sinn3r
d6accef5e6
Allow datastore options plus other things
...
Here's a list of things that have changed:
* Allow datastore options as argumnets.
* Allow "dry-run" mode
* Cleaner way to initialize arguments
2012-07-09 13:48:02 -05:00
HD Moore
c8c3c0e3e4
Correct an issue with HTTP response header parsing
2012-07-09 10:22:12 -07:00
sinn3r
81b4cb737d
Merge branch 'zenworks_preboot_fileaccess' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-zenworks_preboot_fileaccess
2012-07-09 11:14:56 -05:00
jvazquez-r7
73fcf73419
Added module for CVE-2011-2657
2012-07-09 18:03:16 +02:00
jvazquez-r7
b33220bf90
Added module for CVE-2012-2215
2012-07-09 17:32:55 +02:00
sinn3r
0fbfa8e6f7
Merge branch 'enum_unattend_ii' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-enum_unattend_ii
2012-07-09 10:14:30 -05:00
sinn3r
5586aa6c1b
Move some code around
2012-07-09 09:44:22 -05:00
sinn3r
5db26beef7
Add more features
...
Please see the following ticket:
http://dev.metasploit.com/redmine/issues/7041
2012-07-09 05:17:40 -05:00
James Lee
8d9186748f
Fix logic fail
2012-07-08 20:46:37 -06:00
James Lee
c82037d85b
Add an xxd decoder
2012-07-08 20:45:25 -06:00
James Lee
6d6b4bfa92
Merge remote branch 'rapid7/master' into omg-post-exploits
2012-07-08 17:32:39 -06:00
sinn3r
d626de66f7
Print out where the scheme info is stored.
...
This module needs to print out where the scheme is stored so the
user knows where it is, see complaint:
https://community.rapid7.com/message/4448
2012-07-08 18:24:18 -05:00
HD Moore
442eccd1d6
Merge pull request #578 from claudijd/master
...
Bug Fix to "Stamp Out" LM and NTLM Hash Corruption in Hashdump Code
2012-07-08 12:24:46 -07:00
Jonathan Claudius
5938771e6c
Bug Fix to "Stamp Out" LM and NTLM Hash Corruption
...
-This commit Addresses Metasploit Bug #4402 that notes corrupted (aka:
incorrect) hashes yielded from hashdump
-Fail case can be reliably reproduced on a Windows system where (1) a
user is not storing an LM hash and (2) password histories are enabled
on the system
-This issue along with other extraction tools that are affected in a
similar way will be discussed at BlackHat USA 2012 and DEFCON 20 in 2
weeks.
If you have questions, please let us know.
-Jonathan Claudius (@claudijd)
-Ryan Reynolds (@reynoldsrb)
2012-07-08 14:02:22 -05:00
HD Moore
a8266bd831
Fix up odd reference normalization cases
2012-07-08 11:25:32 -05:00
HD Moore
f75edc0ca1
Correct fix for older PG support, thanks to Patrick Fitzgerald
2012-07-08 10:16:51 -05:00
HD Moore
75430a0b7e
Cleanup to support v1.2 as well as 1.1
2012-07-08 01:53:32 -05:00
HD Moore
4199b67879
Prevent an exception from breaking the sql cache
2012-07-07 17:30:31 -05:00
HD Moore
1d5b7a1a69
Fix an issue with PG's handling of group by on distinct
2012-07-07 17:27:11 -05:00
HD Moore
881d0ff0c9
Add method to create an asset group
2012-07-07 17:27:11 -05:00
sinn3r
87bac91d71
Apply additional changes from #549
...
From pull request #549 . Changes include:
* Use OptEnum to enforce the use of wpad.dat or proxy.pac
* Remove cli.peerhost:cli.peerport, the API does that already
* cleanup function to restore uripath datastore option
* More friendly error when the user doesn't have enough permission
to bind to port 80, that way they don't blame it's a bug on msf.
* Remove unnecessary SVN stuff in modinfo
2012-07-07 15:59:16 -05:00
sinn3r
4e90da002d
Merge branch 'master' of https://github.com/efraintorres/wmap-metasploit into wpad
2012-07-07 15:44:05 -05:00
HD Moore
24d6a85848
Merge pull request #575 from swtornio/tikiwiki
...
add osvdb ref
2012-07-07 11:10:44 -07:00
Steve Tornio
44290c2c89
add osvdb ref
2012-07-07 08:40:25 -05:00
Tod Beardsley
33bf2881cc
Removing cached gem for journey.
2012-07-06 22:12:50 -05:00
Tod Beardsley
505b97b470
Adding new gem versions
...
Add the new gems referenced in the last commit for real.
2012-07-06 22:11:16 -05:00
Tod Beardsley
63e41ee6bb
Updating gems: coderay, journey, spork, sprockets
2012-07-06 22:03:33 -05:00
Tod Beardsley
3dba8273c9
Adding journey-1.0.4.
2012-07-06 17:33:16 -05:00
sinn3r
3f58aff979
Properly handle a no-payload-selected scenario
2012-07-06 16:32:18 -05:00
sinn3r
08c6b94460
Merge branch 'auto_exploit' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-auto_exploit
2012-07-06 16:24:32 -05:00
sinn3r
d859059868
Remove a whitespace
2012-07-06 16:20:17 -05:00
sinn3r
4f9028f7f9
Change description a little bit
2012-07-06 16:18:14 -05:00
sinn3r
9aeb4694f7
Add autoexploit.rc based on #561
...
Modified from #561 . It has gone through a lot of changes, including:
* It now relies mainly on arguments instead of datastore options.
This is because when an user uses datadatore options, the rc
script cannot really start automatically without some config
in advance, which is a hassle.
* We no longer have to manually connect to a database before being
able to use the rc script. It can automtaically connect to it
if the necessary arguments are supplied (user/pass/workspace)
* Better error handling
* Actually exits msfconsole when something fails or not ready
* The older script does not select a payload. This one will
automatically select one based on compatible payloads.
* Instead of manually specifying an "identifier" for reference
matching, this is now automatic.
* Lots of cleanup
* Update help_me
2012-07-06 15:02:28 -05:00
sinn3r
70c718a5ed
Fix indent level
2012-07-06 12:44:03 -05:00
sinn3r
24c57b61a8
Add juan as an author too for improving the module a lot
2012-07-06 10:41:06 -05:00
sinn3r
757d15619f
Merge branch 'umbraco_upload_aspx_rev' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-umbraco_upload_aspx_rev
2012-07-06 10:39:09 -05:00
tdoan-r7
db0ab45333
updated release number to 4.3
...
<test commit>
2012-07-06 10:21:00 -05:00
jvazquez-r7
9fecc80459
User of TARGETURI plus improve of description
2012-07-06 15:47:25 +02:00
jvazquez-r7
7751c54a52
references updates
2012-07-06 11:56:03 +02:00
jvazquez-r7
f8ca5b4234
Revision of pull request #562
2012-07-06 11:52:43 +02:00
sinn3r
1e6c4301b6
We worked on it, so we got credit
2012-07-06 02:12:10 -05:00
sinn3r
f8123ef316
Add a "#" in the end after the payload
2012-07-06 02:09:31 -05:00
sinn3r
187731f2cb
Add a check function to detect the vuln
2012-07-06 01:58:01 -05:00
sinn3r
dcddc712d2
Missing a "&"
2012-07-06 01:50:18 -05:00
sinn3r
3c8a836091
Add lcashdol's module from #568
...
Initial version being worked on by sinn3r & juan
2012-07-06 01:41:34 -05:00
sinn3r
ecb4e20c92
Instead of deleting the "/", here's a different approach
2012-07-06 01:23:41 -05:00
sinn3r
7876d7fd60
Delete the extra "/"
2012-07-06 01:20:31 -05:00
sinn3r
686f176a99
Correct path
2012-07-06 01:12:47 -05:00
sinn3r
0c18662d46
Make msftidy happy and change the traversal option
2012-07-06 01:10:39 -05:00
sinn3r
3b7e1cd73a
Add Dillion's module for Wangkongbao
2012-07-06 00:54:55 -05:00