01b7e3554e
fix issue found by newpid0
2013-01-25 22:05:09 +01:00
d0ecb617c3
Merge branch 'joomla-scanner' of https://github.com/Newpid0/metasploit-framework into Newpid0-joomla-scanner
2013-01-25 21:47:05 +01:00
d6e9f891ea
Proposal for joomla-scanner
2013-01-25 20:44:49 +01:00
0490b4a853
I wanna know where this thing is stored.
2013-01-25 13:18:28 -06:00
f5182b4e6b
Merge branch 'titanftp_xcrc_traversal' of github.com:zeknox/metasploit-framework into zeknox-titanftp_xcrc_traversal
2013-01-25 13:15:18 -06:00
0a4fadcb09
Comments don't seem to align properly w/ tabs
2013-01-25 13:07:13 -06:00
7d4e7676ce
This file has a MSF license, needs the header
2013-01-25 13:04:20 -06:00
a14cd71047
Merge branch 'ms12-020_check.rb' of github.com:zeknox/metasploit-framework into zeknox-ms12-020_check.rb
2013-01-25 12:56:02 -06:00
4824d11ff3
removed white space
2013-01-25 12:14:41 -06:00
3742fd5a17
duplicate include
2013-01-25 11:58:04 -06:00
8578e7cf85
renamed file
2013-01-25 11:55:54 -06:00
fc3d87ed4c
added ms12-020 checker
2013-01-25 10:43:43 -06:00
e32bd8d4e0
Comma deleted
2013-01-25 11:44:08 +01:00
a204f6fd1b
variable typo
2013-01-25 02:18:20 -05:00
976e59954c
update description
2013-01-25 02:14:42 -05:00
a9821fce29
add action option for domain user enum
2013-01-25 02:08:30 -05:00
dd1ce34ecc
Made recommended changes removed short timeout added returns and other small changes
2013-01-24 17:04:22 -05:00
15253f23bf
added RHOSTS funct
2013-01-24 15:29:35 -06:00
fbbac2bd51
make module msftidy compliant
2013-01-24 21:37:04 +01:00
2419e55603
Merge branch 'feature/rm7581-sudo-improved-with-PASSWORD-option' of https://github.com/lmercer-r7/metasploit-framework into lmercer-r7-feature/rm7581-sudo-improved-with-PASSWORD-option
2013-01-24 21:36:40 +01:00
af3a1db4c1
Make better use of ruby regex
2013-01-24 14:16:01 -06:00
077c04d13a
Merge branch 'feature/rm6822-cold_fusion_version' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-feature/rm6822-cold_fusion_version
2013-01-24 13:51:27 -06:00
3faf4b3aca
adding sinn3r as author
2013-01-24 18:13:30 +01:00
f1f8782a5d
Merge branch 'payload_inject.rb' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-payload_inject.rb
2013-01-24 18:13:00 +01:00
1fc747994e
cleanup for linksys_wrt54gl_exec
2013-01-24 17:50:14 +01:00
816bc79d9d
Merge branch 'wrt54gl-exec' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-wrt54gl-exec
2013-01-24 17:49:54 +01:00
2cedcad810
Check PID
2013-01-24 10:46:23 -06:00
6cdb1a80de
Remove app from fingerprint and blank line
2013-01-24 09:47:20 -05:00
bf2b01f8ef
Delete a file and strip space
2013-01-24 09:30:04 -05:00
1bccc410a3
Merge branch 'module-movabletype_upgrade_exec' of https://github.com/kacpern/metasploit-framework into kacpern-module-movabletype_upgrade_exec
2013-01-24 15:02:48 +01:00
ba41ee9c83
- applied all the changes from #1363
...
- some extra escaping for the sake of it
- removed the timeout in http_send_raw
2013-01-24 13:15:42 +00:00
96d0b13de2
Merge branch 'excellentrankings' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-excellentrankings
2013-01-24 13:00:01 +01:00
3146b7ce77
Change default target
...
ExcellentRanking requires the module to auto-target. If the payload
is universal, that works too.
2013-01-23 23:40:47 -06:00
0c0f4a3e66
Lower ranking because they cannot auto-target
...
In order to be qualified as ExcellentRanking, auto-target is a must,
or the module has to default to a payload that's universal for
multiple platforms. Otherwise you're wasting time in Pro.
2013-01-23 23:35:31 -06:00
8e09247703
Rename to match the OEM vendor
2013-01-23 21:10:25 -06:00
2c12666f4e
Update the vendor to match the OEM source
2013-01-23 21:10:05 -06:00
6e94c04a52
Code Corrections and Enhancements
2013-01-23 20:26:23 -05:00
75f3a62ac4
Explain why we need this empty on_new_session
2013-01-23 16:43:36 -06:00
9c3e9f798f
Lower the ranking, because it cannot auto-target.
...
When it's excellent, Pro will fire this first, and that will only
generate more traffic than actually popping a shell.
2013-01-23 16:39:24 -06:00
53599e4c45
It's better to have a version # in the title, easier to find
2013-01-23 16:32:57 -06:00
d1736b8880
Merge branch 'sonicwall_upload' of github.com:julianvilas/metasploit-framework into julianvilas-sonicwall_upload
2013-01-23 16:32:06 -06:00
3418457b9a
Small changes (extra comma + typo)
2013-01-23 16:29:25 -06:00
25847e7a2d
Merge branch 'master' into module/add-swann-dvr
2013-01-23 16:26:18 -06:00
ad108900d5
Why yes I know it's a module
2013-01-23 16:23:41 -06:00
22f7619892
Improve Carlos' payload injection module - See #1201
...
Lots of changes, mainly:
* Description update
* Avoid accessing protected methods
* More careful exception & return value handling
2013-01-23 16:15:14 -06:00
cfde24785c
Adds a password grabber module for Swann DVRs
2013-01-23 14:23:58 -06:00
3b65f31d95
post/multi/manage/sudo improved with the PASSWORD option
...
as described in Redmine Feature #7581
2013-01-23 15:23:40 -05:00
e93b7ffcaf
Add Carlos Perez's payload injection module
...
See #1201
2013-01-23 14:07:48 -06:00
d354982345
Fix grammar on description for webcam
2013-01-23 14:00:34 -06:00
f50c7ea551
A version number helps deciding which exploit to use
2013-01-23 11:43:39 -06:00
a1f8da9ff6
Merge branch 'master' of github.com:rapid7/metasploit-framework
2013-01-23 11:41:35 -06:00
ca144b9e84
msftidy fix
2013-01-23 11:40:12 -06:00
dd0fdac73c
fix indent
2013-01-23 18:19:14 +01:00
c47392f5d1
normalize_uri and path fix
2013-01-23 16:57:30 +00:00
ff875d04e0
- RPATH changed to TARGETURI
...
- both CVE numbers referenced
- sightly changed exception handling
2013-01-23 16:50:35 +00:00
8bcf4a86ef
Update modules/exploits/multi/browser/java_jre17_method_handle.rb
...
Wrong reference type (URL instead of OSVDB)
2013-01-23 17:14:53 +01:00
06926fbabb
Merge branch 'module-cmd_windows_reverse_perl' of https://github.com/kacpern/metasploit-framework into kacpern-module-cmd_windows_reverse_perl
2013-01-23 16:42:45 +01:00
a3fa7cc6bc
adjusted disclosure date
2013-01-23 12:49:08 +00:00
e78174297e
assuring stdapi loads on meterpreter
2013-01-23 12:44:55 +01:00
f691652594
attempt to fix cmd/windows/reverse_perl payload
2013-01-23 11:21:44 +00:00
3a5e92ba6f
hopefully all fixex included
2013-01-23 12:15:34 +01:00
5d6ca30422
removed spaces at EOL
2013-01-23 10:33:55 +00:00
17d1c9f996
- expanded description
...
- updated references
2013-01-23 10:29:11 +00:00
9c9a0d1664
Added module for cve-2012-0432
2013-01-23 10:51:29 +01:00
5cfabb0443
Apply the changes I suggested before
2013-01-23 00:15:09 -06:00
1e39c31cc2
Merge branch 'feature/rm6822-coldfusion_locale_traversal' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-feature/rm6822-coldfusion_locale_traversal
2013-01-23 00:06:35 -06:00
933f807745
Msftidy cleanup + handling return values better
2013-01-22 23:53:00 -06:00
dab2952d60
Merge branch 'picasa' of github.com:charles-n2netsec/metasploit-framework into charles-n2netsec-picasa
2013-01-22 22:54:45 -06:00
9671df4488
Picasa 2 credentials are now also saved as loot
...
This module used to save only Picasa 3 credentials as loot. Picasa
2 creds were displayed, but not saved. I've updated the module to
save Picasa 2 credentials, and I also updated the output code to
use print_good instead of print_status.
2013-01-22 15:46:47 -05:00
8819059499
Merge branch 'zoneminder_packagecontrol_exec' of github.com:bcoles/metasploit-framework into bcoles-zoneminder_packagecontrol_exec
2013-01-22 14:41:40 -06:00
20b36cdf7a
added extra checking for strict databases
2013-01-22 15:42:23 +00:00
807bd6e88a
Merge branch 'java_jre17_glassfish_averagerangestatisticimpl' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-java_jre17_glassfish_averagerangestatisticimpl
2013-01-22 15:33:39 +01:00
c498930644
Merge branch 'java_jre17_method_handle' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-java_jre17_method_handle
2013-01-22 15:33:07 +01:00
8a59c7b8fb
removed extra print_status() calls
2013-01-22 12:31:40 +00:00
970591a85f
Add ZoneMinder arbitrary command execution exploit
2013-01-22 22:56:50 +10:30
08a5f467b1
added URL for developer site
2013-01-22 12:14:38 +00:00
cd29a88c18
added Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution
2013-01-22 11:58:24 +00:00
08062597b9
fix data added to table
2013-01-22 12:07:16 +01:00
dce4e7fc08
Merge branch 'filezilla_server_bugs' of https://github.com/charles-n2netsec/metasploit-framework into charles-n2netsec-filezilla_server_bugs
2013-01-22 12:06:44 +01:00
516eccdf9a
Merge branch 'record_mic_update' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-record_mic_update
2013-01-22 10:45:36 +01:00
eb92070df8
added module for CVE-2013-1359
2013-01-22 01:54:41 +01:00
11c13500be
small fix
2013-01-21 13:41:42 +01:00
62ff52280a
initial linksys OS command injection
2013-01-21 13:19:29 +01:00
b2c7223108
Cleanup for mysql_file_enum.rb
2013-01-21 12:26:35 +01:00
8b70a94b34
Updates the progress function
...
Because the previous one was wrong.
2013-01-21 00:30:43 -06:00
5cfe58e8d5
General code review and corrections
2013-01-20 22:33:04 -05:00
4d5a7a3d4d
Brute force directory and file names with MySQL
2013-01-20 21:32:02 +00:00
e7604f80b2
added a warning and using optpath
2013-01-20 21:24:00 +00:00
6da4b72d85
added a warning and using optpath
2013-01-20 21:23:59 +00:00
ebb0635e0a
stopped using fixed table name
2013-01-20 21:23:59 +00:00
fce58ad96d
Fixed msftidy stuff
2013-01-20 21:23:58 +00:00
23d1eb7a80
File/dir brute forcer using MySQL
2013-01-20 21:23:58 +00:00
967c04e727
finally it doesn't use FileDropper atm
2013-01-20 19:54:24 +01:00
76edbb9e1c
Merge branch 'module-jenkins-script-console' of https://github.com/zeroSteiner/metasploit-framework into zeroSteiner-module-jenkins-script-console
2013-01-20 19:53:44 +01:00
9769efbf01
references and date updated
2013-01-20 17:38:37 +01:00
dc318c5aed
update php_charts_exec metadata
2013-01-21 02:12:42 +10:30
f975a42571
move and update php_charts_exec metadata
2013-01-21 02:10:48 +10:30
6ae72e4d63
Add PHP-Charts v1.0 PHP Code Execution Exploit
2013-01-20 23:51:17 +10:30
aed71f8446
linux stager plus little cleanup
2013-01-20 13:42:02 +01:00
dcaf2abc53
Better feedback for x86
2013-01-20 00:22:30 +00:00
567185ec65
Better cleanup and address comments
2013-01-20 00:19:17 +00:00
6b40011a6f
use target_uri and normalize_uri as well as fix a cookie problem
2013-01-19 19:10:56 -05:00
771baa3181
Added x64 check and options to info
2013-01-19 23:23:45 +00:00
ef97b20cb7
Merge branch 'wds_unattend'
2013-01-18 14:42:00 -06:00
9f7aafccdf
add module to execute commands via Jenkins Script Console
2013-01-18 14:56:52 -05:00
3465aa00bd
title updated
2013-01-18 18:42:27 +01:00
75109114df
Merge branch 'post_mod_record_mic' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-post_mod_record_mic
2013-01-18 00:25:01 +01:00
e613c860a5
Added Name and Emailadress
2013-01-17 23:17:14 +01:00
892899acd5
Fixed loot formatting so data is under the proper column
...
The credentials table was defined with the columns "User", "Password", "Host", "Port", and "SSL". Credentials were not added in that order, however. They were added in the order "host, port, user, password, ssl" in this line:
credentials << [cred['host'], cred['port'], cred['user'], cred['password'], cred['ssl']]
I changed the order the columns were defined to fix this.
The permissions table had a similar issue. The "FileWrite" column was missing, so I added it. I also moved the "Home" column to after the "AutoCreate" column. Now the line:
permissions << [perm['host'], perm['user'], perm['dir'], perm['fileread'], perm['filewrite'], perm['filedelete'], perm['fileappend'],perm['dircreate'], perm['dirdelete'], perm['dirlist'], perm['dirsubdirs'], perm['autocreate']]
works correctly.
2013-01-17 16:52:02 -05:00
ef16a7fd24
cleanup
2013-01-17 21:45:13 +01:00
a43b218917
Line full of whitespace
2013-01-17 12:43:06 -08:00
670b4e8e06
cleanup
2013-01-17 21:39:41 +01:00
78279a0397
Added new module for cve-2012-5076
2013-01-17 21:27:47 +01:00
d0b9808fc7
Added module for CVE-2012-5088
2013-01-17 21:14:49 +01:00
624ef9a329
Fixed a typo in the skype_enum module.
...
"platfom" instead of "platform" fixed.
2013-01-17 14:04:52 -05:00
419b32b742
Can be used against multiple platforms since it supports java
2013-01-17 12:45:03 -06:00
ff11cfe6e5
Avoid saying "webcam", might be misleading.
2013-01-17 12:30:02 -06:00
f351db3621
Implements the record_mic feature as a post module
...
For easier deployment in the web GUI. Works for Windows meterpreter
and Java meterpreter.
2013-01-17 12:19:52 -06:00
ffd8890ba2
Merge branch 'smb_login_option' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-smb_login_option
2013-01-17 18:15:41 +01:00
0b61d28e0e
added Joomla scanner and url wordlist
2013-01-17 11:36:59 -05:00
57359304a3
Merge branch 'webcam' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-webcam
2013-01-17 16:56:55 +01:00
09b4a09ce1
module razer_synapse cleanup
2013-01-17 16:53:00 +01:00
99296006c1
Merge branch 'razer_synapse.rb' of https://github.com/smilingraccoon/metasploit-framework into smilingraccoon-razer_synapse.rb
2013-01-17 16:52:26 +01:00
40ba075655
Implements the webcam feature as a post mod
...
As a post mod, we can deploy the webcam feature more easily against
multiple sessions in the web gui.
2013-01-17 02:41:16 -06:00
a701b5eb79
fixed an error that occurred when patching.
2013-01-16 18:21:19 -05:00
ddd2dbc17b
Updated coldfusion_local_traversal as described in Redmine Feature #6822
2013-01-16 17:54:15 -05:00
481f2eb791
updated cold_fusion_version from Redmine Feature #6822
2013-01-16 17:23:35 -05:00
51ba500b9f
msftidy compliant
2013-01-16 12:28:09 +01:00
49b36710c4
Merge branch 'freesshd_authbypass_update' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-freesshd_authbypass_update
2013-01-16 12:27:42 +01:00
f6d34b52a5
Merge branch 'verb_auth_bypass_update' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-verb_auth_bypass_update
2013-01-16 12:19:49 +01:00
2348a0b066
final cleanup and testing
2013-01-16 11:55:14 +01:00
b43242d131
Merge branch 'module-nagios3_history_cgi' of https://github.com/jselvi/metasploit-framework into jselvi-module-nagios3_history_cgi
2013-01-16 11:54:51 +01:00
0f24671cf7
Changes how the usernames are loaded.
...
Allows usernames to be loaded as a file (wordlist), that way the
it's much easier to manage. It defaults to unix_users.txt,
because these usernames are common in any SSH hosts out there.
If the user only wants to try a specific user (which is better,
because you reduce traffic noise that way), then he/she can set
the USERNAME option, and that should be the only one tried --
similar to how AuthBrute behaves.
I also fixed the regex in check().
2013-01-16 02:14:52 -06:00
064ea63a72
Fixes
2013-01-16 05:22:43 +01:00
12e7949183
msftidy change
2013-01-15 21:23:49 -05:00
b2cd65e283
adding razer_synapse.rb
2013-01-15 21:14:49 -05:00
26b40666ce
Merge branch 'rapid7' into feature/stage_encoding
2013-01-15 15:10:58 -06:00
9dc42e93e7
Reduce unnecessary indent level
2013-01-15 14:36:41 -06:00
5109cc97fe
Add more verbs
...
[SeeRM: #7138 ] by jabra
2013-01-15 14:11:53 -06:00
b3291c0329
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
2013-01-15 14:10:47 -06:00
b5167e7695
Merge branch 'add_bap_to_itms_overflow' of github.com:jvennix-r7/metasploit-framework into jvennix-r7-add_bap_to_itms_overflow
2013-01-15 12:25:07 -06:00
6508964171
For consistency with other post modules, also do a store_loot
2013-01-15 12:16:32 -06:00
c1794e9195
Merge branch 'bulletproof_ftp_creds' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-bulletproof_ftp_creds
2013-01-15 11:41:42 -06:00
6e6e90d733
Cosmetic changes
2013-01-15 11:36:49 -06:00
a06d49a8be
Return symbols
...
STOP_ON_SUCCESS is being ignored because the module's login function
doesn't pass a symbol to the mixin. This addresses that.
2013-01-15 11:25:02 -06:00
54883da8cd
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
2013-01-15 10:25:05 -06:00
18f81fd6f4
Nagios3 history.cgi exploit
2013-01-15 15:32:32 +01:00
1e64d36320
avoid begin rescue blocks
2013-01-15 02:05:58 +01:00
fb19ec1005
Merge branch 'rapid7' into feature/stage_encoding
2013-01-14 15:20:23 -06:00
347cc3f879
Merge branch 'bug/rm7680-psexec_command-convert-nil-into-integer' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-bug/rm7680-psexec_command-convert-nil-into-integer
2013-01-14 15:12:43 -06:00
jvazquez-r7
sinn3r
Brandon McCann
Rob Fuller
f8lerror
Kacper Nowak
HD Moore
lmercer
Tod Beardsley
booboule
m-1-k-3
Charles Smith
Robin Wood
bcoles
Julian Vilas
Meatballs1
Spencer McIntyre
Christian Mehlmauer
Jose Selvi
smilingraccoon
James Lee