Peter Van Eeckhoutte
a3035dc6d0
Adding corelandc0d3r's http/https/ftp payload
...
Picks up the one http/https/ftp payload, but not the other two DNS
payloads listed as part of the original pull request.
[Closes #173 ]
2012-03-19 16:50:59 -05:00
Tod Beardsley
bff860c62d
s/brute force/bruteforce
...
This is the preferred spelling in Metasploit, at least, according to
grep consensus:
./metasploit-framework$ grep -ri "brute force" . | wc -l
111
./metasploit-framework$ grep -ri "bruteforce" . | wc -l
183
2012-03-19 16:14:00 -05:00
Tod Beardsley
4391c24d2f
Trivial touchups on RDP DoS module.
...
Dropping a line about what it can't do, adding freenode comment.
2012-03-19 14:27:27 -05:00
sinn3r
3a851ef2c2
Fix typo
2012-03-19 13:20:59 -05:00
sinn3r
3d72d52625
Add reporting to MS12-020
2012-03-19 13:18:51 -05:00
sinn3r
fa4504e1f6
Let's make this clear, it's just a DoS
2012-03-19 13:00:29 -05:00
sinn3r
13f16daca7
Actually, that date is way off. Corrected.
2012-03-19 12:58:52 -05:00
sinn3r
d8be328b89
Ported Daniel/Alex/jduck's MS12-020 PoC as a Metasploit module
2012-03-19 12:53:34 -05:00
sinn3r
cdd7a16603
Apply egypt's fix for "\n"
2012-03-19 10:19:10 -05:00
sinn3r
aeb691bbee
Massive whitespace cleanup
2012-03-18 00:07:27 -05:00
sinn3r
7c77fe20cc
Some variables don't need to be in a double-quote.
2012-03-17 20:37:42 -05:00
sinn3r
acac3fa38d
Add back enum_protections with some new changes
2012-03-17 16:00:20 -05:00
ohdae
14d427fa87
Added fix for enum_protections
2012-03-17 13:28:31 -04:00
sinn3r
78331bb4c1
A bunch of fixes
2012-03-17 03:14:26 -05:00
sinn3r
4a0c75f4b3
Merge branch 'post-mods' of https://github.com/ohdae/metasploit-framework
2012-03-17 02:38:35 -05:00
sinn3r
ff093c3f93
The comments in get_chatlogs need an update
2012-03-17 00:28:05 -05:00
sinn3r
39cfa43250
Correct license format
2012-03-17 00:25:41 -05:00
sinn3r
3479a314e3
Add enum_adium.rb post module
2012-03-17 00:22:03 -05:00
ohdae
c3f98fe284
Changed store_note to store_loot. Fixed local/remote file retrieval
2012-03-16 16:54:36 -03:00
sinn3r
d3a87b59aa
This module is not ready, yanked.
2012-03-16 11:49:31 -05:00
Gregory Man
ba6928cbf1
sockso_traversal 1.8 compatibility fix
2012-03-16 18:12:09 +02:00
ohdae
c5a4dc39c3
fix
2012-03-16 09:17:35 -04:00
ohdae
9b4ecc2777
Merge branch 'post-mods' of github.com:ohdae/metasploit-framework into post-mods
2012-03-16 09:15:47 -04:00
ohdae
b635019d56
saves each config to loot instead of notes
2012-03-16 09:14:48 -04:00
sinn3r
9f0a293a53
Correct variable name
2012-03-16 01:17:39 -05:00
ohdae
13b92b97e9
Fixed incorrect variable within get_sql_history
2012-03-16 01:40:12 -03:00
ohdae
f6a2e2b890
Enumerate important and interesting configuration files
2012-03-15 22:59:42 -04:00
David Maloney
6011da7db8
More Virtualisation SSL fixes
2012-03-15 19:06:48 -05:00
David Maloney
e4778c2ba4
Default SSL to true for esx_fingerprint module
2012-03-15 18:15:29 -05:00
Tod Beardsley
e3f2610985
Msftidy run through on the easy stuff.
...
Still have some hits, but that requires a little more code contortion to
fix.
2012-03-15 17:06:20 -05:00
Tod Beardsley
9144c33345
MSFTidy check for capitalization in modules
...
And also fixes up a dozen or so failing modules.
2012-03-15 16:38:12 -05:00
sinn3r
46dbaf8283
Fix typos and output
2012-03-15 16:10:05 -05:00
sinn3r
81b3eaa482
Fix typo
2012-03-15 15:56:24 -05:00
sinn3r
db4538389c
Add sockso dir traversal
2012-03-15 15:55:54 -05:00
James Lee
74e40763d6
Fix syntax error in 1.8, thanks Jun Koi for the patch
2012-03-15 14:32:16 -06:00
sinn3r
e53938b9d7
Merge branch 'ohdae-post-mods'
2012-03-15 14:30:23 -05:00
sinn3r
2770199d28
enum_protections is now find_apps
2012-03-15 14:27:40 -05:00
sinn3r
e5c420b676
File rename, as well as design and cosmetic changes
2012-03-15 14:22:23 -05:00
sinn3r
8b91cc54c3
Merge branch 'post-mods' of https://github.com/ohdae/metasploit-framework into ohdae-post-mods
2012-03-15 13:50:43 -05:00
ohdae
7e7b220b70
added report_note, removed store_loot function, cleaned up info/author
2012-03-15 15:29:52 -03:00
sinn3r
d5f83be2d0
Cosmetic changes
2012-03-15 11:21:41 -05:00
Maciej Kotowicz
0389e47dfe
fix little mistake
2012-03-15 16:21:00 +01:00
ohdae
b88af39f74
fixed output newline issue
2012-03-15 12:18:29 -03:00
Gregory Man
9928b102b5
Added rails_mass_assignment module.
2012-03-15 16:56:38 +02:00
sinn3r
5250b179c8
Add CVE and OSVDB ref
2012-03-15 04:40:27 -05:00
ohdae
32002c595d
fixed save line
2012-03-15 01:05:35 -03:00
ohdae
c165b7b7c2
removed unneeded comments
2012-03-15 01:02:07 -03:00
ohdae
58b2d570c9
fixed output issue
2012-03-15 01:00:55 -03:00
sinn3r
65bde7ec99
Add OSVDB-79863 NetDecision Directory Traversal
2012-03-14 16:50:54 -05:00
Maciej Kotowicz
f91b894375
added posibilities for generating payload from asm to more arch's
...
added linux/x64/shell_find_port payload
2012-03-14 22:39:56 +01:00
ohdae
ffc41bf265
removed unneeded dependency
2012-03-14 18:26:53 -03:00
Jonathan Cran
c38aaede03
duplicate of enum_users_history.rb
2012-03-14 16:07:49 -05:00
ohdae
5c74b7741b
locates installed 3rd part av, fws, etc
2012-03-14 13:30:16 -04:00
sinn3r
d1efb40d2d
Fix bad path for Windows (bug #6523 ) - Thanks Francesco
2012-03-14 12:27:40 -05:00
sinn3r
3b880359fe
Change module name to better describe the purpose of it. Also some cosmetic corrections.
2012-03-14 11:44:03 -05:00
sinn3r
704f8e391d
Remove the line that's commented out
2012-03-14 11:37:43 -05:00
ohdae
60b3ee7b16
Added user specific tasks to enum_users, removed bash_hist from enum_sys, added disk space info to enum_system
2012-03-14 09:06:51 -04:00
sinn3r
50f8b6088b
Fix cosmetic problems
2012-03-14 05:20:19 -05:00
sinn3r
4872e80385
Cleanup whitespace and author format
2012-03-14 05:18:00 -05:00
sinn3r
9d7e22876c
Merge branch 'my-branch' of https://github.com/ohdae/metasploit-framework
2012-03-14 05:14:33 -05:00
sinn3r
ecb1fda682
Add OSVDB-79651: NetDecision 4.5 HTTP Server Buffer Overflow
2012-03-14 05:13:22 -05:00
ohdae
fbd076e749
removed old/ folder
2012-03-13 22:49:01 -04:00
ohdae
b86fa5c85b
Combined network tasks into enum_network.rb, Combined user/system tasks into enum_system.rb
2012-03-13 22:24:49 -04:00
ohdae
0fe26780b9
Merge branch 'my-branch' of github.com:ohdae/metasploit-framework into my-branch
2012-03-13 22:20:59 -04:00
ohdae
96fb9fd458
Combined network tasks into one module, Combined system/user tasks into one module
2012-03-13 22:18:24 -04:00
ohdae
f79bda2dc7
Update modules/post/linux/gather/enum_linux.rb
2012-03-13 21:15:47 -03:00
ohdae
3260bc6b65
Update modules/post/linux/gather/enum_linux.rb
2012-03-13 21:14:49 -03:00
ohdae
bd5950ea52
added active connections, iwconfig, if-up/down, open ports
2012-03-13 20:09:41 -04:00
ohdae
4b7e380581
Linux post ssh enum, Linux post network info
2012-03-13 17:27:21 -04:00
Tod Beardsley
81248f35c4
Changing H.323 constant for H323_STATUS_FACILITY
...
However, it's not actually being used in the module anywhere, so this
change appears cosmetic more than anything right now. However, I'm
inclined to believe Ricky's suggestions when it comes to H.323.
Corroborated by this 2003 post to the Ethereal mailing list:
http://www.ethereal.com/lists/ethereal-users/200311/msg00001.html
[See #6521 ]
2012-03-13 12:26:03 -05:00
Gregory Man
b0ba10f79c
Added afp_login module.
2012-03-13 10:01:42 +02:00
Gregory Man
5b13b7d1d9
Extracted common AFP functionality to mixin
2012-03-13 09:56:03 +02:00
Jonathan Cran
1cf25e58d5
merge description change
2012-03-12 17:22:01 -05:00
sinn3r
7d95132eab
Use a cleaner way to calculate JRE ROP's NEG value
2012-03-11 17:27:47 -05:00
sinn3r
6c19466de8
Change output style
2012-03-11 13:59:18 -05:00
sinn3r
25a1552fbd
Dynamic VirtualProtect dwSize. Change output style.
2012-03-11 13:49:46 -05:00
sinn3r
b0e7c048c9
This module fits the GoodRanking description
2012-03-10 00:50:41 -06:00
sinn3r
1d5bad469c
Add Windows 7 SP1 target
2012-03-10 00:11:25 -06:00
sinn3r
1ae779157d
Disable Nops so we don't get an ugly crash after getting a shell
2012-03-08 18:56:58 -06:00
Tod Beardsley
1e4d4a5ba0
Removing EncoderType from flash module
...
Also not very useful
2012-03-08 16:57:41 -06:00
Tod Beardsley
302a42a495
Fixing up print statements
...
Dropping the ROP prints since they're not all that useful.
2012-03-08 16:56:44 -06:00
Tod Beardsley
1396fc19bd
Fixup bad merge on flash mp4
2012-03-08 16:52:53 -06:00
sinn3r
cb04e47304
Attempt #2 : there's no cli in get_payload
2012-03-08 16:47:49 -06:00
sinn3r
3563fe1b36
The encoder "issue" was just a misconfig on my side. Also there's no cli in get_payload.
2012-03-08 16:41:32 -06:00
sinn3r
fee2e1eff9
Minor spray size change
2012-03-08 16:19:51 -06:00
HD Moore
12395c719f
Remove debugging code
2012-03-08 16:16:42 -06:00
HD Moore
87274987c1
Remove the now obsolete text about SWF_PLAYER
2012-03-08 16:16:13 -06:00
sinn3r
181fdb7365
A small title change
2012-03-08 16:10:16 -06:00
HD Moore
1271368b6f
Redirect to a trailing slash to make sure relative resources load
...
properly
2012-03-08 15:37:06 -06:00
HD Moore
b0db18674c
Test out new player code
2012-03-08 15:05:12 -06:00
HD Moore
eb847a3dfb
Add a nicer prefix to the target selection message
2012-03-08 13:46:14 -06:00
Tod Beardsley
5b566b43b4
Catching an update from @hdmoore-r7
...
wrt the nuclear option.
2012-03-08 12:08:39 -06:00
sinn3r
edb3f19c12
A little more padding for Win Vista target
2012-03-08 12:04:04 -06:00
Tod Beardsley
18962e1180
Checking in the new Flash exploit to the release
...
Using the checkout master directly:
git checkout master external/source/exploits/CVE-2012-0754/Exploit.as
git checkout master
modules/exploits/windows/browser/adobe_flash_mp4_cprt.rb
2012-03-08 11:55:01 -06:00
HD Moore
86fc45810b
Remove the resource during cleanup
2012-03-07 23:04:53 -06:00
HD Moore
b4e0daf3ca
Small tweaks to the adobe mp4 exploit
2012-03-07 22:53:47 -06:00
James Lee
8d93e3ad44
Actually use the password we were given...
2012-03-08 10:17:39 -07:00
sinn3r
9ece7b08fc
Add vendor's advisory as a reference
2012-03-08 00:46:34 -06:00
sinn3r
5f92bff697
Make sure no encoder will break the exploit again
2012-03-08 00:44:57 -06:00
sinn3r
2e94b97c82
Fix description
2012-03-07 23:59:51 -06:00
Tod Beardsley
57376a976d
Fixes descriptions on new modules.
...
Fixing up grammar and removing some editorial verbiage.
2012-03-07 09:18:47 -06:00
sinn3r
d9788db7bb
Merge pull request #222 from jduck/master
...
Fixes #6483
2012-03-07 18:11:48 -08:00
sinn3r
0550b77522
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-03-07 20:04:04 -06:00
sinn3r
3b4ed13aee
Fix typo
2012-03-07 20:03:46 -06:00
Tod Beardsley
33460b6bf4
Fixups on the Adobe Flash exploit description
...
Massaged the lines about the phishing campagin use in the wild.
2012-03-07 19:37:49 -06:00
sinn3r
c76f43c066
Add CVE-2012-0754: Adobe Flash Player MP4 cprt overflow
2012-03-07 19:24:00 -06:00
Tod Beardsley
f97dc8dee7
Fix spelling of the IBM product iSeries
...
Was I-Series.
2012-03-07 15:24:15 -06:00
sinn3r
7dfba9c00d
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-03-07 14:51:39 -06:00
sinn3r
0ee7788028
Add a check to detect the vulnerable version of Sysax SSH
2012-03-07 14:51:21 -06:00
Joshua J. Drake
ab01a19f92
Fixes #6483 : Correct the include for the handler (was copypasta)
2012-03-07 11:23:44 -06:00
Tod Beardsley
ba2bf194fd
Fixes descriptions on new modules.
...
Fixing up grammar and removing some editorial verbiage.
2012-03-07 09:17:22 -06:00
James Lee
02ea38516f
Add a check method for tomcat_mgr_deploy
2012-03-06 23:22:44 -07:00
James Lee
2b9acb61ad
Clean up some incosistent verbosity
...
Modules should use `vprint_*` instead of `print... if
datastore["VERBOSE"]` or similar constructs
2012-03-06 12:01:20 -07:00
sinn3r
003fa3e22c
Apply patch for #6495
2012-03-06 11:43:28 -06:00
sinn3r
22a12a6dfc
Add Lotus CMS exploit (OSVDB-75095)
2012-03-06 11:36:28 -06:00
HD Moore
99177e9d5e
Small commit to fix bad reference and old comment
2012-03-06 01:44:26 -06:00
Willis Vandevanter
461a59e28d
modified description and lowered the number of required requests
2012-03-06 00:48:54 -05:00
Willis Vandevanter
0f17bbdfdd
squid pivot scanning module
2012-03-06 00:30:30 -05:00
James Lee
70162fde73
A few more author typos
2012-03-05 13:28:46 -07:00
James Lee
82c23e95d3
Module author typo
2012-03-05 13:28:46 -07:00
James Lee
3a33434867
Fix a couple of typos that throw off module authors
2012-03-05 13:28:46 -07:00
sinn3r
afd1af6377
Merge branch 'apf-info' of https://github.com/gregory-m/metasploit-framework into gregory-m-apf-info
2012-03-05 11:18:23 -06:00
sinn3r
1005de0523
Port should not contain a non-numeric value or even empty when assigned to :port
2012-03-05 11:10:16 -06:00
Gregory Man
6726f07dbc
afp_server_info fixes and improvements
...
1.9 compatibility, timeouts, reporting
2012-03-05 14:57:59 +02:00
Gregory Man
d9f0453ee9
Added auxiliary/scanner/afp/afp_server_info module
2012-03-02 21:58:40 +02:00
Tod Beardsley
7447052b38
Convert WMAP constant name to the new format.
2012-03-02 10:18:32 -06:00
Tod Beardsley
302853f5a4
Unpolluting SVN Revision keyword
...
Sometimes Revision keywords get expanded, too. Fix those.
2012-03-02 10:18:32 -06:00
Tod Beardsley
3626d48db2
Un-polluting SVN Id keyword
...
Sometimes the SVN Id keyword sneaks back into the github repo already
expanded.
2012-03-02 10:18:32 -06:00
Efrain Torres
36a3341acd
Fix body cero.
2012-03-02 10:18:32 -06:00
Efrain Torres
6fba0698e5
Adding another detection method for blind sqli
2012-03-02 10:18:32 -06:00
Efrain Torres
02f6e3fcb2
Improving report on blind sqli module
2012-03-02 10:18:32 -06:00
Efrain Torres
126a6133cd
Improving blind sql inj. detection
2012-03-02 10:18:32 -06:00
Efrain Torres
b608aeeeb7
Migrating modules to use report_web_vulns and minor fixes
2012-03-02 10:18:32 -06:00
Efrain Torres
1a09a49f69
Starting getting rid of report_note to use report_web_vuln on all http aux modules
2012-03-02 10:18:32 -06:00
Efrain Torres
2ce7dc9331
One more module.
2012-03-02 10:18:32 -06:00
Efrain Torres
9c6fec3c33
First step on module cleaning.
2012-03-02 10:18:32 -06:00
Efrain Torres
eaecdb487c
Fix sname in report_ calls to check the use of ssl and report http or
...
https
2012-03-02 10:18:31 -06:00
Efrain Torres
6d80aa0a44
Renaming duh.
2012-03-02 10:18:31 -06:00
Efrain Torres
3cb65e24a1
Fix blind sqli module description and bug with http_method
2012-03-02 10:18:31 -06:00
Efrain Torres
6938b91d07
Execute tests agains a specific path and bug fix in blind sqli module
2012-03-02 10:18:31 -06:00
Efrain Torres
a2e5a4d9d5
New wmap version 1.5. Plugin and mixin changes. Modules edited to adjust to naming convention
2012-03-02 10:18:31 -06:00
sinn3r
8f30e5548c
Fix bug: "TypeError can't convert nil into String" when fd.read can be nil
2012-03-02 02:18:07 -06:00
sinn3r
67f788768d
Fix tabs
2012-03-01 22:31:08 -06:00
sinn3r
fd2d9ae0ea
Add MP4 file generating function. Update the description regarding exploit usage.
2012-03-01 22:24:35 -06:00
sinn3r
b1b2ec2c7d
Merge branch 'CVE-2008-5036_vlc_realtext' of https://github.com/juanvazquez/metasploit-framework into juanvazquez-CVE-2008-5036_vlc_realtext
2012-03-01 21:13:33 -06:00
sinn3r
8bad0033d3
Update description
2012-03-01 19:16:29 -06:00
sinn3r
0bc26c1665
Add CVE-2009-4656: DJ Studio .pls buffer overflow
2012-03-01 19:09:25 -06:00
sinn3r
d06848ba56
Default to token impersonation before migrating to a different process
2012-03-01 18:31:33 -06:00
sinn3r
687c50d0cd
Indent level fix
2012-03-01 16:14:29 -06:00
juan
f1a6d8f535
Added exploit module for CVE-2008-5036
2012-03-01 23:06:40 +01:00