James Lee
dc08bc337b
Default to ethernet if the server doesn't specify
...
Still need to recompile sniffer, but this will fix the immediate problem
of stack traces and failing to save the pcap.
2012-05-23 10:06:30 -06:00
sinn3r
0b7b71e240
Correct run-on sentence
2012-05-23 10:27:23 -05:00
sinn3r
94f114b69a
Fix typos
2012-05-23 10:22:52 -05:00
sinn3r
7a4f1a111b
Merge branch 'cve-2008-0320_openoffice_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-cve-2008-0320_openoffice_bof
2012-05-23 10:20:16 -05:00
jvazquez-r7
287d68f304
added module for CVE-2008-0320
2012-05-23 17:14:11 +02:00
sinn3r
bf0f5a7e5a
Merge pull request #410 from jjarmoc/ZDI-12-052-ref
...
Added reference to vendor advisory
2012-05-22 13:23:35 -07:00
Tod Beardsley
a37e98f159
Updating release from master.
2012-05-22 14:12:08 -05:00
James Lee
e97994fdde
Make sure matches is set
...
Fixes a nil issue introduced by 17943c7
2012-05-22 12:49:54 -06:00
Jeff Jarmoc
c4b64a51f7
Added reference to vendor advisory
2012-05-22 13:22:26 -05:00
James Lee
0c1d736fbc
Hrm, out-of-order commits
...
Looks like my cherry-pick'ing fu hosed the previous commits and somehow
left two copies of dump_references.
2012-05-22 10:44:16 -06:00
James Lee
3bd0276ab3
Add references to info output for post modules
...
[Fixes #6902 ] [Closes #409 ]
Squashed commit of the following:
commit e29bf83196e39853d12b58d77db1ffdb26fbb6eb
Author: James Lee <egypt@metasploit.com>
Date: Tue May 22 10:01:12 2012 -0600
Add references to info output for post modules
commit e0147f0f05375d812ecfd55f9c2cb4bffabc1887
Author: James Lee <egypt@metasploit.com>
Date: Tue May 22 10:05:32 2012 -0600
Put references after description for consistency
2012-05-22 11:25:23 -05:00
Tod Beardsley
87ce3fe2f7
Adding extra ref from jjarmoc
2012-05-22 11:17:57 -05:00
sinn3r
c9604d8902
Add an invisible reference
2012-05-22 10:52:54 -05:00
sinn3r
d9ab464d4d
A very quick update to the title.
2012-05-22 03:11:05 -05:00
sinn3r
c9aa057b6d
Merge pull request #407 from wchen-r7/osx_voice
...
OSX Text-to-Speech tool
2012-05-22 01:06:50 -07:00
sinn3r
c43ef8b5bc
Merge pull request #406 from jvazquez-r7/lmgrd_bof_randomization
...
randomization when possible for flexnet_lmgrd_bof
2012-05-22 01:04:46 -07:00
sinn3r
ca08e225fb
Add OSX Text-to-Speech tool
2012-05-22 03:03:30 -05:00
HD Moore
5cc98b7ded
Import NSE script output as notes
2012-05-22 01:49:45 -05:00
jvazquez-r7
c823e8099e
randomization when possible for flexnet_lmgrd_bof
2012-05-22 08:32:10 +02:00
sinn3r
cafe803217
Fix typos
2012-05-21 16:32:33 -05:00
jvazquez-r7
72b1f113ce
Added module for ZDI-12-052
2012-05-21 16:32:33 -05:00
David Maloney
df85e4f586
Remove trailing comma
2012-05-21 16:28:02 -05:00
David Maloney
0b41d0f77d
Fixes an issue where mysql_payload would crash agaisnt
...
unsupported arch. Due to a bad var name
[Fixes #29957453 ]
2012-05-21 16:09:08 -05:00
David Maloney
17943c7a48
Makes it so we don't ever use local config files for Net::SSH
...
Also makes sure that the :config =>false option keeps
Net:SSH from meddling with knowns_hosts too
2012-05-21 16:09:08 -05:00
David Maloney
c386e1ce31
Add an option to the schemadump modules to not display output to the
...
screen
2012-05-21 16:09:07 -05:00
Tod Beardsley
0be83dae06
Replaces a dead link in HACKING
2012-05-21 15:25:30 -05:00
RageLtMan
77f95df1e9
Banner encoding fix when running against dd-wrt on ruby 1.9.3
2012-05-21 14:50:57 -05:00
RageLtMan
125aa43072
PowerShell post module download and exec
...
This adds sempervictus's PowerShell post module, along with a default
post module one can use for quick testing (for expected results, see
the screencap Gist at https://gist.github.com/6011cb87b01e970deca8
[Closes #403 ]
Squashed commit of the following:
commit c6b5a6aac1dc8781c67b611289d7710129592e83
Author: Tod Beardsley <todb@metasploit.com>
Date: Mon May 21 14:43:48 2012 -0500
Minor tweaks to language
commit ef088e135cd7b0ccb514a3011889154661d5bd09
Merge: 0a05455 1e14211
Author: Tod Beardsley <todb@metasploit.com>
Date: Mon May 21 14:34:27 2012 -0500
Merge remote branch 'todb/default-powershell' into Pull403
commit 0a0545558604c53d4648e3314ca8963ff9b225a7
Author: Tod Beardsley <todb@metasploit.com>
Date: Mon May 21 14:33:33 2012 -0500
Reverting unrelated telnet fix
While I'm sure it's great, it needs to be tested.
commit 1e1421102b44a4c60c6eb9b442227075e959d7c6
Author: Tod Beardsley <todb@metasploit.com>
Date: Mon May 21 14:14:09 2012 -0500
Adds a default path to a script for exec_powershell.rb
commit 9978787f44896d06744d50febf4344111edcd7b1
Author: Tod Beardsley <todb@metasploit.com>
Date: Mon May 21 14:06:46 2012 -0500
Adds a new default powershell script
commit 25b605949fbf772e95a510162ca5af510c59788f
Author: RageLtMan <rageltman [at] sempervictus>
Date: Mon May 21 14:15:15 2012 -0400
Synchronized SVIT version of lib...powershell.rb to github. Adds timeout option, check for script encoding, etc. Added post/windows/manage/powershell folder with script execution module. Other modules which can be placed here would be WinRM meterp exec, PS persistence, etc
commit c4a7fd932fb8850de732bfa911cf8d729a5db42d
Merge: 21b31f1 36207eb
Author: RageLtMan <rageltman [at] sempervictus>
Date: Mon May 21 14:07:26 2012 -0400
msfvenom formatting merge conflict fix
commit 36207eb21ee04483c19790b5db7855d0a715e43d
Merge: c77eb03 4772c12
Author: RageLtMan <rageltman [at] sempervictus>
Date: Mon May 21 14:06:07 2012 -0400
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
commit 21b31f10c505862c14234824d4dabbb6fdfe7cbb
Merge: 81a7d62 c77eb03
Author: RageLtMan <rageltman [at] sempervictus>
Date: Fri May 18 12:57:52 2012 -0400
Merge branch 'master' into powershell
commit c77eb03ca4428a741f5d231b3ec1cf80c90e9395
Merge: 89d5af7 52183aa
Author: RageLtMan <rageltman [at] sempervictus>
Date: Fri May 18 12:57:21 2012 -0400
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
commit 89d5af7ab2fe1ce31cd70561893d94bb73f3762c
Author: RageLtMan <rageltman [at] sempervictus>
Date: Fri Mar 2 01:28:02 2012 -0500
Banner encoding fix when running against dd-wrt on ruby 1.9.3
commit 81a7d62c6dab8404c1c0566a8be84c7280edeef8
Author: RageLtMan <rageltman [at] sempervictus>
Date: Tue Mar 20 20:19:13 2012 -0400
powershell for msfvenom
commit 672c7bc37ea37a3b111f755ef17fe0c16047e488
Merge: 3e86dc4 ed542e2
Author: RageLtMan <rageltman [at] sempervictus>
Date: Tue Mar 20 20:08:12 2012 -0400
exe.rb merge cleanup
commit 3e86dc4c40da1df3d0ff4a9ab6fffe8eeda52544
Author: RageLtMan <rageltman [at] sempervictus>
Date: Tue Mar 20 20:06:03 2012 -0400
psh encoder cleanup
commit f619ed477fef7a2830b99ce6a9b27bb523c9d3ce
Author: RageLtMan <rageltman@sempervictus.com>
Date: Sun Feb 5 13:35:11 2012 -0500
method call fix for psh-net encoder
commit 7b035e6da0ead328aebbfdf9fbbebed506cdca18
Author: RageLtMan <rageltman@sempervictus.com>
Date: Fri Feb 3 18:53:54 2012 -0500
PS encoders: .net and architecture dependent native (psh-net, psh)
commit 7a2749bf2682686a87d37d240e61adece53fba8e
Merge: 32730b9 f89853d
Author: RageLtMan <rageltman@sempervictus.com>
Date: Fri Feb 3 18:38:03 2012 -0500
Merge branch 'master' into powershell
commit 32730b96be4c9bd73f1f45b5d2d4330b8fb72cb8
Merge: e69fcd1 f6a6963
Author: RageLtMan <rageltman@sempervictus.com>
Date: Wed Jan 25 10:33:17 2012 -0500
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into powershell
commit e69fcd1a83412d6c0c96605b5acf0675e5b07205
Author: RageLtMan <rageltman@sempervictus.com>
Date: Wed Jan 25 07:59:38 2012 -0500
msfvenom psh addition
commit 9a5d8ead7e69c40ff5e9a73244165a5685ca47ec
Author: RageLtMan <rageltman@sempervictus.com>
Date: Wed Jan 25 07:29:38 2012 -0500
Proper author reference
commit 9fd8ac75a89ca2678b0d09192227eb23f00bf549
Author: RageLtMan <rageltman@sempervictus.com>
Date: Tue Jan 24 19:07:30 2012 -0500
Fix script handling
commit fa363dfe965382a9f89ff404398e38e8f164c11a
Author: RageLtMan <rageltman@sempervictus.com>
Date: Tue Jan 24 17:31:09 2012 -0500
added Msf::Post::Windows::Powershell, reworked post module to use mixin
commit e078d15b5464ff47ce616334d8cb1aa84a00df33
Author: RageLtMan <rageltman@sempervictus.com>
Date: Mon Jan 23 13:42:35 2012 -0500
vprint_good change
commit 355f8bb19a62d974c5c89079dd26dd4cbb756c0a
Author: RageLtMan <rageltman@sempervictus.com>
Date: Mon Jan 23 12:50:51 2012 -0500
exec powershell module
commit 5f9509444953f25352c994f90cae8a168878f7ea
Author: RageLtMan <rageltman@sempervictus.com>
Date: Mon Jan 23 12:45:41 2012 -0500
powershell encoder support - Redmine Feature #6049
2012-05-21 14:48:16 -05:00
James Lee
d273a0e44b
Check for the right method name
...
"stdapi_fs_rm" doesn't exist
2012-05-21 12:42:23 -06:00
Tod Beardsley
4772c1258e
Removing hashcollision_dos module due to license violation
...
The description text is a copy-paste of
http://www.ocert.org/advisories/ocert-2011-003.html , which has a
specific creative commons liscence prohibiting derivative works.
Since I have no idea what else in this module is a license violating,
I'm pulling it completely. I suspect a lot, though -- there are weird
all-caps methods in the module that look like copy-pastes as well.
Next time, please contribute original work, or at least work that is not
encumbered by restrictive licensing.
2012-05-21 11:28:58 -05:00
Tod Beardsley
675dfe4e14
Don't keep the weblogi return codes secret
2012-05-21 11:27:24 -05:00
Tod Beardsley
1104dccde8
Noting rhost/rport, cli.peerhost where appropriate
...
There's no msftidy check for this, and it's irritating to have to
remember to do this all the time.
2012-05-21 11:19:02 -05:00
Tod Beardsley
7cc905832e
Consistent caps on SVG in batik_svg_java exploit
...
Also, modules should not refer to themselves as "I" or "me." It's
creepy.
2012-05-21 11:14:03 -05:00
Tod Beardsley
5dd866ed4a
Fixed print_status to include rhost:rport
...
Also don't let the failed user:pass be a mystery to the user.
2012-05-21 11:11:34 -05:00
Tod Beardsley
eea20e773b
Capitalization fixups on hashcollision_dos
2012-05-21 11:06:18 -05:00
Tod Beardsley
1fc7597a56
Msftidy fixes.
...
Fixed up activecollab_chat, batik_svg_java, and foxit_reader_launch
All whitespace fixes.
2012-05-21 10:59:52 -05:00
Tod Beardsley
37cdd438ab
Touching README, mostly to test commits
2012-05-21 09:22:47 -05:00
sinn3r
3f1a72932e
Merge pull request #401 from rsmudge/armitage
...
Armitage 05.21.12
2012-05-20 20:01:12 -07:00
Raphael Mudge
c14a3e655e
Armitage 05.21.12
...
This release improves collaboration performance and fixes a few Windows specific issues.
2012-05-20 22:54:25 -04:00
sinn3r
822e109b1f
Merge pull request #398 from wchen-r7/foxit_reader_launch
...
CVE-2009-0837 by bannedit - Foxit Reader 3 Launch Action BoF
2012-05-20 07:58:29 -07:00
sinn3r
38dfd8060e
Merge pull request #400 from swtornio/master
...
add osvdb refs
2012-05-20 07:58:03 -07:00
Steve Tornio
ba2787df8a
add osvdb ref
2012-05-20 07:13:56 -05:00
Steve Tornio
c95a06e247
add osvdb ref
2012-05-20 07:13:31 -05:00
sinn3r
628233d15c
Merge pull request #399 from wchen-r7/hp_storageworks
...
Add HP StorageWorks VSA command execution vulnerability
2012-05-19 14:14:49 -07:00
sinn3r
d8c3edd316
Add HP StorageWorks VSA command execution vulnerability
2012-05-19 14:53:45 -05:00
James Lee
3a4a61da80
Add missing require for `msf/post/unix`
...
[Fixes #6889 ]
2012-05-19 11:44:42 -06:00
sinn3r
f9bcb95952
Correct EDB references
2012-05-19 02:24:29 -05:00
sinn3r
964a6af423
Add Active Collab chat module PHP injection exploit, by mr_me
2012-05-19 02:06:30 -05:00
Tod Beardsley
f6e9ae6569
Merge pull request #397 from rapid7/normalize-memleak
...
Update MDM from upstream
2012-05-18 15:32:37 -07:00
Aram Verstegen
d5d285ae96
Adding aczid's minimal exploit configurator
...
Note the syntax change, need to chase this down before pushing upstream
and make sure nobody's relying on that.... and grep says everything's
cool.
[Closes #295 ]
Squashed commit of the following:
commit 33b7438731ae5377c95d3d752d76eca73bad20ef
Merge: 6d3e6dd 7811b0a
Author: Tod Beardsley <todb@metasploit.com>
Date: Fri May 18 16:55:49 2012 -0500
Merge branch 'master' into HEAD
commit 6d3e6dd6e215f8a4e0b1b53a29329748dad779af
Author: Aram Verstegen <aram.verstegen@gmail.com>
Date: Sat Apr 7 22:58:29 2012 +0200
Automatically configure payloads for wmap-enabled exploits
commit 410008bab7a4845d10d5077d0482899964088bd0
Author: Aram Verstegen <aram.verstegen@gmail.com>
Date: Sat Apr 7 22:58:06 2012 +0200
Exposed exploit_choose_payload as class method Exploit.choose_payload
2012-05-18 17:24:18 -05:00