infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
31,176 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

31176 Commits (40972220e38bbf13c5fba33fdb1b471b4b9bd789)

Author SHA1 Message Date
sinn3r 40972220e3
Land #4804, HP Client Automation Command Injection 2015-02-20 16:56:03 -06:00
Brent Cook 58436fcc98
Land #4706 jvazquez-r7 adds NTLMSSP support for smb_relay 2015-02-20 15:15:00 -06:00
William Vu c9ddd0dac9
Land #4795, f5_bigip_cookie_disclosure update 2015-02-20 13:11:42 -06:00
William Vu b676f5a07e Clean up #4795 2015-02-20 13:10:31 -06:00
William Vu 59b7f321e5
Land #4801, QConvergeConsole Tomcat creds 2015-02-20 12:54:07 -06:00
William Vu cd8f9065be
Land #4807, reverse_http_proxy_pstore spec 2015-02-20 12:28:20 -06:00
Brent Cook 641b67469d add payload specs for reverse_http_proxy_pstore 
PR predated the spec
 2015-02-20 12:23:51 -06:00
Brent Cook b624278f9d Merge branch 'master' into land-4706-smb_reflector 2015-02-20 10:26:04 -06:00
Brent Cook 765a1bffd7
Land #1396 @somename11111's http_proxy_pstore stager 2015-02-20 09:47:34 -06:00
Brent Cook 5297ebc1a1 Merge branch 'master' into land-1396-http_proxy_pstore 
Bring things back to the future
 2015-02-20 08:50:17 -06:00
Brent Cook 91b4a59fc7 msftidy fixes 2015-02-20 08:42:54 -06:00
jvazquez-r7 1633a6d4fd Read response back while staging 2015-02-20 01:06:47 -06:00
jvazquez-r7 b0c6671721 Add module for ZDI-15-038, HPCA command injection 2015-02-20 00:41:17 -06:00
Ferenc Spala c498ba64e4 Added a new pair of default Tomcat credentials. QLogic's QConvergeConsole comes with a bundled Tomcat with a hard-coded username and password for the manager app. 2015-02-19 15:08:50 -06:00
sinn3r 49f4b68671
Land #4790, injecting code into eval-based Javascript unpackers 2015-02-19 12:33:52 -06:00
William Vu 27a8c460bd
Land #4797, revert of #4780 (issue #4669) 2015-02-19 09:58:20 -06:00
Brent Cook 4781ac4b39 the http service needs to keep running to handle meterpreter loading 
revert a8f44ca68f
 2015-02-19 09:38:48 -06:00
dnkolegov f6c871a8e5 Deleted spaces at EOL 2015-02-19 05:06:00 -05:00
dnkolegov caabb82975 Fixed indentation errors 2015-02-19 05:02:10 -05:00
dnkolegov 2a584da6d9 Added cookie value in print function 2015-02-19 00:43:57 -05:00
Tod Beardsley 7a3bc017ff
Land #4794, fix some db stuff, drop 1.9 tests 2015-02-18 17:26:02 -06:00
darkbushido e0e9445a40
removing 1.9.3 from travis 
metasploit_data_models requires Ruby version >= 2.1.
 2015-02-18 17:19:01 -06:00
darkbushido 67c0f590a0
Restoring mysteriusly changed db constraints... 2015-02-18 17:07:25 -06:00
Tod Beardsley c57dee569c
Land #3650, the last Meterpreter script ever. 2015-02-18 16:21:00 -06:00
Spencer McIntyre fe840635e5
Land #4791, fix ms14-070 CreateFile arguments 
The arguments to CreateFileA used to require that the user had
some level of access on the \\.\tcp device.
 2015-02-18 17:15:45 -05:00
Trevor Rosen 1099084fb0
Land #4761, enforce unique port number per service 2015-02-18 15:22:46 -06:00
Trevor Rosen 62fbf81f8a
Update Gemfile.lock and schema.rb 2015-02-18 15:17:17 -06:00
David Maloney ffa6550aec
Land #4787, HD's new Zabbix and Chef LoginScanners 
Lands the new LoginScanners HD wrote for Zabbix
and the Chef WebUI
 2015-02-18 14:51:16 -06:00
David Maloney 804db0ff0c
add leixcal sorting to methods 
lexical sort the new methods except for
msf module entrypoint methods which should always be at
the top
 2015-02-18 14:50:33 -06:00
joev 483a145d19 Fix msftidy issues. 2015-02-18 14:08:03 -06:00
William Vu 35511636cc
Land #4788, splunk_web_login new version support 2015-02-18 11:54:54 -06:00
Jay Smith e40772efe2
Fixed open device issue for non-priv users 
Fixed the open_device call to work for users without Administrator
privileges
 2015-02-18 12:44:58 -05:00
joev f8609ab0ba Add file format exploit for injecting code into unpackers. 2015-02-18 11:26:45 -06:00
Matt Buck a9931cd410
Land #4725, convert Rails 3 AR calls in RPC_Db 
Converts Rails 3 style ActiveRecord calls in RPC_Db to their Rails 4
counterparts.

Fixes #4725, also see MSP-12017
 2015-02-18 09:59:40 -06:00
William Vu 10960310da
Land #4786, cosmetic fixes from @hmoore-r7 
For {axis,glassfish}_login.
 2015-02-18 03:56:13 -06:00
William Vu 6a9d15a8d5
Land #4785, Rex::Proto::Http::Client context fixes 2015-02-18 03:47:26 -06:00
William Vu e2f5cc05c6
Land #4782, MSB reference fix 
In ms13_022_silverlight_script_object title.
 2015-02-18 03:44:15 -06:00
William Vu bda96f46e6
Land #4780, stop HTTP service with HTTP handler 2015-02-18 03:34:03 -06:00
HD Moore cc6899d783 Fix a stack trace on null response, thanks @jlee-r7 2015-02-18 00:38:55 -06:00
HD Moore f4d8a25981 Add support for newer Splunk versions 2015-02-18 00:30:47 -06:00
HD Moore 2847507f03 Add a chef brute force module 2015-02-17 23:49:57 -06:00
HD Moore 27d5ab45b4 Add a zabbix brute force module 2015-02-17 22:56:08 -06:00
HD Moore 85fd139ab0 Add missing context and a normalize_uri helper method 2015-02-17 22:55:53 -06:00
HD Moore f0e69cb526 Fix two cosmetic typos in the axis/glassfish modules 2015-02-17 21:01:35 -06:00
HD Moore 16932372db Calls to Rex::Proto::Http::Client.new were passing in empty context 2015-02-17 20:44:37 -06:00
sinn3r 59c413637a
Land #4781, handle resolve_sid failure enumerating user profiles 2015-02-17 14:58:07 -06:00
sinn3r 6acbe64dbd The MSB reference in the title is wrong 
It should be MS13-022.

MS12-022 is MSFT Expression Design.
 2015-02-17 14:56:14 -06:00
William Vu be5a0ee9c2
Land #4777, @todb-r7's release fixes 2015-02-17 13:45:00 -06:00
Tod Beardsley fb06cb13cc
Land #4774, Chromecast HTTP scanner 2015-02-17 13:11:25 -06:00
William Vu 687d84cdf0 Land wvu-r7#11, minor fixes for #4774 2015-02-17 13:08:30 -06:00