infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
37,469 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

19648 Commits (558f810165c1b40720133b86d1b2220388970faf)

Author SHA1 Message Date
Brent Cook 23eeb76294
update php_utility_belt_rce to use MetasploitModule 2016-03-13 13:59:47 -05:00
Brent Cook a6316d326e
Land #6662, update disclosure date for php_utility_belt_rce 2016-03-13 13:58:04 -05:00
Brent Cook c89e53d0a3
Land #6666, fix filezilla_server display bug showing the session ID 2016-03-13 13:56:44 -05:00
Brent Cook dabe5c8465
Land #6655, use MetasploitModule as module class name 2016-03-13 13:48:31 -05:00
James Lee 8217d55e25
Fix display issue when SESSION is -1 2016-03-11 11:37:22 -06:00
Jay Turla 8953952a8f correction for the DisclosureDate based on Exploit-DB 2016-03-11 14:05:26 +08:00
James Barnett 7009682100
Landing #6659, Fix bug in MS08-067 related to incorrect service pack identification when fingerprinting 2016-03-10 14:29:29 -06:00
William Vu 8d22358892
Land #6624, PHP Utility Belt exploit 2016-03-09 14:12:45 -06:00
William Vu 52d12b68ae Clean up module 2016-03-09 14:08:26 -06:00
wchen-r7 179d38b914 Fix #6658, MS08-067 unable to find the right target for W2k3SP0 
Fix #6658.

When there is no service pack, the
Msf::Exploit::Remote::SMB#smb_fingerprint_windows_sp method returns
an empty string. But in the MS08-067 exploit, instead of check an
empty string, it checks for "No Service Pack", which causes it to
never detect the right target for Windows Server 2003 SP0.
 2016-03-09 11:05:34 -06:00
Christian Mehlmauer 3123175ac7
use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook f703fa21d6 Revert "change Metasploit3 class names" 
This reverts commit 666ae14259.
 2016-03-07 13:19:55 -06:00
Brent Cook 44990e9721 Revert "change Metasploit4 class names" 
This reverts commit 3da9535e22.
 2016-03-07 13:19:48 -06:00
Brent Cook 0e46cc0259 Revert "change remaining class names" 
This reverts commit 62217fff2b.
 2016-03-07 13:19:42 -06:00
Brent Cook aa5b201427 Revert "revert ssl_login_pubkey for now" 
This reverts commit 7d773b65b6.
 2016-03-07 13:19:33 -06:00
Christian Mehlmauer 7d773b65b6
revert ssl_login_pubkey for now 2016-03-07 14:44:23 +01:00
Christian Mehlmauer 62217fff2b
change remaining class names 2016-03-07 09:58:21 +01:00
Christian Mehlmauer 3da9535e22
change Metasploit4 class names 2016-03-07 09:57:22 +01:00
Christian Mehlmauer 666ae14259
change Metasploit3 class names 2016-03-07 09:56:58 +01:00
Brent Cook bb36cd016e Fix #6643, Pcap.lookupaddrs does not exist 2016-03-06 22:15:39 -06:00
Brent Cook a2c3b05416
Land #6405, prefer default module base class of simply 'Metasploit' 2016-03-06 17:10:55 -06:00
Brent Cook 8faae94338
Land #6592, make linux/x86/shell_reverse_tcp's shell path configurable and remove shell_reverse_tcp2 2016-03-06 15:33:53 -06:00
Brent Cook 66c697d2e4
Land #6602, update author info for dahua_dvr_auth_bypass 2016-03-06 15:13:01 -06:00
Brent Cook 4711191def remove non-specific URL 2016-03-06 15:12:25 -06:00
Brent Cook a1190f4344
Land #6598, add post module for setting wallpaper 2016-03-06 15:00:10 -06:00
Brent Cook 86845222ef add meterpreter platform workaround 2016-03-06 14:51:34 -06:00
William Vu 71b034a566
Land #6627, atutor_sqli regex fix 2016-03-03 16:54:38 -06:00
wchen-r7 ba4e0d304b Do regex \d+ instead 2016-03-03 11:05:16 -06:00
Brent Cook d355b0e8b7
update payload sizes 2016-03-02 13:55:32 -06:00
wchen-r7 22b69c8dee
Land #6588, Add AppLocker Execution Prevention Bypass module 2016-03-01 22:30:23 -06:00
wchen-r7 a798581fa3 Update #get_dotnet_path 2016-03-01 22:25:40 -06:00
net-ninja cda4c6b3b3 Update the regex for the number of students in ATutor 2016-03-01 09:41:17 -06:00
wchen-r7 5d64346a63
Land #6623, Add CVE-2016-2555: ATutor 2.2.1 SQL Injection Exploit Module 2016-02-29 19:33:25 -06:00
Jay Turla 62a611a472 Adding PHP Utility Belt Remote Code Execution 2016-03-01 09:22:25 +08:00
wchen-r7 274b9acb75 rm #push 2016-02-29 18:58:05 -06:00
wchen-r7 f55835cceb Merge new code changes from mr_me 2016-02-29 18:39:52 -06:00
wchen-r7 638d91197e Override print_* to always print the IP and port 2016-02-29 16:18:03 -06:00
wchen-r7 54ede19150 Use FileDropper to cleanup 2016-02-29 16:15:50 -06:00
wchen-r7 727a119e5b Report cred 2016-02-29 16:06:31 -06:00
wchen-r7 4cc690fd8d Let the user specify username/password 2016-02-29 15:45:33 -06:00
wchen-r7 726c1c8d1e There is no http_send_command, so I guess the check should not work 2016-02-29 15:43:47 -06:00
William Vu c5a9d59455
Land #6612, one final missing change 2016-02-29 15:08:42 -06:00
William Vu cb0493e5bb Recreate Msf::Exploit::Remote::Fortinet 
To match the path, even though it's kinda lame including it just for the
monkeypatch.
 2016-02-29 15:04:02 -06:00
net-ninja a3fa57c8f6 Add CVE-2016-2555: ATutor 2.2.1 SQL Injection Exploit Module 2016-02-29 14:59:26 -06:00
Brent Cook 8c2ce9687a
Land #6620, fix typo in jtr_linux 2016-02-29 14:58:58 -06:00
Brent Cook d955c6a8f6 style fixes 2016-02-29 14:06:49 -06:00
William Vu a6a37b3089
Land #6612, missing commits included 2016-02-29 14:06:21 -06:00
wchen-r7 f5ad1286d2 Fix #6615, fix typo "format" 
Fix #6615
 2016-02-29 12:44:25 -06:00
William Vu 300fdc87bb Move Fortinet backdoor to module and library 2016-02-29 12:06:33 -06:00
wchen-r7 2950996cb8
Land #6612, Add aux module for Fortinet backdoor 2016-02-29 12:02:49 -06:00