infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
23,958 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

23958 Commits (496dd944e62a1d708cfb02597ec3bdc8a0a30bfb)

Author SHA1 Message Date
Brandon Perry ec35f4b13f some bugs for sinn3r 2014-03-24 18:17:50 -05:00
Tod Beardsley 8082884e07
Land #3137, un-default USER_AS_PASS and... 
...BLANK_PASSWORDS. This is likely to affect nobody's normal work flow,
since best practice is to be explicit about your options in your RC
files.
 2014-03-24 16:45:05 -05:00
William Vu 8b2ee4eb8c
Disable BLANK_PASSWORDS and USER_AS_PASS 
They're as obnoxious as DB_ALL_* when enabled by default.
 2014-03-24 15:51:35 -05:00
Brandon Turner 460a1f551c
Fix for R7-2014-05 2014-03-24 14:12:12 -05:00
William Vu f12171d1a0
Land #3136, release fixes 2014-03-24 12:24:07 -05:00
Tod Beardsley cfdd64d5b1
Title, description grammar and spelling 2014-03-24 12:16:59 -05:00
Tod Beardsley cd9182c77f
Msftidy warning fix on Joomla module. 
Pre-commit hooks people.
 2014-03-24 12:03:12 -05:00
jvazquez-r7 c7ba7e4d92
Land #3131, @xistence's exploit for CVE-2014-1903 2014-03-24 08:48:06 -05:00
jvazquez-r7 c3b753f92e Make PHPFUNC advanced option 2014-03-24 08:47:31 -05:00
jvazquez-r7 4f333d84c9 Clean up code 2014-03-24 08:15:54 -05:00
Brandon Perry d6f397ab6d whoops that isn't how you EDB 2014-03-22 11:48:41 -05:00
Brandon Perry 291692d6e0 Update lifesize_uvc_ping_rce.rb 2014-03-22 11:30:00 -05:00
Brandon Perry 67a3a7227b Create lifesize_uvc_ping_rce.rb 2014-03-21 21:33:12 -05:00
Joshua Smith 312f117262 updates file read to close file more quickly 2014-03-21 14:53:15 -04:00
sinn3r 13f5c22536
Land #3129 - Fix 2782 with 2961 and stop stack-tracing download_exec 2014-03-21 11:36:59 -05:00
Matteo Cantoni 4b2a2d4dea Improve NTP monlist auxiliary module 2014-03-21 16:39:53 +01:00
Matteo Cantoni fbcd661504 removed snmp_enum_hp_laserjet from this pull request 2014-03-21 15:58:53 +01:00
xistence c4f0d8e179 FreePBX config.php RCE CVE-2014-1903 2014-03-21 10:29:15 +07:00
Spencer McIntyre aa26405c23 Cleanup an expression and avoid fail_with 2014-03-20 17:33:09 -04:00
James Lee 0a141f1c02
Land #2810, masked password format switcheroo 2014-03-20 15:12:12 -05:00
David Maloney c4a9b4fda0
Land #3128, Put loot in correct workspace 2014-03-20 14:11:17 -05:00
sinn3r b02337d8b6
Land #3123 - Horde Framework Unserialize PHP Code Execution 2014-03-20 12:32:14 -05:00
James Lee c453bde08b
Land #3125, fix zip imports 2014-03-20 12:27:13 -05:00
Tod Beardsley 3d3681801a
Fix linux download_exec for #2961 
Note! This module already seems pretty broken, in that it doesn't appear
to correctly locate curl or wget. Will open another bug on that.

[See RM #8777]
 2014-03-20 12:09:38 -05:00
sinn3r 0c4b71c8bf
Land #3094 - Joomla weblinks-categories Unauth SQLI Arbitrary File Read 2014-03-20 12:08:18 -05:00
sinn3r 93ad818358 Fix header and e-mail format for author 2014-03-20 12:07:50 -05:00
jvazquez-r7 48c62992cb Land #3124, @wchen-r7's new checks for os.js 2014-03-20 11:31:29 -05:00
jvazquez-r7 a5afd929b4 Land #3120, @wchen-r7's exploit for CVE-2014-0307 2014-03-20 11:16:40 -05:00
jvazquez-r7 8cb7bc3cbe Fix typo 2014-03-20 11:13:57 -05:00
Tod Beardsley 4d3f871e9d
Land #2961, get_env and get_envs Post mixin 
This unbreaks the changes introduced by #2782 by introducing
get_env and get_envs for shell sessions (not just meterpreter sessions).
 2014-03-20 10:53:50 -05:00
Trevor Rosen dd4b16ad60 Remove some dead code 2014-03-20 09:38:14 -05:00
Trevor Rosen dc85a99fbd report_loot now sets proper Mdm::Workspace 
* Uses an Mdm::Workspace when passed one in conf hash
 2014-03-20 09:27:09 -05:00
Spencer McIntyre 74398c4b6e Allow using a single URI and/or a list of URIs 2014-03-20 09:54:02 -04:00
Michael Messner 4f1404eecc reboot payload for mipsbe 2014-03-20 12:37:58 +01:00
xistence 2845f834c6 changed cookie retrieval to res.get_cookies 2014-03-20 16:39:26 +07:00
xistence 7bfb8e95e6 minor changes to seportal module 2014-03-20 13:44:39 +07:00
xistence 5ef49ff64b SePortal 2.5 SQLi Remote Code Execution 2014-03-20 12:02:06 +07:00
Joshua Smith a8d919feb0 use TARGET_URI if given, otherwise TARGET_URIS_FILE 2014-03-19 23:32:04 -05:00
Samuel Huckins 33ca577010 Zip Workspace imports now working. 
MSP-9531

* Was trying to delete XML file, not sure why, running into permission
error
* General clarification and cleanup
 2014-03-19 22:53:15 -05:00
sinn3r c5158a3ccc Update CVE 2014-03-19 22:13:23 -05:00
sinn3r 8c707b20e0 Add support for specific builds of MSIE 9 on Win 7 SP1 
These IE9 versions are vulnerable to MS14-012 (see #3120). If we don't
add them, then os_detect might recognize the target as IE 8, and fail.
 2014-03-19 21:54:36 -05:00
Brandon Perry 9b2cfb6c84 change default targeturi to something more universal 2014-03-19 21:03:50 -05:00
Brandon Perry b52a535609 add official url 2014-03-19 20:41:32 -05:00
Brandon Perry ab42cb1bff better error handling for the user 2014-03-19 18:46:57 -05:00
William Vu b79920ba8f
Land #3089, InvalidWordCount fix for smb_login 
[FixRM #8730]
 2014-03-19 16:12:56 -05:00
Samuel Huckins cc4c958d58 Merge remote-tracking branch 'metasploit-framework/master' into masked-cred-format-update 2014-03-19 15:47:46 -05:00
Tod Beardsley c1cbeff5f0
Land #3122, lots of Meterpreter updates 
This lands the binaries built from Meterpreter as of:

rapid7/meterpreter#80 , also known as

commit 5addac75741fadfff35f4f7839cee6fd69705455

as well as the functional changes in:

rapid7/metasploit-framework#2782
rapid7/metasploit-framework#2889
rapid7/metasploit-framework#3061
rapid7/metasploit-framework#3085
 2014-03-19 15:35:49 -05:00
Samuel Huckins a78bc822d0 Gemfile update for new MDM version 
* Updated MDM is live
 2014-03-19 15:04:20 -05:00
sinn3r fe0b76e24e
Land #2994 - OWA 2013 support 2014-03-19 13:16:37 -05:00
jvazquez-r7 d6faf20981 Make title more accurate 2014-03-19 12:43:34 -05:00