Commit Graph

17774 Commits (78c9e9a203a0fca173367fd7022d61d43b951cbb)

Author SHA1 Message Date
Meatballs 78c9e9a203 Added opt delay to file_dropper 2013-04-25 18:11:45 +01:00
scriptjunkie 2c41ca6598 Merge branch 'encoding_fix' of git://github.com/rsmudge/metasploit-framework 2013-04-12 21:10:44 -05:00
James Lee 401532e93e Land #1721, Stage encoding for reverse_http(s)
This was an oversight when originally re-enabling stage encoding.

[See #1316]
2013-04-12 13:31:54 -05:00
Tod Beardsley e5a7c38f66 Merges #1728, makes some gems optional for bundler
Verified that pcap, db, and test can be skipped now, should make
Zero_Chaos happy.
2013-04-12 11:25:53 -05:00
Brandon Turner e3ab2e9747 Fix specs with bundler groups
Also output warnings when running Rake when the db group isn't included.
2013-04-12 10:46:00 -05:00
Brandon Turner fde119e889 Move optional gems to bundler groups
Some users are having trouble installing pcap.  Others want postgres to
remain optional.  The move to requiring bundler in a git environment has
made this hard.

This commit provides a path for these users.  By default, bundler will
install all gems, including postgres and pcaprub.  If it fails to
install some, Metasploit will not function.  But there is hope.  Users
can explicitly exclude the gem groups they don't want.

For example:

    bundle install --without db pcap

will exclude the pcap and postgres gems (and their depedencies).

    bundle install --without db pcap development test

will exclude all non-essential gems.

The good news is that the user only needs to use the `--without` option
once.  Bundler will remember it.  So future runs can still do `bundle
install` (or simply `bundle`) and the gems will still be excluded.  And
if the user changes their mind and wants the optional gems, they can
remove their stored *without* preference using:

    bundle config --delete without

[FIXRM #7891]
2013-04-12 09:47:40 -05:00
James Lee 15e2ceb749 Land #1660, dlink backdoor wordlist
[Closes #1660][See #1648]
2013-04-11 23:04:02 -05:00
Luke Imhoff 960392d614 Merge pull request #1725 from bturner-r7/mdm_from_rubygems
Use metasploit_data_models from rubygems
2013-04-11 13:51:08 -07:00
Brandon Turner 97f4882348 Use metasploit_data_models from rubygems 2013-04-11 15:35:19 -05:00
James Lee 8376531a32 Land #1217, java payload build system refactor
[Closes #1217]
2013-04-11 13:10:03 -05:00
James Lee 1d09d7e6e9 Java payload bins
Compiled with the shiny new maven system
2013-04-11 13:08:16 -05:00
jvazquez-r7 7e5d4bc893 Landing #1614, @jwpari nagios nrpe exploit 2013-04-11 17:53:52 +02:00
James Lee e3eef76372 Land #1223
This adds rc4-encrypting stagers for Windows.

[Closes #1223]
2013-04-10 12:14:52 -05:00
Rob Fuller 2949c4a339 enable stage encoding for reverse_http(s) 2013-04-10 12:10:17 -03:00
James Lee 6c980981db Break up long lines and add magic encoding comment 2013-04-10 09:28:45 -05:00
James Lee b3c78f74d2 Whitespace 2013-04-10 09:28:45 -05:00
Tod Beardsley 6a5d318749 Bumping version. 2013-04-10 08:59:56 -05:00
jvazquez-r7 a1605184ed Landing #1719, @m-1-k-3 dlink_diagnostic_exec_noauth exploit module 2013-04-10 11:17:29 +02:00
jvazquez-r7 4f2e3f0339 final cleanup for dlink_diagnostic_exec_noauth 2013-04-10 11:15:32 +02:00
m-1-k-3 8fbade4cbd OSVDB 2013-04-10 10:45:30 +02:00
Tod Beardsley 522642a65d Updating mailmap 2013-04-09 15:34:51 -05:00
Michael Schierl 263e967a6a Merge pull request #1 from todb-r7/pr1217-fix-gitignore-conflict
Pr1217 fix gitignore conflict
2013-04-09 10:04:18 -07:00
Tod Beardsley 2d09aa2a91 Landing #1709. 2013-04-09 10:55:21 -05:00
sinn3r 76d4538d2a Merge branch 'master' of github.com:rapid7/metasploit-framework 2013-04-09 10:24:54 -05:00
sinn3r 8de7b71303 Landing #1711, jhart-r7's improved check to detect unauth conn
For CVE-2013-1899 Postgres modules
2013-04-09 10:22:30 -05:00
sinn3r 1e258170dc It's a filename, so not trying to match any single char 2013-04-09 10:20:52 -05:00
sinn3r 50cf039170 Merge branch 'cve-2013-1899-not-auth' of github.com:jhart-r7/metasploit-framework into jhart-r7-cve-2013-1899-not-auth 2013-04-09 10:19:15 -05:00
Tod Beardsley 65e5ed8950 Merge #1716, version checker fix for UAC bypass 2013-04-09 09:00:30 -05:00
Tod Beardsley ba86e14d43 Whitespace and caps fixes 2013-04-09 08:57:53 -05:00
jvazquez-r7 157f25788b final cleanup for linksys_wrt54gl_apply_exec 2013-04-09 12:39:57 +02:00
jvazquez-r7 b090495ffb Landing pr #1703, m-1-k-3's linksys_wrt54gl_apply_exec exploit 2013-04-09 12:38:49 +02:00
m-1-k-3 b93ba58d79 EDB, BID 2013-04-09 11:56:53 +02:00
HD Moore e2b8d5ed23 Fix from David Kennedy, enable Windows 8 support 2013-04-09 02:07:40 -05:00
Tod Beardsley 95ff5c6ab7 Adding new .gitignores 2013-04-08 22:01:46 -05:00
Tod Beardsley b7ddedcb67 Replacing with master's .gitignore 2013-04-08 21:52:35 -05:00
Tod Beardsley f96126aeb7 Merging #1714, wireless interface fix
No redmine ticket. Note that landing this will shadow commit:a2d6f7b
but landing this empty commit anyway so @jlee-r7 's history gets back to
normal.
2013-04-08 20:23:14 -05:00
James Lee a2d6f7bb17 Landing #1714 - Don't bomb out if there are no wireless interfaces
No redmine ticket reported.
2013-04-08 17:17:47 -05:00
m-1-k-3 cbefc44a45 correct waiting 2013-04-08 21:40:50 +02:00
James Lee 14c1f58afb Don't bomb out if there are no wireless interfaces 2013-04-08 14:19:35 -05:00
jvazquez-r7 225342ce8f final cleanup for sysax_sshd_kexchange 2013-04-08 20:28:37 +02:00
jvazquez-r7 5bc454035c Merge remote-tracking branch 'origin/pr/1710' into landing-pr1710 2013-04-08 20:20:11 +02:00
Jon Hart b1152d1567 Improve Postgres CVE-2013-1899 to detect unauthorized connections 2013-04-08 09:55:23 -07:00
sinn3r d24371eaff Merge branch 'hp_imc_reportimgservlt_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_reportimgservlt_traversal 2013-04-08 10:18:30 -05:00
sinn3r 277bc69140 Merge branch 'bug/rm7288-post-rename' of github.com:jlee-r7/metasploit-framework into jlee-r7-bug/rm7288-post-rename 2013-04-08 10:18:09 -05:00
sinn3r 1b5c34db1a Merge branch 'hp_imc_ictdownloadservlet_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_ictdownloadservlet_traversal 2013-04-08 10:17:19 -05:00
sinn3r 11253c8f3e Merge branch 'hp_imc_faultdownloadservlet_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_faultdownloadservlet_traversal 2013-04-08 10:16:52 -05:00
Matt Andreko f96baa7e7e Code Review Feedback
made the CLIENTVERSION always include the "SSH-2.0-OpenSSH_5.1p1 " to trigger DoS
2013-04-08 10:58:35 -04:00
Matt Andreko 4c8e19ad1a Added reference
Removed final debug print statement
2013-04-08 08:28:53 -04:00
Jon Hart 8a98b1af4a Added command mode, plus fixed the dropping of payloads 2013-04-07 15:39:38 -07:00
m-1-k-3 955efc7009 final cleanup 2013-04-07 17:59:57 +02:00