infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
24,113 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

24113 Commits (638cb41a3fd51483db2967b034e2d2aa700a3913)

Author SHA1 Message Date
jvazquez-r7 b8e2c9fe42 Clean and fix @Firefart's code 2014-04-08 15:32:13 -05:00
jvazquez-r7 80bdbbed92 Solve conflict 2014-04-08 15:18:38 -05:00
Christian Mehlmauer 8c7debb81d
Added some comments and modified JABBER 2014-04-08 22:13:02 +02:00
jvazquez-r7 021da84459 Add authors and switch and's format 2014-04-08 15:10:27 -05:00
sinn3r a2b709b20e
Land #3189 - Vtiger Install Unauthenticated Remote Command Execution 2014-04-08 14:58:34 -05:00
sinn3r 4012dd0acc Fix everything that needs to be fixed 2014-04-08 14:57:42 -05:00
Christian Mehlmauer 9c053a5b91
Added additional protocols 2014-04-08 21:56:05 +02:00
Fabian Bräunlein 8dce80fd30 Added Big Endianess, improved check()-Function 
Some Fritz!Box devices also run in Big Endianess mode. However, since
"uname -a" always returns "mips" and the "file"-command is not
available, autodetection is not an easy task.

The check()-function now checks, whether the device is really
vulnerable.

Furthemore, it's possible to send 92 bytes.
 2014-04-08 21:32:36 +02:00
William Vu 69ab46e8cd
Land #3205, prevent Travis autofails on msftidy 2014-04-08 14:15:59 -05:00
jvazquez-r7 5f29026cb2 Complete @Firefart's module 2014-04-08 14:13:56 -05:00
Tod Beardsley 2d0ff4b9fb
Travis shouldn't autofail msftidy fails... yet 
[SeeRM #8498]
 2014-04-08 14:05:42 -05:00
Spencer McIntyre 3f6c8afbe3 Fix typo of MSCOMCTL not MCCOMCTL 2014-04-08 14:52:18 -04:00
Spencer McIntyre 85197dffe6 MS14-017 Word RTF listoverridecount memory corruption 2014-04-08 14:44:20 -04:00
William Vu 66e292a85a
Land #3201, typo fix for exim4_dovecot_exec 2014-04-07 18:10:37 -05:00
Jeff Jarmoc 21b220321f Fix typo. 
This isn't a Linksys exploit.  Left over wording from a previous exploit?
 2014-04-07 18:06:59 -05:00
jvazquez-r7 fb1318b91c
Land #3193, @m-1-k-3's exploit for the Fritzbox RCE vuln 2014-04-07 16:13:31 -05:00
jvazquez-r7 ceaa99e64e Minor final cleanup 2014-04-07 16:12:54 -05:00
William Vu 79f82be35d
Land #3188, deluxe msftidy post-merge hook 2014-04-07 14:38:19 -05:00
William Vu e0966f7a46
Land #3198, msftidy disclosure date fix 2014-04-07 14:30:30 -05:00
sinn3r 023bde5b43 Correct msftidy disclosure date check 
This correct msftidy's disclosure date check to do the following:

1. If the module has a disclosure date, the check should kick in.
2. If the module is an exploit, and doesn't have a disclosure
   date, then it will be flagged.
3. If the module is an auxiliary, and doesn't have a disclosure
   date, then it will NOT be flgged (because not all aux modules
   target bugs/vulns like exploits do).
 2014-04-07 14:21:04 -05:00
Christian Mehlmauer ac0cafcca6
Initial commit for openssl Heartbleed bug 2014-04-07 21:15:54 +02:00
Tod Beardsley e1071eb4ea
Land todb-r7#6, fix the comment docs 2014-04-07 14:06:50 -05:00
William Vu 31b3a6973e
Fix symlink commands 2014-04-07 12:40:11 -05:00
Michael Messner b1a6b28af9 fixed disclosure date 2014-04-07 19:29:37 +02:00
William Vu 579d6c7bcc
Land #3196, release fixes 2014-04-07 12:26:30 -05:00
Michael Messner 003310f18a feedback included 2014-04-07 19:25:26 +02:00
Tod Beardsley 7572d6612e
Spelling and grammar on new release modules 2014-04-07 12:18:13 -05:00
sinn3r d385c5ad4b Fix undefined method `rport' for the check command 2014-04-07 11:48:28 -05:00
Michael Messner 85de6ed0c9 feedback included 2014-04-07 18:20:15 +02:00
sinn3r 0c883723ba
Land #3149 - Oracle Demantra Arbitrary File Retrieval with auth bypass 2014-04-07 11:11:55 -05:00
sinn3r 31dfae3a01 Follow the 100 columns per line guideline 2014-04-07 11:10:20 -05:00
sinn3r de242ecc00 Correct date format 
Hmm weird, msftidy didn't pick this up
 2014-04-07 11:09:27 -05:00
sinn3r 13d3d48493
Land #3194 - WinRAR Filename Spoofing 2014-04-07 11:00:08 -05:00
jvazquez-r7 56bd35c8ce Add module for WinRAR spoofing vulnerability 2014-04-07 09:21:49 -05:00
jvazquez-r7 80b069f161 Add support for spoofed zip Central Dir names at Entry level 2014-04-07 09:21:26 -05:00
jvazquez-r7 46e6f937f1 Revert "Add central directory zip spoofing" 
This reverts commit d0700e8ac4.
 2014-04-07 08:50:33 -05:00
jvazquez-r7 d0700e8ac4 Add central directory zip spoofing 2014-04-07 08:49:49 -05:00
Michael Messner 11bbb7f429 fritzbox echo exploit 2014-04-07 09:12:22 +02:00
dummys ca7dcc0781 cleanup with msftidy 2014-04-06 12:41:58 +02:00
William Vu 6e9a136c59
Land #3191, CONTRIBUTING.md improvements 2014-04-05 22:23:25 -05:00
William Vu 531686c2c9
Change italics to bold 2014-04-05 22:21:44 -05:00
Tod Beardsley 22ff5e2b0b Add three more dos/donts to CONTRIBUTING.md 
I've seen a couple PRs targeting the wrong branch. Many projects have a
workflow where PRs should hit `develop` or `release` or something, but
Metasploit-Framework wants PRs targeted against `master`.

Also, warn against fixing too much in one PR since those kinds of PRs
are a) harder to validate and b) might be all wrong anyway. We don't
want people committing a bunch of work when the fundamental approach
isn't going to fly.
 2014-04-05 16:10:18 -05:00
jvazquez-r7 6d72860d58
Land #3004, @m-1-k-3's linksys moon exploit 2014-04-04 14:04:48 -05:00
jvazquez-r7 0ae75860ea Code clean up 2014-04-04 14:02:12 -05:00
sinn3r ea1c6fe8a4
Land #3177 - JIRA Issues Collector Directory Traversal 2014-04-04 10:41:51 -05:00
Spencer McIntyre 395f5beef8
Land #3178, http header scan module 2014-04-04 11:36:35 -04:00
Christian Mehlmauer 166e73b52d Merge pull request #5 from zeroSteiner/http_header_changes 
Minor modifications for http_header
 2014-04-04 17:18:59 +02:00
Spencer McIntyre 2b6ae68cbf Minor modifications for http_header 2014-04-04 10:46:03 -04:00
jvazquez-r7 e2cbcf3c5d
Land #3179, @brandonprry AlienVault sqli aux module 2014-04-04 09:17:11 -05:00
jvazquez-r7 ff6105e55d Add check codes 2014-04-04 09:13:43 -05:00