infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
34,680 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

8623 Commits (54a45ac80c9042bcad20be7aaa2612b25ec3cefd)

Author SHA1 Message Date
wchen-r7 1289ec8863 authors 2015-07-11 01:38:21 -05:00
wchen-r7 6eabe5d48c Update description 2015-07-11 01:36:26 -05:00
wchen-r7 54fc712131 Update Win 8.1 checks 2015-07-11 01:33:23 -05:00
jvazquez-r7 6f0b9896e1
Update description 2015-07-11 00:56:18 -05:00
jvazquez-r7 115549ca75
Delete old check 2015-07-11 00:42:59 -05:00
jvazquez-r7 63005a3b92
Add module for flash CVE-2015-5122 
* Just a fast port for the exploit leaked
* Just tested on win7sp1 / IE11
 2015-07-11 00:28:55 -05:00
jvazquez-r7 5a045677bc
Add waiting message 2015-07-10 18:48:46 -05:00
jvazquez-r7 8d52c265d9
Delete wfsdelay 2015-07-10 18:46:27 -05:00
jvazquez-r7 63e91fa50f
Add reference 2015-07-10 18:46:06 -05:00
jvazquez-r7 677cd97cc2
Update information 2015-07-10 18:39:11 -05:00
jvazquez-r7 6c6a778218
Modify arkeia_agent_exec title 2015-07-10 18:38:25 -05:00
jvazquez-r7 4995728459
Modify arkeia_agent_exec ranking 2015-07-10 18:37:24 -05:00
jvazquez-r7 858f63cdbf
Land #5693, @xistence VNC Keyboard EXEC module 2015-07-10 18:35:44 -05:00
jvazquez-r7 1326a26be5
Do code cleanup 2015-07-10 18:35:13 -05:00
jvazquez-r7 917282a1f1
Fix ranking 2015-07-10 17:49:15 -05:00
jvazquez-r7 e063e26627
Land #5689, @xistence's module for Western Digital Arkeia command injection 2015-07-10 17:11:35 -05:00
jvazquez-r7 bdd8b56336
fix comment 2015-07-10 16:28:20 -05:00
jvazquez-r7 95ae7d8cae
Fix length limitation 2015-07-10 16:24:49 -05:00
Mo Sadek 3347b90db7 Land #5676, print_status with ms14_064 2015-07-10 14:40:49 -05:00
jvazquez-r7 29a497a616
Read header as 6 bytes 2015-07-10 14:25:57 -05:00
jvazquez-r7 bed3257a3f
Change default HTTP_DELAY 2015-07-10 12:50:26 -05:00
jvazquez-r7 c9d2ab58d3
Use HttpServer::HTML 
* And make the exploit Aggressive
 2015-07-10 12:48:21 -05:00
jvazquez-r7 e1192c75a9
Fix network communication on `communicate` 
* Some protocol handling just to not read amounts of data blindly
 2015-07-10 11:57:48 -05:00
Tod Beardsley 9206df077f
Land #5694, R7-2015-08 2015-07-10 11:42:57 -05:00
jvazquez-r7 9ba515f185
Fix network communication on `check` 
* Some protocol handling just to not read amounts of data blindly
 2015-07-10 11:32:49 -05:00
jvazquez-r7 c70be64517
Fix version check 2015-07-10 10:57:55 -05:00
jvazquez-r7 34a6984c1d
Fix variable name 2015-07-10 10:44:38 -05:00
jvazquez-r7 2c7cc83e38
Use single quotes 2015-07-10 10:34:47 -05:00
jvazquez-r7 f66cf91676
Fix metadata 2015-07-10 10:33:02 -05:00
xistence b916a9d267 VNC Keyboard Exec 2015-07-10 14:08:32 +07:00
xistence 52d41c8309 Western Digital Arkeia 'ARKFS_EXEC_CMD' <= v11.0.12 Remote Code Execution 2015-07-10 09:51:28 +07:00
Michael Messner d7beb1a685 feedback included 2015-07-09 08:31:11 +02:00
HD Moore 25e0f888dd Initial commit of R7-2015-08 coverage 2015-07-08 13:42:11 -05:00
wchen-r7 a3ec56c4cb Do it in on_request_exploit because it's too specific 2015-07-08 12:32:38 -05:00
wchen-r7 cefbdbb8d3 Avoid unreliable targets 
If we can't garantee GreatRanking on specific targets, avoid them.
 2015-07-08 12:12:53 -05:00
wchen-r7 6a33807d80 No Chrome for now 2015-07-07 15:56:58 -05:00
jvazquez-r7 f8b668e894
Update ranking and References 2015-07-07 15:43:02 -05:00
Tod Beardsley 116c3f0be1
Add CVE as a real ref, too 2015-07-07 14:46:44 -05:00
Tod Beardsley 3d630de353
Replace with a real CVE number 2015-07-07 14:44:12 -05:00
wchen-r7 fdb715c9dd
Merge branch 'upstream-master' into bapv2 2015-07-07 13:45:39 -05:00
jvazquez-r7 829b08b2bf
Complete authors list 2015-07-07 12:49:54 -05:00
wchen-r7 49effdf3d1 Update description 2015-07-07 12:46:02 -05:00
wchen-r7 d885420aff This changes the version requirement for adobe_flash_hacking_team_uaf.rb 
Because it works for Win 8.1 + IE11 too
 2015-07-07 12:42:56 -05:00
wchen-r7 d30688b116 Add more requirement info 2015-07-07 12:33:47 -05:00
jvazquez-r7 d9aacf2d41
Add module for hacking team flash exploit 2015-07-07 11:19:48 -05:00
wchen-r7 c37b60de7b Do some print_status with ms14_064 2015-07-07 00:57:37 -05:00
Michael Messner 5b6ceff339 mime message 2015-07-06 15:00:12 +02:00
HD Moore 43d47ad83e Port BAPv2 to Auxiliary 2015-07-02 15:29:24 -05:00
William Vu 8892cbdd10 Fix some minor things 2015-07-02 14:32:16 -05:00
Tod Beardsley 95f19e6f1f
Minor description edits for clarity 
Edited modules/exploits/multi/browser/adobe_flash_nellymoser_bof.rb
first landed in #5642, Adobe Flash CVE-2015-3113 Nellymoser Audio
Decoding BOF

Edited modules/post/windows/gather/credentials/enum_laps.rb first landed
in #5590, @Meatballs1 adds MS LAPS Enum post mod

Edited modules/post/windows/gather/enum_ad_bitlocker.rb first landed in
Keys from AD
 2015-07-02 13:51:37 -05:00
HD Moore 87e6325737 Revert BAPv2 changes to framework/libraries/handlers 2015-07-02 12:10:21 -05:00
wchen-r7 2957924c78
Merge branch 'upstream-master' into bapv2 2015-07-02 01:46:31 -05:00
jvazquez-r7 3b9ba189f7
Add CVE-2015-3043 information 2015-07-01 19:56:35 -05:00
wchen-r7 8051a99f4a
Merge branch 'upstream-master' into bapv2 2015-07-01 18:45:42 -05:00
wchen-r7 32d5e7f3de
Land #5642, Adobe Flash CVE-2015-3113 Nellymoser Audio Decoding BOF 2015-07-01 18:44:38 -05:00
wchen-r7 93c74efb97 Add Ubuntu as a tested target 2015-07-01 18:43:22 -05:00
jvazquez-r7 ee118aa89d
Fix description 2015-07-01 13:30:22 -05:00
jvazquez-r7 1de94a6865
Add module for CVE-2015-3113 2015-07-01 13:13:57 -05:00
William Vu 3632cc44c5 Fix nil error when target not found 2015-06-30 11:48:41 -05:00
wchen-r7 7aeb9e555b Change ranking and support CAMPAIGN_ID 2015-06-29 12:13:46 -05:00
wchen-r7 9bd920b169
Merge branch 'upstream-master' into bapv2 2015-06-27 12:19:55 -05:00
William Vu 326bec0a1f
Land #5581, s/shell_command_token/cmd_exec/ 2015-06-26 16:59:40 -05:00
jvazquez-r7 a10fa02b00
Land #5606, @wchen-r7's glassfish fixes 2015-06-26 14:12:50 -05:00
wchen-r7 3b5e2a0c6e Use TARGETURI 2015-06-26 14:02:17 -05:00
wchen-r7 b46e1be22f
Land #5371, Add file checking to the on_new_session cleanup 2015-06-26 13:33:57 -05:00
Tod Beardsley 31eedbcfa0
Minor cleanups on recent modules 
Edited modules/auxiliary/scanner/http/ms15_034_http_sys_memory_dump.rb
first landed in #5577, MS15-034 HTTP.SYS Information Disclosure

Edited modules/exploits/multi/browser/adobe_flash_shader_drawing_fill.rb
first landed in #5605, CVE-2015-3105 flash exploit

Edited modules/exploits/multi/browser/adobe_flash_shader_job_overflow.rb
first landed in #5559, Adobe Flash Player ShaderJob Buffer Overflow

Edited modules/auxiliary/test/report_auth_info.rb first landed in #5540,
@wchen-r7's changes for multiple auxiliary modules to use the new cred
API
 2015-06-26 12:18:33 -05:00
jvazquez-r7 7ccc86d338
Use cmd_exec 2015-06-26 11:54:19 -05:00
jvazquez-r7 31b7ef49d6
Solve conficts 2015-06-26 11:36:17 -05:00
wchen-r7 c70e38a14e Do more reporting 2015-06-25 22:39:56 -05:00
wchen-r7 5ef4cc2bb4 Save creds 2015-06-25 17:10:20 -05:00
wchen-r7 1a371b11b0 Update description 2015-06-25 17:04:31 -05:00
jvazquez-r7 ee0377ca16
Add module for CVE-2015-3105 2015-06-25 13:35:01 -05:00
wchen-r7 c330d10403 Make SSL as a basic option 
Also:

Fix #5558
 2015-06-25 02:06:51 -05:00
wchen-r7 5c98da05fb This works for Glassfish 4.0 & 9.1 2015-06-25 01:58:24 -05:00
wchen-r7 c826785ebb Fix auth bypass 2015-06-24 19:49:04 -05:00
wchen-r7 8e4fa80728 This looks good so far 2015-06-24 19:30:02 -05:00
Spencer McIntyre 2206a6af73 Support older targets x86 for MS15-051 2015-06-25 09:33:15 +10:00
William Vu a149fb5710
Land #5554, @g0tmi1k's persistence improvements 
age aborts
age aborts
 2015-06-24 14:37:25 -05:00
William Vu e7e8135acd Clean up module 2015-06-24 14:35:10 -05:00
Michael Messner c8dddbff70 server header 2015-06-24 21:32:01 +02:00
wchen-r7 380af29482 Progress? 2015-06-24 14:17:45 -05:00
Michael Messner 8bc012a665 echo stager via upload vulnerability 2015-06-23 23:09:08 +02:00
wchen-r7 6046994138 version does not return nil 2015-06-23 10:31:01 -05:00
wchen-r7 dedfca163d Change check() 2015-06-22 15:05:12 -05:00
jvazquez-r7 784be06b6f
Update nmap 
* Use cmd_exec
 2015-06-22 14:20:02 -05:00
jvazquez-r7 d98d2ffd4d
Update setuid_viscosity 
* Use cmd_exec
 2015-06-22 14:04:04 -05:00
jvazquez-r7 60bdc10aed
Update setuid_tunnelblick 
* Use cmd_exec
 2015-06-22 13:57:33 -05:00
jvazquez-r7 6a00ce62de Update persistence module 
* Delete unused method
 2015-06-22 12:25:00 -05:00
OJ 3686accadd
Merge branch 'upstream/master' into cve-2015-1701 2015-06-22 07:52:17 +10:00
Spencer McIntyre efece12b40 Minor clean ups for ruby strings and check method 2015-06-21 16:07:44 -04:00
Pedro Ribeiro ea49fd2fdc Update sysaid_rdslogs_fle_upload.rb 2015-06-20 16:59:28 +01:00
Pedro Ribeiro 3181d76e63 Update sysaid_auth_file_upload.rb 2015-06-20 16:53:33 +01:00
Michael Messner d8e11789ea cmd_interact - first try 2015-06-20 07:59:25 +02:00
jvazquez-r7 74bc9f7a91
Land #5529, @omarix's Windows 2003 SP1 & SP2 French targets for MS08-067 2015-06-19 16:57:07 -05:00
jvazquez-r7 61ad4ada7d
Delete commas 2015-06-19 16:03:16 -05:00
wchen-r7 9da99a8265
Merge branch 'upstream-master' into bapv2 2015-06-19 11:36:27 -05:00
William Vu 2587595a92
Land #5556, vprint_status fix 2015-06-19 11:24:54 -05:00
William Vu b994801172 Revert auto tab replacement 2015-06-19 11:22:40 -05:00
jvazquez-r7 6ec8488929
Land #5560, @wchen-r7 Changes ExcellentRanking to GoodRanking for MS14-064 2015-06-19 11:15:41 -05:00
wchen-r7 15985e8b4f
Land #5559, Adobe Flash Player ShaderJob Buffer Overflow 2015-06-19 10:38:05 -05:00