infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,014 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

13014 Commits (9b3f60291094382bbff28c65805b003254fc2eee)

Author SHA1 Message Date
andurin 9201840d65 Fix broken nessus_safe 
Kudohs to 'freaky clown' for the initial patch
IssueID #6597
 2012-04-07 10:20:55 +02:00
Carsten Maartmann-Moe b2e0acd92a Tidied up the exploit 2012-04-06 20:41:54 -04:00
James Lee bac6bcd6f1 More fingerprints from browsershots 2012-04-06 18:41:14 -06:00
James Lee 31e3eb7d91 Merge branch 'rapid7' into bap-refactor 2012-04-06 18:12:49 -06:00
James Lee bb4e37b7aa Add a few fingerprints. Thanks browsershots.org! 2012-04-06 18:09:19 -06:00
andurin 4e955e5870 replace spaces with tabs 2012-04-06 10:45:10 -05:00
andurin 67e6c7b850 tomcat_mgr_deploy may report successful creds 
Using following code for 'check' as 'exploit':
               report_auth_info(
                       :host   => rhost,
                       :port   => rport,
                       :sname  => (ssl ? "https" : "http"),
                       :user   => datastore['BasicAuthUser'],
                       :pass   => datastore['BasicAuthPass'],
                       :proof  => "WEBAPP=\"Tomcat Manager App\", VHOST=#{vhost}, PATH=#{datastore['PATH']}",
                       :active => true
               )

Resulting in:

Credentials
===========

host           port  user    pass    type      active?
----           ----  ----    ----    ----      -------
192.168.x.xxx  8080  tomcat  s3cret  password  true
 2012-04-06 10:45:10 -05:00
Tod Beardsley 461352f24f Don't need to require net/ftp anymore 
Nothing actually used it anyway.
 2012-04-06 10:35:28 -05:00
andurin 274404716f Show vuln.info on db_vuln command 
IssueID #5837
 2012-04-06 14:47:36 +02:00
sinn3r 56b10d4d23 Merge branch 'CVE-2012-0270_csound_getnum_bof' of https://github.com/juanvazquez/metasploit-framework into juanvazquez-CVE-2012-0270_csound_getnum_bof 2012-04-06 02:28:26 -05:00
sinn3r 68c81e3ae0 Add OSVDB-80661 TRENDnet SecurView ActiveX BoF 2012-04-06 02:26:04 -05:00
Carsten Maartmann-Moe b184a6dc5c Exploit for Snort CVE-2006-5276 on Windows 2012-04-05 19:46:56 -04:00
Tod Beardsley 9c8e6ac9da Ruby 1.8 compat for the SCADA modules. 
But really, you should be using Ruby 1.9 by now.
 2012-04-05 17:05:03 -05:00
Tod Beardsley 14e3cd75dc Revert "tomcat_mgr_deploy may report successful creds" 
This reverts commit 937f8f035a.
 2012-04-05 16:17:06 -05:00
juan 5c6856539e .idea dir deleted 2012-04-05 22:46:43 +02:00
juan 955de5a68c comment fixed 2012-04-05 22:46:13 +02:00
juan c5f73d3d7a added module for CVE-2012-0270_csound_getnum_bof 2012-04-05 22:35:42 +02:00
HD Moore 0f7b08781f Fix regular expression match number 2012-04-05 12:55:54 -05:00
James Lee 585245501a Print an error when trying to open a dir as a file 
Prevents unnecessary stack traces
 2012-04-05 11:49:03 -06:00
James Lee 0c3f1aab77 Tell the user what actually went wrong when migrate.rb fails 2012-04-05 11:49:03 -06:00
sinn3r 03543560b3 Merge pull request #308 from aczid/wmap_autotest_rc_targeting 
Also adding wmap targets by ip
 2012-04-05 10:41:47 -07:00
Tod Beardsley 14d9953634 Adding DigitalBond SCADA modules 2012-04-05 12:35:48 -05:00
James Lee 2c992c976d Cut session info at 80 columns 
Prevents a long "id" line from destroying the layout
 2012-04-05 11:07:42 -06:00
Aram Verstegen b54d786374 Also adding wmap targets by ip in case no websites/vhosts were discovered prior to running the script 2012-04-05 18:20:46 +02:00
Tod Beardsley eb39b5f6aa Msftidy on netop 2012-04-05 10:33:57 -05:00
sinn3r 8628991b1d Merge pull request #305 from jlee-r7/bap-refactor 
Bap refactor
 2012-04-05 08:02:43 -07:00
sinn3r 57b8279c36 Merge pull request #306 from andurin/small_fixes 
tomcat_mgr_deploy may report successful creds
 2012-04-05 08:00:58 -07:00
andurin 175d6650a9 Added new pass for tomcat 
Have seen this in the wild as a example users.xml
 2012-04-05 11:18:41 +02:00
andurin 937f8f035a tomcat_mgr_deploy may report successful creds 2012-04-05 11:09:56 +02:00
James Lee 40ab362e1c Store host details in the target cache 
This allows us to maintain a connection between the client and the
operating system/host where it's running.

Also fixes a counting problem for modules actually started.
 2012-04-05 01:33:07 -06:00
James Lee 778fed9a19 Put things in the right namespace 2012-04-05 01:22:27 -06:00
James Lee 0ddfa79a34 Move javascriptosdetect out to its own file 
Allows editors to easily highlight correctly which makes editing a
little nicer. Also makes it easier to debug because line numbers are
only off by the length of the custom_js argument.
 2012-04-04 17:07:17 -06:00
sinn3r 57c22a50fa Merge pull request #296 from allfro/patch-1 
rpc_loots method uses the wrong iteration variable ('n' instead of 'l')
 2012-04-04 13:58:18 -07:00
sinn3r 7503bc96f0 Apply aczid's patch for wmap_autotest.rc 2012-04-04 15:40:48 -05:00
Michael Schierl 1d56ffe225 Update javapayload and java meterpreter 
* Add support for hashing commands (stdapi_fs_md5 and sha1)
* Replace MTU detection with the Proper Java Way

Squashed commit of the following:

commit 0207b6e2e0c0eb55c7c5f04bd3008f674f6239ad
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 22:02:15 2012 +0100

    add support for stdapi_fs_{md5|sha1} commands

commit a187e7bc79f8d89e66df8d3a3f892c6dce10307b
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 20:32:03 2012 +0100

    update binaries

commit 0fc553bdac76cc8997fc581141483a3efbdefdfc
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 20:29:48 2012 +0100

    Add support to Java Meterpreter for multiple addresses on same interface

    For more information, see https://dev.metasploit.com/redmine/issues/6476

    Tested with Java 1.4, 1.5, 1.6, 1.7.

commit fc6dba99fe0b13bf8837ed7a699c5dbad35100e6
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 16:55:15 2012 +0100

    Fix Eclipse warnings

commit 4168d025507c1ecfbc50164cfc7f25f3f222b0ab
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 16:29:37 2012 +0100

    Update pretty-printing of unsupported command TLVs

    This adds the TLVs added by commit fbc8e25aaa to the pretty-printer.

commit 4a9335abdabb1b8a7741c5ec67852d7c5d552d6b
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 16:17:25 2012 +0100

    Un-ghetto Java Meterpreter MTU determination

    This splits the change from commit 14dfcce63a into a 1.6-specific and a 1.4-specific implementation (the latter being empty).

    Tested with Java 1.4, 1.5, 1.6, 1.7.

commit 968edd210ed68ba4974f051e280d90f0151df222
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 15:52:46 2012 +0100

    update .gitignore to ignore IDE generated files in JavaPayload projects

commit 86111625bee318411cf43da7706d37ce5d7045c5
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 15:49:58 2012 +0100

    synchronize stages with upstream JavaPayload

commit 2360f2e6eb8703ae762868678ac952203be35d93
Author: Michael Schierl <schierlm@gmx.de>
Date:   Sat Mar 24 15:39:58 2012 +0100

    remove unused stages

[Closes #270]
 2012-04-04 09:56:07 -06:00
James Lee 32654b3578 Whitespace at EOL 2012-04-04 09:41:50 -06:00
James Lee 6ad0f41479 Add the client to output 2012-04-03 18:27:16 -06:00
James Lee 974d95b175 Both of these are obsoleted by java_atomicreferencearray 2012-04-03 18:23:42 -06:00
James Lee 893430894e Tell the user how many sploits we've picked 2012-04-03 18:22:56 -06:00
James Lee e901f9cc50 Add a couple of fingerprints and sort some 
This is in terrible need of some more crowd-sourced fingerprint
gathering.
 2012-04-03 18:18:32 -06:00
sinn3r 662e28f0ab Merge branch 'netop' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-netop 2012-04-03 15:40:11 -05:00
allfro bed6e06e0a Error in tag. Should be :updated_at instead of :modified_at. 2012-04-03 14:52:45 -03:00
sinn3r c79060915a Add Chap0's netop exploit 2012-04-03 11:51:58 -05:00
James Lee 32b1e22d25 Revert "Update packetfu to 1.1.4" 
This reverts commit 24e6131ad7.
 2012-04-03 10:28:22 -06:00
James Lee 04858220f2 Don't read in the whole pcap file when importing 
Still not amazingly fast (about 500 packets per second in my tests), but
now it won't eat all your ram and start crashing things when given a
large file. Requires an upgrade to PacketFu containing pull request 5.
 2012-04-03 10:22:36 -06:00
allfro 60fa58c9cf rpc_loots method uses the wrong iteration variable ('n' instead of 'l') for service.port and service: 
n.service.port should be l.service.port
n.service should be l.service
 2012-04-03 13:10:10 -03:00
sinn3r 1d0ac93d9d Merge branch 'netop' of https://github.com/chap0/metasploit-framework into chap0-netop 2012-04-03 01:03:13 -05:00
Tod Beardsley 5f2baceaec Merge pull request #294 from brandonprry/registry_fixes 
reg.rb misc fixes

Mostly typos and type sanity
 2012-04-02 19:47:06 -07:00
Brandon Perry 4a3d2a18de hard tabs 2012-04-02 21:42:51 -05:00
Brandon Perry a4d9e59934 silly registry typos 2012-04-02 21:33:01 -05:00