Commit Graph

14716 Commits (82eaa322fe6b0158d4e06216cf163587142ebc43)

Author SHA1 Message Date
sinn3r 25f4e3ee1f Update patch information for MS12-063 2012-09-21 12:28:41 -05:00
Chris John Riley 9753494cba Corrected regex scan vs. match issues
Altered PS and PCL to elsif to avoid
double detection of printjobs.
2012-09-21 13:20:14 +02:00
jvazquez-r7 ed24154915 minor fixes 2012-09-21 11:36:58 +02:00
Chris John Riley f7aaae614e Reduced instances of #{name} to client
connections and disconnections. All other
output should be self explanatory and
doesn't need #{name}
2012-09-21 11:08:47 +02:00
Chris John Riley 78f77a3df2 Replaced if @verbose with vprint_status
Corrected bug in non-detected print types
2012-09-21 10:59:39 +02:00
bcoles 6ee2c32f08 add ZEN Load Balancer module 2012-09-21 17:25:20 +09:30
jvazquez-r7 0032713198 description modified 2012-09-21 10:09:42 +02:00
jvazquez-r7 f6baf7fe34 Merge branch 'MySQL-JtR' of https://github.com/halfie/metasploit-framework into halfie-MySQL-JtR 2012-09-21 10:08:34 +02:00
sinn3r 54b98b4175 Merge branch 'ntr_activex_check_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ntr_activex_check_bof 2012-09-20 16:43:20 -05:00
sinn3r 4ead0643a0 Correct target parameters 2012-09-20 16:41:54 -05:00
sinn3r 41449d8379 Merge branch 'ntr_activex_stopmodule' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ntr_activex_stopmodule 2012-09-20 16:33:12 -05:00
sinn3r 1534c4af6f Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-09-20 16:20:34 -05:00
sinn3r 776d24d8a9 cleanup 2012-09-20 16:16:30 -05:00
sinn3r 311c01be46 Cleanup, improve option handlingg 2012-09-20 16:14:15 -05:00
David Maloney 7fcc34766a Added datastore items to BAP handlers
Added two datastore items to handlers created by BAP
2012-09-20 15:21:08 -05:00
Tod Beardsley a5ffe7297f Touching up Kernelsmith's wording.
It is merely the ROP chain, not the vuln, that requires Java.
2012-09-20 14:52:52 -05:00
Tod Beardsley 883dc26d73 Merge remote branch 'kernelsmith/ie_execcommand_uaf_info' 2012-09-20 14:48:36 -05:00
Tod Beardsley b1ce969c95 Merge remote branch 'kernelsmith/msfconsole-s' 2012-09-20 14:31:55 -05:00
Tod Beardsley 1f90130475 Touchups to msfconsole command parsing
Move from -s to -x and use a semicolon.
2012-09-20 14:29:45 -05:00
kernelsmith d7727c880a adds -s <string> Execute the specified string as console commands to msfconsole
for convenience when you don't need/want a full resource file, you just
want to run something quick
example usage:
# say you have a saved config ready to go on load
./msfconsole -s 'exploit -j'
# you can run multiple commands too
./msfconsole -s 'set ConsoleLogging true\nshow options'
2012-09-20 14:29:45 -05:00
Josh 1a2e5e9e0b Merge pull request #7 from todb-r7/msfconsole-s
Touchups to msfconsole command parsing, changes to -x, and changes separator to ';'
2012-09-20 12:18:12 -07:00
Tod Beardsley cf8edf8570 Touchups to msfconsole command parsing
Move from -s to -x and use a semicolon.
2012-09-20 13:40:01 -05:00
sinn3r 57fd9b8c18 Merge branch 'master' of https://github.com/dcbz/metasploit-framework into dcbz-master 2012-09-20 13:37:31 -05:00
kernelsmith 56d5c13755 adds -s <string> Execute the specified string as console commands to msfconsole
for convenience when you don't need/want a full resource file, you just
want to run something quick
example usage:
# say you have a saved config ready to go on load
./msfconsole -s 'exploit -j'
# you can run multiple commands too
./msfconsole -s 'set ConsoleLogging true\nshow options'
2012-09-20 12:23:48 -05:00
jvazquez-r7 e98e3a1a28 added module for cve-2012-0266 2012-09-20 19:03:46 +02:00
jvazquez-r7 b61c8b85b8 Added module for CVE-2012-02672 2012-09-20 19:02:20 +02:00
Chris John Riley 3d254b69fd Applied all requirements from pull/715
Reworked PCL regex to match PCL 6/XL
msftidy is still complaining about
an indent. Can't find why however!

New PULL created as per request from
jvazquez-r7
2012-09-20 18:04:36 +02:00
Dhiru Kholia 17f7e94f4d Add support for dumping MySQL challenge-response pairs in JtR format 2012-09-20 13:54:12 +05:30
David Maloney f75ff8987c updated all my authour refs to use an alias 2012-09-19 21:46:14 -05:00
dcbz f5df7e0e8a Added 2 payload modules (reverse and bind tcp shells) 2012-09-19 16:59:26 -05:00
Tod Beardsley 4362854a43 Merge remote branch 'upstream/master' 2012-09-19 16:26:56 -05:00
kernelsmith f1a39c76ed update to ie_execcommand_uaf's info to add ROP info
This module requires the following dependencies on the target for the
ROP chain to function.  For WinXP SP3 with IE8, msvcrt must be present
(which it is on default installs).  For Vista/Win7 with IE8 or Win7
with IE9, ire 1.6.x or below must be installed.
2012-09-19 14:10:02 -05:00
Tod Beardsley c19e9a8053 Merge remote branch 'rcvalle/rcvalle-update-author-information'
Resolved the conflict by accepting Ramon's preferred alias of his name.

[Closes #806]

Conflicts:
	lib/msf/core/module/author.rb
2012-09-19 12:29:53 -05:00
Ramon de C Valle 11f82de098 Update author information 2012-09-19 14:00:51 -03:00
Tod Beardsley a4eb75a5a7 Updating ramon's alias
If I'm missing something here, please reopen, but this should have the
intended effect.

[Closes #805]
2012-09-19 11:45:36 -05:00
sinn3r cc8102434a CVE assigned for the IE '0day' 2012-09-18 16:13:27 -05:00
Tod Beardsley 25475ffc93 Msftidy fixes.
Whitespace on ie_execcommand_uaf, and skipping a known-weird caps check
on a particular software name.
2012-09-18 11:25:00 -05:00
jvennix-r7 972c5957a9 Merge pull request #798 from rapid7/bump-rails-gemcache
Bump rails-related gem versions to 3.2.8.
2012-09-18 08:11:34 -07:00
jvazquez-r7 8b251b053e initializing msghdr a little better 2012-09-18 12:12:27 +02:00
jvazquez-r7 16c5df46fc fix while testing ubuntu intrepid 2012-09-18 11:52:50 +02:00
sinn3r 5fbc4b836a Add Microsoft advisory 2012-09-17 22:13:57 -05:00
joe 4d63218c08 Bump rails-related gem versions to 3.2.8. 2012-09-17 14:15:14 -05:00
Tod Beardsley 75bbd1c48d Being slightly more clear on Browser Not Supported
With this and the rest of sinn3r's fixes, it looks like we can close the
Redmine bug.

[FixRM #7242]
2012-09-17 11:16:19 -05:00
sinn3r d77ab9d8bd Fix URIPATH and nil target
Allow random and '/' as URIPATh, also refuse serving the exploit
when the browser is unknown.
2012-09-17 10:54:12 -05:00
Tod Beardsley 48a46f3b94 Pack / Unpack should be V not L
Packing or unpacking to/from L, I, or S as pack types will cause
problems on big-endian builds of Metasloit, and are best avoided.
2012-09-17 09:52:43 -05:00
Tod Beardsley d77efd587a Merge remote branch 'wchen-r7/ie_0day_execcommand' 2012-09-17 08:48:22 -05:00
sinn3r 5eaefcf4c7 This is the right one, I promise 2012-09-17 08:41:25 -05:00
sinn3r 8f50a167bd This is the right module 2012-09-17 08:36:04 -05:00
sinn3r e43cae70a7 Add IE 0day exploiting the execcommand uaf 2012-09-17 08:28:33 -05:00
Tod Beardsley c83b49ad58 Unix linefeeds, not windows
That's what I get for just committing willy-nilly with a fresh install
of Gvim for Windows.

Also, this is an experiment to see if linefeeds are being respected in
this editor Window. I doubt it will be, given GitHub's resistence to
50/72 as a sensible default.
2012-09-16 18:10:35 -05:00