infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
50,385 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

50385 Commits (a47115352a64fd6d5842d13326cb01ac7fd37a71)

Author SHA1 Message Date
William Vu e488cf4a37 Prefer Tempfile over Rex::Quickfile for info -d 
Rex::Quickfile undefines Tempfile's finalizer, preventing cleanup.
 2019-01-17 13:58:03 -06:00
William Vu a5a8c88a6e Implement resource scripting for command shells 2019-01-17 13:39:03 -06:00
William Vu b412bb3136
Land #11267, RHOST fix for ms17_010_psexec 2019-01-17 13:24:56 -06:00
Erin Bleiweiss 309437c9bc
Remove accidental debug statement 2019-01-16 17:21:12 -06:00
Erin Bleiweiss 1c4ebec0e9
Fix merge conflict 2019-01-16 17:13:45 -06:00
Erin Bleiweiss 1975bbf160
Add password option to prompt 2019-01-16 17:01:09 -06:00
Erin Bleiweiss 49fd266442
Add colors and formatting 2019-01-16 15:40:59 -06:00
Erin Bleiweiss 0b37214123
Simplify deletion-related questions in msfdb 2019-01-16 15:40:50 -06:00
James Barnett 4b87d54430
Add comment explaining why we prevent loot.data update 2019-01-16 15:29:27 -06:00
Erin Bleiweiss f49acae86a
Land #11262, Make msfdb rackup file independent of framework dir location 2019-01-16 15:25:32 -06:00
James Barnett fd6527bac8
Prepend loot filenames with unique string 
This should help prevent accidentally overwriting files with the same name
 2019-01-16 15:20:41 -06:00
Jacob Robles 2b36491d38
Land 11269, fix java_deserialization_spec check 2019-01-16 11:00:11 -06:00
James Barnett 705c269d27
Handle empty data values for loot 2019-01-16 10:59:07 -06:00
Wei Chen 0051caf6ce Update java_deserialization_spec to rescue the right exception 2019-01-16 10:47:52 -06:00
James Barnett ffada8147e
Update loot API docs 2019-01-16 10:42:00 -06:00
James Barnett d6462fed63
Dont allow users to update loot.data 2019-01-16 10:01:22 -06:00
Clément Notin 31a7b13c19
ms17_010_psexec: fix RHOST in "authenticating..." message 2019-01-16 11:23:21 +01:00
Brent Cook 1947bae45b
Land #11230, add JuicyPotato local privilege escalation 2019-01-15 21:20:25 -06:00
Brent Cook 4f7bdc7da1 add module docs 2019-01-15 21:17:05 -06:00
William Vu 06de16a36f Merge remote-tracking branch 'upstream/master' into pr/10119 2019-01-15 18:33:48 -06:00
James Barnett dc7d611780
Base64 encode the data field for each loot operation 2019-01-15 18:01:43 -06:00
Wei Chen 70c4e719c9
Land #11190, fix multi line text in android send_sms 2019-01-15 17:18:37 -06:00
Wei Chen 27d6fffdad
Land #11125, Import/generate `ysoserial` Java serialization objects 2019-01-15 17:09:56 -06:00
Wei Chen 85555b81c4 Update code for Ruby coding style standards 2019-01-15 17:08:54 -06:00
James Barnett 5c308b1448
Remove nested loot object from host JSON 
The code on the framework side that was utilizing this was removed
a while ago. It was never actually being used anywhere, and was causing
issues with getting host objects back when the loot contained
non-UTF-8 characters
 2019-01-15 16:45:04 -06:00
Erin Bleiweiss 81472b529c
Simplify deletion-related questions in msfdb 2019-01-15 16:06:10 -06:00
William Vu 3bf4726b15 Fix pid_uid 2019-01-15 14:34:29 -06:00
James Barnett 42c9553283
Dont do a separate lookup for loot.host, use the included JSON 
This is just a temporary change. Eventually we should be doing separate
lookups for associated objects as that is the RESTful way of doing it.
Implementing this now to prevent extra load on the server until we can
put a better system in place of doing multiple lookups with a single call.
 2019-01-15 12:47:37 -06:00
h00die a73fe9433b
land #11169 blueman priv esc on linux 2019-01-15 10:32:46 -05:00
Jacob Robles 923a4ba098
Land #11263, uppercase KoreLogic in JTR modules 2019-01-15 08:50:11 -06:00
Jacob Robles c8db044a84
Land #11242, fix Msf::Post::File #pwd output 2019-01-15 08:42:41 -06:00
Jacob Robles 9616a9f79d
Land #11245, doc update for chrome_cookies 2019-01-15 07:27:35 -06:00
Jacob Robles 04363b7b7e
Doc update 
post:chrome_cookies
 2019-01-15 07:19:46 -06:00
h00die 93f66a1f22 uppercase 2019-01-15 08:04:11 -05:00
Matthew Kienow c1fe334006
Remove unused code 2019-01-14 23:30:48 -05:00
Matthew Kienow 7f20c75cb3
Use static rackup file from framework directory 2019-01-14 23:30:48 -05:00
Matthew Kienow e7e0503f3e
Add Metasploit data web service rackup file 2019-01-14 23:30:47 -05:00
h00die 4d847e97fc ... over -1 2019-01-14 22:41:11 -05:00
h00die 509b4e979d max_length -1 2019-01-14 22:28:46 -05:00
h00die 2c02dbc8a6 add max_length to wordlist generation 2019-01-14 22:20:33 -05:00
Green-m d8515ba056
Land #11255, Assign CVE number to spark unauth rce 2019-01-15 11:17:37 +08:00
bcoles 8c636f27d5
Update check method to confirm vulnerability 2019-01-15 11:31:31 +11:00
asoto-r7 72d3f6538e
Updated ysoserial_payloads.json cache 2019-01-14 17:43:27 -06:00
asoto-r7 ddd9ab2041
Fixed an off-by-one error in the fingerprinting randomization 2019-01-14 17:42:59 -06:00
bcoles 4dc3562046
Update installation notes 2019-01-15 10:41:03 +11:00
James Barnett e168458861
Make calls to get the associated host when getting loot 2019-01-14 15:51:51 -06:00
Wei Chen 47f8738f74 Add Imran Rashid to CVE-2018-11770 credit 2019-01-14 15:28:08 -06:00
Wei Chen 52ff0a8b75 Update exploits/linux/http/spark_unauth_rce as CVE-2018-11770 2019-01-14 15:10:29 -06:00
James Barnett 3f9c0e160a
Merge branch 'master' into fix_misc_loot_bugs 2019-01-14 11:15:06 -06:00
Alex bd94675b33 Update documentation for post/multi/gather/chrome_cookies 2019-01-13 14:31:07 +11:00