infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
45,449 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

45449 Commits (7d873ea7ab47367be0fc363ff0b7fa5a5c7244dd)

Author SHA1 Message Date
christopher lee 8b4c7b886f Updated to use delete_if 2018-02-28 11:00:40 -06:00
christopher lee 964be3b5f0 Fix problem with stale module cache 2018-02-28 08:41:14 -06:00
xistence ff6c601517
Merge pull request #1 from jhart-r7/pr/fixup-9643 
Use drdos mixin for memcached amp module
 2018-02-28 14:15:26 +07:00
Jon Hart 9e1a7c869c
Use drdos mixin for memcached amp module 2018-02-27 22:51:27 -08:00
xistence 05c99ffb5c Add Memcached amplification scanner 2018-02-28 11:24:17 +07:00
UserExistsError 35b66d0e60 added payload tests 2018-02-27 19:24:51 -07:00
h00die dfcbbfea83
Land #9641 spelling fix for wmap rc 2018-02-27 20:29:05 -05:00
Biswajit Roy a25ce0f259
Fixed Typos 
Simply removed some typing mistakes.
 2018-02-28 03:37:14 +05:30
Brent Cook 9597e5294d treat MUST_CHANGE + PASSWORD_EXPIRED as valid 2018-02-27 15:21:21 -06:00
Brent Cook 325ad7256e if multi/handler is disabled, exit 2018-02-27 04:30:09 -06:00
Jon Hart f09c5eafc7 Appease hound 2018-02-27 04:12:58 -06:00
Jon Hart 46299dff00 The DRDOS mixin operates on strings, so make the bindata'd NTP classes cooperate 2018-02-27 04:12:57 -06:00
Jon Hart d7853aaf60 Revert "update NTP drdos lib to use correct method on bindata objects" 
This reverts commit 166070e9c37a4130f976f806116881c70a8401c6.
 2018-02-27 04:12:57 -06:00
Brent Cook bcf5918fb6 update NTP drdos lib to use correct method on bindata objects 2018-02-27 04:12:57 -06:00
Brent Cook 66e3ac4c76 treat 'password must change' as a successful login 2018-02-26 17:57:31 -06:00
William Vu 0e4fc48df4
Fix #9602, a little defensive programming 
Check for a nil message and unnecessary auth failures while looping.
 2018-02-26 16:52:25 -06:00
James Barnett 847b9ba0d0
Add option to delay between runthroughs 2018-02-26 16:27:03 -06:00
Brent Cook 95a019675f
Land #9629, decouple hosts and targets for tests 2018-02-26 12:19:03 -06:00
Jeffrey Martin bb0d5ba8da
decouple hosts and targets for tests 2018-02-25 17:10:22 -06:00
Wei Chen 55a045eb76
Land #9623, Support Win 2008/7+ for enum_ms_product_keys 
Land #9623
 2018-02-25 14:56:39 -06:00
Rob Fuller 0c82b0a922
Support Windows 2008/7 and above 
Probably about time that we supported versions less than 10 years old :)
 2018-02-24 16:06:55 -05:00
h00die 023bf79097
Land #9310 docs for many aux scanners 2018-02-24 14:32:33 -05:00
h00die c56d7967e7 finished cleanup 2018-02-24 14:31:52 -05:00
h00die 15a29a1994 finished up comments 2018-02-24 13:39:14 -05:00
James Barnett 133b34827f
Fix false+ login in a few more places 2018-02-23 13:16:41 -06:00
James Barnett 1c9c1dc1fc
Add password spray option to brute force 2018-02-23 12:30:11 -06:00
Brent Cook 2e568aa660
Land #9607, upgrade osx shells to osx meterpreter 2018-02-23 11:11:44 -06:00
Brent Cook 4365bd3af5 bump rex-exploitation 2018-02-23 11:10:49 -06:00
Brent Cook cd728defed Merge branch 'master' into land-9607- 2018-02-23 11:09:20 -06:00
h00die c7bbc6eca4 juniper post enum module 2018-02-22 21:08:21 -05:00
UserExistsError e19a071910 add bind_named_pipe x86 2018-02-22 19:03:37 -07:00
William Vu 7663e5c1f6
Land #9601, ms17_010_eternalblue reliability fixes 2018-02-22 15:30:45 -06:00
James Barnett 9cad71f003 Merge branch 'master' into owa_login_improvements 2018-02-22 15:02:52 -06:00
James Barnett 5815b626d9
Dont save email addresses as valid 
Also add module doc for owa_login module
 2018-02-22 14:58:11 -06:00
Brent Cook 65b0d9555f
Land #9611, Fix bug causing all OWA logins to appear valid 2018-02-22 11:55:36 -06:00
James Barnett e531dbc976
Fix bug causing all logins to appear valid 
The headers we were looking for were a little too loose
and were incorrectly identifying all responses as successful
login attempts
 2018-02-22 11:25:35 -06:00
dmohanty-r7 0f0270b144
Land #9610, lock ruby_smb to '0.0.18' 2018-02-22 11:03:40 -06:00
Brent Cook d737f77b84 bump gems, lock ruby_smb for now 2018-02-22 10:45:49 -06:00
bwatters-r7 4b8a8fa2b1
Land #9441, Create exploit for AsusWRT LAN RCE 
Merge branch 'land-9441' into upstream-master
 2018-02-22 10:40:45 -06:00
Jacob Robles 738d6ab33a
Land #9604, Fix logged errors when running without Python 3.6 / gmpy2 2018-02-22 08:11:30 -06:00
Brent Cook 99e278fa29
Land #9584, Fix reverse_php_ssl infinite loop 2018-02-22 07:03:52 -06:00
Brent Cook 855fbc1689
Land #9602, Create sessions with the Fortinet SSH backdoor scanner 2018-02-22 06:04:18 -06:00
Tim W bfec2e8293 add more cmd_exec tests 2018-02-22 17:14:56 +08:00
Trevor Sibanda 77b3673e38 Fix reverse_php_ssl infinite loop 2018-02-22 08:42:54 +00:00
Tim W 78309f30cd add test for cmd_exec 2018-02-22 16:41:37 +08:00
Brent Cook 7e665ab287 check for extra libraries explicitly, fail gracefully 2018-02-21 21:54:58 -06:00
Brent Cook 3f88e59516 handle Python 3.5/3.6 differences so we always have a UTF-8 string 2018-02-21 21:54:27 -06:00
William Vu a9d6845f25 Add module doc 2018-02-21 21:50:08 -06:00
William Vu 3880f6a65e Finally fix "Unknown admin user ''" after 2yrs 
The failed password auth was necessary after all. I misread the PoC. :'(

Apparently the password auth sets the username, while the backdoored
keyboard-interactive auth sets the password.
 2018-02-21 20:44:35 -06:00
William Vu cc2495dd9c Explain fortinet-backdoor -> FortinetBackdoor 2018-02-21 17:05:30 -06:00