infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,208 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

12208 Commits (5dc03c6ac0b778f1b8dffaeaf4454e19b992b68a)

Author SHA1 Message Date
James Lee 5dc03c6ac0 Fix up Linux after changes for Windows 2012-03-11 22:08:44 -06:00
James Lee 602408743c Grab IPv6 addresses on Windows when possible 
Tries to GetProcAddress of GetAdaptersAddresses and falls back to the
old GetIpAddrTable() function when it isn't available. This should work
on XPSP1 and newer, albeit without netmasks on versions before Vista.
Still trying to figure that one out.
 2012-03-11 21:56:11 -06:00
James Lee 806a3c01b7 Wrap Windows-specifc headers in ifdef 2012-03-06 15:34:09 -07:00
James Lee d99df825b3 Handle multiple addrs on one iface on the ruby side 2012-03-06 14:36:34 -07:00
James Lee 085b3b5640 Adds IPv6 addrs to win32 get_interfaces response 2012-03-05 21:57:39 -07:00
James Lee 78d84d9472 A few more author typos 2012-03-05 13:50:03 -07:00
James Lee 22eb1e2dce Module author typo 2012-03-05 13:50:03 -07:00
James Lee e14a574c36 Fix a couple of typos that throw off module authors 2012-03-05 13:50:03 -07:00
Tod Beardsley e014e9a5c3 Fix up notes search implementation 
Uses delete_if and a negative assertion, rather than the (much nicer but
unavailable) keep_if method.
 2012-03-05 13:50:02 -07:00
Tod Beardsley b847d48927 Tidies up sempervictus's search patch 
Affects the console's db commands of hosts, services, vulns, creds, notes,
loot

Skips searching entirely unless a search term is provided, and
explicitly casts the term as a Regexp object from the outset.

Avoids using Object#to_sym in preference of Object#intern (safer in
nearly all cases)

Temporarily disables functionality on notes since Array#keep_if isn't
available prior to Ruby 1.9.2
 2012-03-05 13:50:02 -07:00
RageLtMan 3270976d7b Search functionality for db dispatcher commands 2012-03-05 13:50:02 -07:00
sinn3r aab493259f Port should not contain a non-numeric value or even empty when assigned to :port 2012-03-05 13:50:02 -07:00
Gregory Man ba34fbac46 afp_server_info fixes and improvements 
1.9 compatibility, timeouts, reporting
 2012-03-05 13:50:02 -07:00
Gregory Man 4f05f4e03f Added auxiliary/scanner/afp/afp_server_info module 2012-03-05 13:50:02 -07:00
James Lee cd990917be Don't distinguish between 4 and 6. 
The client can figure it out from the length.
 2012-03-05 09:10:47 -07:00
James Lee c81dce2013 Append to the list instead of assigning to it 
All addresses are being sent to the client now.  Just need a way to
parse them out correctly on the other side and meterpreter will be able
to list all addresses on all interfaces on Linux.  Next step is to
allocate the proper number of TLVs to avoid good ol' stack smashes on
systems with lots of addresses and then make sure we clean all the
memory leaks.

[See #6476]
 2012-03-05 09:10:47 -07:00
James Lee cb998b91e5 Lay the groundwork for returning all addresses 
This commit only sends the last interface in the list, but it is looping
through all of them as evidenced by the log, just need to make sure
we're not overwriting as we go.

[See #6476]
 2012-03-05 09:10:46 -07:00
HD Moore cea4529f5e Add an example of preconfigured proxy stager 2012-03-05 00:59:47 -06:00
HD Moore de9b35d7b0 Fixes #6485 by allowing validation to write back normalized values to 
global. This isn't perfect, but we have no better solution unless we
clone the module datastore and unset the default imported_by for the
module run (actively testing that too in a branch)
 2012-02-29 01:49:26 -06:00
HD Moore 7b40d8d819 Allow updates to fallthrough to the global store just like reads 2012-02-29 01:40:54 -06:00
HD Moore 4c39cfd98a Small tweak to the format of the type 2012-02-28 23:52:48 -06:00
sinn3r 4b1e67f94f Add ROP target for Win2k3 SP1 and SP2 2012-03-04 17:18:34 -06:00
sinn3r 29cf8683ee Merge pull request #218 from swtornio/master 
add osvdb ref
 2012-03-03 16:27:34 -08:00
Steve Tornio 8f93a5abbb add osvdb ref 2012-03-03 12:28:30 -06:00
sinn3r fa916d863d Add Sysax SSH buffer overflow exploit 2012-03-03 10:11:51 -06:00
James Lee 9f05562a18 Don't distinguish between IPv4 and IPv6 routes 
It's easier to deal with one Array of all routes regardless of INET
family than having get_routes() return a two-element Array of Arrays.
Also fixes a bug in each_route() which was expecting get_routes() to
return a single Array of all routes. Thanks to valsmith for reporting.
 2012-03-02 18:26:57 -07:00
James Lee c44c0ebf48 Refactor ModuleTest and add a few more tests 
This makes running tests from a post module as easy as creating methods
that start with +test_+ and running +it()+ blocks inside them.
 2012-03-02 17:56:40 -07:00
Tod Beardsley 6c0f8636ec Merge pull request #217 from rapid7/reverse-http-randomness 
Reverse http randomness
 2012-03-02 16:36:26 -08:00
HD Moore 165257db75 Remove unused "plus" code 2012-03-02 17:46:59 -06:00
HD Moore b70b41091b Tested fairly well - this randomizes the URLs and removes the user-agent string from the request 2012-03-02 17:44:23 -06:00
HD Moore ce94ffd755 First round of changes to http(s) payloads 2012-03-02 17:13:51 -06:00
sinn3r 9258cda144 Change :info and file name so it's easier to identify it's a Firefox profile 2012-03-02 16:45:42 -06:00
James Lee a02ab0ab0c Add a few more tests for meterpreter 2012-03-02 15:31:01 -07:00
Tod Beardsley 96e03d2556 Merge pull request #44 from linuxgeek247/armle-bind-shell 
Adding armle bind shellcode based on existing reverse shellcode
 2012-03-02 14:25:43 -08:00
James Lee 9e2a1b6d52 Allow channel -k as a synonym for -c 
Makes it consistent with "jobs", "sessions", and "threads" commands in
msfconsole.  Because I keep using the wrong thing and being confused
about why it doesn't work.
 2012-03-02 15:11:00 -07:00
James Lee 884550ce7c Fix undefined constant bug in session.fs.seek 
How did this ever work?  Clearly nothing exercises this code.
 2012-03-02 14:43:00 -07:00
Tod Beardsley cf18bcc99e Merge pull request #215 from rapid7/msfgui-bail-without-msgpack 
Try to load msgpack first, if it's not there, bail
 2012-03-02 12:56:50 -08:00
James Lee 368cb13728 And the updated bin 2012-03-02 13:19:00 -07:00
James Lee 2d0d7b4470 777 is not the same as 0777 
Fixes a bug where meterpreter created directories with absurd
permissions on posix (777 = 01411 = dr----x--t).
 2012-03-02 13:16:52 -07:00
Tod Beardsley 4dce560e72 Try to load msgpack first, if it's not there, bail 
And tell the user how to fix. This has come up a couple times.
 2012-03-02 12:20:29 -06:00
James Lee 65c0cbdc00 Allow tab completion for resource files in current dir 2012-03-02 11:19:46 -07:00
Tod Beardsley faad9db393 Merge branch 'wmap_update' 
Fixed up a few merge conflicts, tested against metasploitable, looks
functional. Thanks Efraim!

[Closes #154]
 2012-03-02 10:25:31 -06:00
Tod Beardsley 7447052b38 Convert WMAP constant name to the new format. 2012-03-02 10:18:32 -06:00
Tod Beardsley 302853f5a4 Unpolluting SVN Revision keyword 
Sometimes Revision keywords get expanded, too. Fix those.
 2012-03-02 10:18:32 -06:00
Tod Beardsley 3626d48db2 Un-polluting SVN Id keyword 
Sometimes the SVN Id keyword sneaks back into the github repo already
expanded.
 2012-03-02 10:18:32 -06:00
Efrain Torres 36a3341acd Fix body cero. 2012-03-02 10:18:32 -06:00
Efrain Torres 6fba0698e5 Adding another detection method for blind sqli 2012-03-02 10:18:32 -06:00
Efrain Torres 02f6e3fcb2 Improving report on blind sqli module 2012-03-02 10:18:32 -06:00
Efrain Torres 126a6133cd Improving blind sql inj. detection 2012-03-02 10:18:32 -06:00
Efrain Torres b608aeeeb7 Migrating modules to use report_web_vulns and minor fixes 2012-03-02 10:18:32 -06:00