infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
36,228 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

36228 Commits (3d6e4068cbeca61374c319341894032adbe75448)

Author SHA1 Message Date
Jon Hart d3ebb8ae93
Style cleanup of auth checking 2015-11-06 08:34:17 -08:00
jvoisin c540ca763c Add the EDB id 2015-11-06 17:21:28 +01:00
jvoisin 7998955b46 The double-quote character is a badchar 2015-11-06 16:43:53 +01:00
jvoisin 30e7a35452 Add the possibility to target non-default path 2015-11-06 15:33:30 +01:00
jvoisin bb0e64e541 Implement a module for the recent vBulletin RCE 
This module implements the recent unserialize-powered RCE against
vBulletin 5.1.X

Step to reproduce:

1. Install vBulletin 5.1.X
2. Launch the exploit against it

```
msf exploit(vbulletin_unserialize) > check
[*] 192.168.1.25:80 - The target appears to be vulnerable.
msf exploit(vbulletin_unserialize) >
```

```
msf exploit(vbulletin) > run

[*] Started reverse handler on 192.168.1.11:4444
[*] Sending stage (33068 bytes) to 192.168.1.25
[*] Meterpreter session 1 opened (192.168.1.11:4444 -> 192.168.1.25:49642) at 2015-11-06 14:04:46 +0100

meterpreter > getuid
Server username: www-data (33)
```
 2015-11-06 14:59:25 +01:00
wchen-r7 46fac897bd
Land #6144, China Chopper Web Shell (Backdoor) module 2015-11-05 18:29:36 -06:00
wchen-r7 ea22583ed1 Update title and description 2015-11-05 18:29:03 -06:00
wchen-r7 27be832c4c remove the fail_with because it's always triggering anyway 2015-11-05 18:19:46 -06:00
dmohanty-r7 a71d7ae2ae
Land #6089, @jvazquez-r7 Fix HTTP mixins namespaces 2015-11-05 16:56:41 -06:00
wchen-r7 038cb66937 Use the right module path 2015-11-05 16:16:46 -06:00
Louis Sato 5143da14f7
Land #6193, move msftidy to correct location 2015-11-05 15:42:16 -06:00
jvazquez-r7 20679ea6c6
Land #5720, @g0tmi1k's changes to firefox_creds post module 2015-11-05 15:36:08 -06:00
Louis Sato 9c347fbaae
Land #6195, remove ff buildid from os.js 2015-11-05 15:01:15 -06:00
William Vu 2f65405a4e Fix missing brace and indent level 2015-11-05 14:30:26 -06:00
William Vu a53df44c55 Move msftidy back to tools/dev 
This is where it belongs.
 2015-11-05 13:56:28 -06:00
Jon Hart e96596e8eb
Credit Nixawk/all3g for some of the module review/improvements/ideas 
From:
  https://github.com/rapid7/metasploit-framework/pull/6191
  https://github.com/jhart-r7/metasploit-framework/pull/5
 2015-11-05 09:22:30 -08:00
Jon Hart 0ae2e64bc5
Only mark rsync as req'ing auth true/false if we are sure, otherwise vprint and unknown 2015-11-05 09:20:02 -08:00
Brent Cook ee6d6258a5
Land #6180, add PSH as a target for psexec directly, implement autodetect 2015-11-05 10:38:50 -06:00
pyllyukko 4390fda513
Remove extra Content-Length HTTP header 
The send_request_raw already sets the header and if it's set also in the
module, Metasploit sends the header twice.
 2015-11-05 14:38:06 +02:00
William Vu 862dff964a Integrate psexec_psh into psexec 2015-11-04 17:31:33 -06:00
James Lee 596b2b025d
Land #6173, improve advanced, info, and options 2015-11-04 13:40:49 -06:00
Jon Hart f1a79bd207
Make motd printing optional, off by default 2015-11-04 10:11:00 -08:00
Jon Hart 8f497faa09
Make read timeout configurable and shorter by default 
This makes the time spent handling motd almost a non-issue
 2015-11-04 10:01:38 -08:00
Jon Hart 3528bb2fa7
Remove optional motd handling; this is always necessary 
without it, detecting authentication on systems w/ a motd does not work
 2015-11-04 09:43:10 -08:00
Jon Hart 0d3232f93a
break if we get the rsync exit 2015-11-04 09:12:02 -08:00
Jon Hart ba5a8e4806
style 2015-11-04 09:11:07 -08:00
Jon Hart 2cab70294e
sprinkle in peer 2015-11-04 09:05:33 -08:00
Jon Hart 9bcdd19e0a
Correct table 2015-11-04 09:01:07 -08:00
Jon Hart 8f4f187c70
More usable format for module metadata in notes 2015-11-04 08:47:37 -08:00
Jon Hart b7ccee949e
Improve name and description; update authors 2015-11-04 08:42:29 -08:00
Jon Hart c0993c3797
Appease rubocop 
You have 20 seconds to comply
 2015-11-04 08:28:35 -08:00
Jon Hart c265a371d8
Make testing the rsync module for authentication optional, 
but on by default
 2015-11-04 08:25:38 -08:00
Brent Cook 7c7eb06058 remove unused kissfft library 2015-11-04 08:35:45 -06:00
Brent Cook 725d61d6e4 remove -db / -pcap / -all gemspecs, merge into one 2015-11-04 08:34:56 -06:00
Waqas Ali 2e88eb5287
Merge branch 'zeroSteiner-fix-tab-stageencoder' 
Land #6186, Fix tab completion for set StageEncoder
 2015-11-04 15:17:23 +05:00
Spencer McIntyre 1fbc4da36c Fix tab completion for set StageEncoder 2015-11-03 17:32:41 -05:00
jvazquez-r7 00d09744fb
Land #6118, @wchen-r7's new methods for Rex HTTP response 2015-11-03 10:42:42 -06:00
fraf0 3739a2fb72 Update dns_srv_enum.rb 2015-11-03 16:59:55 +01:00
fraf0 f1feccfd7c Update dns_srv_enum.rb 2015-11-03 16:53:26 +01:00
nixawk 109e9b6b6e remove debug info - require 'pry' 2015-11-03 06:52:11 +00:00
nixawk 46fe0c0899 base64 for evasion purposes 2015-11-03 06:42:52 +00:00
Tom Spencer 557dffd8d2 Fixed extra space at end of line 2015-11-02 21:50:39 -08:00
Tom Spencer 4d97e33bc5 Dramatic speed-up in bleeding, improved verbose output of leaked data. 2015-11-02 16:07:21 -08:00
Louis Sato 080acf56eb
Land #6177, remove obsolete files 2015-11-02 17:49:34 -06:00
Brent Cook 4320097025
Land #6172, fix problem encoding unicode strings with jsobfu 2015-11-02 17:30:06 -06:00
William Vu 9b5149fc64
Land #6147, report_vuln for CheckCode::Vulnerable 2015-11-02 17:24:06 -06:00
Jon Hart 3c92b109d7
Don't wait for motd when testing for auth 2015-11-02 10:49:48 -08:00
Jon Hart a4c260f7be
Simplify docs 2015-11-02 09:51:40 -08:00
Jon Hart 0dc6f6605b
Remove errant options print 2015-11-02 09:48:48 -08:00
Jon Hart 6c0034fba6
get_once for negotiation and trailing motd_lines 
This feels hacky.
 2015-11-02 09:32:54 -08:00