infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
40,338 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

40338 Commits (609c8da772c775c8b903785d652e2cb00ac6d2b3)

Author SHA1 Message Date
Dylan Davis 69a4a327b8 Add begin-rescue blocks that prevent individual hosts from bailing out a threaded multi-host execution 2016-11-11 10:15:36 -07:00
David Maloney 415439eda8
the template ref in this module was missed 
when we cleaned up all the other powershell template refs
we missed the one in this module which seems to e replicating
large ammounts of library code

7533
 2016-11-11 10:01:22 -06:00
dana-at-cp c0e839dfd9
Fixes keytool bug in APK inject code 2016-11-11 06:12:47 -08:00
wchen-r7 8cd9a9b670 Deprecate wp_ninja_forms_unauthenticated_file_upload 
wp_ninja_forms_unauthenticated_file_upload actually supports
multiple platforms.

Instead of using:
exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload

Please use:
exploit/multi/http/wp_ninja_forms_unauthenticated_file_upload
 2016-11-10 11:17:09 -06:00
Brent Cook 77bacacb9c
Land rapid7/rex-exploitation#2, Fix heap_spray method's return value type 
This fixes #7520
 2016-11-09 20:39:01 -06:00
scriptjunkie 268a72f210
Land #7193 Office DLL hijack module 2016-11-08 23:15:27 -06:00
Brendan 4ea48a87cb
Land #7546, Update Gemfile Gem Version 2016-11-08 18:15:57 -06:00
Brent Cook 5d5a4baaf7 back out rex-arch to avoid conflict with arch fixup PR 2016-11-08 17:42:42 -06:00
Brent Cook 129fa20bc1 update database schema 2016-11-08 17:40:32 -06:00
Brent Cook aeeefc46da update gems 2016-11-08 17:31:33 -06:00
Pedro Ribeiro 50f578ba79 Add full disclosure link 2016-11-08 22:15:19 +00:00
Yorick Koster 3c1f642c7b Moved PPSX to data/exploits folder 2016-11-08 16:04:46 +01:00
Pedro Ribeiro 95bd950133 Point to proper link on github 2016-11-07 17:59:29 +00:00
Pedro Ribeiro f268c28415 Create dlink_hnap_login_bof.rb 2016-11-07 17:45:37 +00:00
Pedro Ribeiro cc24bb3993 Merge pull request #35 from rapid7/master 
aa
 2016-11-07 17:44:47 +00:00
Chris Higgins 099a5984f9 Updated with style suggestions from msftidy and rubocop. 
Also updated with commented from other contributors.
 2016-11-07 10:18:52 -06:00
William Vu 4eb42a9171
Fix broken ternary in phoenix_command 2016-11-07 00:12:04 -06:00
Chris Higgins 689fc28d1b Added WinaXe 7.7 FTP client Server Ready buffer overflow 2016-11-06 23:35:16 -06:00
William Vu 6ba5e9ca8e
Land #7537, action port fix for phoenix_command 2016-11-06 15:56:43 -06:00
Tijl Deneut 92964c1f95 Update phoenix_command.rb 2016-11-06 21:22:54 +01:00
Tijl Deneut 2c2729f0b2 Update phoenix_command.rb 
Coded was messed up by MS Edge, don't use it :)
 2016-11-06 21:21:20 +01:00
Tijl Deneut 1b4409f950 Update phoenix_command.rb 
Style fix: replace "ractionport == nil ?" with "ractionport.nil?"

Is it OK? Did not find time to install and run rubocop ...
 2016-11-06 21:15:31 +01:00
Tijl Deneut 4ea9214466 Fixed a small bug 2016-11-06 16:20:55 +01:00
朱雄宇 e9d85750c2 fix get_ipv4_addr(@interface) usage 
get_ipv4_addr(@interface) returns a string not list, so get_ipv4_addr(@interface)[0] only got the first character of IP, which raises an error.
 2016-11-06 19:04:57 +08:00
OJ d751c43f52
FINALLY fix the last of the tests 
Sorry for the stupidity.
 2016-11-05 06:20:43 +10:00
OJ 3bc6808278
Really fix the session test this time 2016-11-05 06:07:44 +10:00
OJ 5f5684841b
Fix the DB/Session test 2016-11-05 05:59:31 +10:00
OJ abe46024de
Fix tests after arch refactor 2016-11-05 05:15:57 +10:00
William Vu da356e7d62 Remove Compat hash to allow more payloads 2016-11-04 13:57:05 -05:00
William Vu f0c89ffb56 Refactor module and use FileDropper 2016-11-04 13:57:05 -05:00
William Vu 6d7cf81429 Update references 2016-11-04 13:57:05 -05:00
William Vu 009d6a45aa Update description 2016-11-04 13:57:05 -05:00
William Vu bf7936adf5 Add instance_eval and syscall targets 2016-11-04 13:57:05 -05:00
OJ 4bf966f695
Add module to bypassuac using eventvwr 
This module was inspired by the work done by Matt Nelson and Matt
Graeber who came up with the method in the first place. This works
nicely on a fully patched Windows 10 at the time of writing.
 2016-11-05 04:41:38 +10:00
dmohanty-r7 265567fa19
Land #7530 Improve atg_client to detect unsupported commands 2016-11-04 13:15:36 -05:00
Jon Hart 5b810fae41
Update atg_client to identify responses that indicate the command was not understood 2016-11-04 10:12:02 -07:00
Metasploit 2c39a14ada
Bump version of framework to 4.12.41 2016-11-04 10:02:13 -07:00
OJ 50c2ed8509
Fix post mixin platform/session check 2016-11-05 02:41:52 +10:00
wchen-r7 ca5610ccde
Land #7511, Update jenkins_script_console to support newer versions 2016-11-04 11:24:25 -05:00
OJ e5ea4a53d3
Fix typo in windows cred phish module 2016-11-04 13:26:10 +10:00
William Vu 5ed030fcf6
Land #7529, nil.downcase fix for tomcat_mgr_deploy 
Don't think it was ever needed, since the password is case-sensitive.

Fixed a minor merge conflict where PASSWORD became HttpPassword.
 2016-11-03 15:39:46 -05:00
Jin Qian 2f8d3c3cf3 Remove the bug where downcase() is invoked on password which is optional and can be empty. 2016-11-03 15:23:19 -05:00
Brendan dae1f26313
Land #7521, Modernize TLS protocol configuration for SMTP / SQL Server 2016-11-03 12:56:50 -05:00
William Vu eca4b73aab
Land #7499, check method for pkexec exploit 2016-11-03 10:59:06 -05:00
William Vu 1c746c0f93 Prefer CheckCode::Detected 2016-11-03 11:14:48 +01:00
William Vu 2cdff0f414 Fix check method 2016-11-03 11:14:48 +01:00
OJ 47ac122c15
Add LURI support to the reverse_http/s stagers 2016-11-03 14:51:07 +10:00
Brendan 5169341f62
Land #7522, Fix psh template to avoid 100% cpu spike on CTRL+C 2016-11-02 16:40:34 -05:00
Brendan a7c8060af5
Land #7523, Fix template location for psh payload creation 2016-11-02 12:09:20 -05:00
OJ 7895ba810d
Update payload cached size for the powershell payload 2016-11-03 02:50:13 +10:00