David Maloney
5497d091fc
fix gpp attribution and description
2012-06-23 12:45:56 -05:00
David Maloney
534008b010
Major rework of the gpp module
...
Took the combination work Meatballs did
on pulling togetehr the three seperate gpp modules.
Cleaned it up and cut it down to a smaller, smoother form.
2012-06-23 12:42:33 -05:00
David Maloney
89e554de2b
Adds post module for stealing GPP Passwords
...
Post module steals Group Policy Preferences account
passwords.
2012-06-11 21:20:18 -05:00
Michael Schierl
34ecc7fd18
Adding @schierlm 's AES encryption for Java
...
Tested with and without AES, works as advertised. Set an AESPassword,
get encryptification. Score.
Squashed commit of the following:
commit cca6c5c36ca51d585b8d2fd0840ba34776bc0668
Author: Michael Schierl <schierlm@gmx.de>
Date: Wed Apr 4 00:45:24 2012 +0200
Do not break other architectures
even when using `setg AESPassword`
commit 422d1e341b3865b02591d4c135427903c8da8ac5
Author: Michael Schierl <schierlm@gmx.de>
Date: Tue Apr 3 21:50:42 2012 +0200
binaries
commit 27368b5675222cc1730ac22e4b7a387b88d0d2b3
Author: Michael Schierl <schierlm@gmx.de>
Date: Tue Apr 3 21:49:10 2012 +0200
Add AES support to Java stager
This is compatible to the AES mode of the JavaPayload project.
I'm pretty sure the way I did it in the handlers (Rex::Socket::tcp_socket_pair())
is not the supposed way, but it works :-)
2012-06-11 16:13:25 -05:00
Juan Vazquez
026d84de00
Merge pull request #470 from jvazquez-r7/struts_code_exec_exception_delegator_on_new_session
...
struts_code_exec_exception_delegator: on_new_session handler modified
2012-06-11 03:08:54 -07:00
jvazquez-r7
02a5dff51f
struts_code_exec_exception_delegator_on_new_session: on_new_session modified
2012-06-11 12:07:38 +02:00
Juan Vazquez
a43cf76591
Merge pull request #463 from schierlm/struts_arch_java
...
Add ARCH_JAVA support to struts_code_exec_exception_delegator
2012-06-11 03:05:37 -07:00
sinn3r
c5088ad670
Merge branch 'master' into fusionvm-import
2012-06-11 02:16:43 -05:00
HD Moore
59f591ac46
Adds jcran's MySQL bruteforce and dump module for CVE-2012-2122
2012-06-11 01:42:06 -05:00
sinn3r
93a2e29ed7
Merge branch 'darkoperator-skype_enum'
2012-06-11 01:41:01 -05:00
sinn3r
d226d80919
Make msftidy happy
2012-06-11 01:34:18 -05:00
sinn3r
2847ed9c43
Merge branch 'skype_enum' of https://github.com/darkoperator/metasploit-framework into darkoperator-skype_enum
2012-06-11 01:28:13 -05:00
Carlos Perez
bb80124d63
Added support for shell and tested on OSX 10.6 and 10.7. Added additional session type checks.
2012-06-10 21:59:14 -04:00
sinn3r
b8b2f2bfce
Merge branch 'master' into fusionvm-import
2012-06-10 18:25:01 -05:00
David Maloney
fc0dc23752
Some handling around empty elements
2012-06-10 17:04:47 -05:00
David Maloney
a20c85a655
Remove binding.pry call
2012-06-10 17:01:31 -05:00
David Maloney
f9999a3033
Add FusiuonVM Importer
...
This adds a nokogiri stream parser for XML reports from
Critical Watch's FusionVM.
2012-06-10 16:38:28 -05:00
jvazquez-r7
b908ccff0f
Added module for CVE-2012-0297
2012-06-10 22:38:58 +02:00
sinn3r
74c6eb6f78
Change the title and add a Microsoft reference.
...
This is a MS bug, therefore it's important to point out which
bulletin it belongs to.
2012-06-10 14:45:15 -05:00
sinn3r
efcb206cdf
Correct a typo
2012-06-10 14:38:14 -05:00
HD Moore
881ec8d920
Make the description clear that it only reads 4k, default datastore['FD'] to 1
2012-06-10 13:20:02 -05:00
sinn3r
15fa178a66
Add the MSF license text (since MSF_LICENSE is already set)
2012-06-10 02:07:27 -05:00
sinn3r
c7546638f2
Merge branch 'master' of https://github.com/linuxgeek247/metasploit-framework into linuxgeek247-master
2012-06-10 01:58:00 -05:00
sinn3r
498f3323f3
Merge branch 'ms12_005' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ms12_005
2012-06-10 01:53:46 -05:00
sinn3r
8f6457661d
Change description
2012-06-10 01:52:26 -05:00
sinn3r
4743c9fb33
Add MS12-005 (CVE-2012-0013) exploit
2012-06-10 01:08:28 -05:00
linuxgeek247
2b67c5132c
Adding read_file linux shellcode
2012-06-09 20:36:47 -04:00
jvazquez-r7
f0082ba38f
Added module for CVE-2012-0299
2012-06-09 22:27:27 +02:00
Michael Schierl
b4d33fb85a
Add ARCH_JAVA support to struts_code_exec_exception_delegator
2012-06-09 21:53:43 +02:00
jvazquez-r7
a9ee2b3480
Use of make_nops
2012-06-08 19:20:58 +02:00
jvazquez-r7
91f5f304cb
Added module for CVE-2011-2217
2012-06-08 18:10:20 +02:00
sinn3r
3726ddddac
Software name correction thanks to modpr0be
2012-06-08 07:07:19 -05:00
sinn3r
3d5a519a2f
Merge branch 'shellwords-is-stupid' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-shellwords-is-stupid
2012-06-08 02:08:43 -05:00
sinn3r
41d49ed553
Another badchar analysis. Allow shorter delay (5sec to 1)
2012-06-08 01:59:09 -05:00
James Lee
1be9ce8649
Fixes command parsing in Post::Common
...
The meterpreter API wants arguments in a seperate string (not an array,
mind you) just so it can concatenate them on the server side.
Originally, I worked around that by using Shellwords.shellwords to pull
out the first token. But! Shellwords.shellwords inexplicably and
inexcusably removes backslashes in ways that make it impossible to quote
things on Windows. This commit works around both of those things.
2012-06-07 22:24:59 -06:00
sinn3r
e5b451c000
Too many tabs for the beginning of the description
2012-06-07 23:08:11 -05:00
sinn3r
520c0ca660
Make msftidy happy
2012-06-07 23:07:39 -05:00
sinn3r
61f5eddf47
Move winlog file
2012-06-07 23:03:30 -05:00
sinn3r
9adec7e7e7
Merge branch 'winlog-2.07.14' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-winlog-2.07.14
2012-06-07 23:02:23 -05:00
sinn3r
83d21df9f6
Merge branch 'master' of https://github.com/darkoperator/metasploit-framework into darkoperator-master
2012-06-07 22:58:50 -05:00
sinn3r
a709fe1fe3
Fix regex escaping thanks to w3bd3vil
2012-06-07 16:00:59 -05:00
sinn3r
33e6bdedee
Merge pull request #459 from rsmudge/armitage
...
Armitage 06.07.12
2012-06-07 10:52:49 -07:00
sinn3r
1eb73dec38
Merge branch 'aushack-master'
2012-06-07 12:17:49 -05:00
sinn3r
42795fec00
Get rid of some whitespace
2012-06-07 12:17:25 -05:00
Raphael Mudge
68dd0cd497
Armitage 06.07.12 - improved collaboration performance and fixed two bugs.
2012-06-07 13:16:16 -04:00
sinn3r
e12cce775e
Merge branch 'master' of https://github.com/aushack/metasploit-framework into aushack-master
2012-06-07 10:00:05 -05:00
jvazquez-r7
bd714017bb
samsung_neti_wiewer: add Space property for Payload
2012-06-07 16:00:36 +02:00
Patrick Webster
0e20d324b8
Added ms02_065_msadc exploit module.
2012-06-07 21:02:13 +10:00
jvazquez-r7
2f3b1effb9
Added module for OSVDB 81453
2012-06-07 12:47:09 +02:00
HD Moore
e8af6882eb
Permissions
2012-06-06 20:05:29 -05:00