infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
41,319 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

41319 Commits (2a5815749ceebcdce2b8fd3048466651fa5ce8a2)

Author SHA1 Message Date
William Vu 766e7b013d Once more, with feeling 2017-02-08 09:17:37 -06:00
William Vu a71b097e6b Revert status iteration, since it doesn't work 
Also.
 2017-02-08 09:13:42 -06:00
Carter fd935c8e3c Update netgear_password_disclosure.rb 2017-02-08 09:14:39 -05:00
William Vu 6b2a995a7d Revert AutoPublish, since it doesn't work 
Apparently.
 2017-02-08 07:43:17 -06:00
William Vu df38a91fbd Be nice and parse JSON for the error 2017-02-08 07:37:09 -06:00
Carter 2dfff95669 Fix msftidy warning 2017-02-08 08:28:23 -05:00
William Vu befe224c58 Use wordpress_and_online? before actions 2017-02-08 07:24:57 -06:00
William Vu 3fdd3d3651 Move .rb module doc to .md 
I'm tired.
 2017-02-08 06:21:43 -06:00
William Vu 46ab03f528 Add SearchTerm to filter listed posts 2017-02-08 06:10:46 -06:00
William Vu 8493a734cb Add module doc to appease the @h00die god 
Straight rip of the PR description, yo.
 2017-02-08 05:35:52 -06:00
William Vu 064420075f Update diagnostics and print better header 2017-02-08 04:54:25 -06:00
William Vu 6df55c9733 Gotta catch 'em (post statuses) all 2017-02-08 04:31:06 -06:00
William Vu 7583d050b7 Add AutoPublish to publish updated posts 2017-02-08 04:01:42 -06:00
William Vu e480107bd5 Add PostCount (default 100) to list more posts 2017-02-08 03:52:20 -06:00
jvoisin f3bcc9f23f Take care of suhosin 2017-02-08 09:59:36 +01:00
jvoisin 028d4d6077 Make the payload a bit more random 2017-02-08 09:59:22 +01:00
William Vu 13f4b0d7ae Be more specific with invalid post ID 2017-02-08 02:18:52 -06:00
Carter c16b7e42a6 Fix review stuff 2017-02-07 21:41:38 -05:00
Carter 46fbc9dd3f Fix some formatting 2017-02-07 21:32:19 -05:00
Metasploit d81bdc1c02
Bump version of framework to 4.13.21 2017-02-07 17:27:47 -08:00
Brent Cook 906c56eb90
Land #7933, bump rex-core, fix path normalization 2017-02-07 19:22:53 -06:00
Brent Cook 74e029f3b1
Land #7932, Fix CVE-2017-5229 2017-02-07 19:22:36 -06:00
Brent Cook 522c6dce8e
Land #7931, Fix CVE-2017-5231 and respect user's dest 2017-02-07 19:22:17 -06:00
Brent Cook db36cf5755
Land #7930, Fix CVE-2017-5228 2017-02-07 19:21:56 -06:00
Brent Cook 2d1989ef16 bump rex-core, fix path normalization 
Brings in fixes from https://github.com/rapid7/rex-core/pull/4
 2017-02-07 19:17:44 -06:00
Brent Cook 68a5d300fe minor style issues 2017-02-07 18:35:35 -06:00
William Vu 6f4ff89218 Add WPVDB reference 2017-02-07 18:33:58 -06:00
Brent Cook b370dd0654 Fix CVE-2017-5229 - extapi Clipboard.parse_dump() Directory Traversal 2017-02-07 18:24:06 -06:00
jvoisin cb03ca91e1 Make php_cgi_arg_injection work in certain environnement 
This commit sets two more options to `0` in the payload:

- [cgi.force_redirect](https://secure.php.net/manual/en/ini.core.php#ini.cgi.force-redirect)
- [cgi.redirect_status_env](https://secure.php.net/manual/en/ini.core.php#ini.cgi.redirect-status-env)

The configuration directive `cgi.force_redirect` prevents anyone from calling PHP
directly with a URL like http://my.host/cgi-bin/php/secretdir/script.php.
Instead, PHP will only parse in this mode if it has gone through a web server redirect rule.

The string set in the configuration directive `cgi.redirect_status_env`
is the one that PHP will look for to know it's ok to continue its
execution. This might be use together with the previous configuration
option as a security measure.

Setting those variables to 0 is (as stated in the documentation) a
security issue, but it also make the exploit work on some Apache2 setup.
 2017-02-07 18:59:27 +01:00
jvoisin 96f7b2e245 http_version now store the fngerprints 
Currently, the `http_version` module doesn't store the fingerprints
into the database; this commit should fix this behaviour.
 2017-02-07 18:36:36 +01:00
wchen-r7 cefbee2df4 Add PoC for OpenOffice macro module 2017-02-07 10:12:23 -06:00
Carter f4580a2616 Add token value check 
Sometimes it wouldn't return creds if the token is 0. It usually works after running it another time.
 2017-02-07 10:53:25 -05:00
Carter c1f9b724cf Maybe fix syntax error 2017-02-07 10:36:05 -05:00
Justin Steven 56cf6b129d
Fix CVE-2017-5228 2017-02-07 23:44:23 +10:00
Justin Steven cb74d3b05b
Fix CVE-2017-5231 and respect user's dest 2017-02-07 23:41:59 +10:00
Tim d0f6d4ef45
Land #7920, android/meterpreter_reverse_https 2017-02-07 20:42:47 +08:00
William Vu b4056a110b Print diagnostics if no posts found/given 2017-02-07 04:37:05 -06:00
William Vu a9ea09a179
Land #7909, Python process hiding for sessions -u 2017-02-07 02:28:24 -06:00
William Vu e1ade9caf8
Land #7910, closed ports fix for TCP portscan 2017-02-07 02:23:15 -06:00
sekritskwurl aac9381778 Update meterpreter_reverse_https.rb 2017-02-07 12:13:20 +04:00
sekritskwurl f584d5c1c5 Merge pull request #1 from timwr/pr-7920 
fix missing payloads_spec
 2017-02-07 12:03:21 +04:00
Tim 7f759384ab fix missing payloads_spec 2017-02-07 15:02:29 +08:00
Carter 6f5e013f4d Update netgear_password_disclosure.rb 2017-02-06 22:18:07 -05:00
Carter 00050abb73 Fix msftidy warnings 2017-02-06 22:06:50 -05:00
Carter 1f2a95c202 Use html parser instead of regex 2017-02-06 22:03:56 -05:00
Carter 115c60446e Fix weird if loop in check 2017-02-06 17:30:49 -05:00
Carter 6ebdbc3f81 Fix some stuff from review 
I'm going to change the HTML Regex to a parser a bit later, I don't have time right now
 2017-02-06 17:29:39 -05:00
Brent Cook bb3f8577ab
Land #7922, bump packetfu for bugfixes 2017-02-06 15:55:43 -06:00
Brent Cook 40c86567aa import packetfu fix for https://github.com/packetfu/packetfu/pull/163 2017-02-06 15:51:01 -06:00
William Webb badca287dd
Land #7906, Add Microsoft Word malicious macro document generator 2017-02-06 14:44:09 -06:00