infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
21,976 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

11498 Commits (ab1ddac0c84fe5f3e9f5af4bb447f4545d0acdd5)

Author SHA1 Message Date
joev c51e9036ae
Merge branch 'land_mipsbe_xor_encoder' into upstream-master 2013-12-07 17:28:57 -06:00
jvazquez-r7 75fb38fe8d
Land #2724, @wchen-r7 and @jvennix-r7's module for CVE-2013-6414 2013-12-07 14:26:46 -06:00
jvazquez-r7 fdebfe3d2f Add references 2013-12-07 14:25:58 -06:00
jvazquez-r7 f77784cd0d
Land #2723, @denandz's module for OSVDB-100423 2013-12-06 17:32:07 -06:00
jvazquez-r7 3729c53690 Move uptime_file_upload to the correct location 2013-12-06 15:57:52 -06:00
jvazquez-r7 2ff9c31747 Do minor clean up on uptime_file_upload 2013-12-06 15:57:22 -06:00
sinn3r adc241faf8 Last one, I say 2013-12-06 15:52:42 -06:00
sinn3r 17193e06a9 Last commit, I swear 2013-12-06 15:49:44 -06:00
sinn3r 58a70779ac Final update 2013-12-06 15:48:59 -06:00
sinn3r 9f5768ae37 Another update 2013-12-06 14:53:35 -06:00
sinn3r af16f11784 Another update 2013-12-06 14:39:26 -06:00
sinn3r 87e77b358e Use the correct URI 2013-12-06 12:08:19 -06:00
sinn3r 5d4acfa274 Plenty of changes 2013-12-06 11:57:02 -06:00
Meatballs 6f02744d46
Land #2730 Typo in mswin_tiff_overflow 2013-12-06 12:32:37 +00:00
Meatballs 3aebe968bb
Land #2721 Reflective DLL Mixin 
Adds support to load a dll and identify the ReflectiveLoader offset.
Adds support to inject dll into process and execute it.

Updates kitrap0d, ppr_flatten_rec, reflective_dll_inject modules and
payload modules to use above features.
 2013-12-06 12:26:51 +00:00
sinn3r 89ef1d4720 Fix a typo in mswin_tiff_overflow 2013-12-06 00:44:12 -06:00
DoI 3d327363af uptime_file_upload code tidy-ups 2013-12-06 13:45:22 +13:00
sinn3r c07686988c random uri 2013-12-05 18:07:24 -06:00
OJ 73d3ea699f Remove the last redundant error check 2013-12-06 09:32:21 +10:00
jvazquez-r7 e4c6413643
Land #2718, @wchen-r7's deletion of @peer on HttpClient modules 2013-12-05 17:25:59 -06:00
OJ 2cb991cace Shuffle RDI stuff into more appropriate structure 
Now broken into two modules, one for loading RDI DLLs off disk and
finding the loader function offset, and another for doing the process
specific stuff of loading into the target.
 2013-12-06 08:25:24 +10:00
William Vu 79e23a1e13
Land #2675, @JonValt's forensics/browser_history 
Great job!
 2013-12-05 09:35:53 -06:00
Joshua Harper PI GCFE GCFA GSEC cd5172384f Rename gather_browser_history.rb to browser_history.rb 2013-12-05 08:43:19 -06:00
Joshua Harper 3957bbc710 capitalization ("skype") 
(https://github.com/rapid7/metasploit-framework/pull/2675#discussion_r8120307)

Removed some Chrome artifacts and renamed one to reflect "Archived History."  
(https://github.com/rapid7/metasploit-framework/pull/2675#discussion_r8120314)
((Will include other doxxes in another module.))
 2013-12-05 08:33:47 -06:00
DoI 07294106cb Removed redundant content-type parameter 2013-12-05 14:18:26 +13:00
sinn3r 8e9723788d Correct description 2013-12-04 17:25:58 -06:00
sinn3r fb2fcf429f This one actually works 2013-12-04 17:22:42 -06:00
DoI cfffd80d22 Added uptime_file_upload exploit module 2013-12-05 11:56:05 +13:00
OJ b936831125 Renamed the mixin module 2013-12-05 08:13:54 +10:00
sinn3r d0071d7baa Add CVE-2013-6414 Rails Action View DoS 2013-12-04 14:57:30 -06:00
Tod Beardsley f5a45bfe52
@twitternames not supported for author fields 
It's kind of a dumb reason but there are metasploit metadata parsers out
there that barf all over @names. They assume user@email.address. Should
be fixed some day.
 2013-12-04 13:31:22 -06:00
OJ 7e8db8662e Update name of the mixin 
Changed `RdiMixin` to `ReflectiveDLLInjection`.
 2013-12-04 22:18:29 +10:00
OJ f79af4c30e Add RDI mixin module 
MSF was starting to see more modules using RDI to load binaries into
remote processes, so it made sense to create a mixin which contained
the functionality that was being used in various locations.

This commit contains the new mixin, and adjustments to all the existing
exploits and modules which use RDI.
 2013-12-04 16:09:41 +10:00
sinn3r bf3489203a I missed this one 2013-12-03 13:13:14 -06:00
sinn3r 230db6451b Remove @peer for modules that use HttpClient 
The HttpClient mixin has a peer() method, therefore these modules
should not have to make their own. Also new module writers won't
repeat the same old code again.
 2013-12-03 12:58:16 -06:00
sinn3r ddbd5858e0
Land #2701 - Refactor of `ppr_flatten_rec` 
Also [SeeRM #8140]
 2013-12-03 10:51:58 -06:00
jvazquez-r7 2d77ed58d5
Land #2648, @pnegry's exploit for Kaseya File Upload 2013-12-03 09:35:05 -06:00
jvazquez-r7 2606a6ff0e Do minor clean up for kaseya_uploadimage_file_upload 2013-12-03 09:34:25 -06:00
sinn3r 99dc9f9e7e Fix msftidy warning 2013-12-03 00:09:51 -06:00
Jonathan Claudius e37f7d3643 Use send_request_cgi instead of send_request_raw 2013-12-03 00:57:26 -05:00
Jonathan Claudius 14e600a431 Clean up res nil checking 2013-12-03 00:51:19 -05:00
Jonathan Claudius b796095582 Use peer vs. rhost and rport for prints 2013-12-03 00:49:05 -05:00
Jonathan Claudius 0480e01830 Account for nil res value 2013-12-03 00:45:57 -05:00
Jonathan Claudius c91d190d39 Add Cisco ASA ASDM Login 2013-12-03 00:16:04 -05:00
Thomas Hibbert 21bb8fd25a Update based on jvazquez's suggestions. 2013-12-03 13:49:31 +13:00
jvazquez-r7 47bff9a416
Land #2711, @Mekanismen exploit for wordpress OptimizePress theme 2013-12-02 16:30:24 -06:00
jvazquez-r7 5c3ca1c8ec Fix title 2013-12-02 16:30:01 -06:00
jvazquez-r7 c32b734680 Fix regex 2013-12-02 16:24:21 -06:00
Tod Beardsley 55847ce074
Fixup for release 
Notably, adds a description for the module landed in #2709.
 2013-12-02 16:19:05 -06:00
jvazquez-r7 79a6f8c2ea Clean php_wordpress_optimizepress 2013-12-02 15:43:41 -06:00