chao-mu
c59e08ce7d
Moved utility codde and expanded railgun test suite runner
2012-01-06 21:07:16 -05:00
chao-mu
f41fc7a0ac
Moved platform_util.rb and added the tests for the new utilities to railgun.rb.ts.rb
2012-01-06 20:56:41 -05:00
chao-mu
bd52f228a0
Merge remote branch 'upstream/master'
2012-01-06 20:27:53 -05:00
chao-mu
78ec687a4f
Merge remote branch 'origin/master'
2012-01-06 20:20:28 -05:00
David Maloney
bf425a6744
Fixed bug that prevented telnet sessions from opening with good creds
2012-01-06 16:59:08 -08:00
Stephen Haywood
2e60d2e01a
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
2012-01-06 17:46:42 -05:00
Stephen Haywood
72072c4ef3
Added enum_artifacts
2012-01-06 17:43:50 -05:00
sinn3r
6ceb2f04a3
Add CVE-2011-2474 Sybase EAServer directory traversal vulnerability
2012-01-06 14:24:49 -06:00
David Maloney
9cf2af6a94
Adds exploit/windows/htt/xampp_webdav_upload_php
...
This exploit abuses weak default passwords on XAMPP
for windows to uplaod a php payload and execute it.
Fixes #2170
2012-01-06 12:00:14 -08:00
Sam Sharps
06414c2413
changed author to my actual name
2012-01-06 01:03:20 -06:00
HD Moore
c2a71d63b4
Tweak the logic here
2012-01-06 00:53:50 -06:00
HD Moore
7b26e33e19
Initial version
2012-01-06 00:53:50 -06:00
Sam Sharps
b26ed37467
Added description, urls, and another author
2012-01-06 00:47:01 -06:00
Sam Sharps
5c05cebaf7
Added ms05_054_onload.rb IE 6 SP 2 exploit - CVE-2005-1790
2012-01-06 00:16:45 -06:00
sam
f3a9bc2dad
Added ms05_054_onload.rb IE 6 SP 2 exploit - CVE-2005-1790
2012-01-06 00:12:28 -06:00
David Maloney
54bca49ef9
Slightly better fix to the digest request header issue
2012-01-05 12:25:32 -08:00
David Maloney
ba86e8a04f
Added PROPFIND support to http_login
...
This allows http_login to test against WebDAV.
Also added XAMPP default usernames and passwords to default wordlists
2012-01-05 12:10:53 -08:00
HD Moore
9c827abcb7
net-ssh hackery to disable agent support, disable private key support,
...
and add a callback
2012-01-05 14:10:31 -06:00
Jonathan Cran
eec70706d0
make the esx driver dependent on meterpreter
2012-01-05 20:42:58 -06:00
Jonathan Cran
bedc34ad44
Merge branch 'master' of r7.github.com:rapid7/metasploit-framework
2012-01-05 18:26:26 -06:00
Jonathan Cran
c522514030
update the meterpreter modifier to reflect the new copy_ api
2012-01-05 18:26:05 -06:00
David Maloney
6cd3810094
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-01-05 12:03:21 -08:00
David Maloney
e61b4ed65c
Fixed issue with send_digest_request_cgi not keeping user supplied headers.
2012-01-05 12:02:21 -08:00
Tod Beardsley
e28ccc33c7
Merge pull request #92 from rsmudge/armitage
...
Armitage 1.5.12
2012-01-05 11:05:35 -08:00
Raphael Mudge
46964a6be7
Armitage 1.5.12 - Performance and bandwidth optimizations in the team server, improved Java meterpreter interface, and
...
greatly overhauled Armitage's data export capability. Now users may select to export all data or any workspace.
2012-01-05 04:55:58 -05:00
chao-mu
3772f56260
Am making use of platform_util.rb's platform symbols for standardization across railgun. Ideally only platform_util.rb will need to know what platform strings look like and how they are represented in the railgun world. Corrected railgun.rb mixin's pointer_size function.
2012-01-04 22:28:20 -05:00
chao-mu
59ebb396a6
Steps towards pointer utility support for module developers and railgun developer(s) alike.
2012-01-04 22:14:41 -05:00
chao-mu
6db2da1f76
module Rex
...
module Post
module Meterpreter
module Extensions
module Stdapi
module Railgun
module Type
module PlatformUtil
X86_64 = :x86_64
X86_32 = :x86_32
def self.parse_client_platform(meterp_client_platform)
meterp_client_platform =~ /win64/ ? X86_64 : X86_32
end
end # PlatformUtil
end # Type
end # Railgun
end # Stdapi
end # Extensions
end # Meterpreter
end # Post
end # Rex
2012-01-04 22:11:09 -05:00
chao-mu
d995c3893b
Platform handling utilities. I want to protect railgun against changes to client.platform's general form
2012-01-04 21:56:34 -05:00
HD Moore
8315709fb6
Correct typo and set the disclosure date
2012-01-04 19:46:56 -06:00
chao-mu
d46379dda2
Merge remote branch 'upstream/master'
2012-01-04 19:32:06 -05:00
chao-mu
3d7d5d5f3d
Utility for working with pointers. Test coverage is incomplete
2012-01-04 19:30:30 -05:00
Tod Beardsley
7b692aa0b9
Adding references to vss modules.
2012-01-04 12:10:03 -06:00
Tod Beardsley
164c80d496
Adding a comment doc to the shadowcopy lib.
...
Citing Tim Tomes and Mark Baggett
2012-01-04 12:03:13 -06:00
sinn3r
8cced0a91e
Add CVE-2011-2462 Adobe Reader U3D exploit
2012-01-04 03:49:49 -06:00
sinn3r
c122ec34bc
Add default SSH credential for Op5 system CenOS VM image
2012-01-03 15:13:35 -06:00
David Maloney
12221b0433
UAC will disrupt these modules
...
Added checks for UAC.
UAC must be bypassed before using these modules.
2012-01-03 12:07:38 -08:00
Jonathan Cran
166e3f45d6
Merge branch 'release/20111227000001'
2012-01-03 11:56:55 -06:00
chao-mu
b9b5b1e66f
Merge remote branch 'upstream/master'
2012-01-02 20:07:50 -05:00
Tod Beardsley
904297ee35
Merge pull request #91 from jduck/master
...
Stack trace fix when mytarget is nil, actually populate the agent variable.
2012-01-02 09:26:05 -08:00
Joshua J. Drake
958ffe6e1d
Fix stack trace from unknown agents
2012-01-02 03:41:49 -06:00
HD Moore
7448ab4780
Merge pull request #90 from swtornio/master
...
add osvdb ref
2012-01-01 10:25:21 -08:00
Steve Tornio
7bfdc9eff4
add osvdb ref
2012-01-01 09:10:10 -06:00
James Lee
4cd329a943
Spawn the payload as a seperate process
...
Running the payload using system() in a thread was causing some weird
interactions with ctrl-c. Fix those issues by using Process.spawn and
Process.detach. I suspect this was the original cause of #3631 , java
meterpreter sessions dying unaccountably.
See #3631
2011-12-31 12:11:34 -07:00
David Maloney
dd0b07b2cc
Adds mixin and post modules to manipulate Volume shadowcopy Service(VSS)
2011-12-30 15:03:04 -08:00
Joshua Smith
29b6d0d1e3
Adds previous, pushm, popm to msfconsole
...
Adds the ability to set and use a stack of modules, and to easily switch
between the last two modules used.
[Fixes #6165 ][Closes #84 ]
Squashed commit of the following:
commit e41e7f704888b1ce5ad5f23caeee1de13052e3d5
Author: Joshua Smith <kernelsmith@kernelsmith.com>
Date: Mon Dec 26 15:52:08 2011 -0500
pushm/popm working great, let me know if you find bugs
commit 23da8d56ea08ca196e649431e8188b4f29ba97b9
Author: Joshua Smith <kernelsmith@kernelsmith.com>
Date: Mon Dec 26 14:37:18 2011 -0500
Adds the 'previous' command to msfconsole which will load the previously active module as the currently active module, adds @previous_module as a class variable
2011-12-30 15:30:55 -06:00
James Lee
0fa0ceccb5
Merge branch 'master' of github-r7:rapid7/metasploit-framework
2011-12-30 10:55:48 -07:00
James Lee
ba017773b2
Cleanup whitespace at EOL
2011-12-30 10:55:01 -07:00
sinn3r
23f2a189d7
Merge pull request #89 from rsmudge/armitage
...
Armitage 12.30.11
2011-12-30 08:21:04 -08:00
sinn3r
d9db03dba6
Add CoCSoft StreamDown buffer overflow (Feature #6168 ; no CVE or OSVDB ref)
2011-12-30 10:16:29 -06:00