infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
17,254 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

2946 Commits (546e24a9c698c3467071f5dc828a843035660246)

Author SHA1 Message Date
jvazquez-r7 546e24a9c6 Merge branch 'external_ip_discovery' of https://github.com/sempervictus/metasploit-framework into sempervictus-external_ip_discovery 2013-03-11 20:35:07 +01:00
jvazquez-r7 074ea7dee4 Merge branch 'ssl' of https://github.com/luh2/metasploit-framework into luh2-ssl 2013-03-11 15:36:20 +01:00
James Lee 2160718250 Fix file header comment 
[See #1555]
 2013-03-07 17:53:19 -06:00
RageLtMan 25f3f935c4 Apply Egypt's cleanup 
Remove revision, raise the exception itself, remove scanner mixin,
datastore['RHOST'] unstead of RHOSTS, and useles agent var removed.
 2013-03-07 18:34:12 -05:00
J.Townsend db1f4d7e1d added license info 2013-03-07 00:20:02 +00:00
J.Townsend e8c1899dc2 added license info 2013-03-07 00:18:32 +00:00
J.Townsend 3946cdf91e added license info 2013-03-07 00:17:55 +00:00
J.Townsend 1b493d0e4c added license info 2013-03-07 00:16:26 +00:00
J.Townsend 9e89d9608f added license info 2013-03-07 00:11:45 +00:00
J.Townsend 56639e7f15 added license info 2013-03-07 00:10:46 +00:00
RageLtMan dfe3a4f394 msftidy and module placement per todb 2013-03-06 17:36:01 -05:00
RageLtMan 225b15f7f3 Add external IP discovery module 
This module performs an HTTP request to ifconfig.me/ip.
The body of the response contains the publicly routable IP from
which the request originated. This can be useful in discovering
routes on pivoted hosts and initial recon as a simple aux module.
 2013-03-05 23:42:31 -05:00
James Lee ca43900a7c Merge remote-tracking branch 'R3dy/psexec-mixin2' into rapid7 2013-03-05 16:34:11 -06:00
jvazquez-r7 781132b1cf cleanup for openssl_aesni 2013-03-05 22:41:16 +01:00
jvazquez-r7 784c075986 Merge branch 'module-cve-2012-2686' of https://github.com/ettisan/metasploit-framework into ettisan-module-cve-2012-2686 2013-03-05 22:40:46 +01:00
James Lee 27727df415 Merge branch 'R3dy-psexec-mixin2' into rapid7 2013-03-05 14:36:55 -06:00
Wolfgang Ettlinger 867875b445 Beautified OpenSSL-AESNI module 
Modifed the CVE-2012-2686 module to follow
suggestions by @jvazquez-r7:
* Added description for all fields in the
  SSL packets
* MAX_TRIES now required
* use get_once instead of timeout
 2013-03-04 19:09:50 +01:00
David Maloney 71ba044d03 remove debugging aid 2013-03-04 11:25:34 -06:00
David Maloney 6dcca7df78 Remove duplicated header issues 
Headers were getting duped back into client config, causing invalid
requests to be sent out
 2013-03-04 11:24:26 -06:00
David Maloney 4212c36566 Fix up basic auth madness 2013-03-01 11:59:02 -06:00
David Maloney b2f68f0fdb Merge branch 'dmaloney-r7-feature/http/authv2' of git://github.com/jlee-r7/metasploit-framework into jlee-r7-dmaloney-r7-feature/http/authv2 2013-02-28 14:37:37 -06:00
David Maloney c290bc565e Merge branch 'master' into feature/http/authv2 2013-02-28 14:33:44 -06:00
jvazquez-r7 8f58c7b25e cleanup for sap_icf_public_info 2013-02-28 18:47:48 +01:00
jvazquez-r7 0dcfb51071 cleanup for sap_soap_rfc_system_info 2013-02-28 18:46:18 +01:00
jvazquez-r7 1a10c27872 Merge branch 'sap_rfc_system_info' of https://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-sap_rfc_system_info 2013-02-28 18:45:42 +01:00
Wolfgang Ettlinger e7015985e7 Added CVE-2012-2686 
Added Module for a DoS issue in OpenSSL (pre 1.0.1d). Can be exploited
with services that use TLS >= 1.1 and AES-NI. Because of improper
length computation, an integer underflow occurs leading to a
segmentation fault. This module brute-forces serveral encrypted
messages - when the decrypted message coincidentally specifies a
certain value for the size, the integer underflow occurs. Though this
could be accomplished more effectively (e.g. implementing or
maninpulating and TLS implementation), this module still does what it
should do.
 2013-02-27 22:57:53 +01:00
James Lee d3b3587660 Merge branch 'rapid7' into dmaloney-r7-feature/http/authv2 2013-02-27 14:01:57 -06:00
J.Townsend cbce1bdff2 update module description 
This adds the version of wordpress the issue was fixed in to the description
 2013-02-26 00:24:46 +00:00
James Lee 1ce86b7adb Whitespace 2013-02-25 14:29:10 -06:00
sinn3r cae1939914 Kinda too long 2013-02-25 13:44:11 -06:00
Matt Andreko 2c0a916c83 Made the password optional 2013-02-23 17:14:30 -05:00
Matt Andreko b221711ecd Added basic error handling 2013-02-23 10:24:04 -05:00
Matt Andreko 67c2c3da20 Code Review Feedback 
Fixed the USER/PASS that I missed in last review
Converted from Scanner module to Gather
 2013-02-23 10:09:23 -05:00
James Lee fc07bf16e7 Merge branch 'rapid7' into dmaloney-r7-feature/http/authv2 2013-02-22 15:41:49 -06:00
Matt Andreko b4f002d080 Code Review Feedback 
Modified USER and PASS to USERNAME and PASSWORD
Moved the Scanner mixin to the bottom and removed deregister
 2013-02-21 16:55:27 -05:00
Matt Andreko 4784db3403 Fixed name 2013-02-21 15:48:41 -05:00
Matt Andreko 29cb4b1008 Merge remote-tracking branch 'upstream/master' into xbmc 2013-02-21 15:25:37 -05:00
Royce Davis ac50c32d51 Tested, works on server 2k8 2013-02-20 10:02:50 -06:00
David Maloney 0ae489b37b last of revert-merge snaffu 2013-02-19 23:16:46 -06:00
sinn3r 92093cd7d8 There's no HttpClient, so it shouldn't be using normalize_uri 2013-02-19 15:04:18 -06:00
James Lee 4703278183 Move SMB mixins into their own directory 2013-02-19 12:55:06 -06:00
James Lee ede804e6af Make psexec mixin a bit better 
* Removes copy-pasted code from psexec_command module and uses the mixin
  instead

* Uses the SMB protocol to delete files rather than psexec'ing to call
  cmd.exe and del

* Replaces several instances of "rescue StandardError" with better
  exception handling so we don't accidentally swallow things like
  NoMethodError

* Moves file reading and existence checking into the Exploit::SMB mixin
 2013-02-19 12:33:19 -06:00
James Lee 49f00acc11 Fix nil deref when dnsdomain is empty 2013-02-19 11:24:05 -06:00
Chris John Riley d49797267e Correct SAP Table Name 2013-02-19 11:20:49 +01:00
Chris John Riley 358b2f5783 Added module credit as this has turned into a rewrite ;) 2013-02-19 11:15:04 +01:00
Chris John Riley f3cf8ad1b9 Whitespace EOL 2013-02-19 11:13:33 +01:00
Chris John Riley a75bae927d Replaced report_note and table output with single function 
Added proposed extract data function (HDM)
 2013-02-19 11:12:12 +01:00
Chris John Riley d4011227e3 Made suitable changes to original module also (only report on non empty response) 2013-02-19 09:43:36 +01:00
Chris John Riley 4170a85d8a Added logic to only report when value is present 2013-02-19 09:42:13 +01:00
jvazquez-r7 ec5c8e3a88 Merge branch 'dlink-dir300-600-execution' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink-dir300-600-execution 2013-02-16 19:12:42 +01:00