Commit Graph

22287 Commits (b02e21a1d3a01e72ee50c6821785eff0a0efb5ec)

Author SHA1 Message Date
jvazquez-r7 b02e21a1d3
Land #2779, @wchen-r7's mod to raise Msf::OptionValidateError when PORTS is invalid 2013-12-26 09:27:27 -06:00
jvazquez-r7 c2783c2746
Land #2798, @wchen-r7 update to safari post module 2013-12-25 10:24:39 -06:00
sinn3r 78db7429d0 Turns out the latest Safari is still vulnerable.
The version check is currently disabled because turns out the latest
Safari (6.1.1) is still vulnerable - I can still loot it in plain
text.
2013-12-24 19:27:45 -06:00
sinn3r a26e12b746 Updates descriiption and improves regex for safari_lastsession.rb
This updates two things for the safari_lastsession post module:

1. The description is updated: More information is added to describe
how Safari would end up storing the Gmail credential in the last
session state, and what it means to you as an attacker.

2. Regex update for the domain to search for: Before the module starts
extract the session data, it needs to know which domain to extract from.
Originally I only added mail.google.com, but turns out the sensitive info
can be found in accounts.google.com, so I added that one.
2013-12-24 14:00:55 -06:00
jvazquez-r7 95c4092f0f
Land #2797, @rbsec's patch for lotus domino regex 2013-12-24 07:28:57 -06:00
jvazquez-r7 136d635300
Land #2796, @Meatballs1's patch for [FixRM #8716] 2013-12-24 07:20:38 -06:00
rbsec 86a94022c0 Fix lotus_domino_hashes not working.
Some Lotus Domino servers prefix the "dspHTTPPassword" with a dollar
sign. Updated regex to take this into account.
2013-12-24 11:57:13 +00:00
sinn3r 90ce761681
Land #2790 - RealNetworks RealPlayer Version Attribute Buffer Overflow 2013-12-24 00:39:54 -06:00
sinn3r 367dce505b Minor details 2013-12-24 00:39:15 -06:00
sgabe f687a14539 Added support for opening via menu. 2013-12-24 03:12:49 +01:00
sinn3r 213556761a
Land #2765 - Added Poison Ivy Command and Control Scanner 2013-12-23 17:36:18 -06:00
sinn3r 0a07bbdf2e Minor changes 2013-12-23 17:35:42 -06:00
Meatballs 075f48a49f
Fix path 2013-12-23 22:44:56 +00:00
sinn3r 8a1f701081
Land #2795 - Increment MDM version to 0.16.9 2013-12-23 15:09:22 -06:00
Tod Beardsley 1599d9a134
Update Gemfile.lock 2013-12-23 14:47:32 -06:00
jvazquez-r7 2cc4fa35cf
Land #2785, @todb-r7's support for post modules on msfcli 2013-12-23 12:05:40 -06:00
Tod Beardsley c156d2a694
Increment MDM version to 0.16.9
[SeeRM #8725]
2013-12-23 10:29:36 -06:00
sinn3r 9c484dd0a3
Land #2786 - HP SiteScope issueSiebelCmd Remote Code Execution 2013-12-23 02:34:01 -06:00
sinn3r 5b647ba6f8 Change description
Pre-auth is implied.
2013-12-23 02:33:17 -06:00
sgabe 287271cf98 Fixed date format. 2013-12-22 01:32:16 +01:00
sgabe 0ac495fef8 Replaced hex with plain text. 2013-12-22 01:31:37 +01:00
jvazquez-r7 f43bc02297 Land #2787, @mwulftange's exploit for CVE-2013-6955 2013-12-20 17:03:10 -06:00
jvazquez-r7 163a54f8b1 Do send_request_cgi final clean up 2013-12-20 17:00:57 -06:00
sgabe 44ab583611 Added newline to end of file. 2013-12-20 22:40:45 +01:00
sgabe 62f71f6282 Added module for CVE-2013-6877 2013-12-20 22:37:09 +01:00
SeawolfRN bf2dc97595 Merge branch 'poisonivyscanner' of github.com:SeawolfRN/metasploit-framework into poisonivyscanner 2013-12-20 18:46:35 +00:00
SeawolfRN ae7a0159e7 Changed to Puts and get_once - also forgot the timeout... 2013-12-20 18:44:42 +00:00
Markus Wulftange 13a4c62b0d Merge pull request #2 from jvazquez-r7/review_2787
Do final (minor) cleanup
2013-12-20 09:53:23 -08:00
jvazquez-r7 8be481f324
Land #2681, @mcantoni and @todb-r7's support for chargen 2013-12-20 11:53:08 -06:00
sinn3r 7b80fadc5d
Land #2780 - Convert gendocs.sh to use rake yard 2013-12-20 11:48:03 -06:00
jvazquez-r7 12efa99ce5 Fix udp_sweep 2013-12-20 11:47:48 -06:00
jvazquez-r7 2dc7ef4398 Fix udp_probe 2013-12-20 11:45:27 -06:00
jvazquez-r7 af13334c84 Revert gsub! 2013-12-20 11:39:49 -06:00
sinn3r ce8b8e8ef9
Land #2783 - OpenSIS 'modname' PHP Code Execution 2013-12-20 11:29:10 -06:00
sinn3r d0ef860f75 Strip default username/password
There isn't one. So force the user to supply one.
2013-12-20 11:28:18 -06:00
sinn3r 52a4e55804
Land #2781 - Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution 2013-12-20 11:25:50 -06:00
jvazquez-r7 1da961343a Do final (minor) cleanup 2013-12-20 11:20:29 -06:00
Matteo Cantoni 038d6d526c Merge pull request #2 from todb-r7/simplify-chargen-detection
Add chargen to udp_probe and udp_sweep
2013-12-20 08:48:50 -08:00
Tod Beardsley 2f34f8458b
Downcase chargen service name 2013-12-20 10:41:53 -06:00
Tod Beardsley 35c847da94
Add chargen to udp_probe and udp_sweep
This simplifies the checks considerably for PR #2681 from @mcantoni
2013-12-20 10:32:15 -06:00
jvazquez-r7 a043d384d4
Land #2738, @jiuweigui update to enum_prefetch 2013-12-20 10:26:54 -06:00
Markus Wulftange 929f3ea35c Turn Auxiliary module into Exploit module 2013-12-20 16:45:38 +01:00
Matteo Cantoni d26303e3e7 Merge pull request #1 from jvazquez-r7/review-2681
Clean chargen_probe
2013-12-20 07:42:08 -08:00
jvazquez-r7 eba164d2e3 Clean chargen_probe 2013-12-20 09:10:15 -06:00
Markus Wulftange 15f6a62f90 Msf::Exploit::Remote::HttpClient already provides 'peer' 2013-12-20 15:10:10 +01:00
Markus Wulftange 0718c27f47 Use 'unless' instead of 'if not' 2013-12-20 15:09:32 +01:00
Markus Wulftange fe66d2437b Add module for CVE-2013-6955
Auxiliary module for Synology DiskStation Manager (DMS) SLICEUPLOAD
vulnerability, which allows unauthenticated remote command execution
under root privileges.
2013-12-20 11:50:02 +01:00
bcoles fb6cd9c149 add osvdb+url refs and module tidy up 2013-12-20 20:27:07 +10:30
sinn3r 2510580c19
Land #2784 - Remove EOL whitespace from OS X hashdump 2013-12-20 03:54:37 -06:00
OJ 0db062a1ce
Merge branch 'meatballs-vncdll-submodule' 2013-12-20 18:29:27 +10:00