Commit Graph

22317 Commits (8161663ee5c77a9aca7c40fc160779356e09e905)

Author SHA1 Message Date
Mekanismen 313a98b084 moved coldfusion_rds to multi directory and fixed a bug 2013-12-10 08:45:27 +01:00
William Vu 70f74ab1e0
Land #2747, browser_history author fix 2013-12-09 21:40:37 -06:00
Tod Beardsley 1b3bc878f8
Unscrew the author name 2013-12-09 21:32:03 -06:00
bmerinofe e9edce10ac Applying changes 2013-12-10 03:07:40 +01:00
Joe Vennix 06b651de7b Revert read_file to cat so that pipe will work. 2013-12-09 19:30:08 -06:00
Joe Vennix 450716c788 Remove meterpreter support from osx autologin gather. 2013-12-09 19:19:20 -06:00
Mekanismen 0845e3ce37 updated 2013-12-10 00:45:34 +01:00
Mekanismen bca2212f7e updated 2013-12-09 23:28:17 +01:00
Mekanismen 60d32be7d9 updated 2013-12-09 23:10:13 +01:00
Brandon Turner 3b0a01e6dc
Land #2746, weekly update grammer/caps fixup 2013-12-09 14:18:42 -06:00
Tod Beardsley e737b136cc
Minor grammar/caps fixup for release 2013-12-09 14:01:27 -06:00
Mekanismen 14d12a2ce3 updated 2013-12-09 20:22:26 +01:00
Ramon de C Valle 37826688ce Add cfme_manageiq_evm_pass_reset.rb
This module exploits a SQL injection vulnerability in the "explorer"
action of "miq_policy" controller of the Red Hat CloudForms Management
Engine 5.1 (ManageIQ Enterprise Virtualization Manager 5.0 and earlier)
by changing the password of the target account to the specified
password.
2013-12-09 16:49:07 -02:00
Ramon de C Valle 21661b168b Add cfme_manageiq_evm_upload_exec.rb
This module exploits a path traversal vulnerability in the "linuxpkgs"
action of "agent" controller of the Red Hat CloudForms Management Engine
5.1 (ManageIQ Enterprise Virtualization Manager 5.0 and earlier).
2013-12-09 16:18:12 -02:00
Joe Vennix 6d1d45c691 Add user param to nt_hash call. 2013-12-09 10:28:06 -06:00
jvazquez-r7 c59b8fd7bc
Land #2741, @russell TCP support for nfsmount 2013-12-09 09:46:34 -06:00
Mekanismen 67415808da added exploit module for CVE-2013-0632 2013-12-09 15:18:34 +01:00
Russell Sim 291a52712e Allow the NFS protocol to be specified in the mount scanner 2013-12-09 21:26:29 +11:00
sinn3r 1e30cd55f7
Land #2740 - Real regex for MATCH and EXCLUDE 2013-12-09 03:05:08 -06:00
sinn3r 9c5991980a
Land #2733 - Disable meterpreter support because they're not stable 2013-12-09 02:50:36 -06:00
sinn3r 2f6a77861a
Land #2731 - vBulletin nodeid SQL injection (exploit) 2013-12-09 02:22:07 -06:00
sinn3r feca3efafb
Land #2728 - vBulletin Password Collector via nodeid SQL Injection 2013-12-09 02:12:42 -06:00
sinn3r 92412279ae Account for failed cred gathering attempts
Sometimes the SQL error doesn't contain the info we need.
2013-12-09 02:11:46 -06:00
Joe Vennix cd66cca8a1 Make browser autopwn datastore use OptRegexp. 2013-12-08 17:46:33 -06:00
Joe Vennix dea35252af Kill unused method. 2013-12-08 14:35:49 -06:00
Joe Vennix df76651834 Make sure loot is named correctly. 2013-12-08 14:31:18 -06:00
Joe Vennix 7f3ab14179 Make pipe part of /bin/bash cmd. 2013-12-08 14:27:28 -06:00
Joe Vennix 9b34a8f1ad Supports 10.3 2013-12-08 14:26:16 -06:00
Joe Vennix f981a04918 Fix MATCHUSER bug.
* Also add spacing and indentation for better readability.
* Refactors grab_shadow_blob method.
2013-12-08 14:21:48 -06:00
Meatballs 45a0ac9e68
Land #2602, Windows Extended API
Retrieve clipboard data
Retrieve window handles
Retrieve service information
2013-12-08 19:01:35 +00:00
Meatballs e5a92a18a5
and expand path 2013-12-08 19:01:03 +00:00
Meatballs 3c67f1c6a9
Fix file download 2013-12-08 18:57:10 +00:00
Meatballs ab1ddac0c8
Merge remote-tracking branch 'upstream/master' into submodule
Conflicts:
	external/source/exploits/cve-2013-3660/dll/reflective_dll.vcxproj
2013-12-08 18:25:03 +00:00
jiuweigui 2a0b503f06 Minor fix 2013-12-08 18:17:22 +02:00
Joe Vennix eacab1b2ad Fix description, kill dead constant. 2013-12-07 22:28:16 -06:00
Joe Vennix 969f45fd32 Refactor OSX hashdump post module.
* Adds support for MATCHUSER regex option
* Adds support for OSX 10.8 and 10.9 hashes (PBKDF2)
* DRYs up a bunch of older code, adds lots of helper fns
* Ends up shaving off ~20 lines
2013-12-07 22:22:23 -06:00
dmaloney-r7 0c5d748fca Merge pull request #1103 from scriptjunkie/dllinjectfix
Support silent shellcode injection into DLLs
2013-12-07 19:47:34 -08:00
scriptjunkie f4636c46a6
Removing unused endjunk, sections_end, cert_entry 2013-12-07 20:55:51 -06:00
scriptjunkie 77e9996501
Mitigate metasm relocation error by disabling ASLR
Deal with import error by actually using the GetProcAddress code.
2013-12-07 20:54:13 -06:00
scriptjunkie 8d33138489 Support silent shellcode injection into DLLs
Only run code on DLL_PROCESS_ATTACH, preventing infinite loop otherwise:
Added code would create thread -> calls DLL entry point -> calling added code...
2013-12-07 19:44:17 -06:00
Joe Vennix 3066e62711 Fix typo, fix no-autologin users bug. 2013-12-07 19:27:36 -06:00
Joe Vennix 4cb788b9de Adds osx autologin password post module. 2013-12-07 19:01:35 -06:00
Joe Vennix c6eac67ab5 Kill meterpreter support for osx media modules.
There is some bug that I haven't been able to track down that causes the
osx call to run the event queue to just hang on latest OSX + Java/python
meterpreter. I tried rewriting these modules using OSX's new Media API,
but I run into the same problem. Until I find a solution, we should mark
these shell-only.
2013-12-07 17:46:26 -06:00
joev c51e9036ae
Merge branch 'land_mipsbe_xor_encoder' into upstream-master 2013-12-07 17:28:57 -06:00
jvazquez-r7 75fb38fe8d
Land #2724, @wchen-r7 and @jvennix-r7's module for CVE-2013-6414 2013-12-07 14:26:46 -06:00
jvazquez-r7 fdebfe3d2f Add references 2013-12-07 14:25:58 -06:00
jvazquez-r7 f77784cd0d
Land #2723, @denandz's module for OSVDB-100423 2013-12-06 17:32:07 -06:00
DoI 3ed293a1d0 Merge pull request #1 from jvazquez-r7/review_2723
Review uptime_file_upload
2013-12-06 15:29:15 -08:00
jvazquez-r7 3729c53690 Move uptime_file_upload to the correct location 2013-12-06 15:57:52 -06:00
jvazquez-r7 2ff9c31747 Do minor clean up on uptime_file_upload 2013-12-06 15:57:22 -06:00