infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
34,194 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

8473 Commits (89d283da0971c55f1f352ba33ad5562d8f7f5c9b)

Author SHA1 Message Date
jvazquez-r7 3b9ba189f7
Add CVE-2015-3043 information 2015-07-01 19:56:35 -05:00
wchen-r7 32d5e7f3de
Land #5642, Adobe Flash CVE-2015-3113 Nellymoser Audio Decoding BOF 2015-07-01 18:44:38 -05:00
wchen-r7 93c74efb97 Add Ubuntu as a tested target 2015-07-01 18:43:22 -05:00
jvazquez-r7 ee118aa89d
Fix description 2015-07-01 13:30:22 -05:00
jvazquez-r7 1de94a6865
Add module for CVE-2015-3113 2015-07-01 13:13:57 -05:00
William Vu 3632cc44c5 Fix nil error when target not found 2015-06-30 11:48:41 -05:00
William Vu 326bec0a1f
Land #5581, s/shell_command_token/cmd_exec/ 2015-06-26 16:59:40 -05:00
jvazquez-r7 a10fa02b00
Land #5606, @wchen-r7's glassfish fixes 2015-06-26 14:12:50 -05:00
wchen-r7 3b5e2a0c6e Use TARGETURI 2015-06-26 14:02:17 -05:00
wchen-r7 b46e1be22f
Land #5371, Add file checking to the on_new_session cleanup 2015-06-26 13:33:57 -05:00
Tod Beardsley 31eedbcfa0
Minor cleanups on recent modules 
Edited modules/auxiliary/scanner/http/ms15_034_http_sys_memory_dump.rb
first landed in #5577, MS15-034 HTTP.SYS Information Disclosure

Edited modules/exploits/multi/browser/adobe_flash_shader_drawing_fill.rb
first landed in #5605, CVE-2015-3105 flash exploit

Edited modules/exploits/multi/browser/adobe_flash_shader_job_overflow.rb
first landed in #5559, Adobe Flash Player ShaderJob Buffer Overflow

Edited modules/auxiliary/test/report_auth_info.rb first landed in #5540,
@wchen-r7's changes for multiple auxiliary modules to use the new cred
API
 2015-06-26 12:18:33 -05:00
jvazquez-r7 7ccc86d338
Use cmd_exec 2015-06-26 11:54:19 -05:00
jvazquez-r7 31b7ef49d6
Solve conficts 2015-06-26 11:36:17 -05:00
wchen-r7 c70e38a14e Do more reporting 2015-06-25 22:39:56 -05:00
wchen-r7 5ef4cc2bb4 Save creds 2015-06-25 17:10:20 -05:00
wchen-r7 1a371b11b0 Update description 2015-06-25 17:04:31 -05:00
jvazquez-r7 ee0377ca16
Add module for CVE-2015-3105 2015-06-25 13:35:01 -05:00
wchen-r7 c330d10403 Make SSL as a basic option 
Also:

Fix #5558
 2015-06-25 02:06:51 -05:00
wchen-r7 5c98da05fb This works for Glassfish 4.0 & 9.1 2015-06-25 01:58:24 -05:00
wchen-r7 c826785ebb Fix auth bypass 2015-06-24 19:49:04 -05:00
wchen-r7 8e4fa80728 This looks good so far 2015-06-24 19:30:02 -05:00
Spencer McIntyre 2206a6af73 Support older targets x86 for MS15-051 2015-06-25 09:33:15 +10:00
William Vu a149fb5710
Land #5554, @g0tmi1k's persistence improvements 
age aborts
age aborts
 2015-06-24 14:37:25 -05:00
William Vu e7e8135acd Clean up module 2015-06-24 14:35:10 -05:00
wchen-r7 380af29482 Progress? 2015-06-24 14:17:45 -05:00
wchen-r7 6046994138 version does not return nil 2015-06-23 10:31:01 -05:00
wchen-r7 dedfca163d Change check() 2015-06-22 15:05:12 -05:00
jvazquez-r7 784be06b6f
Update nmap 
* Use cmd_exec
 2015-06-22 14:20:02 -05:00
jvazquez-r7 d98d2ffd4d
Update setuid_viscosity 
* Use cmd_exec
 2015-06-22 14:04:04 -05:00
jvazquez-r7 60bdc10aed
Update setuid_tunnelblick 
* Use cmd_exec
 2015-06-22 13:57:33 -05:00
jvazquez-r7 6a00ce62de Update persistence module 
* Delete unused method
 2015-06-22 12:25:00 -05:00
OJ 3686accadd
Merge branch 'upstream/master' into cve-2015-1701 2015-06-22 07:52:17 +10:00
Spencer McIntyre efece12b40 Minor clean ups for ruby strings and check method 2015-06-21 16:07:44 -04:00
jvazquez-r7 74bc9f7a91
Land #5529, @omarix's Windows 2003 SP1 & SP2 French targets for MS08-067 2015-06-19 16:57:07 -05:00
jvazquez-r7 61ad4ada7d
Delete commas 2015-06-19 16:03:16 -05:00
William Vu 2587595a92
Land #5556, vprint_status fix 2015-06-19 11:24:54 -05:00
William Vu b994801172 Revert auto tab replacement 2015-06-19 11:22:40 -05:00
jvazquez-r7 6ec8488929
Land #5560, @wchen-r7 Changes ExcellentRanking to GoodRanking for MS14-064 2015-06-19 11:15:41 -05:00
wchen-r7 15985e8b4f
Land #5559, Adobe Flash Player ShaderJob Buffer Overflow 2015-06-19 10:38:05 -05:00
jvazquez-r7 c95b3bb31d
Land #5479, @wchen-r7 Updates kloxo_sqli to use the new cred API 2015-06-19 10:32:21 -05:00
jvazquez-r7 c2f0973ed0
Report attempt_time 2015-06-19 10:31:50 -05:00
jvazquez-r7 1c357e6b3c
Land #5478, @wchen-r7 Updates ca_arcserve_rpc_authbypass to use the new cred API 2015-06-19 10:21:14 -05:00
jvazquez-r7 0f17f622c3
Report last_attempted_at 2015-06-19 10:20:47 -05:00
jvazquez-r7 357a3929a3
Trying to report more accurate status 2015-06-19 09:51:36 -05:00
wchen-r7 7e91121afc Change to Metasploit::Model::Login::Status::SUCCESSFUL 2015-06-18 23:44:45 -05:00
wchen-r7 fb9ad663f7 Change to Metasploit::Model::Login::Status::SUCCESSFUL 2015-06-18 23:42:16 -05:00
g0tmi1k 0b55a889d3 persistence - better ruby/msf fu 2015-06-18 21:10:16 +01:00
Tod Beardsley afcb016814
Minor description fixups. 
Edited modules/exploits/multi/browser/adobe_flash_pixel_bender_bof.rb
first landed in #5524, adobe_flash_pixel_bender_bof in flash renderer .
Removed ASCII bullets since those rarely render correctly.

Edited modules/exploits/unix/webapp/wp_frontend_editor_file_upload.rb
first landed in #5252, @espreto's module for WordPress Front-end Editor
File Upload Vuln . Fixed up some language usage, camel-cased "WordPress."
 2015-06-18 13:25:39 -05:00
wchen-r7 13a3f2781d Change ExcellentRanking to GoodRanking for MS14-064 
The ms14_064_ole_code_execution exploit's ranking is being lowered
to GoodRanking because of these two reasons:

1. The vulnerable component isn't in Internet Explorer. And BES can't
   check it so the exploit still fires even if the target is patched.
2. Although rare, we've seen the exploit crashing IE, and since this
   is a memory curruption type of bug, it should not be in Excellent
   ranking anyway.
 2015-06-18 13:07:44 -05:00
jvazquez-r7 de1542e589
Add module for CVE-2015-3090 2015-06-18 12:36:14 -05:00