HD Moore
11b875d84d
Checkin new code
2012-06-24 14:03:53 -05:00
HD Moore
2d0d5287d2
Commit EncodePointer stubs as a reference (temporary)
2012-06-24 14:03:52 -05:00
HD Moore
75f1484d63
Respin of binaries to remove debug output
2012-06-24 13:40:27 -05:00
HD Moore
6e61878393
Respin of meterpreter bins (add Win 8 to sysinfo, fix a few bugs)
2012-06-24 13:27:10 -05:00
David Maloney
aa09cd7f82
More collaboration stuff on gpp module
2012-06-24 13:08:19 -05:00
h0ng10
65197e79e2
added Exploit for CVE-2008-6508 (Openfire Auth bypass)
2012-06-24 07:35:38 -04:00
sinn3r
54309c3c3d
Merge branch 'armitage' of https://github.com/rsmudge/metasploit-framework into rsmudge-armitage
2012-06-24 02:25:38 -05:00
sinn3r
e805675c1f
Add Apple iTunes 10 Extended M3U Stack Buffer Overflow
...
New exploit against Apple iTunes. Note that this appears to be
different than liquidworm's CVE-2012-0677, because this one is
a stack-based buffer overflow, while CVE-2012-0677 is heap-based,
and a different crash/backtrace. However, according to Rh0, this
bug is patched anyway in the same update... possibly a silent
patch.
As of now, there seems to be no CVE or OSVDB addressing this
particular bug.
2012-06-24 02:01:34 -05:00
David Maloney
eefea8d9d3
Add newname attr in gpp module
2012-06-23 17:51:58 -05:00
David Maloney
7bcb9d1a45
Reintegrated extra options into gpp module
...
reintegrated meatballs control options into the gpp module
2012-06-23 17:38:07 -05:00
David Maloney
b320679d1f
Exception message fix for gpp
2012-06-23 12:56:12 -05:00
David Maloney
5497d091fc
fix gpp attribution and description
2012-06-23 12:45:56 -05:00
David Maloney
534008b010
Major rework of the gpp module
...
Took the combination work Meatballs did
on pulling togetehr the three seperate gpp modules.
Cleaned it up and cut it down to a smaller, smoother form.
2012-06-23 12:42:33 -05:00
Raphael Mudge
322e0766a1
Armitage 06.23.12
2012-06-23 13:03:55 -04:00
James Lee
3e974415d9
Give some verbose feedback if connection failed
2012-06-23 00:58:27 -06:00
jvazquez-r7
b891e868f5
Added actionscript and swf needed
2012-06-23 08:36:35 +02:00
sinn3r
d7d314862f
Need the trigger to actually make it work, duh!
2012-06-22 23:16:12 -05:00
Tod Beardsley
d708f2526c
Adding ref for APSB12-09 to new Flash sploit
2012-06-22 17:30:52 -05:00
jvazquez-r7
72ef8c91f0
module for CVE-2012-0779 added
2012-06-23 00:21:18 +02:00
Tod Beardsley
dfe0e10dc6
Adding kernelsmith's -a datastore opt
...
Works well enough on its own. Note that you cannot mix -g and -a since
set doesn't actually parse out dash options in a OptParse sort of way.
That said, setg -a seems to work well. This mixing options business
will need to be addressed soon, but that day is not today.
[Closes #514 ]
2012-06-22 16:01:38 -05:00
m-1-k-3
315a1707e7
also new version v2.07.16 is vulnerable
2012-06-22 13:18:45 +02:00
kernelsmith
1bcf241ec0
adds the -a (append) option to the console 'set' command
...
if RHOST is currently 192.168.20.1
set -a RHOST 5
appends 5 to RHOST making it 192.168.20.15
2012-06-22 01:23:54 -05:00
HD Moore
a648c24b4e
Move builds to VC10
2012-06-21 23:51:46 -05:00
HD Moore
c5e9e5d374
Add Windows 8 / Server 2012 support to sysinfo
2012-06-21 23:50:29 -05:00
Tod Beardsley
572fb4cb0c
Permissions fix
2012-06-21 15:39:17 -05:00
Tod Beardsley
2729f33ff2
Merge Justin's TortoiseSVN module
...
This adds Justin's TortoiseSVN module with minor edits.
[Closes #508 ]
2012-06-21 11:56:08 -05:00
Tod Beardsley
504d3d477e
Resolve http_proxy_host before reporting, too.
2012-06-21 11:55:13 -05:00
Tod Beardsley
c795c2e438
Resolve hosts for tortoisesvn module reporting
...
report_host() does not expect a DNS name, but an IPv4 or IPv6 address.
In many cases, an SVN password is going to be associated with only a
hostname.
This may be a bug in report_host -- it's certainly inconveninent.
However, we don't usually wnat report_host to be making tons of DNS
lookups when importing hosts, so this forced step is likely intended.
Also, begin/rescue/end blocks that don't hint at what errors are
intended to be caught are rarely a good idea, so this at least informs
the user which exception was raised.
2012-06-21 11:47:37 -05:00
sinn3r
4004b544c0
The condition for "else" doesn't really do anything for us
2012-06-21 02:53:44 -05:00
sinn3r
9d52ecfbb6
Fix a few mistakes (typos & reference)
2012-06-21 02:32:04 -05:00
sinn3r
d957c021cb
Handle another possible condition
...
If the path actually doesn't exist on the victim, we may run into
a RequestError. Need to handle that... should be pretty common.
2012-06-21 01:38:51 -05:00
sinn3r
6a386b7a88
Rename the file for naming style consistency
2012-06-21 01:25:55 -05:00
sinn3r
367e75bb06
Multiple changes to file_collector.rb
...
This module received the following changes:
* Make msftidy happy
* Remove the GETDRIVES option, and make the SEARCH_FROM option
smarter.
* MSF license
* Other minor changes
2012-06-21 01:21:53 -05:00
sinn3r
327e86e08c
Merge branch 'file_collector' of https://github.com/3vi1john/metasploit-framework into 3vi1john-file_collector
2012-06-20 23:46:04 -05:00
Juan Vazquez
4a8e94463a
Merge pull request #512 from jvazquez-r7/ezserver_add_reference
...
ezserver_http: added bid reference
2012-06-20 13:11:55 -07:00
jvazquez-r7
6be7ba98aa
ezserver_http: added bid reference
2012-06-20 22:08:58 +02:00
Tod Beardsley
302ab963d1
Adding ref for intersil module
2012-06-20 15:05:56 -05:00
Joe Vennix
328f927829
Updated MDM, specifically the error message on tag name validation.
2012-06-20 13:50:50 -05:00
HD Moore
f7ecc98923
Merge branch 'master' into feature/vuln-info
2012-06-20 13:34:53 -05:00
HD Moore
1468a904a7
More error cleanup
2012-06-20 13:34:31 -05:00
Joe Vennix
f7f9c23a23
Revert "MDM update."
...
This reverts commit 1b8d9446c9
.
2012-06-20 13:27:49 -05:00
Joe Vennix
1b8d9446c9
MDM update.
2012-06-20 13:12:47 -05:00
sinn3r
5a5166c90b
Merge branch 'gather-ssh-cleanup' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-gather-ssh-cleanup
2012-06-20 12:07:23 -05:00
James Lee
60eedc46dd
Remove nils before sorting
...
Fixes a stack trace when one of the directory tests returns nil
2012-06-20 10:44:36 -06:00
sinn3r
61cad28a8c
Merge branch 'gather-ssh-cleanup' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-gather-ssh-cleanup
2012-06-20 11:23:51 -05:00
sinn3r
beb8e33fc4
Fix a typo
2012-06-20 09:53:09 -05:00
sinn3r
efaf5cf193
Oops, I found a typo.
2012-06-19 22:57:45 -05:00
sinn3r
9a9dd53e86
Use get_resource() instead of the hard-coded path
2012-06-19 22:56:25 -05:00
sinn3r
79fc053a2e
Merge branch 'module-CVE-2011-2110' of https://github.com/mrmee/metasploit-framework into mrmee-module-CVE-2011-2110
2012-06-19 22:05:07 -05:00
Steven Seeley
fcf42d3e7b
added adobe flashplayer array indexing exploit (CVE-2011-2110)
2012-06-20 12:52:37 +10:00