HD Moore
1477cda3d4
fix set_rhosts behavior/bugs.
...
msf exploit(rails_xml_yaml_code_exec) > hosts
Hosts
=====
address mac name os_name os_flavor os_sp purpose info comments
------- --- ---- ------- --------- ----- ------- ---- --------
10.0.0.105 00:0C:29:59:65:08 VMWIN2000SP4 Microsoft Windows client
msf exploit(rails_xml_yaml_code_exec) > hosts -R
Hosts
=====
address mac name os_name os_flavor os_sp purpose info comments
------- --- ---- ------- --------- ----- ------- ---- --------
10.0.0.105 00:0C:29:59:65:08 VMWIN2000SP4 Microsoft Windows client
RHOSTS => 10.0.0.105
msf exploit(rails_xml_yaml_code_exec) > exit
2013-01-23 10:00:24 -06:00
jvazquez-r7
06926fbabb
Merge branch 'module-cmd_windows_reverse_perl' of https://github.com/kacpern/metasploit-framework into kacpern-module-cmd_windows_reverse_perl
2013-01-23 16:42:45 +01:00
Kacper Nowak
a3fa7cc6bc
adjusted disclosure date
2013-01-23 12:49:08 +00:00
jvazquez-r7
e78174297e
assuring stdapi loads on meterpreter
2013-01-23 12:44:55 +01:00
booboule
d2b75ad005
Update external/source/exploits/cve-2012-5088/Makefile
2013-01-23 12:42:33 +01:00
Kacper Nowak
f691652594
attempt to fix cmd/windows/reverse_perl payload
2013-01-23 11:21:44 +00:00
m-1-k-3
3a5e92ba6f
hopefully all fixex included
2013-01-23 12:15:34 +01:00
Kacper Nowak
5d6ca30422
removed spaces at EOL
2013-01-23 10:33:55 +00:00
Kacper Nowak
17d1c9f996
- expanded description
...
- updated references
2013-01-23 10:29:11 +00:00
jvazquez-r7
9c9a0d1664
Added module for cve-2012-0432
2013-01-23 10:51:29 +01:00
sinn3r
9e5370eb2f
Merge branch 'slight_speedup_to_db_hosts-R' of github.com:kernelsmith/metasploit-framework into kernelsmith-slight_speedup_to_db_hosts-R
2013-01-23 00:20:55 -06:00
sinn3r
5cfabb0443
Apply the changes I suggested before
2013-01-23 00:15:09 -06:00
sinn3r
1e39c31cc2
Merge branch 'feature/rm6822-coldfusion_locale_traversal' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-feature/rm6822-coldfusion_locale_traversal
2013-01-23 00:06:35 -06:00
sinn3r
730e430531
Merge branch 'averagesecurityguy-master'
2013-01-23 00:05:19 -06:00
sinn3r
bc3c289b90
Merge branch 'master' of github.com:averagesecurityguy/metasploit-framework into averagesecurityguy-master
2013-01-23 00:03:52 -06:00
sinn3r
2a53fba879
Merge branch 'fixmh' of github.com:rsmudge/metasploit-framework into rsmudge-fixmh
2013-01-22 23:58:22 -06:00
sinn3r
933f807745
Msftidy cleanup + handling return values better
2013-01-22 23:53:00 -06:00
sinn3r
dab2952d60
Merge branch 'picasa' of github.com:charles-n2netsec/metasploit-framework into charles-n2netsec-picasa
2013-01-22 22:54:45 -06:00
sinn3r
e376bb6fab
Merge branch 'rsmudge-armitage'
2013-01-22 22:52:35 -06:00
Raphael Mudge
8c86c49d43
Armitage 01.23.13
...
This update to Armitage adds the ability to assign labels to hosts
and create dynamic workspaces based on these labs. This update also
adds helpers to configure USERNAME/PASSWORD options and EXE::Custom
and EXE::Template. Several bugs were fixed as well.
2013-01-22 22:48:16 -05:00
Tasos Laskos
33e9f182bd
Merge remote-tracking branch 'upstream/master' into web-modules
2013-01-22 23:43:25 +02:00
Tasos Laskos
6b5c6c3a0c
Auxiliary::Web::Analysis::Differential
...
Removed payload option from #process_vulnerability call
2013-01-22 23:41:36 +02:00
Tasos Laskos
0d564c1ce8
Auxiliary::Web::Analysis::Timing
...
Updated to pick the largest matching payload from the payload list.
2013-01-22 23:40:30 +02:00
Tasos Laskos
f2beb5bf19
Auxiliary::Web#process_vulnerability: payload fix
...
Updated to pick the largest matching payload from the payload list.
2013-01-22 23:39:16 +02:00
Charles Smith
9671df4488
Picasa 2 credentials are now also saved as loot
...
This module used to save only Picasa 3 credentials as loot. Picasa
2 creds were displayed, but not saved. I've updated the module to
save Picasa 2 credentials, and I also updated the output code to
use print_good instead of print_status.
2013-01-22 15:46:47 -05:00
sinn3r
8819059499
Merge branch 'zoneminder_packagecontrol_exec' of github.com:bcoles/metasploit-framework into bcoles-zoneminder_packagecontrol_exec
2013-01-22 14:41:40 -06:00
Tasos Laskos
fed4a836c6
Updated proof string for Web Differential Analysis
...
Manipulatable responses => Boolean manipulation
2013-01-22 20:29:57 +02:00
Robin Wood
20b36cdf7a
added extra checking for strict databases
2013-01-22 15:42:23 +00:00
jvazquez-r7
807bd6e88a
Merge branch 'java_jre17_glassfish_averagerangestatisticimpl' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-java_jre17_glassfish_averagerangestatisticimpl
2013-01-22 15:33:39 +01:00
jvazquez-r7
c498930644
Merge branch 'java_jre17_method_handle' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-java_jre17_method_handle
2013-01-22 15:33:07 +01:00
Kacper Nowak
8a59c7b8fb
removed extra print_status() calls
2013-01-22 12:31:40 +00:00
bcoles
970591a85f
Add ZoneMinder arbitrary command execution exploit
2013-01-22 22:56:50 +10:30
Kacper Nowak
08a5f467b1
added URL for developer site
2013-01-22 12:14:38 +00:00
Kacper Nowak
cd29a88c18
added Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution
2013-01-22 11:58:24 +00:00
jvazquez-r7
08062597b9
fix data added to table
2013-01-22 12:07:16 +01:00
jvazquez-r7
dce4e7fc08
Merge branch 'filezilla_server_bugs' of https://github.com/charles-n2netsec/metasploit-framework into charles-n2netsec-filezilla_server_bugs
2013-01-22 12:06:44 +01:00
jvazquez-r7
516eccdf9a
Merge branch 'record_mic_update' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-record_mic_update
2013-01-22 10:45:36 +01:00
Raphael Mudge
4740cb09a1
Fix NoMethodError if handler has no ParentModule
...
db.rb assumes that multi/handler sessions have a ParentModule defined
in their datastore. This assumption breaks when a user sets up a
multi/handler by hand to receive a session from another user (e.g.,
via multi_meter_inject).
When db.rb tries to access a member of a nil ParentModule, a
stacktrace is dumped to framework.log.
2013-01-22 02:56:43 -05:00
HD Moore
d6ed6cd5e4
Fix a stack overflow in bidirectional pipe
2013-01-22 00:27:03 -06:00
Julian Vilas
eb92070df8
added module for CVE-2013-1359
2013-01-22 01:54:41 +01:00
m-1-k-3
11c13500be
small fix
2013-01-21 13:41:42 +01:00
m-1-k-3
62ff52280a
initial linksys OS command injection
2013-01-21 13:19:29 +01:00
jvazquez-r7
b2c7223108
Cleanup for mysql_file_enum.rb
2013-01-21 12:26:35 +01:00
kernelsmith
f05e358058
replace unless rhosts.include? with rhosts.uniq!
...
seems like this will speed up the process due to far less Array lookups
2013-01-21 00:46:05 -06:00
sinn3r
8b70a94b34
Updates the progress function
...
Because the previous one was wrong.
2013-01-21 00:30:43 -06:00
Stephen Haywood
cfeccaa4f8
Noted support for importing XML reports.
2013-01-20 23:26:53 -05:00
f8lerror
5cfe58e8d5
General code review and corrections
2013-01-20 22:33:04 -05:00
Robin Wood
4d5a7a3d4d
Brute force directory and file names with MySQL
2013-01-20 21:32:02 +00:00
Robin Wood
e7604f80b2
added a warning and using optpath
2013-01-20 21:24:00 +00:00
Robin Wood
6da4b72d85
added a warning and using optpath
2013-01-20 21:23:59 +00:00