5004515187
Resolved conflicts merging back from release
...
Merge branch 'release'
Conflicts:
lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb
modules/exploits/windows/license/flexnet_lmgrd_bof.rb
2012-05-24 00:27:41 -05:00
101abb45a1
Merge branch 'bug/4400-postgres-store-loot' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-bug/4400-postgres-store-loot
2012-05-23 20:38:03 -05:00
22601180f3
Save the pilfered file as loot
2012-05-23 18:07:13 -06:00
ac0d22453a
Merge pull request #414 from wchen-r7/apprain
...
Add CVE-2012-1153
2012-05-23 16:34:30 -07:00
8d837f5d20
Module description update. TARGETURI description update.
2012-05-23 18:33:32 -05:00
fab3bfcea1
Add CVE-2012-1153
2012-05-23 17:50:13 -05:00
0b7b71e240
Correct run-on sentence
2012-05-23 10:27:23 -05:00
94f114b69a
Fix typos
2012-05-23 10:22:52 -05:00
7a4f1a111b
Merge branch 'cve-2008-0320_openoffice_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-cve-2008-0320_openoffice_bof
2012-05-23 10:20:16 -05:00
287d68f304
added module for CVE-2008-0320
2012-05-23 17:14:11 +02:00
a37e98f159
Updating release from master.
2012-05-22 14:12:08 -05:00
c4b64a51f7
Added reference to vendor advisory
2012-05-22 13:22:26 -05:00
87ce3fe2f7
Adding extra ref from jjarmoc
2012-05-22 11:17:57 -05:00
c9604d8902
Add an invisible reference
2012-05-22 10:52:54 -05:00
d9ab464d4d
A very quick update to the title.
2012-05-22 03:11:05 -05:00
c9aa057b6d
Merge pull request #407 from wchen-r7/osx_voice
...
OSX Text-to-Speech tool
2012-05-22 01:06:50 -07:00
ca08e225fb
Add OSX Text-to-Speech tool
2012-05-22 03:03:30 -05:00
c823e8099e
randomization when possible for flexnet_lmgrd_bof
2012-05-22 08:32:10 +02:00
cafe803217
Fix typos
2012-05-21 16:32:33 -05:00
72b1f113ce
Added module for ZDI-12-052
2012-05-21 16:32:33 -05:00
df85e4f586
Remove trailing comma
2012-05-21 16:28:02 -05:00
17943c7a48
Makes it so we don't ever use local config files for Net::SSH
...
Also makes sure that the :config =>false option keeps
Net:SSH from meddling with knowns_hosts too
2012-05-21 16:09:08 -05:00
c386e1ce31
Add an option to the schemadump modules to not display output to the
...
screen
2012-05-21 16:09:07 -05:00
77f95df1e9
Banner encoding fix when running against dd-wrt on ruby 1.9.3
2012-05-21 14:50:57 -05:00
125aa43072
PowerShell post module download and exec
...
This adds sempervictus's PowerShell post module, along with a default
post module one can use for quick testing (for expected results, see
the screencap Gist at https://gist.github.com/6011cb87b01e970deca8
[Closes #403 ]
Squashed commit of the following:
commit c6b5a6aac1dc8781c67b611289d7710129592e83
Author: Tod Beardsley <todb@metasploit.com>
Date: Mon May 21 14:43:48 2012 -0500
Minor tweaks to language
commit ef088e135cd7b0ccb514a3011889154661d5bd09
Merge: 0a05455 1e14211
Author: Tod Beardsley <todb@metasploit.com>
Date: Mon May 21 14:34:27 2012 -0500
Merge remote branch 'todb/default-powershell' into Pull403
commit 0a0545558604c53d4648e3314ca8963ff9b225a7
Author: Tod Beardsley <todb@metasploit.com>
Date: Mon May 21 14:33:33 2012 -0500
Reverting unrelated telnet fix
While I'm sure it's great, it needs to be tested.
commit 1e1421102b44a4c60c6eb9b442227075e959d7c6
Author: Tod Beardsley <todb@metasploit.com>
Date: Mon May 21 14:14:09 2012 -0500
Adds a default path to a script for exec_powershell.rb
commit 9978787f44896d06744d50febf4344111edcd7b1
Author: Tod Beardsley <todb@metasploit.com>
Date: Mon May 21 14:06:46 2012 -0500
Adds a new default powershell script
commit 25b605949fbf772e95a510162ca5af510c59788f
Author: RageLtMan <rageltman [at] sempervictus>
Date: Mon May 21 14:15:15 2012 -0400
Synchronized SVIT version of lib...powershell.rb to github. Adds timeout option, check for script encoding, etc. Added post/windows/manage/powershell folder with script execution module. Other modules which can be placed here would be WinRM meterp exec, PS persistence, etc
commit c4a7fd932fb8850de732bfa911cf8d729a5db42d
Merge: 21b31f1 36207eb
Author: RageLtMan <rageltman [at] sempervictus>
Date: Mon May 21 14:07:26 2012 -0400
msfvenom formatting merge conflict fix
commit 36207eb21ee04483c19790b5db7855d0a715e43d
Merge: c77eb03 4772c12https://github.com/rapid7/metasploit-framework
commit 21b31f10c505862c14234824d4dabbb6fdfe7cbb
Merge: 81a7d62 c77eb03
Author: RageLtMan <rageltman [at] sempervictus>
Date: Fri May 18 12:57:52 2012 -0400
Merge branch 'master' into powershell
commit c77eb03ca4428a741f5d231b3ec1cf80c90e9395
Merge: 89d5af7 52183aahttps://github.com/rapid7/metasploit-framework
commit 89d5af7ab2fe1ce31cd70561893d94bb73f3762c
Author: RageLtMan <rageltman [at] sempervictus>
Date: Fri Mar 2 01:28:02 2012 -0500
Banner encoding fix when running against dd-wrt on ruby 1.9.3
commit 81a7d62c6dab8404c1c0566a8be84c7280edeef8
Author: RageLtMan <rageltman [at] sempervictus>
Date: Tue Mar 20 20:19:13 2012 -0400
powershell for msfvenom
commit 672c7bc37ea37a3b111f755ef17fe0c16047e488
Merge: 3e86dc4 ed542e2f89853df6a6963https://github.com/rapid7/metasploit-framework into powershell
commit e69fcd1a83412d6c0c96605b5acf0675e5b07205
Author: RageLtMan <rageltman@sempervictus.com>
Date: Wed Jan 25 07:59:38 2012 -0500
msfvenom psh addition
commit 9a5d8ead7e69c40ff5e9a73244165a5685ca47ec
Author: RageLtMan <rageltman@sempervictus.com>
Date: Wed Jan 25 07:29:38 2012 -0500
Proper author reference
commit 9fd8ac75a89ca2678b0d09192227eb23f00bf549
Author: RageLtMan <rageltman@sempervictus.com>
Date: Tue Jan 24 19:07:30 2012 -0500
Fix script handling
commit fa363dfe965382a9f89ff404398e38e8f164c11a
Author: RageLtMan <rageltman@sempervictus.com>
Date: Tue Jan 24 17:31:09 2012 -0500
added Msf::Post::Windows::Powershell, reworked post module to use mixin
commit e078d15b5464ff47ce616334d8cb1aa84a00df33
Author: RageLtMan <rageltman@sempervictus.com>
Date: Mon Jan 23 13:42:35 2012 -0500
vprint_good change
commit 355f8bb19a62d974c5c89079dd26dd4cbb756c0a
Author: RageLtMan <rageltman@sempervictus.com>
Date: Mon Jan 23 12:50:51 2012 -0500
exec powershell module
commit 5f9509444953f25352c994f90cae8a168878f7ea
Author: RageLtMan <rageltman@sempervictus.com>
Date: Mon Jan 23 12:45:41 2012 -0500
powershell encoder support - Redmine Feature #6049
2012-05-21 14:48:16 -05:00
4772c1258e
Removing hashcollision_dos module due to license violation
...
The description text is a copy-paste of
http://www.ocert.org/advisories/ocert-2011-003.html , which has a
specific creative commons liscence prohibiting derivative works.
Since I have no idea what else in this module is a license violating,
I'm pulling it completely. I suspect a lot, though -- there are weird
all-caps methods in the module that look like copy-pastes as well.
Next time, please contribute original work, or at least work that is not
encumbered by restrictive licensing.
2012-05-21 11:28:58 -05:00
675dfe4e14
Don't keep the weblogi return codes secret
2012-05-21 11:27:24 -05:00
1104dccde8
Noting rhost/rport, cli.peerhost where appropriate
...
There's no msftidy check for this, and it's irritating to have to
remember to do this all the time.
2012-05-21 11:19:02 -05:00
7cc905832e
Consistent caps on SVG in batik_svg_java exploit
...
Also, modules should not refer to themselves as "I" or "me." It's
creepy.
2012-05-21 11:14:03 -05:00
5dd866ed4a
Fixed print_status to include rhost:rport
...
Also don't let the failed user:pass be a mystery to the user.
2012-05-21 11:11:34 -05:00
eea20e773b
Capitalization fixups on hashcollision_dos
2012-05-21 11:06:18 -05:00
1fc7597a56
Msftidy fixes.
...
Fixed up activecollab_chat, batik_svg_java, and foxit_reader_launch
All whitespace fixes.
2012-05-21 10:59:52 -05:00
822e109b1f
Merge pull request #398 from wchen-r7/foxit_reader_launch
...
CVE-2009-0837 by bannedit - Foxit Reader 3 Launch Action BoF
2012-05-20 07:58:29 -07:00
ba2787df8a
add osvdb ref
2012-05-20 07:13:56 -05:00
c95a06e247
add osvdb ref
2012-05-20 07:13:31 -05:00
628233d15c
Merge pull request #399 from wchen-r7/hp_storageworks
...
Add HP StorageWorks VSA command execution vulnerability
2012-05-19 14:14:49 -07:00
d8c3edd316
Add HP StorageWorks VSA command execution vulnerability
2012-05-19 14:53:45 -05:00
f9bcb95952
Correct EDB references
2012-05-19 02:24:29 -05:00
964a6af423
Add Active Collab chat module PHP injection exploit, by mr_me
2012-05-19 02:06:30 -05:00
e4f80a1fab
Francisco is the the one who found it according to advisory
2012-05-18 17:12:52 -05:00
41aac751e9
Add CVE-2009-0837 by bannedit - Foxit Reader 3 Launch Action Buffer Overflow
...
This was added last year, but yanked due to some reliability issues.
bannedit gave me the updated version recently, and the issue he was having
appears to be resolved.
There is no good P/P/R to use in XP SP3, so that system isn't supported.
2012-05-18 13:25:51 -05:00
bedf010676
description modified
2012-05-18 01:23:09 +02:00
e7f5bf132c
trying to improve bea weblogic connector bof
2012-05-18 01:13:56 +02:00
c0d17734ed
Improve run-on sentences.
2012-05-17 15:00:00 -05:00
32a0596a03
Merge branch 'oracle_bea_post_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-oracle_bea_post_bof
2012-05-17 14:52:10 -05:00
c4ab521d7b
better tab indentation
2012-05-17 21:41:31 +02:00
0b35ab6a75
If the target isn't support, make sure we warn the user
2012-05-17 12:34:17 -05:00
a21e832336
fingerprinting bea connector with Transfer-Encoding
2012-05-17 19:21:16 +02:00
952ada1742
Fix broken target (variable naming)
2012-05-17 11:37:49 -05:00
2fccf4674f
Be explicit on what version we've tested
2012-05-17 11:04:40 -05:00
Tod Beardsley
sinn3r
James Lee
sinn3r
jvazquez-r7
Jeff Jarmoc
David Maloney
RageLtMan
Steve Tornio