infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
18,067 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

18067 Commits (55fc1458def63fa2d40bef3cf2049aa1163b7cbe)

Author SHA1 Message Date
James Lee 55fc1458de Simplify and clean up some 
I'd really love to make this work on Linux as well, since it's really
just a file grabber/parser. Unfortunately, the Post API for enumerating
users and homedirs isn't great for cross-platform stuff like this.

A few small changes, all verified on Windows 7:

* Reuse the key storing code instead of copy-paste with minor changes

* Use binary mode when opening the stored prefs

* Don't bother checking for incognito since we're using `steal_token`
  anyway

* Check for existence of directories instead of guessing based on OS
  match
 2013-05-10 16:58:35 -05:00
Rob Fuller 84ff72eb92 use file_exist? instead of fs.file.stat 2013-05-10 11:17:42 -04:00
Rob Fuller 25f7af43b4 use gsub instead of split/join 2013-05-10 11:12:56 -04:00
Rob Fuller 2f543d3080 extension and pref parsing 2013-05-09 13:23:28 -04:00
jvazquez-r7 94f841dd3f Land #1810, @wchen-r7's modification to make ie_cgenericelement_uaf more stable 2013-05-08 21:53:18 -05:00
sinn3r f9f769cec8 Landing #1805 - Fix unintelligible error when importing empty file 2013-05-08 20:10:45 -05:00
sinn3r 9043eeda66 A slight change for stability 
While updating ie_cgenericelement_uaf earlier today, I noticed the
changes made it a tiny bit less stable. Juan's test log in #1809
also kinda shows that (with the first attempt failing), so I decided
to go back and move the string crafting part, that way between
CollectGarbage() and the overwrite, there is less noise, and hopefully
more stable.  I did a few tests, seems better.
 2013-05-08 20:02:55 -05:00
jvazquez-r7 bdd2287daf Land #1809, @wchen-r7's modification for ie_cgenericelement_uaf 2013-05-08 16:21:11 -05:00
sinn3r 0e51042a01 Landing #1808 - ERS Viewer 2011 bof (CVE-2013-0726) 2013-05-08 15:51:46 -05:00
sinn3r 9a1400a75b Forgot to remove this print_warning 2013-05-08 15:44:04 -05:00
sinn3r 075f6e8d45 Updates ROP chain and mstime_malloc usage 2013-05-08 15:42:45 -05:00
Tod Beardsley 4c75354a6a Land #1786, request_cgi instead of request_raw 
Also some other small changes to modules, such as sensible defaults for
options.
 2013-05-08 14:58:04 -05:00
sinn3r c7609ac7d1 Initial update 2013-05-08 14:24:52 -05:00
jvazquez-r7 1aa80cd35e Add module for CVE-2013-0726 2013-05-08 13:48:48 -05:00
James Lee 9ab68ac935 Fix unintelligible error when importing empty file 
IO#read returns nil for an empty file if given a length argument, which
caused a stack trace when attempting to import a file instead of a
useful error message.
 2013-05-07 18:05:45 -05:00
Samuel Huckins 3d5eb24a33 Merge pull request #1802 from limhoff-r7/feature/new-rvm-ignores 
[Delivers #49402505]
 2013-05-07 06:58:53 -07:00
Luke Imhoff 75e77f5801 Add new rvm control files to ignores 
[#49402505]

rvm stable (1.19.6) has deprecated .rvmrc in favor of the .ruby-version
file used by other ruby version switchers and .ruby-gemset.  These files
only contain strings to be looked up instead of bash or sh code, so it's
also a safer format than the old script in the .rvmrc.
 2013-05-07 08:32:21 -05:00
jvazquez-r7 fff8593795 Fix author name 2013-05-06 17:34:37 -05:00
jvazquez-r7 c84febb81a Fix extra character 2013-05-06 15:19:15 -05:00
jvazquez-r7 92b4d23c09 Add Mariano as Author because of the abuse disclosure 2013-05-06 15:15:15 -05:00
jvazquez-r7 db243e78c8 Land #1682, sap_router_info_request fix from @nmonkee 2013-05-06 15:13:57 -05:00
dmaloney-r7 0390baff64 Merge pull request #1798 from dmaloney-r7/upstream-master 
fix ssh_creds module
 2013-05-05 14:46:28 -07:00
David Maloney e40695769d unbotch merge? 2013-05-05 16:43:56 -05:00
David Maloney 2d99167fe7 Merge commit 'b0f5255de8f78fb0d54be1ee49f43455968d6740' into upstream-master 2013-05-05 16:41:18 -05:00
David Maloney b0f5255de8 fix ssh_creds username 
ssh_creds post module as not saving
the username in the cred objects
 2013-05-05 16:31:28 -05:00
Tod Beardsley 8239998ada Typo on URL for #1797. Thx @Meatballs1 2013-05-05 12:26:06 -05:00
Tod Beardsley c9ea7e250e Fix disclosure date, ref for #1897 2013-05-05 12:13:02 -05:00
Tod Beardsley e9841b216c Land #1797, IE8 DoL exploit module from @wchen-r7 
Exploit for an in-the-wild unpatched vuln in IE8. @jvazquez-r7 already
reviewed functionality
 2013-05-05 12:06:45 -05:00
sinn3r a33510e821 Add MS IE8 DoL 0day exploit (CVE-2013-1347) 
This module exploits a use-after-free vuln in IE 8, used in the
Department of Labor attack.
 2013-05-05 12:04:17 -05:00
Meatballs 1b485f15db Land #1796 - Adds missing require to shodan_search aux. 
[Closes #1796]
 2013-05-05 11:49:38 +02:00
HD Moore 63b0eace32 Add a missing require 2013-05-04 22:39:57 -05:00
m-1-k-3 c3e9503c0b tplink traversal - initial commit 2013-05-03 14:27:13 -05:00
jvazquez-r7 589be270bf Land #1658, @nmonkee's SAP module for PFL_CHECK_OS_FILE_EXISTENCE 2013-05-03 14:19:36 -05:00
sinn3r 2396c265f8 Landing #1790 - AudioCoder .m3u bof module 2013-05-03 11:59:12 -05:00
jvazquez-r7 13202a3273 Add OSVDB reference 2013-05-03 09:46:29 -05:00
nmonkee d8bbd9d78b Merge pull request #6 from jvazquez-r7/sap_soap_rfc_pfl_check_os_file_existence 
Clean up for sap_soap_rfc_pfl_check_os_file_existence
 2013-05-03 05:40:56 -07:00
jvazquez-r7 a95de101e7 Delete extra line 2013-05-02 22:04:27 -05:00
jvazquez-r7 6210b42912 Port EDB 25141 to msf 2013-05-02 22:00:43 -05:00
jvazquez-r7 a2e1fbe7a9 Make msftidy happy 2013-05-02 19:46:26 -05:00
jvazquez-r7 f57b2de632 Land #1787, @wchen-r7's mod to ie_cbutton_uaf to use the js_mstime_malloc API 2013-05-02 19:44:19 -05:00
sinn3r fe57b9d6e2 Landing #1784 - Handles nils in params 
Nils are handled by converting values into strings
 2013-05-02 18:43:10 -05:00
James Lee 9e7885857c Land #1776, assembly payload blob cache fix 2013-05-02 16:58:14 -05:00
James Lee 0d9b120bac Get rid of the suffix 
This makes blob cache a little cleaner

[FixRM #7898]
 2013-05-02 16:55:14 -05:00
jvazquez-r7 d6568b3902 Land #1788, @todb's switch from nokogiri to rexml 2013-05-02 15:15:54 -05:00
Tod Beardsley 7579b574cb Rework parse_xml 
We try to avoid using Nokogiri in modules due to the sometimes
uncomfortable dependencies it creates with particular compiled libxml
versions. Also, the previous parse_xml doesn't seem to be correctly
skipping item entries with blank names.

I will paste the test XML in the PR proper, but do check against a live
target to make sure I'm not screwing it up.
 2013-05-02 14:43:30 -05:00
Tod Beardsley 902cd7ec85 Revert removal of the SAP module 
This reverts commit 26da7a6ee7.
 2013-05-02 14:42:35 -05:00
sinn3r eb23b5feeb Forgot to remove function ie8_smil. Don't need this anymore. 2013-05-02 14:04:15 -05:00
sinn3r 329e8228d1 Uses js_mstime_malloc to do the no-spray technique 2013-05-02 14:00:15 -05:00
Tod Beardsley 26da7a6ee7 Removing this from master due to test problems 
This module was moved over to the unstable branch in commit
7106afdf7d , working up a fix now. Stay
tuned.
 2013-05-02 13:43:02 -05:00
jvazquez-r7 132c09af82 Add BID reference 2013-05-02 10:21:09 -05:00