infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
29,660 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

29660 Commits (421fc2096478c471bda127e114579b80926ea864)

Author SHA1 Message Date
Jon Hart 421fc20964
Partial mercurial support. Still need to implement bundle format 2014-12-22 17:44:14 -08:00
Jon Hart fdd1d085ff
Don't encode the payload because this only complicates OS X 2014-12-22 13:36:38 -08:00
Jon Hart ea9f5ed6ca
Minor cleanup 2014-12-22 12:16:53 -08:00
Jon Hart dd73424bd1
Don't link to unused repositories 2014-12-22 12:04:55 -08:00
Jon Hart 6c8cecf895
Make git/mercurial support toggle-able, default mercurial to off 2014-12-22 11:36:50 -08:00
Jon Hart 574d3624a7
Clean up setup_git verbose printing 2014-12-22 11:09:08 -08:00
Jon Hart 16543012d7
Correct planted clone commands 2014-12-22 10:56:33 -08:00
Jon Hart 01055cd41e
Use a trigger to try to only start a handler after the malicious file has been requested 2014-12-22 10:43:54 -08:00
Jon Hart 3bcd67ec2e
Unique URLs for public repo page and malicious git/mercurial repos 2014-12-22 10:03:30 -08:00
Jon Hart 308eea0c2c
Make malicious hook file name be customizable 2014-12-22 08:28:55 -08:00
Jon Hart 7f3cfd2207
Add a ranking 2014-12-22 07:51:47 -08:00
Jon Hart 74783b1c78
Remove ruby and telnet requirement 2014-12-21 10:06:06 -08:00
Jon Hart 31f320c901
Add mercurial debugging 2014-12-20 20:00:12 -08:00
Jon Hart 3da1152743
Add better logging. Split out git support in prep for mercurial 2014-12-20 19:34:55 -08:00
Jon Hart 58d5b15141
Add another useful URL. Use a more git-like URIPATH 2014-12-20 19:11:56 -08:00
Jon Hart f41d0fe3ac
Randomize most everything about the malicious commit 2014-12-19 19:31:00 -08:00
Jon Hart 805241064a
Create a partially capitalized .git directory 2014-12-19 19:07:45 -08:00
Jon Hart f7630c05f8
Use payload.encoded 2014-12-19 18:52:34 -08:00
Jon Hart 7f2247f86d
Add description and URL 2014-12-19 15:50:16 -08:00
Jon Hart 9b815ea0df
Some style cleanup 2014-12-19 15:35:09 -08:00
Jon Hart 4d0b5d1a50
Add some vprints and use a sane URIPATH 2014-12-19 15:33:26 -08:00
Jon Hart 48444a27af
Remove debugging pp 2014-12-19 15:27:06 -08:00
Jon Hart 1c7fb7cc7d
Mostly working exploit for CVE-2014-9390 2014-12-19 15:24:27 -08:00
Jon Hart 4888ebe68d
Initial commit of POC module for CVE-2013-9390 (#4435) 2014-12-19 12:58:02 -08:00
William Vu 723998e1d4
Land #4425, jobs tab completion NilClass fix 2014-12-18 15:25:57 -06:00
Spencer McIntyre 400bd9a094 Fix jobs NilClass tab complete bug 2014-12-18 15:43:04 -05:00
William Vu 153d7e273d
Land #4420, tentative "fix" for EXE spec 2014-12-18 13:55:56 -06:00
Tod Beardsley db474adc7b
Remove the helper as well. 
See #3807.

Again, happy to have working tests that actually test validity. But,
these ain't them.
 2014-12-18 13:28:04 -06:00
sinn3r 144daaa6bb
Land #4421 - add a deprecation message for msfcli 
please make your way to msfconsole
 2014-12-18 10:28:31 -06:00
Tod Beardsley 60099d42cf
Add deprecation warning to msfcli, 6 months 
See #3802
 2014-12-18 09:39:50 -06:00
Trevor Rosen 80cd04d76a
Land #4332, test optimization for Cucumber 
* Make Cuke run faster on TravisCI
 2014-12-18 09:34:55 -06:00
Tod Beardsley 270debea32
Remove the EXE file test spec 
This thing has been a problem since forever, given cross-platform
issues and random collisions with other file magic signatures.

See #3807 and #2793 and the even earlier redmine bug.

This should not close the bug, since we're merely avoiding the random
fails by not testing at all. We /should/ test, but in the meantime, we
can't suffer these failures that throw me (at least) into a panic every
time.
 2014-12-18 09:18:24 -06:00
William Vu dcf23172be
Land #4418, threads tab completion NilClass fix 2014-12-17 22:13:17 -06:00
William Vu d41dc0d88e
Land #4419, msfbinscan NameError fix 2014-12-17 22:00:25 -06:00
Jakub Nawalaniec 9f0bf85ec1 Fix typo in msfbinscan 2014-12-18 02:43:24 +01:00
Spencer McIntyre 549f3c69ff Dont crash when tab complete threads command with typos 2014-12-17 19:36:04 -05:00
William Vu 5262096905
Land #4412, get_once NilClass fixes 2014-12-17 14:07:09 -06:00
sinn3r 6b0a98b69c
Resolve #4408 - bad uncaught nil get_once 2014-12-17 14:02:42 -06:00
William Vu 1ff51d5856
Land #4410, rm_f with more f 2014-12-17 13:16:46 -06:00
Spencer McIntyre 698ca2639b Do not delete files that do not exist in rm_f 2014-12-17 09:18:06 -05:00
HD Moore 9de4137aa7 Patch UA/Proxy settings during migration, lands #3632 2014-12-16 22:21:48 -06:00
Sean Verity 370f6003e3 Refactors metsrv patching in reverse_hop_htt.rb 2014-12-17 11:57:17 -05:00
Sean Verity 1930eb1bf8 Refactors metsrv patching in reverse_http.rb 2014-12-17 10:04:43 -05:00
William Vu f6af86a06d
Land #4402, ms12_020_check NilClass fix 2014-12-16 15:34:25 -06:00
William Vu 3a00db3c9c
Land #4404, Oracle scheduler exploit fix 2014-12-16 15:33:44 -06:00
William Vu c78685269f
Land #4403, msfvenom configurable variable name 2014-12-16 10:10:54 -06:00
David Maloney f237c56a13
This oracle scheduler exploit hangs if not vuln 
When this exploit gets run against a system that isn't vulnerable
it can hang for a signifigant ammount of time. This change uses the check
method on the exploit to see whether it should proceed. Don't try to exploit
the host if it's not vulnerable.
 2014-12-16 09:42:42 -06:00
sinn3r 513fd122b8 Update rpsec 2014-12-16 00:26:53 -06:00
sinn3r c2bc79c53c Resolves #4275 - Configurable variable name as an option 
Resolves #4275
 2014-12-15 23:59:34 -06:00
Sean Verity 52b3025351 Reworked to avoid extending String class on blob per hdm's rec. 2014-12-15 21:40:41 -05:00