e966545e08
Fix mask
2015-07-29 09:13:37 -05:00
38e952ba07
Python -> Ruby
2015-07-29 10:55:28 +01:00
c46ce6c391
Land #5780 , password_prompt fix for Telnet scanner
2015-07-28 17:54:43 -05:00
2415072c17
Replaced 'and' with '&&'
2015-07-28 14:14:25 -05:00
ee5e5b1e71
Fixed NoMethodError for .match on nil
2015-07-28 09:03:54 -05:00
7681d73e01
Relocate Webarchive into the Exploit namespace, fixes #5717
2015-07-28 04:11:17 -07:00
e53419a911
use password_prompt? not @password_prompt
2015-07-27 19:21:59 -05:00
ab7ffb1a08
Fich cachedump
2015-07-27 17:26:53 -05:00
704c8cadd9
Fix lsa_secrets
2015-07-27 16:19:01 -05:00
768de00214
Automatically pass arch & platform from cmdstager
...
This allows the cmdstager mixin to automatically pass the arch
and platform information without changing the modules. This should
address the following tickets:
Fix #5727
Fix #5718
Fix #5761
2015-07-27 14:17:21 -05:00
bf6975c01a
Fix #4558 by restoring the old wmicexec
2015-07-27 14:04:10 -05:00
2d0a26ea8b
Land #5774 , Fix URIPATH=/ and stack trace on missing ntdll version match
2015-07-25 17:54:49 -05:00
a7b5890dc5
Fix URIPATH=/ and stack trace on missing ntdll version match
2015-07-25 15:39:20 -07:00
4561241609
updates per @jvazquez-r7 comments
2015-07-24 20:34:40 -04:00
347f48b0ec
Land #5762 , adjust PHP stager to work in and outside of eval()
2015-07-24 17:43:26 -05:00
c30127cfe8
Land #5729 , add user-agent list, MeterpreterUserAgent derives from this
...
Later PRs will convert modules to use this. A random user agent might be nice
for meterpreter actually.
2015-07-24 17:39:30 -05:00
e231664b97
Land #5746 , @pedrib's Fix sysaid rdslogs file upload on Linux
2015-07-24 16:15:13 -05:00
2c9183fa56
Return check code
2015-07-24 16:14:43 -05:00
18636e3b9b
Land #5739 , @wchen-r7 fixes #5738 updating L/URI HOST/PORT options
2015-07-24 15:45:31 -05:00
a163606513
Delete unused SLEEP option
2015-07-24 15:29:56 -05:00
1b1ac09d2a
Merge to solve conflicts
2015-07-24 15:24:29 -05:00
ec7bf606c6
Land #5735 , @rcvalle's for CVE-2015-1793 OpenSSL mitm
2015-07-24 14:38:27 -05:00
45b4334006
Use Rex::Socket::SslTcpServer
...
* Also add rex sockets managing
2015-07-24 11:16:09 -05:00
eb8f5c0880
Land #5771 , moved vmessage nil fix
2015-07-24 11:03:45 -05:00
10783d60cd
Land #5763 , generate_payload_exe merged opts fix
2015-07-24 10:56:29 -05:00
866a99ed07
This is better
2015-07-23 20:51:21 -05:00
f5387ab3f2
Fix #5766 , check res for send_request_raw
...
Fix #5766
2015-07-23 20:49:18 -05:00
8bead5fde2
Modate update on using metasploit-credential
...
Update some more modules to usethe new cred API.
Also, make sure to always provide proof because that seems handy.
2015-07-23 18:07:19 -05:00
218201b925
Land #5767 , @todb-r7's fix for ZDI reference
2015-07-23 17:28:53 -05:00
4dd2c31b44
Land #5760 , Sticky Keys post module
2015-07-23 17:12:31 -05:00
06ed7ba574
Add a comma
2015-07-23 17:12:17 -05:00
e32b3c71f4
Fix ZDI ref on sandbox escape module
2015-07-23 17:11:19 -05:00
ebdbb179ce
Last of the style fixes
2015-07-24 08:09:25 +10:00
db7fadfc36
Fix indentation
2015-07-24 08:08:01 +10:00
616e1ddd68
Change enum to action, a couple of tidies
2015-07-24 08:01:58 +10:00
a818dc4460
Land #5657 , misc fixes to domain_hashdump
2015-07-23 16:58:46 -05:00
e60f590f09
Add DisplaySwitch.exe support with WINDOWS+P
...
As per @mubix's request.
2015-07-24 07:20:31 +10:00
91fc213ddf
More metasploit-credential update
2015-07-23 15:50:50 -05:00
50c9293aab
Land #5758 , OS X DYLD_PRINT_TO_FILE privesc
2015-07-23 13:21:23 -05:00
c1a9628332
Fix some fixes
...
So you can fix while you fix.
2015-07-23 12:59:20 -05:00
6ededbd7a7
Un-ticking the output
2015-07-23 12:23:56 -05:00
9d8dd2f8bd
FIxup pr #5758
2015-07-23 12:21:36 -05:00
6720a57659
Fix #5761 , pass the correct arch and platform for exe generation
...
Fix #5761
2015-07-23 01:34:44 -05:00
728e9b19ec
Update payload cached sizes
2015-07-23 15:15:13 +10:00
1dd765d6e6
Remove trailing spaces
2015-07-23 13:17:34 +10:00
0f2692f24f
Fix up silly mistake with `fail_with`
2015-07-23 13:14:35 +10:00
691b13ebd8
Add the sticky_keys module
2015-07-23 12:53:47 +10:00
50074c4617
Fix typo .blank to .blank?
2015-07-22 09:05:16 -05:00
4561850055
Use metasploit-credential API instead of report_auth_info
2015-07-22 01:11:43 -05:00
165cb195bf
Remove python dependency, add credit URL.
2015-07-21 22:48:23 -05:00
3013ab4724
Add osx root privilege escalation.
2015-07-21 21:50:55 -05:00
121fe1adda
Land #5654 : Python Meterpreter Transport
2015-07-22 10:39:06 +10:00
d3f31fb56a
Fix msftidy results
2015-07-21 21:29:44 +01:00
55be2eff06
Replace return with fail_with
2015-07-21 21:25:42 +01:00
928c82c96e
Land #5745 , undefined variable "rop" fix
2015-07-21 11:01:49 -05:00
52e4f45ecd
Use the new thing in wlan_geolocate
2015-07-20 20:24:07 -05:00
d6e12d431f
Style and whitespace
2015-07-20 19:40:25 -05:00
6a9c934c54
Resolve conflict
2015-07-20 18:44:17 -05:00
1e17ac4ec7
Use the cred API correctly
2015-07-20 18:40:48 -05:00
cadb03bac0
Fix my own blasted typo, ty @wvu-r7
2015-07-20 17:14:34 -05:00
2052b4ef56
Fixed the HT leak attribution a little
2015-07-20 16:36:47 -05:00
f7c11d0852
More cleanups
...
Edited modules/exploits/multi/browser/adobe_flash_hacking_team_uaf.rb
first landed in #5678 , adobe_flash_hacking_team_uaf.rb
Edited
modules/exploits/multi/browser/adobe_flash_opaque_background_uaf.rb
first landed in #5698 , Adobe Flash CVE-2015-5122 opaqueBackground
Edited modules/exploits/multi/http/sysaid_auth_file_upload.rb first
landed in #5471 , @pedrib's module for SysAid CVE-2015-2994
Edited modules/exploits/multi/http/sysaid_rdslogs_file_upload.rb first
landed in #5473 Correct spelling of sysaid module
2015-07-20 16:29:49 -05:00
f94fe3cefd
More correct URL, not just a bare wiki link
...
Edited modules/auxiliary/server/browser_autopwn2.rb first landed in
2015-07-20 16:23:29 -05:00
ab6204ca2e
Correct spelling of sysaid module
...
First landed in #5473 .
2015-07-20 16:21:50 -05:00
4cacbcc4f7
Minor fixups on sysaid modules
...
Edited modules/auxiliary/admin/http/sysaid_file_download.rb first landed
in #5472 , @pedrib's module for SysAid CVE-2015-2996 and CVE-2015-2997
Edited modules/auxiliary/admin/http/sysaid_sql_creds.rb first landed in
2015-07-20 16:19:21 -05:00
c63fdad1f1
Add URL reference
2015-07-20 18:15:17 +01:00
f1a909c292
Add WP All In One Migration export module
2015-07-20 18:13:32 +01:00
3fe165a265
Remove whitespace at the end
2015-07-18 20:18:34 +01:00
70a2247941
Pick target is not needed...
2015-07-18 20:12:49 +01:00
7483e77bba
Fix Linux target by trying again if exploit fails
2015-07-18 20:12:13 +01:00
29defc979b
Fix #5740 , remove variable ROP for adobe_flashplayer_flash10o
2015-07-17 16:57:37 -05:00
7113c801b1
Land #5732 , reliability update for adobe_flash_hacking_team_uaf
2015-07-17 16:43:39 -05:00
837eb9ea38
Land #5742 , better quality coverage for adobe_flash_opaque_background_uaf
2015-07-17 16:25:14 -05:00
f77f7d6916
Bump rank
2015-07-17 16:23:27 -05:00
0bd1dc017e
Update coverage information
2015-07-17 16:23:00 -05:00
115fb04be0
Land #5730 , port killav script as a post module
2015-07-17 13:47:58 -05:00
425a9dc266
credit OJ
2015-07-17 13:47:17 -05:00
663bcbe53b
Avoid checking these system process names
2015-07-17 13:46:02 -05:00
454dd59da8
Add vuln discoverers
2015-07-17 13:37:30 -05:00
29718ce4e1
Land #5474 , @pedrib's module for sysaid CVE-2015-2996 and CVE-2015-2998
...
* sysaid SQL database cred disclosure
2015-07-17 12:36:48 -05:00
a54b58fc24
Fix port parsing and cleanup
2015-07-17 12:34:46 -05:00
4e6b00fe31
Land #5473 , @pedrib's exploit for Sysaid CVE-2015-2994
...
* sysaid rdslogs arbitrary file upload
2015-07-17 12:10:40 -05:00
00adbd7f64
Fix quotes
2015-07-17 12:09:54 -05:00
57c4a3387b
Fix paths for windows and cleanup
2015-07-17 12:09:18 -05:00
869ac87b64
Land #5472 , @pedrib's module for SysAid CVE-2015-2996 and CVE-2015-2997
...
* SysAid arbitrary file download
2015-07-17 11:46:00 -05:00
9ac1688eb1
Do code cleanup
2015-07-17 11:45:28 -05:00
46ffb97c1c
Land #5471 , @pedrib's module for SysAid CVE-2015-2994
...
* sysaid arbitrary file upload
2015-07-17 11:27:22 -05:00
309a86ec57
Do code cleanup
2015-07-17 11:26:54 -05:00
787c0e2c41
Land #5470 , @pedrib's module for SysAid CVE-2015-2993
...
* SysAid Help Desk Administrator Account Creation
2015-07-17 11:09:08 -05:00
ca38fc5518
Update description
2015-07-17 11:08:28 -05:00
255d8ed096
Improve adobe_flash_opaque_background_uaf
2015-07-16 14:56:32 -05:00
449c751521
Add missing info
2015-07-16 09:36:18 -07:00
8d0e34dbc0
Resolve #5738 , make the LHOST option visible
...
Resolve #5738
2015-07-16 11:00:15 -05:00
e1b1db9f88
Fix stupid typo
2015-07-16 23:03:49 +10:00
5d6c15a43d
Add openssl_altchainsforgery_mitm_proxy.rb
...
This module exploits a logic error in OpenSSL by impersonating the
server and sending a specially-crafted chain of certificates, resulting
in certain checks on untrusted certificates to be bypassed on the
client, allowing it to use a valid leaf certificate as a CA certificate
to sign a fake certificate. The SSL/TLS session is then proxied to the
server allowing the session to continue normally and application data
transmitted between the peers to be saved. This module requires an
active man-in-the-middle attack.
2015-07-15 22:36:29 -07:00
986463e489
Fix killav post module, handle errors, better output
2015-07-16 11:35:01 +10:00
2735c035b5
fixed issues as requested.
...
fixed.
2015-07-15 20:36:19 -04:00
579fb5fb1f
Fixed
...
Fixed
2015-07-15 20:09:42 -04:00
c762e9e8d6
Fixed as requested.
...
I added the possibility to read from file, instead of modifying the module each time.
2015-07-15 20:02:18 -04:00
b504f0be8e
Update adobe_flash_hacking_team_uaf
2015-07-15 18:18:04 -05:00
7520bc9a8a
Exported Killav into a post-exploitation module
...
I was unsure if this was the place to send the update.
2015-07-15 14:04:37 -04:00
ea4a7d98b9
Land #5728 , Arch specification for psexec
2015-07-15 15:36:27 +00:00
886ca47dfb
Land #5650 , @wchen-r7's browser autopwn 2
2015-07-15 10:21:44 -05:00
b31c637c1b
Land #5533 , DSP-W110 cookie command injection
2015-07-15 11:22:33 +02:00
21375edcb2
final cleanup
2015-07-15 11:21:39 +02:00
b6e25506d0
Add a common user agent list, use the shortest for Meterpreter
2015-07-15 13:03:47 +10:00
4f8f640189
Rename autopwnv2 to just autopwn2
2015-07-14 17:38:51 -05:00
a7d866bc83
specify the 'Arch' values that psexec supports
2015-07-14 15:45:52 -06:00
8384be6466
Fix rand_text_alpha and bump max exploit count to 21
2015-07-14 01:02:01 -05:00
a2bdd0bab9
Land #5541 , add more compat fixed-cmd 64-bit BSD payloads
...
Merge branch 'land-5541-bsd-shellcode' into upstream-master
2015-07-13 21:01:55 -05:00
57f62ffa76
changed URI to TARGETURI as per comments
2015-07-13 20:18:45 -04:00
07d05828d0
Land #5688 , remove msfcli
2015-07-13 15:27:38 -05:00
0a5119a4ac
Land #5702 , vprint_* optional parameter
2015-07-13 18:47:22 +00:00
53bcee011b
Land #5709 , s/Filed/Failed/ typo fixes
2015-07-13 18:37:46 +00:00
405261df4f
Land #5710 , php_wordpress_total_cache removal
...
Deprecated.
2015-07-13 18:33:12 +00:00
3feef639b9
Land #5711 , php_wordpress_optimizepress removal
...
Deprecated.
2015-07-13 18:32:37 +00:00
6e12cbf98f
Land #5712 , php_wordpress_lastpost removal
...
Deprecated.
2015-07-13 18:31:31 +00:00
dd188b1943
Land #5713 , php_wordpress_infusionsoft removal
...
Deprecated.
2015-07-13 18:31:01 +00:00
ecca1c29f2
Land #5714 , php_wordpress_foxypress removal
...
Deprecated.
2015-07-13 18:30:28 +00:00
e4e9ac9d28
Remove cold_fusion_version, use coldfusion_version instead
...
Please use auxiliary/scanner/http/coldfusion_version instead.
2015-07-13 12:56:46 -05:00
4960e64597
Remove php_wordpress_foxypress, use wp_foxypress_upload
...
Please use exploit/unix/webapp/wp_foxypress_upload instead.
2015-07-13 12:53:34 -05:00
dfbeb24a8f
Remove php_wordpress_infusionsoft, use wp_infusionsoft_upload
...
Please use exploit/unix/webapp/wp_infusionsoft_upload instead.
2015-07-13 12:51:48 -05:00
b80427aed2
Remove php_wordpress_lastpost, use wp_lastpost_exec instead.
...
Please use exploit/unix/webapp/wp_lastpost_exec instead
2015-07-13 12:49:27 -05:00
90cc3f7891
Remove php_wordpress_optimizepress, use wp_optimizepress_upload
...
Please use exploit/unix/webapp/wp_optimizepress_upload instead.
2015-07-13 12:45:39 -05:00
4177cdacd6
Remove php_wordpress_total_cache, please use wp_total_cache_exec
...
The time is up for exploit/unix/webapp/php_wordpress_total_cache,
please use exploit/unix/webapp/wp_total_cache_exec instead.
2015-07-13 12:41:29 -05:00
884b779b36
Land #5593 , CVE-2015-1155 Safari file:// Redirection Sandbox Escape
2015-07-13 11:28:39 -05:00
6a5645d747
Changed "Filed" to "Failed" in multiple files
2015-07-13 11:21:20 -05:00
d1f23c54c7
Changed Filed to Failed on line 43 in java_rmi_registry.rb
2015-07-13 10:33:15 -05:00
e638d85f30
Merge branch 'upstream-master' into bapv2
2015-07-12 02:01:09 -05:00
8819674522
updated per feedback from PR
2015-07-11 21:03:02 -04:00
d795b2f831
Module cleanup
2015-07-11 19:40:21 +01:00
14d0d456f4
Fix FileZilla perm loot bug
2015-07-11 19:11:59 +01:00
c92d0d9df6
Fix FileZilla Server
2015-07-11 18:14:55 +01:00
f7ce6dcc9f
We agreed to Normal
2015-07-11 02:07:18 -05:00
0ff7333090
Lower the ranking for CVE-2015-5122
...
As an initial release we forgot to lower it.
2015-07-11 02:05:56 -05:00
1289ec8863
authors
2015-07-11 01:38:21 -05:00
6eabe5d48c
Update description
2015-07-11 01:36:26 -05:00
54fc712131
Update Win 8.1 checks
2015-07-11 01:33:23 -05:00
6f0b9896e1
Update description
2015-07-11 00:56:18 -05:00
115549ca75
Delete old check
2015-07-11 00:42:59 -05:00
63005a3b92
Add module for flash CVE-2015-5122
...
* Just a fast port for the exploit leaked
* Just tested on win7sp1 / IE11
2015-07-11 00:28:55 -05:00
7d55e86bdc
Land #5691 , bump to metasploit-payloads-1.0.6
2015-07-10 22:30:44 -05:00
226137896e
updated cached payload sizes
2015-07-10 22:30:20 -05:00
bff92f2304
Initial add
2015-07-10 21:13:12 -04:00
5a045677bc
Add waiting message
2015-07-10 18:48:46 -05:00
8d52c265d9
Delete wfsdelay
2015-07-10 18:46:27 -05:00
63e91fa50f
Add reference
2015-07-10 18:46:06 -05:00
677cd97cc2
Update information
2015-07-10 18:39:11 -05:00
6c6a778218
Modify arkeia_agent_exec title
2015-07-10 18:38:25 -05:00
4995728459
Modify arkeia_agent_exec ranking
2015-07-10 18:37:24 -05:00
858f63cdbf
Land #5693 , @xistence VNC Keyboard EXEC module
2015-07-10 18:35:44 -05:00
1326a26be5
Do code cleanup
2015-07-10 18:35:13 -05:00
917282a1f1
Fix ranking
2015-07-10 17:49:15 -05:00
e063e26627
Land #5689 , @xistence's module for Western Digital Arkeia command injection
2015-07-10 17:11:35 -05:00
bdd8b56336
fix comment
2015-07-10 16:28:20 -05:00
95ae7d8cae
Fix length limitation
2015-07-10 16:24:49 -05:00
3347b90db7
Land #5676 , print_status with ms14_064
2015-07-10 14:40:49 -05:00
29a497a616
Read header as 6 bytes
2015-07-10 14:25:57 -05:00
bed3257a3f
Change default HTTP_DELAY
2015-07-10 12:50:26 -05:00
c9d2ab58d3
Use HttpServer::HTML
...
* And make the exploit Aggressive
2015-07-10 12:48:21 -05:00
e1192c75a9
Fix network communication on `communicate`
...
* Some protocol handling just to not read amounts of data blindly
2015-07-10 11:57:48 -05:00
9206df077f
Land #5694 , R7-2015-08
2015-07-10 11:42:57 -05:00
9ba515f185
Fix network communication on `check`
...
* Some protocol handling just to not read amounts of data blindly
2015-07-10 11:32:49 -05:00
728b338593
Give msftidy a cookie
2015-07-10 11:28:10 -05:00
cf4b18700d
Fix CVE reference
2015-07-10 11:14:59 -05:00
c70be64517
Fix version check
2015-07-10 10:57:55 -05:00
34a6984c1d
Fix variable name
2015-07-10 10:44:38 -05:00
2c7cc83e38
Use single quotes
2015-07-10 10:34:47 -05:00
f66cf91676
Fix metadata
2015-07-10 10:33:02 -05:00
b916a9d267
VNC Keyboard Exec
2015-07-10 14:08:32 +07:00
52d41c8309
Western Digital Arkeia 'ARKFS_EXEC_CMD' <= v11.0.12 Remote Code Execution
2015-07-10 09:51:28 +07:00
f59c99e2ff
Remove msfcli, please use msfconsole -x instead
...
msfcli is no longer supported, please use msfconsole.
Announcement on SecurityStreet:
Weekly Metasploit Wrapup
Posted by Tod Beardsley in Metasploit on Jan 23, 2015 11:57:05 AM
2015-07-09 12:50:02 -05:00
d7beb1a685
feedback included
2015-07-09 08:31:11 +02:00
67666160e8
Add patched server detection
2015-07-08 13:47:59 -05:00
25e0f888dd
Initial commit of R7-2015-08 coverage
2015-07-08 13:42:11 -05:00
a3ec56c4cb
Do it in on_request_exploit because it's too specific
2015-07-08 12:32:38 -05:00
cefbdbb8d3
Avoid unreliable targets
...
If we can't garantee GreatRanking on specific targets, avoid them.
2015-07-08 12:12:53 -05:00
c86d16ffb6
update payload sizes
2015-07-07 23:15:57 -05:00
23abc288c8
Resolved conflicts with master
2015-07-07 22:34:30 -05:00
6a33807d80
No Chrome for now
2015-07-07 15:56:58 -05:00
f8b668e894
Update ranking and References
2015-07-07 15:43:02 -05:00
116c3f0be1
Add CVE as a real ref, too
2015-07-07 14:46:44 -05:00
3d630de353
Replace with a real CVE number
2015-07-07 14:44:12 -05:00
d3902771b6
Fixes call to the credentials API and adds version info
2015-07-07 13:48:16 -05:00
fdb715c9dd
Merge branch 'upstream-master' into bapv2
2015-07-07 13:45:39 -05:00
829b08b2bf
Complete authors list
2015-07-07 12:49:54 -05:00
49effdf3d1
Update description
2015-07-07 12:46:02 -05:00
d885420aff
This changes the version requirement for adobe_flash_hacking_team_uaf.rb
...
Because it works for Win 8.1 + IE11 too
2015-07-07 12:42:56 -05:00
d30688b116
Add more requirement info
2015-07-07 12:33:47 -05:00
d9aacf2d41
Add module for hacking team flash exploit
2015-07-07 11:19:48 -05:00
c37b60de7b
Do some print_status with ms14_064
2015-07-07 00:57:37 -05:00
9a1500ee96
Change module name a little bit, makes it easier to find in GUI
2015-07-06 22:31:07 -05:00
4a70e23f9a
Add ExploitReloadTimeout datastore option
...
Some exploits require more time, and if we try the next exploit too
soon, it may crash the browser.
2015-07-06 19:20:15 -05:00
e16cd08599
Update the payload CachedSize
2015-07-06 17:16:56 -04:00
2a89e248d7
Pymet fix send uuid logic for Python 3.x
2015-07-06 11:20:34 -04:00
3d30cef58e
Land #5668 , I don't know how to avoif things
2015-07-06 09:24:18 -05:00
5b6ceff339
mime message
2015-07-06 15:00:12 +02:00
a9edfa1b4b
Fix a small typo
2015-07-06 13:37:36 +02:00
133e221dcd
Remove unnecessary steps.
2015-07-05 19:00:58 -05:00
c993c70006
Remove sleep(), clean up WritableDir usage.
2015-07-05 18:59:00 -05:00
d2063c92e1
Refactor datastore names to match standards
2015-07-05 18:21:45 -05:00
72a1e9ad99
Add module for rootpipe+entitlements exploit for 10.10.3.
2015-07-05 18:19:46 -05:00
b577f79845
Fix some bugs in the safari file navigation module.
2015-07-05 16:46:18 -05:00
632bcda345
Land #5652 , improve LAPS filter to reduce empty results
2015-07-03 15:02:39 -04:00
29d45e3b18
Pymet patch in timeout info on generate_stage
2015-07-03 14:12:29 -04:00
43d47ad83e
Port BAPv2 to Auxiliary
2015-07-02 15:29:24 -05:00
e843db78dc
put rhost option back
...
it is needed for the wmic query that
creates the shadowcopy
MSP-12867
2015-07-02 14:46:40 -05:00
7b2b526ea1
deregister unwated options
...
deregister mixin options that we don't need
for this module
2015-07-02 14:33:21 -05:00
8892cbdd10
Fix some minor things
2015-07-02 14:32:16 -05:00
cc51d1e8fd
use registry data for VSS grab
...
use the location data we got from the registry for copying
the NTDS.dit file correctly with the VSS method
2015-07-02 14:27:51 -05:00
89d283da09
check registry for ntds location
...
check the registry for the location of the ntds.dit
file
MSP-12867
2015-07-02 14:07:47 -05:00
95f19e6f1f
Minor description edits for clarity
...
Edited modules/exploits/multi/browser/adobe_flash_nellymoser_bof.rb
first landed in #5642 , Adobe Flash CVE-2015-3113 Nellymoser Audio
Decoding BOF
Edited modules/post/windows/gather/credentials/enum_laps.rb first landed
in #5590 , @Meatballs1 adds MS LAPS Enum post mod
Edited modules/post/windows/gather/enum_ad_bitlocker.rb first landed in
Keys from AD
2015-07-02 13:51:37 -05:00
87e6325737
Revert BAPv2 changes to framework/libraries/handlers
2015-07-02 12:10:21 -05:00
42daf4d38b
fix up ordering of pre-checks
...
i hate early returns, but we need to bail out early
if some of these checks fail
MSP-12867
2015-07-02 11:52:02 -05:00
99c29052c7
Merge branch 'smb_enumuser_domain_storage' of github.com:jabra-/metasploit-framework into smb_enumuser_domain_storage
2015-07-02 08:24:04 -04:00
dfa71a2b44
update to store creds using the new method
2015-07-02 08:22:21 -04:00
8a3873d730
Tweak filter to reduce empty results
2015-07-02 09:53:08 +01:00
2957924c78
Merge branch 'upstream-master' into bapv2
2015-07-02 01:46:31 -05:00
49d3b275b2
Land #5648 , Update CVE-2015-3043 info
2015-07-02 01:36:26 -05:00
a37ac1b089
Land #5590 , @Meatballs1 adds MS LAPS Enum post mod
2015-07-01 21:19:15 -04:00
3b9ba189f7
Add CVE-2015-3043 information
2015-07-01 19:56:35 -05:00
8051a99f4a
Merge branch 'upstream-master' into bapv2
2015-07-01 18:45:42 -05:00
32d5e7f3de
Land #5642 , Adobe Flash CVE-2015-3113 Nellymoser Audio Decoding BOF
2015-07-01 18:44:38 -05:00
93c74efb97
Add Ubuntu as a tested target
2015-07-01 18:43:22 -05:00
1c5abec97a
Land #5632 , mozilla_reduceright nil fix
2015-07-01 15:56:31 -05:00
ee118aa89d
Fix description
2015-07-01 13:30:22 -05:00
1de94a6865
Add module for CVE-2015-3113
2015-07-01 13:13:57 -05:00
399b3d2810
Land #5629 , moar cmd_exec refactoring
2015-07-01 00:36:19 -05:00
d6261a54b1
Land #5608 , part 2, update payload cache sizes
2015-07-01 00:31:40 -05:00
6711091c70
update cached payload sizes
2015-07-01 00:31:09 -05:00
e99d63687f
Land #5608 , android and java meterpreter transport and sleep support
...
This also includes stageless Windows meterpreter fixes for process migration.
2015-07-01 00:23:36 -05:00
3632cc44c5
Fix nil error when target not found
2015-06-30 11:48:41 -05:00
7aeb9e555b
Change ranking and support CAMPAIGN_ID
2015-06-29 12:13:46 -05:00
656e6f5c73
Fix windows enum modules
2015-06-29 11:56:38 -05:00
834c0e594a
Update multi modules
2015-06-29 11:36:28 -05:00
ae172691f2
Update linux gather post modules
2015-06-29 10:21:13 -05:00
2cbb107bba
Update enum_configs
2015-06-29 09:55:18 -05:00
afa442ad89
Fix a stack trace with ipmi_dumphashes when no database was configured.
2015-06-29 00:46:35 -05:00
355738909a
Fixes typo
2015-06-28 09:32:16 -05:00
5c18fc82f2
Stores credentials using create_credential_login
2015-06-28 09:24:31 -05:00
1d50bda609
initial add of blank file
2015-06-27 21:38:25 -04:00
b332b25795
Stores credentials in DB, fixes loop variable and nil dereference bug
2015-06-27 19:06:15 -05:00
9bd920b169
Merge branch 'upstream-master' into bapv2
2015-06-27 12:19:55 -05:00
bb43f7e30f
use the correct transport for x64/meterpreter_reverse_https
2015-06-27 10:50:54 -05:00
007da4af41
Force :init_connect for stageless
2015-06-27 18:21:15 +10:00
52b49503a0
Land #5498 , @hmoore-r7's patch for a number of Net::DNS/enum_dns issues
2015-06-26 18:25:03 -05:00
093f339f6b
Land #5268 , @Meatballs1's post windows module to retrieve Bitlocker Recovery Keys from AD
2015-06-26 17:07:36 -05:00
326bec0a1f
Land #5581 , s/shell_command_token/cmd_exec/
2015-06-26 16:59:40 -05:00
600a296291
Do minor cleanup
2015-06-26 16:51:00 -05:00
a10fa02b00
Land #5606 , @wchen-r7's glassfish fixes
2015-06-26 14:12:50 -05:00
jvazquez-r7
g0tmi1k
William Vu
kn0
HD Moore
Brent Cook
wchen-r7
h00die
Tod Beardsley
OJ
Samuel Huckins
Christian Sanders
joev
rastating
James Lee
Pedro Ribeiro
Ramon de C Valle
Marc-Andre Meloche
Christian Mehlmauer
Mo Sadek
xistence
Michael Messner
cldrn
Spencer McIntyre
Donny Maasland
David Maloney
Josh Abraham
Meatballs