infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,257 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

16257 Commits (7ca9a216f4933eefeb31ef45dc8ad46aea662247)

Author SHA1 Message Date
kernelsmith 7ca9a216f4 Merge remote-tracking branch 'upstream/master' into msfconsole-grep 2013-01-14 14:15:32 -06:00
kernelsmith 3c44769bd8 attempt to add nested tab completion 2013-01-14 14:15:13 -06:00
jvazquez-r7 c6c59ace46 final cleanup 2013-01-14 20:53:19 +01:00
jvazquez-r7 5ecb0701ea Merge branch 'freesshd_authbypass' of https://github.com/danielemartini/metasploit-framework into danielemartini-freesshd_authbypass 2013-01-14 20:52:45 +01:00
jvazquez-r7 702638a6a3 final cleanup 2013-01-14 17:36:24 +01:00
jvazquez-r7 b0a339708d Merge branch 'w3totalcache' of https://github.com/FireFart/metasploit-framework into FireFart-w3totalcache 2013-01-14 17:35:48 +01:00
Christian Mehlmauer b11fd48b05 implemented juans feedback 2013-01-14 17:06:52 +01:00
Christian Mehlmauer 8b85f7d977 fix msftidy 2013-01-14 14:55:53 +01:00
Christian Mehlmauer 0acbcfd964 fix url path 2013-01-14 14:39:50 +01:00
Christian Mehlmauer c17ee70e66 Use target_uri for the wordpress url 2013-01-14 14:34:34 +01:00
Christian Mehlmauer 0c95938b1d Added a request to force db caching 2013-01-13 20:12:37 +01:00
Daniele Martini 04fe1dae11 Added module for Freesshd Authentication Bypass (CVE-2012-6066) 
This module works against FreeSSHD <= 1.2.6. Tested against
password and public key authentication methods. It will generate
a random key and password.

To use it you need to know a valid username. The module contains
a basic bruteforce methods, so you can specify more than one to try.
 2013-01-13 17:08:04 +01:00
kernelsmith 7f90082bec grep tab complete is working, but not fully 
options tab complete, but not the commands at the end
 2013-01-13 03:06:56 -06:00
kernelsmith d9990829d9 fixes some issues with -k and -s 2013-01-13 02:39:56 -06:00
kernelsmith 1646fc8faa Merge remote-tracking branch 'upstream/master' into msfconsole-grep 2013-01-13 02:18:54 -06:00
kernelsmith e7372250d2 added -k keep and -s skip 2013-01-13 02:18:45 -06:00
James Lee 4703a6f737 Unbreak OptInt hex syntax 
* Fix spec for no-longer-pending tests
* Fix regex in OptInt#valid? to allow hex syntax again

[See #1293][See #1296]
 2013-01-12 14:17:29 -06:00
James Lee 5fc008566f Merge branch 'master' of github.com:rapid7/metasploit-framework into rapid7 2013-01-12 14:08:47 -06:00
Christian Mehlmauer 27f100d37c fix email 2013-01-12 14:24:29 +01:00
Christian Mehlmauer d36c966931 spaces 2013-01-12 14:22:38 +01:00
Christian Mehlmauer 93b5980210 fix 2013-01-12 14:13:54 +01:00
Christian Mehlmauer 0b8094eb5d w3_total_cache 2013-01-12 14:09:59 +01:00
HD Moore 06fb8f5443 Merge pull request #1293 from wchen-r7/optint_valid 
Fix OptInt's valid?() function
 2013-01-11 17:29:27 -08:00
HD Moore bfc7c3ad0a Merge pull request #1278 from kernelsmith/gitignore 
change doc to doc/ in .gitignore
 2013-01-11 17:28:48 -08:00
HD Moore c1997e3b9d Merge pull request #1296 from wchen-r7/normalize_optport 
[FixRM: #7535] Missing normalize() in OptPort
 2013-01-11 17:23:12 -08:00
kernelsmith 0b130e49e7 Squashed commit of the following: 
commit 1beebe758c32a277e0a77f7d1011a56fda707732
Author: kernelsmith <kernelsmith@kernelsmith>
Date:   Fri Jan 11 17:55:27 2013 -0600

    fixes missing word in descript. of rails exploit

    simple omission fix in description

[Closes #1295]
 2013-01-11 19:02:06 -06:00
sinn3r 8c04df4a47 [FixRM: #7535] Missing normalize() in OptPort 
[FixRM: #7535] - Sometimes OptPort can return as a String instead
of Fixnum because OptPort is missing the normalize() function.
 2013-01-11 18:34:27 -06:00
James Lee f9fe9441f0 Merge remote-tracking branch 'wchen-r7/optint_valid' into rapid7 2013-01-11 17:43:19 -06:00
sinn3r ef6eec949c Move impersonate_ssl 
To 'gather', because it grabs stuff, not scans.
 2013-01-11 17:22:27 -06:00
sinn3r 0347b173eb Fix OptInt's valid?() function 
[FixRM #7539] - The valid?() function will first normalize() the
user-supplied input before validation.  The problem is that the
normalize() function will ALWAYS convert data to integer, therefore
whatever you validate, you will always get true.  For example:
when I do "yomama".to_i, that returns 0, and of course will pass
integer validation.
 2013-01-11 16:27:33 -06:00
sinn3r 4adf429c31 Adds one more ref 2013-01-11 01:33:26 -06:00
sinn3r 23ef8280be Merge branch 'java_0day_refs' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-java_0day_refs 
Conflicts:
	modules/exploits/multi/browser/java_jre17_jmxbean.rb
 2013-01-11 01:33:11 -06:00
HD Moore 6471a70053 Pass the X-HTTP-Method-Override parameter for compat 2013-01-10 20:27:13 -06:00
sinn3r e709811c5a CVE update 2013-01-10 19:51:04 -06:00
jvazquez-r7 2c05af721c module also updated with refs 2013-01-11 00:57:05 +01:00
jvazquez-r7 51f3f59d2f cve and references available 2013-01-11 00:54:53 +01:00
James Lee 19ff7f93ae Merge remote-tracking branch 'wchen-r7/encoder_fixes' into rapid7 2013-01-10 17:41:08 -06:00
James Lee 0f346dde9e Some whitespace and ruby -c fixes 2013-01-10 17:29:54 -06:00
James Lee ab64c428ab Merge remote-tracking branch 'kernelsmith/RM7676-migrate-h' into rapid7 2013-01-10 17:24:11 -06:00
James Lee 70c8296856 Merge branch 'master' of github.com:rapid7/metasploit-framework into rapid7 2013-01-10 17:20:24 -06:00
James Lee d4854606f2 Cosmetic fixes 
[FixRM #7223][See #1283]
 2013-01-10 17:18:25 -06:00
sinn3r 192279544b BufferRegister should be validated. 
If BufferRegister is in lower-case, then gen_decoder_prefix will
return nil.  When the return value is nil, other functions like
gen_decoder() will backtrace due to a "undefined method "+" for nil"
error.  Therefore, this input should NOT be case-sensitive.

Also, if for some reason the user supplies an invalid BufferRegister,
the function should be aware of that and warn the user about the
bad input.
 2013-01-10 17:14:38 -06:00
jvazquez-r7 6a7f8758e0 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-01-11 00:14:22 +01:00
sinn3r 0527a7ee9b Import datastore options when using an encoder 
If you can't pass datastore options, sometimes you can't even
use an encoder.  [FixRM #7681]
 2013-01-10 17:11:58 -06:00
jvazquez-r7 8c5847a13c Make output compatible with an scanner module 2013-01-11 00:10:15 +01:00
HD Moore 9c652d1d55 Add a note about ruby 1.9 requirements 2013-01-10 17:10:03 -06:00
jvazquez-r7 0e950997e6 Merge branch 'wordpress-pingback-access' of https://github.com/smilingraccoon/metasploit-framework into smilingraccoon-wordpress-pingback-access 2013-01-10 23:57:22 +01:00
James Lee afb12983ab Merge branch 'rapid7' into kernelsmith-msfconsole-suspend 2013-01-10 16:40:27 -06:00
kernelsmith e8c239dc81 changed TODO to @todo per egypt 2013-01-10 16:35:01 -06:00
kernelsmith b3266823ba Addressed egypt's comments 
-changed the suspend/resume loop logic to reduce code duplication.
-fixed up some print_*'s to remove embedded \n's
-changed formatting on some error messages
-switched comment to a TODO:
-change host_processes.select (blah} to use .find instead
-adjusted code due to remvoal of the pids.dup, resulting in arr_pids
disappearing
 2013-01-10 15:40:54 -06:00