18962e1180
Checking in the new Flash exploit to the release
...
Using the checkout master directly:
git checkout master external/source/exploits/CVE-2012-0754/Exploit.as
git checkout master
modules/exploits/windows/browser/adobe_flash_mp4_cprt.rb
2012-03-08 11:55:01 -06:00
046857f3ab
Merge branch 'release/2012030701' of r7.github.com:rapid7/metasploit-framework into release/2012030701
2012-03-08 10:23:46 -06:00
188f5c111c
Simplify the module instance (required to call certain methods)
2012-03-08 10:22:32 -06:00
f0685e4a1f
Overwrite the local datastore with the normalized option, even if it
...
came from a global datastore due to a fall-through
2012-03-08 10:22:18 -06:00
36240b6fe4
Revert the previous global fix in favor of a different method.
...
Fixes #6501
2012-03-08 10:22:07 -06:00
a6053b1ec3
Always clone modules before running them via the simplified wrappers.
...
This prevents changes to the datastore or instance variables from
being carried over into a second run
2012-03-08 10:21:00 -06:00
86fc45810b
Remove the resource during cleanup
2012-03-07 23:04:53 -06:00
b4e0daf3ca
Small tweaks to the adobe mp4 exploit
2012-03-07 22:53:47 -06:00
8d93e3ad44
Actually use the password we were given...
2012-03-08 10:17:39 -07:00
9d343ea1c1
Fix to dividie by zero issue in scannenr progress method
2012-03-08 11:03:33 -06:00
7ddd173b40
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-03-08 00:47:06 -06:00
9ece7b08fc
Add vendor's advisory as a reference
2012-03-08 00:46:34 -06:00
c63bc27c4b
Merge pull request #223 from rsmudge/armitage
...
Armitage 03.08.12
2012-03-07 22:45:52 -08:00
5f92bff697
Make sure no encoder will break the exploit again
2012-03-08 00:44:57 -06:00
2e94b97c82
Fix description
2012-03-07 23:59:51 -06:00
f07be8b7de
Armitage 03.08.12
...
-----------------
Added support for meterpreter's session_host value (allows armitage to associate session w/
a host, even if it's behind a NAT). Armitage also chooses an IPv6 payload when attacking an
IPv6 host.
2012-03-07 20:43:07 -05:00
57376a976d
Fixes descriptions on new modules.
...
Fixing up grammar and removing some editorial verbiage.
2012-03-07 09:18:47 -06:00
761f859695
Simplify the module instance (required to call certain methods)
2012-03-07 07:59:41 -06:00
5054840165
Overwrite the local datastore with the normalized option, even if it
...
came from a global datastore due to a fall-through
2012-03-07 07:37:36 -06:00
b89af3546d
Revert the previous global fix in favor of a different method.
...
Fixes #6501
2012-03-07 07:37:36 -06:00
9975d5a220
Always clone modules before running them via the simplified wrappers.
...
This prevents changes to the datastore or instance variables from
being carried over into a second run
2012-03-07 07:37:36 -06:00
d9788db7bb
Merge pull request #222 from jduck/master
...
Fixes #6483
2012-03-07 18:11:48 -08:00
0550b77522
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-03-07 20:04:04 -06:00
3b4ed13aee
Fix typo
2012-03-07 20:03:46 -06:00
33460b6bf4
Fixups on the Adobe Flash exploit description
...
Massaged the lines about the phishing campagin use in the wild.
2012-03-07 19:37:49 -06:00
befb60217c
Add CVE-2012-0754 .as source
2012-03-07 19:25:51 -06:00
c76f43c066
Add CVE-2012-0754: Adobe Flash Player MP4 cprt overflow
2012-03-07 19:24:00 -06:00
f2eab70c3f
Add swf file for CVE-2012-0754
2012-03-07 19:23:11 -06:00
f97dc8dee7
Fix spelling of the IBM product iSeries
...
Was I-Series.
2012-03-07 15:24:15 -06:00
7dfba9c00d
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-03-07 14:51:39 -06:00
0ee7788028
Add a check to detect the vulnerable version of Sysax SSH
2012-03-07 14:51:21 -06:00
ab01a19f92
Fixes #6483 : Correct the include for the handler (was copypasta)
2012-03-07 11:23:44 -06:00
ba2bf194fd
Fixes descriptions on new modules.
...
Fixing up grammar and removing some editorial verbiage.
2012-03-07 09:17:22 -06:00
02ea38516f
Add a check method for tomcat_mgr_deploy
2012-03-06 23:22:44 -07:00
806a3c01b7
Wrap Windows-specifc headers in ifdef
2012-03-06 15:34:09 -07:00
d99df825b3
Handle multiple addrs on one iface on the ruby side
2012-03-06 14:36:34 -07:00
6b9a21936e
Whitespace at EOL
2012-03-06 14:14:02 -07:00
2b9acb61ad
Clean up some incosistent verbosity
...
Modules should use `vprint_*` instead of `print... if
datastore["VERBOSE"]` or similar constructs
2012-03-06 12:01:20 -07:00
003fa3e22c
Apply patch for #6495
2012-03-06 11:43:28 -06:00
22a12a6dfc
Add Lotus CMS exploit (OSVDB-75095)
2012-03-06 11:36:28 -06:00
8cbe5d8a54
Force many integer arguments to be integers
2012-03-06 09:28:29 -06:00
99177e9d5e
Small commit to fix bad reference and old comment
2012-03-06 01:44:26 -06:00
085b3b5640
Adds IPv6 addrs to win32 get_interfaces response
2012-03-05 21:57:39 -07:00
7f9880a1fc
Fixes whitespace on linux shellcode from @mak
...
Also repairs some weirdly broken comment.
[Closes #131 ]
2012-03-05 16:59:37 -06:00
9e380d9e88
Merge remote branch 'mak/payload-linux-x64' into l64
2012-03-05 14:58:24 -06:00
78d84d9472
A few more author typos
2012-03-05 13:50:03 -07:00
22eb1e2dce
Module author typo
2012-03-05 13:50:03 -07:00
e14a574c36
Fix a couple of typos that throw off module authors
2012-03-05 13:50:03 -07:00
e014e9a5c3
Fix up notes search implementation
...
Uses delete_if and a negative assertion, rather than the (much nicer but
unavailable) keep_if method.
2012-03-05 13:50:02 -07:00
b847d48927
Tidies up sempervictus's search patch
...
Affects the console's db commands of hosts, services, vulns, creds, notes,
loot
Skips searching entirely unless a search term is provided, and
explicitly casts the term as a Regexp object from the outset.
Avoids using Object#to_sym in preference of Object#intern (safer in
nearly all cases)
Temporarily disables functionality on notes since Array#keep_if isn't
available prior to Ruby 1.9.2
2012-03-05 13:50:02 -07:00
Tod Beardsley
Jonathan Cran
HD Moore
James Lee
David Maloney
sinn3r
sinn3r
Raphael Mudge
Joshua J. Drake