Commit Graph

11437 Commits (8315709fb6a5e88a72f28014195429aeee68f8ed)

Author SHA1 Message Date
HD Moore 8315709fb6 Correct typo and set the disclosure date 2012-01-04 19:46:56 -06:00
Tod Beardsley 7b692aa0b9 Adding references to vss modules. 2012-01-04 12:10:03 -06:00
Tod Beardsley 164c80d496 Adding a comment doc to the shadowcopy lib.
Citing Tim Tomes and Mark Baggett
2012-01-04 12:03:13 -06:00
sinn3r 8cced0a91e Add CVE-2011-2462 Adobe Reader U3D exploit 2012-01-04 03:49:49 -06:00
sinn3r c122ec34bc Add default SSH credential for Op5 system CenOS VM image 2012-01-03 15:13:35 -06:00
David Maloney 12221b0433 UAC will disrupt these modules
Added checks for UAC.
UAC must be bypassed before using these modules.
2012-01-03 12:07:38 -08:00
Jonathan Cran 166e3f45d6 Merge branch 'release/20111227000001' 2012-01-03 11:56:55 -06:00
Tod Beardsley 904297ee35 Merge pull request #91 from jduck/master
Stack trace fix when mytarget is nil, actually populate the agent variable.
2012-01-02 09:26:05 -08:00
Joshua J. Drake 958ffe6e1d Fix stack trace from unknown agents 2012-01-02 03:41:49 -06:00
HD Moore 7448ab4780 Merge pull request #90 from swtornio/master
add osvdb ref
2012-01-01 10:25:21 -08:00
Steve Tornio 7bfdc9eff4 add osvdb ref 2012-01-01 09:10:10 -06:00
James Lee 4cd329a943 Spawn the payload as a seperate process
Running the payload using system() in a thread was causing some weird
interactions with ctrl-c. Fix those issues by using Process.spawn and
Process.detach. I suspect this was the original cause of #3631, java
meterpreter sessions dying unaccountably.

See #3631
2011-12-31 12:11:34 -07:00
David Maloney dd0b07b2cc Adds mixin and post modules to manipulate Volume shadowcopy Service(VSS) 2011-12-30 15:03:04 -08:00
Joshua Smith 29b6d0d1e3 Adds previous, pushm, popm to msfconsole
Adds the ability to set and use a stack of modules, and to easily switch
between the last two modules used.

[Fixes #6165][Closes #84]
Squashed commit of the following:

commit e41e7f704888b1ce5ad5f23caeee1de13052e3d5
Author: Joshua Smith <kernelsmith@kernelsmith.com>
Date:   Mon Dec 26 15:52:08 2011 -0500

    pushm/popm working great, let me know if you find bugs

commit 23da8d56ea08ca196e649431e8188b4f29ba97b9
Author: Joshua Smith <kernelsmith@kernelsmith.com>
Date:   Mon Dec 26 14:37:18 2011 -0500

    Adds the 'previous' command to msfconsole which will load the previously active module as the currently active module, adds @previous_module as a class variable
2011-12-30 15:30:55 -06:00
James Lee 0fa0ceccb5 Merge branch 'master' of github-r7:rapid7/metasploit-framework 2011-12-30 10:55:48 -07:00
James Lee ba017773b2 Cleanup whitespace at EOL 2011-12-30 10:55:01 -07:00
sinn3r 23f2a189d7 Merge pull request #89 from rsmudge/armitage
Armitage 12.30.11
2011-12-30 08:21:04 -08:00
sinn3r d9db03dba6 Add CoCSoft StreamDown buffer overflow (Feature #6168; no CVE or OSVDB ref) 2011-12-30 10:16:29 -06:00
Raphael Mudge 3fae5ada9f Armitage 12.30.11 - This release improves performance for Armitage's collaboration mode, rewrites the MSF Scans feature,
and adds a drag'n'drop feature to launch a module against a particular host.
2011-12-30 03:14:43 -05:00
HD Moore 409970ec36 Merge pull request #88 from andurin/small_fixes
RPC Client exception handling
2011-12-29 22:13:35 -08:00
andurin 898df592be Fix2 rpc exception handling
HD suggested a small tweak to use error_code OR res.code for the raise
2011-12-30 07:05:26 +01:00
andurin 7b4de2380f Small fix: RPC client exception handling
IMHO rpc client should transform the error code from Msf::RPC::Exception
into it's own Msf::RPC::ServerException and should not take the msgpack
response code.

In deep:
I ran into a '401 invalid auth token' after a token timeout (300s).
RPC Daemon raised a 401 - invalid auth token as expected but rpc client
transformed it to a '200 - invalid auth token' using the successful http
transaction to transport the exception.
2011-12-30 05:44:26 +01:00
Tod Beardsley bc22b7de99 MSFConsole should display hostless loot, also typo fix.
Fixes the console to display loot not associated with a host, as when
the CorpWatch modules save loot. Also fixes a typo on
corpwatch_lookup_id.rb

Fixes #6177
2011-12-29 15:11:15 -06:00
Tod Beardsley 78da15ed15 Always check for the current workspace when calling Report#myworkspace().
Fixes #6175
2011-12-29 13:48:05 -06:00
sinn3r b202c29153 Correct e-mail format 2011-12-29 11:27:10 -06:00
sinn3r d484e18300 Add e-mail for tecr0c 2011-12-29 11:14:15 -06:00
sinn3r 9972f42953 Add e-mail for mr_me for consistency 2011-12-29 11:01:38 -06:00
sinn3r b5b2c57b9f Correct e-mail format 2011-12-29 10:57:00 -06:00
sinn3r a330a5c63a Add e-mail for Brandon 2011-12-29 10:53:39 -06:00
sinn3r 9b154972cf Merge branch 'master' of https://github.com/swtornio/metasploit-framework into swtornio-master 2011-12-29 09:36:15 -06:00
Tod Beardsley 4d8aea4ef8 Missed a session.options. 2011-12-29 08:59:16 -06:00
Steve Tornio 778d396bc6 add osvdb ref 2011-12-29 07:54:15 -06:00
Steve Tornio 6d72dbb609 add osvdb ref 2011-12-29 07:54:01 -06:00
Steve Tornio a00dad32fe Merge branch 'master' of git://github.com/rapid7/metasploit-framework 2011-12-29 07:50:33 -06:00
Steve Tornio 27d1601028 add osvdb ref 2011-12-29 07:49:16 -06:00
Tod Beardsley 84dfd46006 Merge pull request #83 from dirtyfilthy/rename_ssh_forward_options_var
rename non existent local variable 'options' to correct session.options
2011-12-28 13:52:28 -08:00
Brandon Perry c88b582f97 Add CorpWatch Name lookup module by bperry 2011-12-28 15:43:21 -06:00
Brandon Perry d896f128e5 Add CorpWatch ID Lookup module by bperry 2011-12-28 15:41:28 -06:00
Tod Beardsley dc1b9570b8 Grammar and spelling on splunk and oracle exploits 2011-12-28 13:44:44 -06:00
Tod Beardsley 65b4cb3a40 Merge branch 'master' of github_r7:rapid7/metasploit-framework 2011-12-28 13:43:16 -06:00
Tod Beardsley 0e3370f1fe Grammar and spelling on splunk and oracle exploits 2011-12-28 13:42:56 -06:00
David Maloney 5a860f45ef Fixed typo in validation routine 2011-12-28 12:10:38 -06:00
David Maloney 3bb2b5b7fd Fixed typo in validation routine 2011-12-28 09:40:36 -08:00
David Maloney 9e1e87508f Fix to boundary validation for when no db is present
Fixes #6171
2011-12-28 08:47:22 -08:00
HD Moore 5dc647a125 Make it clear that this exploit is for RHEL 3 (White Box 3 uses the same
packages)
2011-12-28 02:02:03 -06:00
HD Moore 5d67bd2a5e Phew. Exhaustive test of all i386 FreeBSD versions complete 2011-12-28 01:38:55 -06:00
HD Moore 1ff0cb2eef More testing - looks like 5.5 is not exploitable, at least not the same
way
2011-12-28 01:30:25 -06:00
HD Moore e071944a1a Allow ff in payloads but double them back up 2011-12-28 00:04:24 -06:00
HD Moore edb9843ef9 Add Linux exploit with one sample target (Whitebox Linux 3) 2011-12-28 00:00:10 -06:00
HD Moore 79103074cb Add credit for Dan's advice 2011-12-27 23:39:02 -06:00