Commit Graph

21817 Commits (0c59c885c4b3802c4e150709b7029087318d3388)

Author SHA1 Message Date
Thomas Hibbert 960f7c9bbb Add DesktopCentral arbitrary file upload exploit. 2013-11-18 16:11:28 +13:00
joev 8e889c61f7 Update description. 2013-11-17 15:48:27 -06:00
joev f7820139dc Add a content_type datastore option. 2013-11-17 15:38:55 -06:00
joev 43d2711b98 Default to 1 round compression. 2013-11-17 15:35:35 -06:00
joev 1e3860d648 Add gzip bomb dos aux module. 2013-11-17 14:44:33 -06:00
jvazquez-r7 7d22312cd8 Fix redis communication 2013-11-15 19:36:18 -06:00
William Vu d5d69ab8f1 Merge remote-tracking branch 'origin/pr/1' into beug/titles 2013-11-15 18:59:16 -06:00
Brandon Turner 2ae67d22dc Always use maybe_wait_and_exit in msfupdate
This allows error messages to be seen on windows where exit closes the
console.
2013-11-15 17:26:21 -06:00
Brandon Turner e6c43bfe34 Allow stubbing stdin in msfupdate 2013-11-15 17:15:15 -06:00
Brandon Turner faf8099edf Clean up msfupdate help messages
Don't display options that aren't valid for the platform we are on
2013-11-15 17:07:12 -06:00
Brandon Turner 823aa3a6f7 Validate arguments to msfupdate before updating 2013-11-15 17:01:08 -06:00
Brandon Turner 730edc4bf5 Always exit from maybe_wait_and_exit
Previously calling maybe_wait_and_exit wouldn't actually exit.  This was
the wrong behavior.
2013-11-15 17:00:41 -06:00
Brandon Turner 8ea83ed1c6 Test the old wait/nowait behavior 2013-11-15 15:31:01 -06:00
Brandon Turner 314e8fd570 Refactor msfupdate so it is testable 2013-11-15 15:24:35 -06:00
Tod Beardsley 89d0b3c41c
Return the splat and require on a module. 2013-11-15 12:19:53 -06:00
Tod Beardsley 36db6a4d59
Land #2616, SuperMicro close_window BOF 2013-11-15 11:34:53 -06:00
sinn3r 7d408a6118
Land #2639 - rm sleep & constant usage warnings 2013-11-15 11:21:47 -06:00
Brandon Turner cf74a2c827 Use Getopt to parse options 2013-11-15 11:02:16 -06:00
jvazquez-r7 cbb7eb192c Add module for CVE-2013-3918 2013-11-15 10:38:52 -06:00
Chris John Riley 5bd5eacd77 Added option to ignore banner checks 2013-11-15 15:01:11 +01:00
William Vu 2c485c509e Fix caps on module titles (first pass) 2013-11-15 00:03:42 -06:00
William Vu de424e3779
Land #2641, rm ext_server_extapi.x{86,64}.dll 2013-11-14 22:12:02 -06:00
OJ 0b413aa0b8 Remove extapi binaries
These were committed in the flurry of merges last night by me. They
should be removed until the extapi PR has been fully reviewed and
merged. This commit just removes the binaries from master, they'll
be re-added when appropriate.
2013-11-15 06:24:00 +10:00
jvazquez-r7 4cf16cf360
Land #2633, @OJ's port of Kitrap0d as local exploit 2013-11-14 09:27:10 -06:00
jvazquez-r7 30a938e620
Land #2640, @OJ's updated meterpreter binaries
0012c4530a
2013-11-14 09:25:41 -06:00
OJ 4bd0900359
Updated meterpreter binaries
Includes the following:

* Clean builds
* Removal of kitrap0d from getsystem
* Doc updates
* Webcam crash fix
* Schedular and channel refactor
* Posix crash fix for post modules
2013-11-15 01:14:14 +10:00
Peter Toth 7db42efdd4 Code restructure and more robust error handling 2013-11-14 13:44:49 +01:00
jvazquez-r7 fe2cd93a65 Delete ms13_037_svg_dashstyle from the browser_autopwn list 2013-11-13 23:46:50 -06:00
OJ 506a4d9e67
Remove genericity, x64 and renamed stuff
As per discussion on the github issue, the following changes were made:

* Project renamed from elevate to kitrap0d, implying that this is not
  intended to be a generic local priv esc exploit container.
* Container DLL no longer generic, always calls the kitrap0d exploit.
* Removal of all x64 code and project configurations.
* Invocation of the exploit changed so that the address of the payload
  is passed in to the exploit entry point. The exploit is now responsible
  for executing the payload if the exploit is successful. This removes
  the possibility of the payload getting executed when the exploit fails.
* Source moved to the appropriate CVE folder.
* Binary moved to the appropriate CVE folder.
* Little bit of source rejigging to tidy things up.
2013-11-14 12:22:53 +10:00
James Lee 5b96ad595f
Skip reg values with no secretes
Also update header comment to match new standard
2013-11-13 19:05:16 -06:00
James Lee cb10b4783b
Mark XP hashes as mscash for JtR to recognize 2013-11-13 19:04:16 -06:00
James Lee 0aef145f64 Merge remote-tracking branch 'upstream/master' into land-2532-enum-lsa 2013-11-13 18:11:21 -06:00
James Lee 8471f74b75
Refactor ivar to a more reasonable method
Also changes jtr output for cachedump to produce hashes that can be
auto-detected as mscash2 format for a better user experience.
2013-11-13 18:09:41 -06:00
Tod Beardsley 6549b2e347
Spaces for the table, not tabs. 2013-11-13 16:48:19 -06:00
Tod Beardsley e2dd13e7f8
Renumber the 8 commandments 2013-11-13 16:45:21 -06:00
Tod Beardsley 7b0acd238e
Remove sleep and constant usage warnings 2013-11-13 16:37:03 -06:00
James Lee 8bb72764ec
Rename credentials/lsa -> lsa_secrets
Secrets are not necessarily credentials
2013-11-13 15:23:15 -06:00
James Lee 16627c1bd3
Add spec for capture_lsa_key 2013-11-13 15:16:34 -06:00
William Vu 334a93af45
Land #2638, refs for android_htmlfileprovider 2013-11-13 14:51:46 -06:00
joev 0612f340f1 Commas are good. 2013-11-13 14:38:50 -06:00
joev ad5f82d211 Add missing refs to aux/gather/android_htmlfileprovider. 2013-11-13 14:36:18 -06:00
William Vu 6bd82d8589
Land #2636, Win8 for {constants,platform}.rb 2013-11-13 14:20:52 -06:00
jvazquez-r7 2594427999
Land #2631, @peto01's osx screen capture post module 2013-11-13 13:58:03 -06:00
jvazquez-r7 2b19490095 Fix Exception handling 2013-11-13 13:57:15 -06:00
jvazquez-r7 95f371a1a6 Move screen_capture to the capture folder 2013-11-13 13:41:11 -06:00
jvazquez-r7 f65e82523b Clean screen_capture 2013-11-13 13:40:41 -06:00
sinn3r 3a923422a3 Update class for Win 8 2013-11-13 13:27:44 -06:00
William Vu 94a2f52ccc
Land #2637, version number bump to 4.9.0-dev 2013-11-13 13:20:18 -06:00
Tod Beardsley 5e342debbc
Don't be dopey in the RSpec version matching 2013-11-13 13:04:26 -06:00
Tod Beardsley 3500cf06d4
Add a spec for version checking. 2013-11-13 12:49:57 -06:00