infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,014 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

13014 Commits (9b3f60291094382bbff28c65805b003254fc2eee)

Author SHA1 Message Date
sinn3r 93134e6fd2 Change default target 2012-04-19 21:17:19 -05:00
unknown 47ecd36805 Implemented Changes suggested by wchen-r7 (sinn3r) 2012-04-19 21:17:19 -05:00
unknown feb625cab0 Updated module 2012-04-19 21:17:19 -05:00
unknown 8caec4777f TFTPserverST addition 2012-04-19 21:17:18 -05:00
Tod Beardsley d33cd386a8 Merge pull request #340 from rsmudge/armitage 
fix a compatability issue with latest msf changes.
 2012-04-19 17:50:43 -07:00
Alexander Klink 8c06e0d46e Squashed commit of the following: 
commit 5c82f0acade617d8314858170752c498eac4b4fb
Author: Alexander Klink <git@alech.de>
Date:   Thu Apr 19 20:57:21 2012 +0200

    pdf2xdp.rb script to convert PDF file to XDP format

    XDP is an equivalent format for PDF, but is pretty useful in evading AV
    software.

    See
    https://www.metasploit.com/redmine/issues/3679
    http://shiftordie.de/blog/2011/02/09/evading-avs-using-the-xml-data-package-xdp-format/

[Closes #345]
 2012-04-19 18:27:18 -06:00
sinn3r 93390fa6e2 Fix metadata and some cosmetic stuff 2012-04-19 19:12:27 -05:00
sinn3r bce6c9abcf Verify checksum to avoid jumping to a corrupt payload 2012-04-19 18:52:43 -05:00
sinn3r ae7c2acf9d Merge branch 'xradio-exploit-module' of https://github.com/b0telh0/metasploit-framework into b0telh0-xradio-exploit-module 2012-04-19 18:09:20 -05:00
sinn3r 9a00823828 Merge branch '0a2940-CVE-2008-5499_adobe_flashplayer_aslaunch' 2012-04-19 18:08:22 -05:00
sinn3r f5e8f57497 Minor fixes 2012-04-19 18:07:35 -05:00
James Lee 06b3ed2e13 Add with_connection wrappers to the methods I missed 2012-04-19 15:45:23 -06:00
James Lee 876c59b192 Make use of the new ActiveRecord 3.x concurrency contract 
All Database usage must go through framework.db (which should have been
the case before, anyways) or explicitly checkout and checkin a
connection.  Failure to do so causes thread starvation and bizarre
random failures when attempting to use the database.

This commit also explicitly releases database connections at the end of
all threads created via framework.threads.spawn, which should alleviate
Deprecation Warning messages from ActiveRecord.

[Fixes #6613]
 2012-04-19 14:21:21 -06:00
sinn3r 8d1d63dda8 Correct OSVDB reference, thanks modpr0be 2012-04-19 12:04:11 -05:00
sinn3r 45997b8dd4 Fix typos 2012-04-19 10:54:05 -05:00
sinn3r 37f4e7b3b9 Fix bug #6714, thanks Scott 2012-04-19 10:22:31 -05:00
Tod Beardsley 8edf3fc8bd Service info shouldn't be blanked if it exists. 
Check service.info at the end of reporting a service instead of the
beginning. This will preserve an existing service info in the event
we're re-reporting a service.

[See #6701]
 2012-04-19 09:47:41 -05:00
Tod Beardsley ce3d98bc88 vcms_login.rb description 2012-04-19 07:44:28 -05:00
sinn3r 5fde6b759f Add VCMS brute-force module 2012-04-19 02:25:03 -05:00
sinn3r 81b6e76619 Correct CVE/OSVDB/BID references, thanks Chad. 2012-04-19 00:24:56 -05:00
sinn3r 946ab1514e Correct module naming style 2012-04-18 20:45:25 -05:00
sinn3r 1065111817 Correct TARGETURI description 2012-04-18 18:57:37 -05:00
sinn3r 7071c30b4b These modules don't really print anything out with print_status(), which makes it weird to look now that we've implemented egypt's output style changes 2012-04-18 16:07:41 -05:00
sinn3r 0e45b6c06c Avoid printing ip:port twice 2012-04-18 16:01:10 -05:00
James Lee 1f577b24b2 Merge branch 'rapid7' into http-print-standardization 2012-04-18 08:51:42 -06:00
sinn3r f3ebe284ca Minor cosmetic changes 2012-04-18 02:38:25 -05:00
sinn3r 15539c633b Merge branch 'chap0-gsm' of https://github.com/chap0/metasploit-framework into chap0-chap0-gsm 2012-04-18 02:32:42 -05:00
sinn3r e52f40daf1 Cosmetic changes 2012-04-18 02:25:43 -05:00
sinn3r 01beddc609 Merge branch 'cyberlink' of https://github.com/mrmee/metasploit-framework into mrmee-cyberlink 
Conflicts:
	modules/exploits/windows/fileformat/cyberlink_p2g_bof.rb
 2012-04-18 02:03:59 -05:00
sinn3r 862869e4f2 Strip ms03_020_ie_objecttype from Browser AutoPwn because: 
1. We have newer browser modules that can replace it, and already do.
2. It uses an egghunter that we don't favor in BAP
3. It uses system addresses, which we no longer favor.
 2012-04-17 22:26:14 -05:00
sinn3r 120f2e5795 Merge pull request #341 from jlee-r7/bap-refactor 
Fix an issue where ie_createobject and others weren't getting tried
 2012-04-17 20:14:20 -07:00
James Lee a2dc890cfa Don't puke if the connection came from localhost 2012-04-17 19:49:42 -06:00
James Lee f9b2fe89b2 Merge branch 'rapid7' into http-print-standardization 
Conflicts:
	modules/exploits/windows/browser/apple_quicktime_marshaled_punk.rb
	modules/exploits/windows/browser/apple_quicktime_rtsp.rb
	modules/exploits/windows/browser/apple_quicktime_smil_debug.rb
 2012-04-17 19:15:06 -06:00
James Lee afe28523f3 Puts testAXO() on window so we can access it from anywhere 
Also uses the new :method property which allows an array syntax.  See
ie_createobject for a usage example.
 2012-04-17 18:54:26 -06:00
James Lee f9a48ace48 Switch to using :method, see previous commit 2012-04-17 18:48:14 -06:00
James Lee 741de34d92 Add a :method property for autopwn_info 
Replaces the previous overloading of :vuln_test
 2012-04-17 18:32:11 -06:00
James Lee eedf4520be Merge branch 'rapid7' into bap-refactor 2012-04-17 16:20:11 -06:00
James Lee c83f2460c5 Use framework's db wrapper instead of Mdm directly 2012-04-17 16:12:25 -06:00
sinn3r 0fccc67774 Add MS12-004 to BAP 2012-04-17 16:40:32 -05:00
sinn3r 02c3b7df7a 'cli' should be 'client' 2012-04-17 07:13:17 -05:00
sinn3r 1a0c8e5d42 'cli' should be 'client' 2012-04-17 07:12:08 -05:00
sinn3r dd7caa5186 'cli' should be 'client' 2012-04-17 07:10:32 -05:00
Tod Beardsley 2aba65f82d Fixes importing metasploit.xml exports with tags. 
New Rails3 magic now actually exercised.
 2012-04-17 01:06:40 -05:00
James Lee c3a86eef66 Declare warn_about_rubies as a class method 
Since that's how it's being called.  Also, define it before calling it.
 2012-04-16 23:25:04 -06:00
James Lee 3116f66d4d MDM update 
[Fixes #6649]
 2012-04-16 23:22:57 -06:00
Raphael Mudge db02a8f582 fix a compatability issue with latest msf changes. 2012-04-17 01:04:12 -04:00
James Lee cdd130d7ad Fix an overzealous refactoring change 
::Mdm::Export doesn't exist, Export is a utility class under
::Msf::DBManager.

[Fixes #6647]
 2012-04-16 21:53:05 -06:00
HD Moore 12102b9adc Close any open connections if the thread happens to have one when it finishes. 
Partial bandaid for new AR pool mgmt methods
 2012-04-16 21:50:26 -05:00
Tod Beardsley 362e80dc41 Warn about incompatible Rubies. 
Also encourage users to use RVM to upgrade, because RVM is the
awesomest.
 2012-04-16 21:13:31 -05:00
Tod Beardsley 27ed06f8e0 Use an exponential function for session grabbing 
Ensures that the retries have a backoff time, not just 10 half second
pauses. Makes for a more forgiving environment for post modules.

[See #6638]
 2012-04-16 20:56:55 -05:00