Commit Graph

13860 Commits (b3eb7b13585338889eae20f1250d1a756f4f2f8f)

Author SHA1 Message Date
HD Moore 64e8956319 More small tweaks to import/export of attempts 2012-07-10 00:18:06 -05:00
HD Moore 25fee46020 Quick typo fix 2012-07-09 23:31:53 -05:00
LittleLightLittleFire 956ec9d1da added Makefile for CVE-2012-1723 2012-07-10 14:12:07 +10:00
HD Moore 6c977535d0 Fix up attempt/detail import/export structure 2012-07-09 22:47:05 -05:00
HD Moore bfde053cf4 Correct a flaw in vuln_attempt/vuln_detail import 2012-07-09 22:28:42 -05:00
LittleLightLittleFire e9ac90f7b0 added CVE-2012-1723 2012-07-10 12:20:37 +10:00
sinn3r b817070545 Merge branch 'mac_oui' of https://github.com/alexmaloteaux/metasploit-framework into alexmaloteaux-mac_oui 2012-07-09 20:14:25 -05:00
Alexandre Maloteaux e509c72574 better handle company name 2012-07-10 00:24:30 +01:00
Alexandre Maloteaux e949b8c2c8 mac_oui 2012-07-09 23:46:57 +01:00
HD Moore 52752d7685 Merge pull request #586 from mephos/proxy-reverse-tcp
allow reverse tcp with proxies
2012-07-09 14:11:54 -07:00
m m 36d27242c7 allow reverse tcp with proxies 2012-07-09 23:05:09 +02:00
sinn3r 074eac2800 Merge branch 'autoexploit_msfconsole_support' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-autoexploit_msfconsole_support 2012-07-09 15:14:39 -05:00
sinn3r 2693b224ee Update some comments 2012-07-09 14:06:29 -05:00
sinn3r 59e201ddec Correct help_me 2012-07-09 13:57:28 -05:00
sinn3r d6accef5e6 Allow datastore options plus other things
Here's a list of things that have changed:
* Allow datastore options as argumnets.
* Allow "dry-run" mode
* Cleaner way to initialize arguments
2012-07-09 13:48:02 -05:00
HD Moore c8c3c0e3e4 Correct an issue with HTTP response header parsing 2012-07-09 10:22:12 -07:00
sinn3r 81b4cb737d Merge branch 'zenworks_preboot_fileaccess' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-zenworks_preboot_fileaccess 2012-07-09 11:14:56 -05:00
jvazquez-r7 73fcf73419 Added module for CVE-2011-2657 2012-07-09 18:03:16 +02:00
jvazquez-r7 b33220bf90 Added module for CVE-2012-2215 2012-07-09 17:32:55 +02:00
sinn3r 0fbfa8e6f7 Merge branch 'enum_unattend_ii' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-enum_unattend_ii 2012-07-09 10:14:30 -05:00
sinn3r 5586aa6c1b Move some code around 2012-07-09 09:44:22 -05:00
sinn3r 5db26beef7 Add more features
Please see the following ticket:
http://dev.metasploit.com/redmine/issues/7041
2012-07-09 05:17:40 -05:00
sinn3r d626de66f7 Print out where the scheme info is stored.
This module needs to print out where the scheme is stored so the
user knows where it is, see complaint:
https://community.rapid7.com/message/4448
2012-07-08 18:24:18 -05:00
HD Moore 442eccd1d6 Merge pull request #578 from claudijd/master
Bug Fix to "Stamp Out" LM and NTLM Hash Corruption in Hashdump Code
2012-07-08 12:24:46 -07:00
Jonathan Claudius 5938771e6c Bug Fix to "Stamp Out" LM and NTLM Hash Corruption
-This commit Addresses Metasploit Bug #4402 that notes corrupted (aka:
incorrect) hashes yielded from hashdump
-Fail case can be reliably reproduced on a Windows system where (1) a
user is not storing an LM hash and (2) password histories are enabled
on the system
-This issue along with other extraction tools that are affected in a
similar way will be discussed at BlackHat USA 2012 and DEFCON 20 in 2
weeks.

If you have questions, please let us know.

-Jonathan Claudius (@claudijd)
-Ryan Reynolds (@reynoldsrb)
2012-07-08 14:02:22 -05:00
HD Moore a8266bd831 Fix up odd reference normalization cases 2012-07-08 11:25:32 -05:00
HD Moore f75edc0ca1 Correct fix for older PG support, thanks to Patrick Fitzgerald 2012-07-08 10:16:51 -05:00
HD Moore 75430a0b7e Cleanup to support v1.2 as well as 1.1 2012-07-08 01:53:32 -05:00
HD Moore 4199b67879 Prevent an exception from breaking the sql cache 2012-07-07 17:30:31 -05:00
HD Moore 1d5b7a1a69 Fix an issue with PG's handling of group by on distinct 2012-07-07 17:27:11 -05:00
HD Moore 881d0ff0c9 Add method to create an asset group 2012-07-07 17:27:11 -05:00
sinn3r 87bac91d71 Apply additional changes from #549
From pull request #549. Changes include:
* Use OptEnum to enforce the use of wpad.dat or proxy.pac
* Remove cli.peerhost:cli.peerport, the API does that already
* cleanup function to restore uripath datastore option
* More friendly error when the user doesn't have enough permission
  to bind to port 80, that way they don't blame it's a bug on msf.
* Remove unnecessary SVN stuff in modinfo
2012-07-07 15:59:16 -05:00
sinn3r 4e90da002d Merge branch 'master' of https://github.com/efraintorres/wmap-metasploit into wpad 2012-07-07 15:44:05 -05:00
HD Moore 24d6a85848 Merge pull request #575 from swtornio/tikiwiki
add osvdb ref
2012-07-07 11:10:44 -07:00
Steve Tornio 44290c2c89 add osvdb ref 2012-07-07 08:40:25 -05:00
Tod Beardsley 33bf2881cc Removing cached gem for journey. 2012-07-06 22:12:50 -05:00
Tod Beardsley 505b97b470 Adding new gem versions
Add the new gems referenced in the last commit for real.
2012-07-06 22:11:16 -05:00
Tod Beardsley 63e41ee6bb Updating gems: coderay, journey, spork, sprockets 2012-07-06 22:03:33 -05:00
Tod Beardsley 3dba8273c9 Adding journey-1.0.4. 2012-07-06 17:33:16 -05:00
sinn3r 3f58aff979 Properly handle a no-payload-selected scenario 2012-07-06 16:32:18 -05:00
sinn3r 08c6b94460 Merge branch 'auto_exploit' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-auto_exploit 2012-07-06 16:24:32 -05:00
sinn3r d859059868 Remove a whitespace 2012-07-06 16:20:17 -05:00
sinn3r 4f9028f7f9 Change description a little bit 2012-07-06 16:18:14 -05:00
sinn3r 9aeb4694f7 Add autoexploit.rc based on #561
Modified from #561.  It has gone through a lot of changes, including:

* It now relies mainly on arguments instead of datastore options.
  This is because when an user uses datadatore options, the rc
  script cannot really start automatically without some config
  in advance, which is a hassle.
* We no longer have to manually connect to a database before being
  able to use the rc script.  It can automtaically connect to it
  if the necessary arguments are supplied (user/pass/workspace)
* Better error handling
* Actually exits msfconsole when something fails or not ready
* The older script does not select a payload. This one will
  automatically select one based on compatible payloads.
* Instead of manually specifying an "identifier" for reference
  matching, this is now automatic.
* Lots of cleanup
* Update help_me
2012-07-06 15:02:28 -05:00
sinn3r 70c718a5ed Fix indent level 2012-07-06 12:44:03 -05:00
sinn3r 24c57b61a8 Add juan as an author too for improving the module a lot 2012-07-06 10:41:06 -05:00
sinn3r 757d15619f Merge branch 'umbraco_upload_aspx_rev' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-umbraco_upload_aspx_rev 2012-07-06 10:39:09 -05:00
tdoan-r7 db0ab45333 updated release number to 4.3
<test commit>
2012-07-06 10:21:00 -05:00
jvazquez-r7 9fecc80459 User of TARGETURI plus improve of description 2012-07-06 15:47:25 +02:00
jvazquez-r7 7751c54a52 references updates 2012-07-06 11:56:03 +02:00