infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,498 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

12498 Commits (182f3744de428c772c1dd2c0515db3b81ca73f15)

Author SHA1 Message Date
Raphael Mudge f07be8b7de Armitage 03.08.12 
-----------------
Added support for meterpreter's session_host value (allows armitage to associate session w/
a host, even if it's behind a NAT). Armitage also chooses an IPv6 payload when attacking an
IPv6 host.
 2012-03-07 20:43:07 -05:00
Tod Beardsley 57376a976d Fixes descriptions on new modules. 
Fixing up grammar and removing some editorial verbiage.
 2012-03-07 09:18:47 -06:00
HD Moore 761f859695 Simplify the module instance (required to call certain methods) 2012-03-07 07:59:41 -06:00
HD Moore 5054840165 Overwrite the local datastore with the normalized option, even if it 
came from a global datastore due to a fall-through
 2012-03-07 07:37:36 -06:00
HD Moore b89af3546d Revert the previous global fix in favor of a different method. 
Fixes #6501
 2012-03-07 07:37:36 -06:00
HD Moore 9975d5a220 Always clone modules before running them via the simplified wrappers. 
This prevents changes to the datastore or instance variables from
being carried over into a second run
 2012-03-07 07:37:36 -06:00
sinn3r d9788db7bb Merge pull request #222 from jduck/master 
Fixes #6483
 2012-03-07 18:11:48 -08:00
sinn3r 0550b77522 Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-03-07 20:04:04 -06:00
sinn3r 3b4ed13aee Fix typo 2012-03-07 20:03:46 -06:00
Tod Beardsley 33460b6bf4 Fixups on the Adobe Flash exploit description 
Massaged the lines about the phishing campagin use in the wild.
 2012-03-07 19:37:49 -06:00
sinn3r befb60217c Add CVE-2012-0754 .as source 2012-03-07 19:25:51 -06:00
sinn3r c76f43c066 Add CVE-2012-0754: Adobe Flash Player MP4 cprt overflow 2012-03-07 19:24:00 -06:00
sinn3r f2eab70c3f Add swf file for CVE-2012-0754 2012-03-07 19:23:11 -06:00
Tod Beardsley f97dc8dee7 Fix spelling of the IBM product iSeries 
Was I-Series.
 2012-03-07 15:24:15 -06:00
sinn3r 7dfba9c00d Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-03-07 14:51:39 -06:00
sinn3r 0ee7788028 Add a check to detect the vulnerable version of Sysax SSH 2012-03-07 14:51:21 -06:00
Joshua J. Drake ab01a19f92 Fixes #6483: Correct the include for the handler (was copypasta) 2012-03-07 11:23:44 -06:00
Tod Beardsley ba2bf194fd Fixes descriptions on new modules. 
Fixing up grammar and removing some editorial verbiage.
 2012-03-07 09:17:22 -06:00
James Lee 02ea38516f Add a check method for tomcat_mgr_deploy 2012-03-06 23:22:44 -07:00
James Lee 806a3c01b7 Wrap Windows-specifc headers in ifdef 2012-03-06 15:34:09 -07:00
James Lee d99df825b3 Handle multiple addrs on one iface on the ruby side 2012-03-06 14:36:34 -07:00
James Lee 6b9a21936e Whitespace at EOL 2012-03-06 14:14:02 -07:00
James Lee 2b9acb61ad Clean up some incosistent verbosity 
Modules should use `vprint_*` instead of `print... if
datastore["VERBOSE"]` or similar constructs
 2012-03-06 12:01:20 -07:00
sinn3r 003fa3e22c Apply patch for #6495 2012-03-06 11:43:28 -06:00
sinn3r 22a12a6dfc Add Lotus CMS exploit (OSVDB-75095) 2012-03-06 11:36:28 -06:00
HD Moore 8cbe5d8a54 Force many integer arguments to be integers 2012-03-06 09:28:29 -06:00
HD Moore 99177e9d5e Small commit to fix bad reference and old comment 2012-03-06 01:44:26 -06:00
James Lee 085b3b5640 Adds IPv6 addrs to win32 get_interfaces response 2012-03-05 21:57:39 -07:00
Tod Beardsley 7f9880a1fc Fixes whitespace on linux shellcode from @mak 
Also repairs some weirdly broken comment.

[Closes #131]
 2012-03-05 16:59:37 -06:00
Tod Beardsley 9e380d9e88 Merge remote branch 'mak/payload-linux-x64' into l64 2012-03-05 14:58:24 -06:00
James Lee 78d84d9472 A few more author typos 2012-03-05 13:50:03 -07:00
James Lee 22eb1e2dce Module author typo 2012-03-05 13:50:03 -07:00
James Lee e14a574c36 Fix a couple of typos that throw off module authors 2012-03-05 13:50:03 -07:00
Tod Beardsley e014e9a5c3 Fix up notes search implementation 
Uses delete_if and a negative assertion, rather than the (much nicer but
unavailable) keep_if method.
 2012-03-05 13:50:02 -07:00
Tod Beardsley b847d48927 Tidies up sempervictus's search patch 
Affects the console's db commands of hosts, services, vulns, creds, notes,
loot

Skips searching entirely unless a search term is provided, and
explicitly casts the term as a Regexp object from the outset.

Avoids using Object#to_sym in preference of Object#intern (safer in
nearly all cases)

Temporarily disables functionality on notes since Array#keep_if isn't
available prior to Ruby 1.9.2
 2012-03-05 13:50:02 -07:00
RageLtMan 3270976d7b Search functionality for db dispatcher commands 2012-03-05 13:50:02 -07:00
sinn3r aab493259f Port should not contain a non-numeric value or even empty when assigned to :port 2012-03-05 13:50:02 -07:00
Gregory Man ba34fbac46 afp_server_info fixes and improvements 
1.9 compatibility, timeouts, reporting
 2012-03-05 13:50:02 -07:00
Gregory Man 4f05f4e03f Added auxiliary/scanner/afp/afp_server_info module 2012-03-05 13:50:02 -07:00
James Lee 70162fde73 A few more author typos 2012-03-05 13:28:46 -07:00
James Lee 82c23e95d3 Module author typo 2012-03-05 13:28:46 -07:00
James Lee 3a33434867 Fix a couple of typos that throw off module authors 2012-03-05 13:28:46 -07:00
Tod Beardsley 43c84483dc Merge in db console commands for search 
Incorporates search option from @sempervictus , fixing a couple issues
along the way. This resolves Redmine issue #6185.

[Closes #107]
 2012-03-05 13:41:02 -06:00
Tod Beardsley 85d1b77ed3 Fix up notes search implementation 
Uses delete_if and a negative assertion, rather than the (much nicer but
unavailable) keep_if method.
 2012-03-05 13:40:26 -06:00
Tod Beardsley a957c45daf Tidies up sempervictus's search patch 
Affects the console's db commands of hosts, services, vulns, creds, notes,
loot

Skips searching entirely unless a search term is provided, and
explicitly casts the term as a Regexp object from the outset.

Avoids using Object#to_sym in preference of Object#intern (safer in
nearly all cases)

Temporarily disables functionality on notes since Array#keep_if isn't
available prior to Ruby 1.9.2
 2012-03-05 13:40:26 -06:00
RageLtMan fb475ca49c Search functionality for db dispatcher commands 2012-03-05 13:40:26 -06:00
sinn3r afd1af6377 Merge branch 'apf-info' of https://github.com/gregory-m/metasploit-framework into gregory-m-apf-info 2012-03-05 11:18:23 -06:00
sinn3r 1005de0523 Port should not contain a non-numeric value or even empty when assigned to :port 2012-03-05 11:10:16 -06:00
James Lee cd990917be Don't distinguish between 4 and 6. 
The client can figure it out from the length.
 2012-03-05 09:10:47 -07:00
James Lee c81dce2013 Append to the list instead of assigning to it 
All addresses are being sent to the client now.  Just need a way to
parse them out correctly on the other side and meterpreter will be able
to list all addresses on all interfaces on Linux.  Next step is to
allocate the proper number of TLVs to avoid good ol' stack smashes on
systems with lots of addresses and then make sure we clean all the
memory leaks.

[See #6476]
 2012-03-05 09:10:47 -07:00