infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
27,752 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

14725 Commits (39a09ad7507f3ea1be607aef5dbf4b71b58ec91d)

Author SHA1 Message Date
jvazquez-r7 39a09ad750 Use ARCH_CMD on Windows target 2014-10-14 10:24:32 -05:00
jvazquez-r7 a0fc0cf87f Update ranking 2014-10-13 17:44:00 -05:00
jvazquez-r7 ca05c4c2f4 Fix @wchen-r7's feedback 
* use vprint_* on check
* rescue get_once
 2014-10-12 17:44:33 -05:00
jvazquez-r7 46bf8f28e0 Fix regex 2014-10-11 21:37:05 -05:00
jvazquez-r7 6092e84067 Add module for ZDI-14-344 2014-10-11 21:33:23 -05:00
Tod Beardsley aefd15c185
Land #3376, ARRIS SNMP enumerator from @inokii 2014-10-09 15:28:06 -05:00
jvazquez-r7 520e1bccca
Land #3692, @TomSellers's support for Metasploit Credential on enum_snmp 2014-10-09 15:18:44 -05:00
Spencer McIntyre a535d236f6
Land #3947, login scanner for jenkins by @nstarke 2014-10-09 12:59:02 -04:00
Spencer McIntyre 6ea530988e Apply rubocop changes and remove multiline print 2014-10-09 12:57:39 -04:00
jvazquez-r7 3305b1e9c3
Land #3984, @nullbind's MSSQL privilege escalation module 2014-10-09 11:39:15 -05:00
jvazquez-r7 10b160bedd Do final cleanup 2014-10-09 11:38:45 -05:00
jvazquez-r7 bbe435f5c9 Don't rescue everything 2014-10-09 11:25:13 -05:00
jvazquez-r7 0cd7454a64 Use default value for doprint 2014-10-09 11:04:42 -05:00
jvazquez-r7 db6f6d4559 Reduce code complexity 2014-10-09 10:59:14 -05:00
jvazquez-r7 615b8e5f4a Make easy method comments 2014-10-09 10:48:00 -05:00
jvazquez-r7 dd03e5fd7d Make just one connection 2014-10-09 10:46:51 -05:00
jvazquez-r7 ccf677aad6
land #3978, Fixes #3973, Wrong datastore option URI in glassfish_login 2014-10-09 09:53:01 -05:00
sinn3r df0d4f9fb2 Fix #3973 - Unneeded datastore option URI 
When Glassfish is installed, the web root is always /, so there is
no point to make this arbitrary.
 2014-10-09 00:06:15 -05:00
Christian Mehlmauer 1584c4781c Add reference 2014-10-09 06:58:15 +02:00
nullbind 168f1e559c fixed status 2014-10-08 21:19:50 -05:00
nullbind 3ebcaa16a1 removed scanner 2014-10-08 21:18:56 -05:00
nstarke 328be3cf34 Fine Tuning Jenkins Login Module 
At the request of the maintainers, I have deregistered the
RHOST option and made the failure proof a verbose only
print.
 2014-10-08 17:53:21 -05:00
jvazquez-r7 4f96d88a2f
Land #3949, @us3r777's exploit for CVE-2014-6446, wordpress infusionsoft plugin php upload 2014-10-08 16:35:49 -05:00
jvazquez-r7 66a8e7481b Fix description 2014-10-08 16:35:14 -05:00
jvazquez-r7 8ba8402be3 Update timeout 2014-10-08 16:32:05 -05:00
jvazquez-r7 bbf180997a Do minor cleanup 2014-10-08 16:29:11 -05:00
William Vu f86c0c2bb5
Land #3970, rm jtr_unshadow 2014-10-08 14:55:15 -05:00
jvazquez-r7 411f6c8b2d
Land #3793, @mfadzilr's exploit for CVE-2014-6287, HFS remote code execution 2014-10-08 12:16:09 -05:00
jvazquez-r7 98b69e095c Use %TEMP% and update ranking 2014-10-08 12:12:00 -05:00
jvazquez-r7 d90fe4f724 Improve check method 2014-10-08 12:03:16 -05:00
jvazquez-r7 25344aeb6a Change filename 2014-10-08 11:55:33 -05:00
jvazquez-r7 909f88680b Make exploit aggressive 2014-10-08 11:08:01 -05:00
jvazquez-r7 d02f0dc4b9 Make minor cleanup 2014-10-08 10:36:56 -05:00
jvazquez-r7 d913bf1c35 Fix metadata 2014-10-08 10:29:59 -05:00
Tod Beardsley a901916b0b
Remove nonfunctional jtr_unshadow 
This module hasn't been doing anything but print_error a go away message
since June, so may as well get rid of it.
 2014-10-08 10:23:29 -05:00
Brendan Coles e0016d4af3 Remove hash rocket from refs array #3766 
[SeeRM #8776]
 2014-10-08 09:16:38 +00:00
Brendan Coles 3c7be9c4c5 Remove hash rockets from references #3766 
[SeeRM #8776]
 2014-10-08 09:01:19 +00:00
sinn3r c5494e037d
Land #3900 - Add F5 iControl Remote Root Command Execution 2014-10-08 00:30:07 -05:00
nullbind 031fb19153 requested updates 2014-10-06 23:52:30 -05:00
William Vu 399a61d52e
Land #3946, ntp_readvar updates 2014-10-06 21:57:57 -05:00
nstarke e1b0ba5d3d Removing 'require pry' 
I accidentally left a reference to pry in my code.
Removing
 2014-10-06 21:40:39 -05:00
nstarke b8c2643d56 Converting Module to LoginScanner w/ Specs 
The previous commits for this Jenkins CI module relied on an
obsolete pattern.  Consequently, it was necessary to write
this module as a LoginScanner and incorporate the appropriate
specs so that the tests will run properly.
 2014-10-06 21:14:10 -05:00
sinn3r d3354d01f0 Fix #3808 - NoMethodError undefined method `map' 
NoMethodError undefined method `map' due to an incorrect use of
load_password_vars
 2014-10-06 15:42:51 -05:00
Jon Hart 8c8ccc1d54
Update Authors 2014-10-06 11:30:39 -07:00
us3r777 03888bc97b Change the check function 
Use regex based detection
 2014-10-06 18:56:01 +02:00
us3r777 29111c516c Wordpress Infusionsoft Gravity Forms CVE-2014-6446 
The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for
WordPress does not properly restrict access, which allows remote
attackers to upload arbitrary files and execute arbitrary PHP
code via a request to utilities/code_generator.php.
 2014-10-06 14:10:01 +02:00
nstarke 69400cf280 Fixing Author Declaration 
I had accidentally listed myself three times as the author.
Fixing that issue so that I am only declaring myself once.
 2014-10-05 23:17:28 -05:00
nstarke c0a3691817 Adding Jenkins-CI Login Scanner 
Per Github issue #3871 (RM8774), I have added a
login scanner module for Jenkins-CI installations.
 2014-10-05 22:08:34 -05:00
James Lee a65ee6cf30
Land #3373, recog 
Conflicts:
	Gemfile
	Gemfile.lock
	data/js/detect/os.js
	lib/msf/core/exploit/remote/browser_exploit_server.rb
	modules/exploits/android/browser/webview_addjavascriptinterface.rb
 2014-10-03 18:05:58 -05:00
Jon Hart a341756e83
Support spoofing source IPs for NTP readvar, include status messages 2014-10-03 14:05:57 -07:00