Commit Graph

1325 Commits (1a2d5e472f713c9cc1c818d96377e73e150f0330)

Author SHA1 Message Date
scriptjunkie 438d348fda Kali fixes
Check the new database config location.
Don't crash on sporadic JRE style error.
2013-03-24 21:00:38 -05:00
m-1-k-3 36d1746c0d linksys traversal module - initial commit 2013-03-23 17:01:02 +01:00
jvazquez-r7 27778e6ea9 fix comma typo 2013-03-19 19:20:39 +01:00
sinn3r be9d4ec393 New pt for virtualprotect, and readjust size to 0x401 2013-03-19 09:25:06 -05:00
sinn3r ea4c88bc2c Java Rop null-byte free
Our new heap spray routine does not like double nulls, so we need
to adjust our ROP.
2013-03-18 23:42:17 -05:00
scriptjunkie 16fad29cb0 Update creds schema. 2013-03-12 23:07:40 -05:00
sinn3r e1859ae4b6 Merge branch 'rsmudge-armitage' 2013-03-06 19:31:44 -06:00
sinn3r a30b61e4aa Merge branch 'rsmudge-armitage' 2013-03-06 16:39:00 -06:00
Raphael Mudge 4ab8315db0 Armitage 03.06.13
Apparently, my last update came from the future. This modification
to that future update fixes an oversight preventing Armitage from
connecting to its collaboration server because it would report the
wrong application.
2013-03-04 23:11:20 -05:00
Raphael Mudge 59d2f05c94 Armitage 04.06.13
This update to Armitage improves its responsiveness when connected
to a team server over a high latency network. This update also adds
a publish/query/subscribe API to Cortana.
2013-03-04 18:32:45 -05:00
Luke Imhoff 239e1934b8 Use migrations from metasploit_data_models
[#44034071]

metasploit_data_models version 0.5.0 copied the migrations from
metasploit-framework/data/sql/migrate to
metasploit_data_models/db/migrate so that specs could be written the Mdm
models in metasploit_data_models.  As part of the specs, :null => false
columns that should be :null => true were discovered, so a new migration
was added, but to metasploit_data_models/db/migrate, so it could be
tested.  Instead of replicating migrations back and forth, I'm removing
the migrations completely from metasploit-framework and changing the
default migration path in Msf::DbManager#migration_paths to
MetasploitDataModels.root.join('db', 'migrate').
2013-03-01 09:03:45 -06:00
Tod Beardsley dd9002fcab Merges ChrisJohnRiley's new password
Lands https://github.com/rapid7/metasploit-framework/pull/1521

Closes #1521

(Forgive the oververbose commit message, experimenting with various
syntax hilighters)
2013-02-25 08:39:27 -06:00
Chris John Riley 28fd92a013 Added new default password foe TMSADM
Based on: http://blog.ptsecurity.com/2013/02/sap-unknown-default-password-for-tmsadm.html
2013-02-25 09:00:57 +01:00
jvazquez-r7 d7b89a2228 added security level bypass 2013-02-20 17:50:47 +01:00
jvazquez-r7 d88ad80116 Added first version of cve-2013-0431 2013-02-20 16:39:53 +01:00
sinn3r bc03247386 Merge branch 'sap_url_update' of github.com:ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-sap_url_update 2013-02-19 15:08:26 -06:00
jvazquez-r7 9af43bc05c newline to sap_default.txt 2013-02-18 15:58:29 +01:00
jvazquez-r7 a91bbf5f69 Merge branch 'sap_default_user_additions' of https://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-sap_default_user_additions 2013-02-18 15:57:26 +01:00
jvazquez-r7 c8778587f5 rename the xml template for s4u 2013-02-18 15:25:03 +01:00
jvazquez-r7 be0feecf8f Merge branch 's4u_persistence' of https://github.com/smilingraccoon/metasploit-framework into smilingraccoon-s4u_persistence 2013-02-18 15:22:37 +01:00
Chris John Riley 6519444112 Addition defaults 2013-02-15 13:35:25 +01:00
Chris John Riley 5df03f790b Remove end of line spaces and rerun uniq 2013-02-15 13:31:35 +01:00
Chris John Riley fb7d0159c3 Further URLs 2013-02-15 13:26:44 +01:00
Chris John Riley 21366dd4df Updated SAP URL list to include further known URLs 2013-02-15 13:20:23 +01:00
sinn3r 398e6cb202 Merge branch 'rsmudge-armitage' 2013-02-13 10:38:30 -06:00
Raphael Mudge 596b62b831 Armitage 02.12.13 - Distributed Operations
This update adds the ability to manage multiple team server instances
through one Armitage client. This update also adds nickname completion
to the event log. Several bug fixes are included too.
2013-02-11 21:20:03 -05:00
jvazquez-r7 41564fd51d Merge branch 'aux-word_unc_injector.rb' of https://github.com/SphaZ/metasploit-framework into SphaZ-aux-word_unc_injector.rb 2013-02-11 15:05:27 +01:00
smilingraccoon 3a499b1a6d added s4u_persistence.rb 2013-02-10 14:22:36 -05:00
scriptjunkie 447f78cb24 Handle nonstandard ports when starting new msfrpcd. 2013-02-04 17:24:41 -06:00
SphaZ 24de0d2274 Data files moved. Updated to use Rex::zip and Msf::Exploit::FILEFORMAT 2013-02-04 13:37:09 +01:00
Tod Beardsley 293f9da5cf Merge branch 'bug/pro-only-models'
Updates to use MDM 0.4.0 (was using 0.3.0)
2013-01-31 16:14:51 -06:00
jvazquez-r7 d0ecb617c3 Merge branch 'joomla-scanner' of https://github.com/Newpid0/metasploit-framework into Newpid0-joomla-scanner 2013-01-25 21:47:05 +01:00
f8lerror bf2b01f8ef Delete a file and strip space 2013-01-24 09:30:04 -05:00
f8lerror 6e94c04a52 Code Corrections and Enhancements 2013-01-23 20:26:23 -05:00
sinn3r e376bb6fab Merge branch 'rsmudge-armitage' 2013-01-22 22:52:35 -06:00
Raphael Mudge 8c86c49d43 Armitage 01.23.13
This update to Armitage adds the ability to assign labels to hosts
and create dynamic workspaces based on these labs. This update also
adds helpers to configure USERNAME/PASSWORD options and EXE::Custom
and EXE::Template. Several bugs were fixed as well.
2013-01-22 22:48:16 -05:00
jvazquez-r7 807bd6e88a Merge branch 'java_jre17_glassfish_averagerangestatisticimpl' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-java_jre17_glassfish_averagerangestatisticimpl 2013-01-22 15:33:39 +01:00
jvazquez-r7 78279a0397 Added new module for cve-2012-5076 2013-01-17 21:27:47 +01:00
jvazquez-r7 d0b9808fc7 Added module for CVE-2012-5088 2013-01-17 21:14:49 +01:00
f8lerror 0b61d28e0e added Joomla scanner and url wordlist 2013-01-17 11:36:59 -05:00
jvazquez-r7 51f3f59d2f cve and references available 2013-01-11 00:54:53 +01:00
Luke Imhoff f8e1ccc27e Remove cred_files migration
[#41837027]

Mdm::CredFile is only used in Pro, so for metasploit_data_models 0.4.0,
Mdm::CredFiles has been moved to Pro, so the migration has been moved to
Pro too.
2013-01-10 17:50:00 -06:00
jvazquez-r7 876d889d82 added exploit for j7u10 0day 2013-01-10 20:30:43 +01:00
Sam Gaudet 7d1716b79f Turnkey Linux default password 2013-01-08 22:47:53 -05:00
Raphael Mudge 5348127fd2 Metasploit 4.5 Installer Environment Tweak
Armitage on Windows requires the user to specify their MSF
install folder. This tweak checks for an MSF 4.5 environment
and updates the specified folder to make everything work.

Like magic.
2013-01-04 13:08:47 -05:00
Raphael Mudge a79f2fa8d1 Armitage Updates and Bug Fixes
This is Armitage release 01.04.13. This update fixes several bugs
and improves the user experience launching *_login modules from
Armitage. This update adds a Windows 8 icon and includes a fix to
better work with the Metasploit 1.45 installer's environment.
2013-01-04 12:05:09 -05:00
jvazquez-r7 133ad04452 Cleanup of #1062 2012-12-07 11:55:48 +01:00
HD Moore 5e44987271 Really fix this by resetting schema cache 2012-12-06 06:33:46 -08:00
HD Moore a5b3be6dfa Fix a conflicting rename that breaks ActiveRecord 2012-12-06 06:14:49 -08:00
HD Moore 087b2c39ae Whitespace cleanup only 2012-12-06 06:13:53 -08:00
jvazquez-r7 b7f304f0db added build exec_payload.msi 2012-11-28 21:51:01 +01:00
Tod Beardsley 8d6289d8d6 Merge remote branch 'rsmudge/armitage' 2012-11-26 10:52:06 -06:00
Raphael Mudge a2615102c9 Armitage 11.26.12 - several usability enhancements and bug fixes. 2012-11-25 20:51:32 -05:00
sinn3r e6208a7993 Merge branch 'guiOptions' of git://github.com/scriptjunkie/metasploit-framework into scriptjunkie-guiOptions 2012-11-19 10:09:54 -06:00
jvazquez-r7 24fe043960 Merge branch 'samba' of https://github.com/mephos/metasploit-framework into mephos-samba 2012-11-19 14:13:15 +01:00
jvazquez-r7 eddea29568 Merge branch 'sap_soap_rfc_brute_login' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_brute_login 2012-11-18 21:36:54 +01:00
scriptjunkie 39dee758e6 Remember last options used for each module, and fill them in by default. 2012-11-17 10:08:45 -06:00
Tasos Laskos 8a9f0a0890 Merge remote-tracking branch 'upstream/master' into web-modules 2012-11-14 18:10:41 +02:00
jvazquez-r7 5076198ba2 fixing bperry comments 2012-11-11 20:18:19 +01:00
jvazquez-r7 8619c5291b Added module for CVE-2012-5076 2012-11-11 17:05:51 +01:00
Tasos Laskos 7032ef0f6f Merge remote-tracking branch 'upstream/master' into web-modules 2012-11-09 00:21:38 +02:00
nmonkee f521e70bee wordlists to accompany sap_soap_rfc_brute_login.rb 2012-11-07 10:46:36 +00:00
David Maloney c30ada5eac Adds temp vbs mod and tweaked decoder stub 2012-11-04 12:49:15 -06:00
Tasos Laskos 385d225305 Updated support for Web modules and analysis techniques (committing to new clean branch due to corruption) 2012-11-01 21:14:38 +02:00
m m f7481b160c add centos5 target 2012-10-31 18:21:41 +01:00
m m f819ec8e75 typo 2012-10-30 17:19:23 +01:00
m m 3855ba88b1 add meterpreter/command support to samba exploit using ROP 2012-10-29 17:33:00 +01:00
Raphael Mudge eee6248795 Armitage 10.16.12 - a lot of bug fixes. 2012-10-15 19:19:31 -04:00
jvazquez-r7 b4485fdb2b added chm templates 2012-10-10 19:21:47 +02:00
sinn3r 858fd9ff43 Merge branch 'ropdb' of https://github.com/wchen-r7/metasploit-framework 2012-10-03 15:21:11 -05:00
sinn3r ba1b65742e Separate XML for various DLLs. 2012-10-02 11:27:10 -05:00
sinn3r f2c7731b39 Add RopDb mixin 2012-10-01 17:09:01 -05:00
Cristiano Maruti 75f5e24178 Dell iDrac login aux scanner 2012-09-27 01:33:11 -05:00
scriptjunkie 10e1574d8a Bugfix with dragging tabbed panes when right-clicked.
Also don't displaly annoying null pointer error when no connection.
2012-09-22 16:32:18 -05:00
James Lee ac2ec99fb7 Add bin for mephos' netstat fixes
[Closes #777]
2012-09-12 16:57:17 -05:00
James Lee 46dfeec402 Adds meterpreter bins all compiled with the same VS
Not sure exactly what was causing the breakage, but using bins compiled
with the same version of Visual Studio seems to have fixed the issue.

[FixRM #7233]
2012-09-11 14:16:21 -05:00
sinn3r c4fb285288 Merge branch 'armitage' of https://github.com/rsmudge/metasploit-framework into rsmudge-armitage 2012-09-05 13:48:09 -05:00
Raphael Mudge e8b3f0193b Armitage 09.05.12 - this release detects several user errors on startup (incorrect permissions, whitespace in the host/port/user/pass parameters, etc.). This release also cleans up the token stealing dialog. 2012-09-05 01:54:28 -04:00
h0ng10 2b6aa6bbdb Added Exploit for deployfilerepository via JMX 2012-09-03 13:50:16 -04:00
James Lee 44801c217d Linux bins for #609 2012-08-29 14:09:37 -05:00
James Lee 5a5ca66bff Merge branch 'mephos-arp-linux' into rapid7 2012-08-29 11:19:04 -05:00
Patrick Webster be63aad0d1 Added Windows wordlist. 2012-08-29 10:51:09 +10:00
James Lee 049494752c Bins for #609, adds netstat and arp cmds 2012-08-28 18:21:57 -05:00
jvazquez-r7 363c0913ae changed dir names according to CVE 2012-08-28 16:33:01 +02:00
jvazquez-r7 52ca1083c2 Added java_jre17_exec 2012-08-27 11:25:04 +02:00
sinn3r f715527423 Improve CVE-2012-1535 2012-08-21 19:58:21 -05:00
Tod Beardsley f46545db58 Merge pull request #700 from rsmudge/armitage
Armitage 08.16.12
2012-08-18 05:55:26 -07:00
Raphael Mudge a6e50497f0 Armitage 08.16.12 - several little fixes and updates. Nothing to write home to mom about. 2012-08-17 16:25:22 -04:00
sinn3r 13df1480c8 Add exploit for CVE-2012-1535 2012-08-17 12:16:54 -05:00
jcran 0a6e0b2415 raspberry pi username / password 2012-08-15 01:55:40 -05:00
James Lee ce94bc2628 Add posix bins for previous commits
This includes 2 bug fixes:
1) Returning a handle with execute
2) Bug in process_channel_read that caused the following to always
return nil or a single byte:
  p = client.sys.process.execute("id", "-u", "Channelized"=>true)
  p.channel.read

[SeeRM #7005][See #681]
2012-08-09 18:35:01 -06:00
HD Moore fac4ba270c Merge pull request #662 from rsmudge/armitage
Armitage 08.02.12 - adds Cortana scripting technology.
2012-08-02 14:31:11 -07:00
Raphael Mudge 32ee1263f9 Armitage 08.02.12 - adds Cortana scripting technology. 2012-08-02 13:24:15 -04:00
HD Moore c4fa86da93 Add missing 64-bit sniffer DLL 2012-08-02 11:33:11 -05:00
m m 5531fd18a0 Really limit packet count and data in linux sniffer
Squashed commit of the following:

commit 57795ff9c33a53167fca85845b96b82b5c92315f
Author: James Lee <egypt@metasploit.com>
Date:   Wed Aug 1 14:13:20 2012 -0600

    Add recompiled sniffer bin for linux

commit 0e11fdb06fcb9771a11eb631e6f10ec7a2d315f3
Author: m m <gaspmat@gmail.com>
Date:   Thu Jul 12 15:08:10 2012 +0200

    really limit packet count and data in linux sniffer

[Closes #605]
2012-08-01 14:16:00 -06:00
James Lee e200f43183 Squashed commit of the following:
commit 1de16b41c8808df2919706eaa8cc89ae44d9b591
Author: m m <gaspmat@gmail.com>
Date:   Mon Jul 9 21:55:32 2012 +0200

    typo

commit a396b55018175f3eb2a83baecb1ec601cc99eef4
Author: m m <gaspmat@gmail.com>
Date:   Mon Jul 9 21:51:32 2012 +0200

    various posix meterpreter bugfixes

[Closes #584]
[FIXRM #7042]
2012-07-19 15:56:47 -06:00
m m 6605e2910c Squashed commit of the following:
commit f0a1d2ad004e5c77cc4d5dcc71935aa530f1729f
Author: m m <gaspmat@gmail.com>
Date:   Tue Jul 17 11:56:43 2012 +0200

    linux meterpreter : correct netmask computation

[Closes #613]
2012-07-19 14:22:39 -06:00
HD Moore 430351fe79 Better handle of module cache when db_connect is run manually 2012-07-10 23:56:48 -05:00
LittleLightLittleFire e9ac90f7b0 added CVE-2012-1723 2012-07-10 12:20:37 +10:00
jcran 8d3ad94f3a enhanced tftp.txt bruteforce list 2012-07-05 22:54:22 -04:00