infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,198 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

12198 Commits (3270976d7b22a98687c33caa14b39fd731b4460b)

Author SHA1 Message Date
RageLtMan 3270976d7b Search functionality for db dispatcher commands 2012-03-05 13:50:02 -07:00
sinn3r aab493259f Port should not contain a non-numeric value or even empty when assigned to :port 2012-03-05 13:50:02 -07:00
Gregory Man ba34fbac46 afp_server_info fixes and improvements 
1.9 compatibility, timeouts, reporting
 2012-03-05 13:50:02 -07:00
Gregory Man 4f05f4e03f Added auxiliary/scanner/afp/afp_server_info module 2012-03-05 13:50:02 -07:00
James Lee cd990917be Don't distinguish between 4 and 6. 
The client can figure it out from the length.
 2012-03-05 09:10:47 -07:00
James Lee c81dce2013 Append to the list instead of assigning to it 
All addresses are being sent to the client now.  Just need a way to
parse them out correctly on the other side and meterpreter will be able
to list all addresses on all interfaces on Linux.  Next step is to
allocate the proper number of TLVs to avoid good ol' stack smashes on
systems with lots of addresses and then make sure we clean all the
memory leaks.

[See #6476]
 2012-03-05 09:10:47 -07:00
James Lee cb998b91e5 Lay the groundwork for returning all addresses 
This commit only sends the last interface in the list, but it is looping
through all of them as evidenced by the log, just need to make sure
we're not overwriting as we go.

[See #6476]
 2012-03-05 09:10:46 -07:00
HD Moore cea4529f5e Add an example of preconfigured proxy stager 2012-03-05 00:59:47 -06:00
HD Moore de9b35d7b0 Fixes #6485 by allowing validation to write back normalized values to 
global. This isn't perfect, but we have no better solution unless we
clone the module datastore and unset the default imported_by for the
module run (actively testing that too in a branch)
 2012-02-29 01:49:26 -06:00
HD Moore 7b40d8d819 Allow updates to fallthrough to the global store just like reads 2012-02-29 01:40:54 -06:00
HD Moore 4c39cfd98a Small tweak to the format of the type 2012-02-28 23:52:48 -06:00
sinn3r 4b1e67f94f Add ROP target for Win2k3 SP1 and SP2 2012-03-04 17:18:34 -06:00
sinn3r 29cf8683ee Merge pull request #218 from swtornio/master 
add osvdb ref
 2012-03-03 16:27:34 -08:00
Steve Tornio 8f93a5abbb add osvdb ref 2012-03-03 12:28:30 -06:00
sinn3r fa916d863d Add Sysax SSH buffer overflow exploit 2012-03-03 10:11:51 -06:00
James Lee 9f05562a18 Don't distinguish between IPv4 and IPv6 routes 
It's easier to deal with one Array of all routes regardless of INET
family than having get_routes() return a two-element Array of Arrays.
Also fixes a bug in each_route() which was expecting get_routes() to
return a single Array of all routes. Thanks to valsmith for reporting.
 2012-03-02 18:26:57 -07:00
James Lee c44c0ebf48 Refactor ModuleTest and add a few more tests 
This makes running tests from a post module as easy as creating methods
that start with +test_+ and running +it()+ blocks inside them.
 2012-03-02 17:56:40 -07:00
Tod Beardsley 6c0f8636ec Merge pull request #217 from rapid7/reverse-http-randomness 
Reverse http randomness
 2012-03-02 16:36:26 -08:00
HD Moore 165257db75 Remove unused "plus" code 2012-03-02 17:46:59 -06:00
HD Moore b70b41091b Tested fairly well - this randomizes the URLs and removes the user-agent string from the request 2012-03-02 17:44:23 -06:00
HD Moore ce94ffd755 First round of changes to http(s) payloads 2012-03-02 17:13:51 -06:00
sinn3r 9258cda144 Change :info and file name so it's easier to identify it's a Firefox profile 2012-03-02 16:45:42 -06:00
James Lee a02ab0ab0c Add a few more tests for meterpreter 2012-03-02 15:31:01 -07:00
Tod Beardsley 96e03d2556 Merge pull request #44 from linuxgeek247/armle-bind-shell 
Adding armle bind shellcode based on existing reverse shellcode
 2012-03-02 14:25:43 -08:00
James Lee 9e2a1b6d52 Allow channel -k as a synonym for -c 
Makes it consistent with "jobs", "sessions", and "threads" commands in
msfconsole.  Because I keep using the wrong thing and being confused
about why it doesn't work.
 2012-03-02 15:11:00 -07:00
James Lee 884550ce7c Fix undefined constant bug in session.fs.seek 
How did this ever work?  Clearly nothing exercises this code.
 2012-03-02 14:43:00 -07:00
Tod Beardsley cf18bcc99e Merge pull request #215 from rapid7/msfgui-bail-without-msgpack 
Try to load msgpack first, if it's not there, bail
 2012-03-02 12:56:50 -08:00
James Lee 368cb13728 And the updated bin 2012-03-02 13:19:00 -07:00
James Lee 2d0d7b4470 777 is not the same as 0777 
Fixes a bug where meterpreter created directories with absurd
permissions on posix (777 = 01411 = dr----x--t).
 2012-03-02 13:16:52 -07:00
Tod Beardsley 4dce560e72 Try to load msgpack first, if it's not there, bail 
And tell the user how to fix. This has come up a couple times.
 2012-03-02 12:20:29 -06:00
James Lee 65c0cbdc00 Allow tab completion for resource files in current dir 2012-03-02 11:19:46 -07:00
Tod Beardsley faad9db393 Merge branch 'wmap_update' 
Fixed up a few merge conflicts, tested against metasploitable, looks
functional. Thanks Efraim!

[Closes #154]
 2012-03-02 10:25:31 -06:00
Tod Beardsley 7447052b38 Convert WMAP constant name to the new format. 2012-03-02 10:18:32 -06:00
Tod Beardsley 302853f5a4 Unpolluting SVN Revision keyword 
Sometimes Revision keywords get expanded, too. Fix those.
 2012-03-02 10:18:32 -06:00
Tod Beardsley 3626d48db2 Un-polluting SVN Id keyword 
Sometimes the SVN Id keyword sneaks back into the github repo already
expanded.
 2012-03-02 10:18:32 -06:00
Efrain Torres 36a3341acd Fix body cero. 2012-03-02 10:18:32 -06:00
Efrain Torres 6fba0698e5 Adding another detection method for blind sqli 2012-03-02 10:18:32 -06:00
Efrain Torres 02f6e3fcb2 Improving report on blind sqli module 2012-03-02 10:18:32 -06:00
Efrain Torres 126a6133cd Improving blind sql inj. detection 2012-03-02 10:18:32 -06:00
Efrain Torres b608aeeeb7 Migrating modules to use report_web_vulns and minor fixes 2012-03-02 10:18:32 -06:00
Efrain Torres 8909ad12ba Add the db_import command to the wmap documentation. 2012-03-02 10:18:32 -06:00
Efrain Torres 627a4bcb72 Adding new wmap_vulns command to documentation and minor fixes 2012-03-02 10:18:32 -06:00
Efrain Torres 21c6da5e12 Added wmap_vuln to see web_vulns table results. Basic reporting at this time. 2012-03-02 10:18:32 -06:00
Efrain Torres 1a09a49f69 Starting getting rid of report_note to use report_web_vuln on all http aux modules 2012-03-02 10:18:32 -06:00
Efrain Torres 2ce7dc9331 One more module. 2012-03-02 10:18:32 -06:00
Efrain Torres 9c6fec3c33 First step on module cleaning. 2012-03-02 10:18:32 -06:00
Efrain Torres 237038dca4 Adjust documentation. 2012-03-02 10:18:32 -06:00
Efrain Torres 4b412dc9e1 Minor fixes on view nodes jobs. 2012-03-02 10:18:32 -06:00
Efrain Torres 6437181542 Added job.info as part of nodes jobs details 2012-03-02 10:18:31 -06:00
Efrain Torres d35291d1bc Handle site tree leafs as directories if dont have extension 2012-03-02 10:18:31 -06:00