infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
18,148 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

18148 Commits (34085e43ebbc5d790981f521c90397b36d8b17aa)

Author SHA1 Message Date
Meatballs e25fdebd8d Add php version to check 2013-04-26 23:58:08 +01:00
Meatballs cd842df3e2 Correct phpMyAdmin 2013-04-26 23:38:27 +01:00
Meatballs 6bb2af7cee Add pma url 2013-04-26 23:37:26 +01:00
Meatballs1 a9183525ad Merge pull request #4 from jlee-r7/landing-1772-phpmyadmin 
Clear out PMA's error handler
 2013-04-26 14:16:38 -07:00
sinn3r 6821c360b6 Landing #1761 - Adds Wordpress Total Cache module 
[Closes #1761]
 2013-04-26 16:08:04 -05:00
sinn3r 6c76bee02f Trying to make the description sound smoother 2013-04-26 16:02:28 -05:00
James Lee 9c8b93f1b7 Make sure LPORT is a string when subbing 
* Gets rid of conversion errors like this:
    [-] Exploit failed: can't convert Fixnum into String
* also removes comments from php meterp. Works for me with the
  phpmyadmin_preg_replace bug, so seems legit.
 2013-04-26 15:26:31 -05:00
James Lee a0c1b6d1ce Clear out PMA's error handler 
* Add an error_handler function that just returns true. This prevents eventual
  ENOMEM errors and segfaults like these:
    [Fri Apr 26 15:01:00 2013] [error] [client 127.0.0.1] PHP Fatal error:  Allowed memory size of 134217728 bytes exhausted (tried to allocate 44659282 bytes) in /home/egypt/repo/phpmyadmin/libraries/Error.class.php on line 156
    [Fri Apr 26 15:01:16 2013] [notice] child pid 7347 exit signal Segmentation fault (11)
* clean up some whitespace
 2013-04-26 15:25:09 -05:00
James Lee 5900a7c03f Whitespace 2013-04-26 15:24:02 -05:00
Meatballs de5c856188 get_cookies spec 2013-04-26 21:21:11 +01:00
Meatballs bbd53a2dbd Add domain to get_cookies 2013-04-26 20:34:21 +01:00
Meatballs b25b9e769c Msftidy 2013-04-26 20:30:04 +01:00
Fernando Arias 71208b8dd3 Bumped Version and pointed to rubygems 2013-04-26 14:30:00 -05:00
Meatballs 1f2cab7aef Tidyup and getcookies 2013-04-26 20:26:04 +01:00
farias-r7 12f62ca99c Merge pull request #1760 from rapid7/creds-counter-cache 
Bumps MDM version to latest

See PT#48827455 and PT#48595211
 2013-04-26 11:50:18 -07:00
Fernando Arias 1c285fb47c Bumped MDM verstion to latest via github 2013-04-26 13:29:25 -05:00
Meatballs 0901d00da5 Remove redundant pay opts 2013-04-26 19:26:29 +01:00
Meatballs a17d61897d Change to send_rq_cgi 2013-04-26 19:19:11 +01:00
Luke Imhoff 249a09cd52 Update to metasploit_data_models 0.7.1 
[#47979793]
 2013-04-26 13:14:38 -05:00
Tod Beardsley bf6b1b4fbf Land #1773, fixes for Safari UXSS 
Makes the module more user-friendly, doesn't barf on malformed paths for
keystroke logger catching.
 2013-04-26 13:11:55 -05:00
Tod Beardsley c27245e092 Touch descriptions for module and options 2013-04-26 13:05:16 -05:00
Joe Vennix b4606ba60a Remove unnecessary puts call. 2013-04-26 12:55:02 -05:00
Tod Beardsley ca6d6fbc84 msftidy for whitespace 2013-04-26 12:44:11 -05:00
Tod Beardsley 16769a9260 Fixing path normalization 2013-04-26 12:40:24 -05:00
Tod Beardsley 5e2634f155 Merge the rest of #1765 
This merge and commit f2838ee is for both. I was a little quick on the
draw for the last merge, didn't catch the latest commit.
 2013-04-26 12:18:14 -05:00
Tod Beardsley f2838eed92 Land #1765, before each fixes to rspec 2013-04-26 12:09:05 -05:00
James Lee a12dbbaee7 Use :each instead of :all here, too 2013-04-26 11:49:30 -05:00
Meatballs 54233e9fba Better entropy 2013-04-26 17:46:43 +01:00
Meatballs c8da13cfa0 Add some entropy in request 2013-04-26 17:34:17 +01:00
Joe Vennix 2fa16f4d36 Rewrite relative script URLs to be absolute. 
* Adds rescue clauses around URI parsing/pulling
* Actually use the URI_PATH datastore option.
 2013-04-26 11:25:20 -05:00
Meatballs a043d3b456 Fix auth check and cookie handling 2013-04-26 17:10:24 +01:00
Meatballs 025315e4e4 Move to http 2013-04-26 15:42:26 +01:00
Meatballs 9ad19ed2bf Final tidyup 2013-04-26 15:41:28 +01:00
jvazquez-r7 99b46202b9 Do final cleanup for sap_configservlet_exec_noauth 2013-04-26 08:45:34 -05:00
jvazquez-r7 308b880d79 Land #1759, @andrewkabai's exploit for SAP Portal Command Execution 2013-04-26 08:44:11 -05:00
Meatballs c7ac647e4e Initial attempt lfi 2013-04-26 14:32:18 +01:00
Andras Kabai 5839e7bb16 simplify code 2013-04-26 12:14:42 +02:00
Andras Kabai 4aadd9363d improve description 2013-04-26 12:13:45 +02:00
jvazquez-r7 dcd54487b1 Land #1771, @wchen-r7's fix for ppr address on badblue_passthru 2013-04-25 21:16:35 -05:00
sinn3r d868aee994 Landing #1768 - Adds a delay option for file_dropper.rb 
[Closes #1768]
 2013-04-25 21:02:34 -05:00
sinn3r eae1cb5afa Let's word this a little differently 2013-04-25 21:01:53 -05:00
sinn3r b1e49e7116 Merge branch 'master' of github.com:rapid7/metasploit-framework into upstream-master 2013-04-25 20:54:28 -05:00
sinn3r d8be6b1b02 Landing #1768 - Adds a delay to file_dropper 
[Closes #1768]
 2013-04-25 20:52:58 -05:00
sinn3r 5b0ae1476b Let's word this a little differently 2013-04-25 20:52:51 -05:00
Meatballs b58a775af5 Added opt delay to file_dropper 2013-04-25 20:52:51 -05:00
sinn3r 71e055a5c2 Let's word this a little differently 2013-04-25 20:44:57 -05:00
jvazquez-r7 a217ca8bc7 Land #1763, @wchen-r7's modification to add js_ajax_download 2013-04-25 20:43:24 -05:00
sinn3r f3f60f3e02 Fixes P/P/R for target 0 (BadBlue 2.72b) 
Target 1, which covers 2.72b, uses an invalid P/P/R from some unknown
DLL, and appears to be broken.  Because 2.72b actually uses the same
ext.dll as BadBlue EE 2.7 (and that target 0 actually also works
against 2.72b), we might as well just use the same P/P/R again.

[FixRM #7875]
 2013-04-25 20:20:24 -05:00
sinn3r 008266a581 Corrects documentation. Thanks Meatballs1 2013-04-25 19:13:16 -05:00
jvazquez-r7 bf0375f0e9 Fix @jlee-r7's feedback 2013-04-25 18:43:21 -05:00