Commit Graph

12236 Commits (7ddd173b4089cdf8637c3a6164ef36cd01f14304)

Author SHA1 Message Date
sinn3r 7ddd173b40 Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-03-08 00:47:06 -06:00
sinn3r 9ece7b08fc Add vendor's advisory as a reference 2012-03-08 00:46:34 -06:00
sinn3r c63bc27c4b Merge pull request #223 from rsmudge/armitage
Armitage 03.08.12
2012-03-07 22:45:52 -08:00
sinn3r 5f92bff697 Make sure no encoder will break the exploit again 2012-03-08 00:44:57 -06:00
sinn3r 2e94b97c82 Fix description 2012-03-07 23:59:51 -06:00
Raphael Mudge f07be8b7de Armitage 03.08.12
-----------------
Added support for meterpreter's session_host value (allows armitage to associate session w/
a host, even if it's behind a NAT). Armitage also chooses an IPv6 payload when attacking an
IPv6 host.
2012-03-07 20:43:07 -05:00
HD Moore 761f859695 Simplify the module instance (required to call certain methods) 2012-03-07 07:59:41 -06:00
HD Moore 5054840165 Overwrite the local datastore with the normalized option, even if it
came from a global datastore due to a fall-through
2012-03-07 07:37:36 -06:00
HD Moore b89af3546d Revert the previous global fix in favor of a different method.
Fixes #6501
2012-03-07 07:37:36 -06:00
HD Moore 9975d5a220 Always clone modules before running them via the simplified wrappers.
This prevents changes to the datastore or instance variables from
being carried over into a second run
2012-03-07 07:37:36 -06:00
sinn3r d9788db7bb Merge pull request #222 from jduck/master
Fixes #6483
2012-03-07 18:11:48 -08:00
sinn3r 0550b77522 Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-03-07 20:04:04 -06:00
sinn3r 3b4ed13aee Fix typo 2012-03-07 20:03:46 -06:00
Tod Beardsley 33460b6bf4 Fixups on the Adobe Flash exploit description
Massaged the lines about the phishing campagin use in the wild.
2012-03-07 19:37:49 -06:00
sinn3r befb60217c Add CVE-2012-0754 .as source 2012-03-07 19:25:51 -06:00
sinn3r c76f43c066 Add CVE-2012-0754: Adobe Flash Player MP4 cprt overflow 2012-03-07 19:24:00 -06:00
sinn3r f2eab70c3f Add swf file for CVE-2012-0754 2012-03-07 19:23:11 -06:00
Tod Beardsley f97dc8dee7 Fix spelling of the IBM product iSeries
Was I-Series.
2012-03-07 15:24:15 -06:00
sinn3r 7dfba9c00d Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-03-07 14:51:39 -06:00
sinn3r 0ee7788028 Add a check to detect the vulnerable version of Sysax SSH 2012-03-07 14:51:21 -06:00
Joshua J. Drake ab01a19f92 Fixes #6483: Correct the include for the handler (was copypasta) 2012-03-07 11:23:44 -06:00
Tod Beardsley ba2bf194fd Fixes descriptions on new modules.
Fixing up grammar and removing some editorial verbiage.
2012-03-07 09:17:22 -06:00
James Lee 02ea38516f Add a check method for tomcat_mgr_deploy 2012-03-06 23:22:44 -07:00
James Lee 6b9a21936e Whitespace at EOL 2012-03-06 14:14:02 -07:00
James Lee 2b9acb61ad Clean up some incosistent verbosity
Modules should use `vprint_*` instead of `print... if
datastore["VERBOSE"]` or similar constructs
2012-03-06 12:01:20 -07:00
sinn3r 003fa3e22c Apply patch for #6495 2012-03-06 11:43:28 -06:00
sinn3r 22a12a6dfc Add Lotus CMS exploit (OSVDB-75095) 2012-03-06 11:36:28 -06:00
HD Moore 8cbe5d8a54 Force many integer arguments to be integers 2012-03-06 09:28:29 -06:00
HD Moore 99177e9d5e Small commit to fix bad reference and old comment 2012-03-06 01:44:26 -06:00
Tod Beardsley 7f9880a1fc Fixes whitespace on linux shellcode from @mak
Also repairs some weirdly broken comment.

[Closes #131]
2012-03-05 16:59:37 -06:00
Tod Beardsley 9e380d9e88 Merge remote branch 'mak/payload-linux-x64' into l64 2012-03-05 14:58:24 -06:00
James Lee 70162fde73 A few more author typos 2012-03-05 13:28:46 -07:00
James Lee 82c23e95d3 Module author typo 2012-03-05 13:28:46 -07:00
James Lee 3a33434867 Fix a couple of typos that throw off module authors 2012-03-05 13:28:46 -07:00
Tod Beardsley 43c84483dc Merge in db console commands for search
Incorporates search option from @sempervictus , fixing a couple issues
along the way. This resolves Redmine issue #6185.

[Closes #107]
2012-03-05 13:41:02 -06:00
Tod Beardsley 85d1b77ed3 Fix up notes search implementation
Uses delete_if and a negative assertion, rather than the (much nicer but
unavailable) keep_if method.
2012-03-05 13:40:26 -06:00
Tod Beardsley a957c45daf Tidies up sempervictus's search patch
Affects the console's db commands of hosts, services, vulns, creds, notes,
loot

Skips searching entirely unless a search term is provided, and
explicitly casts the term as a Regexp object from the outset.

Avoids using Object#to_sym in preference of Object#intern (safer in
nearly all cases)

Temporarily disables functionality on notes since Array#keep_if isn't
available prior to Ruby 1.9.2
2012-03-05 13:40:26 -06:00
RageLtMan fb475ca49c Search functionality for db dispatcher commands 2012-03-05 13:40:26 -06:00
sinn3r afd1af6377 Merge branch 'apf-info' of https://github.com/gregory-m/metasploit-framework into gregory-m-apf-info 2012-03-05 11:18:23 -06:00
sinn3r 1005de0523 Port should not contain a non-numeric value or even empty when assigned to :port 2012-03-05 11:10:16 -06:00
Gregory Man 6726f07dbc afp_server_info fixes and improvements
1.9 compatibility, timeouts, reporting
2012-03-05 14:57:59 +02:00
HD Moore cea4529f5e Add an example of preconfigured proxy stager 2012-03-05 00:59:47 -06:00
Gregory Man d9f0453ee9 Added auxiliary/scanner/afp/afp_server_info module 2012-03-02 21:58:40 +02:00
James Lee 65c0cbdc00 Allow tab completion for resource files in current dir 2012-03-02 11:19:46 -07:00
Tod Beardsley faad9db393 Merge branch 'wmap_update'
Fixed up a few merge conflicts, tested against metasploitable, looks
functional. Thanks Efraim!

[Closes #154]
2012-03-02 10:25:31 -06:00
Tod Beardsley 7447052b38 Convert WMAP constant name to the new format. 2012-03-02 10:18:32 -06:00
Tod Beardsley 302853f5a4 Unpolluting SVN Revision keyword
Sometimes Revision keywords get expanded, too. Fix those.
2012-03-02 10:18:32 -06:00
Tod Beardsley 3626d48db2 Un-polluting SVN Id keyword
Sometimes the SVN Id keyword sneaks back into the github repo already
expanded.
2012-03-02 10:18:32 -06:00
Efrain Torres 36a3341acd Fix body cero. 2012-03-02 10:18:32 -06:00
Efrain Torres 6fba0698e5 Adding another detection method for blind sqli 2012-03-02 10:18:32 -06:00