infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
30,376 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

30376 Commits (5954e2300f5ecbee4dfda931e4ab8c97b7e9a980)

Author SHA1 Message Date
Brent Cook 5954e2300f updates based on feedback 
Add documentation to the view constants.
Use include? rather than regexes
 2015-01-20 16:57:49 -06:00
Brent Cook a42cc2ef1f add support for specifying 32 or 64-bit registry access 
This adds an extra parameter to most of the post/windows/registry
methods called 'view' that specifies if a registry key should be
accessed as a native process, 32-bit or 64-bit.

Support is added to both the Meterpreter and command-line backends. For
the command backend, a lot of boilerplate is removed from each method in
favor of a few shared commands. There is an error hash that never gets
used, so I removed it as well.

This passes the post/test/registry module with meterpreter, but fails
the command line backend. However, it fails in the same way without
these changes (tested on Windows 8), so I suspect that the command line
session was already not working well, at least with newer versions of
Windows. I might look into figuring out how to fix that, but it looks
pretty fragile to me, parsing for english phrases in the output.
 2015-01-20 15:26:59 -06:00
HD Moore 0b6c324660
Land #4611, add Hathaway's password 2015-01-19 22:06:24 -06:00
sinn3r 76746eb209 New password from Hathaway 2015-01-19 21:45:47 -06:00
jvazquez-r7 f7aaad1cf1
Delete some extraneous commas 2015-01-19 17:25:45 -06:00
jvazquez-r7 dbc77a2857
Land #4517, @pedrib's exploit for ManageEngine Multiple Products Authenticated File Upload 
* CVE-2014-5301
 2015-01-19 17:23:39 -06:00
jvazquez-r7 6403098fbc Avoid sleep(), survey instead 2015-01-19 17:22:04 -06:00
jvazquez-r7 a6e351ef5d Delete unnecessary request 2015-01-19 17:14:23 -06:00
jvazquez-r7 ed26a2fd77 Avoid modify datastore options 2015-01-19 17:11:31 -06:00
jvazquez-r7 3c0efe4a7e Do minor style changes 2015-01-19 15:36:05 -06:00
jvazquez-r7 ddda0b2f4b Beautify metadata 2015-01-19 14:59:31 -06:00
jvazquez-r7 bb681ba307
Land #4610, add play options to play_youtube 2015-01-19 12:56:08 -06:00
jvazquez-r7 43e0afeaed Delete 's' typo 2015-01-19 12:55:35 -06:00
jvazquez-r7 79a24f80b8 Use constant for play options 2015-01-19 12:50:40 -06:00
jvazquez-r7 652400451e Delete extra k 2015-01-19 12:35:26 -06:00
IMcPwn 50d43f118b Make URLs better 
Removes YouTube logo, loops, hides video controls at bottom, disables keyboard controls, doesn't show info about the video on the top, hides video annotations, and doesn't show related videos at the end.
 2015-01-19 12:27:18 -05:00
Christian Mehlmauer 923d1efa19
Land #4607, proxy chains description 2015-01-19 10:23:52 +01:00
William Vu e9a9ab9932
Update spec thingy 2015-01-19 01:38:47 -06:00
Christian Mehlmauer f7d5a45d77
Land #4606, fix proxychains description, fix #4587 2015-01-19 06:55:25 +01:00
William Vu cffa55b12e
Improve proxy chain description 2015-01-18 22:32:22 -06:00
Christian Mehlmauer 354e952841
fix msftidy warnings 2015-01-18 23:55:57 +01:00
Christian Mehlmauer 5b964bba6a
Land #4518, Wordpress long password DoS 2015-01-18 23:55:06 +01:00
Christian Mehlmauer 6014ff8a31
fix msftidy warnings 2015-01-18 23:54:16 +01:00
Spencer McIntyre a4a721924b
Land #4603, @eyalgr's fix for pymeterp tcp over reading 2015-01-18 11:18:30 -05:00
eyalgr 7a2f0553a8 Update reverse_tcp.rb 
prevent over-reading from socket
 2015-01-18 17:32:53 +02:00
eyalgr f12c6a1624 Update meterpreter.py 
Read until exactly pkt_length bytes
 2015-01-18 15:45:28 +02:00
eyalgr 9c12fcc2f1 Update bind_tcp.rb 
Read exactly l bytes
 2015-01-18 15:42:09 +02:00
eyalgr 18e15a109a Update bind_tcp.rb 
Prevent over reading from socket
 2015-01-18 15:35:56 +02:00
eyalgr d83c6ae215 Update meterpreter.py 
Read exactly pkt_length from socket, prevents over-reading.
 2015-01-18 15:29:23 +02:00
William Vu 84ecde30d1
Land #4586, mcafee_epo_xxe aux module 2015-01-18 00:50:10 -06:00
William Vu 57ca285f8a
Fix msftidy warnings 2015-01-18 00:49:52 -06:00
William Vu 7c3378b2e6
Land #4593, msftidy extraneous comma check 2015-01-18 00:46:39 -06:00
William Vu cb0257bec7
Land #4576, OpenVAS database import fix 2015-01-18 00:45:36 -06:00
nstarke 55a746eeb7 Changing code to catch everything extraneous 2015-01-17 15:46:26 +00:00
jvazquez-r7 697e4fbd41
Land #4584, @sgabe's fix for egghunter searchforward 2015-01-16 19:36:52 -06:00
jvazquez-r7 a42b095472 Delete heaponly option 2015-01-16 19:35:57 -06:00
jvazquez-r7 859a8978e7 Allow searchforward to be an string 2015-01-16 19:33:19 -06:00
Tod Beardsley 2cc44cc7c9
Fix typo on module title 
Brazenly ignoring process and merging myself.

At least it's still a signed merge commit.
 2015-01-16 16:31:58 -06:00
Tod Beardsley 375a7e1fe9
Typo. Filtering. 2015-01-16 16:30:52 -06:00
sgabe 3297d198f3 Fix search-forward option in regular egghunter 2015-01-16 22:16:30 +01:00
Brent Cook a2a1a90678
Land #4316, Meatballs1 streamlines payload execution for exploits/windows/local/wmi 
also fixes a typo bug in WMIC
 2015-01-16 11:16:22 -06:00
Christian Mehlmauer 596e956660
some changed 2015-01-16 17:53:06 +01:00
Brent Cook 6a68888712
Land #4590, jvennix-r7's fix for same-scheme URLs 
made a trivial string formatting tweak
 2015-01-16 09:10:56 -06:00
Brent Cook 7ef721bdd6 Might as well format the url all at once. 2015-01-16 09:01:25 -06:00
Christian Mehlmauer 3237dd8591
add comma check to msftidy 2015-01-16 00:13:55 +01:00
Brandon Perry 1929f36050 Update mcafee_epo_xxe.rb 2015-01-15 16:50:14 -06:00
Joe Vennix 8c3d4c8d07
Spelling tweak. 2015-01-15 15:19:46 -06:00
Joe Vennix 35c9a13199 Handle the usage of // (same-scheme) URLs. 2015-01-15 15:09:50 -06:00
Brent Cook c1e604f201
Land #4562: wchen-r7's CVE addition 2015-01-15 14:34:37 -06:00
Brent Cook bc895ab4d1
Land #4582, jhart-r7's Apple Airport Authentication Avalanche 2015-01-15 14:07:18 -06:00