Brandon Turner
34085e43eb
Merge pull request #1828 from limhoff-r7/bug/mdm-host-os-name-validation
...
Update to metasploit_data_models 0.12.0
2013-05-14 15:58:35 -07:00
John Sherwood
063ef487e2
Fix typo in cmd_notes
2013-05-14 18:58:31 -04:00
Luke Imhoff
3828458ccc
Update to metasploit_data_models 0.12.0
...
[#49878349 ]
0.12.0 removes validation on Mdm::Host#os_name.
2013-05-14 15:44:48 -05:00
jvazquez-r7
2454862496
Land #1827 , @wchen-r7's modification to add MS ref to ie_cgenericelement_uaf
2013-05-14 15:18:17 -05:00
sinn3r
e1111928c2
Adds patch info for ie_cgenericelement_uaf
...
This one is MS13-038
2013-05-14 14:55:02 -05:00
sinn3r
1e90f71360
Landing #1826 - Add Python format support to msfvenom
2013-05-14 14:50:12 -05:00
sinn3r
41e9f35f3f
Landing #1819 - Convert sap_mgmt_con_osexec_payload to multi platform
2013-05-14 14:48:16 -05:00
Joshua J. Drake
00fd00167a
Add Python format support to msfvenom
2013-05-14 14:39:52 -05:00
sinn3r
9427dfa483
Landing #1823 - Kloxo Local Privilege Escalation
2013-05-14 14:20:52 -05:00
sinn3r
5e925f6629
Description update
2013-05-14 14:20:27 -05:00
sinn3r
2ee11f70f8
Landing #1824 - Support Python when generating payloads via msfpayload
...
We love Python users too.
2013-05-14 14:14:31 -05:00
Samuel Huckins
a3fc44980e
Merge pull request #1814 from tasos-r7/bug/web-match_and_log_fingerprint
...
PT 48672475
2013-05-14 11:57:34 -07:00
Tasos Laskos
0a55c7e4b6
Proofs can be omitted if they contain sensitive data
2013-05-14 20:46:17 +03:00
Joshua J. Drake
96104c5860
Fix hard vs soft tabs
2013-05-13 20:44:51 -05:00
Joshua J. Drake
c71b57764e
Add a Python buffer formatter and update msfpayload to enable using it
2013-05-13 20:41:15 -05:00
jvazquez-r7
42cfa72f81
Update data after test kloxo 6.1.12
2013-05-13 19:09:06 -05:00
jvazquez-r7
58f2373171
Added module for EDB 25406
2013-05-13 18:08:23 -05:00
Tasos Laskos
a12e59ef1f
Merge branch 'master' into bug/web-match_and_log_fingerprint
2013-05-14 01:55:37 +03:00
sinn3r
5e997aaf80
Landing #1816 - lists essential information about CouchDB
2013-05-13 16:46:20 -05:00
sinn3r
cba045a604
Make additional changes to the module
2013-05-13 16:42:33 -05:00
Tod Beardsley
e3384439ed
64-bit, not '64 bits'
2013-05-13 15:40:17 -05:00
jvazquez-r7
e71e0c1c28
Land #1822 , @wchen-r7's module for Coldfusion HTP disclosed exploit
2013-05-13 12:41:54 -05:00
jvazquez-r7
f04ca17bb9
Fix default action
2013-05-13 11:56:02 -05:00
jvazquez-r7
5b64379553
Add Coldfusion 9 target, OSVDB ref and review
2013-05-13 11:55:11 -05:00
Brandon Turner
e605318726
Merge pull request #1813 from limhoff-r7/feature/mdm-module-namespace
...
Updates to MDM 0.11.2
2013-05-13 08:09:52 -07:00
sinn3r
60299c2adb
Add EDB-25305 - That ColdFusion 10 sub0 0day stuff
...
This is just an aux module that extract passwords from
password.properties. Yes, this can leverage a shell too, but
obviously that's best implemented in #1737 , or as a new exploit.
We'll see.
2013-05-12 21:23:53 -05:00
jvazquez-r7
feac292d85
Clean up for dlink_dsl320b_password_extractor
2013-05-12 17:35:59 -05:00
jvazquez-r7
ee46771de5
Land #1799 , @m-1-k-3's auth bypass module for Dlink DSL320
2013-05-12 17:34:08 -05:00
Luke Imhoff
4461aefaa2
Update to metasploit_data_models 0.11.2
...
[#47979793 ]
2013-05-12 13:36:13 -05:00
m-1-k-3
981cc891bc
description
2013-05-12 20:07:32 +02:00
jvazquez-r7
ce594a3ba2
Deprecate modules/exploits/windows/http/sap_mgmt_con_osexec_payload
2013-05-12 08:46:40 -05:00
jvazquez-r7
495f1e5013
Add multi platform module for SAP MC exec exploit
2013-05-12 08:46:00 -05:00
jvazquez-r7
9730abd669
Land #1818 , @wchen-r7's change to Exploit Rank
2013-05-11 11:51:49 -05:00
sinn3r
7fcf20201b
Ranking should be the same (to GoodRanking)
2013-05-11 09:19:25 -05:00
Roberto Soares Espreto
a94d078bfd
Added the statement return to condition: if res.nil?
2013-05-11 00:59:05 -03:00
Roberto Soares Espreto
18ee9af59f
Added couchdb_enum.rb to list essential information about CouchDB
2013-05-10 23:18:48 -03:00
Rob Fuller
5123b91bd1
Merge pull request #3 from jlee-r7/landing-1812-mailvelope-keys
...
Simplify and clean up some
2013-05-10 15:09:44 -07:00
James Lee
55fc1458de
Simplify and clean up some
...
I'd really love to make this work on Linux as well, since it's really
just a file grabber/parser. Unfortunately, the Post API for enumerating
users and homedirs isn't great for cross-platform stuff like this.
A few small changes, all verified on Windows 7:
* Reuse the key storing code instead of copy-paste with minor changes
* Use binary mode when opening the stored prefs
* Don't bother checking for incognito since we're using `steal_token`
anyway
* Check for existence of directories instead of guessing based on OS
match
2013-05-10 16:58:35 -05:00
Tod Beardsley
d9ff629e17
Land #1815 , typo fix.
2013-05-10 15:36:52 -05:00
Nick Rivera
ac3fe4c84e
Update CONTRIBUTING.md
2013-05-10 23:15:29 +03:00
Tasos Laskos
f4bc3096b2
#match_and_log_fingerprint: store match not fingerprint
2013-05-10 19:59:12 +03:00
Rob Fuller
84ff72eb92
use file_exist? instead of fs.file.stat
2013-05-10 11:17:42 -04:00
Rob Fuller
25f7af43b4
use gsub instead of split/join
2013-05-10 11:12:56 -04:00
jvazquez-r7
d37d211ecc
Fix short escape sequences error
2013-05-09 17:29:55 -05:00
jvazquez-r7
4147a27216
Land #1667 , @nmonkee's sap_soap_rfc_sxpg_command_exec exploit
2013-05-09 17:00:11 -05:00
jvazquez-r7
6842432abb
Land #1678 , @nmonkee's sap_soap_rfc_sxpg_call_system_exec exploit
2013-05-09 16:52:01 -05:00
jvazquez-r7
cf05602c6f
Land #1661 , @nmonkee's sap_soap_rfc_eps_get_directory_listing module
2013-05-09 16:46:13 -05:00
jvazquez-r7
b18a98259b
Modify default rport
2013-05-09 16:24:54 -05:00
jvazquez-r7
3e1d1a3f98
Land #1659 , @nmonkee's sap_soap_rfc_eps_delete_file module
2013-05-09 16:22:54 -05:00
Luke Imhoff
afa04ac9d0
Merge branch 'master' into feature/mdm-module-namespace
2013-05-09 16:13:06 -05:00