Commit Graph

39947 Commits (74baffd463e643c66a5ba1391be2b11f5e1677fa)

Author SHA1 Message Date
Brent Cook 4c248ebe9e Merge branch 'master' into land-7430- 2016-10-14 09:48:33 -05:00
Brent Cook a1d63a629a
update gems 2016-10-14 09:47:02 -05:00
Brent Cook a2fe934c15
Land #7435, NTLM Util change to support Unicode hostnames 2016-10-14 09:46:10 -05:00
Brent Cook 933dc1df84 updated gems 2016-10-14 09:17:27 -05:00
Brent Cook acec45c8b3
Land #7409, CVE-2013-5093 Graphite Pickle Handling - Add Version Check 2016-10-14 08:54:57 -05:00
Brent Cook 9fbe1ddd9d
Land #7384, CVE-2016-6415 - Cisco IKE Information Disclosure 2016-10-14 08:41:34 -05:00
Daniel Werner 8adcb96435 Add KB for post/windows/gather/enum_chrome. 2016-10-13 23:23:21 +02:00
wchen-r7 9e97febcd1
Land #7429, Ruby on Rails Dynamic Render File Upload Remote Code Exec 2016-10-13 11:45:46 -05:00
nixawk b74539be44 check if isakmp payload is same to IKE Leak data 2016-10-13 04:20:23 -05:00
Brent Cook 2014b2d2ab
Land #7432, Fix erroneous cred reporting in SonicWALL exploit 2016-10-12 22:39:15 -05:00
Pearce Barry a2a1d6c28a
Land #7411, Add an HTA server module using Powershell 2016-10-12 13:05:40 -05:00
nixawk 884a8b29e7 add doc for auxiliary/scanner/ike/cisco_ike_benigncertain.rb 2016-10-12 03:33:22 -05:00
nixawk 7536d1d94a print leak data 2016-10-12 02:42:50 -05:00
nixawk 70d4833654 Fix report_vuln 2016-10-12 02:16:00 -05:00
Brent Cook 1415c34724
Land #7423, add localtime support for mettle, fix bad mettle gem 2016-10-11 21:12:30 -05:00
Brent Cook aa748ecc83 update to working mettle gem 0.0.8 2016-10-11 21:12:00 -05:00
William Vu e78d3d6bf0 Fix erroneous cred reporting in SonicWALL exploit
A session ID will be returned in the parsed JSON if the login succeeded.

Bad user:

{"noldapnouser"=>1, "loginfailed"=>1}

Bad password:

{"loginfailed"=>1}

Good user/password:

{"userid"=>"1", "sessionid"=>"4WJ9cNg1TkBrwjzX"}
2016-10-11 19:25:52 -05:00
David Maloney 7894d5b2c1 Revert "Revert "use the new rex-exploitation gem""
This reverts commit f3166070ba.
2016-10-11 17:40:43 -05:00
David Maloney 2493ff1886 Revert "Revert "remove leftover cruft""
This reverts commit 74e0256448.
2016-10-11 17:40:18 -05:00
David Maloney 13de5f9b1e fix missing require in rex
this missing required caused an unitialized
constant in browser_autopwn2 because it required
the js utils bit directly without requiring rex-exploitation
2016-10-11 17:36:55 -05:00
Brendan fe36801918 Changed to convert hostnames and domains to UTF-8 rather than ANSI
after pulling them from the NTLM blob
2016-10-11 15:51:50 -05:00
Alton J 98d7b19ab9 Passed IP parameter to additional functions. 2016-10-11 15:09:50 -05:00
Alton J acff0fa9cf Added IP addresses to output. 2016-10-11 14:43:42 -05:00
Alton J f0ff4a0721 Added IP addresses to output. 2016-10-11 14:42:06 -05:00
Spencer McIntyre bd110430e9 Remove unnecessary require statements 2016-10-11 15:35:49 -04:00
mr_me bd646ded1b fixed the check function 2016-10-11 14:06:03 -05:00
Sonny Gonzalez 55348d7342
Merge branch 'land-6993' into upstream-master 2016-10-11 09:39:15 -05:00
Sonny Gonzalez 3fd806b87f Merge remote-tracking branch 'upstream/pr/6993' into land-6993 2016-10-11 09:33:26 -05:00
mr_me fc5be2d2c6 Merge branch 'rails' of https://github.com/stevenseeley/metasploit-framework into rails 2016-10-11 08:32:05 -05:00
mr_me 95017cea0c Merge remote-tracking branch 'upstream/master' into rails 2016-10-11 08:31:33 -05:00
Brent Cook b447f32a28
Land #7423, add 'localtime' command to meterpreter and mettle 2016-10-11 07:59:12 -05:00
Brent Cook e5ac3eda61
Land #7362, Fix apk injection script to include android payload service and broadcast receivers 2016-10-11 07:54:10 -05:00
Brent Cook 157740ba06 update payload sizes 2016-10-11 07:01:17 -05:00
Brent Cook 8f8a54bf8c update to really-working payloads 1.1.21 2016-10-11 07:00:01 -05:00
Tim 3d9cb7375c
store Android payload information in byte array 2016-10-11 14:41:32 +08:00
Brent Cook deaa4047df bump payloads (and sqlite too) 2016-10-10 23:58:19 -05:00
Brent Cook 0d5a23b865 Merge branch 'master' into land-7423-localtime 2016-10-10 23:54:38 -05:00
mr_me 2a308f76b1 Update rails_dynamic_render_code_exec.md 2016-10-10 22:43:24 -05:00
mr_me d8f98ccd4e run through msftidy 2016-10-10 22:36:20 -05:00
mr_me f2252bb179 fixed a few things, thanks @h00die 2016-10-10 22:30:01 -05:00
mr_me 3c3f424a4d added a some references 2016-10-10 17:56:03 -05:00
mr_me bca3aab1db added CVE-2016-0752 2016-10-10 17:36:20 -05:00
Pearce Barry 2bd11f512a
Land #7422, fix nessus_db_import command
Fix #7391
2016-10-10 15:25:32 -05:00
OJ e139a1ee8f
Land #7383: Rebase/Fix + SSL stager support for python 2016-10-10 13:06:09 +10:00
Pearce Barry 7b84e961ed
Minor output correction. 2016-10-09 19:01:06 -05:00
Pearce Barry d1a11f46e8
Land #7418, Linux recvmmsg Priv Esc (CVE-2014-0038) 2016-10-09 18:37:52 -05:00
h00die f9060b0ac7 fixed doc numbering 2016-10-09 00:02:18 -04:00
h00die 2dfebe586e working cve-2014-0038 2016-10-08 23:58:09 -04:00
Metasploit adb6f31e36
Bump version of framework to 4.12.33 2016-10-08 20:57:08 -07:00
Brent Cook 940bdedd21
Land #7417, backout rex-exploitation gem refactor 2016-10-08 22:38:06 -05:00