032da9be10
Land #2426 - make use of Msf::Config.data_directory
2013-10-21 13:07:33 -05:00
6881774c03
Updated with comments from jlee-r7 and Meatballs1
...
Added fail_with instead of just print_error
figured a way to execute the cmd_psh_payload with out using gsub
added case statment for datastore['TECHNIQUE']
2013-10-20 01:15:51 -07:00
6de279733c
Merge branch 'local/ask'
2013-10-19 10:51:55 -07:00
a5dc75a82e
Added PSH option to windows/local/ask exploit
...
Gives you the ability to use powershell to 'ask' for admin rights if the
user has them. Using powershell makes the pop up blue instead of orange
and states that the company is Microsoft, it also doesn't drop an exe
on the system. Looks like 32 bit https works but if you migrate out you
loose priv and if you run cachedump the session hangs.
2013-10-19 00:15:38 -07:00
4e4d0488ae
Rubyfy constants in privs lib
2013-10-18 18:26:07 +01:00
55426882d4
Further bypassuac tidyup
2013-10-18 00:08:06 +01:00
e450e34c7e
Merge branch 'master' of github.com:rapid7/metasploit-framework into low_integ_bypassuac
...
Conflicts:
modules/exploits/windows/local/bypassuac.rb
2013-10-17 23:35:36 +01:00
5a662defac
Post::Privs uses Post::Registry methods
2013-10-17 23:28:07 +01:00
b3cc9f6f1e
Use sysnative to delete the cryptbase.dll when in SYSWOW64 process.
...
Merge branch 'master' of github.com:Meatballs1/metasploit-framework into bypassuac_redo
Conflicts:
modules/exploits/windows/local/bypassuac.rb
2013-10-17 21:01:57 +01:00
07ab53ab39
Merge from master to clear conflict
...
Conflicts:
modules/exploits/windows/brightstor/tape_engine_8A.rb
modules/exploits/windows/fileformat/a-pdf_wav_to_mp3.rb
2013-10-17 13:29:24 -05:00
a54b4c7370
Land #2482 , use runas when UAC is DoNotPrompt
2013-10-16 17:51:11 -05:00
5d86ab4ab8
Catch mis-formatted bracket comments.
2013-10-15 14:52:12 -05:00
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
c68319d098
Fix author
2013-10-15 12:59:19 -05:00
f345414832
Added correct spelling in info
2013-10-15 10:13:18 -07:00
0b9cf24103
Convert vss_persistence to Local Exploit
2013-10-15 11:11:04 -05:00
9ca9b4ab29
Merge branch 'master' into data_dir
...
Conflicts:
lib/msf/core/auxiliary/jtr.rb
2013-10-10 19:55:26 +01:00
a843722ae3
Concurrent printing of the output no longer makes sense...
2013-10-10 19:01:19 +01:00
536c3c7b92
Use multi railgun call for a large performance increase.
2013-10-10 19:01:14 +01:00
aed2490536
add some output and fixing
2013-10-07 15:42:41 -04:00
75d2abc8c2
integrate some ask functionality into bypassuac
2013-10-07 15:14:54 -04:00
0799766faa
Fix UAC is not enabled, no reason to run module when UAC is enabled and vulnerable
...
The new changes when calling uac_level = open_key.query_value('ConsentPromptBehaviorAdmin') breaks UAC on Windows 7 and Windows 8 and shows that UAC is not enabled when it is:
Here is prior to the change on a fully patched Windows 8 machine:
msf exploit(bypassuac) > exploit
[*] Started reverse handler on 172.16.21.156:4444
[*] UAC is Enabled, checking level...
[-] UAC is not enabled, no reason to run module
[-] Run exploit/windows/local/ask to elevate
msf exploit(bypassuac) >
Here's the module when running with the most recent changes that are being proposed:
[*] Started reverse handler on 172.16.21.156:4444
[*] UAC is Enabled, checking level...
[!] Could not determine UAC level - attempting anyways...
[*] Checking admin status...
[+] Part of Administrators group! Continuing...
[*] Uploading the bypass UAC executable to the filesystem...
[*] Meterpreter stager executable 73802 bytes long being uploaded..
[*] Uploaded the agent to the filesystem....
[*] Sending stage (770048 bytes) to 172.16.21.128
[*] Meterpreter session 6 opened (172.16.21.156:4444 -> 172.16.21.128:49394) at 2013-10-05 15:49:23 -0400
meterpreter >
With the new changes and not having a return on when 0 (will not always return 0 - just in certain cases where you cannot query) - it works.
2013-10-05 15:56:55 -04:00
c460f943f7
Merge branch 'master' into data_dir
...
Conflicts:
modules/exploits/windows/local/always_install_elevated.rb
plugins/sounds.rb
scripts/meterpreter/powerdump.rb
scripts/shell/spawn_meterpreter.rb
2013-10-02 20:17:11 +01:00
b306415ecf
Tidy and updates to info
2013-09-29 17:32:39 +01:00
29a7059eb4
Update AlwaysInstallElevated to use a generated MSI file
...
Fixes bugs with MSI::UAC option, invalid logic and typo...
2013-09-29 17:09:03 +01:00
353cd9aaf5
Check payload.arch
2013-09-27 11:13:19 +01:00
d2fa7d84a9
Tidyup includes
2013-09-27 10:12:53 +01:00
5fa0eb32a9
Merge upstream
2013-09-27 10:11:10 +01:00
c3c07b5fd7
Better arch checking
2013-09-27 09:39:29 +01:00
dfac7b57d2
Fixup SysWOW64
2013-09-27 09:10:49 +01:00
b8df7cc496
Initialize strings fool
2013-09-27 09:01:00 +01:00
3d812742f1
Merge upstream master
2013-09-26 21:27:44 +01:00
7ba846ca24
Find and replace
2013-09-26 20:34:48 +01:00
a25833e4d7
Fix %TEMP% path
2013-09-26 19:22:36 +01:00
52a92a55ce
Land #2394 , ms13_005_hwnd_broadcast require fix
2013-09-24 13:43:21 -05:00
8db1a389eb
Land #2304 fix post module require order
...
Incidentally resolve conflict on current_user_psexec to account for the
new powershell require.
2013-09-23 16:52:23 -05:00
99f145cbff
Don't split the post requires
2013-09-23 14:02:43 -05:00
6b06ed0df1
Update current_user_psexec.rb
2013-09-22 03:07:17 +05:00
96364c78f8
Need to catch RequestError too
...
Because a meterpreter session may throw that
2013-09-20 17:13:35 -05:00
6e69fe48bf
Undo psexec changes
2013-09-20 22:30:00 +01:00
2591be503b
Psh support
2013-09-20 22:07:42 +01:00
15885e4ef6
Change static x value
2013-09-20 20:31:14 +01:00
ee365a6b64
Some liberal sleeping
2013-09-20 19:33:27 +01:00
7d1c5c732a
Correct powershell
2013-09-20 18:36:24 +01:00
9819566d94
Nearly
2013-09-20 17:18:14 +01:00
a00f3d8b8e
initial
2013-09-20 13:40:28 +01:00
ef72b30074
Include the post requires until #2354 lands
...
Another one that needs the manual require. See #2354
2013-09-19 09:47:01 -05:00
9a555d8701
Fix the modules added since the branch
2013-09-17 18:25:12 -05:00
150f0f644e
Merge branch 'rapid7' into bug/osx-mods-load-order
...
Conflicts:
modules/post/windows/gather/enum_dirperms.rb
2013-09-17 18:21:13 -05:00
b4b7cecaf4
Various minor desc fixes, also killed some tabs.
2013-09-16 15:50:00 -05:00
58b634dd27
Remove unnecessary requires from post mods
2013-09-12 14:36:01 -05:00
9ad1be7318
Make junk easier
2013-09-11 09:33:01 -05:00
825eb9d1ca
Add module for OSVDB 96208
2013-09-11 00:11:00 -05:00
4f1db80c24
Fix requires in new post modules
2013-09-10 11:13:07 -05:00
473f08bbb6
Register cleanup and update check
2013-09-05 22:43:26 +01:00
400b433267
Sort out exception handling
2013-09-05 22:21:44 +01:00
d4043a6646
Spaces and change to filedropper
2013-09-05 20:41:37 +01:00
c5daf939d1
Stabs tabassassin
2013-09-05 20:36:52 +01:00
d0360733d7
Retab changes for PR #2282
2013-09-05 14:05:34 -05:00
49dface180
Merge for retab
2013-09-05 14:05:28 -05:00
1460474a55
Retab changes for PR #2288
2013-09-05 13:58:24 -05:00
e711a495eb
Merge for retab
2013-09-05 13:58:19 -05:00
9787bb80e7
Address @jlee-r7's feedback
2013-09-05 19:57:05 +01:00
845bf7146b
Retab changes for PR #2304
2013-09-05 13:41:25 -05:00
adf9ff356c
Merge for retab
2013-09-05 13:41:23 -05:00
3066e7e19d
ReverseConnectRetries ftw
2013-09-04 00:16:19 +01:00
a8e77c56bd
Updates
2013-09-03 22:46:20 +01:00
ac0c493cf9
Merge branch 'master' of github.com:rapid7/metasploit-framework into local_win_priv_keyring
2013-09-03 21:33:11 +01:00
84aaf2334a
Retab new material
2013-09-03 11:47:26 -05:00
0c1e6546af
Update from master
2013-09-03 11:45:39 -05:00
ac0b14e793
Add the missing CVE reference
...
Was looking at all the 2013 exploit modules for missing CVE references
2013-08-31 18:54:16 -05:00
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
63adde2429
Fix load order in posts, hopefully forever
2013-08-29 13:37:50 -05:00
ff5cf396ab
Remove large file and rename payload.dll
2013-08-27 00:30:27 +01:00
035e97523b
In memory bypassuac
2013-08-27 00:13:19 +01:00
05f1622fcb
Fix require
2013-08-26 16:21:18 +01:00
3b9ded5a8e
BypassUAC now checks if the process is LowIntegrityLevel
...
and fails if so. Some small improvements made to Post::Priv
and BypassUAC module.
2013-08-26 13:54:55 +01:00
6c1ba9c9c9
Switch to Failure vs Exploit::Failure
2013-08-15 14:14:46 -05:00
5128458c90
Land #2201 - Better check for ppr_flatten_rec
2013-08-09 14:44:23 -05:00
021c358159
Land #2203 - Fix regex for x64 detection
2013-08-09 13:23:38 -05:00
7178633140
Fixed architecture detection in bypassuac modules
2013-08-09 03:42:02 +02:00
318280fea7
Add 7/2k8 RTM versions
2013-08-08 20:02:14 +01:00
d64352652f
Adds unsupported Vista versions
2013-08-08 19:58:40 +01:00
08c32c250f
File versions
2013-08-08 19:42:14 +01:00
40f015f596
Avoid require race with powershell
2013-08-05 09:56:32 -05:00
5ea67586c8
Rewrite description for MS13-005
...
The first part of the description was copy-pasted from
http://packetstormsecurity.com/files/122588/ms13_005_hwnd_broadcast.rb.txt
which contained some grammatical errors. Please try to avoid cribbing
other researchers' descriptions directly for Metasploit modules.
2013-08-05 09:29:29 -05:00
e7206af5b5
OSVDB and comment doc fixes
2013-08-05 09:08:17 -05:00
3a05993f16
Make msftidy happy and warn user about long times
2013-07-29 11:45:30 -05:00
234e49d982
Add type technique
2013-07-26 23:33:16 +01:00
805a9675a7
Modify the check for Integrity Level and Allow dropt o fs
2013-07-26 14:54:50 -05:00
12a58c730a
Small fix
2013-07-26 10:15:47 +01:00
6a13ed0371
Missing include
2013-07-26 03:18:17 +01:00
72b8891ba3
Check for low integrity
2013-07-26 03:16:45 +01:00
030640d5bc
back to cmd
2013-07-26 03:00:36 +01:00
d3f3e5d63e
Working with psh download
2013-07-26 02:29:55 +01:00
b99ad41a64
Add api constants and tidy
2013-07-26 01:48:39 +01:00
0235e6803d
Initial working
2013-07-25 23:24:11 +01:00
44cae75af1
Cleanup
2013-07-24 19:52:59 +01:00
ad94f434ab
Avoid a fix address for the final userland payload
2013-07-05 10:21:11 -05:00
226f4dd8cc
Use execute_shellcode for novell_client_nicm.rb
2013-07-03 13:57:41 -05:00
f9cfba9021
Use execute_shellcode for novell_client_nwfs.rb
2013-07-03 13:55:50 -05:00
2a6056fd2a
exploits/s4u_persistence~Fixed typos+default values
2013-07-03 00:38:50 +01:00
a2b8daf149
Modify fail message when exploitation doen't success
2013-06-29 10:45:13 -05:00
a5c3f4ca9b
Modify ruby code according to comments
2013-06-29 08:54:00 -05:00
427e26c4dc
Fix current_pid
2013-06-28 21:36:49 -05:00
32ae7ec2fa
Fix error description and bad variable usage
2013-06-28 21:30:33 -05:00
fb67002df9
Switch from print_error to print_warning
2013-06-28 21:29:20 -05:00
3ab948209b
Fix module according to @wchen-r7 feedback
2013-06-28 20:44:42 -05:00
00416f3430
Add a new print_status
2013-06-28 18:23:49 -05:00
7725937461
Add Module for cve-2013-3660
2013-06-28 18:18:21 -05:00
795dd6a02a
Add module for OSVDB 93718
2013-06-24 23:51:28 -05:00
a920127f8c
reference updates for several modules
2013-06-23 20:43:34 -05:00
f106b6db50
Add comment with the component version
2013-06-21 17:38:30 -05:00
5fe9a80bf0
Add module for OSVDB 46578
2013-06-21 17:31:40 -05:00
da4b18c6a1
[FixRM:#8012] - Fix message data type to int
...
This patch makes sure s.message is actually an int, that way we can
properly stop or enable the service.
2013-06-06 23:49:14 -05:00
1032663cd4
Fixed check for Administrators SID in whoami /group output
2013-06-04 18:34:06 -04:00
53cb493bc9
Fix @jlee-r7's feedback
2013-05-20 18:44:21 -05:00
85ceaa1a62
Add module for CVE-2013-2730
2013-05-18 12:44:24 -05:00
05426cb61b
Fix dir creation
2013-04-27 21:39:29 +01:00
8bfaa41723
Fix x64 dll creation
2013-04-27 20:44:46 +01:00
e2b8d5ed23
Fix from David Kennedy, enable Windows 8 support
2013-04-09 02:07:40 -05:00
2160718250
Fix file header comment
...
[See #1555 ]
2013-03-07 17:53:19 -06:00
07475e5483
Update
2013-02-22 21:22:51 +00:00
769ca6335f
Mrg Juan's changes, stop shadowing
2013-02-22 20:09:21 +00:00
416a7aeaa3
make msftidy happy for s4u_persistence
2013-02-18 15:23:06 +01:00
be0feecf8f
Merge branch 's4u_persistence' of https://github.com/smilingraccoon/metasploit-framework into smilingraccoon-s4u_persistence
2013-02-18 15:22:37 +01:00
25f8a7dcb9
Fix expire tag logic and slight clean up
...
Was a dumbass again and didn't fully understand how Optints worked when left blank at run time. If not 0 the expire tag will be inserted now. Also made it print the xpath if used because I believe it will be of value to the user for trouble shooting.
2013-02-17 22:35:52 -05:00
a8d574e4ce
Updated one print_status
2013-02-17 14:08:33 -05:00
7b2c1afadb
I'm an idiot, fix logon xpath
2013-02-14 09:16:47 -05:00
e78cbdd14d
missed one line
2013-02-13 18:17:38 -05:00
bbf8fe0213
Use Post::File methods and fail_with
2013-02-13 18:10:05 -05:00
42a6d96ff4
using Post::File methods plus little more cleanup
2013-02-12 01:33:07 +01:00
97edbb7868
using always a vbs file to drop exe
2013-02-12 00:58:26 +01:00
5edb138a8f
fixed nil issue
2013-02-11 11:51:33 -04:00
3a499b1a6d
added s4u_persistence.rb
2013-02-10 14:22:36 -05:00
fea84cad10
Fix additional typos per recomendation
2013-02-08 14:47:16 -04:00
b8f0a94c3f
Fixed typos mentioned by Egypt
2013-02-08 14:42:10 -04:00
c131b7ef0e
Added exception handing and return checking as requested by Sinn3r
2013-02-07 21:06:05 -04:00
19e989dff9
Initial commit fo the migrated module
2013-02-07 19:11:44 -04:00
174ab31010
Moving reused methods to Accounts mixin
2013-01-31 12:59:55 +01:00
aaf18f0257
EOL whitespace, yo.
2013-01-29 14:22:30 -06:00
3faf4b3aca
adding sinn3r as author
2013-01-24 18:13:30 +01:00
2cedcad810
Check PID
2013-01-24 10:46:23 -06:00
ad108900d5
Why yes I know it's a module
2013-01-23 16:23:41 -06:00
22f7619892
Improve Carlos' payload injection module - See #1201
...
Lots of changes, mainly:
* Description update
* Avoid accessing protected methods
* More careful exception & return value handling
2013-01-23 16:15:14 -06:00
e93b7ffcaf
Add Carlos Perez's payload injection module
...
See #1201
2013-01-23 14:07:48 -06:00
1bc5fd3758
Changed to warnings
2013-01-20 00:29:38 +00:00
8f2dd8e2ce
msftidy: Remove $Revision$
2013-01-04 00:48:10 +01:00
25aaf7a676
msftidy: Remove $Id$
2013-01-04 00:41:44 +01:00
fde267bea4
Break on session
2013-01-03 20:21:05 +00:00
54e4557855
Leave handler running for reboot
2013-01-03 20:07:41 +00:00
df21836aa0
Use fail_with
2013-01-03 19:43:25 +00:00
861951f7fd
Add exception handling around get_imperstoken
2012-12-30 14:58:39 +00:00
e09c33faa4
Merge remote changes
2012-12-30 14:36:54 +00:00
90dd90a304
Add Startup Manual to Check method
2012-12-30 14:32:17 +00:00
6b0c3eadb2
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into local_win_priv_keyring
2012-12-30 14:17:46 +00:00
9b768a2c62
Merge branch 'cleanup/post-windows-services' of git://github.com/jlee-r7/metasploit-framework into jlee-r7-cleanup/post-windows-services
2012-12-21 23:42:17 -06:00
0963b5ee84
Use custom exist?
2012-12-13 23:00:26 +00:00
522a80875e
Borrowed enum_dirperms checking.
2012-12-13 22:16:39 +00:00
17518f035c
support for local exploits on file_dropper
2012-11-28 22:17:27 +01:00
85ed074674
Final cleanup on always_install_elevated
2012-11-28 21:50:08 +01:00
fd1557b6d2
Merge branch 'msi_elevated' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-msi_elevated
2012-11-28 21:49:36 +01:00
7fea0d4af6
Add initial auto run script
2012-11-28 16:38:31 +00:00
a3fbf276f9
Reinstated cleanup
2012-11-28 11:23:08 +00:00
b5b47152fc
Changed to static msi filename
2012-11-28 11:21:02 +00:00
76f7abe5b6
Little tidy up
2012-11-27 23:58:58 +00:00
81c2182424
Msftidy
2012-11-27 23:33:07 +00:00
9741d55724
Moved to agnostic post module commands
2012-11-27 23:26:19 +00:00
6fe378b594
Minor changes to description
2012-11-27 20:56:52 +00:00
d067b040a0
Minor changes to description
2012-11-27 20:55:36 +00:00
7727f3d6e8
Msftidy
2012-11-27 18:31:54 +00:00
889c8ac12d
Add build instructions and removed binary
2012-11-27 18:18:20 +00:00
bc9065ad42
Move MSI source and binary location
2012-11-27 18:12:49 +00:00
f1fedee63b
EOL space, deleted
2012-11-26 14:19:40 -06:00
579126c777
Remove redundant sleep
2012-11-22 10:44:41 +00:00
021e0f37e9
Cleanup s
2012-11-22 10:34:05 +00:00
7936fce7cf
Remove auto migrate - we probably dont want to migrate away from a SYSTEM process.
2012-11-22 10:29:58 +00:00
128eafe22c
Changed to Local Exploit
2012-11-22 10:26:23 +00:00
e18acf2103
remove debugging code
2012-11-14 23:56:32 -05:00
7d41f1f9a0
add admin already and admin group checks
2012-11-14 23:54:01 -05:00
063661c320
Address some initial feedback thanks bperry
2012-11-11 19:33:32 +00:00
ac6048837b
msftidy
2012-11-11 15:12:18 +00:00
142cef6182
Dont cleanup dll when reboot is required.
2012-11-11 15:11:00 +00:00
ca95973b8f
Null check
2012-11-11 14:56:26 +00:00
19fe29e820
Merge remote-tracking branch 'upstream/master' into local_win_priv_keyring
2012-11-11 14:43:31 +00:00
933515dae2
Msftidy
2012-11-11 14:42:49 +00:00
f60aa562b7
Working x86
2012-11-11 14:39:41 +00:00
34bc92584b
Refactor WindowsServices
...
* Pulls common code up from several methods into #open_sc_manager
* Deprecates the name Windows::WindowsServices in favor of
Windows::Services. The platform is already clear from the namespace.
* Makes the post/test/services test module actually work
[See #1007 ]
[See #1012 ]
2012-11-06 17:30:04 -06:00
cae0aa9c31
Check architecture, fix cleanup etc
2012-11-05 23:55:49 +00:00
53c7479d70
Add Windows 8 support
...
Verified with Windows 8 Enterprise Evaluation
2012-10-29 20:12:47 +02:00
f1423bf0b4
If a message is clearly a warning, then use print_warning
2012-10-24 00:44:53 -05:00
be9a954405
Merge remote branch 'jlee-r7/cleanup/post-requires'
2012-10-23 15:08:25 -05:00
910644400d
References EDB cleanup
...
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
21f6127e29
Platform windows cleanup
...
Change all Platform 'windows' to 'win', as it internally is an alias
anyway and only causes unnecessary confusion to have two platform names
that mean the same.
2012-10-23 20:33:01 +02:00
9c95c7992b
Require's for all the include's
2012-10-23 13:24:05 -05:00
33ce74fe8c
Merge branch 'msftidy-1' of git://github.com/schierlm/metasploit-framework into schierlm-msftidy-1
2012-10-23 02:10:56 -05:00
7437d9844b
standardizing author info
2012-10-22 17:01:58 -04:00
5b18a34ad4
References cleanup
...
Uppercase MSB, spaces in URLs.
2012-10-22 22:37:01 +02:00
657d527f8d
DisclosureDate cleanup: Try parsing all dates
...
Fix all dates unparsable by `Date.strptime(value, '%b %d %Y')`
2012-10-22 20:04:21 +02:00
344f32d6ba
Initial commit - non working :(
2012-10-20 00:23:41 +01:00
9192a01803
All exploits need a disclosure date.
2012-10-15 16:29:12 -05:00
529f88c66d
Some msftidy fixes
2012-10-14 19:16:54 -05:00
97ac7fa184
Merge branch 'module-wle-service-permissions' of git://github.com/zeroSteiner/metasploit-framework
2012-10-14 18:27:32 -05:00
3ab24cdbb9
added exploits/windows/local/service_permissions
2012-10-11 22:42:36 -04:00
e02adc1f35
Merge branch 'mubix-bypassuac_uac_check'
2012-10-06 02:09:16 -05:00
33429c37fd
Change print_error to print_debug as a warning
2012-10-06 02:08:19 -05:00
55474dd8bf
add simple UAC checks to bypassuac
2012-10-06 00:59:54 -04:00
b984d33996
add RunAs ask module
2012-10-06 00:51:44 -04:00
0ae7756d26
fixed missing > on author
2012-10-05 11:13:40 -04:00
8520cbf218
fixes spotted by @jlee-r7
2012-10-04 17:34:35 -04:00
4400cb94b5
Removing trailing spaces
2012-10-04 14:58:53 -05:00
3f2fe8d5b4
port bypassuac from post module to local exploit
2012-10-04 14:31:23 -04:00
e36507fc05
Code cleanup and make msftidy happy
2012-10-02 12:00:23 -05:00
21e832ac1c
add call to memory protect to fix DEP environments
2012-10-01 18:49:18 -04:00
c93692b06d
add a check to verify session is not already system for MS11-080
2012-09-27 08:36:13 -04:00
8648953747
added MS11-080 AFD JoinLeaf Windows Local Exploit
2012-09-26 11:01:30 -04:00
ac2e3dd44e
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-08-15 14:47:22 -05:00
54146b8e99
Add another ref about the technique
2012-08-15 14:46:51 -05:00
f325d47659
Fix up description a little
2012-08-15 13:57:24 -05:00
586d937161
Msftidy fix and adding OSVDB
2012-08-15 13:43:50 -05:00
dc5f8b874d
Found a bug with retrying.
2012-08-14 17:04:17 -05:00
3e0e5a1a75
No manual stuff, probably prones to failure anyway.
2012-08-14 10:58:57 -05:00
612848df6f
Add priv escalation mod for exploiting trusted service path
2012-08-14 01:55:03 -05:00
bd408fc27e
Updating msft links to psexec
...
Thanks for the spot @shuckins-r7 !
2012-08-13 15:28:04 -05:00
67cdea1788
Fix load order issues (again)
...
This is getting annoying. Some day we'll have autoload and never have
to deal with this.
2012-08-10 13:52:54 -06:00
d5b165abbb
Msftidy.rb cleanup on recent modules.
...
Notably, DisclosureDate is required for other module parsers, so let's
not ignore those, even if you have to guess at the disclosure or call
the module's publish date the disclosure date.
2012-08-04 12:18:00 -05:00
227d0dbc47
Add jabra to authors. I'm a jerk
2012-08-02 11:13:53 -06:00
1a2a1e70f7
Replace load with require, *facepalm*
2012-08-01 22:51:36 -06:00
0707730fe0
Remove superfluous method
...
Obsoleted by session.session_host, which does the same thing
2012-08-01 01:07:21 -06:00
47eb387886
Add current_user_psexec module
...
Tested against a 2k8 domain controller.
2012-08-01 01:05:10 -06:00
ebe48ecf16
Add Rank for schelevator, update sock_sendpage's
2012-07-18 11:16:29 -06:00
1fbe5742bd
Axe some copy-pasta
2012-06-12 23:58:20 -06:00
9f78a9e18e
Port ms10-092 to the new Exploit::Local format
2012-06-12 23:58:20 -06:00
sinn3r
b00stfr3ak
Meatballs
Tod Beardsley
James Lee
jvazquez-r7
MrXors
Rob Fuller
trustedsec
William Vu
darknight007
Tab Assassin
HD Moore
Sagi Shahar
g0tmi1k
Steve Tornio
cbgabriel
Thomas McCarthy
smilingraccoon
Carlos Perez
Tod Beardsley
sinn3r
Christian Mehlmauer
sagishahar
Michael Schierl
Spencer McIntyre