infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,840 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

14840 Commits (12de87e682ca0053ecd89124e2e11a5c13315e18)

Author SHA1 Message Date
jvazquez-r7 4fa3631e34 avoiding the python support on the barracuda one if cannot be tested 2012-10-09 18:01:23 +02:00
jvazquez-r7 f33411abd1 Merge branch 'python_payload_support' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-python_payload_support 2012-10-09 18:00:44 +02:00
James Lee 592851e155 Add requires for active_support deps in use 
Hash for #assert_valid_keys, Module for #parent.
 2012-10-09 02:05:08 -05:00
James Lee b3e27b16d5 Derp, include is a class method 2012-10-09 01:52:19 -05:00
sinn3r a12aed7ffc Don't really need these keywords 2012-10-09 00:49:05 -05:00
sinn3r b657fd31cc Merge branch 'php_include' of https://github.com/ethicalhack3r/metasploit-framework into ethicalhack3r-php_include 2012-10-09 00:45:46 -05:00
James Lee 227418bd11 Make AR a soft dependency again 
Ensures that the absence of activerecord does not prevent msfconsole
from loading. This returns us to the previous state of affairs where it
is possible to use the framework entirely without a database.

To test:
  1. rm -rf lib/gemcache/ruby/1.9.1/gems/activerecord*
  2. remove any locally installed versions of activerecord
  3. msfconsole

msfconsole should load up with a warning like so:

[-] ***
[-] * WARNING: No database support: LoadError cannot load such file -- active_record
[-] ***

... and should still be functional.
 2012-10-08 23:07:04 -05:00
sinn3r c094508119 Support Python payload 
Pretty sure if the app is run on Unix/Apache, or supports perl and
ruby, chances are python works too.
 2012-10-08 22:17:11 -05:00
James Lee 3888c5212f Change file header comment to new format 2012-10-08 21:30:42 -05:00
James Lee 03e2cda9e1 Make sample modules conform to modern mod format 
Wow, these are old.
 2012-10-08 21:23:38 -05:00
Tod Beardsley 562612f96c Merge branch 'hmoore-r7-module-loader' 2012-10-08 17:52:26 -05:00
HD Moore 8f07a18d74 Fix comment indentation 2012-10-08 17:29:36 -05:00
HD Moore eb0f0fee0c Correct an extra parenthesis 2012-10-08 17:20:25 -05:00
HD Moore 8cdb76d269 Switch to normal String API vs ActiveSupport method 2012-10-08 17:18:40 -05:00
jvazquez-r7 b356b403b0 Merge branch 'phptax' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-phptax 2012-10-09 00:10:31 +02:00
HD Moore 2dce6e6347 FIXRM #7292 by using hex class names 2012-10-08 17:03:41 -05:00
Luke Imhoff 93469604a7 Fix missed rename when adding fastlib under directory 
I missed a spot where I referenced the nested_paths as nested_pathnams
after I renamed the variable.  Now, Msf::ModuleManager#add_module_paths
has rspec tests.

Rspec can be invoked with `rake` as the default task or `rake spec`
explicitly.

I changed RuntimeError to ArgumentError since that error  was more
specific to having a bad argument error.  I adding missing dependencies
to the Gemfile and a require to msf/core/db_manager.rb where it errored
out trying to access Msf::Config when I just did require 'msf/core' in
the spec.
 2012-10-08 16:14:37 -05:00
HD Moore 6bb1b83de3 Align the comments with the space indents for now 2012-10-08 16:09:12 -05:00
HD Moore 286b86949b Prefix with host:port for readability 2012-10-08 15:23:26 -05:00
sinn3r 06e2994b7e connectiontype to find and python payload support 2012-10-08 15:13:27 -05:00
sinn3r abb4bdd408 metadata formatting, and a little res gotcha 2012-10-08 15:00:51 -05:00
sinn3r cdf8956a10 Merge branch 'avaya_ccr_imageupload_exec' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-avaya_ccr_imageupload_exec 2012-10-08 14:57:13 -05:00
James Lee 44d7ab8ca2 Merge branch 'todb-r7-fix-msfupdate' into rapid7 
[Closes #847]
 2012-10-08 14:32:00 -05:00
sinn3r 04aa69192d Dang typo 2012-10-08 13:35:13 -05:00
jvazquez-r7 ef9d627e13 Added module for ZDI-12-106 2012-10-08 20:04:01 +02:00
sinn3r 8ff4442f9e Add PhpTax pfilez exec module 
This module exploits a vuln found in PhpTax.  When generating a
PDF, the icondrawpng() function in drawimage.php does not
properly handle the pfilez parameter, which will be used in a
exec() statement, and results in arbitrary code execution.
 2012-10-08 12:46:56 -05:00
Tod Beardsley 114b7886fa Add back EOF newlines 2012-10-08 12:42:34 -05:00
Tod Beardsley b0957da1e2 Fixing bug reported with 1.8.7 
This avoids the incompat with `const_defined?`

[FixRM #7291]
 2012-10-08 12:40:27 -05:00
James Lee 10dafcd09f Fix 1.8 compat with Module#const_defined? 
Before 1.9, const_defined? only takes one parameter.
 2012-10-08 12:40:18 -05:00
Luke Imhoff ef6dad2bc3 Fix loading binary modules on Windows 
[#36737359, #36401509]

Failed to follow HACKING guideline #5, open files in binary mode, so
Pro modules were being truncated on Windows installs.
 2012-10-08 09:12:23 -05:00
Tod Beardsley 95fef5d607 Merge remote branch 'dalton/master' 2012-10-08 08:28:23 -05:00
sinn3r e9b70a3a4f Merge branch 'avaya_winpmd_unihostrouter' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-avaya_winpmd_unihostrouter 2012-10-07 15:35:30 -05:00
jvazquez-r7 0acd9e4eec Merge branch 'ms10_002_ropdb_update' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ms10_002_ropdb_update 2012-10-07 17:49:45 +02:00
jvazquez-r7 e4af1b7338 Merge branch 'cve_2012_1535_flash_rop_update' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-cve_2012_1535_flash_rop_update 2012-10-07 17:25:19 +02:00
jvazquez-r7 40983460bf added module for avaya winpmd bof, osvdb 73269 2012-10-07 12:05:13 +02:00
sinn3r bdb9b75e1e Use RopDb, and print what target the module has selected. 2012-10-07 01:42:29 -05:00
HD Moore 64f29952dc Merge branch 'master' into feature/updated-mobile 2012-10-07 00:32:02 -05:00
HD Moore 70061223d3 The use of to_path fails on OS X, switch to to_s 2012-10-06 23:40:08 -05:00
sinn3r 5b656087b5 Use RopDb in adobe_flash_otf_font, also cleaner code & output 2012-10-06 21:03:41 -05:00
jvazquez-r7 874fe64343 Merge branch 'ms11_050_ropdb_update' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ms11_050_ropdb_update 2012-10-06 14:10:36 +02:00
sinn3r 260d85cfb1 Correct typos 2012-10-06 02:24:30 -05:00
sinn3r e02adc1f35 Merge branch 'mubix-bypassuac_uac_check' 2012-10-06 02:09:16 -05:00
sinn3r 33429c37fd Change print_error to print_debug as a warning 2012-10-06 02:08:19 -05:00
sinn3r 94d5eb7a8c Use RopDb in MS11-050, and correct autopwninfo 2012-10-06 01:45:40 -05:00
Rob Fuller 55474dd8bf add simple UAC checks to bypassuac 2012-10-06 00:59:54 -04:00
Rob Fuller b984d33996 add RunAs ask module 2012-10-06 00:51:44 -04:00
sinn3r 769fa3743e Explain why the user cannot modify the URIPATH 2012-10-05 17:24:06 -05:00
ethicalhack3r f4e442bcbd Added headers support to php_include module 2012-10-05 23:00:38 +02:00
sinn3r 2aa59623d1 Merge branch 'ropdb_for_browsers' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ropdb_for_browsers 2012-10-05 15:43:18 -05:00
sinn3r 21ea77ff8b Fix spaces 2012-10-05 15:40:37 -05:00