infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
19,991 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

19991 Commits (b9360b9de6f1c4fd1311022244fec07112d03035)

Author SHA1 Message Date
root cfd5f29220 Fixing the use of APIKEY, which is not needed 2013-08-06 14:10:48 -04:00
root 69a86b60e2 Added initial squash RCE exploit 2013-08-06 14:00:17 -04:00
HD Moore c73e417531 Merge pull request #2171 from frederic/master 
add new target in libupnp_ssdp_overflow exploit : Axis Camera M1011
 2013-08-05 18:31:41 -07:00
m-1-k-3 dd35495fb8 dir 300 and 600 auxiliary module replacement 2013-08-05 22:28:59 +02:00
m-1-k-3 786f16fc91 feedback included 2013-08-05 21:55:30 +02:00
jvazquez-r7 9790181dd2 Land #2176, @wchen-r7's fix for [TestRM #8272] 2013-08-05 13:10:25 -05:00
jvazquez-r7 ce62e12216 Land #2191, @todb-r7's fix to avoid race with powershell mixin 2013-08-05 10:07:35 -05:00
Tod Beardsley 40f015f596 Avoid require race with powershell 2013-08-05 09:56:32 -05:00
jvazquez-r7 1f767df80a Land #2190, @todb-r7's (more than) cosmetic changes 2013-08-05 09:53:17 -05:00
Tod Beardsley 8431eb7a79 Msftidy fixes, also use correct possessive plurals 
http://englishplus.com/grammar/00000132.htm
 2013-08-05 09:43:38 -05:00
Tod Beardsley bddcb33507 Update description for reverse_https_proxy 2013-08-05 09:35:14 -05:00
Tod Beardsley a885ff9bcc Use consistent caps for 'PowerShell' 2013-08-05 09:33:49 -05:00
Tod Beardsley 5ea67586c8 Rewrite description for MS13-005 
The first part of the description was copy-pasted from

http://packetstormsecurity.com/files/122588/ms13_005_hwnd_broadcast.rb.txt

which contained some grammatical errors. Please try to avoid cribbing
other researchers' descriptions directly for Metasploit modules.
 2013-08-05 09:29:29 -05:00
Tod Beardsley e7206af5b5 OSVDB and comment doc fixes 2013-08-05 09:08:17 -05:00
jvazquez-r7 5ef1e507b8 Make msftidy happy with http_login 2013-08-05 08:41:07 -05:00
jvazquez-r7 ea60a05c6c Land #2189, @wchen-r7's fix for [TestRM #8279] 2013-08-05 08:33:51 -05:00
bmerinofe 98c8c16803 Change offset values and hostname length 2013-08-05 12:29:54 +02:00
Markus Wulftange 9955899d9a Minor formal fixes 2013-08-04 08:03:02 +02:00
sinn3r 8be3f511a4 Fix undefined variable 'path' for http_login 2013-08-03 21:35:22 -05:00
bmerinofe 3e6de5d2e9 added a post-exploitation module to dump the cache dns entries 2013-08-03 13:37:32 +02:00
Markus Wulftange 8cc07cc571 Merge Linux and Windows exploit in multi platform exploit 2013-08-02 18:49:03 +02:00
m-1-k-3 a19afd163a feedback included 2013-08-02 17:30:39 +02:00
sinn3r 10e9b97a88 Land #2180 - Accepting args for x64 osx exec payload 2013-08-02 00:45:09 -05:00
Ruslaideemin f927d1d7d3 Increase exploit reliability 
From some limited testing, it appears that this exploit is
missing \x0d\x0a in the bad chars. If the generated payload / hunter
or egg contain that combination, it seems to cause reliability issues
and exploitation fails.

The home page for this software can be found at
http://www.leighb.com/intrasrv.htm
 2013-08-02 09:06:20 +10:00
Markus Wulftange 4a127c2ed2 Add hp_sys_mgmt_exec module for Linux and enhance module for Windows 
The hp_sys_mgmt_exec module for Linux is a port of the Windows module with minor changes due to the requirement of quotes. It also uses Perl instead of PHP as PHP may not always be in the environment PATH. Although the Windows module works perfectly, it now uses the same technique to encode the command (thankfully, PHP adopted major syntax characteristics and functions from Perl).
 2013-07-31 22:05:25 +02:00
Joe Vennix 592176137a Rewrite osx x64 cmd payload to accept args. 
[SeeRM #8260]
 2013-07-31 08:50:28 -05:00
m-1-k-3 15906b76db dir300 and 615 command injection 2013-07-31 14:36:51 +02:00
m-1-k-3 6b514bb44a dir300 and 615 command injection telnet session 2013-07-31 14:34:03 +02:00
sinn3r 3c8bc6b522 More coverage for msfcli spec 2013-07-31 04:37:36 -05:00
sinn3r 8c47f1df2d We don't need this option anymore 2013-07-31 03:30:34 -05:00
sinn3r af0046658b Change the way file is stored 2013-07-31 03:28:24 -05:00
sinn3r 18c0f879fa More code coverage for msfcli_spec 2013-07-30 21:31:53 -05:00
allfro 9180dd59fe Patch for string encoding issues with `msgpack` 
Fixes an issue that causes exploits to fail if the PAYLOAD option is the last option to get marshalled in an MSFRPC dictionary. The patch adjusts the string's encoding to match the internal default encoding used by Ruby. Hence, making `fetch()` succeed.
 2013-07-30 13:38:44 -04:00
Frederic Basse 5e1def26aa remove Axis M1011 fingerprint, may not be specific enough to be used automatically. 2013-07-30 09:54:33 +02:00
jvazquez-r7 12871c2fa4 Land @todbr7's recovery for @jvazquez-r7's disaster with #2168 landing 2013-07-29 22:22:14 -05:00
Dhiru Kholia 1b6f6b8bf0 Land #2168 again 
Adding Dhiru's module back now that things are straight.
 2013-07-29 22:10:25 -05:00
Tod Beardsley 9f5f191a6b Add Main.swf from 593363c 2013-07-29 21:53:40 -05:00
Tod Beardsley 7e539332db Reverting disaster merge to 593363c5f with diff 
There was a disaster of a merge at 6f37cf22eb that is particularly
difficult to untangle (it was a bad merge from a long-running local
branch).

What this commit does is simulate a hard reset, by doing thing:

 git checkout -b reset-hard-ohmu
 git reset --hard 593363c5f9
 git checkout upstream-master
 git checkout -b revert-via-diff
 git diff --no-prefix upstream-master..reset-hard-ohmy > patch
 patch -p0 < patch

Since there was one binary change, also did this:

 git checkout upstream-master data/exploits/CVE-2012-1535/Main.swf

Now we have one commit that puts everything back. It screws up
file-level history a little, but it's at least at a point where we can
move on with our lives. Sorry.
 2013-07-29 21:47:52 -05:00
Frederic Basse 63940d438e add new target in libupnp_ssdp_overflow exploit : Axis Camera M1011 2013-07-30 01:56:10 +02:00
jvazquez-r7 300781823d Undo bad landing 
This reverts commit e624ed18ad, reversing
changes made to 593363c5f9.
 2013-07-29 17:39:12 -05:00
jvazquez-r7 6f37cf22eb Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-29 17:28:35 -05:00
jvazquez-r7 e624ed18ad Merge branch 'landing-pr2168' 2013-07-29 17:23:15 -05:00
jvazquez-r7 438fbababd Land #2158, @kholia's post module to collect .ecryptfs info 2013-07-29 17:21:10 -05:00
jvazquez-r7 b29d18d8b8 Merge branch 'ecryptfs-creds' of https://github.com/kholia/metasploit-framework 2013-07-29 16:41:41 -05:00
jvazquez-r7 05be76ecb7 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-29 16:41:22 -05:00
jvazquez-r7 593363c5f9 Land #2154, @wchen-r7's msfcli optimizations and refactoring 2013-07-29 16:38:32 -05:00
sinn3r ab75d00f8a Land #2169 - Description update 2013-07-29 14:24:57 -05:00
Tod Beardsley 9304bbe938 Land #3 from @Meatballs1, more better description 2013-07-29 13:37:08 -05:00
sinn3r be5bbd64be Show some examples 2013-07-29 13:26:39 -05:00
sinn3r 5efcbbd474 Land #2167 - PineApp Mail-SeCure livelog.html Exec 2013-07-29 13:18:18 -05:00