b457289e01
Merge remote branch 'webstersprodigy/module-http-ntlmrelay'
2012-08-21 15:28:50 -05:00
7ddcc787bd
Merge branch 'jboss-exploits-revision2' of https://github.com/h0ng10/metasploit-framework into h0ng10-jboss-exploits-revision2
2012-08-21 14:37:09 -05:00
ed9ed25610
Merge branch 'esva_exec' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-esva_exec
2012-08-21 14:20:17 -05:00
20b3dfca9f
Merge branch 'claudijd-master'
2012-08-21 14:19:45 -05:00
433c9f6b28
Final cleanup
2012-08-21 14:17:21 -05:00
c5623cae4c
Fixing Bug w/ XP Method & Improving formatting for smart_hashdump
...
1.) Addressed obvious bug in registry read for XP hint gathering code
2.) Cleaned up the formatting for smart_hashdump which needed
additional tabs
2012-08-21 07:56:52 -05:00
3106f87687
badchars fixed
2012-08-21 13:30:15 +02:00
e21ea6999c
added module for ESVA Command Injection Vulnerability
2012-08-21 13:25:03 +02:00
65b29d149f
Update to use OptEnum for RTYPE
2012-08-20 22:45:20 -04:00
a3bad0b3ae
Added XP Support and Changed Output Method for User Password Hints
...
1.) Now grabs clear-text user hint from XP systems in addition to
Win7/Win8 systems
2.) Changes output so it's no longer inline with hashes as not to
affect copy/paste of hashes output
3.) Adding alternate text in cases when no user hints are available
2012-08-20 21:30:12 -05:00
73eab8a8ee
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-08-20 15:44:28 -05:00
8d4b4fc7be
Some more changes before pushing to master
2012-08-20 15:43:39 -05:00
3da8a59cf0
a little cleanup plus complete metadata
2012-08-20 22:42:54 +02:00
e6bda752ee
cleaned up and using HttpServer for handling requests and sending 401
2012-08-20 15:23:49 -05:00
d226135986
Code Review Feedback
...
Removed trailing spaces and fixed indenting.
2012-08-20 10:41:42 -04:00
fbc36b57d0
Adding Windows User Password Hint Decoding to Hashdump Tools
...
* UserPasswordHint, a key that is used to store the users password
hint, can be easily decoded to clear-text to get the users hint
(Example: "My Favorite Color")
* Added decode_windows_hint() method to perform the decode process
* Added decoded hint output for hashdump.rb and smart_hashdump.rb
2012-08-19 23:04:11 -05:00
d82493a658
Code Review Feedback
...
Added 'Space' payload option, which in turn also required 'DisableNops'
Added/Corrected documentation for return addresses
2012-08-19 22:09:08 -04:00
10698e2f99
Updating HTTP Basic capture mod with edits based on MSF team suggestions
2012-08-19 19:47:01 -05:00
bd249d1f28
Fixed exploit and made code review changes
...
The exploit was not working due to the user's root path causing
the EIP offset to change. To correct this, I was able to get
the server to disclose the root path in an error message (fixed in
5.67). I also radically refactored the exploit due to the feedback
I received from Juan Vazquez.
2012-08-19 10:01:03 -04:00
6dfe706860
Merge remote-tracking branch 'upstream/master' into sysax_create_folder
2012-08-19 09:58:04 -04:00
de380cfb46
Adding aux mod for HTTP Basic Auth capture
2012-08-19 01:51:01 -05:00
d1370c0f33
Alexander Gavrun gets a cookie
2012-08-17 12:23:49 -05:00
53a835dc85
Imply that we only garantee 11.3
2012-08-17 12:18:45 -05:00
13df1480c8
Add exploit for CVE-2012-1535
2012-08-17 12:16:54 -05:00
5cd20357d8
Updating URL for Bypass UAC
2012-08-15 22:34:44 -05:00
a228e42630
Add new target thanks for cabetux
2012-08-15 16:06:09 -05:00
c6b9121f8b
Added support for CVE-2010-0738
2012-08-15 15:47:44 -04:00
ac2e3dd44e
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-08-15 14:47:22 -05:00
6965431389
Added support for CVE-2010-0738, msftidy
2012-08-15 15:47:14 -04:00
54146b8e99
Add another ref about the technique
2012-08-15 14:46:51 -05:00
e5498e3e1d
Added fix for CVE-2010-0738, corrections
2012-08-15 15:46:34 -04:00
9bf1f28c1f
Apostrophe
2012-08-15 14:19:56 -05:00
f325d47659
Fix up description a little
2012-08-15 13:57:24 -05:00
586d937161
Msftidy fix and adding OSVDB
2012-08-15 13:43:50 -05:00
d56ac81a57
Recapitalizing GlobalSCAPE
...
According to
http://kb.globalscape.com/Search.aspx?Keywords=globalscape
this seems to be the preferred capitalization.
2012-08-15 13:25:35 -05:00
dc5f8b874d
Found a bug with retrying.
2012-08-14 17:04:17 -05:00
b3791b1545
I missed one
2012-08-14 16:51:55 -05:00
6a0271fb11
Correct OSX naming. See ticket #7182
2012-08-14 15:29:21 -05:00
0e4e7dc903
Indentation fix
2012-08-14 12:27:27 -05:00
6597d25726
Shortening an over-200 long line for readability
...
It's a contrived fix, but scrolling over is a hassle. This comes up a
lot in long regexes, not sure the best way to address these.
2012-08-14 12:27:27 -05:00
bfe2ed0737
Minor title update
2012-08-14 12:14:13 -05:00
1ec7f03352
Changes proposed by todb: description, author email, zip data random
2012-08-14 18:45:05 +02:00
3c79509780
Added module for BID 46375
2012-08-14 18:15:29 +02:00
3e0e5a1a75
No manual stuff, probably prones to failure anyway.
2012-08-14 10:58:57 -05:00
612848df6f
Add priv escalation mod for exploiting trusted service path
2012-08-14 01:55:03 -05:00
bd408fc27e
Updating msft links to psexec
...
Thanks for the spot @shuckins-r7 !
2012-08-13 15:28:04 -05:00
a872f624a1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2012-08-13 19:31:50 +02:00
d6b28dc44d
ranking changed plus on_new_session handler added
2012-08-13 19:29:13 +02:00
468030786f
small fixes, mainly check res agains nil, res.code and use send_request_cgi
2012-08-13 18:57:59 +02:00
7c6b6281d7
Merge branch 'beacon-addr' of https://github.com/bonsaiviking/metasploit-framework into bonsaiviking-beacon-addr
2012-08-13 11:57:22 -05:00
Tod Beardsley
sinn3r
Jonathan Claudius
jvazquez-r7
webstersprodigy
saint patrick
Matt Andreko
h0ng10