infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
28,533 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

28533 Commits (8ddd6a465512d2fd9d8dbc871b37242849d631ff)

Author SHA1 Message Date
jvazquez-r7 8ddd6a4655 Redefine RPORT having into account it is builtin 2014-11-10 09:42:30 -06:00
jvazquez-r7 eb36a36272 Change title 2014-11-10 09:40:22 -06:00
Pedro Ribeiro b3c27452cd Add full disclosure URL 2014-11-09 10:40:41 +00:00
Pedro Ribeiro f680b666c7 Add github adv URL 2014-11-08 11:29:36 +00:00
Pedro Ribeiro 143033f657 Rename manageengine_pmp_sadmin.rb to manageengine_pmp_privesc.rb 2014-11-08 11:28:04 +00:00
Pedro Ribeiro 2843437ca9 Create exploit for CVE-2014-8499 2014-11-08 11:24:50 +00:00
Pedro Ribeiro 7d2d0aa166 Merge pull request #8 from rapid7/master 
bla
 2014-11-08 11:22:41 +00:00
William Vu a830c28012
Land #4151, downcase nil deref. fix 2014-11-07 11:43:22 -06:00
Jon Hart 2b7d25950b
Land #4148, @wchen-r7 fixed #4133 2014-11-07 08:26:29 -08:00
sinn3r e54442af36 Fix #4089 - undefined method `downcase' for nil:NilClass 2014-11-07 02:45:22 -06:00
sinn3r 0dbfecba36 Better method name 
Should be srvhost, not lhost
 2014-11-07 02:23:34 -06:00
Samuel Huckins 71a96f256b
Land #4149, readline adjustments 
* Windows guard, DRYing
 2014-11-07 00:09:48 -06:00
Joshua Smith 7b25e3be75
Land #4139, Visual Mining NetCharts 
landed after some touch up
 2014-11-06 22:52:41 -06:00
Joshua Smith 7510fb40aa touch up visual_mining_netcharts_upload 2014-11-06 22:50:20 -06:00
Joshua Smith 709ff1bbdb touch up lib/rex/mime/message.rb 2014-11-06 22:48:34 -06:00
Luke Imhoff f494a9f3da
Don't depend on 'rb-readline' on Windows 
MSP-11585

`rb-readline` gem doesn't work with Ruby Installer for 1.9.3 because of
`NoMethodError undefined method 'dlopen' for Fiddle:Module`.  Removing
`rb-readline` may be a temporary fix it if turns out that this is a bug
with rb-readline or some other upstream bug.
 2014-11-06 14:52:49 -06:00
Luke Imhoff 122928d952
Remove redundant rb-readline from Gemfile 
MSP-11585

The entry in the gemspec is sufficient.
 2014-11-06 14:51:10 -06:00
jvazquez-r7 64fe2dd7d6
Land #4143, @kernelsmith's get_custom_exe fix 
* Initializes the exe variable
* Fixes #4131
 2014-11-06 14:39:57 -06:00
sinn3r 579481e5f8 Explain why I did this 
Also tagging Fix #4133
 2014-11-06 14:25:11 -06:00
sinn3r f210ade253 Use SRVHOST for msvidctl_mpeg2 2014-11-06 14:23:21 -06:00
Joshua Smith b199820d23 init exe as nil instead of '' 2014-11-06 13:31:37 -06:00
jvazquez-r7 6e51d84371
Land #4138, @wchen-r7's reference cheking for module_reference.rb 
* Fixes #4039
 2014-11-06 10:51:29 -06:00
sinn3r f7e308cae8
Land #4110 - Citrix Netscaler BoF 2014-11-06 00:04:17 -06:00
Joshua Smith 861443d947
Land #4144, fix default template.pdf 2014-11-05 23:13:16 -06:00
sinn3r c2391bf011 Add an R in /Info for the trailer dictionary to make it readable 2014-11-05 22:28:37 -06:00
Joshua Smith 265c178c52 fixes #4131, EXE::Custom NameError 2014-11-05 22:10:54 -06:00
jvazquez-r7 54c1e13a98
Land #4140, @wchen-r7's default template for adobe_pdf_embedded_exe 
* Fixes #4134
* Adds a default PDF template
 2014-11-05 20:21:14 -06:00
jvazquez-r7 adefb2326e
Land #4124, @wchen-r7 fixes #4115 adding HTTP auth support to iis_webdav_upload_asp 2014-11-05 18:14:33 -06:00
Jon Hart 496c8fa47d
Land #4136, @todb-r7's fix to allow use of other ruby versions 
Only rbenv and rvm have been tested.

For rbenv:

  rbenv shell <VERSION>

For rvm:

  rvm --create --versions-conf use <VERSION>@metasploit-framework
 2014-11-05 15:27:53 -08:00
sinn3r 1b2554bc0d Add a default template for CVE-2010-1240 PDF exploit 2014-11-05 17:08:38 -06:00
Jon Hart 973c639c0e Add note about rbenv for rvm .versions.conf local override 2014-11-05 15:03:02 -08:00
jvazquez-r7 c833888c32 Just randomize 2014-11-05 15:53:06 -06:00
jvazquez-r7 79cabc6d68 Fix clean up 2014-11-05 15:46:33 -06:00
jvazquez-r7 c08993a9c0 Add module for ZDI-14-372 2014-11-05 15:31:20 -06:00
sinn3r 8da6e0bd5b Fix bugs 2014-11-05 15:26:00 -06:00
sinn3r 5b8d9e1221 Fix typo 2014-11-05 15:14:35 -06:00
sinn3r 98f5ebd475 Only show bad refs when using -c 2014-11-05 15:07:40 -06:00
Pedro Ribeiro 490d6d046b Merge pull request #6 from rapid7/master 
merge
 2014-11-05 20:10:42 +00:00
Tod Beardsley cca30b536f
Land #4094, fixes for OWA brute forcer 
Fixes #4083

Thanks TONS to @jhart-r7 for doing most of the work on this!
 2014-11-05 14:00:26 -06:00
Tod Beardsley a46839726e
Make OWA 2013 the default, other fixes 
Thanks @jhart-r7!

See rapid7#4083 and see rapid7#4094
 2014-11-05 13:56:37 -06:00
Tod Beardsley 6b0107190e
typo 2014-11-05 13:19:40 -06:00
Tod Beardsley 231d03bd3b
Allow for locally chosen rubies 
By ignoring .versions.conf, we can allow users pick their own versions
of ruby without having to jump through a bunch of hoops on keeping
.ruby-version straight between local and remote branches.
 2014-11-05 13:18:26 -06:00
jvazquez-r7 7ba705f23a Add some randomized variables to JSP Payloads 
Because the JASPER engine with Tomcat has been found
complaining about the out variable.
 2014-11-05 12:16:33 -06:00
jvazquez-r7 468b4a399a Fix Rex::MIME::Message specs 2014-11-05 11:43:55 -06:00
jvazquez-r7 741f99f118 Delete starting empty line 
When header is empty it shouldn't add an starting empty
new line
 2014-11-05 11:42:42 -06:00
sinn3r 3310342a95 Add save-as feature 
The tool produces A LOT OF results so it's really painful to manually
copy and paste and to be able to use the data. So it should automatically
save.

Tagging the issue here because I forgot to do it:
Fix #4039
 2014-11-05 10:58:41 -06:00
William Vu 40ee03ee63
Land #4126, rm Travis testing for 2.0 2014-11-05 10:18:57 -06:00
sinn3r f34ad57199 Check module references 2014-11-05 09:57:13 -06:00
Jon Hart ff8d481eec Update description to remove comments about defaults. Default to 2013 2014-11-04 21:21:19 -08:00
Jon Hart 2c028ca7a6 Move redirect check before body check -- a redirect won't have a body 2014-11-04 14:19:21 -08:00