12e2ff9bb5
proposed cleanup
2012-10-17 19:03:28 +02:00
e30b5b417a
Merge branch 'master' of git://github.com/sput-nick/metasploit-framework into sput-nick-master
2012-10-17 10:35:11 -05:00
60dc83748c
Update modules/exploits/windows/browser/mozilla_mchannel.rb
2012-10-17 12:25:44 -03:00
16e2a2e050
fix title for the apache activemq source disclosure mod
2012-10-17 17:23:56 +02:00
1a0e53dcbb
Merge branch 'jvazquez-r7-osx_x86_exec_prepend' into rapid7
...
[Closes #919 ]
2012-10-16 16:50:15 -05:00
c52b834f50
updated name and description
2012-10-16 14:37:02 -05:00
d8c2aa9796
added mssql ntlm stealer for sqli
2012-10-16 14:26:10 -05:00
9ee3a14a5a
Merge branch 'rapid7' into wchen-r7-smb_login_smb_login_handling
...
[Closes #913 ]
2012-10-16 13:08:11 -05:00
fafa6e49ce
address comments from jvazquez
2012-10-16 12:10:37 -05:00
6f227dddff
Related to #885 , allow Prepend* for osx/x86/exec payload
2012-10-16 16:26:18 +02:00
e583847a31
I missed this sucker.
2012-10-15 22:02:26 -05:00
52feae2dcd
Add missing require
...
[FixRM #7345 ]
2012-10-15 17:18:04 -05:00
8e668e2808
Check STATUS_ACCESS_DENIED properly
...
When Samba throws STATUS_ACCESS_DENIED, the exception that's
throwin is actually Rex::Proto::SMB::Exception::ErrorCode, not
as LoginError. It was handled correctly in try_user_pass(), but
not in other functions that also use smb_login().
2012-10-15 16:52:34 -05:00
9192a01803
All exploits need a disclosure date.
2012-10-15 16:29:12 -05:00
553ce82e79
added mssql ntlm stealer
2012-10-15 13:29:51 -05:00
29299b29a5
Added modules for CVE-2012-4933
2012-10-15 16:03:19 +02:00
adfced8d0e
Post require on gpg_creds
2012-10-15 06:58:35 -05:00
2acfb0537c
Merge branch 'ajaxplorer' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ajaxplorer
2012-10-15 08:30:08 +02:00
529f88c66d
Some msftidy fixes
2012-10-14 19:16:54 -05:00
97ac7fa184
Merge branch 'module-wle-service-permissions' of git://github.com/zeroSteiner/metasploit-framework
2012-10-14 18:27:32 -05:00
e00dbfcc0d
You mean.. FILEPATH.
2012-10-14 18:18:11 -05:00
2f04fdd71a
Merge branch 'apache_activemq_traversal' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-apache_activemq_traversal
2012-10-14 18:16:41 -05:00
d971abaeb9
deleted extra comma
2012-10-14 22:39:07 +02:00
14bd0373d3
deleted extra space
2012-10-14 22:38:14 +02:00
ac6a4c9283
Added module for CVE-2010-1587
2012-10-14 22:36:02 +02:00
2b644dbc45
added module for Apache ActiveMQ directory traversal
2012-10-14 22:30:38 +02:00
79da6c7186
added Lantronix telnet password recovery module
2012-10-14 12:46:52 -05:00
cedcace1a7
Forgot to change the output variable
...
Because the original script used match()
2012-10-14 11:43:33 -05:00
cc303665e8
Credit
2012-10-13 00:42:44 -05:00
5b2998a121
Add OSVDB-63552 AjaXplorer module (2010)
2012-10-13 00:35:48 -05:00
7196ca5b5e
Fix bad indent
2012-10-12 18:35:05 -05:00
7aa6776e4b
let's not rejoin threads we've already joined.
2012-10-12 17:12:42 -04:00
694eacfc4b
performance fix for host discovery post modules
2012-10-12 16:43:42 -04:00
f5302bfc49
add deprication warning to the original module
2012-10-12 13:49:25 -04:00
90ae5c1178
Add PhpEXE support to RateMyPet module
2012-10-12 04:53:01 -05:00
db12413b09
Convert vcms_upload to use PhpEXE
...
Incidentally adds a Linux x86 target
2012-10-12 04:29:57 -05:00
13a5892e95
Add a mixin for uploading/executing bins with PHP
...
And use it in three modules that had copy-paste versions of the same
idea.
2012-10-12 02:57:41 -05:00
3ab24cdbb9
added exploits/windows/local/service_permissions
2012-10-11 22:42:36 -04:00
0adabb1e06
Merge branch 'wchen-r7-projectpier' into rapid7
...
[Closes #889 ]
2012-10-11 18:32:04 -05:00
55c0cda86c
Merge branch 'fix_vprint_reduceright' of git://github.com/kernelsmith/metasploit-framework into kernelsmith-fix_vprint_reduceright
2012-10-11 16:55:52 -05:00
c911eeece2
change vprint_error to print_error
...
exploits/windows/browser/mozilla_reduceright does not tell you when an
incompatible browser connects like most other browser exploits do
(unless verbose is true). This change just changes the vprint to print
to be more consistent w/other browser exploits
2012-10-11 16:51:17 -05:00
9ea208d129
Oops, overwrote egypt's changes by accident
2012-10-11 16:40:52 -05:00
82eaa322fe
Make cleanup work better
2012-10-11 16:39:54 -05:00
3a66a07844
Proposed re-wording of description
...
[See #889 ]
2012-10-11 15:48:04 -05:00
24980e735b
I found an OSVDB ID
2012-10-11 15:28:07 -05:00
55128f5bb3
Make sure res has value before passing it on to exec_php
2012-10-11 14:43:38 -05:00
033a11eff5
Add Project Pier File Upload Vulnerability
2012-10-11 13:47:40 -05:00
b8e880bf82
Merge branch 'post-module-sdel' of https://github.com/bmerinofe/metasploit-framework into bmerinofe-post-module-sdel
2012-10-10 13:42:20 -05:00
1ea73b7bd2
Small description change and favor the use of print_error
2012-10-10 13:37:23 -05:00
f32ce87071
delete comment added by error
2012-10-10 19:32:25 +02:00
13e914d65e
added on_new_session handler to warn users about cleanup
2012-10-10 19:31:38 +02:00
37dc19951b
Added module for ZDI-12-169
2012-10-10 19:14:54 +02:00
21d1a5857a
Adding Iterations options
2012-10-10 12:32:30 +02:00
7b45ef6038
Applying changes. Blocks -Begin .. End- deleted
2012-10-09 21:52:49 +02:00
22f7c42b85
Merge branch 'master' into feature/updated-mobile
2012-10-09 12:58:19 -05:00
4fa3631e34
avoiding the python support on the barracuda one if cannot be tested
2012-10-09 18:01:23 +02:00
f33411abd1
Merge branch 'python_payload_support' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-python_payload_support
2012-10-09 18:00:44 +02:00
a12aed7ffc
Don't really need these keywords
2012-10-09 00:49:05 -05:00
b657fd31cc
Merge branch 'php_include' of https://github.com/ethicalhack3r/metasploit-framework into ethicalhack3r-php_include
2012-10-09 00:45:46 -05:00
c094508119
Support Python payload
...
Pretty sure if the app is run on Unix/Apache, or supports perl and
ruby, chances are python works too.
2012-10-08 22:17:11 -05:00
b356b403b0
Merge branch 'phptax' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-phptax
2012-10-09 00:10:31 +02:00
286b86949b
Prefix with host:port for readability
2012-10-08 15:23:26 -05:00
06e2994b7e
connectiontype to find and python payload support
2012-10-08 15:13:27 -05:00
abb4bdd408
metadata formatting, and a little res gotcha
2012-10-08 15:00:51 -05:00
04aa69192d
Dang typo
2012-10-08 13:35:13 -05:00
ef9d627e13
Added module for ZDI-12-106
2012-10-08 20:04:01 +02:00
8ff4442f9e
Add PhpTax pfilez exec module
...
This module exploits a vuln found in PhpTax. When generating a
PDF, the icondrawpng() function in drawimage.php does not
properly handle the pfilez parameter, which will be used in a
exec() statement, and results in arbitrary code execution.
2012-10-08 12:46:56 -05:00
e9b70a3a4f
Merge branch 'avaya_winpmd_unihostrouter' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-avaya_winpmd_unihostrouter
2012-10-07 15:35:30 -05:00
0acd9e4eec
Merge branch 'ms10_002_ropdb_update' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ms10_002_ropdb_update
2012-10-07 17:49:45 +02:00
40983460bf
added module for avaya winpmd bof, osvdb 73269
2012-10-07 12:05:13 +02:00
bdb9b75e1e
Use RopDb, and print what target the module has selected.
2012-10-07 01:42:29 -05:00
64f29952dc
Merge branch 'master' into feature/updated-mobile
2012-10-07 00:32:02 -05:00
5b656087b5
Use RopDb in adobe_flash_otf_font, also cleaner code & output
2012-10-06 21:03:41 -05:00
874fe64343
Merge branch 'ms11_050_ropdb_update' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ms11_050_ropdb_update
2012-10-06 14:10:36 +02:00
e02adc1f35
Merge branch 'mubix-bypassuac_uac_check'
2012-10-06 02:09:16 -05:00
33429c37fd
Change print_error to print_debug as a warning
2012-10-06 02:08:19 -05:00
94d5eb7a8c
Use RopDb in MS11-050, and correct autopwninfo
2012-10-06 01:45:40 -05:00
55474dd8bf
add simple UAC checks to bypassuac
2012-10-06 00:59:54 -04:00
b984d33996
add RunAs ask module
2012-10-06 00:51:44 -04:00
769fa3743e
Explain why the user cannot modify the URIPATH
2012-10-05 17:24:06 -05:00
f4e442bcbd
Added headers support to php_include module
2012-10-05 23:00:38 +02:00
2aa59623d1
Merge branch 'ropdb_for_browsers' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ropdb_for_browsers
2012-10-05 15:43:18 -05:00
21ea77ff8b
Fix spaces
2012-10-05 15:40:37 -05:00
a60851e9d1
Merge branch 'mubix-bypassuac_localport'
2012-10-05 14:28:12 -05:00
6342c270f4
Merge branch 'bypassuac_localport' of https://github.com/mubix/metasploit-framework into mubix-bypassuac_localport
2012-10-05 14:16:16 -05:00
33db3d9610
RopDb for ntr_activex_check_bof.rb
2012-10-05 14:09:59 -05:00
f92843c96e
RopDb for ie_execcommand_uaf.rb
2012-10-05 13:49:17 -05:00
aba69d8438
fix indentation
2012-10-05 20:18:40 +02:00
4c646762a5
Added target debian squeeze
2012-10-05 20:12:09 +02:00
9a53a49625
RopDb for vlc_amv.rb
2012-10-05 12:54:16 -05:00
d9278d82f8
Adopt RopDb for msxml_get_definition_code_exec.rb
2012-10-05 12:20:41 -05:00
6fc8790dd7
Adopt RopDb for ms12_037_same_id.rb
2012-10-05 12:17:19 -05:00
1268614d54
Adopt RopDb for adobe_flash_mp4_cprt.rb
2012-10-05 11:15:53 -05:00
98931e339a
Adopt RopDb for adobe_flash_rtmp.rb
2012-10-05 11:05:19 -05:00
631a06f3bb
Adopt RopDb for adobe_flashplayer_flash10o.rb
2012-10-05 10:55:55 -05:00
0ae7756d26
fixed missing > on author
2012-10-05 11:13:40 -04:00
8b8bfec6b8
Merge branch 'gpg' of https://github.com/kholia/metasploit-framework into kholia-gpg
2012-10-05 09:23:54 +02:00
bcc56cb7cc
Merge branch 'bypassuac_localport' of https://github.com/mubix/metasploit-framework into mubix-bypassuac_localport
2012-10-05 01:05:30 -05:00
77438d2fc7
Make URI modification more obvious, and let the user know why
2012-10-04 17:52:04 -05:00
8520cbf218
fixes spotted by @jlee-r7
2012-10-04 17:34:35 -04:00
f3e94d2ee2
extend dep to 3 months and use print_error
2012-10-04 16:42:08 -04:00
cf8501775a
re-add bypassuac post mod w/ deprication warning
2012-10-04 16:31:20 -04:00
ae11c2ffc0
Merge branch 'rapid7' into kernelsmith-update-ms10_042-info
...
[Closes #860 ]
2012-10-04 15:29:32 -05:00
4400cb94b5
Removing trailing spaces
2012-10-04 14:58:53 -05:00
6ef87d1695
update info to reflect use of webdav
...
ms10_042_helpctr_xss_cmd_exec.rb doesn't tell you that it's going to
use webdav, and it's options dont' have the (Don't change) warning for
SRVPORT and URIPATH. This update fixes all that
2012-10-04 14:09:53 -05:00
3f2fe8d5b4
port bypassuac from post module to local exploit
2012-10-04 14:31:23 -04:00
dc9907da98
Fix load order issue with multi/gather/ssh_creds
...
Make sure Post::Unix exists before including
2012-10-04 11:19:14 -05:00
d63b5fb9e3
fixes: author format, remove meterpreter support, fix ltype
2012-10-04 21:29:00 +05:30
02617a6f3a
Merge branch 'feature/redmine-7224-shellcode-cleanup' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-feature/redmine-7224-shellcode-cleanup
2012-10-04 00:43:34 -05:00
d515b3274d
Apply wfsdelay and apply egypt's suggestions
2012-10-04 00:40:52 -05:00
9dad8b28ee
Merge branch 'qnx_qconn_exec' of https://github.com/bcoles/metasploit-framework into bcoles-qnx_qconn_exec
2012-10-03 22:09:14 -05:00
6de50b7cb5
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-10-03 12:30:34 -05:00
fbc3709774
Change the title and regex a bit
2012-10-03 12:16:25 -05:00
51e70c44e3
fix error message after cleanup
2012-10-03 18:44:33 +02:00
0755cbe411
cleanup: clear strings, delete unused variables, author email foramt, use of unpack
2012-10-03 18:28:03 +02:00
09c4c8172d
Merge branch 'PostgreSQL' of https://github.com/kholia/metasploit-framework into kholia-PostgreSQL
2012-10-03 18:26:34 +02:00
30846f4190
fix typo in comment
2012-10-03 16:06:00 +02:00
24037ac79a
Added module for CVE-2011-4051
2012-10-03 16:03:36 +02:00
a0422fe500
Make failing username dynamic
2012-10-03 19:17:32 +05:30
e39472f7d4
Merge branch 'zeroSteiner-module-ms11-080'
2012-10-02 12:01:01 -05:00
e36507fc05
Code cleanup and make msftidy happy
2012-10-02 12:00:23 -05:00
80bcf930e3
GnuPG Information Gather Module, tested against Linux
2012-10-02 17:46:57 +05:30
e33da009ea
add PostgreSQL password capturing module
2012-10-02 15:16:37 +05:30
8473aafdd5
added sdel post meterpreter module
2012-10-02 01:35:53 +02:00
21e832ac1c
add call to memory protect to fix DEP environments
2012-10-01 18:49:18 -04:00
e6e25544ec
Merge branch 'handler-requires-race'
2012-10-01 16:32:15 -05:00
2ca134a2c3
Merge branch 'printjob_capture'
...
This lands #811 , and also brings in my changes from
ChrisJohnRiley/metasploit-framework#2
Thanks Chris!
2012-10-01 15:55:14 -05:00
1e4f8591fd
Sneaking in an author credit
2012-10-01 11:42:56 -05:00
c0bc764fd4
Retabbing for tabs, not spaces
...
I'm not a fan of the tabs either, any more. But, until we switch over
for real, let's stick with the project's whitespace conventions?
2012-10-01 11:26:58 -05:00
802924d67a
Getting rid of continuation slashes. Plz don't.
...
Continuation slashes are the devil when it comes to reading Ruby,
especially if you're reading something like:
def hello
puts "Hello world!" \
if true
end
This looks like a syntax error and hurts my eyeballs.
Please avoid this convention in the future.
2012-10-01 11:23:06 -05:00
a38724f53b
Adds an apparently spurious require
...
SeeRM #7276
Sticking this in a branch for now while I ask Egypt and limhoff for a
second opinion.
2012-10-01 07:49:58 -05:00
e2276bfedb
Add QNX QCOMM command execution module
2012-09-30 17:21:08 +09:30
c5f863b0b9
minor fixes and msftidy compliant
2012-09-29 23:35:53 +02:00
3e97cb2d85
Merge branch 'module-enumtomcat' of https://github.com/sectorix/metasploit-framework into sectorix-module-enumtomcat
2012-09-29 23:34:46 +02:00
19675b3bea
changed report to be more verbose
2012-09-28 19:02:15 +01:00
489c9b701e
Whitespace
2012-09-28 12:47:15 -05:00
1b2240d9bd
Commenting about IPP
2012-09-28 12:38:36 -05:00
a15a2b522c
Removing IPP as a selectable mode
2012-09-28 12:38:17 -05:00
6944aab46c
Removing Id SVN splat
2012-09-28 12:37:00 -05:00
fa03eddbdc
extended identification technique
2012-09-28 16:44:03 +01:00
db4b19a2df
Adding Juan's fix for peerhost
2012-09-28 10:26:35 -05:00
6679ff765a
remove extra commas
2012-09-28 12:21:59 +02:00
ddb3f27035
added Tomacat Server Enumeration Module
2012-09-28 00:40:17 +01:00
4087790cf7
Oops, forgot to update the check() function
2012-09-27 18:22:57 -05:00
0300576436
Merge branch 'setinfopolicy_heap' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-setinfopolicy_heap
2012-09-27 18:22:22 -05:00
9d3a1871a6
Added module for Samba CVE-2012-1182
2012-09-28 01:18:52 +02:00
6aefa40ec1
fix my english
2012-09-28 00:32:02 +02:00
12177b0ed2
Added module for 2011-1900
2012-09-28 00:29:12 +02:00
60b4190e4a
Avoids a race on requires
...
Applies Raphael's patch.
[FixRM #7261 ]
2012-09-27 13:18:50 -05:00
c93692b06d
add a check to verify session is not already system for MS11-080
2012-09-27 08:36:13 -04:00
f6baf824b6
The USER_FILE path is wrong.
2012-09-27 01:33:11 -05:00
75d40d4d82
Make msftidy happy
2012-09-27 01:33:11 -05:00
99ec988485
Updated with wordlist path registered options
2012-09-27 01:33:11 -05:00
75f5e24178
Dell iDrac login aux scanner
2012-09-27 01:33:11 -05:00
594669cbff
Merge remote branch 'sectorix/module-enumdb'
2012-09-26 12:53:30 -05:00
aa8a713a30
Fix added datastore item in BAP
2012-09-26 11:55:12 -05:00
8648953747
added MS11-080 AFD JoinLeaf Windows Local Exploit
2012-09-26 11:01:30 -04:00
e7281e0085
Merge branch 'master' into module-enumdb
...
Fixing up the merge conflicts caused mostly by the CRLF's (fixed in the
parent commit to this one), and probably by failing to merge from
master on sectorix's side.
Conflicts:
modules/post/windows/gather/enum_db.rb
2012-09-26 08:42:24 -05:00
5bd39536a2
Reformatting with Unix linefeeds.
...
For the curious, I like this procedure a lot, it's my new favorite:
http://vim.wikia.com/wiki/File_Format#Converting_the_current_file
2012-09-26 08:40:50 -05:00
3efe9ac761
removed dev comments
2012-09-26 13:37:17 +01:00
f51f4c1e6a
added support for oracle 11g XE
2012-09-26 13:28:16 +01:00
3ade5a07e7
Add exploit for phpmyadmin backdoor
2012-09-25 10:47:53 -05:00
93dd96d4d3
fixing variable name
2012-09-25 15:40:12 +02:00
1111de0197
Add OSVDB reference
2012-09-25 01:19:58 -05:00
6939df8d98
Support Spanish thx to Adrian Pulido
...
See redmine feature: #7006
2012-09-24 22:42:17 -05:00
67c5c24f67
Fix multiple bugs
...
Bug fixes including:
* Unnecessary headers being manually added. Sometimes may cause
a 400 Bad Request against specific web servers. See issue 7165
on Redmine for details.
* Regex fix
* URI path fix
2012-09-24 22:32:59 -05:00
4cd244693f
Tabs
2012-09-24 19:13:44 -05:00
6c28e054f0
Merge branch 'enum_db' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-enum_db
2012-09-24 19:11:21 -05:00
54ed60e24e
Forgot to remove the second require
2012-09-24 18:50:53 -05:00
6bd450e114
Make Ruby 1.8 happy
2012-09-24 18:49:41 -05:00
6ed5f4a99b
Merge branch 'dcbz-osxpayloads'
2012-09-24 18:37:07 -05:00
c0387f1441
Have a matching option like the post module
...
And make sure nemo won't get harassed by people because they
think he hacked into everyone's mac.
2012-09-24 18:33:13 -05:00
2769a88f9e
Code cleanup
2012-09-24 17:47:14 -05:00
2db2c780d6
Additional changes
...
Updated get_target function, comment for original author, possible
bug in handling page redirection.
2012-09-24 17:38:19 -05:00
03815b47f8
Merge branch 'ie_uaf_js_spray_obfuscate' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ie_uaf_js_spray_obfuscate
2012-09-24 17:14:26 -05:00
25e6990dc7
added osvdb reference
2012-09-24 21:49:32 +02:00
2784a5ea2d
added js obfuscation for heap spray
2012-09-24 21:28:34 +02:00
cb099d3431
fixing and cleanup for pull #802
2012-09-24 20:34:26 +02:00
938b612827
Merge branch 'osxpayloads' of https://github.com/dcbz/metasploit-framework into dcbz-osxpayloads
2012-09-24 10:23:55 -05:00
0e94340967
Merge branch 'auxilium' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-auxilium
2012-09-24 10:22:18 -05:00
57b3aae9c0
Only JRE ROP is used
2012-09-24 10:21:02 -05:00
98f4190288
Add Auxilium RateMyPet module
2012-09-24 10:16:11 -05:00
d476ab75cc
fix comment
2012-09-24 10:03:31 +02:00
f3a64432e9
Added module for ZDI-12-170
2012-09-24 10:00:38 +02:00
91bc573fe8
Remove debug print
2012-09-24 01:26:39 -05:00
77a0cf18da
Fix errors when pivoting
...
Printing stack traces is rude.
Also removes Capture which isn't necessary for this module
2012-09-23 22:59:44 -05:00
7ebe1a4d55
Merge branch 'browtopwn' of https://github.com/scriptjunkie/metasploit-framework into scriptjunkie-browtopwn
2012-09-23 12:03:04 -05:00
e89dcc5ab0
While 1337 is fun and funny, it is easy to spot and the correct port is 137.
2012-09-22 17:00:51 -05:00
0158312615
Java meterpreter can run scripts too!
2012-09-22 16:49:16 -05:00
202a78dd3f
Added say.rb: uses /usr/bin/say to output a string
2012-09-22 09:13:29 -05:00
09b8a6d87f
Added reverse_tcp stager payload, and updated bind
2012-09-22 08:31:42 -05:00
81ceff7370
Added a tcp stager, and a small exec for testing
2012-09-22 07:24:51 -05:00
cade078203
Update author info
2012-09-22 02:29:20 -05:00
dccb8d235d
Adding OSX 64-bit find-tag module.
2012-09-21 15:39:35 -05:00
ce441e95a6
Corrected typo, missing \ and minor regex match
2012-09-21 22:04:19 +03:00
b1226ab87c
mysql search config + less verbose
2012-09-21 20:01:32 +01:00
d3611c3f99
Correct the tab
2012-09-21 12:29:24 -05:00
25f4e3ee1f
Update patch information for MS12-063
2012-09-21 12:28:41 -05:00
9753494cba
Corrected regex scan vs. match issues
...
Altered PS and PCL to elsif to avoid
double detection of printjobs.
2012-09-21 13:20:14 +02:00
ed24154915
minor fixes
2012-09-21 11:36:58 +02:00
f7aaae614e
Reduced instances of #{name} to client
...
connections and disconnections. All other
output should be self explanatory and
doesn't need #{name}
2012-09-21 11:08:47 +02:00
78f77a3df2
Replaced if @verbose with vprint_status
...
Corrected bug in non-detected print types
2012-09-21 10:59:39 +02:00
6ee2c32f08
add ZEN Load Balancer module
2012-09-21 17:25:20 +09:30
0032713198
description modified
2012-09-21 10:09:42 +02:00
f6baf7fe34
Merge branch 'MySQL-JtR' of https://github.com/halfie/metasploit-framework into halfie-MySQL-JtR
2012-09-21 10:08:34 +02:00
54b98b4175
Merge branch 'ntr_activex_check_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ntr_activex_check_bof
2012-09-20 16:43:20 -05:00
4ead0643a0
Correct target parameters
2012-09-20 16:41:54 -05:00
41449d8379
Merge branch 'ntr_activex_stopmodule' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ntr_activex_stopmodule
2012-09-20 16:33:12 -05:00
1534c4af6f
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-09-20 16:20:34 -05:00
776d24d8a9
cleanup
2012-09-20 16:16:30 -05:00
311c01be46
Cleanup, improve option handlingg
2012-09-20 16:14:15 -05:00
7fcc34766a
Added datastore items to BAP handlers
...
Added two datastore items to handlers created by BAP
2012-09-20 15:21:08 -05:00
a5ffe7297f
Touching up Kernelsmith's wording.
...
It is merely the ROP chain, not the vuln, that requires Java.
2012-09-20 14:52:52 -05:00
883dc26d73
Merge remote branch 'kernelsmith/ie_execcommand_uaf_info'
2012-09-20 14:48:36 -05:00
57fd9b8c18
Merge branch 'master' of https://github.com/dcbz/metasploit-framework into dcbz-master
2012-09-20 13:37:31 -05:00
e98e3a1a28
added module for cve-2012-0266
2012-09-20 19:03:46 +02:00
b61c8b85b8
Added module for CVE-2012-02672
2012-09-20 19:02:20 +02:00
3d254b69fd
Applied all requirements from pull/715
...
Reworked PCL regex to match PCL 6/XL
msftidy is still complaining about
an indent. Can't find why however!
New PULL created as per request from
jvazquez-r7
2012-09-20 18:04:36 +02:00
17f7e94f4d
Add support for dumping MySQL challenge-response pairs in JtR format
2012-09-20 13:54:12 +05:30
f75ff8987c
updated all my authour refs to use an alias
2012-09-19 21:46:14 -05:00
f5df7e0e8a
Added 2 payload modules (reverse and bind tcp shells)
2012-09-19 16:59:26 -05:00
f1a39c76ed
update to ie_execcommand_uaf's info to add ROP info
...
This module requires the following dependencies on the target for the
ROP chain to function. For WinXP SP3 with IE8, msvcrt must be present
(which it is on default installs). For Vista/Win7 with IE8 or Win7
with IE9, ire 1.6.x or below must be installed.
2012-09-19 14:10:02 -05:00
11f82de098
Update author information
2012-09-19 14:00:51 -03:00
cc8102434a
CVE assigned for the IE '0day'
2012-09-18 16:13:27 -05:00
25475ffc93
Msftidy fixes.
...
Whitespace on ie_execcommand_uaf, and skipping a known-weird caps check
on a particular software name.
2012-09-18 11:25:00 -05:00
8b251b053e
initializing msghdr a little better
2012-09-18 12:12:27 +02:00
16c5df46fc
fix while testing ubuntu intrepid
2012-09-18 11:52:50 +02:00
5fbc4b836a
Add Microsoft advisory
2012-09-17 22:13:57 -05:00
75bbd1c48d
Being slightly more clear on Browser Not Supported
...
With this and the rest of sinn3r's fixes, it looks like we can close the
Redmine bug.
[FixRM #7242 ]
2012-09-17 11:16:19 -05:00
d77ab9d8bd
Fix URIPATH and nil target
...
Allow random and '/' as URIPATh, also refuse serving the exploit
when the browser is unknown.
2012-09-17 10:54:12 -05:00
48a46f3b94
Pack / Unpack should be V not L
...
Packing or unpacking to/from L, I, or S as pack types will cause
problems on big-endian builds of Metasloit, and are best avoided.
2012-09-17 09:52:43 -05:00
d77efd587a
Merge remote branch 'wchen-r7/ie_0day_execcommand'
2012-09-17 08:48:22 -05:00
5eaefcf4c7
This is the right one, I promise
2012-09-17 08:41:25 -05:00
8f50a167bd
This is the right module
2012-09-17 08:36:04 -05:00
e43cae70a7
Add IE 0day exploiting the execcommand uaf
2012-09-17 08:28:33 -05:00
c83b49ad58
Unix linefeeds, not windows
...
That's what I get for just committing willy-nilly with a fresh install
of Gvim for Windows.
Also, this is an experiment to see if linefeeds are being respected in
this editor Window. I doubt it will be, given GitHub's resistence to
50/72 as a sensible default.
2012-09-16 18:10:35 -05:00
2fc34e0073
Auth successful, not successfully
...
Just fixing up some adverb versus adjective grammar.
2012-09-16 17:51:00 -05:00
b07b30839e
Merge branch 'webmin_edit_html_fileaccess' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-webmin_edit_html_fileaccess
2012-09-16 03:17:09 -05:00
63d2d60c68
delete don't needed line
2012-09-15 23:56:38 +02:00
ff2e9fc157
add changes proposed by sinn3r
2012-09-15 23:55:55 +02:00
cbc778cb47
add changes proposed by sinn3r
2012-09-15 23:53:09 +02:00
0708ec72fc
module moved to a more correct location
2012-09-15 15:31:21 +02:00
0f67f8d08a
target modified
2012-09-15 15:14:33 +02:00
70ff7621d6
added module for CVE-2012-2983
2012-09-15 15:11:12 +02:00
0061d23b37
Added module for CVE-2012-2982
2012-09-15 15:09:19 +02:00
9a83c7c338
changes according to egypt review
2012-09-14 18:47:50 +02:00
eae571592c
Added rgod email
2012-09-14 17:45:16 +02:00
a2649dc8d1
fix typo
2012-09-14 17:10:41 +02:00
e27d5e2eb7
Description improved
2012-09-14 17:08:59 +02:00
9c77c15cf5
Added module for osvdb 85087
2012-09-14 16:54:28 +02:00
jvazquez-r7
sinn3r
sput-nick
James Lee
nullbind
Tod Beardsley
jgor
Raphael Mudge
Spencer McIntyre
kernelsmith
Borja Merino
HD Moore
Rob Fuller
ethicalhack3r
Dhiru Kholia
bcoles
Barry Shteiman
Cristiano Maruti
David Maloney
scriptjunkie
dcbz
Chris John Riley
Ramon de C Valle