infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,440 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

14440 Commits (1534c4af6fc9fe9a4df8dd3b1eda7c9ad145ff98)

Author SHA1 Message Date
Tod Beardsley d4cccda8e1 Add in missing require 
Reverse_https handler needs to specifically require reverse_http in
order to ensure that the Msf::Handler::ReverseHttp mixin is available at
run time.
 2012-08-25 15:43:32 -04:00
sinn3r 638d9d1095 Fix nil res bug, change action name, etc 2012-08-25 02:41:50 -05:00
sinn3r 6341260e13 Merge branch 'patch-1' of https://github.com/crashbrz/metasploit-framework into crashbrz-patch-1 2012-08-25 02:36:36 -05:00
sinn3r d51f8cad25 Change title and description 2012-08-24 15:39:56 -05:00
Ewerson Guimaraes (Crash) cad590488d Update modules/auxiliary/scanner/http/http_traversal.rb 2012-08-24 15:47:07 -03:00
sinn3r 321fff1577 Merge branch 'master' of https://github.com/averagesecurityguy/metasploit-framework into averagesecurityguy-master 2012-08-24 11:28:09 -05:00
sinn3r 3036f7725d Merge branch 'webdav_fix' of https://github.com/mubix/metasploit-framework into mubix-webdav_fix 2012-08-24 11:18:50 -05:00
sinn3r ea7d7b847a Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-08-24 11:17:14 -05:00
jvazquez-r7 179e816194 Merge branch 'esva_bid' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-esva_bid 2012-08-24 17:37:25 +02:00
jvazquez-r7 8f748d833a Added BID reference 2012-08-24 17:30:52 +02:00
jvazquez-r7 e27f736e95 BID reference added 2012-08-24 17:29:12 +02:00
jvazquez-r7 e461d542ac added Windows 2003 SP1 Spanish targets 2012-08-24 12:50:30 +02:00
jvazquez-r7 54ce7268ad modules/exploits/windows/smb/ms08_067_netapi.rb 2012-08-24 11:30:23 +02:00
jvazquez-r7 1a60abc7a7 Added W2003 SP2 Spanish targets 2012-08-24 11:16:08 +02:00
Stephen Haywood b6d64b770a Adding documentation to the post modules library. 2012-08-23 23:57:55 -04:00
Rob Fuller d0558218ee Add non-authed OPTION response to support WebDAV 2012-08-23 15:11:10 -04:00
Tod Beardsley a93c7836bd Fixes load order with reverse http 
This was originally intended to fix #664.

SEERM #7141 also.
 2012-08-23 12:16:47 -05:00
Tod Beardsley ac0198690c Revert "Egypt's code is broken. Revert to old code until he fixes it agai" 
This reverts commit 10cf466a99.
 2012-08-23 12:01:49 -05:00
Tod Beardsley e7b11575a5 Revert "Reapplying commit d266dc60" 
This reverts commit d612d2a040.
 2012-08-23 12:01:24 -05:00
jvazquez-r7 261a17d28a Added module for CVE-2009-4498 2012-08-23 18:29:39 +02:00
James Lee aac56fc29b Fix load order issue 
[See #664][SeeRM #7141]
 2012-08-23 10:54:23 -05:00
Tod Beardsley d612d2a040 Reapplying commit d266dc60 
Somewhere along the way, commit d266dc6031
was dropped. Reimplementing.
 2012-08-22 16:20:27 -05:00
jvazquez-r7 57c6385279 heap spray from flash works pretty well on ie9 too 2012-08-22 20:47:11 +02:00
jvazquez-r7 730c0e9368 added windows vista and w7 targets 2012-08-22 20:13:10 +02:00
Tod Beardsley f6ca31d5db Merge branch 'rage-alex-oui' 2012-08-22 10:47:51 -05:00
sinn3r 22051c9c2c Merge branch 'flash_exploit_r2' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-flash_exploit_r2 2012-08-22 10:00:34 -05:00
sinn3r 1b6fe22359 Give proper credit to Craig plus additional references 
Craig first found the buffer overflow. But Matt found a more
reliable way to exploit the flaw.
 2012-08-21 22:48:15 -05:00
sinn3r 39430cbdbd Merge branch 'xoda_file_upload' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-xoda_file_upload 2012-08-21 20:50:41 -05:00
sinn3r 8534309d18 Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-08-21 20:34:15 -05:00
sinn3r 10cf466a99 Egypt's code is broken. Revert to old code until he fixes it agai 
See pull request:
https://github.com/rapid7/metasploit-framework/pull/664n
 2012-08-21 20:33:24 -05:00
sinn3r f715527423 Improve CVE-2012-1535 2012-08-21 19:58:21 -05:00
jvazquez-r7 0e535e6485 added module for XODA file upload RCE 2012-08-22 00:54:13 +02:00
Tod Beardsley 8d187b272d Some error handling on ntlm relayer 
Instead of a cryptic exception, let the user know if the HTTP target
isn't actually asking for WWW-Authenticate.

There are likely many more opportunities to catch errors, but this is
the most obvious.
 2012-08-21 16:13:00 -05:00
Tod Beardsley 635710402b Removing bullet points from module description 
Due to the vagaries of various Metasploit module description viewers, we
can't guarantee things like lists and bullet points render right.
Descriptions should avoid using these things.
 2012-08-21 16:00:04 -05:00
Tod Beardsley b457289e01 Merge remote branch 'webstersprodigy/module-http-ntlmrelay' 2012-08-21 15:28:50 -05:00
sinn3r 7ddcc787bd Merge branch 'jboss-exploits-revision2' of https://github.com/h0ng10/metasploit-framework into h0ng10-jboss-exploits-revision2 2012-08-21 14:37:09 -05:00
sinn3r 5e89c546c5 Merge branch 'reverse-http-redmine-7141' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-reverse-http-redmine-7141 2012-08-21 14:33:42 -05:00
sinn3r ed9ed25610 Merge branch 'esva_exec' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-esva_exec 2012-08-21 14:20:17 -05:00
sinn3r 20b3dfca9f Merge branch 'claudijd-master' 2012-08-21 14:19:45 -05:00
sinn3r 433c9f6b28 Final cleanup 2012-08-21 14:17:21 -05:00
Jonathan Claudius c5623cae4c Fixing Bug w/ XP Method & Improving formatting for smart_hashdump 
1.) Addressed obvious bug in registry read for XP hint gathering code
2.) Cleaned up the formatting for smart_hashdump which needed
additional tabs
 2012-08-21 07:56:52 -05:00
jvazquez-r7 3106f87687 badchars fixed 2012-08-21 13:30:15 +02:00
jvazquez-r7 e21ea6999c added module for ESVA Command Injection Vulnerability 2012-08-21 13:25:03 +02:00
webstersprodigy 65b29d149f Update to use OptEnum for RTYPE 2012-08-20 22:45:20 -04:00
Jonathan Claudius a3bad0b3ae Added XP Support and Changed Output Method for User Password Hints 
1.) Now grabs clear-text user hint from XP systems in addition to
Win7/Win8 systems
2.) Changes output so it's no longer inline with hashes as not to
affect copy/paste of hashes output
3.) Adding alternate text in cases when no user hints are available
 2012-08-20 21:30:12 -05:00
Daniel Miller 1aa83b830f Let Resolver#send_tcp take a block 
This solves the looping problem. Since the TCP connection wouldn't
necessarily close, we couldn't count on a 0-length recv, and the
connection was timing out. Changed it so send_tcp can take a block, in
which we do parsing. AXFR responses are sandwiched between SOA answers,
so when the second one is reached, the transfer is done.

This is also cleaner for existing code that uses send_tcp, since if no
block is passed, it just returns the first response and tears down the
connection, just like it used to.
 2012-08-20 20:51:18 -05:00
sinn3r 73eab8a8ee Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-08-20 15:44:28 -05:00
sinn3r 8d4b4fc7be Some more changes before pushing to master 2012-08-20 15:43:39 -05:00
jvazquez-r7 3da8a59cf0 a little cleanup plus complete metadata 2012-08-20 22:42:54 +02:00
jvazquez-r7 ff4d839419 Merge branch 'sysax_create_folder' of https://github.com/mandreko/metasploit-framework into mandreko-sysax_create_folder 2012-08-20 22:41:41 +02:00