infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
21,558 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

21558 Commits (902d48efab36413ae184335416fe2463d61cd5b9)

Author SHA1 Message Date
sinn3r d54c8a359b Fix bug in proxy detection 2013-10-31 23:42:43 -05:00
sinn3r 7a33c48a0f No double slash 2013-10-31 23:17:38 -05:00
sinn3r 5851d502b5 Rename some stuff 2013-10-31 23:12:20 -05:00
sinn3r 21891a8337 Make sure the browser can't retry by going to the first URL 2013-10-31 23:08:17 -05:00
sinn3r 94d62613ab Pretty much done with these, remove these comments. 2013-10-31 19:04:11 -05:00
sinn3r 828ef9c64c Adds target-specific payload generator 2013-10-31 18:54:01 -05:00
sinn3r 391360d67f Update xmlhttprequest 2013-10-31 16:09:05 -05:00
sinn3r 8a0ebcbac7 Adds method get_module_resource 2013-10-31 14:34:38 -05:00
sinn3r 10fd892827 Fix a "undefined method to_sym" bug 
If something is undetectable, the value may be empty, which triggers
a undefined method error because the regex always assumes there is
something. So instead of +, we use *.
 2013-10-31 14:06:05 -05:00
sinn3r 6e7e5a0ff9 Put postInfo() in the js directory 2013-10-31 13:55:22 -05:00
sinn3r 735b879e3c Add an example/testcase for BrowserExploitServer 2013-10-31 13:18:45 -05:00
sinn3r 00efad5c5d Initial commit for BrowserExploitServer mixin 2013-10-31 13:17:06 -05:00
jvazquez-r7 c5778f51d7
Land #2594, @jvennix-r7's firefox 25 js detection 2013-10-31 09:22:37 -05:00
jvazquez-r7 58fa67faa3
Land #2597, @wvu-r7's fix for files permissions 2013-10-31 08:18:42 -05:00
root 5c923757e8 Removed generic command execution capability 2013-10-30 21:35:24 -04:00
William Vu f5d1d8eace chmod -x .rb files without #! in modules and lib 
It wasn't just cmdstager_printf.rb. :/
 2013-10-30 19:51:25 -05:00
William Vu 3e1ae4c9b3
Land #2504, @todb-r7's edit command for msfconsole 2013-10-30 15:38:07 -05:00
William Vu b76c13b57d
Land #2596, resplat new WMI module 2013-10-30 15:34:24 -05:00
Tod Beardsley 900ccc7ec9
VISUAL is okay. Also doesn't need to be a path. 
I don't believe this opens an untoward attack vector -- if your attacker
can run Metasploit locally, you have much bigger problems.
 2013-10-30 15:34:23 -05:00
Tod Beardsley e488a54a06
Resplat new WMI module 2013-10-30 15:14:16 -05:00
William Vu 0735bee635
Land #2595, CVE update for vtiger_php_exec 2013-10-30 14:03:06 -05:00
Tod Beardsley 98224ee89f
CVE update for vtiger issue 2013-10-30 13:48:35 -05:00
William Vu b3c4dfcb04
Land #2593, updated refs for @brandonprry's stuff 2013-10-30 12:29:47 -05:00
Tod Beardsley 344413b74d
Reorder refs for some reason. 2013-10-30 12:25:55 -05:00
Tod Beardsley 32794f9d37
Move OpenBravo to aux module land 2013-10-30 12:20:04 -05:00
joev 4425cf1dc1 Add support for firefox 25. 
Also replaces a bunch of missing semicolons.
 2013-10-30 12:19:22 -05:00
Tod Beardsley 17d796296c
Un-dupe References for ispconfig 2013-10-30 12:03:35 -05:00
Tod Beardsley 0d480f3a7d
Typo fix 2013-10-30 11:38:04 -05:00
Tod Beardsley 97a4ca0752
Update references for FOSS modules 2013-10-30 11:36:16 -05:00
Tod Beardsley 78381316a2
Add @brandonprry's seven new modules 
Already reviewed privately, no associated PR.
 2013-10-30 11:04:21 -05:00
Tod Beardsley 5b76947767
Add a few more modules. 2013-10-30 10:25:48 -05:00
OJ 2fbac9b129 Add `getproxy` command 
This command pulls out system proxy details on windows machines.
 2013-10-30 18:40:51 +10:00
jvazquez-r7 c8ceaa25c6
Land #2589, @wvu-r7's exploit for OSVDB 98714 2013-10-29 14:56:30 -05:00
jvazquez-r7 9f81aeb4ad Fix style 2013-10-29 14:55:16 -05:00
William Vu 5af42f2c28 Add short comment on why the padding is necessary 2013-10-29 11:46:10 -05:00
William Vu e368cb0a5e Add Win7 SP1 to WinXP SP3 target 2013-10-29 10:45:14 -05:00
jvazquez-r7 1b75aef614
Land #2591, @bcoles's exploit for ProcessMaker 2013-10-29 09:54:23 -05:00
jvazquez-r7 c4c171d63f Clean processmaker_exec 2013-10-29 09:53:39 -05:00
jvazquez-r7 26af6452da
Land #2588, @wvu-r7's permissions change for cmdstager_printf.rb 2013-10-29 08:07:19 -05:00
bcoles 3eed800b85 Add ProcessMaker Open Source Authenticated PHP Code Execution 2013-10-29 23:27:29 +10:30
William Vu 665f6c3e35
Land #2590, gsub nil fix for mimikatz 2013-10-29 00:58:16 -05:00
OJ 606411de81 Fix mimikatz error when password is nil 
In some cases the password value that comes out of mimikatz results
is `nil`, instead of an empty string. This fixes this so that if
the string is `nil` is falls back to an empty string, resulting in
the call to `gsub` working instead of failing.
 2013-10-29 15:13:32 +10:00
William Vu ea7bba4035 Add Beetel Connection Manager NetConfig.ini BOF 2013-10-28 22:52:02 -05:00
William Vu 333a0d5820 chmod -x cmdstager_printf.rb 2013-10-28 18:47:14 -05:00
Brandon Turner 4b7a438d45 Merge pull request #2587 from todb-r7/release-fixup 
Release fixups
 2013-10-28 12:26:17 -07:00
Tod Beardsley 4128aa8c08
Resplat and tabs 2013-10-28 14:03:15 -05:00
Tod Beardsley 9045eb06b0
Various title and description updates 2013-10-28 14:00:19 -05:00
Tod Beardsley 9bb9f8b27b
Update descriptions on SMB file utils. 2013-10-28 13:48:25 -05:00
Tod Beardsley 0f63420e9f
Be specific about the type of hash 
See #2583. Since there are several types of hashes, we need to be more
specific about this -- see modules/exploits/windows/smb/psexec.rb which
uses an "smb_hash" as a password type.

Also, the fixes in #2583 do not appear to address anything else reported
on the Redmine issue, namely, operating system and architecture
identification discovered with this module (assuming good credentials).
Therefore, the Redmine issue should not be considered resolved.

[SeeRM #4398]
 2013-10-28 13:40:07 -05:00
William Vu 1fee3ce952
Land #2584, reporting for energizer_duo_detect 2013-10-28 10:48:20 -05:00