infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
45,384 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

23557 Commits (177eca30e8c08dd2abe45f79409ec731ab87a19b)

Author SHA1 Message Date
Ege Balcı 2950c84660
Better code. 
Added check function.
Smaller & cleaner code.
 2018-03-12 20:33:46 +03:00
Ege Balcı 420905137b
CVA added. 2018-03-12 08:42:28 +03:00
Ege Balcı d71b6bdf0d
Update syncbreeze_enterprise_dos.rb 
msftidy.rb adjustment.
 2018-03-11 23:27:46 +03:00
Ege Balcı 0e4e260a02
Adding Sync Breeze Enterprise 10.6.24 DOS 
This module triggers a Denial of Service vulnerability in the Sync Breeze Enterprise HTTP server. Vulnerable version of the product can be downloaded here (http://www.syncbreeze.com/setups/syncbreezeent_setup_v10.6.24.exe). After installing the software web server should be enabled via Options->Server->Enable web server on port. Module triggers a user space write access violation on syncbrs.exe memory region. Number of requests that will crash the server changes between 200-1000 depending on the OS version and system memory.
 2018-03-11 23:07:50 +03:00
Jacob Robles 615f6b02af
varnish no auth file read 2018-03-09 11:25:13 -06:00
Jacob Robles 1fd0087a97
Land #7654, varnish file read 2018-03-09 10:59:04 -06:00
Jacob Robles a458cb9ebc
varnish file read msftidy fixes 2018-03-09 10:56:52 -06:00
Jacob Robles 037559023a
Update connect/disconnect varnish 
[ticket: #7654]
 2018-03-09 10:37:14 -06:00
Jeffrey Martin b9ad1f2872
Land #9687, bump payloads, fix PHP meterpreter message parsing 2018-03-07 18:48:56 -06:00
Jeffrey Martin 26481d503e
one more payload size adjustment 2018-03-07 18:48:10 -06:00
Brent Cook b977b1c951 bump payload sizes 2018-03-07 17:41:58 -06:00
Jacob Robles 15269ec3ce
Land #9678, Add memcached UDP version scanner 2018-03-07 10:14:29 -06:00
Jacob Robles 86dd382e6a
Land #9554, Eclipse Equinoxe OSGi console RCE 2018-03-07 08:41:31 -06:00
Jon Hart a69c2e29d2
Correct comment 2018-03-06 18:16:22 -08:00
Jon Hart 1e04fa009f
Fix style 2018-03-06 18:13:50 -08:00
Jon Hart 74ec9f00e7
Add WIP memcached UDP version scanner 2018-03-06 17:54:00 -08:00
Jon Hart e72372d6d8
Add disclosure date and correct CVE for memcached amp 2018-03-06 16:04:00 -08:00
Brent Cook d6871f5733
Land #9614, Juniper post enum module 2018-03-06 10:29:56 -06:00
bwatters-r7 e878e19bbd Land #9665, Add missing reverse_tcp_rc4 payload tests. 
Merge branch 'land-9665' into upstream-master
 2018-03-05 17:18:04 -06:00
William Vu 176fb13c84 Fix #9650, missed code from TelnetEnable refactor 
1. Functionality was added incrementally, and I missed an opportunity to
consolidate a few methods under @do_exploit.
2. The Capture mixin can raise RuntimeError for a number of different
reasons, not just a lack of root privileges.

tl;dr Fix my incompetence and laziness. :-)

I don't think EDB and friends usually get these updates. :(
 2018-03-05 14:46:27 -06:00
Jon Hart 3028dccd7a
Land #9644, @xistence's memcached stats amplification scanner 2018-03-05 09:02:28 -08:00
Jeffrey Martin eac7cc63fc
add missing payload tests 2018-03-04 17:54:52 -06:00
Jon Hart f2de2a7f21
Appease most of rubocop's concerns 2018-03-04 07:17:25 -08:00
Jon Hart 2edb2dd8d0
Add CVE; clarify vuln name 2018-03-04 07:13:28 -08:00
h00die ea62497385
Land #9658 spelling and grammar fixes 2018-03-04 06:24:59 -05:00
Biswajit Roy 3925686173
Fixed error in my correction 
Changed from `an username` to `a username`
 2018-03-03 10:16:44 +05:30
William Vu 6dbf9445c9 Add MAC address discovery 2018-03-02 19:18:30 -06:00
William Vu 107512498c Add check method 2018-03-02 19:16:37 -06:00
William Vu 25f36fb926 Refactor code into new methods 2018-03-02 19:16:37 -06:00
William Vu 109bc87ffb Check for nil, EOFError, and zero-length response 2018-03-02 19:15:20 -06:00
William Vu bcdfebf93c Add a vprint for creds we chose 2018-03-02 19:15:19 -06:00
William Vu 4418a0de02 Enhance detection of telnetenabled vs. telnetd 2018-03-02 19:15:19 -06:00
William Vu fba30d47a2 Use default creds specific to protocol 2018-03-02 19:15:18 -06:00
William Vu 1f40afea9c Add automatic target for detection of TCP or UDP 2018-03-02 19:15:18 -06:00
William Vu a5e5b618fd Add print statements I forgot 2018-03-02 19:15:17 -06:00
William Vu e87681f2c4 Add NETGEAR TelnetEnable 2018-03-02 19:15:17 -06:00
bwatters-r7 0d07d44b14
ReLand #9565, Reverse TCP x64 RC4 via max3raza's rc4_x64 asm 
This reverts commit 7964868fcd.
 2018-03-02 16:09:52 -06:00
bwatters-r7 7964868fcd
Revert "Land #9565, Reverse TCP x64 RC4 via max3raza's rc4_x64 asm" 
This reverts commit fcc579377f, reversing
changes made to 95cd149378.
 2018-03-02 08:29:48 -06:00
bwatters-r7 fcc579377f
Land #9565, Reverse TCP x64 RC4 via max3raza's rc4_x64 asm 2018-03-02 07:34:45 -06:00
Biswajit Roy 38c42f3b10
Fixed Typos 
Fixed minor typing errors.
 2018-03-02 17:38:19 +05:30
Jon Hart e7a7b557bc
Randomize and doc memcached stats probe; catch multi-packet responses 2018-03-01 16:56:34 -08:00
Jon Hart 155f45fc28
Simplify memcached amplification scanner to use UDPScanner for most of the work 2018-03-01 15:37:23 -08:00
Sonny Gonzalez 883654f0ea
Land #9653, fix Y2k38 issue (until Jan 1, 2038) 2018-03-01 09:13:41 -06:00
Brent Cook 27bd2a4a9f workaround Y2k38 issues in java certificate generation 2018-03-01 08:41:28 -06:00
Jon Hart 9e1a7c869c
Use drdos mixin for memcached amp module 2018-02-27 22:51:27 -08:00
xistence 05c99ffb5c Add Memcached amplification scanner 2018-02-28 11:24:17 +07:00
Brent Cook 325ad7256e if multi/handler is disabled, exit 2018-02-27 04:30:09 -06:00
Rob Fuller 0c82b0a922
Support Windows 2008/7 and above 
Probably about time that we supported versions less than 10 years old :)
 2018-02-24 16:06:55 -05:00
Brent Cook cd728defed Merge branch 'master' into land-9607- 2018-02-23 11:09:20 -06:00
h00die c7bbc6eca4 juniper post enum module 2018-02-22 21:08:21 -05:00