infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
48,159 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

48159 Commits (b5b06f0fb0bca96d8e05a6f9deb787a5f03852c0)

Author SHA1 Message Date
Metasploit b5b06f0fb0
automatic module_metadata_base.json update 2018-08-29 09:24:52 -07:00
William Vu 468613f688
Land #10536, https:// reference check for msftidy 2018-08-29 11:14:42 -05:00
Metasploit 9b05f76576
automatic module_metadata_base.json update 2018-08-28 22:50:41 -07:00
William Vu 326f006146
Land #10542, CVE ref for office_ms17_11882 exploit 2018-08-29 00:42:53 -05:00
Christian Mehlmauer 69d321000e
check double quotes 2018-08-29 06:49:37 +02:00
Christian Mehlmauer 31d4d4f5ff
expand check 2018-08-29 06:42:01 +02:00
Christian Mehlmauer 14fa41a376
merge changes 2018-08-29 06:09:40 +02:00
bwatters-r7 239ea3a3bb
Land #10544, Update payloads to 1.3.45 
Merge branch 'land-10544' into upstream-master
 2018-08-28 17:05:23 -05:00
Metasploit b28ee033f1
automatic module_metadata_base.json update 2018-08-28 14:58:49 -07:00
William Vu ba76292c40
Land #10543, struts2_rest_xstream targeting fixes 2018-08-28 16:50:26 -05:00
William Vu f6b868bac2 Prefer regex for target check in exploit method 
This is how I initially wrote it out, and I think I like it better.
Obviously we'll still check individual symbols in execute_command, since
some of the matching is disjoint.
 2018-08-28 15:56:45 -05:00
Metasploit 78d906a731
automatic module_metadata_base.json update 2018-08-28 13:42:46 -07:00
Adam Cammack 2958f9a83f
Land #10541, Correct claymore_dos.py's CVE ref 2018-08-28 15:35:16 -05:00
Metasploit ddee640442
automatic module_metadata_base.json update 2018-08-28 13:33:26 -07:00
bwatters-r7 cc5f1df9ce
Update payloads 2018-08-28 15:31:35 -05:00
bwatters-r7 1be7f55cae
Land #8983, Add peinjector post module 
Merge branch 'land-8983' into upstream-master
 2018-08-28 15:25:56 -05:00
William Vu 3dec79da23 Add Windows ARCH_CMD target and refactor again 
Must have been an oversight that I didn't add the target.
 2018-08-28 15:03:41 -05:00
bwatters-r7 f6b0e720e4
Add documentation for peinjector 2018-08-28 14:02:34 -05:00
Ben Schmeckpeper 6335d867ec
Add CVE reference to office_ms17_11882 exploit 
The CVE identifier appears in a  GitHub URI but is not referenced separately.
 2018-08-28 13:44:01 -05:00
Ben Schmeckpeper ed60b767a7
Correct claymore_dos.py's CVE reference 
The CVE reference shouldn't include the `CVE-` prefix
 2018-08-28 13:34:02 -05:00
William Vu 4803c889f9
Land #10507, GPP creds for db_import 2018-08-28 11:45:51 -05:00
bwatters-r7 20daba6e2d
fix line endings 2018-08-28 11:33:17 -05:00
alpiste 562fc09d5d add new line to the end of the file 2018-08-28 09:02:21 -05:00
alpiste 3a6d72b8b6 some executable files need stack preserve and stack restore, functionality restored 2018-08-28 09:02:21 -05:00
alpiste ff7baaca13 remove stack preserve and stack restore in x86 shellcode and delete duplicated stack preserve variable in x64 shellcode 2018-08-28 09:02:21 -05:00
bwatters-r7 5a28863b12 Fix Whitespace for Rubocop 2018-08-28 09:02:21 -05:00
bwatters-r7 3ac24abfb2 Remove Extra stackpreserve variable 2018-08-28 09:02:21 -05:00
bwatters-r7 f9148f7864 Update/Add Human-Readable ASM 2018-08-28 09:02:21 -05:00
alpiste f1e4079641 move add_thread code to lib/rex/post/meterpreter/extensions/peinjector/peinjector.rb 2018-08-28 09:02:21 -05:00
alpiste 55299561b1 Peinjector meterpreter extension interface added 2018-08-28 09:02:21 -05:00
alpiste 015abca8af MSFTidy module 2018-08-28 09:02:21 -05:00
alpiste bb151bb727 MSFTidy module 2018-08-28 09:02:21 -05:00
alpiste ced4ae6f49 MSFTidy module 2018-08-28 09:02:21 -05:00
alpiste 2251c4a712 Add peinjector post module 2018-08-28 09:02:21 -05:00
Christian Mehlmauer 7431ae401b
fix more errors 2018-08-28 13:49:31 +02:00
Christian Mehlmauer a66556b436
fix msftidy errors 2018-08-28 13:12:43 +02:00
Metasploit 1d47b7f880
automatic module_metadata_base.json update 2018-08-27 18:48:24 -07:00
William Vu 6d5960a536
Land #10538, PSH target for struts2_rest_xstream 2018-08-27 20:40:50 -05:00
William Vu 7d21c2094e Improve PSH target and refactor check code 2018-08-27 20:18:35 -05:00
William Vu df5f4caaae Uncomment PSH target in struts2_rest_xstream 
I'm full of shit. It works.

msf5 exploit(multi/http/struts2_rest_xstream) > run

[*] Started reverse TCP handler on 192.168.56.1:4444
[*] Powershell command length: 2467
[*] Sending stage (206403 bytes) to 192.168.56.101
[*] Meterpreter session 1 opened (192.168.56.1:4444 -> 192.168.56.101:49691) at 2018-08-27 20:00:47 -0500

meterpreter > getuid
Server username: MSEDGEWIN10\IEUser
meterpreter > sysinfo
Computer        : MSEDGEWIN10
OS              : Windows 10 (Build 17134).
Architecture    : x64
System Language : en_US
Domain          : WORKGROUP
Logged On Users : 3
Meterpreter     : x64/windows
meterpreter >
 2018-08-27 20:01:00 -05:00
Matthew Kienow 9da01723d8
Land #10537, add windows meterpreter audio output 2018-08-27 16:17:27 -04:00
Matthew Kienow b80ca9a315
Bump metasploit-payloads to version 1.3.44 2018-08-27 15:49:51 -04:00
Christian Mehlmauer 1381e1f3e0
also check https 2018-08-27 21:44:42 +02:00
Wei Chen f38d1569b0
Land #10519, Add msfvenom -l archs like -l platforms 2018-08-27 13:52:50 -05:00
Metasploit 68b9243fdc
automatic module_metadata_base.json update 2018-08-27 09:47:26 -07:00
Brent Cook a5c22cf794
Land #10531, fix NOP generator for sparc 2018-08-27 11:39:17 -05:00
Brent Cook 53b369d702 avoid inserting a float into instruction generation randomly 2018-08-27 11:24:38 -05:00
Metasploit b2c464d091
automatic module_metadata_base.json update 2018-08-27 08:58:54 -07:00
Brent Cook 47ca6c6a14
Land #10527, Fix msftdiy EDB link check, enable HTTPS 2018-08-27 10:49:20 -05:00
Metasploit 4c7206972d
automatic module_metadata_base.json update 2018-08-27 04:33:13 -07:00