Commit Graph

13610 Commits (4c453f9b8739d4c24bd29bd33ddced325b63cbdb)

Author SHA1 Message Date
HD Moore ffdcea6a0a Permissions, ignore 2012-06-18 18:12:51 -05:00
James Lee 2b8024d538 Add a simple module for testing cmd payloads 2012-06-18 16:51:40 -06:00
Juan Vazquez ba343be152 Merge pull request #505 from jvazquez-r7/ezserver_ready
minor fixes to ezserver_http.rb
2012-06-18 13:46:11 -07:00
jvazquez-r7 2df237b066 minor fixes 2012-06-18 22:44:17 +02:00
Juan Vazquez 10bd72f3a1 Merge pull request #500 from modpr0be/module-ezserver
added ezserver <=6.4.017 bof for winxp sp3
2012-06-18 13:42:35 -07:00
James Lee 96c16a498a Add a check for distcc_exec
Just executes the exploit with an "echo <random>" payload to see if it
works.
2012-06-18 14:34:02 -06:00
modpr0be faa5c0ae0e deleted the module from root msf path 2012-06-19 02:10:54 +07:00
modpr0be d706199a83 fix all changes suggested by jvazquez-r7 2012-06-19 02:05:25 +07:00
Rob Fuller 77022d10da Added a bit of verbosity to SMB capture module to enhance logging and post exploitation 2012-06-18 15:55:40 -03:00
HD Moore 5b5f3d0cf6 Merge over MDM 2012-06-18 13:35:27 -05:00
sinn3r 10b733edf9 Merge branch 'dns_enum_over_tcp' of https://github.com/sempervictus/metasploit-framework into sempervictus-dns_enum_over_tcp 2012-06-18 12:14:04 -05:00
Tim Rottmann 5afdc2341b corrected a typo, "from from" to "from" 2012-06-18 19:34:18 +03:00
sinn3r 256290c206 Additional changes 2012-06-18 10:49:16 -05:00
sinn3r 50269c910a Add IE 8 targets 2012-06-18 10:44:52 -05:00
modpr0be 7b8275de04 added ezserver <=6.4.017 bof for winxp sp3 2012-06-18 22:39:59 +07:00
RageLtMan c68476cce2 Add DNS/TCP to enum_dns 2012-06-18 10:47:03 -04:00
RageLtMan 909614569a Revert "Banner encoding fix when running against dd-wrt on ruby 1.9.3"
This reverts commit 89d5af7ab2fe1ce31cd70561893d94bb73f3762c.

Telnet banner parsing restored
2012-06-18 10:44:06 -04:00
Samuel Huckins 68496d364a MDM update for report model validation 2012-06-18 08:57:32 -05:00
sinn3r aa8f687690 Merge branch 'msfvenom-is-slow' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-msfvenom-is-slow 2012-06-18 02:35:41 -05:00
HD Moore dd476f8c5d Merge branch 'master' into feature/vuln-info 2012-06-18 01:32:49 -05:00
HD Moore 0d8a4cefbf Permissions, ignore 2012-06-18 01:32:40 -05:00
HD Moore 0696748914 Import exploit attempts 2012-06-18 01:27:50 -05:00
James Lee 8874fd6c29 Don't load the framework just to print help
Makes "msfvenom -h" instant instead of going through all the overhead of
require'ing the entire framework and Rex. The only thing that used it
before was listing the output formats, so a new option, --help-formats,
has been added to provide the same information (with the associated
overhead).
2012-06-18 00:20:07 -06:00
HD Moore d674ba103d Export exploit_attempts & module_details, fix mixin load 2012-06-18 01:13:57 -05:00
HD Moore c388cba421 Fix up modules calling report_vuln() to use new syntax 2012-06-17 23:39:20 -05:00
HD Moore e8ad66b799 Exploit attempt tracking is mostly complete 2012-06-17 23:00:21 -05:00
HD Moore a8f7ea901a Fix cache counters for vuln_attempts, tweak nexpose 2012-06-17 21:55:11 -05:00
HD Moore a892fce320 Indent only subsequent list items 2012-06-17 20:55:19 -05:00
HD Moore 9ceba4421a Bullet formatting rendered poorly, remove these and keep indents 2012-06-17 20:49:22 -05:00
HD Moore 39a77024e2 Parse solutions/descriptions into a slightly less ugly format 2012-06-17 19:27:25 -05:00
sinn3r 5e3cf86794 Merge branch 'intersil_dos' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-intersil_dos 2012-06-17 18:22:22 -05:00
HD Moore fe34293ab4 Merge pull request #495 from graingert/patch-2
Print out successful mysql connection URI
2012-06-17 11:59:35 -07:00
Thomas Grainger 78876b74dd Maintain scanner module standard 2012-06-17 20:09:01 +02:00
HD Moore d7d4d13076 Store platform as a shortname, tweaks to vulns_refs to fix validation 2012-06-17 12:27:58 -05:00
HD Moore 8709473e72 Add fullname to modules, load mixins, fix platform 2012-06-17 11:57:33 -05:00
HD Moore 642f2bf552 MDM update 2012-06-17 11:44:04 -05:00
Thomas Grainger 74cbca5809 Print out successful mysql connection URI 2012-06-17 13:19:53 +02:00
HD Moore 999f7d7174 One more round of tweaks and finally back and running 2012-06-17 02:06:52 -05:00
HD Moore 37531d4486 Fix typo in table name 2012-06-17 02:01:23 -05:00
HD Moore 980327dddf Fix typo, redo add(), account for it in the loader 2012-06-17 01:59:19 -05:00
HD Moore b4b1a4168e Add missing module_detail_id's and references 2012-06-17 01:44:32 -05:00
HD Moore 38ad7230d2 Fix up a typo 2012-06-17 01:35:39 -05:00
HD Moore e4fffc36de Move to one to many instead of m2m for module_detail tracking 2012-06-17 01:21:38 -05:00
HD Moore 780b8ee48b Remove the vulns_refs destroy, this causes issues
when the join table has no .id
2012-06-17 00:12:10 -05:00
HD Moore be9b7a88fb Complicate the matching process in the name of memory
and loading speed. Use optional match_details param
to find matching vuln instances.
2012-06-17 00:07:00 -05:00
HD Moore 7d9d6f11e5 Comitting a copy of the "old" mode of loading,
still hoping to avoid having to do this due to
memory bloat and slowness.
2012-06-16 22:42:31 -05:00
sinn3r e72303a922 Add Intersil HTTP Basic auth pass reset (originally #453)
The modified version of pull request #453. This addresses a couple
of things including:
* Change the description to better explain what the vulnerability is.
  The advisory focuses the problem as an auth bypass, not DoS,
  although it can end up dosing the server.
* The title and filename are changed as a result of matching that
  advisory's description.
* Use 'TARGETURI' option instead of 'URI'.
* The reset attempt needs to check if the directory actually has
  401 in place, otherwise this may result a false-positive.
* The last HTTP request needs to check a possible nil return value.
* More verbose outputs.
2012-06-16 21:14:57 -05:00
HD Moore 52150b0e89 Merge branch 'master' into feature/vuln-info 2012-06-16 15:43:52 -05:00
HD Moore 8522d838dd Permissions, ignore 2012-06-16 15:43:45 -05:00
HD Moore 6dd8fd2e05 Move the cache rebuild into a background job 2012-06-16 15:41:37 -05:00