infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
19,997 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

19997 Commits (8efe2d9206e3d46b164c92d8bcd6b89d9b57c4e6)

Author SHA1 Message Date
jvazquez-r7 ad214da3de Switch to powershell to exec payload 2013-08-23 14:39:29 -05:00
jvazquez-r7 9aba91a819 Land #2275, @Ruslaideemin's badchars improve for intrasrv_bof 2013-08-23 08:51:33 -05:00
jvazquez-r7 a45f49e3b7 Use a new Ranking 2013-08-23 08:49:58 -05:00
jvazquez-r7 ff6ad30be0 Add module for ZDI-13-006 2013-08-22 18:15:35 -05:00
Brandon Turner cd45c77080 Fix a few database leaks 
All database access should be wrapped in with_connection blocks.

To avoid breaking git blame with a bunch of whitespace, I outdented
the with_connection blocks as seems to be common in db.rb.

[Story #55586616]
 2013-08-21 18:53:17 -05:00
Brandon Turner c0700673e7 Fix SessionManager database leak 
All database access should be wrapped in with_connection blocks.

Much of this commit is whitespace.  It may help to view it with
--ignore-all-space or the w=0 parameter on GitHub.

[Story #55586616]
 2013-08-21 17:34:25 -05:00
jvazquez-r7 965e2d88fe Use normalize_uri 2013-08-21 16:49:24 -05:00
jvazquez-r7 b72566b8aa Add module for ZDI-13-190 2013-08-21 12:47:47 -05:00
sinn3r 50e7d8015a Validate datastore option "YEAR" 
The YEAR option is a numeric value, so should be OptInt in order to
go through validation.

[FixRM #8345]
[FixRM #8344]
 2013-08-21 01:38:16 -05:00
sinn3r 89753a6390 Fix undefined method error 
[FixRM #8323]
 2013-08-21 01:22:27 -05:00
sinn3r 92752de651 Fix undefined method error 
[FixRM #8324]
 2013-08-21 01:20:57 -05:00
sinn3r 77942f0d29 Fix undefined method error 
[FixRM #8325]
 2013-08-21 01:20:03 -05:00
sinn3r 2fa75e0133 Fix undefined method error 
[FixRM #8325]
 2013-08-21 01:16:49 -05:00
sinn3r be29e44788 Fix undefined method error 
[FixRM #8328]
 2013-08-21 01:15:07 -05:00
sinn3r ae8c40c8f7 Fix undefined method error 
[FixRM #8329]
 2013-08-21 01:10:46 -05:00
sinn3r 42a7766f1b Fix undefined method error 
[FixRM #8330]
 2013-08-21 01:09:24 -05:00
sinn3r 0f85fa21b4 Fix undefined method error 
[FixRM #8331]
 2013-08-21 01:08:19 -05:00
sinn3r 8eeb66f96d Fix undefined method error 
[FixRM #8332]
 2013-08-21 01:06:54 -05:00
sinn3r 785f633d1d Fix undefined method error 
[FixRM #8334]
[FixRM #8333]
 2013-08-21 01:01:53 -05:00
sinn3r 0561928b92 Fix undefined method error 
[FixRM #8336]
 2013-08-21 00:54:08 -05:00
sinn3r 2597c71831 Fix undefined method error 
[FixRM #8338]
[FixRM #8337]
 2013-08-21 00:52:33 -05:00
sinn3r 092b43cbfa Fix undefined method error 
[FixRM #8339]
 2013-08-21 00:50:37 -05:00
sinn3r 32a190f1bd Fix undefined method error 
[FixRM #8340]
 2013-08-21 00:49:13 -05:00
sinn3r 217d89fa7c Fix undefined method error 
[FixRM #8341]
 2013-08-21 00:47:31 -05:00
sinn3r 3a271e7cc7 Fix undefined method error 
[FixRM #8342]
 2013-08-21 00:45:48 -05:00
sinn3r 8806e76e4d Fix undefined method error 
[FixRM #8343]
 2013-08-21 00:44:10 -05:00
sinn3r 37eaa62096 Fix undefined method error 
[FixRM #8346]
 2013-08-21 00:42:33 -05:00
sinn3r 9ca7a727e1 Fix undefined method error 
[FixRM #8347]
 2013-08-21 00:41:49 -05:00
sinn3r 5993cbe3a8 Fix undefined method error 
[FixRM #8348]
 2013-08-21 00:40:38 -05:00
sinn3r 9f98d4afe6 Fix undefined method error 
[FixRM #8349]
 2013-08-21 00:38:35 -05:00
sinn3r 35b15b6809 Fix undefined method error 
[FixRM #8322]
 2013-08-21 00:37:22 -05:00
sinn3r ea78e8309d Fix undefined method error 
[FixRM #8350]
 2013-08-21 00:35:36 -05:00
jvazquez-r7 fe089030d4 Land #2257, @wchen-r7's patch for [SeeRM #8317] 2013-08-20 13:43:37 -05:00
jvazquez-r7 ceb0f56f42 Land #2258, @wchen-r7's patch for [SeeRM #8318] 2013-08-20 13:26:34 -05:00
sinn3r 1702cf2af9 Use TARGETURI 2013-08-20 13:23:32 -05:00
jvazquez-r7 3ac59fede7 Land #2251, @wchen-r7's patch to use OptRegexp 2013-08-20 12:55:30 -05:00
sinn3r 202b31d869 Better fix based on feedback 
Tell daddy how you want it.
 2013-08-20 12:52:04 -05:00
jvazquez-r7 6cf0cc78e9 Land #2261, @CharlieEriksen's exploit for CVE-2013-5093 2013-08-20 12:03:00 -05:00
jvazquez-r7 42f774a064 Fix check method 2013-08-20 12:02:09 -05:00
Charlie Eriksen 533d98bd1b Adding module for CVE 2013-5093, Graphite Web Exploit 2013-08-20 12:56:30 -04:00
jvazquez-r7 546c523ed8 Land #2252, @wchen-r7's patch for print_line vs print 2013-08-20 11:17:38 -05:00
jvazquez-r7 8adc4f05dd Land #2250, @wchen-r7's clean up for mssql_ping 2013-08-20 10:38:01 -05:00
jvazquez-r7 586ae8ded3 Land #2249, @wchen-r7's patch for [SeeRM #8314] 2013-08-20 10:32:47 -05:00
jvazquez-r7 277fc69a19 Land #2246, @wchen-r7's patch for [SeeRM #8313] 2013-08-20 10:15:15 -05:00
sinn3r f148eb4715 Land #2255 - Fix fail_with() 2013-08-20 01:28:21 -05:00
sinn3r 7e1a14ff08 Land #2254 - Fix TypeError can't convert nil into String 
This fixes TypeError can't convert nil into String errors.
 2013-08-20 01:25:09 -05:00
sinn3r f68d581b7a [FixRM #8319] - Properly disable BLANK_PASSWORDS for ektron_cms400net 
In module ektron_cms400net.rb, datastore option "BLANK_PASSWORDS" is
set to false by default, because according to the original author, a
blank password will result in account lockouts. Since the user should
never set "BLANK_PASSWORDS" to true, this option should never be
presented as an option (when issuing the "show options").

While fixing #8319, I also noticed another bug at line 108, where
res.code is used when res could be nil due to a timeout, so I ended
up fixing it, too.
 2013-08-20 01:20:52 -05:00
jvazquez-r7 4790d8de50 Land #2256, @wchen-r7's patch for [FixRM #8316] 2013-08-19 23:23:57 -05:00
sinn3r 246c2d82f9 [FixRM #8318] - Use normalize_uri properly 
normalize_uri should be used when paths are being merged, not after.
 2013-08-19 18:04:12 -05:00
sinn3r 3c27520e10 [FixRM #8317] - Fix possible double slash in file path 
It is possible to have a double slash in the base path, shouldn't
happen.
 2013-08-19 17:55:14 -05:00