Commit Graph

13697 Commits (61983b21b9e99f41323937cac30af0ec1528c3d7)

Author SHA1 Message Date
HD Moore 1989f0ab46 IE 10/Win8 detection support 2012-06-25 00:36:04 -05:00
HD Moore 348a0b8f6e Merge branch 'master' into feature/vuln-info 2012-06-24 23:00:13 -05:00
HD Moore c28d47dc70 Take into account an integer-normalized datastore 2012-06-24 23:00:02 -05:00
HD Moore e31a09203d Take into account an integer-normalized datastore 2012-06-24 22:59:14 -05:00
Alexandre Maloteaux 2eddfa3444 fix bsd ans solaris platform when using encoder too 2012-06-25 03:12:33 +01:00
Alexandre Maloteaux 15066d7dc5 Generate elf binaries for bsd and solaris too 2012-06-25 02:36:30 +01:00
sinn3r 4d2e74e2ad Need to account for the fact the server may timeout during operation
See the following issue for more info:
http://dev.metasploit.com/redmine/issues/4866
2012-06-24 20:17:51 -05:00
sinn3r 05eaac9085 Fix possible param duplicates 2012-06-24 19:05:42 -05:00
dmaloney-r7 46dd286cc8 Merge pull request #519 from rapid7/gpp-passwords
Gpp passwords
2012-06-24 16:18:34 -07:00
David Maloney 6e19dddf2a Alleviate duplicated work in gpp module 2012-06-24 16:21:35 -05:00
HD Moore 6556eecfda Update project 2012-06-24 14:03:58 -05:00
HD Moore 211b722ec1 Update project 2012-06-24 14:03:57 -05:00
HD Moore c1d143e580 Remove left over debug statements 2012-06-24 14:03:56 -05:00
HD Moore 3c7e87bacf Add missing project files 2012-06-24 14:03:54 -05:00
HD Moore 11b875d84d Checkin new code 2012-06-24 14:03:53 -05:00
HD Moore 2d0d5287d2 Commit EncodePointer stubs as a reference (temporary) 2012-06-24 14:03:52 -05:00
HD Moore 75f1484d63 Respin of binaries to remove debug output 2012-06-24 13:40:27 -05:00
HD Moore 6e61878393 Respin of meterpreter bins (add Win 8 to sysinfo, fix a few bugs) 2012-06-24 13:27:10 -05:00
David Maloney aa09cd7f82 More collaboration stuff on gpp module 2012-06-24 13:08:19 -05:00
h0ng10 65197e79e2 added Exploit for CVE-2008-6508 (Openfire Auth bypass) 2012-06-24 07:35:38 -04:00
sinn3r 54309c3c3d Merge branch 'armitage' of https://github.com/rsmudge/metasploit-framework into rsmudge-armitage 2012-06-24 02:25:38 -05:00
sinn3r e805675c1f Add Apple iTunes 10 Extended M3U Stack Buffer Overflow
New exploit against Apple iTunes. Note that this appears to be
different than liquidworm's CVE-2012-0677, because this one is
a stack-based buffer overflow, while CVE-2012-0677 is heap-based,
and a different crash/backtrace. However, according to Rh0, this
bug is patched anyway in the same update... possibly a silent
patch.

As of now, there seems to be no CVE or OSVDB addressing this
particular bug.
2012-06-24 02:01:34 -05:00
David Maloney eefea8d9d3 Add newname attr in gpp module 2012-06-23 17:51:58 -05:00
David Maloney 7bcb9d1a45 Reintegrated extra options into gpp module
reintegrated meatballs control options into the gpp module
2012-06-23 17:38:07 -05:00
David Maloney b320679d1f Exception message fix for gpp 2012-06-23 12:56:12 -05:00
David Maloney 5497d091fc fix gpp attribution and description 2012-06-23 12:45:56 -05:00
David Maloney 534008b010 Major rework of the gpp module
Took the combination work Meatballs did
on pulling togetehr the three seperate gpp modules.
Cleaned it up and cut it down to a smaller, smoother form.
2012-06-23 12:42:33 -05:00
Raphael Mudge 322e0766a1 Armitage 06.23.12 2012-06-23 13:03:55 -04:00
James Lee 3e974415d9 Give some verbose feedback if connection failed 2012-06-23 00:58:27 -06:00
jvazquez-r7 b891e868f5 Added actionscript and swf needed 2012-06-23 08:36:35 +02:00
sinn3r d7d314862f Need the trigger to actually make it work, duh! 2012-06-22 23:16:12 -05:00
Tod Beardsley d708f2526c Adding ref for APSB12-09 to new Flash sploit 2012-06-22 17:30:52 -05:00
jvazquez-r7 72ef8c91f0 module for CVE-2012-0779 added 2012-06-23 00:21:18 +02:00
Tod Beardsley dfe0e10dc6 Adding kernelsmith's -a datastore opt
Works well enough on its own. Note that you cannot mix -g and -a since
set doesn't actually parse out dash options in a OptParse sort of way.

That said, setg -a seems to work well. This mixing options business
will need to be addressed soon, but that day is not today.

[Closes #514]
2012-06-22 16:01:38 -05:00
m-1-k-3 315a1707e7 also new version v2.07.16 is vulnerable 2012-06-22 13:18:45 +02:00
kernelsmith 1bcf241ec0 adds the -a (append) option to the console 'set' command
if RHOST is currently 192.168.20.1
set -a RHOST 5
appends 5 to RHOST making it 192.168.20.15
2012-06-22 01:23:54 -05:00
HD Moore a648c24b4e Move builds to VC10 2012-06-21 23:51:46 -05:00
HD Moore c5e9e5d374 Add Windows 8 / Server 2012 support to sysinfo 2012-06-21 23:50:29 -05:00
Tod Beardsley 572fb4cb0c Permissions fix 2012-06-21 15:39:17 -05:00
Tod Beardsley 2729f33ff2 Merge Justin's TortoiseSVN module
This adds Justin's TortoiseSVN module with minor edits.

[Closes #508]
2012-06-21 11:56:08 -05:00
Tod Beardsley 504d3d477e Resolve http_proxy_host before reporting, too. 2012-06-21 11:55:13 -05:00
Tod Beardsley c795c2e438 Resolve hosts for tortoisesvn module reporting
report_host() does not expect a DNS name, but an IPv4 or IPv6 address.
In many cases, an SVN password is going to be associated with only a
hostname.

This may be a bug in report_host -- it's certainly inconveninent.
However, we don't usually wnat report_host to be making tons of DNS
lookups when importing hosts, so this forced step is likely intended.

Also, begin/rescue/end blocks that don't hint at what errors are
intended to be caught are rarely a good idea, so this at least informs
the user which exception was raised.
2012-06-21 11:47:37 -05:00
sinn3r 4004b544c0 The condition for "else" doesn't really do anything for us 2012-06-21 02:53:44 -05:00
sinn3r 9d52ecfbb6 Fix a few mistakes (typos & reference) 2012-06-21 02:32:04 -05:00
sinn3r d957c021cb Handle another possible condition
If the path actually doesn't exist on the victim, we may run into
a RequestError. Need to handle that... should be pretty common.
2012-06-21 01:38:51 -05:00
sinn3r 6a386b7a88 Rename the file for naming style consistency 2012-06-21 01:25:55 -05:00
sinn3r 367e75bb06 Multiple changes to file_collector.rb
This module received the following changes:
* Make msftidy happy
* Remove the GETDRIVES option, and make the SEARCH_FROM option
  smarter.
* MSF license
* Other minor changes
2012-06-21 01:21:53 -05:00
sinn3r 327e86e08c Merge branch 'file_collector' of https://github.com/3vi1john/metasploit-framework into 3vi1john-file_collector 2012-06-20 23:46:04 -05:00
Juan Vazquez 4a8e94463a Merge pull request #512 from jvazquez-r7/ezserver_add_reference
ezserver_http: added bid reference
2012-06-20 13:11:55 -07:00
jvazquez-r7 6be7ba98aa ezserver_http: added bid reference 2012-06-20 22:08:58 +02:00