bf8c0b10fa
Dont store n/a creds
2013-12-21 09:04:02 +00:00
6ce0bab036
Cleanup, also split IP addresses separated by commas.
2013-12-21 00:15:00 +00:00
f43bc02297
Land #2787 , @mwulftange's exploit for CVE-2013-6955
2013-12-20 17:03:10 -06:00
163a54f8b1
Do send_request_cgi final clean up
2013-12-20 17:00:57 -06:00
44ab583611
Added newline to end of file.
2013-12-20 22:40:45 +01:00
62f71f6282
Added module for CVE-2013-6877
2013-12-20 22:37:09 +01:00
bf2dc97595
Merge branch 'poisonivyscanner' of github.com:SeawolfRN/metasploit-framework into poisonivyscanner
2013-12-20 18:46:35 +00:00
ae7a0159e7
Changed to Puts and get_once - also forgot the timeout...
2013-12-20 18:44:42 +00:00
8be481f324
Land #2681 , @mcantoni and @todb-r7's support for chargen
2013-12-20 11:53:08 -06:00
12efa99ce5
Fix udp_sweep
2013-12-20 11:47:48 -06:00
2dc7ef4398
Fix udp_probe
2013-12-20 11:45:27 -06:00
af13334c84
Revert gsub!
2013-12-20 11:39:49 -06:00
ce8b8e8ef9
Land #2783 - OpenSIS 'modname' PHP Code Execution
2013-12-20 11:29:10 -06:00
d0ef860f75
Strip default username/password
...
There isn't one. So force the user to supply one.
2013-12-20 11:28:18 -06:00
52a4e55804
Land #2781 - Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
2013-12-20 11:25:50 -06:00
1da961343a
Do final (minor) cleanup
2013-12-20 11:20:29 -06:00
2f34f8458b
Downcase chargen service name
2013-12-20 10:41:53 -06:00
35c847da94
Add chargen to udp_probe and udp_sweep
...
This simplifies the checks considerably for PR #2681 from @mcantoni
2013-12-20 10:32:15 -06:00
a043d384d4
Land #2738 , @jiuweigui update to enum_prefetch
2013-12-20 10:26:54 -06:00
929f3ea35c
Turn Auxiliary module into Exploit module
2013-12-20 16:45:38 +01:00
eba164d2e3
Clean chargen_probe
2013-12-20 09:10:15 -06:00
15f6a62f90
Msf::Exploit::Remote::HttpClient already provides 'peer'
2013-12-20 15:10:10 +01:00
0718c27f47
Use 'unless' instead of 'if not'
2013-12-20 15:09:32 +01:00
fe66d2437b
Add module for CVE-2013-6955
...
Auxiliary module for Synology DiskStation Manager (DMS) SLICEUPLOAD
vulnerability, which allows unauthenticated remote command execution
under root privileges.
2013-12-20 11:50:02 +01:00
fb6cd9c149
add osvdb+url refs and module tidy up
2013-12-20 20:27:07 +10:30
2510580c19
Land #2784 - Remove EOL whitespace from OS X hashdump
2013-12-20 03:54:37 -06:00
0db062a1ce
Merge branch 'meatballs-vncdll-submodule'
2013-12-20 18:29:27 +10:00
34cdec5155
Update project VS 2013, clean CLI build
...
* Project system updated to VS 2013.
* Clean builds, had to remove a bunch of warnings.
* `make.bat` for building from the command line.
* Removed RDI stuff that shouldn't be there any more.
* Renamed the x86 DLL to include the platform name.
2013-12-20 09:49:15 +10:00
4816abe63b
Add module for ZDI-13-263
2013-12-19 17:48:52 -06:00
6ac0aad38b
Prevent report_* when RESOLVE is remote, since hostname may be unknown and local resolution fail, thus spitting out an error and failing
2013-12-19 23:37:13 +00:00
c881ef5472
Unreachable and time out error identification
2013-12-19 22:59:56 +00:00
a199dc39af
used the recvfrom timeout
2013-12-19 20:56:11 +01:00
8e27e87c81
Use the right disclosure date.
2013-12-19 12:58:52 -06:00
955dfe5d29
msftidy it up.
2013-12-19 12:53:58 -06:00
b50bbc2f84
Update module to use sinn3r's beautiful browserexploitserver.
2013-12-19 12:49:24 -06:00
773d4c5cd1
commented out response packet vprint
2013-12-19 18:35:11 +00:00
ad8a156263
RHOSTS can be a comma separated list of hostnames
2013-12-19 18:33:32 +00:00
564601e083
msftidy - fixed
2013-12-19 17:30:34 +00:00
2480f023b1
Dropped scanner mixin. Tried to maintain usage
2013-12-19 17:15:44 +00:00
9434d60021
Remove EOL whitespace from OS X hashdump
2013-12-19 10:39:49 -06:00
fc2da15c87
Add OpenSIS 'modname' PHP Code Execution module for CVE-2013-1349
2013-12-19 19:10:48 +10:30
eb08a30293
Update description with new version support.
2013-12-19 02:08:55 -06:00
5ee6c77901
Add a patch for 15.x support.
...
* Also add authors i forgot, oops
2013-12-19 02:05:45 -06:00
2add2acc8f
Use a smaller key size, harder to spot.
2013-12-18 21:02:23 -06:00
8d183d8afc
Update versions, 4.0.1 does not work on windows.
2013-12-18 20:57:47 -06:00
cb390bee7d
Move comment.
2013-12-18 20:37:33 -06:00
23b5254ea1
Fix include reference.
2013-12-18 20:35:43 -06:00
5255f8da12
Clean up code. Test version support.
...
* Using #get in Object#defineProperty call makes the payload execute immediately
on all supported browsers I tested.
* Moved Ranking to Excellent since it is now 100% reliable.
2013-12-18 20:30:08 -06:00
21d959c58d
RESOLVE option takes either "remote" or "local"
2013-12-19 00:38:47 +00:00
1778a08e98
Keeping changes away from the "ip" variable
2013-12-19 00:19:58 +00:00
d41f05e0b6
Land #2776 - Avoid having the same port twice
2013-12-18 18:09:43 -06:00
7ebcd5a8c9
Option to perform host resolution on remote saprouter
2013-12-18 23:53:58 +00:00
198667b650
Land #2774 , @Mekanismen's module for CVE-2013-7091
2013-12-18 16:23:44 -06:00
aec2e0c92c
Change ranking
2013-12-18 16:23:14 -06:00
f21d666631
Land #2744 , @rcvalle module for CVE-2013-2050
2013-12-18 16:19:25 -06:00
0eac17083a
Clean cfme_manageiq_evm_pass_reset
2013-12-18 16:16:32 -06:00
d4ec858051
Clean zimbra_lfi
2013-12-18 15:46:37 -06:00
8dfa2e6963
Land #2734 - OSX Gather Autologin Password as Root
2013-12-18 15:37:45 -06:00
5011c4d928
The "unless" Ruby nazi is in town
2013-12-18 15:28:31 -06:00
5ec3d5f3f6
Raise specific exceptions
2013-12-18 15:27:49 -06:00
4bddd077ec
Land #2762 - Use new ntdll railgun functions
2013-12-18 15:18:47 -06:00
ee87f357b0
Raise Msf::OptionValidateError when the PORTS option is invalid
...
Instead of print_error for invalid ports, modules should be raising
Msf::OptionValidateError to warn the user about the invalid input.
2013-12-18 15:04:53 -06:00
4028dcede7
Add an input check for datastore option PORTS
...
If Rex::Socket.portspec_crack returns an empty array, we assume
there are no valid ports to test, so we raise an OptionValidateError
to warn the user about it.
2013-12-18 14:55:51 -06:00
64273fe41d
Move addon datastore options into mixin.
2013-12-18 14:42:01 -06:00
ca2de73879
It helps to actually commit the exploit.
2013-12-18 14:31:42 -06:00
1235615f5f
Add firefox 15 chrome privilege exploit.
...
* Moves the logic for generating a firefox addon into its own mixin
* Updates the firefox_xpi_bootstrapped_addon module to use the mixin
* Module only works if you move your mouse 1px in any direction.
2013-12-18 14:30:35 -06:00
c4b8178663
Correct camelCase of YouTube
2013-12-18 14:06:45 -06:00
0c0e8c3a49
various updates
2013-12-18 20:54:35 +01:00
b9a9b90088
Update module to use added bcrypt gem
2013-12-18 16:15:35 -02:00
e20569181b
Remove EzCrypto-related code as per review
2013-12-18 16:15:22 -02:00
ab69454f89
Land #2745 , @rcvalle's exploit for CVE-2013-2068
2013-12-18 12:06:27 -06:00
ec64382efc
Fix cfme_manageiq_evm_upload_exec according to chat with @rcvalle
2013-12-18 11:53:30 -06:00
ef081cec49
Add missing disclosure date as per review
2013-12-18 15:47:23 -02:00
a28ea18798
Clean pull request
2013-12-18 11:32:34 -06:00
a4811bd0c3
Land #2760
2013-12-18 17:17:10 +10:00
5e4c395f86
Fix small spacing issue
2013-12-18 17:14:47 +10:00
10e16673a7
There must be read_file
2013-12-17 16:42:49 -06:00
21feae0bbc
Make sure the file path is readable when it's ~/
2013-12-17 16:38:58 -06:00
345e1711b1
Land #2775 , @wchen-r7's post module to Safari get LastSession.plist
2013-12-17 15:57:50 -06:00
7ec96876d9
Delete unnecessary includes
2013-12-17 15:57:09 -06:00
374ef71c12
Favor read_file instead
2013-12-17 15:34:52 -06:00
80eea97ccd
ChrisJohnRiley fix for sap_service_discovery
2013-12-17 13:31:56 -06:00
ea6ba2b159
Add post module to get LastSession.plist
...
LastSession.plist sometimes contains sensitive information such as
usernames and passwords. It'd be nice to keep this in loot.
2013-12-17 13:07:30 -06:00
2de15bdc8b
added module for Zimbra Collaboration Server CVE-2013-7091
2013-12-17 19:32:04 +01:00
252909a609
Land #2448 , @OJ's ReverseListenerBindPort :)
2013-12-17 11:24:09 -06:00
89ffafad0e
Changes to Service mixin
2013-12-17 13:10:27 +01:00
ad2ec497c2
Land #2773 - Fix ms_ndproxy to work under a sandboxed Reader
2013-12-16 20:32:27 -06:00
52cb43e6a8
Fix typo
2013-12-16 20:28:49 -06:00
2eee34babf
added timeout options and rescue timeout
2013-12-16 20:00:13 -06:00
fe34d0e36e
fixed syntax
2013-12-16 19:26:40 -06:00
7b8de95f6b
fixed database overwriting issues
2013-12-16 19:16:12 -06:00
07f686bb1a
added ResolverArgumentError rescue statement
2013-12-16 18:46:14 -06:00
84759a552a
Save one variable
2013-12-16 16:49:44 -06:00
042bd4f80b
Fix ms_ndproxy to work under a sandboxed Reader
2013-12-16 16:19:17 -06:00
24bc10905e
Added Spaces and removed Interrupt
2013-12-16 22:12:35 +00:00
f88a3a55b6
More slight updates.
2013-12-16 15:05:39 -06:00
afcee93309
Land #2771 - Fix description
2013-12-16 15:01:32 -06:00
04b7e8b174
Fix module title and add vendor patch information
2013-12-16 14:59:00 -06:00
040619c373
Minor description changes
...
No code changes (one comment made on play_youtube to suggest xdg-open
rather than firefox for linux targets).
2013-12-16 14:57:33 -06:00
533accaa87
Add module for CVE-2013-3346
2013-12-16 14:13:47 -06:00
446db78818
Minor fix to gather_pf_info function
2013-12-16 21:33:07 +02:00
bf561fef95
Corrected Extraneous Whitespace\Newlines
2013-12-16 16:38:49 +00:00
79022c2e29
Probably should have checked it worked...
2013-12-16 11:33:08 +00:00
59003a9842
Updated Poison Ivy Scanner
2013-12-15 22:02:14 +00:00
226cd241bf
Added Poison Ivy Command and Control Scanner\n Auxiliary module to scan for Poison Ivy C&C on ports 80,8080,443 and 3460
2013-12-15 14:34:50 +00:00
3dec7f61a5
Check in sysnative if wow64
2013-12-15 01:12:52 +00:00
2dc4faad72
Resplat license
2013-12-15 01:12:51 +00:00
8203274256
Small fixes
...
Remove " from service command if it is quoted.
Spawn SYSWOW64 notepad.
2013-12-15 01:12:51 +00:00
f2e2147065
Change unless with else to if with else
2013-12-15 01:12:50 +00:00
cff7008500
Fix final issues with merge
...
Hopefully this will be the last of the changes.
2013-12-15 01:12:50 +00:00
41c538856a
Re-add RDI mixin changes
2013-12-15 01:12:49 +00:00
db29af0f97
First batch of submodule refactorings
2013-12-15 01:12:48 +00:00
6916f7c5d2
Fixup description
2013-12-15 01:12:47 +00:00
3d1646d18e
Exit process when complete
2013-12-15 01:12:47 +00:00
dd32c2b0b8
Spawn 32bit process
2013-12-15 01:12:46 +00:00
819ba30a33
msftidy
...
Conflicts:
lib/msf/core/post/windows/services.rb
2013-12-15 01:12:46 +00:00
5eca4714c2
Renamed module
2013-12-15 01:12:46 +00:00
a930056d7f
Added service status checks to Post::Windows::Services
...
Added QueryServiceStatus to Railgun Advapi32 Definitions
Added Checks to module
Conflicts:
lib/msf/core/post/windows/services.rb
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb
2013-12-15 01:12:45 +00:00
c6623b380a
Initial commit
2013-12-15 01:12:45 +00:00
999006e037
fixed some things, as suggested by jvazquez-r7
2013-12-14 19:41:31 +01:00
f185c2deb1
added driver_loaded post meterpreter module
2013-12-14 00:07:04 +01:00
e8396dc37a
Delete redefinition of ntdll functions on railgun
2013-12-13 16:02:47 -06:00
ba1a70b72e
Update Microsoft patch information
2013-12-13 15:59:15 -06:00
1ab3e891c9
Modify ms_ndproxy to use railgun additions
2013-12-13 15:54:34 -06:00
14a3d76410
Land #2755 - Microsoft Windows ndproxy.sys Local Privilege Escalation
2013-12-13 15:18:13 -06:00
e6f1f648be
modified wordlist path, modified report_goods to log udp or tcp, made wordlist not required
2013-12-13 10:49:44 -06:00
d6e19df8e2
added additional url reference
2013-12-12 22:57:23 -06:00
9f18c57fce
added period to description and changed tester to user
2013-12-12 22:11:02 -06:00
dba0e9bf77
msftidy done
2013-12-12 20:30:46 -06:00
554cd41403
added dns_cache_scraper and useful wordlists
2013-12-12 20:18:18 -06:00
7ab1369515
Land #2757 , @wchen-r7's youtube post module
2013-12-12 16:36:42 -06:00
1bcaffccc8
Make sure profile name is random
2013-12-12 16:19:06 -06:00
036955983d
Add support for Linux, thanks @jvennix-r7!
2013-12-12 16:12:36 -06:00
7d12ced66e
Remove unnecessary require statements
2013-12-12 13:49:54 -06:00
ce18ac4c62
fix comment
2013-12-12 12:49:46 -06:00
97e9daaa6a
Change title
2013-12-12 12:42:07 -06:00
de087d134a
Account for error
2013-12-12 12:41:05 -06:00
7ff0f4a2e7
move to multi for real
2013-12-12 12:35:58 -06:00
4d1a07bdfc
Move to multi
2013-12-12 12:34:45 -06:00
17b5d3c375
Add support for OSX
2013-12-12 12:33:59 -06:00
509ebddb87
Turns out there's -k, that's easier
2013-12-12 10:09:02 -06:00
5c1ca97e21
Create a new process to host the final payload
2013-12-12 08:26:44 -06:00
eb4e3f8a32
Fix os detection
2013-12-12 07:39:19 -06:00
54a5dfc344
This module allows you to broadcast a Youtube video on compromised machines
2013-12-12 02:34:00 -06:00
8b518776bc
Dont fail_with on check
2013-12-11 22:08:36 -06:00
02915c751c
Favor unless over if not and add reference
2013-12-11 16:28:09 -06:00
374e40c815
Add requires
2013-12-11 12:05:12 -06:00
572ddacdd6
Clean ie_proxypac
2013-12-11 11:49:29 -06:00
7589b4c4d5
Merge for retab
2013-12-11 11:47:30 -06:00
b6fa3f28b1
Modify description
2013-12-11 08:56:31 -06:00
c4721de4a0
Add module for CVE-2013-5065
2013-12-11 08:52:35 -06:00
e6eeb4a26d
rescue RuntimeError added
2013-12-11 03:00:13 +01:00
930a907531
Land #2748 - HP LoadRunner EmulationAdmin Web Service Directory Traversal
2013-12-10 16:29:12 -06:00
3a9ac303f0
Use rexml for XML data generation
2013-12-10 15:37:44 -06:00
ff9cb481fb
Land #2464 , fixes for llmnr_response and friends
...
Fixed conflict in lib/msf/core/exploit/http/server.rb.
2013-12-10 13:41:45 -06:00
3d5501326b
Land #2743 , @Mekanismen's exploit for CVE-2013-0632
2013-12-10 10:00:30 -06:00
30960e973f
Do minor cleanup on coldfusion_rds
2013-12-10 09:59:36 -06:00
2ef3caa9d7
Land #2735 , @jvennix-r7 support of 10.8+ on osx hashdump
2013-12-10 09:39:04 -06:00
230fcd87a5
Add module for zdi-13-259
2013-12-10 08:45:08 -06:00
9a6e504bfe
fixed path error and description
2013-12-10 09:05:34 +01:00
313a98b084
moved coldfusion_rds to multi directory and fixed a bug
2013-12-10 08:45:27 +01:00
1b3bc878f8
Unscrew the author name
2013-12-09 21:32:03 -06:00
e9edce10ac
Applying changes
2013-12-10 03:07:40 +01:00
06b651de7b
Revert read_file to cat so that pipe will work.
2013-12-09 19:30:08 -06:00
450716c788
Remove meterpreter support from osx autologin gather.
2013-12-09 19:19:20 -06:00
0845e3ce37
updated
2013-12-10 00:45:34 +01:00
bca2212f7e
updated
2013-12-09 23:28:17 +01:00
60d32be7d9
updated
2013-12-09 23:10:13 +01:00
e737b136cc
Minor grammar/caps fixup for release
2013-12-09 14:01:27 -06:00
14d12a2ce3
updated
2013-12-09 20:22:26 +01:00
37826688ce
Add cfme_manageiq_evm_pass_reset.rb
...
This module exploits a SQL injection vulnerability in the "explorer"
action of "miq_policy" controller of the Red Hat CloudForms Management
Engine 5.1 (ManageIQ Enterprise Virtualization Manager 5.0 and earlier)
by changing the password of the target account to the specified
password.
2013-12-09 16:49:07 -02:00
21661b168b
Add cfme_manageiq_evm_upload_exec.rb
...
This module exploits a path traversal vulnerability in the "linuxpkgs"
action of "agent" controller of the Red Hat CloudForms Management Engine
5.1 (ManageIQ Enterprise Virtualization Manager 5.0 and earlier).
2013-12-09 16:18:12 -02:00
6d1d45c691
Add user param to nt_hash call.
2013-12-09 10:28:06 -06:00
c59b8fd7bc
Land #2741 , @russell TCP support for nfsmount
2013-12-09 09:46:34 -06:00
67415808da
added exploit module for CVE-2013-0632
2013-12-09 15:18:34 +01:00
291a52712e
Allow the NFS protocol to be specified in the mount scanner
2013-12-09 21:26:29 +11:00
1e30cd55f7
Land #2740 - Real regex for MATCH and EXCLUDE
2013-12-09 03:05:08 -06:00
9c5991980a
Land #2733 - Disable meterpreter support because they're not stable
2013-12-09 02:50:36 -06:00
2f6a77861a
Land #2731 - vBulletin nodeid SQL injection (exploit)
2013-12-09 02:22:07 -06:00
feca3efafb
Land #2728 - vBulletin Password Collector via nodeid SQL Injection
2013-12-09 02:12:42 -06:00
92412279ae
Account for failed cred gathering attempts
...
Sometimes the SQL error doesn't contain the info we need.
2013-12-09 02:11:46 -06:00
cd66cca8a1
Make browser autopwn datastore use OptRegexp.
2013-12-08 17:46:33 -06:00
dea35252af
Kill unused method.
2013-12-08 14:35:49 -06:00
df76651834
Make sure loot is named correctly.
2013-12-08 14:31:18 -06:00
7f3ab14179
Make pipe part of /bin/bash cmd.
2013-12-08 14:27:28 -06:00
9b34a8f1ad
Supports 10.3
2013-12-08 14:26:16 -06:00
f981a04918
Fix MATCHUSER bug.
...
* Also add spacing and indentation for better readability.
* Refactors grab_shadow_blob method.
2013-12-08 14:21:48 -06:00
2a0b503f06
Minor fix
2013-12-08 18:17:22 +02:00
eacab1b2ad
Fix description, kill dead constant.
2013-12-07 22:28:16 -06:00
969f45fd32
Refactor OSX hashdump post module.
...
* Adds support for MATCHUSER regex option
* Adds support for OSX 10.8 and 10.9 hashes (PBKDF2)
* DRYs up a bunch of older code, adds lots of helper fns
* Ends up shaving off ~20 lines
2013-12-07 22:22:23 -06:00
3066e62711
Fix typo, fix no-autologin users bug.
2013-12-07 19:27:36 -06:00
4cb788b9de
Adds osx autologin password post module.
2013-12-07 19:01:35 -06:00
c6eac67ab5
Kill meterpreter support for osx media modules.
...
There is some bug that I haven't been able to track down that causes the
osx call to run the event queue to just hang on latest OSX + Java/python
meterpreter. I tried rewriting these modules using OSX's new Media API,
but I run into the same problem. Until I find a solution, we should mark
these shell-only.
2013-12-07 17:46:26 -06:00
c51e9036ae
Merge branch 'land_mipsbe_xor_encoder' into upstream-master
2013-12-07 17:28:57 -06:00
75fb38fe8d
Land #2724 , @wchen-r7 and @jvennix-r7's module for CVE-2013-6414
2013-12-07 14:26:46 -06:00
fdebfe3d2f
Add references
2013-12-07 14:25:58 -06:00
f77784cd0d
Land #2723 , @denandz's module for OSVDB-100423
2013-12-06 17:32:07 -06:00
3729c53690
Move uptime_file_upload to the correct location
2013-12-06 15:57:52 -06:00
2ff9c31747
Do minor clean up on uptime_file_upload
2013-12-06 15:57:22 -06:00
adc241faf8
Last one, I say
2013-12-06 15:52:42 -06:00
17193e06a9
Last commit, I swear
2013-12-06 15:49:44 -06:00
58a70779ac
Final update
2013-12-06 15:48:59 -06:00
9f5768ae37
Another update
2013-12-06 14:53:35 -06:00
af16f11784
Another update
2013-12-06 14:39:26 -06:00
d47292ba10
Add module for CVE-2013-3522
2013-12-06 13:50:12 -06:00
87e77b358e
Use the correct URI
2013-12-06 12:08:19 -06:00
5d4acfa274
Plenty of changes
2013-12-06 11:57:02 -06:00
5e5fd6b01a
Unless replaced
2013-12-06 15:01:35 +01:00
6f02744d46
Land #2730 Typo in mswin_tiff_overflow
2013-12-06 12:32:37 +00:00
3aebe968bb
Land #2721 Reflective DLL Mixin
...
Adds support to load a dll and identify the ReflectiveLoader offset.
Adds support to inject dll into process and execute it.
Updates kitrap0d, ppr_flatten_rec, reflective_dll_inject modules and
payload modules to use above features.
2013-12-06 12:26:51 +00:00
89ef1d4720
Fix a typo in mswin_tiff_overflow
2013-12-06 00:44:12 -06:00
3d327363af
uptime_file_upload code tidy-ups
2013-12-06 13:45:22 +13:00
c07686988c
random uri
2013-12-05 18:07:24 -06:00
73d3ea699f
Remove the last redundant error check
2013-12-06 09:32:21 +10:00
e4c6413643
Land #2718 , @wchen-r7's deletion of @peer on HttpClient modules
2013-12-05 17:25:59 -06:00
f2f8c08c8e
Use blank? method
2013-12-05 16:36:44 -06:00
2cb991cace
Shuffle RDI stuff into more appropriate structure
...
Now broken into two modules, one for loading RDI DLLs off disk and
finding the loader function offset, and another for doing the process
specific stuff of loading into the target.
2013-12-06 08:25:24 +10:00
a380d9b4f2
Add aux module for CVE-2013-3522
2013-12-05 15:58:05 -06:00
79e23a1e13
Land #2675 , @JonValt's forensics/browser_history
...
Great job!
2013-12-05 09:35:53 -06:00
cd5172384f
Rename gather_browser_history.rb to browser_history.rb
2013-12-05 08:43:19 -06:00
3957bbc710
capitalization ("skype")
...
(https://github.com/rapid7/metasploit-framework/pull/2675#discussion_r8120307 )
Removed some Chrome artifacts and renamed one to reflect "Archived History."
(https://github.com/rapid7/metasploit-framework/pull/2675#discussion_r8120314 )
((Will include other doxxes in another module.))
2013-12-05 08:33:47 -06:00
717f45ac09
Minor modification
2013-12-05 09:07:28 +02:00
902d48efab
Delete debug prints
2013-12-05 09:03:42 +02:00
492cd1ca07
Modifications how info is collected from pf files.
2013-12-05 08:56:26 +02:00
07294106cb
Removed redundant content-type parameter
2013-12-05 14:18:26 +13:00
8e9723788d
Correct description
2013-12-04 17:25:58 -06:00
fb2fcf429f
This one actually works
2013-12-04 17:22:42 -06:00
cfffd80d22
Added uptime_file_upload exploit module
2013-12-05 11:56:05 +13:00
b936831125
Renamed the mixin module
2013-12-05 08:13:54 +10:00
d0071d7baa
Add CVE-2013-6414 Rails Action View DoS
2013-12-04 14:57:30 -06:00
f5a45bfe52
@twitternames not supported for author fields
...
It's kind of a dumb reason but there are metasploit metadata parsers out
there that barf all over @names. They assume user@email.address . Should
be fixed some day.
2013-12-04 13:31:22 -06:00
1833b6fd95
More changes. No admin privs check
2013-12-04 14:51:46 +01:00
7e8db8662e
Update name of the mixin
...
Changed `RdiMixin` to `ReflectiveDLLInjection`.
2013-12-04 22:18:29 +10:00
05479b2a19
Added new options
2013-12-04 11:45:37 +01:00
f79af4c30e
Add RDI mixin module
...
MSF was starting to see more modules using RDI to load binaries into
remote processes, so it made sense to create a mixin which contained
the functionality that was being used in various locations.
This commit contains the new mixin, and adjustments to all the existing
exploits and modules which use RDI.
2013-12-04 16:09:41 +10:00
5c266adfd7
added ie_proxypac post meterpreter module
2013-12-03 22:23:09 +01:00
bf3489203a
I missed this one
2013-12-03 13:13:14 -06:00
230db6451b
Remove @peer for modules that use HttpClient
...
The HttpClient mixin has a peer() method, therefore these modules
should not have to make their own. Also new module writers won't
repeat the same old code again.
2013-12-03 12:58:16 -06:00
ddbd5858e0
Land #2701 - Refactor of `ppr_flatten_rec`
...
Also [SeeRM #8140 ]
2013-12-03 10:51:58 -06:00
2d77ed58d5
Land #2648 , @pnegry's exploit for Kaseya File Upload
2013-12-03 09:35:05 -06:00
2606a6ff0e
Do minor clean up for kaseya_uploadimage_file_upload
2013-12-03 09:34:25 -06:00
99dc9f9e7e
Fix msftidy warning
2013-12-03 00:09:51 -06:00
e37f7d3643
Use send_request_cgi instead of send_request_raw
2013-12-03 00:57:26 -05:00
14e600a431
Clean up res nil checking
2013-12-03 00:51:19 -05:00
b796095582
Use peer vs. rhost and rport for prints
2013-12-03 00:49:05 -05:00
0480e01830
Account for nil res value
2013-12-03 00:45:57 -05:00
c91d190d39
Add Cisco ASA ASDM Login
2013-12-03 00:16:04 -05:00
21bb8fd25a
Update based on jvazquez's suggestions.
2013-12-03 13:49:31 +13:00
47bff9a416
Land #2711 , @Mekanismen exploit for wordpress OptimizePress theme
2013-12-02 16:30:24 -06:00
5c3ca1c8ec
Fix title
2013-12-02 16:30:01 -06:00
Meatballs
Bruno Morisson
jvazquez-r7
sgabe
SeawolfRN
sinn3r
Tod Beardsley
Markus Wulftange
bcoles
OJ
Matteo Cantoni
Joe Vennix
William Vu
Mekanismen
Ramon de C Valle
bmerinofe
zeknox
jiuweigui
Russell Sim
DoI
Joshua Harper PI GCFE GCFA GSEC
Jonathan Claudius
Thomas Hibbert