c2586d0907
Instead of raising, offer advice on BPF filtering
...
Many people don't know how to disable ICMP echo responses off the top of
their head. However, the problem is solvable with a decent BPF filter.
2012-12-27 15:18:18 -06:00
c6533621a0
Oops removing debug prints
2012-12-27 14:58:52 -06:00
c695f429d5
Mirror upstream PacketFu fix on ICMP size
2012-12-27 14:56:49 -06:00
121353b360
Fixing EOLs to unix
...
In vim:
:set fileformat=unix
:wq
ta-da
2012-12-27 13:54:50 -06:00
9fa6c9f4c4
Merge remote branch 'ChrisJohnRiley/icmp_exfil' into icmp_exfil
2012-12-27 13:52:19 -06:00
30c1286795
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
2012-12-27 10:45:19 -06:00
0f6b72dad5
Final touchup
2012-12-26 21:16:04 -06:00
919d6daa41
Even if there's password, we should prolly keep the username
2012-12-26 21:14:26 -06:00
4ce1df2214
Change module title for consistency
2012-12-26 21:13:02 -06:00
da49f67079
Only show the password when exists
2012-12-26 21:10:52 -06:00
d3d595da95
Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb
2012-12-26 21:08:03 -06:00
6e520e7a2a
converted split into a scan
2012-12-26 21:06:48 -06:00
eb424195ca
Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb
2012-12-26 20:42:24 -06:00
e3c1d5a5c0
fixed config.close bug
2012-12-26 20:40:11 -06:00
17b41adfec
Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb
2012-12-26 20:35:46 -06:00
b71729bf5f
fixed multi stored creds issue
2012-12-26 20:32:41 -06:00
6ecaabc9cc
Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb
2012-12-26 20:08:34 -06:00
d70d2c4a19
typo
2012-12-26 19:54:35 -06:00
bcc651a1b2
modified password parsing, and utf encoding
2012-12-26 19:49:25 -06:00
c75f48b404
Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb
2012-12-26 18:58:34 -06:00
073565c001
modified port and sname in db logging
2012-12-26 18:33:10 -06:00
b483e76065
Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb
2012-12-26 18:03:24 -06:00
7147e7a09b
added spark_im post exploit module
2012-12-26 17:28:23 -06:00
771460fa4c
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
2012-12-26 11:35:52 -06:00
d2dc7ebc2d
Merge branch 'feature/windows-postgres-payload-dll' of git://github.com/jlee-r7/metasploit-framework into jlee-r7-feature/windows-postgres-payload-dll
2012-12-26 11:18:21 -06:00
8223df375d
Avoid making the title sound too generic.
2012-12-26 11:15:37 -06:00
0b2ea3e55e
Fix weird tabs vs spaces prob
2012-12-26 11:14:48 -06:00
e895ccb6b1
added random string functions
2012-12-25 18:13:02 +01:00
fec989026f
Added module for CVE-2012-5691
2012-12-25 18:05:10 +01:00
2682908ff2
Small corrections here and there
2012-12-24 18:20:46 -06:00
6a3bf6a2a6
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
2012-12-24 17:57:02 -06:00
38f0886058
James has more modules that need to be updated.
...
e-mail update.
2012-12-24 17:51:58 -06:00
5b8492fc0d
module cleanup by juan
2012-12-24 23:26:40 +01:00
ac6f34dc09
module name renamed
2012-12-24 23:26:06 +01:00
bf036c97ad
added initial submission from james fitts
2012-12-24 23:25:25 +01:00
d4bdf1b6b4
Added user name enumeration based on author id enumeration
2012-12-24 16:09:03 -06:00
7173c9b598
update james email address
2012-12-24 22:46:47 +01:00
d69e506221
Final changes
2012-12-24 15:08:52 -06:00
3d27397429
This error will still show even if we get a shell
2012-12-24 15:06:15 -06:00
0950240d9a
module cleanup by juan
2012-12-24 18:59:45 +01:00
9020c96373
module renamed
2012-12-24 18:59:25 +01:00
09568f255e
Submission by James Fitts
2012-12-24 18:58:53 +01:00
076c8aa995
Merge branch 'nullbind-mssql_linkcrawler'
2012-12-24 11:14:28 -06:00
677b9718da
Finalizing module
2012-12-24 11:13:51 -06:00
0822e8eae2
Merge branch 'kost-mipsle-shell_reverse_tcp'
2012-12-24 10:52:19 -06:00
4c897c5181
added module for ZDI-12-154
2012-12-24 16:23:19 +01:00
d2e3e5defb
Merge branch 'jlee-r7-cleanup/post-windows-services'
2012-12-22 13:29:48 -06:00
ae4f434691
Handle RequestError
...
Some registry-retrieving functions will return nil when a
RequestError exception is raised, and that's the exception we
should be handling.
2012-12-22 13:10:44 -06:00
e423351de3
Merge branch 'darkoperator_checkvm_more_checks' of git://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator_checkvm_more_checks
2012-12-22 12:40:33 -06:00
e15cf9f288
Merge branch 'netwin_surgeftp_exec' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-netwin_surgeftp_exec
2012-12-22 15:50:07 +01:00
1ca85e2fff
fix indentation and EOL spaces
2012-12-22 10:42:43 -04:00
ddb9871577
refactor for use of registry mixin and will now create a note for the hypervisor
2012-12-22 10:27:54 -04:00
d97a63a94c
Make changes based on juan and egypt's feedback
2012-12-22 02:35:22 -06:00
20cc2fa38d
Make Windows postgres_payload more generic
...
* Adds Exploit::EXE to windows/postgres/postgres_payload. This gives us
the ability to use generate_payload_dll() which generates a generic dll
that spawns rundll32 and runs the shellcode in that process. This is
basically what the linux version accomplishes by compiling the .so on
the fly. On major advantage of this is that the resulting DLL will
work on pretty much any version of postgres
* Adds Exploit::FileDropper to windows version as well. This gives us
the ability to delete the dll via the resulting session, which works
because the template dll contains code to shove the shellcode into a
new rundll32 process and exit, thus leaving the file closed after
Postgres calls FreeLibrary.
* Adds pre-auth fingerprints for 9.1.5 and 9.1.6 on Ubuntu and 9.2.1 on
Windows
* Adds a check method to both Windows and Linux versions that simply
makes sure that the given credentials work against the target service.
* Replaces the version-specific lo_create method with a generic
technique that works on both 9.x and 8.x
* Fixes a bug when targeting 9.x; "language C" in the UDF creation query
gets downcased and subsequently causes postgres to error out before
opening the DLL
* Cleans up lots of rdoc in Exploit::Postgres
2012-12-22 00:30:09 -06:00
9b768a2c62
Merge branch 'cleanup/post-windows-services' of git://github.com/jlee-r7/metasploit-framework into jlee-r7-cleanup/post-windows-services
2012-12-21 23:42:17 -06:00
49248c79d6
Oops, didn't mean to keep these lines
2012-12-21 22:22:58 -06:00
924f5283ae
Improvements to checkvm
...
- Added additional checks for Hyper-V
- Added additional checks for VMware
- Removed $Id$ and $Revision$ (Confirmed with Todb on it)
2012-12-21 22:11:57 -04:00
9af8c9b457
Small corrections
2012-12-21 18:52:40 -06:00
ca72132fc0
Add a check
2012-12-21 16:23:31 -06:00
1323081bce
msftidy cleanup
2012-12-21 16:11:16 -06:00
529a3c9a63
Add Netwin SurgeFTP module
2012-12-21 16:10:27 -06:00
d5f08a2405
Added module for CVE-2012-6329 for foswiki
2012-12-21 22:08:08 +01:00
02782258eb
fix eol for ms12_004_midi
2012-12-21 21:01:39 +01:00
ff4b959c04
Merge branch 'ms12_004_leaky_icky' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ms12_004_leaky_icky
2012-12-21 21:01:05 +01:00
e9c00488fa
Return value does not need to be checked, says zeknox
2012-12-21 13:00:08 -06:00
115ad9ae33
Small corrections
2012-12-21 12:56:44 -06:00
6ac5f2b6a2
Merge branch 'twiki_maketext' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-twiki_maketext
2012-12-21 11:15:49 -06:00
2c4d517e75
Merge branch 'useragent_cleanup' of git://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-useragent_cleanup
2012-12-21 11:14:06 -06:00
3c398d0e62
Final cleanup
2012-12-21 10:46:36 -06:00
4c58991c89
Cleanup ROP a little
2012-12-21 10:35:28 -06:00
e95f0267c6
Update for some leaky icky
2012-12-21 10:03:38 -06:00
413b75cd8b
Fixed crash issues with unescape
...
Added better formatting to avoid pages of output
2012-12-21 12:07:14 +01:00
76cad3dd4c
Added module for CVE-2012-6329
2012-12-21 11:30:04 +01:00
e237512bd7
Cleaned up the SAP modules as they are all sending double user-agent strings (also added OptEnum where appropriate)
2012-12-21 10:47:45 +01:00
b3c0c6175d
FixRM #3398 by removing double user-agent headers
2012-12-20 14:45:18 -06:00
26f561795d
fix cmd windows ruby payloads
2012-12-20 00:50:02 +01:00
4595a96ece
updated CVE and OSVDB wikka_spam_exec references
2012-12-19 16:42:47 -05:00
37524c7965
Make sure return vals are handled correctly.
2012-12-19 09:45:01 -06:00
cfcd1ead54
Merge branch 'netlm_downgrade.rb' of git://github.com/zeknox/metasploit-framework into zeknox-netlm_downgrade.rb
2012-12-19 02:22:00 -06:00
2818e53cbf
Merge branch 'indusoft_issymbol_internationalseparator' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-indusoft_issymbol_internationalseparator
2012-12-18 18:16:31 -06:00
592de9b39e
Something tells me charles wanna try 5 times, not 6 times.
2012-12-18 18:10:15 -06:00
ba242e1809
Merge branch 'master' of git://github.com/charles-n2netsec/metasploit-framework into charles-n2netsec-master
2012-12-18 18:01:28 -06:00
f820ffb32d
update authors
2012-12-18 23:57:29 +01:00
8a07d2e53d
Added module for ZDI-12-168
2012-12-18 23:48:53 +01:00
7145078e63
Merge branch 'mipsle-shell_reverse_tcp' of git://github.com/kost/metasploit-framework into kost-mipsle-shell_reverse_tcp
2012-12-18 11:50:41 -06:00
cad8abef48
msftidy cleanup
2012-12-18 11:46:27 -06:00
860ebbcfb1
Merge branch 'master' into averagesecurityguy-master
2012-12-18 11:45:41 -06:00
0344c568fd
Merge branch 'smb_fixes' of git://github.com/alexmaloteaux/metasploit-framework into alexmaloteaux-smb_fixes
2012-12-18 11:38:14 -06:00
9825b07df8
Merge branch 'sap_soap_rfc_dbmcli_sxpg_command_exec' of git://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_dbmcli_sxpg_command_exec
2012-12-18 01:12:50 -06:00
fa42d0c7fe
Fixed minor spelling errors
2012-12-17 15:18:08 -07:00
88f02e0016
Merge branch 'jvazquez-r7-crystal_reports_printcontrol'
2012-12-17 13:52:11 -06:00
9198e0dc05
Merge branch 'crystal_reports_printcontrol' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-crystal_reports_printcontrol
2012-12-17 13:40:41 -06:00
37f7122006
NameError undefined local variable or method output - fixed
2012-12-17 19:34:36 +00:00
10511e8281
Merge remote branch 'origin/bug/fix-double-slashes'
...
Ran the new normalize_uri() specs, all passes, so I'm quite confident in
this change.
2012-12-17 13:29:19 -06:00
3ed36bd66a
trying to fix stability issues on w7
2012-12-17 19:17:36 +01:00
37ce92afb1
Merge branch 'crystal_reports_printcontrol' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-crystal_reports_printcontrol
2012-12-16 16:15:24 -06:00
bce7d48931
comment updated
2012-12-14 23:55:12 +01:00
0a0b26dc2c
after study the crash after the overflow...
2012-12-14 23:54:44 +01:00
53a2fda608
Merge branch 'mssql_linkcrawler' of git://github.com/nullbind/metasploit-framework into nullbind-mssql_linkcrawler
2012-12-14 15:23:25 -06:00
12472756aa
Merge branch 'master' into bug/safari-metadata-version
2012-12-14 12:52:18 -06:00
3e3f35419b
Added module for CVE-2010-2590
2012-12-14 12:50:29 +01:00
eb972eaf0a
Add a maxver for the safari_metadata_archive exploit.
...
* Apple Security Update 2006-001 (http://support.apple.com/kb/TA23971 )
* Update applied to 10.4.5, where safari 2.0.3 is default browser.
* Because update did not bump Safari version, not all 2.0.3 browsers will be affected.
2012-12-14 02:17:25 -06:00
d2885d9045
Correct US Cert references
2012-12-13 14:19:53 -06:00
67829756f8
fixed errors
2012-12-12 17:45:02 -06:00
e762ca0d9b
Merge remote branch 'jlee-r7/midnitesnake-postgres_payload'
2012-12-12 15:30:56 -06:00
d6e2c3970d
Merge branch 'dmaloney-r7-feature/winrm_compat_mode'
2012-12-12 14:39:49 -06:00
a69a4fbbce
Extra spaces, be gone.
2012-12-12 14:38:00 -06:00
3a481c8e42
Merge branch 'feature/winrm_compat_mode' of git://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-feature/winrm_compat_mode
2012-12-12 14:31:04 -06:00
5856874cea
Login check fixes for exploit
2012-12-12 14:18:41 -06:00
482846942a
Fix: download_exec appends an extra / to request
...
The download_exec module parses the provided URL and appends an
unnecessary, nay--damaging I say!!!! '/' to the parsed URI. This
renders the module unusable for those who want a payload to
download and execute a file.
Before and after access.log snippets are in the redmine ticket
http://dev.metasploit.com/redmine/issues/7592
2012-12-12 14:01:31 -06:00
b465d20d61
Merge branch 'feature/winrm_compat_mode' of git://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-feature/winrm_compat_mode
2012-12-12 11:59:23 -06:00
5e8b9a20a4
Fix boneheaded mistake
2012-12-12 09:18:03 -06:00
3e81fb2002
last cleanup for steam.rb
2012-12-12 11:48:46 +01:00
87f6b8bc89
Merge branch 'master' of https://github.com/nikolai-r/metasploit-framework into nikolai-r-master
2012-12-12 11:48:26 +01:00
f642aa67f9
CLeanup redundant code.
2012-12-12 00:00:27 -05:00
f7cf75063d
Cleanup and use Post::File api. Use store_loot for data collection
2012-12-11 23:41:50 -05:00
8f388eb226
fixing if typo
2012-12-11 23:28:21 +01:00
b5b5667539
Merge branch 'symantec_brightmail' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-symantec_brightmail
2012-12-11 23:27:56 +01:00
0ca1dbd14e
Account for the timeout condition
2012-12-11 16:24:42 -06:00
3f4efea879
No twitter name, please.
2012-12-11 14:52:39 -06:00
20ea56e4b9
fixed type @wchen-r7 found
...
hopefully didn't miss any others
2012-12-11 15:29:53 -05:00
717799cffd
fix typos
...
negotiate spelled wrong in a couple spots
and only 3 g's in loggging
2012-12-11 15:00:21 -05:00
343a785420
Add OSVDB references
2012-12-11 12:47:08 -06:00
ceb6f81165
Merge branch 'ektron_xslt_exec_nicob' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ektron_xslt_exec_nicob
2012-12-11 12:40:45 -06:00
461f057c95
Merge branch 'loggedin_users' of https://github.com/R3dy/metasploit-framework into R3dy-loggedin_users
2012-12-11 17:33:31 +01:00
2eb4de815d
added c# code by Nicolas Gregoire
2012-12-11 16:33:41 +01:00
44633c4f5b
deleted incorrect cve ref
2012-12-11 12:16:47 +01:00
fdb457d82b
Merge branch 'refs_update' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-refs_update
2012-12-11 12:16:06 +01:00
6512eb4783
Merge branch 'naming_corrections' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-naming_corrections
2012-12-11 11:55:51 +01:00
283d37f2e3
Correct naming style
...
In order to match naming style consistency
2012-12-11 01:12:29 -06:00
b315a4eee4
Grammar
2012-12-11 00:19:15 -06:00
e3a126aa75
Added module for ZDI-10-174
2012-12-11 01:37:44 +01:00
25d888bebb
Add CVE-2012-4347 Symantec Messaging Gateway Log File Download
2012-12-10 18:09:29 -06:00
31e2a164a9
MySQL file priv gets a ref from OSVDB
2012-12-10 12:15:44 -06:00
f5193b595c
Update references
2012-12-10 11:42:21 -06:00
e448431c8a
Add 32bit comapt mode for 64 bit targets on wirnm
...
When a 32 bit payload is selected for an x64 target using the powershell
2.0 method,
it will try to invoke the 32bit version of pwoershell to sue instead
allowing us to still get a session even with the wrong payload arch
2012-12-10 11:39:24 -06:00
7ea188e02d
Merge pull request #1147 from wchen-r7/cve_text_consistency
...
Change CVE text format
2012-12-09 14:48:08 -08:00
23d0ffa3ab
Dang it, grammar fail.
2012-12-09 01:39:24 -06:00
64a8b59ff9
Change CVE forma
...
Although the original text should work perfectly, for better
consistency, it's best to remove the "CVE" part. This may not
be a big deal in framework, but stands out a lot in Pro.
2012-12-09 01:09:21 -06:00
462766a654
Added Steam client session collector post module
2012-12-08 19:11:57 -05:00
811bc49bfd
Merge branch 'bug/rm7593-flash-otf' of git://github.com/jlee-r7/metasploit-framework into jlee-r7-bug/rm7593-flash-otf
2012-12-08 17:16:14 -06:00
d921c6f6e9
bid reference added
2012-12-08 15:09:32 +01:00
080e45045b
Merge branch 'nagios_graph_explorer' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-nagios_graph_explorer
2012-12-08 15:08:57 +01:00
60feba164d
Add OSVDB
2012-12-07 23:18:02 -06:00
15661b82bc
Add Nagios Network Monitor Graph Explorer module
2012-12-07 23:16:25 -06:00
e989142d9d
Merge branch 'freefloat' of git://github.com/wchen-r7/metasploit-framework into wchen-r7-freefloat
2012-12-07 14:48:01 -06:00
78b4233b56
Final changes
2012-12-07 14:44:41 -06:00
bae5442ca6
working...
2012-12-07 21:38:17 +01:00
901ef5060c
Merge branch 'maxthon' of git://github.com/wchen-r7/metasploit-framework into wchen-r7-maxthon
2012-12-07 13:52:23 -06:00
3f1cfcc184
More changes
2012-12-07 13:47:07 -06:00
1aaecbcf0c
cleanup and user agent check
2012-12-07 20:38:08 +01:00
a1336c7b5a
Some more changes
2012-12-07 13:32:44 -06:00
403ac1dc37
I would do anything for a cake.
2012-12-07 13:15:27 -06:00
9838a2c75f
This never works for us. Gonna ditch it.
2012-12-07 13:02:26 -06:00
69177105ab
Handle a null reply properly, small bug fix
2012-12-07 10:54:08 -08:00
b0be8dc4df
history exploit cleanup
2012-12-07 19:23:00 +01:00
38f2348c33
First changes
2012-12-07 11:27:09 -06:00
a872362a65
Merge branch 'maxthon3' of git://github.com/malerisch/metasploit-framework into maxthon
2012-12-07 11:17:15 -06:00
2260e4b471
Switch to manual payload selection, because we don't auto-detect
2012-12-07 11:07:11 -06:00
8812285678
Move print of my_target.name to after nil check
...
Avoids
"Exception handling request: undefined method `name' for nil:NilClass"
when we don't have a target for the connecting browser.
[FixRM #7593 ]
2012-12-07 11:00:24 -06:00
c08ee695a9
Merge branch 'splunk_upload_app_exec_cleanup' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-splunk_upload_app_exec_cleanup
2012-12-07 10:46:28 -06:00
fafdcbaae1
Vuln discovered by Rich.
...
See: https://twitter.com/webstersprodigy/status/277087755073380353
2012-12-07 10:42:45 -06:00
e5cc950fe1
fix identation
2012-12-07 11:57:11 +01:00
133ad04452
Cleanup of #1062
2012-12-07 11:55:48 +01:00
cddda9eab7
Merge branch 'master' into nullbind-mssql_linkcrawler
2012-12-06 23:51:06 -06:00
f56ef52ffc
Fixed path error when BASE_PATH is nil.
2012-12-06 23:55:34 -05:00
761e735a55
Store wc.db file in loot. Add BASE_PATH option.
2012-12-06 23:38:03 -05:00
88c97cd2b5
Merge branch 'mssql_linkcrawler' of git://github.com/nullbind/metasploit-framework into nullbind-mssql_linkcrawler
2012-12-06 18:08:13 -06:00
97c9dd0caf
Extra file got added by mistake, removed it
2012-12-06 16:31:28 -06:00
600121c36a
Fixed issue involing static path to Windows directory
2012-12-06 16:28:59 -06:00
8a149b3ea3
Removed Version.
2012-12-06 17:24:16 -05:00
4ce51fe889
Made changes requested by sinn3r.
2012-12-06 17:18:50 -05:00
4837ea38f5
Merge https://github.com/rapid7/metasploit-framework
2012-12-06 16:15:55 -06:00
c66777d028
Merge branch 'command' of git://github.com/R3dy/metasploit-framework into R3dy-command
2012-12-06 16:08:04 -06:00
205276c38f
Update modules/auxiliary/admin/smb/psexec_command.rb
...
Fixed static path to Windows directory. This causes problems with directory is 'WINNT' for example.
2012-12-06 16:03:44 -06:00
d938959e97
Module to find SVN wc.db files.
2012-12-06 16:30:23 -05:00
bf47eaaa41
Remove code that's commented out. Clearly not needed anymore.
2012-12-06 12:57:41 -06:00
0ea5c781c1
Tabs and spaces don't mix
2012-12-06 12:53:22 -06:00
37f9cff25a
Merge branch 'ibm_director_cim_dllinject' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ibm_director_cim_dllinject
2012-12-06 12:36:48 -06:00
fd20998f40
using the primer callback as pointed by egypt
2012-12-06 18:59:46 +01:00
817a7749c1
Merge branch 'ibm_director_cim_dllinject' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ibm_director_cim_dllinject
2012-12-06 11:35:09 -06:00
8e21d9e235
fix source_address param
2012-12-06 18:34:22 +01:00
1fb05c0baf
Merge branch 'ibm_director_cim_dllinject' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ibm_director_cim_dllinject
2012-12-06 11:34:19 -06:00
433532ddf4
fix OptAddress
2012-12-06 11:21:42 -06:00
215017e17c
Merge remote branch 'wchen-r7/better_tectia_ssh'
2012-12-06 11:01:36 -06:00
06927345e5
If message becomes nil, we should force a to_s for the regex
...
next_message can be nil sometimes if packet is nil (see net/ssh's
poll_message source)
2012-12-06 10:44:16 -06:00
fc8b08f10f
trailing comma
2012-12-06 17:32:58 +01:00
532afc2919
Added module for CVE-2009-0880
2012-12-06 16:43:07 +01:00
6d3d4c1d84
Added support for FileDropper
2012-12-06 12:03:17 +01:00
18f4df0a38
Fix weird indent prob
2012-12-06 03:58:16 -06:00
a90ed82413
Correct CVE format
2012-12-06 03:57:46 -06:00
2b96c4e2a5
Add Kingcope's MySQL 'Stuxnet' technique exploit
...
Because why not. One more trick to a pentest + coverage = better.
2012-12-06 03:56:23 -06:00
530332b176
Apply evil-e's fix when port isn't 22
...
See #1130
2012-12-05 21:42:53 -06:00
32c5f12912
Hmm, I should change the target name
2012-12-05 21:38:31 -06:00
d3c1fa842a
Lots of improvements
...
Keyboard-interactive method isn't required to exploit Tectia SSH.
So this update will just go straight to password method. There's
also improvements for the check() method: Not only does it check
the SSH version (banner), it will also check and see if the server
is using password method to auth.
2012-12-05 21:34:33 -06:00
5e28563e4e
Advisories URLs changed
2012-12-05 14:33:25 -08:00
49999a56ea
Added CVE & vendor advisory information
2012-12-05 10:13:44 -06:00
dd1d60293c
Merge branch 'indesign_server' of https://github.com/h0ng10/metasploit-framework into h0ng10-indesign_server
2012-12-05 15:27:25 +01:00
232eb7bf2d
Final cleanup plus name change
2012-12-05 00:32:42 +01:00
9cff72af72
Merge branch 'loggedin_users' of https://github.com/R3dy/metasploit-framework into R3dy-loggedin_users
2012-12-05 00:31:24 +01:00
Tod Beardsley
sinn3r
Brandon McCann
jvazquez-r7
Zach Grace
Carlos Perez
James Lee
Chris John Riley
HD Moore
sput-nick
Garret Picchioni
nmonkee
joe
nullbind
David Maloney
Raphael Mudge
Nikolai Rusakov
Rob Fuller
Tod Beardsley
Stephen Haywood
Royce Davis
Royce Davis
malerisch