Commit Graph

16080 Commits (5bafd6ddcce432a98b7682b94c0989dd3d192754)

Author SHA1 Message Date
jvazquez-r7 0950240d9a module cleanup by juan 2012-12-24 18:59:45 +01:00
jvazquez-r7 9020c96373 module renamed 2012-12-24 18:59:25 +01:00
jvazquez-r7 09568f255e Submission by James Fitts 2012-12-24 18:58:53 +01:00
sinn3r 076c8aa995 Merge branch 'nullbind-mssql_linkcrawler' 2012-12-24 11:14:28 -06:00
sinn3r 677b9718da Finalizing module 2012-12-24 11:13:51 -06:00
sinn3r 0822e8eae2 Merge branch 'kost-mipsle-shell_reverse_tcp' 2012-12-24 10:52:19 -06:00
sinn3r f7a843460c Merge branch 'notes_handler_cmdinject' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-notes_handler_cmdinject 2012-12-24 10:05:30 -06:00
jvazquez-r7 4c897c5181 added module for ZDI-12-154 2012-12-24 16:23:19 +01:00
Tod Beardsley 179e4cf870 Moving up to 4.6.0-dev 2012-12-24 08:40:29 -06:00
sinn3r d2e3e5defb Merge branch 'jlee-r7-cleanup/post-windows-services' 2012-12-22 13:29:48 -06:00
sinn3r ae4f434691 Handle RequestError
Some registry-retrieving functions will return nil when a
RequestError exception is raised, and that's the exception we
should be handling.
2012-12-22 13:10:44 -06:00
sinn3r e423351de3 Merge branch 'darkoperator_checkvm_more_checks' of git://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator_checkvm_more_checks 2012-12-22 12:40:33 -06:00
jvazquez-r7 e15cf9f288 Merge branch 'netwin_surgeftp_exec' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-netwin_surgeftp_exec 2012-12-22 15:50:07 +01:00
Carlos Perez 1ca85e2fff fix indentation and EOL spaces 2012-12-22 10:42:43 -04:00
Carlos Perez ddb9871577 refactor for use of registry mixin and will now create a note for the hypervisor 2012-12-22 10:27:54 -04:00
sinn3r d97a63a94c Make changes based on juan and egypt's feedback 2012-12-22 02:35:22 -06:00
James Lee 20cc2fa38d Make Windows postgres_payload more generic
* Adds Exploit::EXE to windows/postgres/postgres_payload. This gives us
  the ability to use generate_payload_dll() which generates a generic dll
  that spawns rundll32 and runs the shellcode in that process. This is
  basically what the linux version accomplishes by compiling the .so on
  the fly. On major advantage of this is that the resulting DLL will
  work on pretty much any version of postgres

* Adds Exploit::FileDropper to windows version as well. This gives us
  the ability to delete the dll via the resulting session, which works
  because the template dll contains code to shove the shellcode into a
  new rundll32 process and exit, thus leaving the file closed after
  Postgres calls FreeLibrary.

* Adds pre-auth fingerprints for 9.1.5 and 9.1.6 on Ubuntu and 9.2.1 on
  Windows

* Adds a check method to both Windows and Linux versions that simply
  makes sure that the given credentials work against the target service.

* Replaces the version-specific lo_create method with a generic
  technique that works on both 9.x and 8.x

* Fixes a bug when targeting 9.x; "language C" in the UDF creation query
  gets downcased and subsequently causes postgres to error out before
  opening the DLL

* Cleans up lots of rdoc in Exploit::Postgres
2012-12-22 00:30:09 -06:00
sinn3r 9b768a2c62 Merge branch 'cleanup/post-windows-services' of git://github.com/jlee-r7/metasploit-framework into jlee-r7-cleanup/post-windows-services 2012-12-21 23:42:17 -06:00
sinn3r 49248c79d6 Oops, didn't mean to keep these lines 2012-12-21 22:22:58 -06:00
Carlos Perez 924f5283ae Improvements to checkvm
- Added additional checks for Hyper-V
- Added additional checks for VMware
- Removed $Id$ and $Revision$ (Confirmed with Todb on it)
2012-12-21 22:11:57 -04:00
sinn3r 9af8c9b457 Small corrections 2012-12-21 18:52:40 -06:00
sinn3r 395a20ef22 Merge branch 'foswiki_maketext' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-foswiki_maketext 2012-12-21 18:43:44 -06:00
sinn3r 28f09618c8 Merge branch 'lm2ntcrack_fix' of git://github.com/mubix/metasploit-framework into mubix-lm2ntcrack_fix 2012-12-21 18:20:14 -06:00
sinn3r c57567d077 Merge branch 'feature/smtp_deliver_domain' of git://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-feature/smtp_deliver_domain 2012-12-21 16:26:50 -06:00
sinn3r 1dd27566e8 Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-12-21 16:25:37 -06:00
sinn3r ea31e38af8 Merge branch 'license-updates' of git://github.com/todb-r7/metasploit-framework into todb-r7-license-updates 2012-12-21 16:25:24 -06:00
sinn3r ca72132fc0 Add a check 2012-12-21 16:23:31 -06:00
sinn3r 1323081bce msftidy cleanup 2012-12-21 16:11:16 -06:00
sinn3r 529a3c9a63 Add Netwin SurgeFTP module 2012-12-21 16:10:27 -06:00
jvazquez-r7 d5f08a2405 Added module for CVE-2012-6329 for foswiki 2012-12-21 22:08:08 +01:00
Tod Beardsley 9a710175ad Added a bunch of gems
builder
coderay
journey
metasploit_data_models
railties
spork
2012-12-21 14:52:24 -06:00
Tod Beardsley 0bdc187084 Adding fastlib 2012-12-21 14:25:07 -06:00
Tod Beardsley ef8e3416e9 Updating THIRD-PARTY.md
Moved PacketFu to 3-Clause BSD.
Added Kiss FFT, Kiss FFT wrapper, and Armitage to 3-Clause BSD.
2012-12-21 14:22:56 -06:00
David Maloney be7da83feb Adds EHLO domain to smtp deliver
Allow the user to set the EHLO domain for the smtp deliver module.
This is needed for Pro functionality

[story #41549217]
2012-12-21 14:22:21 -06:00
jvazquez-r7 02782258eb fix eol for ms12_004_midi 2012-12-21 21:01:39 +01:00
jvazquez-r7 ff4b959c04 Merge branch 'ms12_004_leaky_icky' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ms12_004_leaky_icky 2012-12-21 21:01:05 +01:00
sinn3r e9c00488fa Return value does not need to be checked, says zeknox 2012-12-21 13:00:08 -06:00
sinn3r 115ad9ae33 Small corrections 2012-12-21 12:56:44 -06:00
sinn3r 6ac5f2b6a2 Merge branch 'twiki_maketext' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-twiki_maketext 2012-12-21 11:15:49 -06:00
sinn3r 2c4d517e75 Merge branch 'useragent_cleanup' of git://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-useragent_cleanup 2012-12-21 11:14:06 -06:00
sinn3r e9f5f79ee9 Merge branch 'sap_instanceproperties_fix' of git://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-sap_instanceproperties_fix 2012-12-21 11:13:00 -06:00
sinn3r 3c398d0e62 Final cleanup 2012-12-21 10:46:36 -06:00
sinn3r 4c58991c89 Cleanup ROP a little 2012-12-21 10:35:28 -06:00
sinn3r e95f0267c6 Update for some leaky icky 2012-12-21 10:03:38 -06:00
Tod Beardsley 2bb7b5ea11 Fixes error message for badchar
Note that only a custom module that allows for users to pass arguments
to nmap would be capable of hitting the error condition. Right now, only
auxiliary/scanner/oracle/oracle_login traverses the codepath, and that
doesn't allow for arbitrary args passed to nmap.

So... without contriving an example, it should be impossible to
experience or test.

[FixRM #7641]
2012-12-21 09:59:54 -06:00
Tod Beardsley a7ea53ddf0 Update CONTRIBUTING.md
Add in a very short plea about repro steps.
2012-12-21 09:48:13 -06:00
Chris John Riley 413b75cd8b Fixed crash issues with unescape
Added better formatting to avoid pages of output
2012-12-21 12:07:14 +01:00
jvazquez-r7 76cad3dd4c Added module for CVE-2012-6329 2012-12-21 11:30:04 +01:00
Chris John Riley e237512bd7 Cleaned up the SAP modules as they are all sending double user-agent strings (also added OptEnum where appropriate) 2012-12-21 10:47:45 +01:00
HD Moore b3c0c6175d FixRM #3398 by removing double user-agent headers 2012-12-20 14:45:18 -06:00