infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
21,452 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

1450 Commits (8f6917a1171fec5de3adc5cf219ca6ff9fe8d8d0)

Author SHA1 Message Date
OJ 3cdddb8ff3
New meterpreter binaries for ip resolv feature 
* New meterpreter binaries that include the IP resolve feature.
* Updated .gitignore to correctly match pivot file name.
 2013-09-21 07:12:40 +10:00
Meatballs 11bdf5d332 New pull 2013-09-19 19:57:38 +01:00
James Lee dc9246a770 New compiled bins for shiny vs2012 build 
* Fixes x64 sniffer [FixRM #8364]
 2013-09-17 18:11:13 -05:00
James Lee 21055f6856 Add x86 to meterpreter's binary suffix 
This makes x86 more consistent with x64.

Also replaces a bunch of instances of:
  File.join(Msf::Config.install_root, 'data', ...)
with the simpler
  File.join(Msf::Config.data_directory, ...)

[See rapid7/meterpreter#19]
 2013-09-16 21:52:04 -05:00
jvazquez-r7 299860b09d Land #2329, @kaospunk auxiliary module to enumerate ntlm info 2013-09-16 08:16:30 -05:00
James Lee 705e262061 Non-broken compiled bins for meterpreter/#14 
Somehow built bins with fatal linker errors last time. These seem to be
solid.

[SeeRM #8361]
 2013-09-12 23:36:05 -05:00
James Lee 9dae838422 New compiled bins for meterpreter/#14 
Should fix the flakiness of migrataion on 64-bit systems.

[FixRM #8361]
 2013-09-12 22:34:31 -05:00
Spencer McIntyre e3e2c69de1 Fix additional issues in the python meterpreter. 2013-09-10 15:06:33 -04:00
Tab Assassin 48cf2af685 Merge for retab 2013-09-05 16:16:00 -05:00
Tab Assassin 760943af2f Merge for retab 2013-09-05 13:02:51 -05:00
kaospunk 533643fe2c Host Information Enumeration via NTLM Authentication 
This aux module makes requests to resources on the target server in
an attempt to find resources which permit NTLM authentication. For
resources which permit NTLM authentication a blank NTLM type 1 message
is sent to enumerate a a type 2 message from the target server. The type
2 message is then parsed for information such as the Active Directory
domain and NetBIOS name.

The user can provide their own TARGETURIS file which contains URIs
to request to attempt to get a 401 with NTLM. This PR also includes
a list of URLs that can be used as the default.
 2013-09-04 21:39:02 -04:00
jvazquez-r7 94125a434b Add module for ZDI-13-205 2013-09-04 15:57:22 -05:00
Spencer McIntyre d84939c83b Fixes three minor issues in the python meterpreter. 2013-08-30 15:31:40 -04:00
Meatballs 1ea3d91f48 Lands #2244 Python Meterpreter 
[Closes #2244]
 2013-08-30 14:33:35 +01:00
Meatballs 53c3f6b2db Deconflict 2013-08-30 10:52:42 +01:00
James Lee eba6762977 Land #2270, Util::EXE refactor 
With a minor rebase to fix a commit message

[Closes #2270]

Conflicts:
	spec/support/shared/contexts/msf/util/exe.rb
 2013-08-28 21:49:59 -05:00
shellster ee9b1ef8e0 Greatly shortened to_mem_old.ps1.template by using [Math]::max. 
Added necessary end of line conversion in lib/msf/util/exe.rb so
that Powershell will parse multiline strings.
 2013-08-28 21:39:42 -05:00
James Lee 9f04fa6ab4 Add metsrv.dll updates for proxy support 
See #1033, #2014, and meterpreter/#12
 2013-08-28 21:18:59 -05:00
Spencer McIntyre f490277c6d Always os.fork() when available. 2013-08-28 17:19:49 -04:00
Meatballs 96c093dce0 Fix Exploit::Exe 2013-08-25 19:56:29 +01:00
Meatballs 66ee15f461 Merge and deconflict 2013-08-25 19:14:15 +01:00
Meatballs cf5ddfeebf Some war fixes 2013-08-23 18:59:48 +01:00
Meatballs dfc606fe56 Slightly saner filenames 2013-08-23 18:06:48 +01:00
Meatballs 41b1b30438 vba transform 2013-08-23 18:00:19 +01:00
Meatballs cd83077bec Fix vba_exe 2013-08-23 17:42:46 +01:00
Meatballs 4d21b06f4f Aspx uses transform 2013-08-23 17:22:33 +01:00
Meatballs 1cb1afa50a Fix aspx 2013-08-23 17:09:51 +01:00
Meatballs dd13a7e48f Working .asp 2013-08-23 16:55:07 +01:00
Meatballs 7370fc3f4e vbs transform 2013-08-23 16:26:03 +01:00
Meatballs 5040347521 Fix psh and add powershell transform 2013-08-23 15:59:19 +01:00
Meatballs 418505adc9 Fix psh-net 2013-08-23 15:21:26 +01:00
Meatballs cfd6c66ffd Fix VBS 2013-08-23 14:35:19 +01:00
shellster 86a83391fd Merge remote-tracking branch 'upstream/master' 2013-08-21 16:16:20 -07:00
Shelby Spencer c2cf822013 Commit adding the template scripts. 2013-08-20 16:52:58 -07:00
Spencer McIntyre e276b57ee7 Merge remote-tracking branch 'upstream/master' into python-meterpreter-dev 2013-08-19 08:37:12 -04:00
jvazquez-r7 795ad70eab Change directory names 2013-08-15 22:52:42 -05:00
jvazquez-r7 cc5804f5f3 Add Port for OSVDB 96277 2013-08-15 18:34:51 -05:00
Spencer McIntyre 71285f395d Sort import statements alphabetically. 2013-08-15 09:27:13 -04:00
Spencer McIntyre fcf2d4bf19 Remove debug print and fix channel additions. 2013-08-13 12:50:52 -04:00
Spencer McIntyre fdc9312272 Add process enumeration via PS for OSX. 2013-08-12 16:38:15 -04:00
Spencer McIntyre dd2438dd1e Improve process execution on Linux. 2013-08-09 10:39:19 -04:00
Spencer McIntyre 3fb4c2d27c Add Windows registry manipulation support. 2013-08-09 08:39:05 -04:00
Spencer McIntyre f3f4290783 Add process enumeration for windows. 2013-08-06 22:33:43 -04:00
Spencer McIntyre 2d69174c5b Initial commit of the python meterpreter. 2013-08-05 23:38:49 -04:00
Tod Beardsley 9f5f191a6b Add Main.swf from 593363c 2013-07-29 21:53:40 -05:00
jvazquez-r7 c7361043ae up to date 2013-07-17 11:47:06 -05:00
jvazquez-r7 11f8b351c0 Merge branch 'nvidia' of https://github.com/Meatballs1/metasploit-framework 2013-07-17 11:44:42 -05:00
Meatballs 22601e6cc7 Exit process when complete 2013-07-06 09:27:27 +01:00
Meatballs 66c2b79177 Initial commit 2013-07-05 19:48:27 +01:00
jvazquez-r7 4ac5261802 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-02 11:20:26 -05:00
jvazquez-r7 2ceb404f7d Land #2047, @hmoore-r7 ipmi related work 2013-07-02 11:13:25 -05:00
jvazquez-r7 72f19181d1 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-01 16:38:19 -05:00
HD Moore 1e21f0e2aa Updated output formats, top 1000 passwords 2013-06-29 22:01:25 -05:00
jvazquez-r7 a4d353fcb3 Clean a little more the VS project 2013-06-29 15:15:27 -05:00
jvazquez-r7 6878534d4b Clean Visual Studio Project 2013-06-29 09:20:40 -05:00
jvazquez-r7 7725937461 Add Module for cve-2013-3660 2013-06-28 18:18:21 -05:00
HD Moore f0db04c2a6 Updates to common password db 2013-06-28 10:47:14 -05:00
jvazquez-r7 3c1af8217b Land #2011, @matthiaskaiser's exploit for cve-2013-2460 2013-06-26 14:35:22 -05:00
jvazquez-r7 81a2d9d1d5 Merge branch 'module_java_jre17_provider_skeleton' of https://github.com/matthiaskaiser/metasploit-framework 2013-06-26 14:32:59 -05:00
jvazquez-r7 d25e1ba44e Make fixes proposed by review and clean 2013-06-25 12:58:00 -05:00
jvazquez-r7 1ade467ac9 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-25 11:10:43 -05:00
jvazquez-r7 b32513b1b8 Fix CVE-2013-2171 with @jlee-r7 feedback 2013-06-25 10:40:55 -05:00
jvazquez-r7 3244013b1f Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-25 09:48:20 -05:00
sinn3r 6780566a54 Add CVE-2013-2171: FreeBSD 9 Address Space Manipulation Module 2013-06-24 11:50:21 -05:00
Matthias Kaiser 8a96b7f9f2 added Java7u21 RCE module 
Click2Play bypass doesn't seem to work anymore.
 2013-06-24 02:04:38 -04:00
HD Moore 722d33e8fa Updated common password list 2013-06-23 13:15:31 -05:00
HD Moore d9737ec03a Updated common passwords 2013-06-23 01:52:18 -05:00
HD Moore c869112407 Cleanup, reporting, and automatic cracking 2013-06-23 01:35:31 -05:00
HD Moore 5656e0cb7a Initial commit of IPMI library, scanner, & cracker 2013-06-22 23:38:28 -05:00
jvazquez-r7 9d0047ff74 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-07 16:44:52 -05:00
sinn3r 19a6f310cd Land #1927 - Add common passwords from xato.net 2013-06-07 15:24:09 -05:00
Tod Beardsley dc680e7106 Underscores because the rest are. 2013-06-07 15:16:39 -05:00
Tod Beardsley 0265dd8860 Add common passwords from xato.net 
Mark Burnett publishes lists of top passwords occasionally. This PR adds
the top 500 and top 1024 passwords, as of 2011-06-20, linked from this
blog post:

http://xato.net/passwords/more-top-worst-passwords/

He also does a fair bit of frequency analysis there.

The 1024 list, should probably used instead of the original
unix_password.txt file. unix_password.txt  was added on 2010 from an
unknown source (and since edited occasionally to add known good default
passwords). Pulling those changes into this list probably would be
helpful to guess better.

As far as I can tell, there are no special licensing terms for these
lists.
 2013-06-07 15:10:14 -05:00
jvazquez-r7 7090d4609b Add module for CVE-2013-1488 2013-06-07 13:38:41 -05:00
jvazquez-r7 66ea59b03f Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-28 15:22:46 -05:00
James Lee 9843dc4cb4 Land #1708, android meterpreter 
Conflicts:
	data/meterpreter/ext_server_stdapi.jar
 2013-05-28 12:19:45 -05:00
jvazquez-r7 d5cf6c1fbc Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-23 12:37:54 -05:00
sinn3r 81ad280107 Landing #1856 - CVE-2013-0758 Firefox <= 17.0.1 + Flash RCE 
Chained exploit using CVE-2013-0758 and CVE-2013-0757
 2013-05-23 12:21:10 -05:00
Joe Vennix 4d5c4f68cb Initial commit, works on three OSes, but automatic mode fails. 2013-05-15 23:32:02 -05:00
jvazquez-r7 a7e4ba5015 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-30 08:32:24 -05:00
James Lee d53d6370b3 Land #1747, mimikatz meterpreter extension 
[Closes #1747]

See rapid7/meterpreter#9
 2013-04-29 14:45:07 -05:00
James Lee 99f5376606 Binaries for #1747 
See rapid7/meterpeter#9
 2013-04-29 14:44:18 -05:00
jvazquez-r7 a4632b773a Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-28 12:59:16 -05:00
sinn3r 1d9a695d2b Landing #1772 - Adds phpMyadmin Preg_Replace module (CVE-2013-3238) 
[Closes #1772]
 2013-04-28 12:17:16 -05:00
James Lee 5900a7c03f Whitespace 2013-04-26 15:24:02 -05:00
jvazquez-r7 38e41f20fe Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-24 13:24:13 -05:00
James Lee 01d790eb54 Land #1748, fix for java meterp network prefixes 
[Closes #1748]
 2013-04-24 12:27:28 -05:00
James Lee a7effaf9c6 Add bins for #1748 2013-04-24 12:27:05 -05:00
jvazquez-r7 1761b1ad7b Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-23 17:35:35 -05:00
Tod Beardsley 80fb7b85ef Drop msfgui.jar, too. 2013-04-22 16:03:38 -05:00
Tod Beardsley 1112daaff2 Remove msfgui and armitage 
This removes the Armitage and MSFGui components from the Metasploit
distribution. You can track the latest stable releases of these
alternate GUIs here:

MSFGui: http://www.scriptjunkie.us/msfgui/
Armitage: http://www.fastandeasyhacking.com/download
 2013-04-22 15:26:44 -05:00
jvazquez-r7 b6365db0b5 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-22 09:38:32 -05:00
jvazquez-r7 19f2e72dbb Added module for Java 7u17 sandboxy bypass 2013-04-20 01:43:13 -05:00
jvazquez-r7 cc35591723 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-15 17:43:15 -05:00
timwr 32bd812bdb android meterpreter 2013-04-12 18:57:04 +01:00
James Lee 15e2ceb749 Land #1660, dlink backdoor wordlist 
[Closes #1660][See #1648]
 2013-04-11 23:04:02 -05:00
jvazquez-r7 9c0862ad7b Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-11 21:53:07 +02:00
James Lee 8376531a32 Land #1217, java payload build system refactor 
[Closes #1217]
 2013-04-11 13:10:03 -05:00
James Lee 1d09d7e6e9 Java payload bins 
Compiled with the shiny new maven system
 2013-04-11 13:08:16 -05:00
jvazquez-r7 6f1fb4a873 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-06 17:23:24 +02:00