jvazquez-r7
5c8053491f
Add DEP bypass for ntdll ms12-001
2013-06-12 10:41:05 -05:00
jvazquez-r7
a1c7961cbc
Suport js obfuscation for the trigger
2013-06-12 08:06:12 -05:00
jvazquez-r7
5240c6e164
Add module for MS13-037 CVE-2013-2551
2013-06-12 07:37:57 -05:00
Brandon Turner
132769d415
Merge branch 'release'
2013-06-11 18:52:11 -05:00
Brandon Turner
72b3ea2be0
Merge pull request #1943 from shuckins-r7:bug/nx-asset-group-push
2013-06-11 18:41:49 -05:00
Samuel Huckins
d5be41617e
Uses raw-xml-v2 Nexpose export for Nexpose import as this adds device-id
...
back to XML schema and will result in hosts that can be pushed back to
Nexpose.
[Bug #51521175 ]
2013-06-11 18:37:02 -05:00
James Lee
7601152640
Land #1942
2013-06-11 16:29:19 -05:00
Tod Beardsley
6a5d1d06b2
Make the conditional correct for print_prefix
...
Fixes a bug introduced on #1936 .
2013-06-11 16:16:17 -05:00
sinn3r
5dfb3de4f3
Land #1940 - Update firefox svg exploit description to be more accurate
2013-06-11 12:16:23 -05:00
Joe Vennix
45da645717
Update ff svg exploit description to be more accurate.
2013-06-11 12:12:18 -05:00
sinn3r
2874aead2e
Land #1938 - Change sevone_enum because it's an Scanner
2013-06-11 11:42:18 -05:00
jvazquez-r7
430511cbff
Land #1937 , @wchen-r7's fix for heap spray js code
2013-06-11 09:17:40 -05:00
jvazquez-r7
0578572d98
Change sevone_enum because it's an Scanner
2013-06-11 08:51:15 -05:00
sinn3r
081baad68c
Remove variable 'overflow' because it's not used
...
The 'overflow' variable isn't needed
2013-06-11 02:26:45 -05:00
William Vu
fe32a747a3
Land #1936 , prefer PacketFu and pcaprub gems
2013-06-10 17:28:43 -05:00
Tod Beardsley
d7e3c5cdb3
Rspec: Ensure PacketFu is actually still available
...
PacketFu should be required from the gem, not from the shipped msf
library. Several modules depend on it being available, so this rspec
test mostly just ensures that Msf::Exploit::Capture mixin is still
around.
2013-06-10 16:02:50 -05:00
Tod Beardsley
9a08090b0f
Inch toward making modules more testable
2013-06-10 16:02:19 -05:00
Tod Beardsley
d4e9431633
Add Gemfile entry for PacketFu
2013-06-10 14:18:05 -05:00
Tod Beardsley
7dafcc76df
Remove packetfu and pcaprub libaries
...
These should be handled by bundler's Gemfile.
2013-06-10 14:12:18 -05:00
sinn3r
5b61f99ee6
Land #1933 - Update smart_hashdump Regular Expressions for Win 8 & 2012
2013-06-10 13:28:04 -05:00
jvazquez-r7
0c6dbe9885
Add final cleanup for sevone_enum
2013-06-10 13:16:22 -05:00
jvazquez-r7
6765a911a4
Land #1921 , @juushya brute force login module for SevOne
2013-06-10 13:15:14 -05:00
sinn3r
622dc27d95
Land #1925 - fix SNMP enum module failing to catch some fail cases
...
[FixRM:#7945]
2013-06-10 12:51:02 -05:00
Tod Beardsley
31faf65271
Land #1929 , spool ui fix from @jsherwood0
2013-06-10 12:30:50 -05:00
Tod Beardsley
fee804a074
Land #1926 , Auxiliary::Web changes
...
Since none of these changes appear to be reachable from Metasploit
Framework, this seems like a nop for me.
2013-06-10 11:59:19 -05:00
KarnGaneshen
5c988d99fe
more updates to sevone.rb. hopefully all is covered..
2013-06-10 21:59:18 +05:30
sinn3r
0895184e1f
Land #1932 - Actually support OUTPUTPATH datastore option
2013-06-10 11:22:28 -05:00
KarnGaneshen
04171c46ec
more updates to sevone.rb. hopefully all is covered.
2013-06-10 21:47:56 +05:30
William Vu
7ae6383803
Land #1935 , @todb-r7's description cleanup
2013-06-10 11:14:04 -05:00
Tod Beardsley
f58e279066
Cleanup on module names, descriptions.
2013-06-10 10:52:22 -05:00
jvazquez-r7
3fbbe3e7b3
Make msftidy happy
2013-06-10 08:16:15 -05:00
jvazquez-r7
3c05cf4382
Land #1842 , @viris DoS module for cve-2013-0229
2013-06-10 08:15:45 -05:00
Dejan Lukan
154894bda6
Added comments and merged jvazquez-r7-miniupnp_dos_clean branch.
2013-06-10 10:18:26 +02:00
Carlos Perez
a9df55c27a
Add Windows 2012 to regex matching
2013-06-09 20:46:44 -04:00
Carlos Perez
8e83f0ee30
Add Windows 8 and 2012 to regex matching
2013-06-09 20:41:46 -04:00
John Sherwood
7ac5b6de53
Fix prompt and color issue with cmd_spool
...
Changing spool setting caused problems with prompt and color. This
fix makes the following changes:
- Saves the color setting and re-applies it to the new output console
- Sets the prompt in the same way that cmd_use does
2013-06-09 13:35:35 -04:00
Ruslaideemin
cb79aa252a
Fix output path in ms10_004_textbytesatom.rb
...
ms10_004_textbytesatom.rb does not write to the local data directory,
instead it writes to the metasploit path (at least, that's where I
started msfrpcd).
This fixes it by using Msf::Config.local_directory
2013-06-09 07:28:48 +10:00
sinn3r
c8c331c290
Land #1928 - Devecot with Exim sender_address param command exec
2013-06-07 22:39:32 -05:00
sinn3r
f55edac0ca
Title and description update
2013-06-07 22:38:53 -05:00
sinn3r
a510084f1c
Description change.
2013-06-07 22:35:46 -05:00
jvazquez-r7
600494817d
Fix typo and target name
2013-06-07 21:08:38 -05:00
jvazquez-r7
9025b52951
make the payload build more clear
2013-06-07 18:05:11 -05:00
jvazquez-r7
d76e14fc9c
Add module for OSVDB 93004 - Exim Dovect exec
2013-06-07 17:59:04 -05:00
Karn Ganeshen
74bddcf339
Update sevone_enum.rb
...
New updates as per review comments
2013-06-08 02:28:09 +05:30
sinn3r
19a6f310cd
Land #1927 - Add common passwords from xato.net
2013-06-07 15:24:09 -05:00
Tod Beardsley
dc680e7106
Underscores because the rest are.
2013-06-07 15:16:39 -05:00
sinn3r
aefcc51704
Land #1924 - Java pwn2own 2013: java_jre17_driver_manager (CVE-2013-1488)
2013-06-07 15:12:09 -05:00
Tod Beardsley
0265dd8860
Add common passwords from xato.net
...
Mark Burnett publishes lists of top passwords occasionally. This PR adds
the top 500 and top 1024 passwords, as of 2011-06-20, linked from this
blog post:
http://xato.net/passwords/more-top-worst-passwords/
He also does a fair bit of frequency analysis there.
The 1024 list, should probably used instead of the original
unix_password.txt file. unix_password.txt was added on 2010 from an
unknown source (and since edited occasionally to add known good default
passwords). Pulling those changes into this list probably would be
helpful to guess better.
As far as I can tell, there are no special licensing terms for these
lists.
2013-06-07 15:10:14 -05:00
Karn Ganeshen
1ca8fd2cf1
Update sevone_enum.rb
...
Updated as per initial review comments.
2013-06-08 01:14:43 +05:30
David Maloney
6aa7c74fdd
make anemone also rspect domain
2013-06-07 14:24:14 -05:00