infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,030 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

5754 Commits (4943b4c6941c3748207e0ac987a6eb587f47795e)

Author SHA1 Message Date
lincoln-corelan b8227b8a2e Firefox Exploit 2012-05-07 19:41:03 -07:00
HD Moore 1a30e221a0 See #362 by changing the exitfunc arguments to be the correct type 2012-05-07 02:42:29 -05:00
HD Moore f6c88377f4 Fixes #362 by changing the exitfunction arguments to be the correct type 2012-05-07 02:41:08 -05:00
Steve Tornio ba4ae384d7 add osvdb ref 2012-05-05 10:14:07 -05:00
Steve Tornio cef2da6110 add osvdb ref 2012-05-05 10:13:42 -05:00
Steve Tornio 92e07aab12 Add osvdb ref 2012-05-05 10:13:18 -05:00
James Lee 18a44148dc Randomize case for ini true/false values 2012-05-04 17:32:32 -06:00
sinn3r 9c3d2355b1 Allow this module to be more verbose for future debugging 2012-05-04 15:47:30 -05:00
sinn3r f48d36ca31 Output changes. #6511 2012-05-04 15:11:54 -05:00
sinn3r 454a20b079 Fix bug #6438 2012-05-04 14:52:27 -05:00
sinn3r 457ca44f27 Fix #6511 2012-05-04 14:33:49 -05:00
sinn3r babababeb1 1. Fix enum_dns: .txt is not (or no longer a method) 
2. Patch snmp_enum: bug #6500
 2012-05-04 13:23:27 -05:00
sinn3r 8b3b952ccd Fix bug #6761 - false negative when OWA brings the user to the Options page insetad of inbox 2012-05-04 12:30:43 -05:00
HD Moore 423437c620 Woops, small typo in disable_functions 2012-05-04 12:17:41 -05:00
HD Moore c6b39e8e5c Add additional definitions to disable safe_mode, open_basedir, suhosin. (thanks @i0n1c) 2012-05-04 12:15:46 -05:00
sinn3r 69b60b88f8 Fix bug #6801: Error handling for get_imperstoken() 2012-05-04 11:44:05 -05:00
HD Moore 2ce3558bb4 Bump the rank 2012-05-04 10:19:37 -05:00
HD Moore bed4846763 A little more module cleanup 2012-05-04 10:06:18 -05:00
HD Moore d668e2321d Rename this to a more suitable location 2012-05-04 09:59:40 -05:00
HD Moore 6cf6a9548d Fix up the PHP CGI exploit, remove debug lines 2012-05-04 09:58:10 -05:00
sinn3r d5d35551ab Add EDB reference 2012-05-04 00:11:29 -05:00
sinn3r 6d5ceb07b6 Merge pull request #359 from wchen-r7/solarwinds_storage_manager_sql 
Add Solarwinds Storage Manager 5.1.0 SQL Injection (code execution)
 2012-05-03 22:02:12 -07:00
sinn3r 9a36017271 no unicode 2012-05-04 00:01:03 -05:00
sinn3r 25b11a02b5 Update the comment for check() 2012-05-03 20:37:36 -05:00
sinn3r 4bf674ece6 Pff, and of course, I had to make a typo on that one 2012-05-03 20:34:52 -05:00
sinn3r 1a4d3f849c A little change to the description 2012-05-03 20:33:28 -05:00
sinn3r 1cdc376f2b Merge branch 'msfvenom_nomethoderror' of https://github.com/silviupopescu/metasploit-framework into silviupopescu-msfvenom_nomethoderror 2012-05-03 20:29:06 -05:00
sinn3r 7ca69f00b0 Add Solarwinds Storage Manager 5.1.0 SQL Injection (code execution) 2012-05-03 20:24:42 -05:00
James Lee 2d1f4d4f3e Add hdm's better check method 2012-05-03 19:00:40 -06:00
James Lee 40ec3d9d40 Add an exploit module for the recent php cgi bug (CVE-2012-1823) 2012-05-03 18:51:54 -06:00
Silviu-Mihai Popescu 605e1929e4 Fixed msfvenom NoMethodError with alpha_mixed encoder. 
The issue was reported on Github[1] and Redmine[2].

The error consisted of trying to use the supports?() method
on an Array instead of a PlatformList.

[1] https://github.com/rapid7/metasploit-framework/issues/357
[2] http://dev.metasploit.com/redmine/issues/6826

Reported by: Brandon Perry
Signed off by: Silviu Popescu <silviupopescu1990@gmail.com>
 2012-05-03 17:47:25 +03:00
HD Moore 5151a4c530 Cosmetic 2012-05-03 00:33:09 -05:00
HD Moore 99d7b2601c Cosmetic 2012-05-03 00:31:50 -05:00
Tod Beardsley 43d730d564 Squashed commit of minor cosmetic fixes: 
commit eed15ea9ecc88683c8d922fe155d4777a7ce1286
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed May 2 21:55:56 2012 -0500

    Whitespace at EOL. Dangit.

commit 8159b27728d1a4fd0ad94ff56c4b4f2b995646f8
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed May 2 16:38:01 2012 -0500

    Disambiguating 'WebCalendar'
 2012-05-02 21:57:41 -05:00
James Lee dd7bc23d16 Whitespace 2012-05-02 18:06:39 -06:00
sinn3r c26dff4cff Clear whitespace 2012-05-01 17:29:27 -05:00
James Lee 1c03c2b157 Fix indentation 2012-05-01 15:21:42 -06:00
James Lee 194c0906c2 Fix a stack trace when SMBUser is nil 2012-05-01 15:21:42 -06:00
James Lee 6ab66dc59e Fix a stack trace when the SMBUser isn't set 
For some reason an invalid user/pass don't seem to trigger
STATUS_ACCESS_DENIED responses, but an empty user does.
 2012-05-01 15:21:42 -06:00
Alexandre Maloteaux d68d832c9d Squashed commit of the following: 
commit a0b50c394962fc90afc8d6232e1875588ed7ecb3
Author: Alexandre Maloteaux <a.maloteaux@gmail.com>
Date:   Fri Apr 20 01:45:06 2012 +0100

    enumshare: add srvsvc netshareenum request for compatibility with win 7 / 2008r2

[Closes #346]
 2012-05-01 15:21:42 -06:00
sinn3r 3e72f555ae Forgot... I don't need to print the client's IP manually anymore 2012-05-01 12:56:03 -05:00
sinn3r 3099236059 We no longer have to print the client's IP, because it's now a built-in feature. 2012-05-01 12:47:55 -05:00
juan 01b0d85526 module for cve-2012-1775 added 2012-05-01 16:39:30 +02:00
HD Moore 9988d6a430 Tabs. Sweet sweet tabs 2012-05-01 00:35:01 -05:00
sinn3r 5fec29e6b7 Add McAfee Virtual Technician ActiveX MVTControl vulnerability 2012-04-30 16:23:52 -05:00
sinn3r fd2e4c12a2 Fix possible "can't convert Fixnum into String" error 2012-04-30 13:49:53 -05:00
David Maloney 348da8e5a6 Fixes an issue with mysql probes not timing out properly. 2012-04-30 12:22:49 -05:00
HD Moore e12c29a5dc Fix up the check so it doesn't throw a marshal exception 2012-04-29 18:40:01 -05:00
HD Moore ffd91793b9 Make RMI easier to correlate, add a vulnerability check to the scanner module 2012-04-29 18:11:28 -05:00
sinn3r 46ad599673 Add CVE-2012-1495 WebCalendar settings.php code injection 2012-04-28 02:32:04 -05:00
Tod Beardsley 7904fe5bba Fixes load error for post/multi/general/execute.rb 
Need to require 'msf/core/post/common' before including
Msf::Post::Common
 2012-04-27 20:16:24 -05:00
David Maloney f1cd488f19 Overrirdes the autofilter results from the HTTPServer mixin for the rmi 
exploit
 2012-04-27 15:22:40 -05:00
HD Moore 67fe5b775a Bump this up 2012-04-27 01:23:40 -05:00
HD Moore ec831a1658 Smarter RMI class loader logic 2012-04-27 01:02:18 -05:00
HD Moore 4c2e1c2859 Small updates to the rmi modules 2012-04-27 00:07:00 -05:00
sinn3r 63ed7fcc8f Whitespace, be gone! 2012-04-26 02:38:29 -05:00
sinn3r d985ba5e5d Clean up whitespace 2012-04-26 02:36:29 -05:00
sinn3r 91763dd063 Fix 1.8 compatibility 2012-04-25 15:54:42 -05:00
sinn3r cc76438a75 Merge branch 'jlee-r7-http-print-standardization' 2012-04-25 15:38:46 -05:00
sinn3r 711fb73048 Fix more print_* 2012-04-25 15:01:50 -05:00
sinn3r f77efbf89e Change the rest of print_* 2012-04-25 14:24:17 -05:00
sinn3r 9189dea4e4 Merge branch 'http-print-standardization' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-http-print-standardization 2012-04-25 13:53:30 -05:00
HD Moore 4a8068905f Add a generic execute module and update migrate to handle a process name too 2012-04-25 12:40:20 -05:00
HD Moore 2a5a80a485 Rename and updates 2012-04-25 12:09:23 -05:00
HD Moore 03117ffa95 Add a version scanner for RMI 2012-04-25 11:24:28 -05:00
sinn3r 5bebd01eb0 Tabs vs spaces war round 2 2012-04-24 16:06:08 -05:00
sinn3r bc42375565 Fix spaces to proper hard tabs. Not very fun to do. 2012-04-24 16:03:41 -05:00
sinn3r 0671fc9ea1 Merge branch 'axis2_mods' of https://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-axis2_mods 2012-04-24 15:49:34 -05:00
sinn3r 9c9b74cae2 Small change with the description 2012-04-24 15:47:31 -05:00
sinn3r ecd7762df9 Merge branch 'shadow-exploit-module' of https://github.com/b0telh0/metasploit-framework into b0telh0-shadow-exploit-module 2012-04-24 15:30:09 -05:00
sinn3r c27195b189 Merge pull request #347 from wchen-r7/wol 
Add wake-on-lan module
 2012-04-24 11:50:05 -07:00
sinn3r 5bf5e8888d Minor changes 2012-04-24 13:48:45 -05:00
sinn3r e57ba79402 Merge branch 'cve-2012-0158_mscomctl_bof' of https://github.com/juanvazquez/metasploit-framework into juanvazquez-cve-2012-0158_mscomctl_bof 2012-04-24 13:46:24 -05:00
HD Moore ac6247963c Fix a missing require 2012-04-24 11:54:07 -05:00
sinn3r 4c72193922 Fix undefined method `[something]' for nil:NilClass 2012-04-24 01:46:03 -05:00
HD Moore bfbfc19116 Cosmetic 2012-04-23 21:59:44 -05:00
HD Moore e8ac6521d1 Cosmetic 2012-04-23 21:59:09 -05:00
HD Moore 86a1a58d2c Fixes #6689 by moving to 7za which is included in the installer 2012-04-23 16:25:24 -05:00
juan cca97f2989 added module for CVE-2012-0158 2012-04-23 22:59:25 +02:00
sinn3r 90a7458b56 Lower the rank a little to favor other modules in BAP 2012-04-23 15:15:08 -05:00
HD Moore a1f9d2c27a Bump up the wait_timeout (works with the recent AR patch) and fix a typo in the http_version commit 2012-04-23 02:44:56 -05:00
HD Moore 59ecc8584d Force http_version to always make a new request, even if the information is in the DB 2012-04-23 02:39:02 -05:00
Leonardo Botelho 66ecf28451 Shadow stream recorder exploit. 2012-04-22 19:19:40 -03:00
HD Moore 1d2581ebf4 Cosmetic 2012-04-21 14:51:20 -05:00
sinn3r b0a76a1aa1 Add wake-on-lan module 2012-04-21 03:29:49 -05:00
James Lee 9cdd8912c5 Remove spurious cli.peerhost in output 2012-04-20 13:31:42 -06:00
sinn3r 37e75dc644 Make this description a little more sense 2012-04-20 12:25:51 -05:00
sinn3r b955569b10 Update the use of get2() in order to support ruby 1.9.3 2012-04-20 01:37:24 -05:00
sinn3r c68a775106 Fix EDB references 2012-04-19 23:53:32 -05:00
sinn3r 12bf301d2b Correct file name 2012-04-19 21:17:19 -05:00
sinn3r 05459ca3ff Change module description 2012-04-19 21:17:19 -05:00
sinn3r 072faa65ec Massive code cleanup 2012-04-19 21:17:19 -05:00
sinn3r 93134e6fd2 Change default target 2012-04-19 21:17:19 -05:00
unknown 47ecd36805 Implemented Changes suggested by wchen-r7 (sinn3r) 2012-04-19 21:17:19 -05:00
unknown feb625cab0 Updated module 2012-04-19 21:17:19 -05:00
unknown 8caec4777f TFTPserverST addition 2012-04-19 21:17:18 -05:00
sinn3r 93390fa6e2 Fix metadata and some cosmetic stuff 2012-04-19 19:12:27 -05:00
sinn3r bce6c9abcf Verify checksum to avoid jumping to a corrupt payload 2012-04-19 18:52:43 -05:00
sinn3r ae7c2acf9d Merge branch 'xradio-exploit-module' of https://github.com/b0telh0/metasploit-framework into b0telh0-xradio-exploit-module 2012-04-19 18:09:20 -05:00
sinn3r 9a00823828 Merge branch '0a2940-CVE-2008-5499_adobe_flashplayer_aslaunch' 2012-04-19 18:08:22 -05:00