infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,305 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

58 Commits (aac553feea708fc3683fd4855afb651d7f7680e8)

Author SHA1 Message Date
Ramon de C Valle f124597a56 Code cleanups 
git-svn-id: file:///home/svn/framework3/trunk@5773 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-19 21:03:39 +00:00
James Lee 36a06e7576 initial commit of php findsock. This patch makes all http connections global and removes the "close if (!pipelining)" checks, so beware of bugs. 
git-svn-id: file:///home/svn/framework3/trunk@5678 4d416f70-5f16-0410-b530-b9f4589650da
 2008-09-24 04:41:51 +00:00
HD Moore 3cf81f257e Ensure that the Content-Type is set to text/html by default. 
git-svn-id: file:///home/svn/framework3/trunk@5615 4d416f70-5f16-0410-b530-b9f4589650da
 2008-08-08 02:37:54 +00:00
James Lee f5fe1e0305 fix escaping bug in js_base64 
git-svn-id: file:///home/svn/framework3/trunk@5611 4d416f70-5f16-0410-b530-b9f4589650da
 2008-07-30 02:56:21 +00:00
James Lee 2d344e64df browser_autopwn now works with mozilla_compareto, mozilla_navigatorjava, and firefox_queryinterface; increased reliability of OS and browser detection 
git-svn-id: file:///home/svn/framework3/trunk@5563 4d416f70-5f16-0410-b530-b9f4589650da
 2008-07-22 07:28:05 +00:00
James Lee 8800372e46 initial commit of browser_autopwn; 
revamp php payloads;
socks5 for IPv6 (untested)



git-svn-id: file:///home/svn/framework3/trunk@5546 4d416f70-5f16-0410-b530-b9f4589650da
 2008-07-01 01:44:56 +00:00
James Lee dfa0f6c0c4 More reliable reverse shell 
git-svn-id: file:///home/svn/framework3/trunk@5429 4d416f70-5f16-0410-b530-b9f4589650da
 2008-03-04 07:34:26 +00:00
HD Moore 7498562eb5 Add proxy support to HTTP mixin using modules. Fix socks proxy support. 
git-svn-id: file:///home/svn/framework3/trunk@5113 4d416f70-5f16-0410-b530-b9f4589650da
 2007-09-24 04:44:44 +00:00
HD Moore e4e674003d Correct the super() call in http's regenerate_payload() 
git-svn-id: file:///home/svn/framework3/trunk@5025 4d416f70-5f16-0410-b530-b9f4589650da
 2007-07-03 13:40:45 +00:00
HD Moore ddadf74a85 Fix a typo that could break regenerate_payload 
git-svn-id: file:///home/svn/framework3/trunk@5022 4d416f70-5f16-0410-b530-b9f4589650da
 2007-07-03 04:38:56 +00:00
HD Moore a21ec0a73c Updating the php_include_url function to figure out the server address a little bit better. 
git-svn-id: file:///home/svn/framework3/trunk@5019 4d416f70-5f16-0410-b530-b9f4589650da
 2007-07-03 04:26:28 +00:00
HD Moore d0b15d3d72 Lots of SMB fun, all preparation for Black Hat talk :-) More to come... 
git-svn-id: file:///home/svn/framework3/trunk@5015 4d416f70-5f16-0410-b530-b9f4589650da
 2007-07-03 04:20:50 +00:00
Matt Miller a319b8e582 got rid of duplicated code in browser exploits, fixes #71 
git-svn-id: file:///home/svn/framework3/trunk@4642 4d416f70-5f16-0410-b530-b9f4589650da
 2007-04-04 02:04:37 +00:00
Matt Miller b74311c71d initial integration of alex's heaplib, and a port of the keyframe exploit 
git-svn-id: file:///home/svn/framework3/trunk@4635 4d416f70-5f16-0410-b530-b9f4589650da
 2007-04-03 07:35:54 +00:00
Matt Miller f9d8c4e820 modifications to support using an explicit target to regen payloads 
git-svn-id: file:///home/svn/framework3/trunk@4602 4d416f70-5f16-0410-b530-b9f4589650da
 2007-04-01 21:21:10 +00:00
HD Moore 9c3bfaeee4 Imported the OLE modules from ruby-msg (GPLv2) 
git-svn-id: file:///home/svn/framework3/trunk@4541 4d416f70-5f16-0410-b530-b9f4589650da
 2007-03-20 16:49:34 +00:00
HD Moore 547ec3c6c6 This patch adds header folding, fixed hex-random and u-random encoding, fake uri end, fake uri parameters. This fixes #16, the remaining two options (chunked and pipelining), will be added in a future version. 
git-svn-id: file:///home/svn/framework3/trunk@4513 4d416f70-5f16-0410-b530-b9f4589650da
 2007-03-10 05:58:14 +00:00
HD Moore 41809d5f0a Rescue Timeout and Runtime errors from the HTTP client. This fixes #42. 
git-svn-id: file:///home/svn/framework3/trunk@4512 4d416f70-5f16-0410-b530-b9f4589650da
 2007-03-10 03:51:58 +00:00
Matt Miller c61e0e8931 change the behavior of nil non-required options, fixes #49 
git-svn-id: file:///home/svn/framework3/trunk@4509 4d416f70-5f16-0410-b530-b9f4589650da
 2007-03-09 06:12:28 +00:00
HD Moore e6f221ad80 Major updates to the HTTP api, re-addition of HTTP evasion, see #16 
git-svn-id: file:///home/svn/framework3/trunk@4506 4d416f70-5f16-0410-b530-b9f4589650da
 2007-03-08 14:08:41 +00:00
HD Moore 88cc653478 The HTTP api now catches SIGPIPEs and just returns a nil response 
git-svn-id: file:///home/svn/framework3/trunk@4483 4d416f70-5f16-0410-b530-b9f4589650da
 2007-02-27 09:31:23 +00:00
HD Moore 7087457f9e A few more updates to the HTTP exploit mixin, still needs some work before it is completed 
git-svn-id: file:///home/svn/framework3/trunk@4481 4d416f70-5f16-0410-b530-b9f4589650da
 2007-02-27 09:15:53 +00:00
HD Moore 0012389ba0 Adds support for bind payloads in passive exploits 
git-svn-id: file:///home/svn/framework3/trunk@4281 4d416f70-5f16-0410-b530-b9f4589650da
 2007-01-18 03:51:15 +00:00
HD Moore 68274d6870 PHP tags are now added by the php_include handler and no longer a part of the payloads themselves 
git-svn-id: file:///home/svn/framework3/trunk@4254 4d416f70-5f16-0410-b530-b9f4589650da
 2007-01-05 03:31:18 +00:00
HD Moore 2bc1d4be18 Updates to the client API 
git-svn-id: file:///home/svn/framework3/trunk@4242 4d416f70-5f16-0410-b530-b9f4589650da
 2006-12-28 23:42:54 +00:00
HD Moore 804df25240 Initial overhaul of the HTTP client api. This removes nearly all of the client evasion methods, but leaves the code in a great state to reimplement them with less issues. 
git-svn-id: file:///home/svn/framework3/trunk@4222 4d416f70-5f16-0410-b530-b9f4589650da
 2006-12-19 07:11:55 +00:00
HD Moore ffc626675b Initial support for PHP payloads 
git-svn-id: file:///home/svn/framework3/trunk@4215 4d416f70-5f16-0410-b530-b9f4589650da
 2006-12-17 07:57:51 +00:00
HD Moore 6fef5abeda Resolve a crash bug in the send_response_html() method 
Add the MS06_013 CreateTextRange() exploit



git-svn-id: file:///home/svn/framework3/trunk@4208 4d416f70-5f16-0410-b530-b9f4589650da
 2006-12-17 02:34:27 +00:00
HD Moore ea204ee0ff API change for the HTML mixin, the send_response method is no longer overloaded, instead exploits must call send_response_html to enable HTML evasion. The old method caused problems when a exploit needed HTML and non-HTML response capabilities 
git-svn-id: file:///home/svn/framework3/trunk@4173 4d416f70-5f16-0410-b530-b9f4589650da
 2006-12-10 03:26:53 +00:00
HD Moore f91a4dd9d4 Fix a typo (Html -> HTML) 
git-svn-id: file:///home/svn/framework3/trunk@4171 4d416f70-5f16-0410-b530-b9f4589650da
 2006-12-10 03:11:48 +00:00
HD Moore 45066abcd3 Changed Html to HTML 
git-svn-id: file:///home/svn/framework3/trunk@4170 4d416f70-5f16-0410-b530-b9f4589650da
 2006-12-10 02:55:25 +00:00
Matt Miller abf2e057c8 apache chunked encoding win32 port 
git-svn-id: file:///home/svn/framework3/trunk@4017 4d416f70-5f16-0410-b530-b9f4589650da
 2006-10-11 08:31:54 +00:00
HD Moore 90fc7fa94e Abstracted the RHOST references from inside the mixins. 
Added a mssql_ping_parse method to the mssql mixin



git-svn-id: file:///home/svn/framework3/trunk@3827 4d416f70-5f16-0410-b530-b9f4589650da
 2006-08-13 18:03:28 +00:00
HD Moore ff28b148d1 Fix from nico 
git-svn-id: file:///home/svn/framework3/trunk@3745 4d416f70-5f16-0410-b530-b9f4589650da
 2006-07-18 01:32:21 +00:00
bmc 29b182eea8 * expose junk uri end 
* expose junk param start


git-svn-id: file:///home/svn/incoming/trunk@3547 4d416f70-5f16-0410-b530-b9f4589650da
 2006-02-27 19:59:41 +00:00
bmc a73f024ce1 * less duplication, since the common case is just fine for all but a few instances 
git-svn-id: file:///home/svn/incoming/trunk@3531 4d416f70-5f16-0410-b530-b9f4589650da
 2006-02-19 03:58:18 +00:00
bmc 882e8601d3 * use utf-7 'mode' instead of utf-7 
git-svn-id: file:///home/svn/incoming/trunk@3527 4d416f70-5f16-0410-b530-b9f4589650da
 2006-02-13 22:52:55 +00:00
bmc a0af1e9598 * a more complete selection of various unicode types supported by most browsers 
git-svn-id: file:///home/svn/incoming/trunk@3523 4d416f70-5f16-0410-b530-b9f4589650da
 2006-02-10 17:29:37 +00:00
bmc 1c51681efe * add <object> base64 encoded objects, with 1 byte pad, 2 byte pad, and random space injection. Works fine on ie 4, firefox, and safari. 
git-svn-id: file:///home/svn/incoming/trunk@3522 4d416f70-5f16-0410-b530-b9f4589650da
 2006-02-10 15:45:37 +00:00
bmc ca315abe1b * add uri-encoding as an evasion method (though, exploits could hard code it if they need to...) 
git-svn-id: file:///home/svn/incoming/trunk@3516 4d416f70-5f16-0410-b530-b9f4589650da
 2006-02-06 22:48:10 +00:00
bmc 32dfdc114c * allow a request to pass a timeout (and by allowing passing a timeout, the ability to not parse the response) 
git-svn-id: file:///home/svn/incoming/trunk@3511 4d416f70-5f16-0410-b530-b9f4589650da
 2006-02-06 20:22:47 +00:00
bmc 40961655d6 * enable evasions on the socket as they come in 
git-svn-id: file:///home/svn/incoming/trunk@3498 4d416f70-5f16-0410-b530-b9f4589650da
 2006-02-03 19:56:50 +00:00
bmc d4d73114c1 * add the following evasions for attacks against HTTP servers: 
HTTP::chunked
    HTTP::header_folding
    HTTP::junk_headers
    HTTP::junk_slashes
    HTTP::junk_directories
    HTTP::junk_params
    HTTP::junk_self_referring_directories
    HTTP::junk_pipeline

* add the following evasions for attacks against HTTP clients:
    HTTP::junk_headers
    HTTP::compression (was gzip)

* added an exploit mixin for HTML based attacks with HTML based evasions.  eg: aim_goaway.rb
    HTML::unicode
    HTML::javascript::base64
    HTML::javascript::escape


git-svn-id: file:///home/svn/incoming/trunk@3458 4d416f70-5f16-0410-b530-b9f4589650da
 2006-01-27 22:02:35 +00:00
HD Moore b4ad4a5d75 Tabs vs Spaces 
git-svn-id: file:///home/svn/incoming/trunk@3453 4d416f70-5f16-0410-b530-b9f4589650da
 2006-01-27 05:33:08 +00:00
HD Moore 737a1cb711 Pass socket context to child sockets from server, pass context from http mixin to socket 
git-svn-id: file:///home/svn/incoming/trunk@3402 4d416f70-5f16-0410-b530-b9f4589650da
 2006-01-17 04:35:44 +00:00
HD Moore 8049b32cbc Patches from <anon> 
git-svn-id: file:///home/svn/incoming/trunk@3310 4d416f70-5f16-0410-b530-b9f4589650da
 2006-01-05 22:20:28 +00:00
Matt Miller e63ba080a8 added support for use_gzip 
git-svn-id: file:///home/svn/incoming/trunk@3303 4d416f70-5f16-0410-b530-b9f4589650da
 2006-01-03 04:24:03 +00:00
HD Moore 96d4591b87 Updates to httpserver mixin, gzip encoding added to text, bugfix to wordstar, added metafile exploit, will rename and make it nice later 
git-svn-id: file:///home/svn/incoming/trunk@3299 4d416f70-5f16-0410-b530-b9f4589650da
 2006-01-02 07:49:52 +00:00
HD Moore 412629e5c3 Stuff.. more changes to come 
git-svn-id: file:///home/svn/incoming/trunk@3253 4d416f70-5f16-0410-b530-b9f4589650da
 2005-12-25 22:47:38 +00:00
HD Moore e79c9f8658 Something is still breaking, use w3who, show payloads, exploit, breaks 
git-svn-id: file:///home/svn/incoming/trunk@3218 4d416f70-5f16-0410-b530-b9f4589650da
 2005-12-14 00:21:23 +00:00