7
Validate arguments to msfupdate before updating
2013-11-15 17:01:08 -06:00
Brandon Turner
730edc4bf5
Always exit from maybe_wait_and_exit
...
Previously calling maybe_wait_and_exit wouldn't actually exit. This was
the wrong behavior.
2013-11-15 17:00:41 -06:00
Brandon Turner
8ea83ed1c6
Test the old wait/nowait behavior
2013-11-15 15:31:01 -06:00
Brandon Turner
314e8fd570
Refactor msfupdate so it is testable
2013-11-15 15:24:35 -06:00
Tod Beardsley
89d0b3c41c
Return the splat and require on a module.
2013-11-15 12:19:53 -06:00
Tod Beardsley
36db6a4d59
Land #2616 , SuperMicro close_window BOF
2013-11-15 11:34:53 -06:00
sinn3r
7d408a6118
Land #2639 - rm sleep & constant usage warnings
2013-11-15 11:21:47 -06:00
Brandon Turner
cf74a2c827
Use Getopt to parse options
2013-11-15 11:02:16 -06:00
jvazquez-r7
cbb7eb192c
Add module for CVE-2013-3918
2013-11-15 10:38:52 -06:00
Chris John Riley
5bd5eacd77
Added option to ignore banner checks
2013-11-15 15:01:11 +01:00
William Vu
2c485c509e
Fix caps on module titles (first pass)
2013-11-15 00:03:42 -06:00
William Vu
de424e3779
Land #2641 , rm ext_server_extapi.x{86,64}.dll
2013-11-14 22:12:02 -06:00
OJ
0b413aa0b8
Remove extapi binaries
...
These were committed in the flurry of merges last night by me. They
should be removed until the extapi PR has been fully reviewed and
merged. This commit just removes the binaries from master, they'll
be re-added when appropriate.
2013-11-15 06:24:00 +10:00
jvazquez-r7
4cf16cf360
Land #2633 , @OJ's port of Kitrap0d as local exploit
2013-11-14 09:27:10 -06:00
jvazquez-r7
30a938e620
Land #2640 , @OJ's updated meterpreter binaries
...
0012c4530a
2013-11-14 09:25:41 -06:00
OJ
4bd0900359
Updated meterpreter binaries
...
Includes the following:
* Clean builds
* Removal of kitrap0d from getsystem
* Doc updates
* Webcam crash fix
* Schedular and channel refactor
* Posix crash fix for post modules
2013-11-15 01:14:14 +10:00
Peter Toth
7db42efdd4
Code restructure and more robust error handling
2013-11-14 13:44:49 +01:00
jvazquez-r7
fe2cd93a65
Delete ms13_037_svg_dashstyle from the browser_autopwn list
2013-11-13 23:46:50 -06:00
OJ
506a4d9e67
Remove genericity, x64 and renamed stuff
...
As per discussion on the github issue, the following changes were made:
* Project renamed from elevate to kitrap0d, implying that this is not
intended to be a generic local priv esc exploit container.
* Container DLL no longer generic, always calls the kitrap0d exploit.
* Removal of all x64 code and project configurations.
* Invocation of the exploit changed so that the address of the payload
is passed in to the exploit entry point. The exploit is now responsible
for executing the payload if the exploit is successful. This removes
the possibility of the payload getting executed when the exploit fails.
* Source moved to the appropriate CVE folder.
* Binary moved to the appropriate CVE folder.
* Little bit of source rejigging to tidy things up.
2013-11-14 12:22:53 +10:00
James Lee
5b96ad595f
Skip reg values with no secretes
...
Also update header comment to match new standard
2013-11-13 19:05:16 -06:00
James Lee
cb10b4783b
Mark XP hashes as mscash for JtR to recognize
2013-11-13 19:04:16 -06:00
James Lee
0aef145f64
Merge remote-tracking branch 'upstream/master' into land-2532-enum-lsa
2013-11-13 18:11:21 -06:00
James Lee
8471f74b75
Refactor ivar to a more reasonable method
...
Also changes jtr output for cachedump to produce hashes that can be
auto-detected as mscash2 format for a better user experience.
2013-11-13 18:09:41 -06:00
Tod Beardsley
6549b2e347
Spaces for the table, not tabs.
2013-11-13 16:48:19 -06:00
Tod Beardsley
e2dd13e7f8
Renumber the 8 commandments
2013-11-13 16:45:21 -06:00
Tod Beardsley
7b0acd238e
Remove sleep and constant usage warnings
2013-11-13 16:37:03 -06:00
James Lee
8bb72764ec
Rename credentials/lsa -> lsa_secrets
...
Secrets are not necessarily credentials
2013-11-13 15:23:15 -06:00
James Lee
16627c1bd3
Add spec for capture_lsa_key
2013-11-13 15:16:34 -06:00
William Vu
334a93af45
Land #2638 , refs for android_htmlfileprovider
2013-11-13 14:51:46 -06:00
joev
0612f340f1
Commas are good.
2013-11-13 14:38:50 -06:00
joev
ad5f82d211
Add missing refs to aux/gather/android_htmlfileprovider.
2013-11-13 14:36:18 -06:00
William Vu
6bd82d8589
Land #2636 , Win8 for {constants,platform}.rb
2013-11-13 14:20:52 -06:00
jvazquez-r7
2594427999
Land #2631 , @peto01's osx screen capture post module
2013-11-13 13:58:03 -06:00
jvazquez-r7
2b19490095
Fix Exception handling
2013-11-13 13:57:15 -06:00
jvazquez-r7
95f371a1a6
Move screen_capture to the capture folder
2013-11-13 13:41:11 -06:00
jvazquez-r7
f65e82523b
Clean screen_capture
2013-11-13 13:40:41 -06:00
sinn3r
3a923422a3
Update class for Win 8
2013-11-13 13:27:44 -06:00
William Vu
94a2f52ccc
Land #2637 , version number bump to 4.9.0-dev
2013-11-13 13:20:18 -06:00
Tod Beardsley
5e342debbc
Don't be dopey in the RSpec version matching
2013-11-13 13:04:26 -06:00
Tod Beardsley
3500cf06d4
Add a spec for version checking.
2013-11-13 12:49:57 -06:00