Commit Graph

39947 Commits (74baffd463e643c66a5ba1391be2b11f5e1677fa)

Author SHA1 Message Date
Brent Cook e0ff8859e9
Land #7359, add EXTRABACON auxiliary module auxiliary/admin/cisco/cisco_asa_extrabacon 2016-09-24 10:46:13 -04:00
zerosum0x0 90bd2a96cd Merge pull request #1 from bcook-r7/land-7353-bacon-too
Add module docs, credit
2016-09-24 07:59:30 -06:00
Brent Cook df28e2a85e Add credit to wwebb-r7 for the initial module and ASA hacking notes 2016-09-24 05:48:31 -04:00
Brent Cook 6f4c9435be Add module documentation 2016-09-24 05:48:18 -04:00
TheNaterz cd4299b3a2 Added offsets for version 9.2(4)14
This version of the ASA is patched and our offsets do not work currently. We may do more work on this to find a solution.
2016-09-23 16:57:08 -06:00
TheNaterz 087e9461ce Added offsets for version 9.2(4)13 2016-09-23 16:50:50 -06:00
TheNaterz 3f985d94d7 Added offsets for version 8.4(6)5 2016-09-23 16:32:42 -06:00
TheNaterz 352946d8f5 Added offsets for version 8.4(4)9 2016-09-23 16:19:36 -06:00
TheNaterz 368fd1a77f Added offsets for version 8.4(4)5 2016-09-23 16:07:42 -06:00
TheNaterz 19fe09318a Added offsets for version 8.4(4)3 2016-09-23 15:56:02 -06:00
TheNaterz 8840af0e90 Added offsets for version 8.4(4)1 2016-09-23 15:44:39 -06:00
TheNaterz 19caff2293 Added offsets for 8.3(2)40 2016-09-23 15:26:02 -06:00
TheNaterz ba4505bcce Added offsets for version 8.3(2)39 2016-09-23 15:05:39 -06:00
TheNaterz 64df7b0524 Added offsets for verion 8.3(2)-npe
We currently can't distinguish between 8.3(2) and 8.3(2)-npe versions from the SNMP strings. We've commented out the 8.3(2)-npe offsets, but in the future, we'd like to incorporate this version.
2016-09-23 14:49:57 -06:00
Brent Cook 9c6b67a33f
Land #7356, remove SSH interactive prompt from freesshd_authbypass 2016-09-23 16:35:49 -04:00
TheNaterz 926e5fab9e Added offsets for version 8.2(5)41 2016-09-23 14:00:23 -06:00
TheNaterz b4d3e8ea3e Added offsets for version 9.2(1) 2016-09-23 13:52:13 -06:00
TheNaterz d36e16fc32 Added offsets for version 8.2(5)33 2016-09-23 13:15:39 -06:00
TheNaterz 9cbd84d1cd Merge branch 'master' of github.com:RiskSense-Ops/metasploit-framework 2016-09-23 12:57:46 -06:00
TheNaterz f19ed4376b Adding new version offsets 2016-09-23 12:57:36 -06:00
zerosum0x0 6c5271ceb4 offset for 8.0(3)6 2016-09-23 18:48:56 +00:00
zerosum0x0 455936ef70 Merge branch 'master' of github.com:RiskSense-Ops/metasploit-framework 2016-09-23 18:22:27 +00:00
zerosum0x0 480e97399f added all leaked versions 2016-09-23 18:22:21 +00:00
dmohanty-r7 00c02bb132
Land #7349, Add initialization of RHOST value prior to calling child check() 2016-09-23 12:28:08 -05:00
Metasploit 3ddf80dd7a
Bump version of framework to 4.12.28 2016-09-23 10:02:37 -07:00
Joshua J. Drake dbf66f27d5 Add a browser-based exploit module for CVE-2015-3864 2016-09-23 11:14:31 -05:00
Tijl Deneut 2fab62b14d Update profinet_siemens.rb
Removed unnecessary rescue, gave "timeout" variable a better name.
2016-09-23 18:05:45 +02:00
George Papakyriakopoulos f1f6184a99 Merge pull request #1 from gpapakyriakopoulos/gpapakyriakopoulos-prompt-fix
Fixed interactive password prompt issue
2016-09-23 17:04:14 +01:00
George Papakyriakopoulos 639dee993a Fixed interactive password prompt issue
Fixed an issue where the exploit would drop to interactive password prompt by default on newer ruby version which rendered the exploit unusable. It now properly forces pubkey authentication instead and proceeds with the bypass as expected.
2016-09-23 17:03:40 +01:00
TheNaterz 98cf5d8eb5 Changed 'build_offsets' to 'build_payload' 2016-09-23 09:32:17 -06:00
zerosum0x0 1868371ba7 fix merge conflicts 2016-09-23 14:49:36 +00:00
zerosum0x0 2591d0b7c6 numerous fixes as per @busterb 2016-09-23 14:46:40 +00:00
Pearce Barry 5de1d34869
Land #7341, add module metasploit_static_secret_key_base 2016-09-23 09:20:48 -05:00
h00die cba297644e post to local conversion 2016-09-22 22:08:24 -04:00
h00die 3dff41c833 documentation update 2016-09-22 21:06:31 -04:00
TheNaterz dda6b67928 Added basic error handling for unsupported ASA versions 2016-09-22 18:24:25 -06:00
TheNaterz cf070853e9 Moved required datastore option into constructor 2016-09-22 18:08:35 -06:00
h00die 7646771dec refactored for live compile or drop binary 2016-09-22 20:07:07 -04:00
TheNaterz df25f07b34 Replaced '+=' with '<<' 2016-09-22 17:53:28 -06:00
TheNaterz 48f024d22b Merge branch 'master' of github.com:RiskSense-Ops/metasploit-framework 2016-09-22 17:16:47 -06:00
TheNaterz f525c24a9f Added offsets for 8.4(7) 2016-09-22 17:16:37 -06:00
zerosum0x0 28a09c2d13 stupid comment 2016-09-22 22:57:42 +00:00
TheNaterz 7762f42dfa Added offsets for 8.3(1) 2016-09-22 16:17:37 -06:00
TheNaterz 064aed858b Added RiskSense contributor repo to references 2016-09-22 16:10:30 -06:00
TheNaterz 961524d648 Adding offsets for 9.1(1)4 2016-09-22 16:04:44 -06:00
TheNaterz 4e9459d876 Added offsets for 9.0(1) 2016-09-22 15:35:59 -06:00
TheNaterz 5ca6563c8f Fixed problem with 9.2(2)8 offsets 2016-09-22 15:24:49 -06:00
TheNaterz b77adc97f0 Removing redundant version check 2016-09-22 15:05:42 -06:00
TheNaterz c22a2a19e8 Added offsets for 9.2(2)8 2016-09-22 14:59:49 -06:00
TheNaterz e8d1f6d5a0 Added offsets for 8.2(3) 2016-09-22 14:38:52 -06:00