infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
17,093 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

17093 Commits (a74b576a0f4cd6d1b721818da0b4d236ea416384)

Author SHA1 Message Date
James Lee a74b576a0f Merge branch 'rapid7' into rsmudge-authproxyhttpstager 2013-03-04 17:50:48 -06:00
James Lee c0689a7d43 Merge branch 'master' of github.com:rapid7/metasploit-framework into rapid7 2013-03-04 12:14:33 -06:00
dmaloney-r7 034be519bc Merge pull request #7 from jlee-r7/dmaloney-r7-feature/http/authv2 
Add spec to ensure auth is sane
 2013-03-04 10:04:22 -08:00
James Lee cb18b81503 Add spec to ensure auth is sane 2013-03-04 11:59:30 -06:00
David Maloney 71ba044d03 remove debugging aid 2013-03-04 11:25:34 -06:00
David Maloney 6dcca7df78 Remove duplicated header issues 
Headers were getting duped back into client config, causing invalid
requests to be sent out
 2013-03-04 11:24:26 -06:00
sinn3r 7fa24d9060 Module rename 2013-03-04 10:54:33 -06:00
sinn3r 59b5e8e688 Merge branch 'setuid_tunnelblick' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-setuid_tunnelblick 2013-03-04 10:53:31 -06:00
sinn3r 95cd46d362 Merge branch 'master' of github.com:rapid7/metasploit-framework 2013-03-04 10:46:27 -06:00
sinn3r 12247d47ba Rename module, sorry, no pull request. 2013-03-04 10:46:05 -06:00
jvazquez-r7 e465a07030 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-03-04 17:41:18 +01:00
jvazquez-r7 92ee4300df cleanup for reflective_dll_inject 2013-03-04 17:40:09 +01:00
jvazquez-r7 582395412f Merge branch 'post_ref_dll_inj' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-post_ref_dll_inj 2013-03-04 17:39:11 +01:00
David Maloney 6d811ce4b9 empty passwords should be allowed 2013-03-04 09:09:11 -06:00
jvazquez-r7 a980bf0ef6 minor fixes 2013-03-03 19:54:17 +01:00
jvazquez-r7 248481f195 fixed EOF 2013-03-03 19:52:31 +01:00
jvazquez-r7 81e2dbc71e added module for CVE-2012-3485 2013-03-03 19:48:12 +01:00
jvazquez-r7 76180f22fc added module for cve-2012-4284 2013-03-03 13:23:21 +01:00
Raphael Mudge 1cc49f75f5 move flag comment to where it's used. 2013-03-03 03:26:43 -05:00
Raphael Mudge ecdb884b13 Make download_exec work with authenticated proxies 
Adds INTERNET_FLAG_KEEP_CONNECTION to HttpOpenRequest flags to allow
download_exec to transparently authenticate to a proxy device through
wininet.

Fun trivia, Windows 7 systems uses Connection: keep-alive by default.
This flag benefits older targets (e.g., Windows XP).
 2013-03-03 01:42:17 -05:00
Samuel Huckins 2e4760c486 Merge pull request #1533 from rapid7/feature/migrations-in-metasploit_data_models 
All steps passing as described.
 2013-03-01 12:54:41 -08:00
Luke Imhoff b855bd3f3a Add metasploit_data_models 0.5.1 to gemcache 
[#44034071]
 2013-03-01 14:06:58 -06:00
Luke Imhoff bd8f94c43d Update to master tag of 0.5.1 of metasploit_data_models 
[#44034071]
 2013-03-01 13:44:52 -06:00
Samuel Huckins 8f21271ed8 Merge pull request #1535 from tasos-r7/bugfix/web-vuln-confidence 
Auxiliary::Web: fixed vuln confidence calculation/storage
 2013-03-01 10:32:06 -08:00
Tasos Laskos 628f7ef4f3 Merge branch 'bugfix/web-vuln-confidence' of github-r7:tasos-r7/metasploit-framework into bugfix/web-vuln-confidence 2013-03-01 20:22:43 +02:00
Tasos Laskos 99a8ec593b Fixing merge conflicts 2013-03-01 20:21:02 +02:00
David Maloney 4212c36566 Fix up basic auth madness 2013-03-01 11:59:02 -06:00
Samuel Huckins 7b8654a71d Revert "Merge pull request #1534 from tasos-r7/bugfix/web-vuln-confidence" 
This reverts commit 3840ddccbc, reversing
changes made to e1891f0836.
 2013-03-01 11:41:06 -06:00
Tasos Laskos ac65c54cc5 Auxiliary::Web: fixed the previous confidence fix 2013-03-01 19:37:41 +02:00
Samuel Huckins 3840ddccbc Merge pull request #1534 from tasos-r7/bugfix/web-vuln-confidence 
Auxiliary::Web: fixed confidence calculation in log methods
 2013-03-01 09:25:07 -08:00
David Maloney 902948e5d3 cleanup options 2013-03-01 11:01:00 -06:00
Tasos Laskos 862b813786 Auxiliary::Web: fixed confidence calc in log methods 2013-03-01 18:33:16 +02:00
Luke Imhoff 239e1934b8 Use migrations from metasploit_data_models 
[#44034071]

metasploit_data_models version 0.5.0 copied the migrations from
metasploit-framework/data/sql/migrate to
metasploit_data_models/db/migrate so that specs could be written the Mdm
models in metasploit_data_models.  As part of the specs, :null => false
columns that should be :null => true were discovered, so a new migration
was added, but to metasploit_data_models/db/migrate, so it could be
tested.  Instead of replicating migrations back and forth, I'm removing
the migrations completely from metasploit-framework and changing the
default migration path in Msf::DbManager#migration_paths to
MetasploitDataModels.root.join('db', 'migrate').
 2013-03-01 09:03:45 -06:00
jvazquez-r7 e1891f0836 Merge branch 'setstringproperty_spray' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-setstringproperty_spray 2013-02-28 23:35:37 +01:00
David Maloney b2f68f0fdb Merge branch 'dmaloney-r7-feature/http/authv2' of git://github.com/jlee-r7/metasploit-framework into jlee-r7-dmaloney-r7-feature/http/authv2 2013-02-28 14:37:37 -06:00
David Maloney c290bc565e Merge branch 'master' into feature/http/authv2 2013-02-28 14:33:44 -06:00
James Lee 5a79fcd11e Ensure we build only one Authorization header 
Also fixes an issue where Host headers were generated with nil by
preferring the vhost from Client instead of the default nil from
ClientRequest.
 2013-02-28 13:47:30 -06:00
jvazquez-r7 8f58c7b25e cleanup for sap_icf_public_info 2013-02-28 18:47:48 +01:00
jvazquez-r7 0dcfb51071 cleanup for sap_soap_rfc_system_info 2013-02-28 18:46:18 +01:00
jvazquez-r7 1a10c27872 Merge branch 'sap_rfc_system_info' of https://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-sap_rfc_system_info 2013-02-28 18:45:42 +01:00
sinn3r 18c0bb0ac8 Updates description again 2013-02-28 11:34:48 -06:00
sinn3r 8cb5da0794 One size rules them all. 2013-02-28 11:21:23 -06:00
sinn3r 722e077029 Update generic target 2013-02-28 11:09:52 -06:00
sinn3r 2c013cada8 Update documentation for default values 2013-02-28 11:05:18 -06:00
sinn3r 86d78939ad Make objId optional 2013-02-28 11:01:15 -06:00
sinn3r 9f35452d73 Beef up the default values for precise alloc size and consistency 2013-02-28 10:35:40 -06:00
James Lee 425c245771 Axe set_cgi in favor of set_uri 
They were identical except for a couple of extra bugs in set_cgi.

Also changes ```split("/")``` to ```split("/", -1)```, which behaves
correctly when the input has a seperator at the beginning or end.
 2013-02-27 19:13:05 -06:00
James Lee 16bba7a6ac Add test for pad_get_params 2013-02-27 18:06:55 -06:00
James Lee b0745b090a Msf HTTP uses this directly, can't axe it 2013-02-27 17:54:31 -06:00
James Lee 4edd46216f Refactor config -> opts 
Puts all the evasion stuff in the same place as regular HTTP options to
make it easier to deal with.
 2013-02-27 17:29:26 -06:00