Commit Graph

22311 Commits (35ac9712ab2ac9379b5c05caf89403a158e7db2a)

Author SHA1 Message Date
sho-luv 35ac9712ab Added auxiliary check for MS08_067
I simply copied the check from ms08_0867_netapi.rb and put them in
a auxiliary check so I could scan for it. This was done because
Nmap's check is not safe and this is more stable.
2014-01-08 16:41:44 -05:00
jvazquez-r7 8986659861
Land #2804, @rcvalle's support for disasm on msfelfscan 2013-12-30 12:24:22 -06:00
jvazquez-r7 598ed7925c Modify msfbinscan help 2013-12-30 12:23:47 -06:00
jvazquez-r7 4366d4da20 Delete comma 2013-12-30 11:45:52 -06:00
jvazquez-r7 54a6a4aafa
Land #2807, @todb-r7's armory support for bitcoin_jaker 2013-12-30 11:44:51 -06:00
jvazquez-r7 b8569a1698
Land #2794, @Meatballs1's fix for to_exe_jsp on J7u21, [FixRM #8717] 2013-12-30 09:28:27 -06:00
Tod Beardsley 88cf1e4843
Default false KILL_PROCESSES for bitcoin_jacker
I seem to able to read associated wallet files while these processes are
running with the greatest of ease. Maybe there was a file locking
concern, but I haven't run into it. Feel free to avoid landing this
particular commit if you disagree.
2013-12-29 14:12:00 -06:00
Tod Beardsley 5e0c7e4741
DRY up bitcoin_jacker.rb, support Armory
Also, make the process killing optional.
2013-12-29 13:07:43 -06:00
TabAssassin 9384a466c1
Retab bitcoin_jacker.rb 2013-12-29 10:59:15 -06:00
Tod Beardsley 6fcd12e36c Refactor for clearer syntax and variables
This was done on a barely configured Windows machine, so mind the tabs.
2013-12-29 10:15:48 -06:00
Tod Beardsley ef73ca537f First, clean up the original a little 2013-12-28 18:57:04 -06:00
sinn3r f2335b5145
Land #2792 - SSO/Mimikatz module overwrites password with N/A 2013-12-27 17:25:44 -06:00
sinn3r 70b752cf3d
Land #2805 - Avoid using merge! which can modify self.compat
With the use of merge!, it can cause the user to unable to choose a
payload after switching from a different target selection.
2013-12-27 17:20:44 -06:00
jvazquez-r7 39844e90c3 Don't user merge! because can modify self.compat 2013-12-27 16:37:34 -06:00
Ramon de C Valle c1f377fda6 Add disasm option to msfelfscan 2013-12-26 16:26:45 -02:00
jvazquez-r7 2ac02d3997
Land #2802, @todb-r7's mods before release 2013-12-26 11:01:25 -06:00
Tod Beardsley d6a63433a6
Space at EOL 2013-12-26 10:37:18 -06:00
Tod Beardsley 5ce862a5b5
Add OSVDB 2013-12-26 10:33:46 -06:00
Tod Beardsley c34a5f3758
Unacronym the title on Poison Ivy C&C 2013-12-26 10:30:30 -06:00
Tod Beardsley 47765a1c4f
Fix chargen probe title, comment on the CVE 2013-12-26 10:29:11 -06:00
Tod Beardsley 056661e5dd
No at-signs in names please. 2013-12-26 10:26:01 -06:00
jvazquez-r7 b02e21a1d3
Land #2779, @wchen-r7's mod to raise Msf::OptionValidateError when PORTS is invalid 2013-12-26 09:27:27 -06:00
jvazquez-r7 c2783c2746
Land #2798, @wchen-r7 update to safari post module 2013-12-25 10:24:39 -06:00
sinn3r 78db7429d0 Turns out the latest Safari is still vulnerable.
The version check is currently disabled because turns out the latest
Safari (6.1.1) is still vulnerable - I can still loot it in plain
text.
2013-12-24 19:27:45 -06:00
sinn3r a26e12b746 Updates descriiption and improves regex for safari_lastsession.rb
This updates two things for the safari_lastsession post module:

1. The description is updated: More information is added to describe
how Safari would end up storing the Gmail credential in the last
session state, and what it means to you as an attacker.

2. Regex update for the domain to search for: Before the module starts
extract the session data, it needs to know which domain to extract from.
Originally I only added mail.google.com, but turns out the sensitive info
can be found in accounts.google.com, so I added that one.
2013-12-24 14:00:55 -06:00
jvazquez-r7 95c4092f0f
Land #2797, @rbsec's patch for lotus domino regex 2013-12-24 07:28:57 -06:00
jvazquez-r7 136d635300
Land #2796, @Meatballs1's patch for [FixRM #8716] 2013-12-24 07:20:38 -06:00
rbsec 86a94022c0 Fix lotus_domino_hashes not working.
Some Lotus Domino servers prefix the "dspHTTPPassword" with a dollar
sign. Updated regex to take this into account.
2013-12-24 11:57:13 +00:00
sinn3r 90ce761681
Land #2790 - RealNetworks RealPlayer Version Attribute Buffer Overflow 2013-12-24 00:39:54 -06:00
sinn3r 367dce505b Minor details 2013-12-24 00:39:15 -06:00
sgabe f687a14539 Added support for opening via menu. 2013-12-24 03:12:49 +01:00
sinn3r 213556761a
Land #2765 - Added Poison Ivy Command and Control Scanner 2013-12-23 17:36:18 -06:00
sinn3r 0a07bbdf2e Minor changes 2013-12-23 17:35:42 -06:00
Meatballs 075f48a49f
Fix path 2013-12-23 22:44:56 +00:00
sinn3r 8a1f701081
Land #2795 - Increment MDM version to 0.16.9 2013-12-23 15:09:22 -06:00
Tod Beardsley 1599d9a134
Update Gemfile.lock 2013-12-23 14:47:32 -06:00
jvazquez-r7 2cc4fa35cf
Land #2785, @todb-r7's support for post modules on msfcli 2013-12-23 12:05:40 -06:00
Tod Beardsley c156d2a694
Increment MDM version to 0.16.9
[SeeRM #8725]
2013-12-23 10:29:36 -06:00
sinn3r 9c484dd0a3
Land #2786 - HP SiteScope issueSiebelCmd Remote Code Execution 2013-12-23 02:34:01 -06:00
sinn3r 5b647ba6f8 Change description
Pre-auth is implied.
2013-12-23 02:33:17 -06:00
Meatballs dc87575b9d
Retab and whitespace 2013-12-22 21:04:44 +00:00
Meatballs f112e78de9
Fixes .war file creation 2013-12-22 20:58:21 +00:00
sgabe 287271cf98 Fixed date format. 2013-12-22 01:32:16 +01:00
sgabe 0ac495fef8 Replaced hex with plain text. 2013-12-22 01:31:37 +01:00
Meatballs bf8c0b10fa
Dont store n/a creds 2013-12-21 09:04:02 +00:00
jvazquez-r7 f43bc02297 Land #2787, @mwulftange's exploit for CVE-2013-6955 2013-12-20 17:03:10 -06:00
jvazquez-r7 163a54f8b1 Do send_request_cgi final clean up 2013-12-20 17:00:57 -06:00
sgabe 44ab583611 Added newline to end of file. 2013-12-20 22:40:45 +01:00
sgabe 62f71f6282 Added module for CVE-2013-6877 2013-12-20 22:37:09 +01:00
SeawolfRN bf2dc97595 Merge branch 'poisonivyscanner' of github.com:SeawolfRN/metasploit-framework into poisonivyscanner 2013-12-20 18:46:35 +00:00