infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
42,079 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

42079 Commits (7a6a124272b7c52177a540317c710f9a3ac925aa)

Author SHA1 Message Date
David Maloney eb29bf05b3 Merge branch 'master' of github.com:rapid7/metasploit-framework 2017-04-18 13:33:06 -05:00
Metasploit 05e15cee18
Bump version of framework to 4.14.13 2017-04-18 08:17:22 -07:00
James Barnett a444444a04 Land #8256. Handle blank creds in smb login scanner. 2017-04-18 10:11:37 -05:00
nixawk 0a085c4e83 add doc for exploit/windows/fileformat/office_word_hta 2017-04-18 03:26:10 -05:00
David Maloney 1d52e269a7
update ruby_smb 2017-04-17 22:20:02 -05:00
David Maloney 6ed15a6df8
update ruby_smb 2017-04-17 22:18:36 -05:00
David Maloney 9634248211
treat socket reads as a connection error 
treat failures to read from the socket
as a connection error
 2017-04-17 21:58:22 -05:00
James Lee 84dd5cd01a
Add a simple upload exec module 2017-04-17 19:34:21 -05:00
Adam Cammack 85845b3be5
Land #8257, Fix typo in exploit/linux/smtp/haraka 2017-04-17 13:31:28 -05:00
itsmeroy2012 5f921859f0 adding hotlinks 2017-04-17 23:37:44 +05:30
itsmeroy2012 84220d6617 Minor edits 2017-04-17 23:30:07 +05:30
Nate Caroe 92e7183a74 Small typo fix 
Running msfconsole would generate an Ubuntu crash report (?). This seems to be the culprit.
 2017-04-17 11:14:51 -06:00
William Vu 942959f7e8
Land #8255, fixes for smb_ms17_010 2017-04-17 11:38:34 -05:00
David Maloney a597de516d
actually use the coerced values 2017-04-17 11:24:57 -05:00
David Maloney bbdf06af5d
coerece nil credentials to empty strings 
rubySMB doesn't take nils for credential data, so coerce any nils into
empty strings bfore sending it on
 2017-04-17 11:17:09 -05:00
Brent Cook 5a1e2d6f98
Land #8253, Auto-close and hide HTA windows 2017-04-17 07:42:49 -05:00
Brent Cook 7b936b0012
Land #8184, convert IPMI protocol and modules to bindata 2017-04-17 07:40:15 -05:00
Brent Cook 6f70efcfa1 add module documentation 2017-04-17 07:39:43 -05:00
Brent Cook 7384212656
Land #8245, Add Huawei HG532n command injection exploit 2017-04-17 07:04:05 -05:00
William Vu cf8854b0e0
Land #8252, Msf::Util::EXE loop-vbs double var fix 2017-04-17 03:19:11 -05:00
William Vu b1c7f1302b Fix report_vuln and prefer vprint_error 2017-04-17 02:48:56 -05:00
Ahmed S. Darwish e21504b22d huawei_hg532n_cmdinject: Use send_request_cgi() 'vars_get' key 
Instead of rolling our own GET parameters implementation.

Thanks @wvu-r7!
 2017-04-17 09:11:50 +02:00
nixawk 3d082814cb Fix default options 2017-04-17 01:09:48 -05:00
Ahmed S. Darwish 7daec53106 huawei_hg532n_cmdinject: Improve overall documentation 
- Add section on compiling custom binaries for the device
- Add documentation for Huawei's wget flavor (thanks @h00die)
- Abridge the module's info hash contents (thanks @wwebb-r7)
- Abridge the module's comments; reference documentation (@h00die)
 2017-04-17 08:00:51 +02:00
nixawk 637098466c Hidden black flash windows / Close HTA windows 2017-04-16 22:53:17 -05:00
nixawk 484a545629 Replace exe.rb double variable declare 2017-04-16 22:38:49 -05:00
Ahmed S. Darwish 8a302463ab huawei_hg532n_cmdinject: Use minimum permissions for staged binary 
Use u+rwx permissions only, instead of full 777, while staging the
wget binary to target. As suggested by @wvu-r7 and @busterb.
 2017-04-17 03:27:57 +02:00
Ahmed S. Darwish 7ca7528cba huawei_hg532n_cmdinject: Spelling fixes suggested by @wvu-r7 2017-04-17 03:23:20 +02:00
Brent Cook 601131c851
Land #8250, Fix packet ordering issue with reverse_tcp sessions 2017-04-16 19:47:21 -05:00
Brent Cook 67047cf770 Revert "Fixes MS-1716, keep sessions in progress alive." 
This reverts commit e5d0370a94.
 2017-04-16 15:52:22 -05:00
Brent Cook 53e6fa83cf
Land #8248, bump metasploit-payloads, fix 64-bit builds 2017-04-16 08:55:00 -05:00
Brent Cook 7613bd8964 bump metasploit-payloads, fix 64-bit builds 2017-04-16 08:52:41 -05:00
mr_me f8c72df289 added some documentation 2017-04-16 08:41:52 -05:00
Ahmed S. Darwish 7b8e5e5016 Add Huawei HG532n command injection exploit 2017-04-15 21:01:47 +02:00
itsmeroy2012 477b78a75e adding : 2017-04-15 17:37:21 +05:30
itsmeroy2012 aae009a542 missed heading 2017-04-15 17:35:52 +05:30
itsmeroy2012 8ad80ea3d6 fixing whitespaces 2017-04-15 17:34:14 +05:30
itsmeroy2012 39b228bb39 fixing headings 2017-04-15 17:32:35 +05:30
itsmeroy2012 f573d004d2 KB for manageengine_connectionid_write 2017-04-15 17:30:44 +05:30
Brent Cook 759dbcfe81
Land #8237, modernize and improve reliability of keystroke capture with meterpreter 2017-04-14 22:03:47 -05:00
Brent Cook fe33fe5571 bump payloads with new keyscan code 2017-04-14 21:54:50 -05:00
Brent Cook 7950087804 Merge branch 'upstream-master' into land-8237- 2017-04-14 21:53:26 -05:00
nixawk fb001180c4 Fix generate_uri 2017-04-14 21:52:31 -05:00
nixawk 590816156f rename exp module 2017-04-14 21:32:48 -05:00
nixawk 1952529a87 Format Code 2017-04-14 21:30:26 -05:00
nixawk a9df917257 Fix rtf info author 2017-04-14 21:16:39 -05:00
William Webb cbebc5dc39
really remove errant keyscan_extract() call 2017-04-14 15:21:11 -05:00
Brent Cook a9857eb1c2
Land #8099, Aux module to launch instances in AWS 2017-04-14 14:12:10 -05:00
Brent Cook 42122d2835
Land #8238, move SMB2 support back into smb_login, add simpler permissions checks 2017-04-14 14:06:46 -05:00
Brent Cook c16e2fa88e
bump to prerelease rubyntlm to get rid of Ruby 2.4 warning msgs. 2017-04-14 14:06:19 -05:00