infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
32,355 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

8138 Commits (98c95104daf769366d2c596ccfc7a90bc52e2796)

Author SHA1 Message Date
William Vu 56dc7afea6
Land #5068, @todb-r7's module author cleanup 2015-04-03 16:00:36 -05:00
jvazquez-r7 828301a6cc
Land #5050, @wchen-r7's exploit for Solarwinds Firewall Security Manager 
* CVE-2015-2284
 2015-04-03 13:45:30 -05:00
jvazquez-r7 7c9b19c6f8
Do minor cleanup 2015-04-03 11:53:50 -05:00
scriptjunkie 0f7c644fff
Land #4784, JBoss Seam 2 upload exec exploit 2015-04-02 22:32:35 -05:00
Tod Beardsley 3ff91d74ca
More cleanup, mostly abysssec 
[See #5012]
 2015-04-02 16:16:38 -05:00
Tod Beardsley 11057e5b3b
Fix up the last couple from Tenable, missed last 
[See #5012]
 2015-04-02 15:27:46 -05:00
Tod Beardsley 4bbec88882
Various other one-off nonhuman author credits 
[See #5012]
 2015-04-02 15:25:47 -05:00
Tod Beardsley 6532fad579
Remove credits to Alligator Security Team 
All but one of these modules credits both a team name and individual
team members. We should just be crediting team members. The domain
persists in all the other credits.

The one that didn't was credited to dflah_ specifically, so merely
changed the author name.

Longer description, if needed, wrapped at 72 characters.

[See #5012]
 2015-04-02 15:12:22 -05:00
Tod Beardsley b17727d244
Switching to privileged => false 2015-04-01 14:35:45 -05:00
Tod Beardsley 0825534d2c
Fix reference 2015-04-01 14:16:45 -05:00
Tod Beardsley 8ec71e9daf
Add a module for R7-2015-05 2015-04-01 14:05:41 -05:00
sinn3r 0b14a18ad2 This is final 2015-04-01 12:00:49 -05:00
sinn3r 0ee858cd65 Some useful messages 2015-04-01 01:41:31 -05:00
sinn3r 8ad07cdc0f This should be on the right track 2015-04-01 01:27:50 -05:00
sinn3r 6795c90eac Some progress 2015-03-31 20:46:34 -05:00
sinn3r 97305629cb Add Solarwinds FSM module 
starter
 2015-03-31 16:21:52 -05:00
sinn3r 8ea1ffc6ff
Land #5030, CVE-2015-0313 Flash Exploit 2015-03-30 11:31:53 -05:00
h00die 28b9e89963 removed duplicate "uses" from description 2015-03-29 19:40:31 -04:00
William Vu ef8c0aac69
Land #5020, spelling fixes for some modules 2015-03-28 00:36:04 -05:00
jvazquez-r7 f84a46df63
Add module for CVE-2015-0313 2015-03-27 18:51:13 -05:00
sinn3r 9cfafdd8b8
Land #4649, improve post/windows/manage/run_as and as an exploit 2015-03-27 17:31:30 -05:00
C-P 4f4bf9debb paylod vs payload 2015-03-27 11:55:15 -07:00
C-P 0a8fe781d1 paylod vs payload 2015-03-27 11:54:14 -07:00
C-P 5ba614a325 payloda vs payload 2015-03-27 11:53:20 -07:00
C-P 2d81460583 Explot vs Exploit 2015-03-27 11:37:11 -07:00
C-P f129347b51 Filed vs Failed fix 2015-03-27 11:28:50 -07:00
C-P 48484c1f09 Filed vs Failed fix 2015-03-27 11:27:36 -07:00
sinn3r 955c0557e0
Land #4988, Relative URL for ms14_064_ole_code_execution 2015-03-26 13:36:37 -05:00
jvazquez-r7 d84c48cb7d
Use newer hash syntax 2015-03-25 13:39:34 -05:00
jvazquez-r7 72a0909e9b
Land #4992, @wchen-r7's support for multiple ActiveX controls on BrowserExploitServerMerge 2015-03-25 13:30:36 -05:00
Tod Beardsley 49a6057f74
Grammaring harder 2015-03-24 11:10:36 -05:00
William Vu 7c456f2ad8
Land #4993, ams_xfr "payload_exe" NameError fix 2015-03-24 00:51:49 -05:00
sinn3r 8255e7a2dc Fix #4987 - undef payload_exe for ams_xfr 
Fix #4987
 2015-03-24 00:42:22 -05:00
William Vu 3dac6377d0
Fix #4983, bad copy pasta'd deprecation year 2015-03-24 00:34:54 -05:00
William Vu fadac30f00 Fix deprecated year 2015-03-24 00:34:38 -05:00
William Vu 6353154865
Land #4983, renamed WordPress modules 2015-03-23 23:49:40 -05:00
William Vu e338b77389 Readd and deprecate renamed WordPress modules 2015-03-23 23:48:56 -05:00
sinn3r db243a8225 x360_video_player_set_text_bof actually uses SetText for ActiveX 2015-03-23 23:36:20 -05:00
sinn3r 3248f02c2c These exploits use :activex, so I update the usage for them 2015-03-23 19:34:24 -05:00
andygoblins 89e27d98ab Use relative URL to GET payload for WinXP 
Relative URLs are simpler, and allow the exploit to work on attack machines in NAT environments. Example: attack machine is NATed and does not have a DNS hostname. SRVHOST must be 0.0.0.0 but the victim cannot access the attacker from Rex::Socket.source_address
 2015-03-23 14:40:06 -05:00
Tod Beardsley 21a97c0926
Add exploit for R7-2015-04, Firefox Proxy RCE 2015-03-23 13:44:41 -05:00
sinn3r 156520338d Making some changes to how BES handles ActiveX 2015-03-23 12:21:27 -05:00
aushack b191f92713 Renamed WordPress files to fit majority naming convention. 2015-03-23 18:15:04 +11:00
jvazquez-r7 2d1adf6ef4
Land #4923, @m-1-k-3's exploit for overflow on belkin routers 2015-03-22 02:05:35 -05:00
jvazquez-r7 ee74bb3c5b
The default concat operator should be ok 2015-03-22 02:05:02 -05:00
jvazquez-r7 5499b68e02
Do code cleanup 2015-03-22 01:58:32 -05:00
William Vu 07b82ec640
Land #4974, minishare_get_overflow WfsDelay change 2015-03-20 18:55:58 -05:00
William Vu 859b54f8a3
Land #4956, Qualys' Exim GHOST module 2015-03-20 18:44:30 -05:00
Adam Ziaja 921b9eab8e Update minishare_get_overflow.rb 
set WfsDelay 30
 2015-03-20 23:42:54 +01:00
Adam Ziaja 505ecd32fb Update minishare_get_overflow.rb 
Windows 2003 SP1 English, Windows 2003 SP2 English
 2015-03-20 23:09:50 +01:00