Commit Graph

35726 Commits (9e5f47e8dca5003d915bbf99cda3782e1b2606f9)

Author SHA1 Message Date
HD Moore b7572d5494 Handle both serialized & unserialized cases on import 2015-09-16 08:11:15 -07:00
Daniel Jensen 7985d0d7cb Removed privesc functionality, this has been moved to another module. Renamed module 2015-09-16 23:29:26 +12:00
Daniel Jensen bdd90655e4 Split off privesc into a seperate module 2015-09-16 23:11:32 +12:00
HD Moore ef043cebc3 Always use the stringified host->address during export 2015-09-16 02:59:11 -07:00
wchen-r7 63bb0cd0ec Add Android Mercury Browser Intent URI Scheme & Traversal 2015-09-16 00:48:57 -05:00
Fernando Arias 382e01d680
Add comments and use run scope on match
MSP-13119
2015-09-15 15:09:26 -05:00
jvazquez-r7 2c9734f178
Add exploit source 2015-09-15 14:54:05 -05:00
jvazquez-r7 4d05c75a8e
Add a bunch of rop chains 2015-09-15 14:47:55 -05:00
jvazquez-r7 24af3fa12e
Add rop chains 2015-09-15 14:46:45 -05:00
Fernando Arias 621af7311c Merge branch 'master' of github.com:rapid7/metasploit-framework into bug/MSP-13119/rework-match-result-creation 2015-09-15 14:35:07 -05:00
Fernando Arias eb479318b1
Use existing run for match result or create a new one if it doesnt exist
MSP-13119
2015-09-15 14:34:44 -05:00
Mo Sadek e911d60195
Land #5967, nil bug fix in SSO gather module 2015-09-15 10:25:50 -05:00
HD Moore b3f754136e Skip WfsDelay when the exploit has clearly failed 2015-09-15 08:04:23 -07:00
William Vu abe65cd400
Land #5974, java_jmx_server start order fix 2015-09-15 01:33:44 -05:00
xistence c99444a52e ManageEngine EventLog Analyzer Remote Code Execution 2015-09-15 07:29:16 +07:00
xistence 7bf2f158c4 ManageEngine OpManager Remote Code Execution 2015-09-15 07:24:32 +07:00
wchen-r7 cda102f07a
Land #5977, Ignore SMB exceptions during fingerprinting 2015-09-14 15:18:36 -05:00
Fernando Arias c7f15ca940
Rework how match results get created
MSP-13119

* Create match result when we create vuln attempt
2015-09-14 12:18:47 -05:00
HD Moore 713ded7ca2 Ignore SMB exceptions during fingerprinting
This fixes smb_version in cases where the remote server throws a Login error
for the default creds (null session).
2015-09-14 09:35:44 -07:00
JT 9e6d3940b3 Update simple_backdoors_exec.rb 2015-09-13 23:30:14 +08:00
Christian Mehlmauer 8ffcdbb3fd
Land #5971, MS15-100 Win Media Center MCL Vuln 2015-09-13 16:59:06 +02:00
wchen-r7 ae5aa8f542 No FILE_CONTENTS option 2015-09-12 23:32:02 -05:00
Daniel Jensen 4e22fce7ef Switched to using Rex MD5 function 2015-09-13 16:23:23 +12:00
xistence 0657fdbaa7 Replaced RPORT 2015-09-13 09:19:05 +07:00
xistence 521636a016 Small changes 2015-09-13 08:31:19 +07:00
jvazquez-r7 0d52a0617c
Verify win32k 6.3.9600.17837 is working 2015-09-12 15:27:50 -05:00
jvazquez-r7 9626596f85
Clean template code 2015-09-12 13:43:05 -05:00
Hans-Martin Münch (h0ng10) 0c4604734e Webserver starts at the beginning, stops at the end 2015-09-12 19:42:31 +02:00
xistence 79e3a7f84b Portmap amplification scanner 2015-09-12 16:25:06 +07:00
wchen-r7 eb018f3d29 No 7zip 2015-09-12 03:07:15 -05:00
jvazquez-r7 ad0140e0fc
Land #5864, @jlee-r7's fixes x64 injection 2015-09-11 16:09:37 -05:00
wchen-r7 01053095f9 Add MS15-100 Microsoft Windows Media Center MCL Vulnerability 2015-09-11 15:05:06 -05:00
William Vu 5f9f66cc1f Fix nil bug in SSO gather module 2015-09-11 02:21:01 -05:00
William Vu a1a7471154
Land #5949, is_root? for remove_lock_root 2015-09-11 02:09:14 -05:00
wchen-r7 f2ccca97e0 Move require 'msf/core/post/android' to post.rb 2015-09-11 01:56:21 -05:00
jvazquez-r7 53f995b9c3
Do first prototype 2015-09-10 19:35:26 -05:00
wchen-r7 017832be88
Land #5953, Add Bolt CMS File Upload Vulnerability 2015-09-10 18:29:13 -05:00
wchen-r7 602a12a1af typo 2015-09-10 18:28:42 -05:00
wchen-r7 94aea34d5b
Land #5965, Show the Shodan error message if no result are found 2015-09-10 17:39:25 -05:00
William Vu 86b9535a50
Land #5944, Nmap parser open|filtered -> unknown 2015-09-10 16:37:42 -05:00
William Vu db7e444ec3
Land #5955, .mailmap cleanup 2015-09-10 16:29:06 -05:00
William Vu 50643c5a8b
Land #5964, Meterpreter for OS X post modules 2015-09-10 16:26:40 -05:00
HD Moore cddf72cd57 Show errors when no results are found 2015-09-10 14:05:40 -07:00
wchen-r7 90ef9c11c9 Support meterpreter for OS X post modules 2015-09-10 15:57:43 -05:00
Roberto Soares 68521da2ce Fix check method. 2015-09-10 04:40:12 -03:00
wchen-r7 5480886927 Do absolute path 2015-09-09 22:00:35 -05:00
wchen-r7 ab1d61d80b Add MSU extractor
If you do patch test/analysis/diffing, you might find this tool
handy. This tool will automatically extract all the *.msu files,
and then you can search for the patched files you're looking for
quickly.

The workflow would be something like this:

1. You download the patches from:
   http://mybulletins.technet.microsoft.com/BulletinPages/Dashboard

2. You put all the *.msu files in one directory.

3. Run this tool: extract_msu.bat [path to *.msu files]

4. The tool should extract the updates. After it's done, you can
   use Windows to search for the file(s) you're looking for.
2015-09-09 21:34:07 -05:00
Roberto Soares 0ba03f7a06 Fix words. 2015-09-09 21:27:57 -03:00
Roberto Soares bc3f5b43ab Removerd WordPress mixin. 2015-09-09 21:26:15 -03:00
James Lee ec3aecbc9d
Land #5958, fix VulnAttempt creation
MSP-13233

Still needs styleguide cleanup.
2015-09-09 18:31:40 -05:00