infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,307 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

2792 Commits (7090a4a82fd8e8822089db26bdfe12ef8768aec2)

Author SHA1 Message Date
jvazquez-r7 51ba500b9f msftidy compliant 2013-01-16 12:28:09 +01:00
sinn3r 0f24671cf7 Changes how the usernames are loaded. 
Allows usernames to be loaded as a file (wordlist), that way the
it's much easier to manage.  It defaults to unix_users.txt,
because these usernames are common in any SSH hosts out there.
If the user only wants to try a specific user (which is better,
because you reduce traffic noise that way), then he/she can set
the USERNAME option, and that should be the only one tried --
similar to how AuthBrute behaves.

I also fixed the regex in check().
 2013-01-16 02:14:52 -06:00
sinn3r 04b35a38ff Update MSB ref 2013-01-14 14:59:32 -06:00
jvazquez-r7 c6c59ace46 final cleanup 2013-01-14 20:53:19 +01:00
jvazquez-r7 5ecb0701ea Merge branch 'freesshd_authbypass' of https://github.com/danielemartini/metasploit-framework into danielemartini-freesshd_authbypass 2013-01-14 20:52:45 +01:00
Daniele Martini 04fe1dae11 Added module for Freesshd Authentication Bypass (CVE-2012-6066) 
This module works against FreeSSHD <= 1.2.6. Tested against
password and public key authentication methods. It will generate
a random key and password.

To use it you need to know a valid username. The module contains
a basic bruteforce methods, so you can specify more than one to try.
 2013-01-13 17:08:04 +01:00
jvazquez-r7 5901058a61 Merge branch 'ms11_081' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ms11_081 2013-01-09 23:24:14 +01:00
sinn3r fe8b9c24cf Merge branch 'jvazquez-r7-honeywell_tema_exec' 2013-01-09 16:08:19 -06:00
sinn3r f3b88d34c1 Add MS11-081 2013-01-09 15:52:33 -06:00
jvazquez-r7 736f8db6c0 Deleting from browser autopwn 2013-01-09 09:58:20 +01:00
jvazquez-r7 377905be7f Avoid FileDropper in this case 2013-01-09 09:15:38 +01:00
jvazquez-r7 52982c0785 Added BrowserAutopwn info 2013-01-08 19:53:34 +01:00
jvazquez-r7 0e475dfce1 improvements and testing 2013-01-08 19:43:58 +01:00
jvazquez-r7 b2575f0526 Added module for OSVDB 76681 2013-01-08 17:46:31 +01:00
sinn3r 5bc1066c69 Change how modules use the mysql login functions 2013-01-07 16:12:10 -06:00
sinn3r a59c474e3e Merge branch 'jvazquez-r7-ibm_cognos_tm1admsd_bof' 2013-01-07 13:34:52 -06:00
Tod Beardsley 33751c7ce4 Merges and resolves CJR's normalize_uri fixes 
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules

Note that this trips all kinds of msftidy warnings, but that's for another
day.

Conflicts:
	modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
	modules/exploits/windows/http/xampp_webdav_upload_php.rb
 2013-01-07 11:16:58 -06:00
jvazquez-r7 883b3446f3 license text 2013-01-05 08:03:25 +01:00
jvazquez-r7 0a13f01f23 Added module for ZDI-12-101 2013-01-05 07:40:32 +01:00
Christian Mehlmauer 6654faf55e Msftidy fixes 2013-01-04 09:29:34 +01:00
sinn3r 6d4abe947d Merge branch 'id_revision' of github.com:FireFart/metasploit-framework into FireFart-id_revision 2013-01-04 00:23:03 -06:00
sinn3r 38de5d63d8 Merge branch 'master' of github.com:rapid7/metasploit-framework 2013-01-03 17:49:24 -06:00
Christian Mehlmauer 8f2dd8e2ce msftidy: Remove $Revision$ 2013-01-04 00:48:10 +01:00
sinn3r b061a0f9c1 Merge branch 'enterasys_netsight_syslog_bof' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-enterasys_netsight_syslog_bof 2013-01-03 17:45:24 -06:00
Christian Mehlmauer 25aaf7a676 msftidy: Remove $Id$ 2013-01-04 00:41:44 +01:00
jvazquez-r7 a0b4045b4b trying to fix the variable offset length 2013-01-04 00:25:34 +01:00
sinn3r 724fa62019 Merge branch 'enterasys_netsight_syslog_bof' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-enterasys_netsight_syslog_bof 2013-01-03 15:35:29 -06:00
sinn3r 6fd35482cc This exploit should be in browser auto pwn 2013-01-03 14:45:00 -06:00
jvazquez-r7 9cea2d9af9 reference updated 2013-01-03 19:39:18 +01:00
jvazquez-r7 45808a3a44 Added module for ZDI-11-350 2013-01-03 19:17:45 +01:00
sinn3r 06b937ec11 Implements WTFUzz's no-spray technique 
Do not try to bend the spoon, that is impossible. Instead, only
try to realize the truth: there is no spoon.
 2013-01-03 11:57:47 -06:00
sinn3r 38157b86a9 Merge branch 'master' of git://github.com/rapid7/metasploit-framework 2012-12-31 11:15:44 -06:00
sinn3r f7543e18fe Your def of commit apparently is a little different than mine, git. 2012-12-31 00:35:13 -06:00
sinn3r 2b3f7c4430 Module rename 
Sorry, Tod, this must be done.
 2012-12-31 00:29:19 -06:00
sinn3r 5703274bc4 Merge branch 'master' of git://github.com/rapid7/metasploit-framework 2012-12-30 20:34:57 -06:00
sinn3r 1084334d5e Randomness 2012-12-30 20:34:14 -06:00
sinn3r 7cb42a5eb4 Add BID ref 2012-12-30 18:14:22 -06:00
sinn3r cc52e2c533 Where's Juan's name? 2012-12-30 12:58:16 -06:00
jvazquez-r7 14f21c0a29 using the rop as expected 2012-12-30 16:13:48 +01:00
jvazquez-r7 eed5a74f32 description updated and reference added 2012-12-30 16:08:01 +01:00
Christian Mehlmauer f7d6594314 re-deleted comma 2012-12-30 13:39:14 +01:00
jvazquez-r7 6be8ed6168 readd fix for #1219 2012-12-30 13:25:42 +01:00
jvazquez-r7 cd58cc73d9 fixed rop chain for w2003 2012-12-30 13:12:55 +01:00
Christian Mehlmauer cab84b5c27 Fix for issue #1219 2012-12-30 13:02:13 +01:00
Christian Mehlmauer dcf018c339 Comma 2012-12-30 12:54:44 +01:00
Christian Mehlmauer 14d197eeb2 Added Windows Server 2003 2012-12-30 11:35:29 +01:00
jvazquez-r7 6cb9106218 Added module for CVE-2012-4792 2012-12-30 01:46:56 +01:00
sinn3r eb2037bdba Merge branch 'inotes_dwa85w_bof' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-inotes_dwa85w_bof 2012-12-28 12:16:06 -06:00
jvazquez-r7 9ffb0dcf79 switch to some random data 2012-12-28 12:48:36 +01:00
jvazquez-r7 8f62cd5561 swith to some random data 2012-12-28 12:47:20 +01:00