2f87af1c3a
add some checks while parsing the java serialization config file
2012-09-05 20:58:55 +02:00
598fdb5c50
Merge branch 'hp_sitescope_getsitescopeconfiguration' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_sitescope_getsitescopeconfiguration
2012-09-05 13:58:39 -05:00
41904891c9
Merge branch 'hp_sitescope_getfileinternal_fileaccess' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_sitescope_getfileinternal_fileaccess
2012-09-05 13:57:39 -05:00
b2116e2394
cleanup, test, add on_new_session handler and osvdb references
2012-09-05 20:54:25 +02:00
c4fb285288
Merge branch 'armitage' of https://github.com/rsmudge/metasploit-framework into rsmudge-armitage
2012-09-05 13:48:09 -05:00
5f9e310e85
Merge branch 'master' of https://github.com/averagesecurityguy/metasploit-framework
2012-09-05 13:47:25 -05:00
bbab206eac
Add CVE-2012-3579 - Symantec Messaging Gateway 9 Default SSH Pass
...
This module exploits a default misconfig flaw on Symantec Messaging
Gateway 9.5 (or older). The "support" user has a known default
password, which can be used to login to the SSH service, and then
gain privileged access from remote.
2012-09-05 13:21:10 -05:00
20655232d7
cleanup, tested and added osvdb reference
2012-09-05 20:03:46 +02:00
c6f5b1f072
cleanup, test, osvdb reference
2012-09-05 19:56:04 +02:00
ea2eb046c3
cleanup, final test, osvdb reference
2012-09-05 19:45:50 +02:00
406202fc81
Added module for ZDI-12-174
2012-09-05 12:56:09 +02:00
166f68b194
added module for ZDI-12-177
2012-09-05 12:54:30 +02:00
534ab55e5c
Added module for ZDI-12-173
2012-09-05 12:53:03 +02:00
8a50ca2f47
Added module for ZDI-12-176
2012-09-05 12:51:25 +02:00
8fce975593
Aux module raise an error because Report module is not included in the source
2012-09-05 10:38:36 +02:00
e8b3f0193b
Armitage 09.05.12 - this release detects several user errors on startup (incorrect permissions, whitespace in the host/port/user/pass parameters, etc.). This release also cleans up the token stealing dialog.
2012-09-05 01:54:28 -04:00
8f142c74e5
Adding documentation to the methods in the post exploitation library. Will eventually generate an rdoc file and a post exploitation How To.
2012-09-04 22:21:47 -04:00
c7de73e7bf
Clean up SVN metadata
2012-09-04 19:36:10 -05:00
7b8ab53661
Use :unique_data option for dns.enum reporting
...
Otherwise, you will only report the last thing that comes through on
that host for the dns.enum note type.
2012-09-04 19:32:29 -05:00
2bfe5ee5a6
Add a ResolverError class
2012-09-04 19:20:31 -05:00
e128fc87f2
Looks like it should be ResolverError
2012-09-04 19:19:53 -05:00
2edf4a676a
Merge remote branch 'bonsaiviking/axfr' into bonsai-afxr
2012-09-04 16:16:41 -05:00
b8132cae5c
Add the redistribution comment splat
2012-09-04 15:58:43 -05:00
15f1dd8525
Moving greetz to Author fields
2012-09-04 15:58:43 -05:00
6e7cbe793c
Spamguard e-mail addresses, make auth name consistent
2012-09-04 15:58:43 -05:00
a925eef070
Removed meterpreter reference from desc
...
This post module relies on meterpreter as a SessionType, but the
description shouldn't call this out specifically.
2012-09-04 15:58:42 -05:00
ba0de5acd9
Retitled for consistency and accuracy
2012-09-04 15:58:42 -05:00
f80abaf0d1
Dropping trailing whitespace
2012-09-04 15:58:42 -05:00
69b2f95a6f
small update
2012-09-04 15:58:42 -05:00
cac1e0a585
small update
2012-09-04 15:58:42 -05:00
e1da14f786
access database with local os admin privs
2012-09-04 15:58:42 -05:00
a08d2359d7
access database with local os admin privs
2012-09-04 15:58:42 -05:00
114ade6bea
applied todb requested fixes, and added sql 2k support
2012-09-04 15:58:42 -05:00
6cd6f9d5d1
minor comment updates
2012-09-04 15:58:42 -05:00
7e168f2e5c
Modified module to write query results to a file with report/loot options
2012-09-04 15:58:42 -05:00
522fb401e9
Find data on a SQL Server, sample it, and write it to a CSV file.
2012-09-04 15:58:42 -05:00
66705e4a5d
Add BSD license to unixasm, thanks Ramon!
2012-09-04 15:02:00 -05:00
99009da567
Merge branch 'mobilecartly_upload_exec' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-mobilecartly_upload_exec
2012-09-04 14:32:23 -05:00
e926bc16ba
Add MobileCartly 1.0 module
2012-09-04 14:23:16 -05:00
768b66dd7e
Add the --non-interactive flag to msfupdate (thx pyllyukko)
2012-09-04 14:06:04 -05:00
4a92cc4641
jboss_invoke_deploy module cleanup
2012-09-04 18:49:11 +02:00
cb40a0c362
Merge branch 'jboss-jmx-invoke-deploy' of https://github.com/h0ng10/metasploit-framework into h0ng10-jboss-jmx-invoke-deploy
2012-09-04 18:47:30 +02:00
828f37701d
Fix linux shell_bind_tcp payload
...
It was calling bind(2) with a family of 0x02ff, which makes no sense and
causes execution to fall off the end and segfault. Fix it by replacing
0x02ff with the appropriate 0x0002, or AF_INET.
[Fixrm #7216 ]
2012-09-04 04:23:48 -05:00
7afd470eb0
Clean up linux shellcode Makefile
...
Now you can "make single_bind_tcp_shell", or the like, and build one
payload instead of the kludgy embedded shell script that always builds
all of them.
Need to do the same with BSD.
2012-09-04 04:23:48 -05:00
783ffb13c2
Add Adobe security bulletin references
2012-09-04 00:07:53 -05:00
b3bfaec089
Add reference about the patch
2012-09-03 23:58:21 -05:00
9d97dc8327
Add Metasploit blogs as references, because they're useful.
2012-09-03 15:57:27 -05:00
2b6aa6bbdb
Added Exploit for deployfilerepository via JMX
2012-09-03 13:50:16 -04:00
9ab62de637
Fix a spelling error
2012-09-03 01:44:02 -05:00
943121dd61
Added module for CVE-2012-2611
2012-09-03 00:15:56 +02:00
jvazquez-r7
sinn3r
Cristiano Maruti
Raphael Mudge
Stephen Haywood
Tod Beardsley
nullbind
James Lee
HD Moore
h0ng10