infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
35,006 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

18209 Commits (0f9032100dc72b8174dd1a90b1f73bd3ffb00a16)

Author SHA1 Message Date
wchen-r7 29e92aaabe
Land #5806, WordPress Subscribe Comments File Read Vuln 2015-08-28 11:52:59 -05:00
wchen-r7 62e6b23b4c Typo 2015-08-28 11:52:13 -05:00
wchen-r7 e651f3f70e
Land #5886, ensure disconnect in sid_brute.rb, method #do_sid_check 2015-08-27 17:53:55 -05:00
wchen-r7 11db9c2112
Land #5896, Update ms15_004_tswbproxy to use a Reflective DLL 2015-08-27 17:11:26 -05:00
HD Moore a2d5511e39
Land #5379, new post modules to load into powershell sessions 2015-08-26 17:11:40 -05:00
jvazquez-r7 da4b360202
Fix typo 2015-08-26 15:29:34 -05:00
jvazquez-r7 5d0ed797a3
Update DLL 2015-08-26 15:15:32 -05:00
jvazquez-r7 dd529013f6
Update ruby side 2015-08-26 15:12:09 -05:00
Brent Cook 6c89d0997c
Land #5855, android offline collection support 2015-08-25 17:44:51 -05:00
Brent Cook ca8353e1aa update to metasploit-payloads 1.0.9 2015-08-25 17:44:01 -05:00
jvazquez-r7 8785083722
Ensure disconnect 2015-08-24 12:36:15 -05:00
Brent Cook 5633c1431f
Land #5821, add explicit 64-bit pointer support to enum_cred_store 2015-08-24 09:44:36 -05:00
Brent Cook 2860ecdfaf
Land #5876, fixup format for storing ssh banners 2015-08-24 09:35:52 -05:00
Brent Cook b1ef560264
Merge payload_inject 64-bit inject fix from @Meatballs1 2015-08-24 09:26:00 -05:00
Meatballs 1c91b126f1
X64 compat for payload_inject 2015-08-23 22:03:57 +01:00
wchen-r7 fb2adb2e51 Check blank bullprop, also better instructions for the user. 2015-08-23 02:20:51 -05:00
wchen-r7 0f3e96b457
Merge branch 'upstream-master' into pr5416 2015-08-22 22:10:56 -05:00
wchen-r7 b99f5bc672
Land #5874, Consistency and API conformance changes to LES 2015-08-22 21:57:24 -05:00
HD Moore 1e6c53b430 Correct the storage of ssh banners in service.info 2015-08-22 01:21:15 -05:00
jvazquez-r7 1558fabdb2
Land #5844, @joevennix updates apple_safari_webarchive_uxss to use the webarchive mixin 2015-08-21 17:27:56 -05:00
HD Moore d264802ce0 Consistency and API conformance changes to LES 2015-08-21 12:38:58 -05:00
wchen-r7 4a91dfdcf5
Land #5873, report_note for local_exploit_suggester 2015-08-20 17:52:33 -05:00
Mo Sadek b20a283617 Added report_note to suggester 2015-08-20 13:57:16 -05:00
wchen-r7 dc1e7e02b6
Land #5853, Firefox 35-36 RCE one-click exploi 2015-08-20 13:27:21 -05:00
wchen-r7 45c7e4760a Support x64 payloads 2015-08-20 02:09:58 -05:00
jvazquez-r7 182c1bc7fe
Disconnect socket when login fails 2015-08-17 18:20:04 -05:00
Brent Cook 6b94513a37
Land #5860, add tpwn OS X local kernel exploit (https://github.com/kpwn/tpwn) 2015-08-17 17:41:04 -05:00
William Vu 26165ea93f Add tpwn module 2015-08-17 17:11:11 -05:00
Brent Cook b17d8f8d49
Land #5768, update modules to use metasploit-credential 2015-08-17 17:08:58 -05:00
jvazquez-r7 a5bed0198a
Use each_char 2015-08-17 11:08:40 -05:00
jvazquez-r7 e7433b81bd
Reuse architecture check 2015-08-17 10:28:10 -05:00
Brent Cook 5dd015150c
Land #5748, refactor google geolocate, add wlan_geolocate and send_sms to android meterpreter 2015-08-16 10:58:17 -05:00
benpturner 8800d89424 Updated to reflect HD's comments on indents and name of local script. 2015-08-16 10:47:20 +01:00
joev 98e2d074c3 Add disclosure date. 2015-08-15 20:09:41 -05:00
joev a133e98ba5 Adds a ff 35-36 RCE vector based off the recent ff bug. 2015-08-15 20:02:00 -05:00
Brent Cook 9720e8e081 normalize osx to darwin so python meterp works 2015-08-15 19:49:55 -05:00
Brent Cook 422bba87d3 style fixes, moved google_geolocate to google/geolocate 2015-08-15 19:49:32 -05:00
HD Moore 42e08cbe07 Fix bad use of get_profile (now browser_profile) 2015-08-14 19:50:42 -05:00
jvazquez-r7 c02df6b39d
Land #5800, @bperry's Symantec Endpoint Protection Manager RCE module 2015-08-14 17:03:48 -05:00
jvazquez-r7 b33abd72ce
Complete description 2015-08-14 17:03:21 -05:00
jvazquez-r7 4aa3be7ba2
Do ruby fixing and use FileDropper 2015-08-14 17:00:27 -05:00
jvazquez-r7 ddb7224160
Land #5847, @todb-r7 on behalf of anonymous contributor, exploit for FF CVE-2015-4495 
* To exfiltrate arbitrary files
* Tested successfully on linux
 2015-08-14 14:57:28 -05:00
jvazquez-r7 a560496455 Do minor ruby style fixes 2015-08-14 14:50:03 -05:00
jvazquez-r7 82193f11e7 Minor js fixes 2015-08-14 14:45:48 -05:00
Brent Cook 0a4651a553
Land #5359, add PuTTY session enumeration module 2015-08-14 13:20:05 -05:00
jvazquez-r7 b908f41b0f
Land #5838, @bcook-r7's fixes for paylaod cached sizes 2015-08-14 12:39:58 -05:00
Tod Beardsley e4cb6872f2
Add exploit for CVE-2015-4495, Firefox PDF.js 2015-08-14 12:07:15 -05:00
Brent Cook 6b1e911041 Instantiate payload modules so parameter validation occurs 
Calling .new on payload modules does not perform parameter validation, leading
to a number cached sizes based on invalid parameters. Most notably,
normalization does not occur either, which makes all OptBool params default to
true.
 2015-08-14 11:35:39 -05:00
joev 0615d908c4 Update description to explain quarantine effects. 2015-08-13 23:46:37 -05:00
joev 84144bf6cf Update webarchive_uxss to use the webarchive mixin. 
- Fixes extension installation to use a new window, not an iframe
- Steals the entire cookie file
- Removes cache poisoning scripts, which no longer seem to work
 2015-08-13 23:41:27 -05:00