infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
39,148 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

7222 Commits (87b27951cf307b0dbf7cb221422fc33cd8c3bdad)

Author SHA1 Message Date
Yorick Koster 87b27951cf Fixed some build errors 2016-08-09 20:46:49 +02:00
Yorick Koster 79a84fb320 Internet Explorer iframe sandbox local file name disclosure vulnerability 
It was found that Internet Explorer allows the disclosure of local file
names. This issue exists due to the fact that Internet Explorer behaves
different for file:// URLs pointing to existing and non-existent files.
When used in combination with HTML5 sandbox iframes it is possible to
use this behavior to find out if a local file exists. This technique
only works on Internet Explorer 10 & 11 since these support the HTML5
sandbox. Also it is not possible to do this from a regular website as
file:// URLs are blocked all together. The attack must be performed
locally (works with Internet zone Mark of the Web) or from a share.
 2016-08-09 20:35:42 +02:00
wchen-r7 de16a6d536
Land #7182, Nuuo / Netgear Surveillance admin password reset module 2016-08-08 16:10:30 -05:00
Pedro Ribeiro 7ca7682d17 Fix whitespace error from msftidy 2016-08-08 17:57:03 +01:00
Pedro Ribeiro 106f26587e Add bugtraq reference 2016-08-05 21:52:46 +01:00
Pedro Ribeiro 036d0502db Add github link 2016-08-04 17:38:45 +01:00
Pedro Ribeiro ec67db03f1 add exploit for CVE 2016-5676 2016-08-04 16:56:16 +01:00
Jon Hart 554a0c5ad7
Deprecate nbname_probe, which duplicate nbname as of 77cd6dbc8b 2016-08-02 17:36:22 -07:00
William Vu e699d3f05b Fix empty output in nbns_response 
Normally, the module prints nothing unless VERBOSE is true. In practice,
we at least want to see responded-to hosts. We leave details to be
printed when VERBOSE is set.
 2016-07-31 09:47:19 -07:00
wchen-r7 cce1ae6026 Fix #6989, scanner modules printing RHOST in progress messages 
Fix #6989
 2016-07-25 23:15:59 -05:00
James Lee ff63e6e05a
Land #7018, unvendor net-ssh 2016-07-19 17:06:35 -05:00
Brent Cook b08d1ad8d8
Revert "Land #6812, remove broken OSVDB references" 
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
 2016-07-15 12:00:31 -05:00
David Maloney b6b52952f4
set ssh to non-interactive 
have to set the non-interactive flag so that it does not
prompt the user on an incorrect password

MS-1688
 2016-07-14 11:12:03 -05:00
David Maloney 01d0d1702b
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup 2016-07-14 09:48:28 -05:00
thao doan 9862a2fc25 Land #7080, Updated docs and made enhancements for Netgear soap password extractor 2016-07-13 14:30:46 -07:00
Brent Cook 2b016e0216
Land #6812, remove broken OSVDB references 2016-07-11 22:59:11 -05:00
Brent Cook 627fffdb08
Land #7089, correct usage of OptPort and OptRegex 2016-07-11 22:13:27 -05:00
Brent Cook 128f802928 use the regex source when generating or displaying a regex 2016-07-11 22:05:50 -05:00
Brendan 963437d5e7
Land #7063, Add module for WebNMS 5.2 Arbitrary File Download 2016-07-11 10:05:21 -07:00
Brendan c2a5da08af
Land #7064, Add moule to steal creds from WebNMS 5.2 2016-07-11 06:38:50 -07:00
h00die fdce5bc30c add disclosure date 2016-07-09 09:30:00 -04:00
Brendan bbe4162320 Added error checking and some suggested style changes 2016-07-08 08:27:56 -07:00
Brendan 09dcd1dade Added version check and error handling, changed regex to ruby syntax. 
Also made a few syntax changes to placate rubocop.
 2016-07-07 10:35:18 -07:00
h00die 892f354ece give me some credit 2016-07-06 21:39:45 -04:00
h00die 47cf6d5edf better docs, extract more data 2016-07-06 21:28:57 -04:00
James Lee 1164c025a2 Revert "Land #7009, egypt's rubyntlm cleanup" 
This reverts commit d90f0779f8, reversing
changes made to e3e360cc83.
 2016-07-05 15:22:44 -05:00
David Maloney 5f9f3259f8
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup 2016-07-05 10:48:38 -05:00
Brent Cook 54dfcee665
Land #7055, add netgear_soap_password_extractor docs 2016-07-04 23:59:10 -05:00
Pedro Ribeiro ec4769fade Create exploit for WebNMS credential disclosure 2016-07-04 21:15:15 +01:00
Pedro Ribeiro 05ef5316df Create exploit for WebNMS arbitrary file download 2016-07-04 21:10:14 +01:00
h00die 844c13dc17 added new vuln device to netgear list, plus docs 2016-07-01 18:32:30 -04:00
Pearce Barry 159446ce92 Ensure http_login scanner module saves passwds. 
Fixes #6983.  When the auxiliary/scanner/http/http_login module discovers a successful basic auth user+password combination, make sure we properly store the password by specifically telling the credentials gem that the private data we're storing is a :password.
 2016-06-30 16:58:39 -05:00
David Maloney 3d93c55174
move sshfactory into a mixin method 
use a convience method to DRY up creation
of the SSHFactory inside modules. This will make it easier
to apply changes as needed in future. Also changed msframework attr
to just framework as per our normal convention

MS-1688
 2016-06-28 15:23:12 -05:00
James Lee 4e63591ce8
Use the proper Author key, not Authors 2016-06-28 15:21:19 -05:00
David Maloney ee2d1d4fdc
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup 2016-06-28 15:00:35 -05:00
David Maloney 97f9ca4028
Merge branch 'master' into egypt/ruby-ntlm 2016-06-28 14:14:56 -05:00
David Maloney 409e26351b
remove test module 
sponge left in patient
 2016-06-24 15:12:47 -05:00
David Maloney 6c3871bd0c
update ssh modules to use new SSHFactory 
updated all of our SSh based module to use the
new SSHFactory class to plug Rex::Sockets into
Net::SSH

MS-1688
 2016-06-24 13:55:28 -05:00
David Maloney 5bc513d6cd
get ssh sessions working properly 
ssh sessions now working correctly

MD-1688
 2016-06-24 12:14:48 -05:00
wchen-r7 9f280d714e
Land #6994, NetBIOS Name Brute Force Spoofing modules 2016-06-23 17:54:51 -05:00
wchen-r7 048741660c
Land #6980, Add ClamAV Remote Command Transmitter 2016-06-22 15:50:45 -05:00
David Maloney 3e94abe555
put net:ssh::commandstream back 
this was apparently our own creation for doing
ssh sessions

MD-1688
 2016-06-22 15:02:36 -05:00
David Maloney 6072697126
continued 2016-06-22 14:54:00 -05:00
David Maloney 140621ad9b
start to move to canonical net-ssh 
removed vendored net::ssh
pulled in net:ssh gem
made Rex::Socket::SSHFactory clas to bridge rex sockets in
Renamed getpeername to getpeername-as_array to not override
core socket behaviour

MS-1688
 2016-06-22 14:52:33 -05:00
James Lee 07f7e5e148
Convert non-loginscanner MSSQL to rubyntlm 2016-06-22 10:15:22 -05:00
William Webb 3f9d0630ce Merge remote-tracking branch 'upstream/pr/6955' into land-6955 2016-06-20 13:14:37 -05:00
William Webb c816af1e4d Merge remote-tracking branch 'upstream/pr/6955' into land-6955 2016-06-20 12:00:19 -05:00
HD Moore 856a4c7684 Reference BadTunnel (appropriate for the nat module) 2016-06-19 20:50:12 -05:00
HD Moore a84614f2c0 Whitespace only 2016-06-19 18:44:32 -05:00
HD Moore ce7c6496dd Rework to clarify that this a brute force spoof, unrelated to BadTunnel 2016-06-19 13:36:39 -05:00