infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
31,266 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

31266 Commits (3b21de390661675fc6d47dbce293e37bd128e56c)

Author SHA1 Message Date
William Vu f7fa76ae14
Land #4760, java_signed_applet .class cleanup 2015-02-13 10:06:27 -06:00
dnkolegov 19144e143a Fixed some errors in F5 BigIP cookie disclosure module 2015-02-13 03:29:23 -05:00
joev 49c9c02b53 Hide the dropped osx app. 2015-02-12 23:08:46 -06:00
William Vu 17437a3813
Land #4762, CVE reference for ie_uxss_injection 2015-02-12 22:04:41 -06:00
sinn3r 29163db7fc Add CVE reference for ie_uxss_injection 2015-02-12 17:16:59 -06:00
jvazquez-r7 3ae3d56caa
Land #4745, fixes #4711, BrowserAutoPwn failing due to getpeername 2015-02-12 16:51:09 -06:00
David Maloney a0787f5bb9
bump credential version too 2015-02-12 16:36:45 -06:00
David Maloney 1296696aea
get latests MDM for unique services 
pull in the latest MDM to get the uniqueness validation
for Service objects

MSP-11643
 2015-02-12 16:33:37 -06:00
jvazquez-r7 92422c7b9a Save the output file on local_directory 2015-02-12 16:16:21 -06:00
Brent Cook 4da28324e7 expound on java signer build instructions 2015-02-12 16:13:08 -06:00
Brent Cook 7e9a331087 remove unused .class files 
These were added for multi/browser/java_signed_applet, but the class
files are already packaged in a jar file, which is what is actually
used.
 2015-02-12 16:08:29 -06:00
Christian Mehlmauer 55f57e0b9b
Land #4746, WordPress photo-gallery exploit 2015-02-12 22:24:12 +01:00
Christian Mehlmauer bce7211f86
added url and randomize upload directory 2015-02-12 22:16:37 +01:00
William Vu 39c0065560
Land #4758, SMTPDeliver DATA header fix 2015-02-12 15:07:31 -06:00
Matt Buck f0bf881cc3
Land #4720, update Rails 3-style .find(:first) 
Eliminate the Rails 3-style .find(:first) calls, and replace with
Rails 4-compatible .first().

Fixes #4720, also see MSP-12012
 2015-02-12 14:30:13 -06:00
David Maloney 72878e0c14
fixes bug with smtp header order 
SMTP servers that support pipelining will not accept any
commands other than MAILFROM and RCPTTO before the DATA
command. We were sending Date and Subject before Data
which would cause some mailservers to suddenly drop
the connection refusing to send the mail.

MSP-12133
 2015-02-12 14:13:39 -06:00
sinn3r 05d2703a98 Explain why obfuscation is disabled 2015-02-12 14:00:01 -06:00
William Vu 9b10cd5655
Land #4755, @todb-r7's release fixes 2015-02-12 13:16:08 -06:00
William Vu d7fa06de06 Fix off-by-one whitespace 2015-02-12 13:12:13 -06:00
Tod Beardsley c156ed62a9
on, not of. 2015-02-12 12:56:53 -06:00
Tod Beardsley e35f603888
Comma fascism 2015-02-12 12:49:45 -06:00
Tod Beardsley d89eda65fa
Moar fixes, thanks @wvu-r7 
See #4755
 2015-02-12 12:46:38 -06:00
sinn3r 60c650d0c7 Add RC script for auto payload generation to starting a handler 
Resolve #4740

Normally we type a bunch of msfconsole commands to generate a payload
to setting up a handler, sometimes we're really lazy to type a bunch
of commands so this should make things a little bit easier.
 2015-02-12 12:23:34 -06:00
Tod Beardsley e78d08e20d
Fix up titles, descriptions 2015-02-12 12:11:40 -06:00
sinn3r 50c72125a4 ::Errno::EINVAL, disable obfuscation, revoke ms14-064 2015-02-12 11:54:01 -06:00
jvazquez-r7 868bf4bc0f
Land #4752, @rastating's exploit for Maarch LetterBox file upload 2015-02-12 11:47:08 -06:00
jvazquez-r7 155651e187 Make filename shorter 2015-02-12 11:45:51 -06:00
jvazquez-r7 95bfe7a7de Do minor cleanup 2015-02-12 11:45:51 -06:00
rastating 30f310321d Added CVE reference 2015-02-12 11:45:51 -06:00
rastating 38ad960640 Add Maarch LetterBox file upload module 2015-02-12 11:45:51 -06:00
William Vu 309159d876
Land #4753, updated ms14_070_tcpip_ioctl info 2015-02-12 09:57:29 -06:00
Spencer McIntyre 8ab469d3bd Update ms14-070 module information and references 2015-02-12 09:51:01 -05:00
root 199dca75a6 Implement db_import and finalize plugin 2015-02-12 13:32:49 +05:00
Tod Beardsley ab42bad460
Land #4751, enable autofail on msftidy checks 
Also, removes the datastore check from msftidy.

Fixes #3853, finally.
 2015-02-11 15:05:07 -06:00
William Vu 9b2fad24e0 Add new comment about post-merge hook 2015-02-11 13:48:13 -06:00
William Vu 987fdbaeec Remove extraneous comment 2015-02-11 13:46:25 -06:00
William Vu 4cd5e8f702 Reenable post-merge hook in Travis 2015-02-11 13:41:23 -06:00
Samuel Huckins 2397be6e45
Land #4749 2015-02-11 13:13:05 -06:00
Tod Beardsley e0314aa727
Land #4750, Deprecate and msftidy on pxe exploits 2015-02-11 12:57:25 -06:00
Tod Beardsley 02fe57e2a1
Bump out to April, 60ish days 2015-02-11 12:56:37 -06:00
William Vu c73892b721 Nuke datastore modification check from orbit 2015-02-11 12:46:40 -06:00
William Vu fd11afff1a Deprecate manage/pxexploit 
modules/post/windows/manage/pxeexploit.rb
 2015-02-11 12:39:10 -06:00
William Vu 58b6b7519a Deprecate server/pxexploit 
modules/auxiliary/server/pxeexploit.rb
 2015-02-11 12:38:38 -06:00
William Vu 6294cbf4de Fix manage/pxexploit datastore 2015-02-11 12:19:59 -06:00
William Vu b894050bba Fix local/pxeexploit datastore 2015-02-11 12:19:56 -06:00
William Vu 9e717084af Fix server/pxexploit datastore 2015-02-11 12:19:39 -06:00
Sonny Gonzalez 7c57b9fb57
Fix Master - Pro build 
MSP-12138

* revert to previous Rails 3 syntax.
 2015-02-11 12:02:34 -06:00
William Vu 1ced9a2dd7
Land #4748, msftidy fixes for futex_requeue 2015-02-11 11:36:01 -06:00
Brent Cook f99ef5c0f5 fix msftidy warnings about towelroot module 2015-02-11 11:17:44 -06:00
rastating cb1efa3edd Improved error handling, tidied up some code 2015-02-11 10:16:18 +00:00