46c6ac9ca1
Redefine namespaces and requires
2015-02-13 17:09:06 -06:00
7367402bf1
Add requires
2015-02-13 17:03:48 -06:00
9d848c8c3b
Adding tincd post-auth stack buffer overflow exploit module for several OS
...
Minor changes to comments
Updated URLs
Added Fedora ROP, cleaned up
Fixing URLs again, typos
Added support for Archlinux (new target)
Added support for OpenSuse (new target)
Tincd is now a separate file, uses the TCP mixin/REX sockets.
Started ARM exploiting
Style changes, improvements according to egyp7's comments
Style changes according to sane rubocop messages
RSA key length other than 256 supported. Different key lengths for client/server supported.
Drop location for binary can be customized
Refactoring: Replaced pop_inbuffer with slice
Refactoring: fail_with is called, renamed method to send_recv to match other protocol classes,
using rand_text_alpha instead of hardcoded \x90,
Fixed fail command usage
Version exploiting ARM with ASLR brute force
Cleaned up version with nicer program flow
More elegant solution for data too large for modulus
Minor changes in comments only (comment about firewalld)
Correct usage of the TCP mixin
Fixes module option so that the path to drop the binary on the server is not validated against the local filesystem
Added comments
Minor edits
Space removal at EOL according to msftidy
2014-11-10 12:03:17 +01:00
ae5a8f449c
Land #3691 , gdbserver hax
2014-09-08 11:48:39 -05:00
c2e70446ed
Move SIP module stuff to Msf::Exploit::Remote::SIP
2014-08-25 13:11:21 -07:00
4e63faea08
Get a shell from a loose gdbserver session.
2014-08-24 01:10:30 -05:00
ae25c300e5
Initial attempt to unify the command stagers.
2014-06-27 08:34:55 -04:00
feca6c4700
Add exploit for ajsif vuln in Adobe Reader.
...
* This refactors the logic of webview_addjavascriptinterface into a mixin (android.rb).
* Additionally, some behavior in pdf.rb had to be modified (in backwards-compatible ways).
Conflicts:
lib/msf/core/exploit/mixins.rb
2014-06-02 22:25:55 -05:00
eab938c7b4
Get rid of requires, too
2014-04-07 16:39:19 -05:00
da0c37cee2
Land #2684 , Meatballs PSExec refactor
2014-03-14 13:01:20 -05:00
50fb9b247e
Restructure some of the exploit methods.
2014-02-19 02:31:22 -06:00
5606958320
Resolve require order
2014-01-02 23:46:18 +00:00
1235615f5f
Add firefox 15 chrome privilege exploit.
...
* Moves the logic for generating a firefox addon into its own mixin
* Updates the firefox_xpi_bootstrapped_addon module to use the mixin
* Module only works if you move your mouse 1px in any direction.
2013-12-18 14:30:35 -06:00
85150823cd
rename again
2013-11-11 15:44:27 -06:00
6a840fc169
Move file to get a matching name
2013-11-11 12:41:03 -06:00
00efad5c5d
Initial commit for BrowserExploitServer mixin
2013-10-31 13:17:06 -05:00
9353929945
Add CmdStagerPrintf
2013-09-23 22:02:29 +02:00
a5049df320
Add echo CmdStager
2013-09-16 11:35:05 -05:00
81b4efcdb8
Fix requires for PhpEXE
...
And incidentally fix some msftidy complaints
2013-06-19 16:27:59 -05:00
f4498c3916
Remove $Id tags
...
Also adds binary coding magic comment to a few files
2013-05-20 16:21:03 -05:00
8b5a83c7f5
Remove the DECODER option
2013-03-08 15:25:16 -05:00
aceba9fc8a
Revert "escape ticks and spaces in paths"
...
This reverts commit 4c87b1ba36
2013-03-08 14:37:28 -05:00
4c87b1ba36
escape ticks and spaces in paths
2013-01-10 09:15:24 -05:00
3c039327c0
include the new mixin
2013-01-02 13:41:57 -05:00
1da3388194
Fix missing require
...
[Closes #1106 ]
2012-11-30 13:42:31 -06:00
7032ef0f6f
Merge remote-tracking branch 'upstream/master' into web-modules
2012-11-09 00:21:38 +02:00
963fdd6430
Initial commit for Digi RealPort modules
2012-11-03 17:44:53 -05:00
a88031a02a
added web exploit mixin
2012-11-01 21:37:12 +02:00
56cbe6a67e
Some minor fixups
2012-10-19 15:25:03 -05:00
f2c7731b39
Add RopDb mixin
2012-10-01 17:09:01 -05:00
d656e3185f
Mark all libraries as defaulting to 8-bit strings
2012-06-29 00:18:28 -05:00
5b13b7d1d9
Extracted common AFP functionality to mixin
2012-03-13 09:56:03 +02:00
89e0842b1e
Add vim_soap to the mixins list.
...
Fixes an issue where a different module load order would result in one
of the vmware modules failing to load be cause vim_soap hadn't been
required yet. Thanks d0rm0us3 for having a weird system and spotting
stuff like this.
2012-02-20 13:17:45 -07:00
9ce47c01bd
Reverting the autoload changes until we can upgrade to a new ActiveSupport library or find a workaround
...
git-svn-id: file:///home/svn/framework3/trunk@12600 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 20:03:55 +00:00
fd4e6db85d
Fixes 4373, Migrates lib/msf to use autoload instead of require (first try)
...
git-svn-id: file:///home/svn/framework3/trunk@12596 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 19:07:35 +00:00
e0e8d986e7
Fix up psexec by adding a reqwuire for the wbemexec mixin
...
git-svn-id: file:///home/svn/framework3/trunk@12180 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-29 16:35:26 +00:00
19a4a2d88a
move some code from lib/rex/proto/smb/client to lib/rex/proto/ntlm/util and add a mini mixin for ntlm
...
git-svn-id: file:///home/svn/framework3/trunk@12162 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-27 20:14:56 +00:00
81ff9483bf
add ms09-004 exploit via sql injection from Rodrigo Marcos
...
git-svn-id: file:///home/svn/framework3/trunk@11631 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-24 19:37:58 +00:00
30affd4b2c
This commit adds a new set of discovery modules from wuntee and some useful utility methods for working with link-local addresses
...
git-svn-id: file:///home/svn/framework3/trunk@11417 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-27 16:43:53 +00:00
fbd340aae8
add an adodb based cmdstager, fixes #1431
...
git-svn-id: file:///home/svn/framework3/trunk@11247 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-07 18:51:12 +00:00
778040ec5b
move rservices mixin to aux instead of exploit
...
git-svn-id: file:///home/svn/framework3/trunk@11142 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-25 06:02:35 +00:00
b495ca8aab
add a mixin for pdf gen, see #2841
...
git-svn-id: file:///home/svn/framework3/trunk@11092 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 12:21:49 +00:00
dc5116f9df
Move the crawler mixin to an auxiliary
...
git-svn-id: file:///home/svn/framework3/trunk@11026 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-13 06:55:19 +00:00
f457ccb8f7
Add the crawler mixin and a sample form extractor crawler
...
git-svn-id: file:///home/svn/framework3/trunk@11025 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-13 06:40:56 +00:00
2b11577ae1
fix broken free, type in require
...
git-svn-id: file:///home/svn/framework3/trunk@10112 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-23 18:05:37 +00:00
08fc366d0b
add omlet mixin from Peter Van Eeckhoutte
...
git-svn-id: file:///home/svn/framework3/trunk@10108 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-23 17:35:41 +00:00
1b31a44b57
move riff support from ani_loadimage browser sploit to mixin
...
git-svn-id: file:///home/svn/framework3/trunk@9984 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-12 16:56:41 +00:00
d540818f01
split http exploit mixin into http/server and http/client
...
git-svn-id: file:///home/svn/framework3/trunk@9971 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-07 06:59:16 +00:00
7f8bbbc535
add dhcp/pxe stuff from scriptjunkie, see #2329
...
git-svn-id: file:///home/svn/framework3/trunk@9963 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-06 17:37:28 +00:00
e26d4ded08
Import the scanner and utility modules for the VxWorks WDB Agent service
...
git-svn-id: file:///home/svn/framework3/trunk@9945 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-02 05:56:26 +00:00
jvazquez-r7
floyd
William Vu
Jon Hart
Joe Vennix
Spencer McIntyre
joev
Tod Beardsley
David Maloney
Meatballs
sinn3r
Markus Wulftange
jvazquez-r7
James Lee
Tasos Laskos
HD Moore
sinn3r
Gregory Man
Joshua Drake
amaloteaux