Commit Graph

12140 Commits (67f788768d0e1ec738049a4b5b1953fa5e57da9d)

Author SHA1 Message Date
HD Moore d0bf833942 Fix ctype vs content_type typo 2012-02-27 11:54:29 -06:00
sinn3r 58dfe32b0a Merge branch 'aspx-msfvenom' of https://github.com/mandreko/metasploit-framework into mandreko-aspx-msfvenom 2012-02-26 18:40:30 -06:00
sinn3r da01f4c872 Merge branch 'meterpreter-enum_firefox-fix' of https://github.com/gregory-m/metasploit-framework into gregory-m-meterpreter-enum_firefox-fix 2012-02-26 15:56:03 -06:00
sinn3r 2f201cdf78 Merge pull request #198 from jduck/master
Fixes #6308
2012-02-26 11:52:47 -08:00
sinn3r 4447da4c79 Merge pull request #200 from swtornio/master
add osvdb ref
2012-02-26 11:52:10 -08:00
Joshua J. Drake 3ff5c91c24 Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-02-26 09:53:04 -06:00
Gregory Man 93117e9b8a Fixed scripts/meterpreter/enum_firefox to work with firefox > 3.6.x 2012-02-26 15:38:33 +02:00
Steve Tornio ef4cdb516d add osvdb ref 2012-02-26 07:13:13 -06:00
HD Moore 139136e033 Fix a handful of typos in the regex/parsing code 2012-02-26 02:10:06 -06:00
sinn3r debbba9623 Add OSVDB-55938: D-Link DAP1353 Default Password for SSH admin 2012-02-26 01:20:16 -06:00
sinn3r 91f56b0fd5 Add default password for CVE-2009-3710 2012-02-26 01:18:08 -06:00
Matt Andreko 85645a81c1 Added aspx target to msfvenom. This in turn added it to msfencode as well.
Ref: https://github.com/rapid7/metasploit-framework/pull/188
Tested on winxp with IIS in .net 1.1 and 2.0 modes
2012-02-25 18:02:56 -05:00
Joshua J. Drake 65ed4bfa8b Fixes #6308: Fall back to 127.0.0.1 when SocketError is raised from the resolver 2012-02-25 13:00:48 -06:00
James Lee eccd62717e Binaries for new netlink code
Includes a Windows dll to add support for route metrics.
2012-02-24 16:42:13 -07:00
James Lee a80056e6e5 Get rid of an unnecessary sleep() 2012-02-24 16:42:12 -07:00
James Lee 2b8d16203a Refactor Interfac#pretty to be more rubyish 2012-02-24 16:42:12 -07:00
MM f83a7f14ac Switch to netlink for listing interfaces
* Adds support for listing IPv6 addresses on POSIX meterpreter
* Ensures crash logs are only created if debugging is enabled
* Fixes a bug in sniffer where a lock was not acquired correctly

Squashed commit of the following:

commit 955124b264a675c7d67187703bf23b58f0aba6d8
Author: MM <gaspmat@gmail.com>
Date:   Thu Feb 23 23:42:26 2012 +0100

    posix meterpreter - IPv6 support for route and ipconfig using netlink sockets

[Closes #196]
2012-02-24 16:42:12 -07:00
sinn3r 91a7a44f02 Merge branch 'gather-firefox_creds-osx-fix' of https://github.com/gregory-m/metasploit-framework into gregory-m-gather-firefox_creds-osx-fix 2012-02-24 16:03:42 -06:00
Tod Beardsley cf0fd2bc93 Version bump to 4.3.0-dev
Closed or moved all the remaining 4.2 bugs, so
now we're in 4.3.0-dev. 4.2.0-release (and really
any -release) is intentionally very short-lived.
2012-02-24 15:06:24 -06:00
sinn3r 7281a0ebdd Add CVE-2011-0923: HP Data Protector CMD_EXEC module (submitted by wireghoul) 2012-02-24 12:06:47 -06:00
Gregory Man 8a158c3a00 Added OSX support to post/multi/gather/firefox_creds
Tested on OSX 10.7.3 and FF 9.0.1
2012-02-24 16:44:42 +02:00
sinn3r bc2e12f7b5 Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-02-23 17:34:10 -06:00
sinn3r 339fb8d266 eh, I mean Win2k3 SP0 to SP1 2012-02-23 17:33:49 -06:00
James Lee a81868b6b3 Fix a nil comparison bug
I swear there was a ticket for this but now I can't find it.
2012-02-23 16:30:29 -07:00
David Maloney cb9cc1a69e Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-02-23 17:22:55 -06:00
David Maloney a6b10862bd Adds a lantronix telnet discovery module 2012-02-23 17:22:32 -06:00
James Lee f7e60cefed Add a fingerprint for pg on ubuntu 8.04.2 2012-02-23 16:11:52 -07:00
James Lee db4bb0e537 Clean up comments for rdoc
Fixes some ugly formatting
2012-02-23 15:32:05 -07:00
James Lee 9ddca81ab5 Fix test that always evals to false
Meterpreter does not respond_to? extension names, they're magic.
2012-02-23 14:52:48 -07:00
Joshua J. Drake e262d7a7ff Add CVE-2012-0500 Sun Java Web Start exploit 2012-02-23 13:30:45 -06:00
sinn3r 5f2569f1b4 Merge pull request #195 from swtornio/master
add osvdb ref
2012-02-23 07:55:13 -08:00
Steve Tornio 08fb03276f add osvdb ref 2012-02-23 07:39:31 -06:00
sinn3r c392287764 Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-02-22 23:00:09 -06:00
sinn3r 144fa0dc0e Comment what \x0b\x04 is for 2012-02-22 22:59:43 -06:00
James Lee 0ef8d8bb3a Ensure the dir exists before copying files there
Thanks MM for pointing out that this was missed.  The other dirs
referenced in #183 were addressed in 134b6c874f

[Closes #183]
2012-02-22 20:54:20 -07:00
sinn3r 92c801d936 Merge branch 'ssh-creds-fix' of https://github.com/gregory-m/metasploit-framework into gregory-m-ssh-creds-fix 2012-02-22 19:49:26 -06:00
sinn3r 291e083d65 Add CVE-2011-5001: TrendMicro Control Manager 5.5 CmdProcessor Stack Bof 2012-02-22 19:44:47 -06:00
sinn3r 5e0862bf9b Merge branch 'juanvazquez-CVE-2008-1602_orbit_download_failed_bof' 2012-02-22 19:41:17 -06:00
sinn3r 4ee1f989a6 Merge branch 'CVE-2008-1602_orbit_download_failed_bof' of https://github.com/juanvazquez/metasploit-framework 2012-02-22 19:40:56 -06:00
sinn3r 752fd66ca3 Merge branch 'CVE-2008-1602_orbit_download_failed_bof' of https://github.com/juanvazquez/metasploit-framework into juanvazquez-CVE-2008-1602_orbit_download_failed_bof 2012-02-22 16:05:08 -06:00
HD Moore 8d212849dc Fix typos that result in stack traces when matching the response codes 2012-02-22 16:04:24 -06:00
Gregory Man ace28a8388 1.9 compatibility fix
Strings in ruby 1.9 doesn't have #each method
2012-02-22 18:01:17 +02:00
Gregory Man 66fa56cc49 Fixed post/multi/gather/ssh_creds to work with shell session 2012-02-22 15:16:11 +02:00
HD Moore 3fecda95be Fix 1.8 compatibility issue 2012-02-22 02:05:44 -06:00
James Lee 5e6c40edfd Remove unnecessary space restrictions.
This allows using the full range of PHP payloads
2012-02-21 23:21:07 -07:00
James Lee 464cf7f65f Normalize service names
Downcases lots and standardizes a few.  Notably, modules that reported a
service name of "TNS" are now "oracle".  Modules that report http
now check for SSL and report https instead.

[Fixes #6437]
2012-02-21 22:59:20 -07:00
James Lee 7ca573a1b4 Give these two old modules a chance to work by setting a proper arch
These must have been broken for quite some time.  =/  They should
probably both be ARCH_PHP but I'm reluctant to make that big of a change
without having the target software to test.
2012-02-21 22:59:20 -07:00
James Lee 72038df7b5 Allow :sname as a synonym for :name when reporting services 2012-02-21 22:59:20 -07:00
HD Moore 4932a9ca25 Dont dump an HTML document to the console 2012-02-21 23:45:25 -06:00
HD Moore a1826146ef Permission changes, ignorable 2012-02-21 22:59:45 -06:00