infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
24,484 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

24484 Commits (638ae477d9ab51607861b65d97d77d36119d21ae)

Author SHA1 Message Date
William Vu 696eee1ada
Add Outpost24 to db_import help 2014-04-25 14:27:44 -05:00
lsanchez-r7 8f43c229b1
Passing the Mdm::Task down the chain 
when reporting hosts from an Mdm::Task we need to pass the task all
the way down. this wasnt done for the metasploit import format.
 2014-04-25 11:15:39 -05:00
William Vu c2bb26590c
Land #3250, version handling for Heartbleed server 2014-04-25 00:17:26 -05:00
Ramon de C Valle fd232b1acd Use the protocol version from the handshake 
I used the protocol version from the record layer thinking I was using
the protocol version from the handshake. This commit fix this and uses
the protocol version from the handshake instead of from the record layer
as in https://gist.github.com/rcvalle/10335282, which is how it should
have been initially.

Thanks to @wvu-r7 for finding this out!
 2014-04-25 01:48:17 -03:00
joev f94d1f6546 Refactors firefox js usage into a mixin. 2014-04-24 15:09:48 -05:00
Tod Beardsley fb3b6f577d
Land #3279, upper bound check for AR 2014-04-24 15:09:07 -05:00
sinn3r 1353c62967
Land #3295 - Fix NoMethodError undefined method `body' for nil:NilClass 2014-04-24 13:53:58 -05:00
sinn3r ba4b507cc7
Land #3280 - Multiplatform WLAN Enumeration and Geolocation 2014-04-24 13:52:32 -05:00
sinn3r 5c0664fb3b
Land #3292 - Mac OS X NFS Mount Privilege Escalation Exploit 2014-04-24 13:43:20 -05:00
sinn3r 656e60c35c
Land #3254 - Wireshark <= 1.8.12/1.10.5 wiretap/mpeg.c Stack BoF 2014-04-24 13:20:50 -05:00
sinn3r cde9080a6a Move module to fileformat 2014-04-24 13:17:08 -05:00
sinn3r a39855e20d Works for XP SP3 too 2014-04-24 13:16:24 -05:00
sinn3r ba8d7801f4 Remove default target because there is no auto-select 2014-04-24 13:15:49 -05:00
sinn3r 2e76db01d7 Try to stick to the 100 columns per line rule 2014-04-24 13:15:12 -05:00
Tom Sellers 8f47edb899 JBoss_Maindeployer: improve feedback against CVE-2010-0738 
The exploit against CVE-2010-0738 won't work when using GET or POST.  In the existing code the request would fail and the function would return a nil.  This would be passed to detect_platform without being checked and cause the module to crash ungracefully with the error:

Exploit failed: NoMethodError undefined method `body' for nil:NilClass

The first changes detect a 401 authentication message and provide useful feedback.  Given that if, in any case, 'res' is not a valid or useful response the second change just terminates processing.

I've stayed with the module's coding style for consistency.
 2014-04-24 12:37:14 -05:00
Christian Mehlmauer ef815ca992
Land #3288, Postgres support for Heartbleed scanner 2014-04-24 18:03:13 +02:00
Trevor Rosen e556997bf7
Land #3269 (Pro) fix report import issue 2014-04-24 08:27:06 -05:00
Tom Sellers d4c0d015c1 Update wlan_geolocate.rb 
Updated based on feedback.  Also added enumeration only support for BSD and Solaris.
 2014-04-24 07:04:50 -05:00
Spencer McIntyre 9ccb9397e3
Land #3264, throttl and csv output support for module 2014-04-23 19:00:28 -04:00
Spencer McIntyre e2b92a824f Change white space for authors in dns_reverse_lookup 2014-04-23 18:56:27 -04:00
JoseMi fd95d9ef38 Added english windows xp sp2 target 2014-04-23 17:32:56 +01:00
William Vu 15bd92dd50
Fix OpenSSH timing attack module 2014-04-23 10:10:37 -05:00
William Vu 0a108acea3
Fix missing comma 
Commas will be the death of me.
 2014-04-23 10:10:12 -05:00
William Vu 6d7fde4302
Land #3157, OpenSSH user enumeration timing attack 2014-04-23 10:01:10 -05:00
William Vu 1a2899d57b
Fix up whitespace 'n' stuff 2014-04-23 10:00:34 -05:00
Thanat0s 457c48b89b Error on sleep 2014-04-23 11:38:23 +02:00
Joe Vennix 143aede19c
Add osx nfs_mount module. 2014-04-23 02:32:42 -05:00
kenkeiras 96f042110f return is not needed when it's the last lifunction line 2014-04-22 22:33:47 +02:00
kenkeiras c9d8da991a Use Rex.sleep instead of select 2014-04-22 22:33:19 +02:00
kenkeiras d2a558dc85 Removed unused code 2014-04-22 22:33:02 +02:00
William Vu 39a7a049c4
Land #3283, msftidy vars_get check update 
Now with more cyan.
 2014-04-22 12:27:44 -05:00
Christian Mehlmauer 3f4e9ab18d
msftidy: only check send_request_cgi for vars_get 2014-04-22 19:24:06 +02:00
Wiesław Kielas 8f6567967d Heartbleed PostgreSQL TLS support improvements 2014-04-22 17:36:06 +02:00
Rick Farina (Zero_Chaos) f35314b9f0 adjust Msf::Util::EXE for newer file output 
Newer releases of File have a much different output when given a jar
file. Adjust regex per egyp7's suggestion to close bug 8792 on redmine.

Failure/Error: verify_bin_fingerprint(format_hash, bin)
expected: /zip/i
got: "/dev/stdin: Java archive data (JAR)\n" (using =~)

Tested and confirmed working with file 5.17 on Gentoo Linux.
 2014-04-22 02:21:09 -05:00
Wiesław Kielas fbe392a896 Add PostgreSQL TLS support to the Heartbleed scanner 2014-04-21 23:27:40 +02:00
William Vu 284b474591
Land #3286, release fixes 2014-04-21 14:03:00 -05:00
Tod Beardsley e514ff3607
Description and print_status fixes for release 
@cdoughty-r7, I choose you! Or @wvu-r7.
 2014-04-21 14:00:03 -05:00
Ken Smith 66b1c79da9 Update rop chain for versions 6.2 and 6.1 2014-04-21 13:27:14 -04:00
JoseMi e25ca64641 It's solved the crash when double-click on the pcap file 2014-04-21 17:49:40 +01:00
Christian Mehlmauer b864c4619d
msftidy - added info messages 
this commit adds info messages to msftidy to show some info,
but stil exit with status 0 if there are not errors.
 2014-04-21 18:04:14 +02:00
OJ d8a00603b2
Land #8 - Fix style and yardoc from @jlee-r7 2014-04-21 19:29:09 +10:00
James Lee 49bd86f077
Clean up yardocs and a few style issues 2014-04-21 03:12:23 -05:00
William Vu 1faf069130
Land #3284, deprecated module cleanup 2014-04-20 23:10:55 -05:00
James Lee ee413ac385
Remove previously deprecated modules 2014-04-20 22:15:44 -05:00
Christian Mehlmauer fc803ae277
Changed msftidy check 
send_request_raw does not support vars_get so change
the message to switch to send_request_cgi.
See #3272 for more info
 2014-04-20 22:41:32 +02:00
Tom Sellers 2fd004b69e New module: Multiplatform Wireless LAN Geolocation 
This is a new POST module that allows Windows, Linux, and OSX targets to be geolocated using Google services if the target has an active and functional wireless adapter.
 2014-04-19 17:31:48 -05:00
JoseMi 3861541204 Add more rand_text_alpha functions 2014-04-19 18:37:58 +01:00
JoseMi 7bc546e69a Add rand_text_alpha function 2014-04-19 17:45:28 +01:00
Brandon Turner 97ef53a1d1
Add upper bound for active-* gems 
We do not yet support ActiveRecord and ActiveSupport 4.x, so ensure our
Gemfile declares this.
 2014-04-18 16:45:07 -05:00
Brandon Turner fda6ed39f2
Land #3278, use renamed bcrypt gem instead of bcrypt-ruby 2014-04-18 16:33:51 -05:00