infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,268 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

13268 Commits (2b3d48f2a01fd651199a13be208a04f365fb6980)

Author SHA1 Message Date
sinn3r 59468846e3 Change filename 2012-06-02 01:51:20 -05:00
sinn3r 522991f351 Correct name 2012-06-02 01:49:43 -05:00
sinn3r 7fd3644b8b Add CVE-2011-4825 module 2012-06-01 18:45:44 -05:00
Christian Mehlmauer 6ae17db7d3 Adding FireFart's hashcollision DoS module 
Have some minor edits below, looks like it all works now though.

Squashed commit of the following:

commit b7befd4889f12105f36794b1caca316d1691b335
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Jun 1 14:31:32 2012 -0500

    Removing ord in favor of unpack.

    Also renaming a 'character' variable to 'c' rather than 'i' which is
    easy to mistake for an Integer counter variable.

commit e80f6a5622df2136bc3557b2385822ba077e6469
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Jun 1 14:24:41 2012 -0500

    Cleaning up print msgs

commit 5fd65ed54cb47834dc646fdca8f047fca4b74953
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Jun 1 14:19:10 2012 -0500

    Clean up hashcollision_dos description

    Caps, mostly. One sentence I still don't get but it's not really a show
    stopper.

commit bec0ee43dc9078d34a328eb416970cdc446e6430
Author: Christian Mehlmauer <FireFart@gmail.com>
Date:   Thu May 24 19:11:32 2012 +0200

    Removed RPORT, ruby 1.8 safe, no case insensitive check, error handling

commit 20793f0dfd9103c4d7067a71e81212b48318d183
Author: Christian Mehlmauer <FireFart@gmail.com>
Date:   Tue May 22 23:11:53 2012 +0200

    Hashcollision Script (again)
 2012-06-01 14:51:11 -05:00
Joe Vennix 315d68b6f5 Add fix for counter_cache migration to keep from throwing readonly column error. 2012-06-01 13:31:00 -05:00
Tod Beardsley ced5b9916e Whitespace fix for script-fu module 
This is really just to check the GitHub IRC bot thinger.
 2012-06-01 12:24:52 -05:00
Joe Vennix c5c1e71b32 Add migrations for counter_cache columns to framework. 2012-06-01 12:07:08 -05:00
sinn3r 353d49d05b Modify the description 2012-06-01 12:04:46 -05:00
jvazquez-r7 abbd8c8cd5 Added module for CVE-2012-2763 2012-06-01 18:53:25 +02:00
David Maloney 92dafd4d17 Bringin in new version of pcanywhere_login 2012-06-01 11:15:12 -05:00
David Maloney 933949a6b0 trying to work around wierd git issue 2012-06-01 11:13:28 -05:00
Samuel Huckins 2e15ecfbd7 MDM Update 2012-06-01 11:01:08 -05:00
sinn3r 9d6fc93ed3 Merge branch 'rubinius-gethostbyname' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-rubinius-gethostbyname 2012-06-01 00:39:52 -05:00
David Maloney 28bf017ca9 Fix nil responses 2012-05-31 23:12:17 -05:00
James Lee 4681ed1c1e Whitespace, thanks msftidy.rb! 2012-05-31 18:18:27 -06:00
James Lee 0def186824 Chdir to TMP before writing files 2012-05-31 17:48:12 -06:00
Samuel Huckins 35543d691d Now only loading MetasploitDataModels when not already loaded and 
contained objects not in namespace
[Story #30430877]
 2012-05-31 18:11:42 -05:00
James Lee fb1bf0b356 Work around a bug in rubinius 2012-05-31 16:48:34 -06:00
Joe Vennix daf5ae8e4b Updating to Rails 3.2.4. 
Among other fixes, this addresses the Rails security advisory
from 5/31/2012:

http://groups.google.com/group/rubyonrails-security/browse_thread/thread/7546a238e1962f59
http://groups.google.com/group/rubyonrails-security/browse_thread/thread/f1203e3376acec0f

Thanks Joe and Trevor!

Squashed commit of the following:

commit d7031cebcc8a0f42f6980729c84b0ea6d24e0a9b
Author: Joe Vennix <Joe_Vennix@rapid7.com>
Date:   Thu May 31 16:57:29 2012 -0500

    Update activerecord in gemcache to support rails 3.2.4. [#30507689]

commit c7369f6d6631647907a5d67ac163020a5ab5d6dc
Author: Joe Vennix <Joe_Vennix@rapid7.com>
Date:   Thu May 31 16:53:01 2012 -0500

    Bump rails version.
 2012-05-31 17:09:59 -05:00
Tod Beardsley c463bd7c6d Fixing description for citrix module 2012-05-31 16:37:35 -05:00
Tod Beardsley 17e41b2e39 Fixing description for citrix module 2012-05-31 16:36:21 -05:00
Juan Vazquez a0b491355c Merge pull request #436 from jvazquez-r7/citrix_streamprocess_get_footer 
Added module for Citrix Provisioning Services 5.6 SP1
 2012-05-31 14:35:22 -07:00
Tod Beardsley 02a41afb2b Fixing description for juan's Citrix module 2012-05-31 16:34:13 -05:00
Juan Vazquez 00bb216927 Merge pull request #435 from jvazquez-r7/citrix_streamprocess_get_boot_record_request 
Added module for Citrix Streamprocess Opcode 0x40020004 Buffer Overflow
 2012-05-31 14:33:20 -07:00
Juan Vazquez ab035e078d Merge pull request #434 from jvazquez-r7/citric_streamprocess_get_objects 
Added module for ZDI-12-010
 2012-05-31 14:30:08 -07:00
jvazquez-r7 47c5745673 Fixed name module 2012-05-31 23:23:11 +02:00
jvazquez-r7 e324ed5251 Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020002 Buffer Overflow 2012-05-31 23:21:43 +02:00
jvazquez-r7 1c11b1b1b7 Added module for Citrix Streamprocess Opcode 0x40020002 Buffer Overflow 2012-05-31 23:17:38 +02:00
jvazquez-r7 b5f5804d94 description updated 2012-05-31 23:14:25 +02:00
jvazquez-r7 198070361b Added module for ZDI-12-010 2012-05-31 22:45:55 +02:00
HD Moore 03b65c6a48 Handle cases where a user-agent was set via headers 2012-05-31 14:59:25 -05:00
HD Moore 2ad17299e2 Handle cisco devices better with ssh logins 2012-05-31 14:59:24 -05:00
David Maloney e93a6ddf83 Adds thelightcosine's pcanywhere module 
Adds PCAnywhere bruteforce capabilities

Squashed commit of the following:

commit 5354fd849f0c009c534d7ce18369382dd56de550
Author: David Maloney <DMaloney@rapid7.com>
Date:   Thu May 31 14:35:23 2012 -0500

    Add explicit pack to encrypted header

commit 7911dd309a94df2729c8247c3817cf5de6b99aad
Author: David Maloney <DMaloney@rapid7.com>
Date:   Thu May 31 13:11:19 2012 -0500

    adds pcanywhere_login module
 2012-05-31 14:46:26 -05:00
sinn3r 2dbb17ac6e Merge pull request #431 from swtornio/master 
add osvdb ref
 2012-05-31 08:58:31 -07:00
Steve Tornio 5105c1a4df add osvdb ref 2012-05-31 08:49:58 -05:00
sinn3r 4d94eeb79d Merge pull request #430 from wchen-r7/s40_traversal 
Add s40 dir traversal vuln
 2012-05-31 02:46:53 -07:00
sinn3r a19583624e Add s40 dir traversal vuln 
I can't believe I stayed up all night, and this is all I could find.
 2012-05-31 04:43:57 -05:00
Raphael Mudge b5f1554caf Adding rsmudge's Armitage update 
Squashed commit of the following:

commit 60be1b2d1d66134c54c82857a569bbf3a005baf8
Author: Raphael Mudge <rsmudge@gmail.com>
Date:   Wed May 30 19:43:07 2012 -0400

    Armitage 05.30.12
    A small collection of bug fixes.
 2012-05-30 19:20:14 -05:00
James Lee 1f21ae53fe But not *that* verbose 2012-05-30 16:41:56 -06:00
James Lee 53aece03ef Make meterpreter test a little more verbose 2012-05-30 16:03:01 -06:00
Tod Beardsley 7e6c2f340e Minor updates; added BID, fixed grammar 
Modules should not refer to themselves in the first person unless they
are looking for Sarah Connor.
 2012-05-30 16:16:41 -05:00
James Lee fd67f7c37c Add cd and pwd to Post::File API 
Also changes working dir to /tmp (or %TMP% on Windows) when testing file
stuff.
 2012-05-30 13:52:48 -06:00
sinn3r 54e14014c3 Merge pull request #428 from wchen-r7/php_volunteer 
Add PHP Volunteer Management System exploit
 2012-05-30 09:33:32 -07:00
sinn3r 59ea8c9ab9 Print IP/Port for each message 2012-05-30 11:30:55 -05:00
sinn3r 43dffbe996 If we don't get a new file, we assume the upload failed. This is 
possible when we actually don't have WRITE permission to the
'uploads/' directory.
 2012-05-30 11:26:06 -05:00
sinn3r efdcda55ef Don't really care about the return value for the last send_request_raw 2012-05-30 11:00:31 -05:00
sinn3r 13ba51db34 Allow the login() function to be a little more verbose for debugging purposes 2012-05-30 10:56:59 -05:00
James Lee b7e26db84e Committing Egypt's README updates 
This is all documentation changes -- adds THIRD-PARTY licenses, updates
readme to be more like a readme, and moves the old readme to a COPYING
file.

Note that while this lands pull #388, it skips the Meterpreter changes
that were brought in almost certainly by accident.

Squashed commit of the following:

commit 7125509e8b3a2064cd27f8c58119e670f20ec779
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 23 13:12:45 2012 -0600

    Add license info for rkelly and anemone

commit 14367041c32ea019fa32bad5cc93aca30d6b5944
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 23 12:49:14 2012 -0600

    Add licenses for gemcache stuff to THIRD-PARTY

commit c22138cf2475d1b35433ea403d844761d6612e34
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 17:24:14 2012 -0600

    Add useful links

commit 47a9df3d5484c38a0013fdb14f29d8432bb1befa
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 16:41:21 2012 -0600

    Add copyright notices

commit 687567dfe2c5c341e0da4887d421cf27f612364d
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 16:28:17 2012 -0600

    Give THIRD-PARTY an md extension

    Should make display on Github nicer

commit e3226764132200d95ae23cdb3995b21eff9afd99
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 16:22:55 2012 -0600

    Break licenses for bundled stuff into THIRD-PARTY

commit e6463c6e7f2aeab893def1a05cae4941144bf731
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 14:06:01 2012 -0600

    Move README to COPYING

commit 8a6a6bb63f5a8d0866e69678569349d17747abf5
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 12:53:31 2012 -0600

    Better wording.

commit 5ac46d4f6870cf2c4a5d9b960d27c0949c8ce2b8
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 12:51:58 2012 -0600

    Add a little more explanitory text to Contributing.

commit 54dab50d98b4430d1327a7a63983eb22ceb2c4f2
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 12:37:09 2012 -0600

    Missed one

commit e23c80f01efc851f80e60589b21c6682bbf62217
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 12:36:33 2012 -0600

    Better links

commit 47b944ec65ef63c1d642e1fe0d3920c4dc3dd43a
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 12:26:12 2012 -0600

    Meh, GFM doesn't like my headings

commit 12a7651e910166e2964752e9ca383aae293a0470
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 12:24:42 2012 -0600

    Initial stab at a better README

commit e3a0d4731b835fa6de2209dc8190f10dcbb50737
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 11:59:41 2012 -0600

    LLC -> Inc.

commit 5b32b4245cf901ae01ec48cf4795505b80c14b7b
Author: James Lee <egypt@metasploit.com>
Date:   Sun May 13 17:50:04 2012 -0600

    Whitespace at EOL

commit e6719f18ab7c4597fec935987b2b6a85a2ff0284
Author: James Lee <egypt@metasploit.com>
Date:   Sun May 13 17:48:50 2012 -0600

    Only open /dev/null if we need it
 2012-05-30 10:42:52 -05:00
sinn3r b81315790d Add PHP Volunteer Management System exploit 2012-05-30 10:38:45 -05:00
David Maloney 1d63cd6f6b Revert " Sets the passive flag on the JtR modules" 
This reverts commit e70ccddc9a.
 2012-05-29 21:28:23 -05:00