eb185375f7
Trim to core requirements
...
Remove .NET compiler, post lib and modules.
2013-07-20 19:31:26 -04:00
dc15c5b505
Merge branch 'master' into powershell_import
...
Resolve conflicts from old code being pulled into master.
Conflicts:
lib/msf/core/exploit/powershell.rb
modules/exploits/windows/smb/psexec_psh.rb
2013-07-20 19:29:55 -04:00
cd14569dcf
Revert "post/local_admin_search_enum~Regex fails,module 2"
...
@g0tm1lk: no clue, you must've pwned me in your sl33p. :)
2013-07-20 19:26:03 -04:00
cb108a8253
Add module for ZDI-13-147
2013-07-18 15:37:11 -05:00
6885ef8aa4
Land #2123 , mutiny_frontend_upload code cleanup
2013-07-18 14:38:03 -05:00
a1a6aac229
Delete debug code from mutiny_frontend_upload
2013-07-18 14:03:19 -05:00
efb8591a49
Update apple_quicktime_rdrf references
2013-07-18 13:57:31 -05:00
a2ea5dd472
Land #2119 - Accept args for osx exec payload
2013-07-18 13:37:48 -05:00
b64d0429ac
Format fix
...
Just to make this more pleasing to the eyes
2013-07-18 13:36:31 -05:00
b90e1d54e2
Land #2117 - HP Managed Printing Administration jobAcct Command Exec
2013-07-18 13:21:11 -05:00
280529f885
Make some changes to the description
2013-07-18 13:20:36 -05:00
cd2e352971
Kill extra whitespace.
2013-07-18 11:30:54 -05:00
b94cde1d65
Name change for pyoor
2013-07-18 10:50:25 -05:00
c7ffe96f15
Land #2115 , module title disambiguation
2013-07-18 10:37:00 -05:00
3780b1b59f
Add module for ZDI-11-352
2013-07-18 09:39:55 -05:00
766a8d5817
Shellwords! Now you can use exec to get you a perl shell
2013-07-17 21:16:04 -05:00
9c1228067c
Change to += syntax.
2013-07-17 21:11:24 -05:00
bf023f261a
Delete comma
2013-07-17 20:46:03 -05:00
7ee4855345
Fix msftidy and delete duplicate stack adjustment
2013-07-17 20:45:54 -05:00
ab088712ba
Removes unnecessary copy-to-stack. Fixes arg-order issue.
...
* Now I simply point to the string in instruction-memory, which saves a few bytes.
2013-07-17 20:27:20 -05:00
5ab81e7e37
Convert to readable asm. Adds support for arguments.
...
* shellcode appears to do an unnecessary copy-to-stack, so will look into
improving that.
2013-07-17 19:20:47 -05:00
6713fb1609
Fix typos
2013-07-17 18:06:40 -05:00
3ac2ae6098
Disambiguate the module title from existing psexec
2013-07-17 17:11:56 -05:00
9ae7c80b15
Add more targets plus some other corrections
2013-07-17 14:43:41 -05:00
c85b994c07
Add CVE-2013-1017: Apple Quicktime Invalid Atom Length BoF
...
This module exploits a vulnerability found in Apple Quicktime. The
flaw is triggered when Quicktime fails to properly handle the data
length for certain atoms such as 'rdrf' or 'dref' in the Alis record,
which may result a buffer overflow by loading a specially crafted .mov
file, and allows arbitrary code execution under the context of the user.
2013-07-17 13:45:05 -05:00
73fd14a500
Fix [SeeRM #8239 ] NoMethodError undefined method
2013-07-16 15:59:52 -05:00
94f8b1d177
Land #2073 , psexec_psh
2013-07-12 16:14:17 -05:00
f81369a10d
Don't make promises about AV detection
2013-07-12 16:13:02 -05:00
bc88732400
Prints don't need to be rescued
2013-07-12 15:56:04 -05:00
529471ed53
Land #2081 - MediaCoder .M3U Buffer Overflow
2013-07-11 23:57:43 -05:00
1341d6ec6b
Remove extra commas and try to keep a line in 100 columns
2013-07-11 23:54:54 -05:00
d9f212320f
Land #2094 , @wchen-r7's changes for smb_enumshares
2013-07-11 18:38:19 -05:00
279787d942
Make this error less verbose too
2013-07-11 17:36:11 -05:00
0906345af4
Ah, typo
2013-07-11 16:53:39 -05:00
eb1905025d
I bet having ip:rport will make more sense
2013-07-11 16:45:52 -05:00
0a9c1bcfff
Too verbose by default drives users nuts, go easy on that.
2013-07-11 13:41:22 -05:00
55dbfc9281
shares_info should only run if there's shares found
2013-07-11 13:36:26 -05:00
14b3e6440c
Check nil
2013-07-11 13:31:30 -05:00
1cf65623d6
Small desc update
2013-07-11 13:20:39 -05:00
d9107d2bd9
Add module for CVE-2013-3248
2013-07-11 12:30:08 -05:00
ca0880428f
Make sure module is awre of USE_SRVSVC_ONLY if that kicks in
2013-07-11 11:08:09 -05:00
a6ce629c3c
Capture a 0xC00000BB condition, plus some other fixes
2013-07-11 10:52:58 -05:00
3e229fe236
[SeeRM:#1233] - Upgrade smb_enumshares to show directories & files
...
[SeeRM:#1233] - This is an upgrade based on ringt's code in PR #2017 .
As a pentester, it's useful to obtain additional information such as
device type, access rights, folders, and files, etc when doing a share
enumeration. I have also enhanced exception handling to avoid shutting
errors up, which is better for debugging purposes.
2013-07-11 00:06:25 -05:00
8ade33552c
Land #2085 , use the new network_interface gem.
2013-07-10 13:15:01 -05:00
16c9effcb4
make msftidy happy
2013-07-11 00:32:32 +07:00
8de88cbd05
change target from win7 sp1 to win7 sp0, fix description
2013-07-11 00:14:30 +07:00
4a3dc2e365
Print all the creds! All your base belong to me.
...
After a short discussion with Tod, we think it's best to print the
creds by default. If some dude runs Metasploit in a public place,
dumps passwords, and gets shoulder surfed, well, sucks for them :-p
2013-07-09 19:56:44 -05:00
d3433a017b
Print hash too
2013-07-09 16:39:24 -05:00
234624793c
Add module for CVE-2013-1814
2013-07-09 14:03:35 -05:00
5c93fb2849
arp_sweep is once again working
...
modified the capture mixin to use NetworkInteface instead of
pcaprub for interfaces and addresses
FIXRM #8023,#7943
2013-07-08 17:24:28 -05:00
RageLtMan
jvazquez-r7
William Vu
sinn3r
Joe Vennix
Tod Beardsley
James Lee
modpr0be
lsanchez-r7