jvazquez-r7
d51209a3cf
Beautify
2012-07-19 15:53:47 +02:00
jvazquez-r7
d69a46a9f0
Beautify
2012-07-19 15:53:09 +02:00
jvazquez-r7
83b7b90c61
Added module for CVE-2011-3175
2012-07-19 15:30:51 +02:00
jvazquez-r7
48f8145d97
Added module for CVE-2011-3176
2012-07-19 15:29:10 +02:00
HD Moore
9bff1c913b
Merge pull request #592 from alexmaloteaux/ipv6arpfix
...
ipv6 and arp_scanner fix
2012-07-18 20:40:27 -07:00
James Lee
d238debb2f
Add disclo date, discoverers, and better description
2012-07-18 16:14:32 -06:00
Patrik Karlsson
ad4a4b2ae3
add module for capturing SIP authentication challenge and response pairs.
...
The module starts a fake SIP server listening for incoming REGISTER requests.
It then triggers an authentication request at the client and captures the
response for cracking in JtR or Cain.
2012-07-18 20:45:08 +02:00
James Lee
ebe48ecf16
Add Rank for schelevator, update sock_sendpage's
2012-07-18 11:16:29 -06:00
sinn3r
981ba60fee
Fix exception handlings
...
Two things:
1. Make msftidy happy
2. Exception handling shouldn't be used to shut errors up.
2012-07-18 12:05:14 -05:00
Rory McCune
464df4ed1d
Oraenum - added error handling
...
The oraenum module has errror handling to catch instances where the user used to run the checks doesn't have the appropriate rights, however in one place (The default password check) the error handling code isn't included. This patch just adds the same check for that code.
2012-07-18 09:22:22 +01:00
sinn3r
f4547527a8
Merge branch 'omg-post-exploits' of https://github.com/jlee-r7/metasploit-framework
2012-07-17 17:43:40 -05:00
sinn3r
b3e11f2e6b
Merge branch 'zenworks_preboot_op6_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-zenworks_preboot_op6_bof
2012-07-17 17:42:58 -05:00
jvazquez-r7
80bfd48535
Added module for ZDI-010-090 Opcode 0x6
2012-07-17 23:25:55 +02:00
jvazquez-r7
0514756e92
Added module for ZDI-010-090 Opcode 0x21
2012-07-17 23:25:04 +02:00
sinn3r
78edf15a86
Improve module
2012-07-17 08:39:56 -05:00
sinn3r
dde2254f29
rename file
2012-07-17 08:36:02 -05:00
sinn3r
d5711efd26
Merge branch 'master' of https://github.com/j0hnf/metasploit-framework into j0hnf-master
2012-07-17 08:35:49 -05:00
sinn3r
fbe0cb7471
Merge branch 'post_win_gather_creds_gpp_pass' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-post_win_gather_creds_gpp_pass
2012-07-17 08:28:19 -05:00
jvazquez-r7
6ac6e375a7
Changes according to hdm and sinn3r feedback
2012-07-17 12:02:24 +02:00
jvazquez-r7
7c2ea2ff23
Merge branch 'mysql-capture' of https://github.com/nevdull77/metasploit-framework into nevdull77-mysql-capture
2012-07-17 12:01:19 +02:00
sinn3r
3def2afb46
Correct e-mail format
2012-07-17 04:24:54 -05:00
HD Moore
b3eb7b1358
Clean up unicode names
2012-07-17 00:46:28 -05:00
HD Moore
c887e0aaff
Re-add AFP changes due to mangled merge
2012-07-17 00:42:49 -05:00
HD Moore
f62e0b1cca
AFP fixes and JTR typo fix
2012-07-16 21:45:45 -05:00
HD Moore
bc2edeace2
Cleanup AFP module output
2012-07-16 21:02:40 -05:00
James Lee
efe478f847
Merge branch 'master' into omg-post-exploits
2012-07-16 09:20:23 -06:00
Patrik Karlsson
88275620ab
removed JtR support due to bugs in cracking module.
2012-07-16 15:59:43 +02:00
Patrik Karlsson
25a78e6ab0
change so that both Cain and JTR hashes can be stored at the same time and
...
added username report_auth_info
2012-07-16 14:13:35 +02:00
Patrik Karlsson
4859e0809e
add missing username to john hash
2012-07-16 09:14:44 +02:00
HD Moore
8fef1479ed
Trim string fields at first null
2012-07-15 23:12:40 -05:00
HD Moore
a57e712630
Be less verbose
2012-07-15 22:19:12 -05:00
HD Moore
b133428bc1
Better error handling in two web app modules
2012-07-15 21:56:00 -05:00
HD Moore
10db74d480
Show the IP address in the output
2012-07-15 21:35:43 -05:00
HD Moore
7f3aeca501
Put lipstick on this pig for the time being
2012-07-15 21:35:29 -05:00
James Lee
7091d1c65b
Add an exploit for sock_sendpage
...
Unfortunately, adds a dep on bionic for runtime compilation.
Gets ring0, sets the (res)uid to 0 and jumps to the payload. Still some
payload issues because linux stagers don't mprotect(2) the buffer they
read(2) into. Single payloads work fine, though.
Also cleans up and improves local exploits' ability to compile C.
[SEERM #3038 ]
2012-07-15 20:29:48 -06:00
HD Moore
6c058d9a9a
Skip blank usernames (corner case)
2012-07-15 21:14:55 -05:00
HD Moore
44e56c87f1
Make super sure that blank creds are not reported
2012-07-15 20:56:31 -05:00
Patrik Karlsson
8889d89eea
msftidy cleanup
2012-07-16 02:07:45 +02:00
Patrik Karlsson
6331c33472
add MySQL password capturing module
...
This module provides a fake MySQL service that is designed to
capture authentication credentials. It captures challenge and
response pairs that can be supplied to Cain or JTR for
cracking.
2012-07-16 01:55:22 +02:00
jvazquez-r7
8cf08c6ca3
Target W7 updated
2012-07-15 17:45:58 +02:00
sinn3r
e1ff6b0cef
Nicer cleanup
2012-07-14 17:57:32 -05:00
jvazquez-r7
bdf009d7a8
Review of pull request #606
2012-07-15 00:20:12 +02:00
HD Moore
6cdd044e10
Remove a buggy payload that doesn't have NX support
2012-07-12 12:15:57 -05:00
jvazquez-r7
2da984d700
Added module for OSVDB 83275
2012-07-12 13:12:31 +02:00
jvazquez-r7
6c8ee443c8
datastore cleanup according to sinn3r
2012-07-12 09:31:22 +02:00
jvazquez-r7
65d15df9f9
Merge branch 'jboss-revision' of https://github.com/h0ng10/metasploit-framework into h0ng10-jboss-revision
2012-07-12 09:25:37 +02:00
jvazquez-r7
b12f13f837
Review of Pull request #594
2012-07-12 00:46:24 +02:00
jvazquez-r7
16cd847e5a
Merge branch 'mssql_review' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-mssql_review
2012-07-12 00:36:54 +02:00
jvazquez-r7
a840ff8cf8
Review of pull request #598
2012-07-12 00:34:17 +02:00
jvazquez-r7
f933d98d38
Review of #595
2012-07-12 00:19:27 +02:00
h0ng10
87f5002516
added datastore cleanup
2012-07-11 12:56:23 -04:00
h0ng10
0d38a7e45f
switched to Rex::Text.encode_base64()
2012-07-11 12:52:09 -04:00
LittleLightLittleFire
32fa8bdfcf
Fixed typo in Stefan's last name
2012-07-11 14:53:26 +10:00
h0ng10
61ec07a10c
additional targets, meterpreter, bugfixes
2012-07-10 13:33:28 -04:00
sinn3r
06974cbc43
This bug is now patched
2012-07-10 12:28:46 -05:00
Alexandre Maloteaux
81ba60169f
ipv6 and arp_scanner fix
2012-07-10 18:28:24 +01:00
jvazquez-r7
4af75ff7ed
Added module for CVE-2011-4542
2012-07-10 18:40:18 +02:00
sinn3r
6f97b330e7
Merge branch 'LittleLightLittleFire-module-cve-2012-1723'
2012-07-10 00:50:31 -05:00
sinn3r
5b7d1f17c0
Correct juan's name and comments
2012-07-10 00:43:46 -05:00
sinn3r
54576a9bbd
Last touch-up
...
The contents of this pull request are very similar to what the msf
dev had in private, so everybody is credited for the effort.
2012-07-10 00:37:07 -05:00
sinn3r
64709be909
Merge branch 'module-cve-2012-1723' of https://github.com/LittleLightLittleFire/metasploit-framework into LittleLightLittleFire-module-cve-2012-1723
2012-07-10 00:27:36 -05:00
HD Moore
c532d4307a
Use the right failure reason
2012-07-10 00:26:14 -05:00
LittleLightLittleFire
e9ac90f7b0
added CVE-2012-1723
2012-07-10 12:20:37 +10:00
sinn3r
b817070545
Merge branch 'mac_oui' of https://github.com/alexmaloteaux/metasploit-framework into alexmaloteaux-mac_oui
2012-07-09 20:14:25 -05:00
Alexandre Maloteaux
e509c72574
better handle company name
2012-07-10 00:24:30 +01:00
Alexandre Maloteaux
e949b8c2c8
mac_oui
2012-07-09 23:46:57 +01:00
sinn3r
81b4cb737d
Merge branch 'zenworks_preboot_fileaccess' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-zenworks_preboot_fileaccess
2012-07-09 11:14:56 -05:00
jvazquez-r7
73fcf73419
Added module for CVE-2011-2657
2012-07-09 18:03:16 +02:00
jvazquez-r7
b33220bf90
Added module for CVE-2012-2215
2012-07-09 17:32:55 +02:00
sinn3r
0fbfa8e6f7
Merge branch 'enum_unattend_ii' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-enum_unattend_ii
2012-07-09 10:14:30 -05:00
sinn3r
5586aa6c1b
Move some code around
2012-07-09 09:44:22 -05:00
sinn3r
5db26beef7
Add more features
...
Please see the following ticket:
http://dev.metasploit.com/redmine/issues/7041
2012-07-09 05:17:40 -05:00
James Lee
6d6b4bfa92
Merge remote branch 'rapid7/master' into omg-post-exploits
2012-07-08 17:32:39 -06:00
sinn3r
d626de66f7
Print out where the scheme info is stored.
...
This module needs to print out where the scheme is stored so the
user knows where it is, see complaint:
https://community.rapid7.com/message/4448
2012-07-08 18:24:18 -05:00
HD Moore
442eccd1d6
Merge pull request #578 from claudijd/master
...
Bug Fix to "Stamp Out" LM and NTLM Hash Corruption in Hashdump Code
2012-07-08 12:24:46 -07:00
Jonathan Claudius
5938771e6c
Bug Fix to "Stamp Out" LM and NTLM Hash Corruption
...
-This commit Addresses Metasploit Bug #4402 that notes corrupted (aka:
incorrect) hashes yielded from hashdump
-Fail case can be reliably reproduced on a Windows system where (1) a
user is not storing an LM hash and (2) password histories are enabled
on the system
-This issue along with other extraction tools that are affected in a
similar way will be discussed at BlackHat USA 2012 and DEFCON 20 in 2
weeks.
If you have questions, please let us know.
-Jonathan Claudius (@claudijd)
-Ryan Reynolds (@reynoldsrb)
2012-07-08 14:02:22 -05:00
sinn3r
87bac91d71
Apply additional changes from #549
...
From pull request #549 . Changes include:
* Use OptEnum to enforce the use of wpad.dat or proxy.pac
* Remove cli.peerhost:cli.peerport, the API does that already
* cleanup function to restore uripath datastore option
* More friendly error when the user doesn't have enough permission
to bind to port 80, that way they don't blame it's a bug on msf.
* Remove unnecessary SVN stuff in modinfo
2012-07-07 15:59:16 -05:00
sinn3r
4e90da002d
Merge branch 'master' of https://github.com/efraintorres/wmap-metasploit into wpad
2012-07-07 15:44:05 -05:00
Steve Tornio
44290c2c89
add osvdb ref
2012-07-07 08:40:25 -05:00
sinn3r
70c718a5ed
Fix indent level
2012-07-06 12:44:03 -05:00
sinn3r
24c57b61a8
Add juan as an author too for improving the module a lot
2012-07-06 10:41:06 -05:00
jvazquez-r7
9fecc80459
User of TARGETURI plus improve of description
2012-07-06 15:47:25 +02:00
jvazquez-r7
7751c54a52
references updates
2012-07-06 11:56:03 +02:00
jvazquez-r7
f8ca5b4234
Revision of pull request #562
2012-07-06 11:52:43 +02:00
sinn3r
1e6c4301b6
We worked on it, so we got credit
2012-07-06 02:12:10 -05:00
sinn3r
f8123ef316
Add a "#" in the end after the payload
2012-07-06 02:09:31 -05:00
sinn3r
187731f2cb
Add a check function to detect the vuln
2012-07-06 01:58:01 -05:00
sinn3r
dcddc712d2
Missing a "&"
2012-07-06 01:50:18 -05:00
sinn3r
3c8a836091
Add lcashdol's module from #568
...
Initial version being worked on by sinn3r & juan
2012-07-06 01:41:34 -05:00
sinn3r
ecb4e20c92
Instead of deleting the "/", here's a different approach
2012-07-06 01:23:41 -05:00
sinn3r
7876d7fd60
Delete the extra "/"
2012-07-06 01:20:31 -05:00
sinn3r
686f176a99
Correct path
2012-07-06 01:12:47 -05:00
sinn3r
0c18662d46
Make msftidy happy and change the traversal option
2012-07-06 01:10:39 -05:00
sinn3r
3b7e1cd73a
Add Dillion's module for Wangkongbao
2012-07-06 00:54:55 -05:00
sinn3r
260cea934d
Add more reference
2012-07-05 16:48:43 -05:00
sinn3r
850242e733
Remove the extra comma and a tab char
2012-07-05 14:05:23 -05:00
jvazquez-r7
aee7d1a966
Added module for CVE-2012-0911
2012-07-05 20:58:27 +02:00
Meatballs1
fc58e485c3
Added further protection to enum_dcs method to prevent crashes
2012-07-05 14:27:45 +01:00
Meatballs1
a513b41283
Couple of readability changes suggested by TLC
2012-07-05 14:19:41 +01:00
jvazquez-r7
ff4a0bc3aa
poisonivy_bof description updated
2012-07-05 00:18:13 +02:00