infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
30,588 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

30588 Commits (6b97618fb2d9a4d5afadd8b54e376a00caf1ea14)

Author SHA1 Message Date
Meatballs 6b97618fb2 Improve resolve_sid API calls 2015-01-30 11:20:03 +00:00
Meatballs 02864b4401 Railgun DWORD handling 2015-01-30 11:20:03 +00:00
Meatballs d4707b8e07 Spellingz 2015-01-30 11:20:03 +00:00
Meatballs 9670608380 Reformat, remove unnecessary guard statement 2015-01-30 11:20:02 +00:00
Meatballs 0e976041b7 Small description fix 2015-01-30 11:20:02 +00:00
Meatballs 14f6ef13f4 Remove hardcoded domain 2015-01-30 11:20:02 +00:00
Meatballs 79a3a48348 Correct description 2015-01-30 11:20:02 +00:00
Meatballs e492f56ac0 Error if no database 2015-01-30 11:20:02 +00:00
Meatballs e6dbc15f40 Line length modification 2015-01-30 11:20:02 +00:00
Meatballs 044e3bd608 Golden Ticketz Post module 2015-01-30 11:20:02 +00:00
William Vu aec0067d14
Land #4673, screenshot -v hardcoded false fix 2015-01-29 19:40:15 -06:00
sinn3r 59eec8f81e
Land #4666 - Improve utility of meterpreter file upload command 
Fix #4665
 2015-01-29 19:12:31 -06:00
sinn3r 823c75908d Fix #4672 - Fix Hardcoded false for screenshot -v 
Fix #4672
 2015-01-29 16:54:41 -06:00
William Vu 7c793f9bbf
Land #4663, greppable msfvenom -l 
And --payload-options.
 2015-01-29 14:27:46 -06:00
sinn3r 4ad4765350 Merge pull request #25 from wvu-r7/pr/4663 
Change "Options for" line to stderr
 2015-01-29 14:00:23 -06:00
Brent Cook 212aeb9106 Improve utility of meterpreter file upload command 
Rather than assume that the destination argument is a directory, check
first, and then do the same thing that 'cp' would do.

 - If dest exists and is a directory, copy to the directory.
 - If dest exists and is a file, copy over the file.
 - If dest does not exist and is a directory, fail.
 - If dest does not exist and is a file, create the file.
 2015-01-29 13:45:15 -06:00
William Vu 6fdd2abc8d
Change "Options for" line to stderr 2015-01-29 13:38:29 -06:00
William Vu 6ecb36df52
Land #4653, get/set/unset description improvement 2015-01-29 13:28:06 -06:00
sinn3r b1b59dac7c Almost forgot this one again 2015-01-28 19:43:56 -06:00
sinn3r f6238f1ffb Auto-trim descriptions 2015-01-28 19:42:06 -06:00
sinn3r ae0214517a Fix #4662 - Change stderr to stdout so people can grep 
Fix #4662
 2015-01-28 18:23:36 -06:00
sinn3r 9d8d17805d
Land #4661 - Replace direct class comparison with kind_of? 2015-01-28 18:06:43 -06:00
James Lee bb17d75425
Replace direct class comparison with kind_of? 2015-01-28 17:00:15 -06:00
Samuel Huckins 8c55b660fc
Using latest MDM and credential gems 
* Had to revert changes related to service uniqueness validation
(MSP-11643) due to newly discovered regressions
 2015-01-28 16:14:48 -06:00
sinn3r 53af758a03
Land #4660 - Add a check() for mssql_payload 2015-01-28 15:47:33 -06:00
sinn3r 0f88d0ad75 Change print_* to vprint_* 
According to our wiki doc, all print_* should be vprint_* for check()
 2015-01-28 15:44:14 -06:00
sinn3r cc7be4a9c1
Land #4643 - Fix blank username bug in creds -u 
Fix #4634
 2015-01-28 15:31:54 -06:00
James Lee 51764eb207
Add a check() for mssql_payload 2015-01-28 13:44:16 -06:00
sinn3r f0742a38e2 The get command too 2015-01-28 12:59:51 -06:00
jvazquez-r7 5475cf50aa
Land #4655, @wchen-r7's custom 404 for BrowserExploitServer 2015-01-27 23:03:08 -06:00
sinn3r 457598eb02 print_error about unknown request.uri 2015-01-27 20:21:18 -06:00
sinn3r acf02647fb Add a check for Custom404 2015-01-27 20:18:10 -06:00
sinn3r 66703bfe5a Allow custom 404 as an option for BrowserExploitServer 
When something fails, the target is given a hardcoded 404 message
generated by the framework. But the user (attacker) now can configure
this. When the Custom404 option is set, the mixin will actually
redirect (302) to that URL.

There are several scenarios that can trigger a 404 by BES (custom or
default):

* When the browser doesn't allow javascript
* When the browser directly visits the exploit URL, which is forbidden.
  If this actually happens, it probably means the attacker gave the
  wrong URL.
* The attacker doesn't allow the browser auto-recovery to retry the
  URL.
* If some browser requirements aren't met.
* The browser attempts to go to access a resource not set up by the
  mixin.
 2015-01-27 18:53:02 -06:00
James Lee 895284cd12
Fix logic around empty usernames or passwords 
See #4634 and #4642
 2015-01-27 14:16:26 -06:00
James Lee 9f4daa4e03
Add a couple more specs 2015-01-27 14:09:00 -06:00
sinn3r 68fec0fee5 Update output for set/unset 2015-01-27 13:58:54 -06:00
jvazquez-r7 465b4a5c1b
Land #4652, @wchen-r7's ms13-037 svg exploit update to use BES 2015-01-27 13:47:35 -06:00
sinn3r d29a74cd8f Fix #4641 - Explain the set/unset command a little bit better 
Sometimes we forget the set command is context specific. For example,
if run from a module's context, it will set the value in the module's
datastore.

Fix #4641
 2015-01-27 13:35:05 -06:00
sinn3r ffd1257bff
Make sure this branch is up to date. 2015-01-27 12:16:15 -06:00
sinn3r bb9c961847 Change description a bit 2015-01-27 12:14:55 -06:00
William Vu b030327965
Land #4647, get_module_resource NilClass fix 2015-01-27 12:07:08 -06:00
sinn3r 2dedaee9ca Working version after the upgrade 2015-01-27 12:02:36 -06:00
William Vu ae22cf1b47
Land #4650, #strip NilClass fix 2015-01-27 11:13:33 -06:00
William Vu 7d7139d769
Consistent-ize whitespace 2015-01-27 11:11:02 -06:00
Tod Beardsley d8200c65a8
Strip safely, avoid nil.strip errors 2015-01-27 11:06:55 -06:00
William Vu 5b3d877b25
Land #4648, for real 2015-01-27 11:00:22 -06:00
William Vu 2b706f222a
Land #4648, YAML parsing fix 
Prefer regex. For reasons...
 2015-01-27 10:59:05 -06:00
William Vu a88a631b66
Fix #strip 2015-01-27 10:58:24 -06:00
Tod Beardsley d2bf1a73ff
Don't need to require YAML anymore either 2015-01-27 10:40:57 -06:00
William Vu bf39a7a933
Land #4648, YAML parsing fix 
Prefer regex. For reasons...
 2015-01-27 10:39:03 -06:00