e8c1899dc2
added license info
2013-03-07 00:18:32 +00:00
3946cdf91e
added license info
2013-03-07 00:17:55 +00:00
1b493d0e4c
added license info
2013-03-07 00:16:26 +00:00
9e89d9608f
added license info
2013-03-07 00:11:45 +00:00
56639e7f15
added license info
2013-03-07 00:10:46 +00:00
7f80692457
everyone will comply, resistance is futile
2013-03-06 18:38:14 -05:00
b65f410048
Updates the description
2013-03-06 16:37:41 -06:00
dfe3a4f394
msftidy and module placement per todb
2013-03-06 17:36:01 -05:00
fee07678dd
Rename module to better describe the bug.
2013-03-06 16:33:41 -06:00
79d3597d31
That's not a real check...
2013-03-06 16:32:53 -06:00
16d7b625bc
Format cleanup
2013-03-06 16:31:39 -06:00
7219c7b4aa
Merge branch 'codesys_gateway_server_remote_execution.rb' of github.com:nahualito/metasploit-framework into nahualito-codesys_gateway_server_remote_execution.rb
2013-03-06 16:15:24 -06:00
1d8c759a34
yeah
2013-03-06 16:01:36 -06:00
aa5c9461ae
Fixed more styling issues, EOL, tabs and headers
2013-03-06 10:50:31 -08:00
437d6d6ba6
Fixed EOL, bad indent, added header, removed #!/usr/env/ruby
2013-03-06 10:44:29 -08:00
af9982e289
Merge branch 'codesys_gateway_server_remote_execution.rb' of github.com:nahualito/metasploit-framework into nahualito-codesys_gateway_server_remote_execution.rb
2013-03-06 12:11:58 -06:00
aa3a54fba0
Added CoDeSyS Gateway.exe Server remote execution via arbitrary file creation
2013-03-06 09:29:28 -08:00
225b15f7f3
Add external IP discovery module
...
This module performs an HTTP request to ifconfig.me/ip.
The body of the response contains the publicly routable IP from
which the request originated. This can be useful in discovering
routes on pivoted hosts and initial recon as a simple aux module.
2013-03-05 23:42:31 -05:00
ca43900a7c
Merge remote-tracking branch 'R3dy/psexec-mixin2' into rapid7
2013-03-05 16:34:11 -06:00
781132b1cf
cleanup for openssl_aesni
2013-03-05 22:41:16 +01:00
784c075986
Merge branch 'module-cve-2012-2686' of https://github.com/ettisan/metasploit-framework into ettisan-module-cve-2012-2686
2013-03-05 22:40:46 +01:00
27727df415
Merge branch 'R3dy-psexec-mixin2' into rapid7
2013-03-05 14:36:55 -06:00
a74b576a0f
Merge branch 'rapid7' into rsmudge-authproxyhttpstager
2013-03-04 17:50:48 -06:00
c0689a7d43
Merge branch 'master' of github.com:rapid7/metasploit-framework into rapid7
2013-03-04 12:14:33 -06:00
867875b445
Beautified OpenSSL-AESNI module
...
Modifed the CVE-2012-2686 module to follow
suggestions by @jvazquez-r7:
* Added description for all fields in the
SSL packets
* MAX_TRIES now required
* use get_once instead of timeout
2013-03-04 19:09:50 +01:00
71ba044d03
remove debugging aid
2013-03-04 11:25:34 -06:00
6dcca7df78
Remove duplicated header issues
...
Headers were getting duped back into client config, causing invalid
requests to be sent out
2013-03-04 11:24:26 -06:00
7fa24d9060
Module rename
2013-03-04 10:54:33 -06:00
59b5e8e688
Merge branch 'setuid_tunnelblick' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-setuid_tunnelblick
2013-03-04 10:53:31 -06:00
95cd46d362
Merge branch 'master' of github.com:rapid7/metasploit-framework
2013-03-04 10:46:27 -06:00
12247d47ba
Rename module, sorry, no pull request.
2013-03-04 10:46:05 -06:00
e465a07030
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-03-04 17:41:18 +01:00
92ee4300df
cleanup for reflective_dll_inject
2013-03-04 17:40:09 +01:00
582395412f
Merge branch 'post_ref_dll_inj' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-post_ref_dll_inj
2013-03-04 17:39:11 +01:00
a980bf0ef6
minor fixes
2013-03-03 19:54:17 +01:00
248481f195
fixed EOF
2013-03-03 19:52:31 +01:00
81e2dbc71e
added module for CVE-2012-3485
2013-03-03 19:48:12 +01:00
76180f22fc
added module for cve-2012-4284
2013-03-03 13:23:21 +01:00
1cc49f75f5
move flag comment to where it's used.
2013-03-03 03:26:43 -05:00
ecdb884b13
Make download_exec work with authenticated proxies
...
Adds INTERNET_FLAG_KEEP_CONNECTION to HttpOpenRequest flags to allow
download_exec to transparently authenticate to a proxy device through
wininet.
Fun trivia, Windows 7 systems uses Connection: keep-alive by default.
This flag benefits older targets (e.g., Windows XP).
2013-03-03 01:42:17 -05:00
4212c36566
Fix up basic auth madness
2013-03-01 11:59:02 -06:00
b2f68f0fdb
Merge branch 'dmaloney-r7-feature/http/authv2' of git://github.com/jlee-r7/metasploit-framework into jlee-r7-dmaloney-r7-feature/http/authv2
2013-02-28 14:37:37 -06:00
c290bc565e
Merge branch 'master' into feature/http/authv2
2013-02-28 14:33:44 -06:00
8f58c7b25e
cleanup for sap_icf_public_info
2013-02-28 18:47:48 +01:00
0dcfb51071
cleanup for sap_soap_rfc_system_info
2013-02-28 18:46:18 +01:00
1a10c27872
Merge branch 'sap_rfc_system_info' of https://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-sap_rfc_system_info
2013-02-28 18:45:42 +01:00
e7015985e7
Added CVE-2012-2686
...
Added Module for a DoS issue in OpenSSL (pre 1.0.1d). Can be exploited
with services that use TLS >= 1.1 and AES-NI. Because of improper
length computation, an integer underflow occurs leading to a
segmentation fault. This module brute-forces serveral encrypted
messages - when the decrypted message coincidentally specifies a
certain value for the size, the integer underflow occurs. Though this
could be accomplished more effectively (e.g. implementing or
maninpulating and TLS implementation), this module still does what it
should do.
2013-02-27 22:57:53 +01:00
d3b3587660
Merge branch 'rapid7' into dmaloney-r7-feature/http/authv2
2013-02-27 14:01:57 -06:00
4085fa73c5
Merge branch 'stephenfewer-master'
2013-02-27 11:13:10 -06:00
3334257aa4
Merge branch 'bug/fix_screenspy' of github.com:kernelsmith/metasploit-framework into kernelsmith-bug/fix_screenspy
2013-02-26 13:54:47 -06:00
abdcde06cd
Fix polarcms_upload_exec exploit
2013-02-25 22:58:26 -08:00
0158919031
Merge branch 'master' of github.com:L1ghtn1ng/metasploit-framework into L1ghtn1ng-master
2013-02-25 19:41:29 -06:00
181e3c0496
Uses normalize_uri
2013-02-25 19:36:48 -06:00
cbce1bdff2
update module description
...
This adds the version of wordpress the issue was fixed in to the description
2013-02-26 00:24:46 +00:00
1ce86b7adb
Whitespace
2013-02-25 14:29:10 -06:00
e41922853e
Merge branch 'rapid7' into dmaloney-r7-feature/http/authv2
2013-02-25 14:15:22 -06:00
1ed74b46be
Add CVE-2013-0803
...
From:
http://dev.metasploit.com/redmine/issues/7691
2013-02-25 14:14:57 -06:00
cae1939914
Kinda too long
2013-02-25 13:44:11 -06:00
593be7ab2f
Merge branch 'xbmc' of github.com:mandreko/metasploit-framework into mandreko-xbmc
2013-02-25 13:43:12 -06:00
f3f913edc5
Correct bad naming style
2013-02-25 13:29:27 -06:00
690e7ec8a7
Uses normalize_uri
2013-02-25 13:28:00 -06:00
b930613653
Merge branch 'kordil-edms-upload-exec' of github.com:bcoles/metasploit-framework into bcoles-kordil-edms-upload-exec
2013-02-25 12:43:50 -06:00
5fe2c26d82
Merge branch 'bcoles-glossword_upload_exec'
2013-02-25 12:41:05 -06:00
52241b847a
Uses normalize_uri instead of manually adding a slash
2013-02-25 12:20:37 -06:00
1446992253
Merge jvazquez-r7's java exploit
2013-02-25 07:19:12 -06:00
d7c0ce4e4a
Fix 'check()' in glossword_upload_exec
2013-02-25 15:52:07 +10:30
788c96566f
Allow HTTP stager to work with authenticated proxies
...
The HttpOpenRequest function from WinINet requires the
INTERNET_FLAG_KEEP_CONNECTION flag to communicate through an
authenticated proxy.
From MSDN ( http://tinyurl.com/chwt86j ):
"Uses keep-alive semantics, if available, for the connection. This
flag is required for Microsoft Network (MSN), NT LAN Manager (NTLM),
and other types of authentication."
Without this flag, the HTTP stager will fail when faced with a proxy
that requires authentication. The Windows HTTPS stager does not have
this problem.
For HTTP Meterpreter to communicate through an authenticated proxy a
separate patch will need to be made to the Meterpreter source code.
This is at line 1125 of source/common/core.c in the Meterpreter source
code.
My motivation for this request is for windows/dllinject/reverse_http
to download a DLL even when faced with an authenticated proxy. These
changes accomplish this.
Test environment:
I staged a SmoothWall device with the Advanced Proxy Web Add-on. I
enabled Integrated Windows Authentication with a W2K3 DC. I verified
the HTTP stager authenticated to and communicated through the proxy
by watching the proxy access.log
2013-02-24 17:33:00 -05:00
1f46b3aa02
Add Glossword Arbitrary File Upload Vulnerability exploit
2013-02-25 01:59:46 +10:30
2c0a916c83
Made the password optional
2013-02-23 17:14:30 -05:00
b221711ecd
Added basic error handling
2013-02-23 10:24:04 -05:00
67c2c3da20
Code Review Feedback
...
Fixed the USER/PASS that I missed in last review
Converted from Scanner module to Gather
2013-02-23 10:09:23 -05:00
2b65cfa5ab
Minor changes
2013-02-22 21:02:19 -06:00
1623877151
Merge branch 'MS13-009' of github.com:jjarmoc/metasploit-framework into jjarmoc-MS13-009
2013-02-22 20:58:42 -06:00
15d505f7a9
Msftidy
2013-02-22 22:09:19 +00:00
0ea7247a43
Initial commit
2013-02-22 22:05:29 +00:00
fc07bf16e7
Merge branch 'rapid7' into dmaloney-r7-feature/http/authv2
2013-02-22 15:41:49 -06:00
002654317c
Add Kordil EDMS File Upload Vulnerability exploit
2013-02-22 23:32:17 +10:30
b4f002d080
Code Review Feedback
...
Modified USER and PASS to USERNAME and PASSWORD
Moved the Scanner mixin to the bottom and removed deregister
2013-02-21 16:55:27 -05:00
c423ad2583
Merge branch 'master' of github.com:rapid7/metasploit-framework into rapid7
2013-02-21 15:30:43 -06:00
4784db3403
Fixed name
2013-02-21 15:48:41 -05:00
29cb4b1008
Merge remote-tracking branch 'upstream/master' into xbmc
2013-02-21 15:25:37 -05:00
5b16e26f82
change module filename
2013-02-21 20:05:13 +01:00
b4f4cdabbc
cleanup for the module
2013-02-21 20:04:05 +01:00
1913d60d65
multibrowser support
2013-02-21 01:13:25 +01:00
bf216cca5c
description and references updated
2013-02-20 18:14:53 +01:00
d7b89a2228
added security level bypass
2013-02-20 17:50:47 +01:00
ac50c32d51
Tested, works on server 2k8
2013-02-20 10:02:50 -06:00
d88ad80116
Added first version of cve-2013-0431
2013-02-20 16:39:53 +01:00
0ae489b37b
last of revert-merge snaffu
2013-02-19 23:16:46 -06:00
9d4a3ca729
Fix a typo that broke this module against x64
...
[SeeRM #7747 ]
2013-02-19 19:22:42 -06:00
04ec4e432d
minor cleanup for shell_bind_tcp
2013-02-20 01:02:58 +01:00
3d199fe6db
Merge branch 'mipsle-shell_bind_tcp' of https://github.com/kost/metasploit-framework into kost-mipsle-shell_bind_tcp
2013-02-20 01:00:34 +01:00
92093cd7d8
There's no HttpClient, so it shouldn't be using normalize_uri
2013-02-19 15:04:18 -06:00
e9f4900beb
Merge branch 'fixgenericcustom' of github.com:rsmudge/metasploit-framework into rsmudge-fixgenericcustom
2013-02-19 14:47:18 -06:00
f5d9887a06
Merge branch 'rapid7' into R3dy-psexec-mixin2
2013-02-19 12:58:03 -06:00
4703278183
Move SMB mixins into their own directory
2013-02-19 12:55:06 -06:00
37634a9e60
Merge branch 'hp_vsa_exec_9' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_vsa_exec_9
2013-02-19 12:36:39 -06:00
ede804e6af
Make psexec mixin a bit better
...
* Removes copy-pasted code from psexec_command module and uses the mixin
instead
* Uses the SMB protocol to delete files rather than psexec'ing to call
cmd.exe and del
* Replaces several instances of "rescue StandardError" with better
exception handling so we don't accidentally swallow things like
NoMethodError
* Moves file reading and existence checking into the Exploit::SMB mixin
2013-02-19 12:33:19 -06:00
189558b862
Merge branch 'openemr_upload_exec' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-openemr_upload_exec
2013-02-19 12:25:00 -06:00
5108e8ef1c
Correct tab
2013-02-19 11:44:41 -06:00
b2664e04fb
Merge branch 'bigant_server_dupf_upload' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-bigant_server_dupf_upload
2013-02-19 11:42:04 -06:00
9813c815ef
Minor changes
2013-02-19 11:40:06 -06:00
553d7abe43
Merge branch 'bigant_server_sch_dupf_bof' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-bigant_server_sch_dupf_bof
2013-02-19 11:26:47 -06:00
49f00acc11
Fix nil deref when dnsdomain is empty
2013-02-19 11:24:05 -06:00
d49797267e
Correct SAP Table Name
2013-02-19 11:20:49 +01:00
358b2f5783
Added module credit as this has turned into a rewrite ;)
2013-02-19 11:15:04 +01:00
f3cf8ad1b9
Whitespace EOL
2013-02-19 11:13:33 +01:00
a75bae927d
Replaced report_note and table output with single function
...
Added proposed extract data function (HDM)
2013-02-19 11:12:12 +01:00
d4011227e3
Made suitable changes to original module also (only report on non empty response)
2013-02-19 09:43:36 +01:00
4170a85d8a
Added logic to only report when value is present
2013-02-19 09:42:13 +01:00
416a7aeaa3
make msftidy happy for s4u_persistence
2013-02-18 15:23:06 +01:00
be0feecf8f
Merge branch 's4u_persistence' of https://github.com/smilingraccoon/metasploit-framework into smilingraccoon-s4u_persistence
2013-02-18 15:22:37 +01:00
25f8a7dcb9
Fix expire tag logic and slight clean up
...
Was a dumbass again and didn't fully understand how Optints worked when left blank at run time. If not 0 the expire tag will be inserted now. Also made it print the xpath if used because I believe it will be of value to the user for trouble shooting.
2013-02-17 22:35:52 -05:00
06ba2ef791
Allow generic/custom payload to generate an exe
...
The datastore value of ARCH has no effect on the array of
architectures the generic/custom payload is compatible with.
This commit forces the payload to update its list of compatible
architectures on generation if the ARCH value is set in the
datastore.
See:
http://dev.metasploit.com/redmine/issues/7755
2013-02-17 20:39:54 -05:00
322fa53d49
fix typo
2013-02-17 20:29:41 +01:00
31a3a374c3
Added module for CVE-2012-6274
2013-02-17 20:25:39 +01:00
1a2a0bc38e
Added module for CVE-2012-6275
2013-02-17 20:21:45 +01:00
a8d574e4ce
Updated one print_status
2013-02-17 14:08:33 -05:00
3ab5585107
make msftidy happy
2013-02-16 20:49:32 +01:00
121a736e28
initial commit
2013-02-16 20:42:02 +01:00
ec5c8e3a88
Merge branch 'dlink-dir300-600-execution' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-dlink-dir300-600-execution
2013-02-16 19:12:42 +01:00
6b1bb9e1e8
Added module for OSVDB 90222
2013-02-16 13:11:46 +01:00
a19da61177
deleting trailing comma
2013-02-16 00:53:28 +01:00
221ce22f53
make msftidy happy
2013-02-15 19:01:58 +01:00
829cf0f076
name changed to dns_srv_enum
2013-02-15 16:20:55 +01:00
d1ba860409
changing filename for dns_srv
2013-02-15 16:20:33 +01:00
374faf9b02
cleanup for dns_srv
2013-02-15 16:19:48 +01:00
9d4bd763a6
Merge branch 'darkoperator-dnsenum2dnssrv' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-dnsenum2dnssrv
2013-02-15 16:19:31 +01:00
38f5fbced3
cleanup for dns_reverse_lookup
2013-02-15 12:56:01 +01:00
f1e3dab45f
Merge branch 'darkoperator-dnsenum2dnsreverselookup' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-dnsenum2dnsreverselookup
2013-02-15 12:55:39 +01:00
6aed858f80
cleanup for dns_bruteforce
2013-02-15 12:37:46 +01:00
1be003a4d0
Merge branch 'darkoperator-dnsenum2dnsbruteforce' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-dnsenum2dnsbruteforce
2013-02-15 12:37:27 +01:00
57e1d1baa5
cleanup for dns_info
2013-02-15 12:03:08 +01:00
8a1874b4d1
Merge branch 'darkoperator-dnsenum2dnsinfo' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-dnsenum2dnsinfo
2013-02-15 12:02:48 +01:00
bcd59aa8fa
Typo word module does not go in the name.
2013-02-14 21:56:24 -04:00
1d64de6c11
Typo word module does not go in the name.
2013-02-14 21:55:38 -04:00
7f7b4e5a97
more changes to description and name
2013-02-14 21:49:57 -04:00
faf970cf1f
more changes to description and name
2013-02-14 21:47:43 -04:00
1b8610042a
more changes to description and name
2013-02-14 21:46:21 -04:00
0b9d4d976f
more changes to description and name
2013-02-14 21:44:31 -04:00
ff508fa222
msftidy
2013-02-14 21:51:50 +01:00
91f89f8c68
Rewrite of module after auxilliary. Also moved to post/windows
2013-02-14 21:41:19 +01:00
8a91f0d7ec
rescue ENOENT as well
2013-02-14 14:04:45 -06:00
23320a5dde
Fix spelling problems
2013-02-14 15:48:11 -04:00
a7d4f5ff4a
Fix spelling problems
2013-02-14 15:46:36 -04:00
7f97ff271f
Fix spelling problems
2013-02-14 15:44:32 -04:00
1872b137f5
Fix spelling problems
2013-02-14 15:41:17 -04:00
e8ccfae048
Fix spelling problems
2013-02-14 15:38:17 -04:00
ade2c9ef56
msftidy - fix line endings.
2013-02-14 11:42:02 -06:00
4c90cacffe
Send iframe when URIPATH isnt '/'
2013-02-14 11:23:08 -06:00
947aa24d44
MS13-009 / CVE-2013-0025 ie_slayout_uaf.rb by Scott Bell
2013-02-14 11:18:19 -06:00
7b2c1afadb
I'm an idiot, fix logon xpath
2013-02-14 09:16:47 -05:00
c2f8e4adbd
Minor - Note Rails 3.1.11 patch in Description.
2013-02-13 22:30:54 -06:00
e78cbdd14d
missed one line
2013-02-13 18:17:38 -05:00
bbf8fe0213
Use Post::File methods and fail_with
2013-02-13 18:10:05 -05:00
1f881d7c21
Merge branch 'tasos-r7-feature/web_crawler_skip_paths'
2013-02-13 14:35:14 -06:00
4074a12fd7
Randomize some gadgets
2013-02-13 14:12:52 -06:00
4eca6e5502
Merge branch 'feature/web_crawler_skip_paths' of github.com:tasos-r7/metasploit-framework into tasos-r7-feature/web_crawler_skip_paths
2013-02-13 14:07:20 -06:00
323a58b9cb
Merge branch 'foxit_reader_plugin_url_bof' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-foxit_reader_plugin_url_bof
2013-02-13 14:01:25 -06:00
d1784babea
little cleanup plus msftidy compliant
2013-02-13 20:24:49 +01:00
0ae473b010
info updated with rails information
2013-02-13 09:52:17 +01:00
f46eda2fa9
Merge branch 'rails_devise_pw_reset' of https://github.com/jjarmoc/metasploit-framework into jjarmoc-rails_devise_pw_reset
2013-02-13 09:51:37 +01:00
799beb5adc
minor cleanup
2013-02-13 01:00:25 +01:00
167f5970c1
minor cleanup for rails_json_yaml_scanner
2013-02-13 00:07:58 +01:00
3e2a368823
Merge branch 'rails_json_yaml_scanner' of https://github.com/jjarmoc/metasploit-framework into jjarmoc-rails_json_yaml_scanner
2013-02-13 00:07:11 +01:00
846052a34d
s/URIPATH/TARGETURI/g per @jvasquez-r7 comments on another pull.
2013-02-12 15:13:06 -06:00
1d5d33f306
use normalize_uri()
2013-02-12 14:58:07 -06:00
c6a7a4e68d
/URIPATH/TARGETURI/g
2013-02-12 14:50:10 -06:00
f2cf4304d2
Merge remote-tracking branch 'upstream/master' into feature/web_crawler_skip_paths
2013-02-12 22:10:40 +02:00
9efd3f6c5e
scanner/http/crawler: added ExcludePathPatterns opt
...
Option 'ExcludePathPatterns' allows users to specify which paths should
be excluded from the crawl (and which forms to ignore) by passing a
list of patterns (only allows '*' wildcards).
2013-02-12 21:47:12 +02:00
c7719bf4cb
Verify response is non-nil.
2013-02-12 13:41:21 -06:00
9e1f106a87
msftidy cleanup
2013-02-12 13:38:58 -06:00
f58cc6a2e0
more fix version info
2013-02-12 18:51:04 +01:00
96b1cb3cfb
fix version info
2013-02-12 18:50:36 +01:00
69267b82b0
Make stable #1318 foxit reader exploit
2013-02-12 18:44:19 +01:00
3a6cd6f395
Added module for requesting RFC_SYSTEM_INFO via ICF web interface
2013-02-12 14:42:59 +01:00
8ddc19e842
Unmerge #1476 and #1444
...
In that order. #1476 was an attempt to salvage the functionality, but
sinn3r found some more bugs. So, undoing that, and undoing #1444 as
well.
First, do no harm. It's obvious we cannot be making sweeping changes in
libraries like this without a minimum of testing available. #1478 starts
to address that, by the way.
FixRM #7752
2013-02-11 20:49:55 -06:00
9040fcd5ae
Merge branch 'darkoperator-post2localexploit' of https://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator-post2localexploit
2013-02-12 01:52:05 +01:00
42a6d96ff4
using Post::File methods plus little more cleanup
2013-02-12 01:33:07 +01:00
97edbb7868
using always a vbs file to drop exe
2013-02-12 00:58:26 +01:00
ddd7d307e6
Add a scanner aux module for Rails JSON/YAML vuln CVE-2013-0333
2013-02-11 16:48:44 -06:00
766257d26a
pointed by @m-1-k-3 while working on #1472
2013-02-11 21:21:43 +01:00
d4d41f36d4
Merge branch 'bug/basic_auth' of https://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-bug/basic_auth
2013-02-11 21:16:35 +01:00
5f0a3c6b9e
Removes pry, oops.
2013-02-11 14:02:46 -06:00
753fa2c853
Handles error when TARGETEMAIL is invalid.
2013-02-11 13:58:56 -06:00
a43b902b5c
Fix tomcat_mgr_login auth
2013-02-11 12:00:40 -06:00
61ffcedbfd
Address HD's other comments, fixes mismatched var name in last commit.
2013-02-11 11:17:26 -06:00
e72dc47448
Uses REXML for encoding of password.
2013-02-11 11:12:29 -06:00
f3a1339a4c
Merge branch 'jvazquez-r7-novell_groupwise_gwcls1_actvx'
2013-02-11 10:40:33 -06:00
6c85e5242e
change wildcard message to print_warning
2013-02-11 12:04:30 -04:00
431641fec9
added check for retry options
2013-02-11 12:02:15 -04:00
5edb138a8f
fixed nil issue
2013-02-11 11:51:33 -04:00
fd6f00f641
added report note for wildcard
2013-02-11 11:37:20 -04:00
5f10704697
applied fixes
2013-02-11 11:31:13 -04:00
55efe01bf7
Applied fixes
2013-02-11 11:23:06 -04:00
24c3f1b99d
fix msftidy
2013-02-11 15:07:49 +01:00
991e65770c
minor cleanup for word_unc_injector
2013-02-11 15:06:19 +01:00
41564fd51d
Merge branch 'aux-word_unc_injector.rb' of https://github.com/SphaZ/metasploit-framework into SphaZ-aux-word_unc_injector.rb
2013-02-11 15:05:27 +01:00
43a1fbb6f2
Make msftiday happy.
2013-02-10 21:13:18 -06:00
55cba56591
Aux module for joernchen's devise vuln - CVE-2013-0233
2013-02-10 21:10:00 -06:00
3a499b1a6d
added s4u_persistence.rb
2013-02-10 14:22:36 -05:00
17b349ab50
added crash to comments
2013-02-09 17:49:57 +01:00
5b576c1ed0
fix ident and make happy msftidy
2013-02-09 17:40:45 +01:00
63c6791473
return
2013-02-09 11:17:02 +01:00
6cccf86a00
Merge branch 'master' of git://github.com/rapid7/metasploit-framework into dlink-dir300-600-execution
2013-02-09 11:09:56 +01:00
fd15436a96
Added new line to end of file.
2013-02-08 20:52:49 -04:00
78f81843f6
Added new line to end of file.
2013-02-08 20:51:37 -04:00
eda3fc0715
Added new line to end of file.
2013-02-08 20:50:23 -04:00
166b59b61a
Added new line to end of file.
2013-02-08 20:48:57 -04:00
7370d7d31b
Final touchup
2013-02-08 18:21:06 -06:00
7522a87cf9
Adding an auxiliary scanner module for Titan FTP password disclosure.
2013-02-08 15:43:02 -05:00
fea84cad10
Fix additional typos per recomendation
2013-02-08 14:47:16 -04:00
5b3b0a8b6d
Merge branch 'dmaloney-r7-http/auth_methods' into rapid7
2013-02-08 12:45:35 -06:00
b8f0a94c3f
Fixed typos mentioned by Egypt
2013-02-08 14:42:10 -04:00
917282c33b
Merge branch 'master' of github.com:rapid7/metasploit-framework
2013-02-08 12:27:19 -06:00
98457c0a4d
Merge branch 'sonicwall_gms' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-sonicwall_gms
2013-02-08 19:18:57 +01:00
9b6f2fcd1d
Use the install path to tell us the separator
...
Fixes the java target on windows victims
2013-02-08 12:10:42 -06:00
5b398076ae
Couple of fixes for windows
...
* Catch IOError when chmod doesn't exist (i.e. Windows)
* Proper escaping for paths
2013-02-08 11:52:50 -06:00
e3ee0d7913
Don't try to download '.' or '..' as files
2013-02-08 11:25:17 -06:00
ac8194ed07
Split of DNS SRV Record Enumeration from enum_dns
2013-02-08 10:09:34 -04:00
256ab7f737
Split of DNS Reverse Lookup from enum_dns
2013-02-08 09:50:21 -04:00
906585798d
Split of DNS General Info from enum_dns
2013-02-08 09:49:19 -04:00
2186db5295
Split of DNS Name Brutforce from enum_dns
2013-02-08 09:48:32 -04:00
66f0bddb54
fixed error check, a comment, manipulate_file all in memory now
2013-02-08 12:46:13 +01:00
071df7241b
Merge branch 'rapid7' into sonicwall_gms
...
Conflicts:
modules/exploits/multi/http/sonicwall_gms_upload.rb
Adds a loop around triggering the WAR payload, which was causing some
unreliability with the Java target.
2013-02-07 21:53:49 -06:00
1f9a09d5dd
Add a method to upload and exec in one step
2013-02-07 21:09:32 -06:00
0ad548a777
I expect people to know what a share is.
2013-02-07 19:16:44 -06:00
9415e55211
Merge branch 'feature/rm5455-patch-smb_relay' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-feature/rm5455-patch-smb_relay
2013-02-07 19:12:58 -06:00
25d8dac4c0
Merge branch 'bugs/linksys-fixes' of github.com:todb-r7/metasploit-framework into todb-r7-bugs/linksys-fixes
2013-02-07 19:10:36 -06:00
c131b7ef0e
Added exception handing and return checking as requested by Sinn3r
2013-02-07 21:06:05 -04:00
ce7da154a6
Merge branch 'master' of github.com:hmoore-r7/metasploit-framework into hmoore-r7-master
2013-02-07 17:35:28 -06:00
035e8b7100
Merge branch 'groupwise_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-groupwise_traversal
2013-02-07 17:33:34 -06:00
19e989dff9
Initial commit fo the migrated module
2013-02-07 19:11:44 -04:00
13d1045989
Works for java and native linux targets
2013-02-07 16:56:38 -06:00
e9912496d8
nice check learned from sinn3r
2013-02-07 22:05:39 +01:00
0d3c32b0a4
Added module for CVE-2012-0419
2013-02-07 21:15:49 +01:00
7f746e1caa
That's what he said.
2013-02-07 11:13:18 -06:00
d554c3a56a
Don't really need the bottom comment
2013-02-07 10:46:42 -06:00
98559d4d51
Do a check and make sure this is Simple Web Server
2013-02-07 10:45:53 -06:00
b11f052746
Allow arbitrary depth
2013-02-07 10:32:29 -06:00
a3264e18e2
There aint no fail_with(), must use print_error
2013-02-07 10:30:17 -06:00
77390a5935
Fix a bug reported by Tom Liston
2013-02-06 23:34:55 -06:00
b6c6397da3
typo
2013-02-06 19:21:20 -06:00
b09f819e4b
Add Simple Web Server dir traversal
2013-02-06 17:02:07 -06:00
1095fe198b
Merge branch 'rapid7' into dmaloney-r7-http/auth_methods
2013-02-06 16:57:50 -06:00
f0ca4b2f08
Merge remote-tracking branch 'upstream/master'
2013-02-06 16:31:31 -06:00
5357e23675
Fixups to the Linksys module
...
Professionalizes the description a little, but more importantly, handles
LANIP better, I think. Instead of faking a 1.1.1.1 address, just detect
if it's set or not in a method and return the right thing accordingly.
Please test this before landing, obviously. I think it's what's
intended.
2013-02-06 12:46:50 -06:00
e175e2c9e9
typo in method name
2013-02-06 12:19:57 -06:00
22e3458cea
Fix multi-line output due to bad regex flag
2013-02-06 11:27:58 -06:00
faeaa74a49
Msftidy whitespace
2013-02-06 11:06:13 -06:00
J.Townsend
RageLtMan
sinn3r
Royce Davis
Enrique A. Sanchez Montellano
James Lee
jvazquez-r7
Wolfgang Ettlinger
David Maloney
Raphael Mudge
Joe Rozner
Tod Beardsley
bcoles
Matt Andreko
Meatballs
Chris John Riley
Thomas McCarthy
m-1-k-3
Carlos Perez
SphaZ
kernelsmith
Jeff Jarmoc
smilingraccoon
Tasos Laskos
Spencer McIntyre
HD Moore