Commit Graph

14501 Commits (21e832ac1cca9ce1234ac0418b8b64753892dfa2)

Author SHA1 Message Date
bcoles 6ee2c32f08 add ZEN Load Balancer module 2012-09-21 17:25:20 +09:30
jvazquez-r7 0032713198 description modified 2012-09-21 10:09:42 +02:00
jvazquez-r7 f6baf7fe34 Merge branch 'MySQL-JtR' of https://github.com/halfie/metasploit-framework into halfie-MySQL-JtR 2012-09-21 10:08:34 +02:00
sinn3r 54b98b4175 Merge branch 'ntr_activex_check_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ntr_activex_check_bof 2012-09-20 16:43:20 -05:00
sinn3r 4ead0643a0 Correct target parameters 2012-09-20 16:41:54 -05:00
sinn3r 41449d8379 Merge branch 'ntr_activex_stopmodule' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ntr_activex_stopmodule 2012-09-20 16:33:12 -05:00
sinn3r 1534c4af6f Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-09-20 16:20:34 -05:00
sinn3r 776d24d8a9 cleanup 2012-09-20 16:16:30 -05:00
sinn3r 311c01be46 Cleanup, improve option handlingg 2012-09-20 16:14:15 -05:00
David Maloney 7fcc34766a Added datastore items to BAP handlers
Added two datastore items to handlers created by BAP
2012-09-20 15:21:08 -05:00
Tod Beardsley a5ffe7297f Touching up Kernelsmith's wording.
It is merely the ROP chain, not the vuln, that requires Java.
2012-09-20 14:52:52 -05:00
Tod Beardsley 883dc26d73 Merge remote branch 'kernelsmith/ie_execcommand_uaf_info' 2012-09-20 14:48:36 -05:00
Tod Beardsley b1ce969c95 Merge remote branch 'kernelsmith/msfconsole-s' 2012-09-20 14:31:55 -05:00
Josh 1a2e5e9e0b Merge pull request #7 from todb-r7/msfconsole-s
Touchups to msfconsole command parsing, changes to -x, and changes separator to ';'
2012-09-20 12:18:12 -07:00
Tod Beardsley cf8edf8570 Touchups to msfconsole command parsing
Move from -s to -x and use a semicolon.
2012-09-20 13:40:01 -05:00
sinn3r 57fd9b8c18 Merge branch 'master' of https://github.com/dcbz/metasploit-framework into dcbz-master 2012-09-20 13:37:31 -05:00
kernelsmith 56d5c13755 adds -s <string> Execute the specified string as console commands to msfconsole
for convenience when you don't need/want a full resource file, you just
want to run something quick
example usage:
# say you have a saved config ready to go on load
./msfconsole -s 'exploit -j'
# you can run multiple commands too
./msfconsole -s 'set ConsoleLogging true\nshow options'
2012-09-20 12:23:48 -05:00
jvazquez-r7 e98e3a1a28 added module for cve-2012-0266 2012-09-20 19:03:46 +02:00
jvazquez-r7 b61c8b85b8 Added module for CVE-2012-02672 2012-09-20 19:02:20 +02:00
Dhiru Kholia 17f7e94f4d Add support for dumping MySQL challenge-response pairs in JtR format 2012-09-20 13:54:12 +05:30
David Maloney f75ff8987c updated all my authour refs to use an alias 2012-09-19 21:46:14 -05:00
dcbz f5df7e0e8a Added 2 payload modules (reverse and bind tcp shells) 2012-09-19 16:59:26 -05:00
kernelsmith f1a39c76ed update to ie_execcommand_uaf's info to add ROP info
This module requires the following dependencies on the target for the
ROP chain to function.  For WinXP SP3 with IE8, msvcrt must be present
(which it is on default installs).  For Vista/Win7 with IE8 or Win7
with IE9, ire 1.6.x or below must be installed.
2012-09-19 14:10:02 -05:00
Tod Beardsley c19e9a8053 Merge remote branch 'rcvalle/rcvalle-update-author-information'
Resolved the conflict by accepting Ramon's preferred alias of his name.

[Closes #806]

Conflicts:
	lib/msf/core/module/author.rb
2012-09-19 12:29:53 -05:00
Ramon de C Valle 11f82de098 Update author information 2012-09-19 14:00:51 -03:00
Tod Beardsley a4eb75a5a7 Updating ramon's alias
If I'm missing something here, please reopen, but this should have the
intended effect.

[Closes #805]
2012-09-19 11:45:36 -05:00
sinn3r cc8102434a CVE assigned for the IE '0day' 2012-09-18 16:13:27 -05:00
Tod Beardsley 25475ffc93 Msftidy fixes.
Whitespace on ie_execcommand_uaf, and skipping a known-weird caps check
on a particular software name.
2012-09-18 11:25:00 -05:00
jvennix-r7 972c5957a9 Merge pull request #798 from rapid7/bump-rails-gemcache
Bump rails-related gem versions to 3.2.8.
2012-09-18 08:11:34 -07:00
jvazquez-r7 8b251b053e initializing msghdr a little better 2012-09-18 12:12:27 +02:00
jvazquez-r7 16c5df46fc fix while testing ubuntu intrepid 2012-09-18 11:52:50 +02:00
sinn3r 5fbc4b836a Add Microsoft advisory 2012-09-17 22:13:57 -05:00
joe 4d63218c08 Bump rails-related gem versions to 3.2.8. 2012-09-17 14:15:14 -05:00
Tod Beardsley 75bbd1c48d Being slightly more clear on Browser Not Supported
With this and the rest of sinn3r's fixes, it looks like we can close the
Redmine bug.

[FixRM #7242]
2012-09-17 11:16:19 -05:00
sinn3r d77ab9d8bd Fix URIPATH and nil target
Allow random and '/' as URIPATh, also refuse serving the exploit
when the browser is unknown.
2012-09-17 10:54:12 -05:00
Tod Beardsley 48a46f3b94 Pack / Unpack should be V not L
Packing or unpacking to/from L, I, or S as pack types will cause
problems on big-endian builds of Metasloit, and are best avoided.
2012-09-17 09:52:43 -05:00
Tod Beardsley d77efd587a Merge remote branch 'wchen-r7/ie_0day_execcommand' 2012-09-17 08:48:22 -05:00
sinn3r 5eaefcf4c7 This is the right one, I promise 2012-09-17 08:41:25 -05:00
sinn3r 8f50a167bd This is the right module 2012-09-17 08:36:04 -05:00
sinn3r e43cae70a7 Add IE 0day exploiting the execcommand uaf 2012-09-17 08:28:33 -05:00
Tod Beardsley c83b49ad58 Unix linefeeds, not windows
That's what I get for just committing willy-nilly with a fresh install
of Gvim for Windows.

Also, this is an experiment to see if linefeeds are being respected in
this editor Window. I doubt it will be, given GitHub's resistence to
50/72 as a sensible default.
2012-09-16 18:10:35 -05:00
Tod Beardsley 2fc34e0073 Auth successful, not successfully
Just fixing up some adverb versus adjective grammar.
2012-09-16 17:51:00 -05:00
sinn3r b07b30839e Merge branch 'webmin_edit_html_fileaccess' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-webmin_edit_html_fileaccess 2012-09-16 03:17:09 -05:00
sinn3r 1828857a63 Change conditions
When 'encod_params' is set to true explicitly, or does not have a
value, we make sure it's true. Otherwise, false.
2012-09-15 18:08:29 -05:00
sinn3r 0967d1bfc4 Allow modules to disable URI encoding for GET/POST variables
Often in HTTP modules, people are forced to to use 'data' instead
of 'vars_get' or 'vars_post', because the parameters (especially
the names) are URI-encoded, and the application actually may not
recognize the names/values.  The new 'encode_params' option allows
that feature to be disabled.  However, to make sure we're not
changing existing HTTP modules' behaviors, 'encode_params' is
still true by default (which is the original behavior we've always
been using).
2012-09-15 17:40:42 -05:00
jvazquez-r7 63d2d60c68 delete don't needed line 2012-09-15 23:56:38 +02:00
jvazquez-r7 ff2e9fc157 add changes proposed by sinn3r 2012-09-15 23:55:55 +02:00
jvazquez-r7 cbc778cb47 add changes proposed by sinn3r 2012-09-15 23:53:09 +02:00
jvazquez-r7 0708ec72fc module moved to a more correct location 2012-09-15 15:31:21 +02:00
jvazquez-r7 0f67f8d08a target modified 2012-09-15 15:14:33 +02:00