infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
33,030 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

17170 Commits (96207ad28827cdd489409bb56acd330d26f97f0a)

Author SHA1 Message Date
benpturner 1cc167a7fb Inserted ARCH_X86 payloads, removed interactive_powershell and updated base powershell session 2015-04-26 18:50:42 +01:00
benpturner 4cb1a6c255 Updated payload cached size 2015-04-26 09:30:41 +01:00
benpturner e6c61c461e Updated payloads and fixed msftidy. 2015-04-26 09:20:29 +01:00
m-1-k-3 b330b1d41c typo in title of telnet_encrypt_overflow.rb 2015-04-26 02:32:14 +02:00
benpturner ded904c72c New payloads 2015-04-26 00:16:59 +01:00
benpturner a02ea90824 New payloads which work with cmd 2015-04-25 16:49:22 +01:00
benpturner 7afb6e1aa6 Removed stand-alone payloads and will push these as a seperate fork request. 2015-04-25 07:57:43 +01:00
benpturner 6be2c0beab Dynamic 2015-04-25 07:49:34 +01:00
benpturner 2273fb541a payload cached_sizes 2015-04-25 07:33:51 +01:00
benpturner 215e67bcbd Updated comments 2015-04-25 07:02:25 +01:00
Brent Cook 4ffffa59fe
Land #5184, restore store_loot for ssh_creds gatherer 2015-04-24 13:55:06 -05:00
Brent Cook ff96101dba
Land #5218, fix #3816, remove print_debug / DEBUG 2015-04-24 13:41:07 -05:00
benpturner 941a4ee572 updated cached size using tools/update_payload_cached_sizes.rb 2015-04-24 19:13:54 +01:00
jvazquez-r7 7167dc1147
Land #5243, @espreto's WordPress WPshop eCommerce File Upload exploit 2015-04-24 11:30:28 -05:00
jvazquez-r7 558103b25d
Do code cleanup 2015-04-24 11:30:08 -05:00
jvazquez-r7 896d6e8cb7
Fix title 2015-04-24 11:09:39 -05:00
jvazquez-r7 1825b45ac3
Land #5242, @espreto's module for GI-Media Library Plugin Directory Traversal 2015-04-24 11:08:52 -05:00
jvazquez-r7 7af6f31c3a
Fix message 2015-04-24 11:08:00 -05:00
jvazquez-r7 5ca6fe3cb0
Do code cleanup 2015-04-24 11:07:13 -05:00
Brent Cook f457f36cdd
Land #5213, improvements to MS15-035 DoS 2015-04-24 10:54:48 -05:00
jvazquez-r7 7a3949ed52 Land #5230, @espreto's exploit for WordPress InBoundio Marketing File Upload 
* OSVDB 119890
 2015-04-24 10:49:52 -05:00
jvazquez-r7 8a8d9a26f4
Do code cleanup 2015-04-24 10:47:46 -05:00
jvazquez-r7 b5223912cb
Fix check method 2015-04-24 10:41:41 -05:00
Roberto Soares c9b4a272e3 Changed fail_with output. 2015-04-24 12:16:23 -03:00
kaospunk bb0b2eee37 Fix missing . in SRV query 
This update adds a missing . to the end of the
_ldap._tcp SRV record so that it properly forms
the DNS query.
 2015-04-24 10:42:31 -04:00
benpturner 2ccf818c7b msftidy 2015-04-24 11:16:31 +01:00
Roberto Soares e14c6af194 Removed double 'Calling payload'. 2015-04-24 06:26:04 -03:00
benpturner 00d8958cc8 New payloads for reverse_tcp for powershell 2015-04-24 10:25:37 +01:00
Roberto Soares 01efc97c4a Add WordPress WPshop eCommerce File Upload. 2015-04-24 06:21:49 -03:00
Roberto Soares e51897d64e Filepath option 2015-04-24 04:35:59 -03:00
Roberto Soares 7b0b59b5f6 Add WordPress GI-Media Library Plugin File Read. 2015-04-24 04:24:16 -03:00
benpturner 9e137c6403 ref 2015-04-23 23:28:33 +01:00
benpturner 468166408e ref 2015-04-23 23:28:21 +01:00
benpturner 3711b2579c new powershell session 2015-04-23 23:13:12 +01:00
benpturner 0f7442dec2 new powershell session 2015-04-23 23:12:58 +01:00
benpturner b642ddb989 interact powershell session 2015-04-23 23:12:38 +01:00
benpturner b6abd9dc8e updates to rex 2015-04-23 22:14:11 +01:00
benpturner a3710752c6 updates to rex 2015-04-23 22:14:00 +01:00
benpturner 5b604d07dd updates 2015-04-23 22:13:46 +01:00
benpturner 3e693c95df update bind_tcp settings 2015-04-23 14:43:08 +01:00
benpturner 94d99cd833 use Rex::Powershell::Command 2015-04-23 14:42:45 +01:00
benpturner e7b84ea40e rhost mandatory 2015-04-23 10:17:13 +01:00
benpturner 4ad3394e82 make rhost mandatory 2015-04-23 10:09:50 +01:00
Roberto Soares 5bf4c9187a Removed double "Calling payload..." 2015-04-23 03:41:34 -03:00
Roberto Soares 844f768eee Add WordPress InBoundio Marketing File Upload 2015-04-23 03:32:17 -03:00
benpturner 711061a49b updates 2015-04-22 21:03:13 +01:00
benpturner 5a648ef79b updates to script 2015-04-22 20:45:43 +01:00
Brandon Perry e9f8b25987 Update wordpress_contus_video_gallery_sqli.rb 
Update to use the Wordpress mixin
 2015-04-22 14:43:55 -05:00
Brandon Perry 26d208f089 Update wordpress_contus_video_gallery_sqli.rb 
remove 'uri'
 2015-04-22 14:42:03 -05:00
benpturner 99156f1247 reverse payload 2015-04-22 20:41:45 +01:00
benpturner 4ae3c5925d bind payload 2015-04-22 20:41:35 +01:00
Brent Cook 3963289519
Land #4888, @h00die's brocade credential bruteforcer 2015-04-21 18:27:03 -05:00
Mike 3a1778ef7c Spelling Fix 
s/Brocde/Brocade/ as per bcook-r7
 2015-04-21 17:57:36 -04:00
jvazquez-r7 3db0e12b67
Modify autopwn comment 2015-04-21 14:19:15 -05:00
jvazquez-r7 3f40342ac5
Fix sock_sendpage 2015-04-21 14:17:19 -05:00
jvazquez-r7 ab94f15a60
Take care of modules using the 'DEBUG' option 2015-04-21 12:13:40 -05:00
jvazquez-r7 4224008709
Delete print_debug/vprint_debug 2015-04-21 11:14:03 -05:00
Brent Cook 073850c5ad
Land #5158, OWA internal IP disclosure scanner 2015-04-21 11:10:39 -05:00
Brent Cook 5296c6507d
Land #5157, OWA login scanner auth timing logs 2015-04-21 11:06:08 -05:00
wchen-r7 a44da8e6d7 URL refs 2015-04-21 09:29:08 -05:00
wchen-r7 a3b0f2e424
Land #5175, Update mcafee_vse_hashdump description 2015-04-20 21:49:24 -05:00
Brent Cook 9a49538c1a
Land #5016, add SSL Labs scanner 2015-04-20 21:34:16 -05:00
Brent Cook 752c3243f6 wrap print* functions in report_* wrappers 
Preserve the semantics in the code, but don't call functions like 'print_error'
unless there is an actual error running the module. Fix spelling of 'Overall'.
 2015-04-20 21:13:43 -05:00
wchen-r7 ff32d6cee3 Improve MS15-034 DOS 2015-04-20 20:36:08 -05:00
jvazquez-r7 c6c7560aed
Land #4846, @joevennix's android 4.3 uxss module 2015-04-20 18:43:24 -05:00
jvazquez-r7 9b240e1d8f Use parenthesis 2015-04-20 18:42:34 -05:00
William Vu 3fbd4e2fe6
Land #5172, x64 BSD shell_{bind,reverse}_tcp 2015-04-20 15:37:29 -05:00
William Vu 79ca0a56f9
Land #4171, Steam protocol support 2015-04-20 15:35:06 -05:00
jvazquez-r7 f762873a31
Land #5192, @joevennix's module for Safari CVE-2015-1126 
* Module to profit cross domain vulnerability on safari
 2015-04-20 15:19:54 -05:00
jvazquez-r7 e2eaff6b3a
Don't modify datastore options 2015-04-20 15:16:21 -05:00
jvazquez-r7 88c52ae7ae
Delete second stop_service, the mixin should had done the job 2015-04-20 15:13:11 -05:00
jvazquez-r7 dc0549d2dd
Use #wait 2015-04-20 15:06:01 -05:00
jvazquez-r7 c1234e05e2
Delete parenthesis from condition 2015-04-20 14:56:37 -05:00
jvazquez-r7 0283ac05e5
Do minor style fixes 2015-04-20 14:54:39 -05:00
jvazquez-r7 69b8edda4a
Use single quotes 2015-04-20 14:53:38 -05:00
jvazquez-r7 16daa935dd
Do minor code cleanup 2015-04-20 13:08:51 -05:00
jvazquez-r7 4f59abe842
Land #5203, @Meatballs1 fixes #5199 by using the correct namespace 
* Fixes web_delivery
 2015-04-20 11:20:48 -05:00
benpturner d9d8451b9f Updated tools/msftidy.rb issues 2015-04-20 16:03:34 +01:00
Meatballs eb1c01417a
Bogus : 2015-04-20 11:00:26 +01:00
Meatballs aa4f913800
Resolves #5199 
Fix Powershell namespace in web_delivery module
 2015-04-20 09:37:42 +01:00
Christian Mehlmauer a60fe4af8e
Land #5201, Change module wording to conform with other WP modules 2015-04-20 10:07:05 +02:00
aushack 1a32cf7fc0 Change module wording to conform with other WP modules. 2015-04-20 16:48:35 +10:00
Brandon Perry b622aae97f Update wordpress_contus_video_gallery_sqli.rb 2015-04-19 18:24:12 -05:00
Meatballs ac1f03b1de
Use fail_with if unknown exception 2015-04-20 00:11:23 +01:00
Brandon Perry c393f7c398 add contus video gallery scanner 2015-04-19 17:58:08 -05:00
Meatballs 1cc08a56a8
Additional tidyup 2015-04-19 23:55:55 +01:00
Meatballs b0d50dc2be
Create our own Rex connection to the endpoint 
Ensure powershell process closes when module completes
Add a windows cmd interact payload
 2015-04-19 23:41:28 +01:00
Christian Mehlmauer ed9175d73f
Land #5167, WordPress CP Multi-View Calendar SQLI Scanner 2015-04-19 23:36:23 +02:00
Brandon Perry 8c0bcd2e03 Update wordpress_cp_calendar_sqli.rb 
Use the new WPVDB
 2015-04-19 16:32:57 -05:00
Christian Mehlmauer a5583debdc
Land #5131, WordPress Slideshow Upload 2015-04-19 23:12:26 +02:00
Meatballs 8bd0da580d
Move script out of module 2015-04-19 21:12:44 +01:00
Meatballs 9fd3d3aa8c
Move to exploit module 2015-04-19 20:58:20 +01:00
benpturner 1ee850246a Interactive powershell post module that allows a user to gain an 
interactive powershell prompt from a compromised session. It opens a TCP
listener for Powershell and automatically creates the handler. You can
also pass this other powershell files in the LOAD_MODULE option to go
ahead and download using the download cradle once the session is
established.
 2015-04-19 20:51:41 +01:00
joev 2010e966b3 Add non-httponly cookie theft module for ios/osx safari. 2015-04-19 11:32:37 -05:00
Roberto Soares c1a1143377 Remove line in description and output line in fail_with 2015-04-18 15:38:42 -03:00
wchen-r7 43e9244b4c Fix #5134, Put store_loot back 
Fix #5134

store_loot was used at one point, but we ended up removing it.
Turns out store_loot is handy in some cases so we're brining it back.
 2015-04-17 16:33:51 -05:00
wchen-r7 4f903a604c Fix #5103, Revert unwanted URI encoding 
Fix #5103. By default, Httpclient will encode the URI but
we don't necessarily want that. These modules originally
didn't use URI encoding when they were written so we should
just keep them that way.
 2015-04-17 13:59:49 -05:00
karllll e3ce4eb88e Update mcafee_vse_hashdump.rb 2015-04-17 09:47:02 -04:00
Christian Mehlmauer bba0927c7e
Land #5163, WordPress Reflex Gallery Plugin File Upload 2015-04-17 11:26:34 +02:00
Christian Mehlmauer 6653c9e33d
Land #5162, WordPress Dukapress File Read Vulnerability 2015-04-17 11:20:55 +02:00