infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,813 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

6961 Commits (1eccb24bf81df4c197c8044e1b855de7696170d6)

Author SHA1 Message Date
James Lee 1eccb24bf8 Raise if the version isn't what we expect 
Also adds some clarifying commentation and adds todb to the list of
authors since he wrote the original module for windows upon which this
one is based.
 2012-10-18 15:55:55 -05:00
James Lee 3c5c1cd86e Remove unnecessary version restrictions 
Since the payload is now run in the .so constructor, there's no need to
be compatible with a particular Postgres API.

Also:
 - report the service
 - delete the payload in the payload itself to reduce forensics
	 footprint
 - randomize the created function name instead of abusing
	 postgres_create_sys_exec
 2012-10-18 15:40:27 -05:00
James Lee 0221f75f39 Merge branch 'rapid7' into midnitesnake-postgres_payload 2012-10-18 13:57:25 -05:00
jvazquez-r7 291ad27a69 Merge branch 'msftidy_police' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-msftidy_police 2012-10-18 11:32:55 +02:00
sinn3r 0675a6171b Cosmetic changes 2012-10-17 17:30:16 -05:00
sinn3r 201518b66f msftidy corrections 2012-10-17 17:22:26 -05:00
jvazquez-r7 7b1c35624e Merge branch 'mssql_ntlm_stealer' of https://github.com/nullbind/metasploit-framework into nullbind-mssql_ntlm_stealer 2012-10-17 22:50:54 +02:00
jvazquez-r7 1f55e02535 minor cleanup 2012-10-17 22:21:28 +02:00
jvazquez-r7 4c6b331bdc Merge branch 'mssql_ntlm_stealer_sqli' of https://github.com/nullbind/metasploit-framework into nullbind-mssql_ntlm_stealer_sqli 2012-10-17 22:21:00 +02:00
jvazquez-r7 3bd84e255f minor cleanup 2012-10-17 22:06:47 +02:00
jvazquez-r7 848f0cd899 Merge branch 'module-lantronix_telnet_password' of https://github.com/jgor/metasploit-framework into jgor-module-lantronix_telnet_password 2012-10-17 22:06:25 +02:00
jgor 9af727388f deleted superfluous code and comments 2012-10-17 14:27:00 -05:00
jvazquez-r7 12e2ff9bb5 proposed cleanup 2012-10-17 19:03:28 +02:00
sinn3r e30b5b417a Merge branch 'master' of git://github.com/sput-nick/metasploit-framework into sput-nick-master 2012-10-17 10:35:11 -05:00
sput-nick 60dc83748c Update modules/exploits/windows/browser/mozilla_mchannel.rb 2012-10-17 12:25:44 -03:00
jvazquez-r7 16e2a2e050 fix title for the apache activemq source disclosure mod 2012-10-17 17:23:56 +02:00
James Lee 1a0e53dcbb Merge branch 'jvazquez-r7-osx_x86_exec_prepend' into rapid7 
[Closes #919]
 2012-10-16 16:50:15 -05:00
nullbind c52b834f50 updated name and description 2012-10-16 14:37:02 -05:00
nullbind d8c2aa9796 added mssql ntlm stealer for sqli 2012-10-16 14:26:10 -05:00
James Lee 9ee3a14a5a Merge branch 'rapid7' into wchen-r7-smb_login_smb_login_handling 
[Closes #913]
 2012-10-16 13:08:11 -05:00
nullbind fafa6e49ce address comments from jvazquez 2012-10-16 12:10:37 -05:00
jvazquez-r7 6f227dddff Related to #885 , allow Prepend* for osx/x86/exec payload 2012-10-16 16:26:18 +02:00
sinn3r e583847a31 I missed this sucker. 2012-10-15 22:02:26 -05:00
James Lee 52feae2dcd Add missing require 
[FixRM #7345]
 2012-10-15 17:18:04 -05:00
sinn3r 8e668e2808 Check STATUS_ACCESS_DENIED properly 
When Samba throws STATUS_ACCESS_DENIED, the exception that's
throwin is actually Rex::Proto::SMB::Exception::ErrorCode, not
as LoginError.  It was handled correctly in try_user_pass(), but
not in other functions that also use smb_login().
 2012-10-15 16:52:34 -05:00
Tod Beardsley 9192a01803 All exploits need a disclosure date. 2012-10-15 16:29:12 -05:00
nullbind 553ce82e79 added mssql ntlm stealer 2012-10-15 13:29:51 -05:00
jvazquez-r7 29299b29a5 Added modules for CVE-2012-4933 2012-10-15 16:03:19 +02:00
Tod Beardsley adfced8d0e Post require on gpg_creds 2012-10-15 06:58:35 -05:00
jvazquez-r7 2acfb0537c Merge branch 'ajaxplorer' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ajaxplorer 2012-10-15 08:30:08 +02:00
sinn3r 529f88c66d Some msftidy fixes 2012-10-14 19:16:54 -05:00
sinn3r 97ac7fa184 Merge branch 'module-wle-service-permissions' of git://github.com/zeroSteiner/metasploit-framework 2012-10-14 18:27:32 -05:00
sinn3r e00dbfcc0d You mean.. FILEPATH. 2012-10-14 18:18:11 -05:00
sinn3r 2f04fdd71a Merge branch 'apache_activemq_traversal' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-apache_activemq_traversal 2012-10-14 18:16:41 -05:00
jvazquez-r7 d971abaeb9 deleted extra comma 2012-10-14 22:39:07 +02:00
jvazquez-r7 14bd0373d3 deleted extra space 2012-10-14 22:38:14 +02:00
jvazquez-r7 ac6a4c9283 Added module for CVE-2010-1587 2012-10-14 22:36:02 +02:00
jvazquez-r7 2b644dbc45 added module for Apache ActiveMQ directory traversal 2012-10-14 22:30:38 +02:00
jgor 79da6c7186 added Lantronix telnet password recovery module 2012-10-14 12:46:52 -05:00
sinn3r cedcace1a7 Forgot to change the output variable 
Because the original script used match()
 2012-10-14 11:43:33 -05:00
James Lee 9c6fdbe9d7 Compile a .so instead of being version-specific 
This makes it possible to use payloads for the appropriate architecture

NOTE: need to test windows and make sure I didn't break it
 2012-10-13 15:18:25 -05:00
sinn3r cc303665e8 Credit 2012-10-13 00:42:44 -05:00
sinn3r 5b2998a121 Add OSVDB-63552 AjaXplorer module (2010) 2012-10-13 00:35:48 -05:00
sinn3r 7196ca5b5e Fix bad indent 2012-10-12 18:35:05 -05:00
Raphael Mudge 7aa6776e4b let's not rejoin threads we've already joined. 2012-10-12 17:12:42 -04:00
Raphael Mudge 694eacfc4b performance fix for host discovery post modules 2012-10-12 16:43:42 -04:00
James Lee ad1870d819 Merge branch 'rapid7' into midnitesnake-postgres_payload 2012-10-12 14:18:34 -05:00
Spencer McIntyre f5302bfc49 add deprication warning to the original module 2012-10-12 13:49:25 -04:00
James Lee 90ae5c1178 Add PhpEXE support to RateMyPet module 2012-10-12 04:53:01 -05:00
James Lee db12413b09 Convert vcms_upload to use PhpEXE 
Incidentally adds a Linux x86 target
 2012-10-12 04:29:57 -05:00