infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
35,059 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

35059 Commits (6250983fb45ed81f4fe60309c967c55a24fb4856)

Author SHA1 Message Date
Brent Cook 5b35134f98
Land #5820, DispatcherShell: Ensure exceptions don't interfere with busy state 2015-08-17 17:53:55 -05:00
Brent Cook 6b94513a37
Land #5860, add tpwn OS X local kernel exploit (https://github.com/kpwn/tpwn) 2015-08-17 17:41:04 -05:00
Brent Cook 98f6c7f01f
Land #5857, use correct deserialization for hosts data 2015-08-17 17:33:07 -05:00
William Vu 26165ea93f Add tpwn module 2015-08-17 17:11:11 -05:00
William Vu efc980074c Add tpwn exploit files 2015-08-17 17:11:07 -05:00
Brent Cook b17d8f8d49
Land #5768, update modules to use metasploit-credential 2015-08-17 17:08:58 -05:00
Brent Cook b1f11629dd
Land #5858, handle an empty database.yml file 2015-08-17 16:48:51 -05:00
James Lee 155ea84f0f
Land #5856, fix x64 nops in msfvenom 2015-08-17 16:42:53 -05:00
jvazquez-r7 a677e3c20f
Land @jlee-r7's specs 2015-08-17 15:31:43 -05:00
jvazquez-r7 0a7ac2d758
Delete another debug puts 2015-08-17 15:28:48 -05:00
jvazquez-r7 09c888bc49
Fix minor things 2015-08-17 15:27:26 -05:00
jvazquez-r7 02e3e9af16
Allow to compare ipv4 vs ipv6 hosts 2015-08-17 14:52:26 -05:00
William Vu 0bb01c8b6b Fix nil bug with an empty database.yml 
Use an empty hash instead of false.
 2015-08-17 14:45:11 -05:00
James Lee c52da9f50d Add regression spec for #5856 2015-08-17 14:32:20 -05:00
jvazquez-r7 0aa958dac0
Allow unserialization on hosts v5 2015-08-17 13:47:52 -05:00
jvazquez-r7 a5bed0198a
Use each_char 2015-08-17 11:08:40 -05:00
jvazquez-r7 e7433b81bd
Reuse architecture check 2015-08-17 10:28:10 -05:00
OJ 241593117b First pass of the android interval collection 2015-08-18 00:53:25 +10:00
Brent Cook bf631869a7
Land #5835, allow overriding stage2 lhost and lport values 2015-08-16 11:22:13 -05:00
Brent Cook 92958bdf8b prefer && to 'and' for consistent order-of-operations 2015-08-16 11:21:22 -05:00
Brent Cook ad149a1aec
Land #5819, update stage_payload call arguments 2015-08-16 11:17:28 -05:00
Brent Cook 5dd015150c
Land #5748, refactor google geolocate, add wlan_geolocate and send_sms to android meterpreter 2015-08-16 10:58:17 -05:00
benpturner 8800d89424 Updated to reflect HD's comments on indents and name of local script. 2015-08-16 10:47:20 +01:00
joev 98e2d074c3 Add disclosure date. 2015-08-15 20:09:41 -05:00
joev a133e98ba5 Adds a ff 35-36 RCE vector based off the recent ff bug. 2015-08-15 20:02:00 -05:00
Brent Cook 9720e8e081 normalize osx to darwin so python meterp works 2015-08-15 19:49:55 -05:00
Brent Cook 422bba87d3 style fixes, moved google_geolocate to google/geolocate 2015-08-15 19:49:32 -05:00
Brent Cook 1db376bed8 check if a process still exists before deleting it 2015-08-15 19:46:04 -05:00
Brent Cook 875ac289e0 wait up to time_out seconds for output from the command 2015-08-15 19:44:48 -05:00
jvazquez-r7 8ae4846169
Land #5050, @hmoore-r7's fix for outdated modules using get_profile 2015-08-14 20:08:02 -05:00
HD Moore 42e08cbe07 Fix bad use of get_profile (now browser_profile) 2015-08-14 19:50:42 -05:00
Brent Cook 3615bd094d limit the # of bssids sent to google, log more error details 2015-08-14 17:58:33 -05:00
Brent Cook 82e1181ccb update to metasploit-payloads 1.0.8 2015-08-14 17:38:54 -05:00
Brent Cook f4031d87fc light ruby style cleanups 2015-08-14 17:26:05 -05:00
Brent Cook 3aab9aa74c move BSSID checker to tools, fixup rubocop warnings, add OS X example 2015-08-14 17:13:11 -05:00
jvazquez-r7 c02df6b39d
Land #5800, @bperry's Symantec Endpoint Protection Manager RCE module 2015-08-14 17:03:48 -05:00
jvazquez-r7 b33abd72ce
Complete description 2015-08-14 17:03:21 -05:00
jvazquez-r7 4aa3be7ba2
Do ruby fixing and use FileDropper 2015-08-14 17:00:27 -05:00
Brent Cook 3d92e9d71c
Land #5802, add support for background colors in prompts 2015-08-14 15:02:51 -05:00
jvazquez-r7 ddb7224160
Land #5847, @todb-r7 on behalf of anonymous contributor, exploit for FF CVE-2015-4495 
* To exfiltrate arbitrary files
* Tested successfully on linux
 2015-08-14 14:57:28 -05:00
jvazquez-r7 a560496455 Do minor ruby style fixes 2015-08-14 14:50:03 -05:00
jvazquez-r7 82193f11e7 Minor js fixes 2015-08-14 14:45:48 -05:00
Brent Cook 0a4651a553
Land #5359, add PuTTY session enumeration module 2015-08-14 13:20:05 -05:00
jvazquez-r7 b908f41b0f
Land #5838, @bcook-r7's fixes for paylaod cached sizes 2015-08-14 12:39:58 -05:00
jvazquez-r7 f25a5da46f
Do Minor fixes 2015-08-14 12:37:49 -05:00
Tod Beardsley e4cb6872f2
Add exploit for CVE-2015-4495, Firefox PDF.js 2015-08-14 12:07:15 -05:00
Greg Mikeska 66148336e1
Modify tests to resolve false negative 
MSP-13064
 2015-08-14 11:48:52 -05:00
Brent Cook 6b1e911041 Instantiate payload modules so parameter validation occurs 
Calling .new on payload modules does not perform parameter validation, leading
to a number cached sizes based on invalid parameters. Most notably,
normalization does not occur either, which makes all OptBool params default to
true.
 2015-08-14 11:35:39 -05:00
joev 0615d908c4 Update description to explain quarantine effects. 2015-08-13 23:46:37 -05:00
joev 84144bf6cf Update webarchive_uxss to use the webarchive mixin. 
- Fixes extension installation to use a new window, not an iframe
- Steals the entire cookie file
- Removes cache poisoning scripts, which no longer seem to work
 2015-08-13 23:41:27 -05:00