infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
22,620 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

22620 Commits (52371be52af753d271103ffe0cba313d1e2b7a30)

Author SHA1 Message Date
William Vu 52371be52a Clarify why contributors are listed as authors 
Also adding @mcantoni to the list of authors. Sorry we missed you!

Dear contributors,

Even though we weren't able to use your code, we absolutely appreciate
that you wrote it. That's why we're listing you as authors. Thanks!!!

https://dev.metasploit.com/redmine/issues/6034
https://dev.metasploit.com/redmine/issues/5217
https://dev.metasploit.com/redmine/issues/6864
 2014-01-25 18:02:17 -06:00
William Vu a67068f019 Correct author name 
Was using the name quoted in Redmine. Technically, the author is Myo Soe
of the YGN Ethical Hacker Group (YEHG).
 2014-01-23 19:09:20 -06:00
William Vu dc4b4218b3 Make {COUNT,SIZE}_MAX more readable 
Good suggestion, @jlee-r7.
 2014-01-21 12:13:14 -06:00
William Vu 6a16cf96ba Fix bug in fsupload 
Badchar analysis: file may contain form feeds.
 2014-01-21 11:36:24 -06:00
Tod Beardsley 82bd1fa466
Land #2898, msftidy articles fix. 2014-01-21 09:37:56 -06:00
William Vu 3a943c719e Implement a whitelist for suspect capitalization 2014-01-21 09:26:16 -06:00
sinn3r 7cc3c47349
Land #2891 - HP Data Protector Backup Client Service Directory Traversal 2014-01-20 20:08:01 -06:00
jvazquez-r7 4e224132e8
Land #2893, @wchen-r7's patch for jboss_invoke_deploy 2014-01-17 22:06:11 -06:00
jvazquez-r7 e2fa581b8c Delete empty line 2014-01-17 22:05:14 -06:00
sinn3r 57318ef009 Fix nil bug in jboss_invoke_deploy.rb 
If there is a connection timeout, the module shouldn't access the
"code" method because that does not exist.
 2014-01-17 11:47:18 -06:00
jvazquez-r7 c670259539 Fix protocol handling 2014-01-17 00:49:44 -06:00
jvazquez-r7 eaf1b0caf6 Add minor clean up 2014-01-16 17:55:45 -06:00
jvazquez-r7 f3c912bd32 Add module for ZDI-14-003 2014-01-16 17:49:49 -06:00
jvazquez-r7 ac9e634cbb
Land #2874, @mandreko's sercomm exploit fixes 2014-01-16 16:35:32 -06:00
Tod Beardsley 62c7839b4c
Land #2850, fix msftidy to respect \x22 and \x27 2014-01-16 16:26:34 -06:00
jvazquez-r7 272fe5ddfd Delete debug comments 2014-01-16 16:12:12 -06:00
Matt Andreko f6f2da09aa Merge pull request #4 from jvazquez-r7/review_2874 
Clean CmdStagerEcho and Add module targets
 2014-01-16 13:57:59 -08:00
sinn3r a1eba03d1f
Land #2725 - Rex::Proto::PJL plus modules 2014-01-16 15:57:38 -06:00
jvazquez-r7 8213eed49f Delete Netgear N150 target, ist's a Netgear DGN1000 model 2014-01-16 15:14:31 -06:00
William Vu 6110ad72b3 Update tests and ensure full coverage 2014-01-16 15:11:04 -06:00
William Vu 9bf90b836b Add environment variables support 2014-01-16 14:53:25 -06:00
jvazquez-r7 139119d32c Add Manual targets to sercomm_exec 2014-01-16 12:44:26 -06:00
William Vu 0915212249 Fix socket timeout bug 2014-01-16 11:58:37 -06:00
jvazquez-r7 0922aef8d1 Update module description 2014-01-16 11:16:11 -06:00
jvazquez-r7 0b9ff43217 Make slice_up_payload easier 2014-01-16 11:03:22 -06:00
jvazquez-r7 f41849c921 Clean CmdStagerEcho 2014-01-16 11:00:57 -06:00
jvazquez-r7 2e6b1c7552
Land #2878, @mandreko's fix for sercomm credentials parsing 2014-01-16 07:27:55 -06:00
William Vu 311704fc0a Perform final cleanup 2014-01-15 13:49:37 -06:00
joev 1197426b40
Land PR #2881, @jvazquez-r7's mips stagers. 2014-01-15 12:46:41 -06:00
William Vu d9fb03fcbc
Merge remote-tracking branch 'origin/pr/2' into feature/pjl 2014-01-15 12:11:57 -06:00
joev 0833da465a
Lands #2832, @jvazquez-r7's fixes to mipsel shellcode. 2014-01-15 12:03:17 -06:00
jvazquez-r7 0b1671f1b8 Undo debugging comment 2014-01-14 17:02:30 -06:00
jvazquez-r7 6372ae6121 Save some parsing 2014-01-14 17:00:00 -06:00
jvazquez-r7 a056d937e7 Fluch data cache and improve documentation 2014-01-14 14:06:01 -06:00
jvazquez-r7 a8806887e9 Add support for MIPS reverse shell staged payloads 2014-01-14 12:25:11 -06:00
William Vu 5d387c96ec
Land #2879, minor code formatting missed in #2863 2014-01-14 11:22:09 -06:00
William Vu f7f464f60a
Land #2877, module_rank.rb TypeError fix 2014-01-14 11:11:42 -06:00
sgabe b4280f2876 Very minor code formatting 2014-01-14 13:35:00 +01:00
Matt Andreko 2d40f936e3 Added some additional creds that were useful 2014-01-13 23:15:51 -05:00
Matt Andreko 42fb8c48d1 Fixed the credential parsing and made output consistent 
So in the previous refactor, we made the dedicated method to parse
usernames and passwords from the split up config values. However, that
didn't work, because on a single iteration of the loop, you only have
access to a possible username OR password. The other matching key will
be another iteration of the loop. Because of this, no credential pairs
were being reported.

The only way I can see around this (maybe because I'm a ruby newb) would
be to iterate over configs, and if the user or password regex matches,
add the matching value to a hash, which is identified by a key for both
user & pass. Then upon completion of the loop, it'd iterate over the
hash, finding keys that had both user & pass values.
 2014-01-13 22:57:25 -05:00
Ethan Robish 28655d4788 Fixed bug that caused runtime error in module_rank.rb 2014-01-13 19:03:23 -06:00
sinn3r 39e98a4c4e
Land #2876 - Fix undefined method `[]' for nil:NilClass in module.rb 
[FixRM #8740]
 2014-01-13 18:02:20 -06:00
sinn3r ad832adfc1
Land #2846 - Update mipsle shell_bind_tcp shellcode 2014-01-13 17:37:08 -06:00
HD Moore 68ccdc8386 Fix a stack trace when module_payloads.rb is run 
This fixes a missing check for self.target being nil in the compatible_payloads method
 2014-01-13 15:36:33 -08:00
Matt Andreko b7b1ddf1e8 Sercomm Exploit module fixes 
Added targets for 8 specific targets that I've tested: Cisco WAP4410N,
Honeywell WAP-PL2 IP Camera, Netgear DG834, Netgear DG834G, Netgear
DG834PN, Netgear DGN1000, Netgear DSG835, Netgear WPNT834
Added functionality to the CmdStagerEcho mix-in to support encoding via
octal instead of hex based on the :enc_type option. This is because many
devices would not output hex encoded values properly.
Added options on a per-target basis for the PackFormat (endian pack()
values for communication), UploadPath (because /tmp wasn't always
writable), and PayloadEncode (previously mentioned octal encoding
option)
Note for some reason, some devices communicate over one endianness, but
then require a payload for the other endianess. I'm not sure what's
causing this, but if those specific combinations are not used, the
exploit fails. More research may be required for this.
 2014-01-13 16:58:32 -05:00
William Vu 4ccf1a4720
Land #2873, Msf::Handler::ReverseHttp::UriChecksum 2014-01-13 15:38:56 -06:00
David Maloney 41807d7e4e move rev_http uri checksum code 
need access to the uri checksum
routines outside of the handler.
moved them to their own mixin
and then mixed into the handler.
added specs also
 2014-01-13 15:18:16 -06:00
Tod Beardsley 804b26bac6
Land #2872, switch for ARCH_MIPSBE 2014-01-13 15:10:27 -06:00
Brandon Turner e725d18922
Land #2871, update ms08_067 description syntax 2014-01-13 15:07:10 -06:00
jvazquez-r7 24c57b34a7 Have into account endianess 2014-01-13 15:04:23 -06:00