infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
22,805 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

22805 Commits (9658a4d8634d2dd07bcd71643136d3c73a0b59b3)

Author SHA1 Message Date
William Vu 9658a4d863
Land #2932, msftidy for Travis 2014-01-31 17:01:52 -06:00
Tod Beardsley 03d65cd2bd
Address @wvu-r7's comments and better filtering 2014-01-31 16:44:42 -06:00
Tod Beardsley 6f6fae07f7
Land #2912, session upgrade fix 
[FixRM #8749]
 2014-01-31 15:33:54 -06:00
William Vu a5bff638c5 Remove EOL spaces 2014-01-31 15:01:03 -06:00
Tod Beardsley 87412be33d
Squash commit Travis-able msftidy checks 
This change updates msftidy to be run automatically for new modules
added since the last tag release because we can't rely on folks using
tools/dev/pre-commit-hook before submitting a PR. Now, when one attempts
to open a PR with a non-tidy'ed module, the build will fail out of the
gate.

Related to the 100s of msftidy errors extant today.

[SeeRM #8498]

commit c894e52de5705a1133191be5e9caf3ebdee33621
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Fri Jan 31 14:17:02 2014 -0600

    Add a jacked up title to test travis. Revert this!

commit 2f00c190be71aeb456a7a546071286fd6d670bc1
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Fri Jan 31 11:39:42 2014 -0600

    Allow for checking and spotchecking.

commit db11e8dfad5381030b08c431a183dbafe7a5f304
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Thu Jan 30 17:16:37 2014 -0600

    Whoops, need to exit an Integer always.

commit 12d131d3157a78ff11e597476138323ed0a062fc
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Thu Jan 30 16:59:35 2014 -0600

    Allow for exit statuses from msftidy.

commit 2c3b294ff17416f49935472caf2b6be3dbdd93a4
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Thu Jan 30 15:36:43 2014 -0600

    Be more dynamic about tag checking years

commit d5d8a0b05ac17fb18666a9c252dbb6928d6b5e56
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Thu Jan 30 14:36:44 2014 -0600

    Don't warn when there's really nothing

commit fb44a3142fb01eb2647c1c240bb1cc2e7bf59120
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Thu Jan 30 14:21:50 2014 -0600

    Revert the intentional failure

    This reverts commit 99a7630b0da301b27ac495cb027009a8cd9e2caf.

    Fun fact: Reverting a commit does not automatically sign with my current
    aliases, one must git revert then git c --amend.

commit 99a7630b0da301b27ac495cb027009a8cd9e2caf
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Thu Jan 30 14:08:05 2014 -0600

    Cause an exit status in precommit check

    Maybe travis will see these and fail the build.

    Don't forget to revert this commit @todb-r7 !

commit 5a3b2fcd9598fae51a0dd2c7c87680c703a85448
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Thu Jan 30 13:11:04 2014 -0600

    Update msftidy pre-commit-hook for spotchecking

commit 3f255e36dad9ed3081aaf359f845525d96872ef0
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Thu Jan 30 12:35:16 2014 -0600

    Travis should run msftidy via precommit hook

commit 0959d9d2d281590a94c0ac960e43b74354e4e21b
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Thu Jan 30 12:25:53 2014 -0600

    Add SPOTCHECK_RECENT to msftidy.rb
 2014-01-31 14:19:04 -06:00
sinn3r b67ac39a33
Land #2921 - Apache Struts Developer Mode OGNL Execution 2014-01-31 12:06:58 -06:00
sinn3r 60ead5de43 Explain why we flag the vuln as "Appears" instead of vulnerable 2014-01-31 12:05:58 -06:00
jvazquez-r7 2fca2da9f7 Add an vprint message on check 2014-01-31 11:57:20 -06:00
Tod Beardsley ad6a83c150
Land #2933, fix msftidy and then cry 
So many more warnings. Dangit, it sucks when your linter lies to you for
so long.
 2014-01-31 11:28:41 -06:00
jvazquez-r7 356692f2f5
Land #2923, @rangercha tomcat deploy module compatible with tomcat8 2014-01-31 10:53:53 -06:00
sinn3r 721ae6c66e Should really call source_address without args 2014-01-31 10:36:55 -06:00
jvazquez-r7 53c2a737e9 Don't register rport again 2014-01-31 09:42:41 -06:00
jvazquez-r7 452042e757
Land #2925, @xistence aux module for Support Center Plus traversal 2014-01-31 09:38:01 -06:00
jvazquez-r7 e9f04d9203 Do final cleanup for Support Center Plus module 2014-01-31 09:37:40 -06:00
jvazquez-r7 a010748056
Land #2924, @xistence's exploit for CVE-2014-1683 2014-01-31 09:20:10 -06:00
jvazquez-r7 710902dc56 Move file location 2014-01-31 09:18:59 -06:00
jvazquez-r7 810605f0b7 Do final cleanup for the skybluecanvas exploit 2014-01-31 09:17:51 -06:00
jvazquez-r7 32c5d77ebd
Land #2918, @wvu's fix for long argument lists 2014-01-31 08:49:22 -06:00
rangercha c21edad357 Merge pull request #1 from jvazquez-r7/review2_2923 
Review tomcat_mgr_upload
 2014-01-31 04:18:21 -08:00
xistence e81a0ed22b Changes as requested for SupportCenterPlus module 2014-01-31 13:28:45 +07:00
xistence ffd8f7eee0 Changes as requested in SkyBlue Canvas RCE module 2014-01-31 12:52:48 +07:00
jvazquez-r7 93db1c59af Do small fixes 2014-01-30 17:16:43 -06:00
jvazquez-r7 9daacf8fb1 Clean exploit method 2014-01-30 16:58:17 -06:00
jvazquez-r7 4458dc80a5 Clean the find_csrf mehtod 2014-01-30 16:39:19 -06:00
jvazquez-r7 697a86aad7 Organize a little bit the code 2014-01-30 16:29:45 -06:00
jvazquez-r7 50317d44d3 Do more easy clean 2014-01-30 16:23:17 -06:00
jvazquez-r7 1a9e6dfb2a Allow check to detect platform and arch 2014-01-30 15:17:20 -06:00
jvazquez-r7 b2273dce2e Delete Automatic target 
It isn't usefull at all, when auto targeting is done, the payload (java platform and arch)
has been already selected.
 2014-01-30 15:04:08 -06:00
jvazquez-r7 cebbe71dba Do easy cleanup of exploit 2014-01-30 14:42:02 -06:00
William Vu 7200a4f0e0 Fix in_super-reliant msftidy checks 
The conversion from hard tabs to two-space soft tabs broke a few checks.
 2014-01-30 14:39:28 -06:00
jvazquez-r7 c336133a8e Do a first clean related to auto_target 2014-01-30 14:27:20 -06:00
jvazquez-r7 57b8b49744 Clean query_manager 2014-01-30 14:20:02 -06:00
jvazquez-r7 148e51a28b Clean metadata and use TARGETURI 2014-01-30 14:03:52 -06:00
William Vu 56287e308d Clean up unused variables 2014-01-30 11:20:21 -06:00
OJ 10ac7a22af
Land #2897 Sane address resolution [FixRM #7259] 2014-01-28 23:09:44 +10:00
xistence 32d7f15a5c added ManageEngine Support Center Plus directory traversal auxiliary module 2014-01-28 15:45:23 +07:00
xistence bac6e2a3e1 added SkyBlueCanvas CMS 1.1 r248-03 RCE 2014-01-28 11:06:25 +07:00
jvazquez-r7 f766a74150
Land #2920, @wvu-r7's author metadata update for printer aux modules 2014-01-27 13:02:31 -06:00
William Vu d19e9307c6 Fix missing colon in :caller_host symbol 
Good catch, @jvazquez-r7!
 2014-01-27 12:43:59 -06:00
William Vu da88e5822a Merge remote-tracking branch 'origin/pr/3' into feature/pjl 2014-01-27 12:39:10 -06:00
jvazquez-r7 0dbaeb6742 Add Matteo's email 2014-01-27 08:40:44 -06:00
jvazquez-r7 f086655075
Land #2913, @bcoles Exploit for Simple E-Document 2014-01-27 08:09:45 -06:00
jvazquez-r7 861126fdbd Clean exploit code 2014-01-27 08:09:18 -06:00
RangerCha a49473181c Added new module. Abuses tomcat manager upload page. Tested on tomcat 5.5.36, 6.0.37, 7.0.50, 8.0.0rc10 2014-01-27 09:04:59 -05:00
jvazquez-r7 8fe74629fe Allow send_request_cgi to take care of the uri encoding 2014-01-26 00:06:41 -06:00
jvazquez-r7 37adf1251c Delete privileged flag because is configuration dependant 2014-01-25 18:25:31 -06:00
jvazquez-r7 038cb7a981 Add module for CVE-2012-0394 2014-01-25 18:17:01 -06:00
William Vu 52371be52a Clarify why contributors are listed as authors 
Also adding @mcantoni to the list of authors. Sorry we missed you!

Dear contributors,

Even though we weren't able to use your code, we absolutely appreciate
that you wrote it. That's why we're listing you as authors. Thanks!!!

https://dev.metasploit.com/redmine/issues/6034
https://dev.metasploit.com/redmine/issues/5217
https://dev.metasploit.com/redmine/issues/6864
 2014-01-25 18:02:17 -06:00
William Vu eaeb2af97f Use opts hash for h323_version 
https://dev.metasploit.com/redmine/issues/8498
 2014-01-24 20:32:37 -06:00
William Vu 7c5229e2eb Use opts hash for glassfish_deployer 
https://dev.metasploit.com/redmine/issues/8498
 2014-01-24 20:17:02 -06:00