infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
28,641 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

28641 Commits (78733fcd20e948268bbd103460f5c8cd133352bf)

Author SHA1 Message Date
jvazquez-r7 79cabc6d68 Fix clean up 2014-11-05 15:46:33 -06:00
jvazquez-r7 c08993a9c0 Add module for ZDI-14-372 2014-11-05 15:31:20 -06:00
sinn3r 8da6e0bd5b Fix bugs 2014-11-05 15:26:00 -06:00
sinn3r 5b8d9e1221 Fix typo 2014-11-05 15:14:35 -06:00
sinn3r 98f5ebd475 Only show bad refs when using -c 2014-11-05 15:07:40 -06:00
Pedro Ribeiro e71ba1ad4a Push exploit for CVE-2014-6038/39 2014-11-05 20:12:03 +00:00
Pedro Ribeiro 490d6d046b Merge pull request #6 from rapid7/master 
merge
 2014-11-05 20:10:42 +00:00
Tod Beardsley cca30b536f
Land #4094, fixes for OWA brute forcer 
Fixes #4083

Thanks TONS to @jhart-r7 for doing most of the work on this!
 2014-11-05 14:00:26 -06:00
Tod Beardsley a46839726e
Make OWA 2013 the default, other fixes 
Thanks @jhart-r7!

See rapid7#4083 and see rapid7#4094
 2014-11-05 13:56:37 -06:00
Tod Beardsley 6b0107190e
typo 2014-11-05 13:19:40 -06:00
Tod Beardsley 231d03bd3b
Allow for locally chosen rubies 
By ignoring .versions.conf, we can allow users pick their own versions
of ruby without having to jump through a bunch of hoops on keeping
.ruby-version straight between local and remote branches.
 2014-11-05 13:18:26 -06:00
Luke Imhoff 382d34d398
Fix spec.name in metasploit-framework-full 
MSP-11578

Left in 'metasploit-framework-db' after copying and forgot to update to
'metasploit-framework-full'.
 2014-11-05 12:40:31 -06:00
Luke Imhoff 63b4c0beba
Depend on metasloit-framework in optional gemspecs 
MSP-11578

Optional gemspecs should depend on the minimal metasploit-framework
because they don't work without metasploit-framework's code.
 2014-11-05 12:33:44 -06:00
jvazquez-r7 7ba705f23a Add some randomized variables to JSP Payloads 
Because the JASPER engine with Tomcat has been found
complaining about the out variable.
 2014-11-05 12:16:33 -06:00
jvazquez-r7 468b4a399a Fix Rex::MIME::Message specs 2014-11-05 11:43:55 -06:00
jvazquez-r7 741f99f118 Delete starting empty line 
When header is empty it shouldn't add an starting empty
new line
 2014-11-05 11:42:42 -06:00
Luke Imhoff 9137bd6527
Revert "Update Gemfile.lock" 
MSP-11578

This reverts commit a3829b800d.
 2014-11-05 11:10:51 -06:00
sinn3r 3310342a95 Add save-as feature 
The tool produces A LOT OF results so it's really painful to manually
copy and paste and to be able to use the data. So it should automatically
save.

Tagging the issue here because I forgot to do it:
Fix #4039
 2014-11-05 10:58:41 -06:00
Luke Imhoff 713578aea7
metasploit-framework-full.gemspec 
MSP-11578

metasploit-framework-full depends on the minimal metasploit-framework
and all optional dependency gemspec: metasploit-framework-db and
metasploit-framework-pcap.
 2014-11-05 10:20:09 -06:00
William Vu 40ee03ee63
Land #4126, rm Travis testing for 2.0 2014-11-05 10:18:57 -06:00
sinn3r f34ad57199 Check module references 2014-11-05 09:57:13 -06:00
Luke Imhoff a3829b800d
Update Gemfile.lock 
MSP-11578
 2014-11-05 09:55:31 -06:00
Luke Imhoff 5619b6d554
Add metasploit-framework as dependency of metasploit-framework-pcap 
MSP-11578

Any of the optional depenency gems should depend on the minimal
metasploit-framework as it supplies the versioning information.
 2014-11-05 09:51:38 -06:00
Luke Imhoff 06222911f6
Move pcap bundler group to metasploit-framework-pcap.gemspec 
MSP-11578

This will allow Metasploit Pro to use the
metasploit-framework-pcap.gemspec to ensure it has the correct version of
gems that were previously only in metasploit-framework's Gemfile and so
weren't being checked for version compatibility when Pro used
metasploit-framework.gemspec.
 2014-11-05 09:40:57 -06:00
Luke Imhoff 3093ba8394
Explicitly require 'metasploit/credential' and 'metasploit_data_models' 
By putting the db group into the metasploit-framework-db.gemspec,
bundler no longer automatically required 'metasploit/credential' and
'metasploit_data_models' because gems, such as metasploit-framework-db,
are expected to explictly require their dependencies.
 2014-11-05 09:25:50 -06:00
Luke Imhoff a56a063b84
Move db bundler group to metasploit-framework-db.gemspec 
MSP-11578

This will allow Metasploit Pro to use the
metasploit-framework-db.gemspec to ensure it has the correct version of
gems that were previously only in metasploit-framework's Gemfile and so
weren't being checked for version compatibility when Pro used
metasploit-framework.gemspec.
 2014-11-05 08:58:46 -06:00
Tom Sellers 2bec646393 rolling back a change 2014-11-05 06:49:06 -06:00
Tom Sellers 8aa6fca760 Minor fixes and status update 
Minor tweaks after the PR from @kernelsmith

Remaining items:

1. Handle empty session IDs correctly, for example 'sessions -d' or 'sessions -k'
2. Find a method of explaining the range options in the help text
3. Retest all changed code areas
4. Edit PR Summary to reflect changes to the scope
 2014-11-05 06:46:55 -06:00
Tom Sellers ff6bc5cf68 Merge pull request #3 from kernelsmith/landing/4063-DRYer 
modernizes & DRYs session/job ranges from kernelsmith
 2014-11-05 06:05:14 -06:00
Joshua Smith 78a4ee686b modernizes & DRYs session/job ranges 2014-11-04 23:33:31 -06:00
Jon Hart ff8d481eec Update description to remove comments about defaults. Default to 2013 2014-11-04 21:21:19 -08:00
Jon Hart 2c028ca7a6 Move redirect check before body check -- a redirect won't have a body 2014-11-04 14:19:21 -08:00
Jon Hart 7855ede2de Move userpass emptiness checking into setup 2014-11-04 14:07:39 -08:00
William Vu ebb8b70472
Land #4015, another Android < 4.4 UXSS module 2014-11-04 15:52:29 -06:00
Tod Beardsley f8593ca1b5
Land #4109, tnftp savefile exploit from @wvu-r7 2014-11-04 15:44:13 -06:00
Tod Beardsley 5fb268bbdf
Updates to better OWA fix 2014-11-04 14:32:54 -06:00
Tod Beardsley 714fd0bec6
Incorporate @jhart-r7's better fix 2014-11-04 14:02:37 -06:00
nullbind 56a02fdb4a added mssql_escalate_executeas_sqli.rb 2014-11-04 13:38:13 -06:00
Jon Hart b0e388f4c3
Land #3516, @midnitesnake's snmp_enumusers fix for Solaris, OS X 2014-11-04 08:23:16 -08:00
nullbind 15119d2a0f comment fix-sorry 2014-11-04 09:07:08 -06:00
nullbind f108d7b20a fixed code comment 2014-11-04 08:51:27 -06:00
Joshua Smith b45cbfdf53
Land 4127, fix broken refactor in util/exe 2014-11-04 07:51:12 -06:00
agix 333d420c94 Fix refactoring bug from 23 october in util/exe 
23 October, {} instead of #{} totally break windows service generation
f19b093529 (diff-0f5729034d8b0b321e738f2fc047854fL578)
 2014-11-04 11:59:36 +01:00
midnitesnake 1a2b1db0d5 Merge pull request #3 from jhart-r7/landing-3516-jhart 
Numerous cleanups for snmp_enumusers
 2014-11-04 06:46:32 +00:00
jvazquez-r7 400ef51897
Land #4076, exploit for x7chat PHP application 2014-11-03 18:22:04 -06:00
jvazquez-r7 3bf7473ac2 Add github pull request as reference 2014-11-03 18:18:42 -06:00
jvazquez-r7 44a2f366cf Switch ranking 2014-11-03 18:06:09 -06:00
jvazquez-r7 039d3cf9ae Do minor cleanup 2014-11-03 18:04:30 -06:00
William Vu 277fd5c7a1
Land #4123, release fixes 2014-11-03 16:20:00 -06:00
Juan Escobar 7e4248b601 Added compatibility with older versions, Updated descriptions and fixed issue with Ubuntu 12.04 2014-11-03 16:42:50 -05:00