Commit Graph

18043 Commits (981cc891bc92e46ac2a12763bde7b94188ac5c18)

Author SHA1 Message Date
Andras Kabai 6f8fc81497 improve error handling 2013-04-24 17:59:11 +02:00
jvazquez-r7 2b4144f20f Add module for US-CERT-VU 345260 2013-04-24 10:47:16 -05:00
Andras Kabai 57113bee80 fine correction
add license
remove one unnecessary tab to make msftidy happy
2013-04-24 15:07:32 +02:00
Andras Kabai 6485124cdf fix module name 2013-04-24 10:54:52 +02:00
Andras Kabai 358b8934bf clarify description 2013-04-24 10:31:40 +02:00
Andras Kabai 00e6eeca54 implement command line magick to prevent bad char usage
commas in the HTTP queries are not allowed but the VBS stager contains
some, therefore it was necessary to find a way to echo out commas
without directly use them.
thanks to Laszlo Toth to help me figure out this windows command line
trick.
2013-04-24 09:46:36 +02:00
Andras Kabai 783cca6c17 allow only ARCH_X86 payloads 2013-04-24 09:29:47 +02:00
jvazquez-r7 c3f5f5f9de Land #1756, @wchen-r7's cleanup of spaces 2013-04-23 19:29:36 -05:00
sinn3r cae30bec23 Clean up all the whitespace found 2013-04-23 18:27:11 -05:00
James Lee 93bddd9041 Improved docs and partial specs for Rex::Text
Conflicts:
	lib/msf/core/modules/loader/base.rb
	lib/rex/poly/block.rb
	lib/rex/text.rb
2013-04-23 17:24:03 -05:00
Brandon Turner 47097ecf69 Fix typo 2013-04-23 15:39:02 -05:00
sinn3r b0ac7a7b47 Landing #1752 - Removes msfgui and armitage
[Closes #1752] - Stable releases can be tracked here:
MSFGui: http://www.scriptjunkie.us/msfgui/
Armitage: http://www.fastandeasyhacking.com/download
2013-04-23 12:28:49 -05:00
sinn3r a5c102d11e Landing #1753 - Updates references for java_jre17_reflection_types 2013-04-23 08:03:30 -05:00
jvazquez-r7 ece36c0610 Update references for the las Java exploit 2013-04-22 21:55:04 -05:00
jvazquez-r7 1529dff3f3 Do final cleanup for sap_configservlet_exec_noauth 2013-04-22 21:43:41 -05:00
jvazquez-r7 8c9715c2ed Land #1751, @andrewkabai's SAP Portal remote OS command exec 2013-04-22 21:41:53 -05:00
Tod Beardsley 80fb7b85ef Drop msfgui.jar, too. 2013-04-22 16:03:38 -05:00
sinn3r a09b3b8023 Lands #1169 - Adds a check
[Closes #1169]

Conflicts:
	modules/auxiliary/dos/http/apache_range_dos.rb
2013-04-22 15:50:15 -05:00
sinn3r 882b084cba Changes the default action 2013-04-22 15:47:38 -05:00
sinn3r 7e28a4ddb0 Uses "ACTIONS" keys instead of datastore options
It's better to use ACTIONS instead of datastore in this case. Also,
did some cleanup.
2013-04-22 15:41:47 -05:00
Tod Beardsley 1112daaff2 Remove msfgui and armitage
This removes the Armitage and MSFGui components from the Metasploit
distribution. You can track the latest stable releases of these
alternate GUIs here:

MSFGui: http://www.scriptjunkie.us/msfgui/
Armitage: http://www.fastandeasyhacking.com/download
2013-04-22 15:26:44 -05:00
sinn3r dfff20a3fc Landing #1692 - Handles OSQL banners and responses
[Close #1692]
2013-04-22 13:58:44 -05:00
sinn3r b10b2c60d8 Landing #1746 - Adds some friendlier defaults to database.yml
[Closes #1746]
2013-04-22 12:54:24 -05:00
Andras Kabai 79eb2ff62d add EDB ID to references 2013-04-22 18:37:28 +02:00
sinn3r ab976bcf63 Landing #1749 - Fixes Ruby 1.8 Syntax errors
[Closes #1749]
2013-04-22 11:20:54 -05:00
Andras Kabai 15b06c43aa sap_configservlet_exec_noauth auxiliary module
the final module was moved from my master branch to here because of the
pull request needs
2013-04-22 17:40:27 +02:00
Andras Kabai b4f1f3efbb remove aux module from master branch 2013-04-22 17:34:01 +02:00
Andras Kabai 750638e4d6 note on bad characters 2013-04-22 17:24:08 +02:00
Meatballs fab1781812 Refactored to send custom commands 2013-04-22 10:04:38 +01:00
Andras Kabai a1e52b5b27 command execution needs cmd /c 2013-04-22 10:20:45 +02:00
Antoine 0115833724 SyntaxError fixes 2013-04-21 20:22:41 +00:00
Meatballs 6656514616 Msftidy 2013-04-21 14:34:47 +01:00
Meatballs fc621e8d7e Parse ssp correctly 2013-04-21 10:55:01 +01:00
Meatballs 83fbc3e46f Small fix and attribution to gentilkiwi 2013-04-21 00:36:43 +01:00
Michael Schierl e98d510deb Fix incorrect network prefix in Java Meterpreter
Apparently, getNetworkPrefixLength can return -1, which confuses the Ruby
side. Therefore fall back to guessing the prefix in this case, as we do it
for Java <= 1.6.
2013-04-20 23:10:46 +02:00
Meatballs cec737d399 tidy and table header 2013-04-20 18:05:47 +01:00
Meatballs b219a23f00 Refactoring 2013-04-20 18:00:46 +01:00
Meatballs 20849714ac Add all methods 2013-04-20 17:27:32 +01:00
Andras Kabai d26289e05a proper output handling in case of CMD payloads 2013-04-20 17:38:58 +02:00
Andras Kabai d59ba37e6d resize linemax 2013-04-20 17:37:50 +02:00
Meatballs ddaa09edad Added msv 2013-04-20 16:31:45 +01:00
Andras Kabai e36b58169b implement CmbStagerVBS payload execution 2013-04-20 16:37:47 +02:00
Meatballs 83578dec68 Getprivs by default 2013-04-20 14:59:07 +01:00
Andras Kabai 8244c4dcac multiple payload types, different paths to execute payloads 2013-04-20 14:20:30 +02:00
Meatballs a23d7bb66f Add client UI and parse results 2013-04-20 12:20:38 +01:00
Andras Kabai 7b6a784a84 basic payload execution through OS command execution 2013-04-20 13:02:22 +02:00
Andras Kabai 223556a4e6 switch to exploit module environment
switch to Msf::Exploit, change the necessary declarations, start to
change the exploitation process
2013-04-20 12:30:44 +02:00
Andras Kabai cff47771a2 initial commit
the original aux module will be the base of the exploit module
2013-04-20 11:32:05 +02:00
jvazquez-r7 1365dfe68c Add Oracle url 2013-04-20 01:43:14 -05:00
jvazquez-r7 9fca89f70b fix small issues 2013-04-20 01:43:14 -05:00