Commit Graph

13367 Commits (3c73133a44c312ce44d95da8b70b124f3bd34691)

Author SHA1 Message Date
Joe Vennix 315d68b6f5 Add fix for counter_cache migration to keep from throwing readonly column error. 2012-06-01 13:31:00 -05:00
Tod Beardsley ced5b9916e Whitespace fix for script-fu module
This is really just to check the GitHub IRC bot thinger.
2012-06-01 12:24:52 -05:00
Joe Vennix c5c1e71b32 Add migrations for counter_cache columns to framework. 2012-06-01 12:07:08 -05:00
sinn3r 353d49d05b Modify the description 2012-06-01 12:04:46 -05:00
jvazquez-r7 abbd8c8cd5 Added module for CVE-2012-2763 2012-06-01 18:53:25 +02:00
David Maloney 92dafd4d17 Bringin in new version of pcanywhere_login 2012-06-01 11:15:12 -05:00
David Maloney 933949a6b0 trying to work around wierd git issue 2012-06-01 11:13:28 -05:00
Samuel Huckins 2e15ecfbd7 MDM Update 2012-06-01 11:01:08 -05:00
sinn3r 9d6fc93ed3 Merge branch 'rubinius-gethostbyname' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-rubinius-gethostbyname 2012-06-01 00:39:52 -05:00
David Maloney 28bf017ca9 Fix nil responses 2012-05-31 23:12:17 -05:00
James Lee 4681ed1c1e Whitespace, thanks msftidy.rb! 2012-05-31 18:18:27 -06:00
James Lee 0def186824 Chdir to TMP before writing files 2012-05-31 17:48:12 -06:00
Samuel Huckins 35543d691d Now only loading MetasploitDataModels when not already loaded and
contained objects not in namespace
[Story #30430877]
2012-05-31 18:11:42 -05:00
James Lee fb1bf0b356 Work around a bug in rubinius 2012-05-31 16:48:34 -06:00
Joe Vennix daf5ae8e4b Updating to Rails 3.2.4.
Among other fixes, this addresses the Rails security advisory
from 5/31/2012:

http://groups.google.com/group/rubyonrails-security/browse_thread/thread/7546a238e1962f59
http://groups.google.com/group/rubyonrails-security/browse_thread/thread/f1203e3376acec0f

Thanks Joe and Trevor!

Squashed commit of the following:

commit d7031cebcc8a0f42f6980729c84b0ea6d24e0a9b
Author: Joe Vennix <Joe_Vennix@rapid7.com>
Date:   Thu May 31 16:57:29 2012 -0500

    Update activerecord in gemcache to support rails 3.2.4. [#30507689]

commit c7369f6d6631647907a5d67ac163020a5ab5d6dc
Author: Joe Vennix <Joe_Vennix@rapid7.com>
Date:   Thu May 31 16:53:01 2012 -0500

    Bump rails version.
2012-05-31 17:09:59 -05:00
Tod Beardsley c463bd7c6d Fixing description for citrix module 2012-05-31 16:37:35 -05:00
Tod Beardsley 17e41b2e39 Fixing description for citrix module 2012-05-31 16:36:21 -05:00
Juan Vazquez a0b491355c Merge pull request #436 from jvazquez-r7/citrix_streamprocess_get_footer
Added module for Citrix Provisioning Services 5.6 SP1
2012-05-31 14:35:22 -07:00
Tod Beardsley 02a41afb2b Fixing description for juan's Citrix module 2012-05-31 16:34:13 -05:00
Juan Vazquez 00bb216927 Merge pull request #435 from jvazquez-r7/citrix_streamprocess_get_boot_record_request
Added module for Citrix Streamprocess Opcode 0x40020004 Buffer Overflow
2012-05-31 14:33:20 -07:00
Juan Vazquez ab035e078d Merge pull request #434 from jvazquez-r7/citric_streamprocess_get_objects
Added module for ZDI-12-010
2012-05-31 14:30:08 -07:00
jvazquez-r7 47c5745673 Fixed name module 2012-05-31 23:23:11 +02:00
jvazquez-r7 e324ed5251 Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020002 Buffer Overflow 2012-05-31 23:21:43 +02:00
jvazquez-r7 1c11b1b1b7 Added module for Citrix Streamprocess Opcode 0x40020002 Buffer Overflow 2012-05-31 23:17:38 +02:00
jvazquez-r7 b5f5804d94 description updated 2012-05-31 23:14:25 +02:00
jvazquez-r7 198070361b Added module for ZDI-12-010 2012-05-31 22:45:55 +02:00
HD Moore 03b65c6a48 Handle cases where a user-agent was set via headers 2012-05-31 14:59:25 -05:00
HD Moore 2ad17299e2 Handle cisco devices better with ssh logins 2012-05-31 14:59:24 -05:00
David Maloney e93a6ddf83 Adds thelightcosine's pcanywhere module
Adds PCAnywhere bruteforce capabilities

Squashed commit of the following:

commit 5354fd849f0c009c534d7ce18369382dd56de550
Author: David Maloney <DMaloney@rapid7.com>
Date:   Thu May 31 14:35:23 2012 -0500

    Add explicit pack to encrypted header

commit 7911dd309a94df2729c8247c3817cf5de6b99aad
Author: David Maloney <DMaloney@rapid7.com>
Date:   Thu May 31 13:11:19 2012 -0500

    adds pcanywhere_login module
2012-05-31 14:46:26 -05:00
sinn3r 2dbb17ac6e Merge pull request #431 from swtornio/master
add osvdb ref
2012-05-31 08:58:31 -07:00
Steve Tornio 5105c1a4df add osvdb ref 2012-05-31 08:49:58 -05:00
sinn3r 4d94eeb79d Merge pull request #430 from wchen-r7/s40_traversal
Add s40 dir traversal vuln
2012-05-31 02:46:53 -07:00
sinn3r a19583624e Add s40 dir traversal vuln
I can't believe I stayed up all night, and this is all I could find.
2012-05-31 04:43:57 -05:00
Raphael Mudge b5f1554caf Adding rsmudge's Armitage update
Squashed commit of the following:

commit 60be1b2d1d66134c54c82857a569bbf3a005baf8
Author: Raphael Mudge <rsmudge@gmail.com>
Date:   Wed May 30 19:43:07 2012 -0400

    Armitage 05.30.12
    A small collection of bug fixes.
2012-05-30 19:20:14 -05:00
James Lee 1f21ae53fe But not *that* verbose 2012-05-30 16:41:56 -06:00
James Lee 53aece03ef Make meterpreter test a little more verbose 2012-05-30 16:03:01 -06:00
Tod Beardsley 7e6c2f340e Minor updates; added BID, fixed grammar
Modules should not refer to themselves in the first person unless they
are looking for Sarah Connor.
2012-05-30 16:16:41 -05:00
James Lee fd67f7c37c Add cd and pwd to Post::File API
Also changes working dir to /tmp (or %TMP% on Windows) when testing file
stuff.
2012-05-30 13:52:48 -06:00
sinn3r 54e14014c3 Merge pull request #428 from wchen-r7/php_volunteer
Add PHP Volunteer Management System exploit
2012-05-30 09:33:32 -07:00
sinn3r 59ea8c9ab9 Print IP/Port for each message 2012-05-30 11:30:55 -05:00
sinn3r 43dffbe996 If we don't get a new file, we assume the upload failed. This is
possible when we actually don't have WRITE permission to the
'uploads/' directory.
2012-05-30 11:26:06 -05:00
sinn3r efdcda55ef Don't really care about the return value for the last send_request_raw 2012-05-30 11:00:31 -05:00
sinn3r 13ba51db34 Allow the login() function to be a little more verbose for debugging purposes 2012-05-30 10:56:59 -05:00
James Lee b7e26db84e Committing Egypt's README updates
This is all documentation changes -- adds THIRD-PARTY licenses, updates
readme to be more like a readme, and moves the old readme to a COPYING
file.

Note that while this lands pull #388, it skips the Meterpreter changes
that were brought in almost certainly by accident.

Squashed commit of the following:

commit 7125509e8b3a2064cd27f8c58119e670f20ec779
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 23 13:12:45 2012 -0600

    Add license info for rkelly and anemone

commit 14367041c32ea019fa32bad5cc93aca30d6b5944
Author: James Lee <egypt@metasploit.com>
Date:   Wed May 23 12:49:14 2012 -0600

    Add licenses for gemcache stuff to THIRD-PARTY

commit c22138cf2475d1b35433ea403d844761d6612e34
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 17:24:14 2012 -0600

    Add useful links

commit 47a9df3d5484c38a0013fdb14f29d8432bb1befa
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 16:41:21 2012 -0600

    Add copyright notices

commit 687567dfe2c5c341e0da4887d421cf27f612364d
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 16:28:17 2012 -0600

    Give THIRD-PARTY an md extension

    Should make display on Github nicer

commit e3226764132200d95ae23cdb3995b21eff9afd99
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 16:22:55 2012 -0600

    Break licenses for bundled stuff into THIRD-PARTY

commit e6463c6e7f2aeab893def1a05cae4941144bf731
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 14:06:01 2012 -0600

    Move README to COPYING

commit 8a6a6bb63f5a8d0866e69678569349d17747abf5
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 12:53:31 2012 -0600

    Better wording.

commit 5ac46d4f6870cf2c4a5d9b960d27c0949c8ce2b8
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 12:51:58 2012 -0600

    Add a little more explanitory text to Contributing.

commit 54dab50d98b4430d1327a7a63983eb22ceb2c4f2
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 12:37:09 2012 -0600

    Missed one

commit e23c80f01efc851f80e60589b21c6682bbf62217
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 12:36:33 2012 -0600

    Better links

commit 47b944ec65ef63c1d642e1fe0d3920c4dc3dd43a
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 12:26:12 2012 -0600

    Meh, GFM doesn't like my headings

commit 12a7651e910166e2964752e9ca383aae293a0470
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 12:24:42 2012 -0600

    Initial stab at a better README

commit e3a0d4731b835fa6de2209dc8190f10dcbb50737
Author: James Lee <egypt@metasploit.com>
Date:   Mon May 14 11:59:41 2012 -0600

    LLC -> Inc.

commit 5b32b4245cf901ae01ec48cf4795505b80c14b7b
Author: James Lee <egypt@metasploit.com>
Date:   Sun May 13 17:50:04 2012 -0600

    Whitespace at EOL

commit e6719f18ab7c4597fec935987b2b6a85a2ff0284
Author: James Lee <egypt@metasploit.com>
Date:   Sun May 13 17:48:50 2012 -0600

    Only open /dev/null if we need it
2012-05-30 10:42:52 -05:00
sinn3r b81315790d Add PHP Volunteer Management System exploit 2012-05-30 10:38:45 -05:00
David Maloney 1d63cd6f6b Revert " Sets the passive flag on the JtR modules"
This reverts commit e70ccddc9a.
2012-05-29 21:28:23 -05:00
David Maloney 9e7acf3a57 left debug statement in module 2012-05-29 20:23:56 -05:00
David Maloney 5496beebbc fix bad proto name in winscp post mod
The service name would get set as SCP instead of SSH
this screws up bruteforce options later
2012-05-29 18:17:28 -05:00
James Lee 28fddcf18c Use the right path for require 2012-05-29 16:56:00 -06:00
David Maloney e70ccddc9a Sets the passive flag on the JtR modules 2012-05-29 17:16:07 -05:00