infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
39,077 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

39077 Commits (21e6211e8dbcadb8d3c95e06dd604d6c1e6dff00)

Author SHA1 Message Date
Brent Cook 4b77de2174
Land #7030, Ensure 'show options' reflects correct values 2016-07-05 00:48:46 -05:00
Brent Cook cfc368ab65
Land #6959, Add Linux ARM big endian ipv4 bind shellcode 2016-07-05 00:41:00 -05:00
Brent Cook 6575be72de
Land #7059, restore default pattern length for pattern_offset 2016-07-05 00:33:40 -05:00
Brent Cook 5181fa53ba
Land #7052, Update nokogiri to v1.6.8, fixes #7051 2016-07-05 00:27:19 -05:00
Brent Cook b9891aab27
Land #7007, Added JCL header data to mainframe payload module 2016-07-05 00:22:20 -05:00
Brent Cook 9b4028d2d7
Revert #6581, it causes regressions 
We need a more clever solution without breaking HttpUnknownRequestResponse.
 2016-07-05 00:11:15 -05:00
Brent Cook 54dfcee665
Land #7055, add netgear_soap_password_extractor docs 2016-07-04 23:59:10 -05:00
Pedro Ribeiro ec4769fade Create exploit for WebNMS credential disclosure 2016-07-04 21:15:15 +01:00
Pedro Ribeiro 05ef5316df Create exploit for WebNMS arbitrary file download 2016-07-04 21:10:14 +01:00
Pedro Ribeiro cf95c9f7f5 Merge pull request #25 from rapid7/master 
asasa
 2016-07-04 21:05:05 +01:00
Hans Jerry Illikainen 78335f8e20 Update the cache size in bsd/x64/shell_reverse_tcp 2016-07-04 00:35:52 +02:00
Hans Jerry Illikainen f246aa0b58 dup2() to STDERR_FILENO in bsd/x64/shell_reverse_tcp 2016-07-04 00:00:33 +02:00
Hans Jerry Illikainen 54092177a2 Remove superfluous xor in bsd/x64/shell_reverse_tcp 2016-07-03 23:53:11 +02:00
x90" * 365 3fe4ffb225 Change default pattern length 
Changed from 1024 to 8192 per previous version.
 2016-07-03 16:08:54 -04:00
Pearce Barry 12812650c0
Land #7054, Fix busted alpha encoding on ms02_018_htr 2016-07-02 17:07:25 -05:00
Francesco 4ed12d7077 Added: support for credentials saving using report_cred method as suggested 
Added: support for detection of valid user credentials to skip login SQLi if not necessary.
 2016-07-02 01:41:13 -04:00
h00die 844c13dc17 added new vuln device to netgear list, plus docs 2016-07-01 18:32:30 -04:00
James Lee 3850431966
Fix busted alpha encoding on this old-ass exploit 2016-07-01 17:20:00 -05:00
Tod Beardsley 6108352683
And Thao, too! 2016-07-01 16:10:21 -04:00
Tod Beardsley 10e45bbebe
Account for the newer R7'ers in mailmap 2016-07-01 15:55:49 -04:00
Pearce Barry c45f30a7a9 Update nokogiri to v1.6.8, fixes #7051. 2016-07-01 14:53:25 -05:00
wchen-r7 bca0d716c0
Land #7047, Ensure http_login scanner module saves passwds 2016-07-01 12:21:28 -05:00
ssyy201506 1bf03ab4ec Merge pull request #1 from wvu-r7/pr/6954 
Fix some silly things in payload land
 2016-07-02 01:01:52 +09:00
Brendan 70a79bb0e8
Land #7014, Nagios remote root shell exploit 2016-07-01 08:17:38 -07:00
William Webb 2e97a08954
Land #7046, Pad host field in notes -d command 2016-07-01 10:14:45 -05:00
William Webb 02d40eb576
Land #7044, Pass exploit SRVPORT in BrowserAutopwn2 2016-07-01 09:49:05 -05:00
William Vu 4b01213fb5 Rewrite the logic to be positive 
unless is the devil. unless/else doubly so.
 2016-07-01 09:15:42 -05:00
William Vu a1bd640eff Fix hashrocket alignment 2016-07-01 09:05:03 -05:00
William Vu d42d9f8557 Add module docs to appease the Thao god 2016-07-01 01:17:27 -05:00
William Vu 9663f88fdc Download profile.zip instead of including it 
profile.zip is GPL-licensed...
 2016-07-01 01:17:23 -05:00
Pearce Barry 159446ce92 Ensure http_login scanner module saves passwds. 
Fixes #6983.  When the auxiliary/scanner/http/http_login module discovers a successful basic auth user+password combination, make sure we properly store the password by specifically telling the credentials gem that the private data we're storing is a :password.
 2016-06-30 16:58:39 -05:00
William Vu 6e1b6e96a9
Land #7032, rm -rf lib/rex/encoders 
Dead code!
 2016-06-30 16:32:14 -05:00
William Vu f0cd25dcee
Land #7035, lib/sshkey* swap to gem 2016-06-30 16:25:27 -05:00
William Webb 1401a61f59
Land #6998, Fix #6984 Undefined method 'winver' in ms10_092_schelevator 2016-06-30 16:14:09 -05:00
William Vu fec2301fc8
Land #7037, db_export -f xml stack trace fix 
Missed during the Rails upgrade.
 2016-06-30 15:58:38 -05:00
Brent Cook cdf3c63af9
Land #7045, Fix interactive shell with Windows Meterpreter 2016-06-30 15:51:33 -05:00
William Vu 343f4010bd Prefer newer hash syntax 2016-06-30 15:43:06 -05:00
wchen-r7 dbcdc300e5 Fix #7019, Pad host field in notes -d command 
The notes -d command is always expecting a host address, but
fileformat exploits don't have this type of information when the
exploit file is generated, therefore there isn't enough fields
provided for Rex table.

Fix #7019
 2016-06-30 15:38:58 -05:00
Brent Cook d6c7ac51d6 Fix interactive shell with Windows Meterpreter 
see https://github.com/rapid7/metasploit-payloads/pull/105
 2016-06-30 15:34:40 -05:00
William Vu 20c2a10e8a
Add note about issues to CONTRIBUTING.md 2016-06-30 15:14:59 -05:00
wchen-r7 118caa13bf Fix #7021, Pass exploit SRVPORT in BrowserAutopwn2 
In BrowserAutoPwn2, the mixin forgets to pass the SRVPORT datastore
option to the exploits, so they always use the default 8080. As a
result, if a different SRVPORT is set, BAP2 would be serving the
target machine with bad exploit links.

Fix #7021
 2016-06-30 14:20:53 -05:00
HD Moore 23399326c2 Fix up double slashes, tweak syntax 2016-06-30 12:56:29 -05:00
agix 3edb0b3625 Reduce chance to get a null byte in the decoder stub 2016-06-30 19:14:32 +02:00
agix 31ea58d7f0 Inherit from Msf::Encoder::Xor to get key preventing badchars 
I guess it what Msf::Encoder::Xor find_bad_keys is for.
 2016-06-30 18:29:30 +02:00
wchen-r7 1ecef265a1 Do a fail_with in case nonce is not found at all 2016-06-30 11:21:45 -05:00
wchen-r7 e2b9225907 Fix #7022, Failing to find wpnonce in fetch_ninja_form_nonce 
This patch fixes a problem when the module is used against an older
version of ninja forms (such as 2.9.27), the nonce is found in a
hidden input instead of the JavaScript code, which actually causes
an undefined method 'gsub' bug in the module.

Fix #7022
 2016-06-30 11:15:38 -05:00
Tod Beardsley afbeb2b668
Land #7023, fixes for swagger exploit 
Thanks @sdavis-r7!

See #7015 as well.
 2016-06-30 10:54:34 -04:00
Tod Beardsley d1281b6594
Chmod to remove the exec bit. 2016-06-30 10:43:46 -04:00
ssyy201506 0a85f1d233 Fix an error when exiting a interactive shell 2016-06-30 16:19:10 +09:00
Francesco 068a4007de Riverbed SteelCentral NetProfiler & NetExpress Exploit Module 
Changes to be committed:
    new file:   modules/exploits/linux/http/riverbed_netprofiler_netexpress_exec.rb
 2016-06-29 22:27:40 -04:00