6519444112
Addition defaults
2013-02-15 13:35:25 +01:00
5df03f790b
Remove end of line spaces and rerun uniq
2013-02-15 13:31:35 +01:00
fb7d0159c3
Further URLs
2013-02-15 13:26:44 +01:00
21366dd4df
Updated SAP URL list to include further known URLs
2013-02-15 13:20:23 +01:00
398e6cb202
Merge branch 'rsmudge-armitage'
2013-02-13 10:38:30 -06:00
596b62b831
Armitage 02.12.13 - Distributed Operations
...
This update adds the ability to manage multiple team server instances
through one Armitage client. This update also adds nickname completion
to the event log. Several bug fixes are included too.
2013-02-11 21:20:03 -05:00
41564fd51d
Merge branch 'aux-word_unc_injector.rb' of https://github.com/SphaZ/metasploit-framework into SphaZ-aux-word_unc_injector.rb
2013-02-11 15:05:27 +01:00
3a499b1a6d
added s4u_persistence.rb
2013-02-10 14:22:36 -05:00
447f78cb24
Handle nonstandard ports when starting new msfrpcd.
2013-02-04 17:24:41 -06:00
24de0d2274
Data files moved. Updated to use Rex::zip and Msf::Exploit::FILEFORMAT
2013-02-04 13:37:09 +01:00
293f9da5cf
Merge branch 'bug/pro-only-models'
...
Updates to use MDM 0.4.0 (was using 0.3.0)
2013-01-31 16:14:51 -06:00
d0ecb617c3
Merge branch 'joomla-scanner' of https://github.com/Newpid0/metasploit-framework into Newpid0-joomla-scanner
2013-01-25 21:47:05 +01:00
bf2b01f8ef
Delete a file and strip space
2013-01-24 09:30:04 -05:00
6e94c04a52
Code Corrections and Enhancements
2013-01-23 20:26:23 -05:00
e376bb6fab
Merge branch 'rsmudge-armitage'
2013-01-22 22:52:35 -06:00
8c86c49d43
Armitage 01.23.13
...
This update to Armitage adds the ability to assign labels to hosts
and create dynamic workspaces based on these labs. This update also
adds helpers to configure USERNAME/PASSWORD options and EXE::Custom
and EXE::Template. Several bugs were fixed as well.
2013-01-22 22:48:16 -05:00
807bd6e88a
Merge branch 'java_jre17_glassfish_averagerangestatisticimpl' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-java_jre17_glassfish_averagerangestatisticimpl
2013-01-22 15:33:39 +01:00
78279a0397
Added new module for cve-2012-5076
2013-01-17 21:27:47 +01:00
d0b9808fc7
Added module for CVE-2012-5088
2013-01-17 21:14:49 +01:00
0b61d28e0e
added Joomla scanner and url wordlist
2013-01-17 11:36:59 -05:00
51f3f59d2f
cve and references available
2013-01-11 00:54:53 +01:00
f8e1ccc27e
Remove cred_files migration
...
[#41837027 ]
Mdm::CredFile is only used in Pro, so for metasploit_data_models 0.4.0,
Mdm::CredFiles has been moved to Pro, so the migration has been moved to
Pro too.
2013-01-10 17:50:00 -06:00
876d889d82
added exploit for j7u10 0day
2013-01-10 20:30:43 +01:00
7d1716b79f
Turnkey Linux default password
2013-01-08 22:47:53 -05:00
5348127fd2
Metasploit 4.5 Installer Environment Tweak
...
Armitage on Windows requires the user to specify their MSF
install folder. This tweak checks for an MSF 4.5 environment
and updates the specified folder to make everything work.
Like magic.
2013-01-04 13:08:47 -05:00
a79f2fa8d1
Armitage Updates and Bug Fixes
...
This is Armitage release 01.04.13. This update fixes several bugs
and improves the user experience launching *_login modules from
Armitage. This update adds a Windows 8 icon and includes a fix to
better work with the Metasploit 1.45 installer's environment.
2013-01-04 12:05:09 -05:00
133ad04452
Cleanup of #1062
2012-12-07 11:55:48 +01:00
5e44987271
Really fix this by resetting schema cache
2012-12-06 06:33:46 -08:00
a5b3be6dfa
Fix a conflicting rename that breaks ActiveRecord
2012-12-06 06:14:49 -08:00
087b2c39ae
Whitespace cleanup only
2012-12-06 06:13:53 -08:00
b7f304f0db
added build exec_payload.msi
2012-11-28 21:51:01 +01:00
8d6289d8d6
Merge remote branch 'rsmudge/armitage'
2012-11-26 10:52:06 -06:00
a2615102c9
Armitage 11.26.12 - several usability enhancements and bug fixes.
2012-11-25 20:51:32 -05:00
e6208a7993
Merge branch 'guiOptions' of git://github.com/scriptjunkie/metasploit-framework into scriptjunkie-guiOptions
2012-11-19 10:09:54 -06:00
24fe043960
Merge branch 'samba' of https://github.com/mephos/metasploit-framework into mephos-samba
2012-11-19 14:13:15 +01:00
eddea29568
Merge branch 'sap_soap_rfc_brute_login' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_brute_login
2012-11-18 21:36:54 +01:00
39dee758e6
Remember last options used for each module, and fill them in by default.
2012-11-17 10:08:45 -06:00
8a9f0a0890
Merge remote-tracking branch 'upstream/master' into web-modules
2012-11-14 18:10:41 +02:00
5076198ba2
fixing bperry comments
2012-11-11 20:18:19 +01:00
8619c5291b
Added module for CVE-2012-5076
2012-11-11 17:05:51 +01:00
7032ef0f6f
Merge remote-tracking branch 'upstream/master' into web-modules
2012-11-09 00:21:38 +02:00
f521e70bee
wordlists to accompany sap_soap_rfc_brute_login.rb
2012-11-07 10:46:36 +00:00
c30ada5eac
Adds temp vbs mod and tweaked decoder stub
2012-11-04 12:49:15 -06:00
385d225305
Updated support for Web modules and analysis techniques (committing to new clean branch due to corruption)
2012-11-01 21:14:38 +02:00
f7481b160c
add centos5 target
2012-10-31 18:21:41 +01:00
f819ec8e75
typo
2012-10-30 17:19:23 +01:00
3855ba88b1
add meterpreter/command support to samba exploit using ROP
2012-10-29 17:33:00 +01:00
eee6248795
Armitage 10.16.12 - a lot of bug fixes.
2012-10-15 19:19:31 -04:00
b4485fdb2b
added chm templates
2012-10-10 19:21:47 +02:00
858fd9ff43
Merge branch 'ropdb' of https://github.com/wchen-r7/metasploit-framework
2012-10-03 15:21:11 -05:00
ba1b65742e
Separate XML for various DLLs.
2012-10-02 11:27:10 -05:00
f2c7731b39
Add RopDb mixin
2012-10-01 17:09:01 -05:00
75f5e24178
Dell iDrac login aux scanner
2012-09-27 01:33:11 -05:00
10e1574d8a
Bugfix with dragging tabbed panes when right-clicked.
...
Also don't displaly annoying null pointer error when no connection.
2012-09-22 16:32:18 -05:00
ac2ec99fb7
Add bin for mephos' netstat fixes
...
[Closes #777 ]
2012-09-12 16:57:17 -05:00
46dfeec402
Adds meterpreter bins all compiled with the same VS
...
Not sure exactly what was causing the breakage, but using bins compiled
with the same version of Visual Studio seems to have fixed the issue.
[FixRM #7233 ]
2012-09-11 14:16:21 -05:00
c4fb285288
Merge branch 'armitage' of https://github.com/rsmudge/metasploit-framework into rsmudge-armitage
2012-09-05 13:48:09 -05:00
e8b3f0193b
Armitage 09.05.12 - this release detects several user errors on startup (incorrect permissions, whitespace in the host/port/user/pass parameters, etc.). This release also cleans up the token stealing dialog.
2012-09-05 01:54:28 -04:00
2b6aa6bbdb
Added Exploit for deployfilerepository via JMX
2012-09-03 13:50:16 -04:00
44801c217d
Linux bins for #609
2012-08-29 14:09:37 -05:00
5a5ca66bff
Merge branch 'mephos-arp-linux' into rapid7
2012-08-29 11:19:04 -05:00
be63aad0d1
Added Windows wordlist.
2012-08-29 10:51:09 +10:00
049494752c
Bins for #609 , adds netstat and arp cmds
2012-08-28 18:21:57 -05:00
363c0913ae
changed dir names according to CVE
2012-08-28 16:33:01 +02:00
52ca1083c2
Added java_jre17_exec
2012-08-27 11:25:04 +02:00
f715527423
Improve CVE-2012-1535
2012-08-21 19:58:21 -05:00
f46545db58
Merge pull request #700 from rsmudge/armitage
...
Armitage 08.16.12
2012-08-18 05:55:26 -07:00
a6e50497f0
Armitage 08.16.12 - several little fixes and updates. Nothing to write home to mom about.
2012-08-17 16:25:22 -04:00
13df1480c8
Add exploit for CVE-2012-1535
2012-08-17 12:16:54 -05:00
0a6e0b2415
raspberry pi username / password
2012-08-15 01:55:40 -05:00
ce94bc2628
Add posix bins for previous commits
...
This includes 2 bug fixes:
1) Returning a handle with execute
2) Bug in process_channel_read that caused the following to always
return nil or a single byte:
p = client.sys.process.execute("id", "-u", "Channelized"=>true)
p.channel.read
[SeeRM #7005 ][See #681 ]
2012-08-09 18:35:01 -06:00
fac4ba270c
Merge pull request #662 from rsmudge/armitage
...
Armitage 08.02.12 - adds Cortana scripting technology.
2012-08-02 14:31:11 -07:00
32ee1263f9
Armitage 08.02.12 - adds Cortana scripting technology.
2012-08-02 13:24:15 -04:00
c4fa86da93
Add missing 64-bit sniffer DLL
2012-08-02 11:33:11 -05:00
5531fd18a0
Really limit packet count and data in linux sniffer
...
Squashed commit of the following:
commit 57795ff9c33a53167fca85845b96b82b5c92315f
Author: James Lee <egypt@metasploit.com>
Date: Wed Aug 1 14:13:20 2012 -0600
Add recompiled sniffer bin for linux
commit 0e11fdb06fcb9771a11eb631e6f10ec7a2d315f3
Author: m m <gaspmat@gmail.com>
Date: Thu Jul 12 15:08:10 2012 +0200
really limit packet count and data in linux sniffer
[Closes #605 ]
2012-08-01 14:16:00 -06:00
e200f43183
Squashed commit of the following:
...
commit 1de16b41c8808df2919706eaa8cc89ae44d9b591
Author: m m <gaspmat@gmail.com>
Date: Mon Jul 9 21:55:32 2012 +0200
typo
commit a396b55018175f3eb2a83baecb1ec601cc99eef4
Author: m m <gaspmat@gmail.com>
Date: Mon Jul 9 21:51:32 2012 +0200
various posix meterpreter bugfixes
[Closes #584 ]
[FIXRM #7042 ]
2012-07-19 15:56:47 -06:00
6605e2910c
Squashed commit of the following:
...
commit f0a1d2ad004e5c77cc4d5dcc71935aa530f1729f
Author: m m <gaspmat@gmail.com>
Date: Tue Jul 17 11:56:43 2012 +0200
linux meterpreter : correct netmask computation
[Closes #613 ]
2012-07-19 14:22:39 -06:00
430351fe79
Better handle of module cache when db_connect is run manually
2012-07-10 23:56:48 -05:00
e9ac90f7b0
added CVE-2012-1723
2012-07-10 12:20:37 +10:00
8d3ad94f3a
enhanced tftp.txt bruteforce list
2012-07-05 22:54:22 -04:00
6dee4781df
Merge branch 'armitage' of https://github.com/rsmudge/metasploit-framework into rsmudge-armitage
2012-07-05 18:47:07 -05:00
6c53dffa50
Armitage 07.05.12
...
This release fixes a few small bugs.
2012-07-05 18:19:59 -04:00
c31f70cfb6
Switch to METERPRETER_UA as intended
2012-07-02 00:02:47 -05:00
27bdf78a5a
Add support for user-agent control
2012-06-30 23:00:08 -05:00
414214eb9d
Permissions.
2012-06-28 11:42:37 -05:00
6ec990ed85
Merge branch 'Openfire-auth-bypass' of https://github.com/h0ng10/metasploit-framework into h0ng10-Openfire-auth-bypass
2012-06-27 23:09:26 +02:00
428ae21928
Changed readme.html file (was from the statistics plugin)
2012-06-26 12:03:52 -04:00
6cc8390da9
Module rewrite, included Java support, direct upload, plugin deletion
2012-06-26 11:56:44 -04:00
85faf53c5d
Compromise on MDM counter cache initialization
2012-06-25 13:52:48 -07:00
13b4cb7e88
Revert "Remove reset_column_information (breaks badly)"
...
This reverts commit 02e124a330
2012-06-25 13:52:48 -07:00
fce5ff00ca
Revert "Remove column reset - triggers issue with existing columns"
...
This reverts commit f479fae6aa
2012-06-25 13:52:47 -07:00
f479fae6aa
Remove column reset - triggers issue with existing columns
2012-06-25 10:20:48 -07:00
02e124a330
Remove reset_column_information (breaks badly)
2012-06-25 10:08:38 -07:00
4c0877954e
Rename migrations to avoid collisions during merge
2012-06-25 02:22:35 -05:00
3a40dac7d1
Merge branch 'master' into feature/vuln-info
2012-06-25 00:37:01 -05:00
6a91626d94
Permissions
2012-06-25 00:36:39 -05:00
348a0b8f6e
Merge branch 'master' into feature/vuln-info
2012-06-24 23:00:13 -05:00
75f1484d63
Respin of binaries to remove debug output
2012-06-24 13:40:27 -05:00
6e61878393
Respin of meterpreter bins (add Win 8 to sysinfo, fix a few bugs)
2012-06-24 13:27:10 -05:00
65197e79e2
added Exploit for CVE-2008-6508 (Openfire Auth bypass)
2012-06-24 07:35:38 -04:00
54309c3c3d
Merge branch 'armitage' of https://github.com/rsmudge/metasploit-framework into rsmudge-armitage
2012-06-24 02:25:38 -05:00
322e0766a1
Armitage 06.23.12
2012-06-23 13:03:55 -04:00
b891e868f5
Added actionscript and swf needed
2012-06-23 08:36:35 +02:00
d7d314862f
Need the trigger to actually make it work, duh!
2012-06-22 23:16:12 -05:00
572fb4cb0c
Permissions fix
2012-06-21 15:39:17 -05:00
f7ecc98923
Merge branch 'master' into feature/vuln-info
2012-06-20 13:34:53 -05:00
79fc053a2e
Merge branch 'module-CVE-2011-2110' of https://github.com/mrmee/metasploit-framework into mrmee-module-CVE-2011-2110
2012-06-19 22:05:07 -05:00
fcf42d3e7b
added adobe flashplayer array indexing exploit (CVE-2011-2110)
2012-06-20 12:52:37 +10:00
d5768080bf
Add a fail_message to attempts and fix bugs
2012-06-19 00:48:39 -05:00
ffdcea6a0a
Permissions, ignore
2012-06-18 18:12:51 -05:00
e8ad66b799
Exploit attempt tracking is mostly complete
2012-06-17 23:00:21 -05:00
8709473e72
Add fullname to modules, load mixins, fix platform
2012-06-17 11:57:33 -05:00
b4b1a4168e
Add missing module_detail_id's and references
2012-06-17 01:44:32 -05:00
e4fffc36de
Move to one to many instead of m2m for module_detail tracking
2012-06-17 01:21:38 -05:00
03b29fff68
Merge up the latest, does not automaticlly load
...
the module tree into the database right now.
2012-06-14 04:35:43 -05:00
a6070f8584
Tweak schema (type gets mangled by AR), add caching routine
2012-06-14 03:27:36 -05:00
1401ec0b19
Keep ID columns for record mgmt
2012-06-14 01:50:08 -05:00
80db388354
Fix up the schema relationships
2012-06-14 00:23:23 -05:00
2aa9de7f63
Fix the boolean definition
2012-06-13 22:16:59 -05:00
1bdd8dc533
Fix the constant
2012-06-13 22:15:58 -05:00
d48a99146f
Add the migration for new module_details tables
2012-06-13 22:07:56 -05:00
5922ec1f7a
Permissions
2012-06-12 15:20:25 -05:00
7a449bffe2
Permissions
2012-06-12 15:19:41 -05:00
6290bba71b
Merge branch 'master' into feature/vuln-info
2012-06-12 12:41:41 -05:00
21ea539648
Permissions
2012-06-12 11:50:28 -05:00
34ecc7fd18
Adding @schierlm 's AES encryption for Java
...
Tested with and without AES, works as advertised. Set an AESPassword,
get encryptification. Score.
Squashed commit of the following:
commit cca6c5c36ca51d585b8d2fd0840ba34776bc0668
Author: Michael Schierl <schierlm@gmx.de>
Date: Wed Apr 4 00:45:24 2012 +0200
Do not break other architectures
even when using `setg AESPassword`
commit 422d1e341b3865b02591d4c135427903c8da8ac5
Author: Michael Schierl <schierlm@gmx.de>
Date: Tue Apr 3 21:50:42 2012 +0200
binaries
commit 27368b5675222cc1730ac22e4b7a387b88d0d2b3
Author: Michael Schierl <schierlm@gmx.de>
Date: Tue Apr 3 21:49:10 2012 +0200
Add AES support to Java stager
This is compatible to the AES mode of the JavaPayload project.
I'm pretty sure the way I did it in the handlers (Rex::Socket::tcp_socket_pair())
is not the supposed way, but it works :-)
2012-06-11 16:13:25 -05:00
d975d1a236
Add counter caches for host_details, vuln_details, vuln_attempts
2012-06-10 17:15:53 -05:00
beefea6fb9
Merge branch 'master' into feature/vuln-info
2012-06-10 12:54:58 -05:00
9dcb3059f8
MDM update
2012-06-10 03:46:58 -05:00
7c8cb2d79e
Add vuln_attempts, track exploit attempts when a matching vuln exists.
...
This also fixes an issue with report_vuln() from exploited hosts not
setting the service correctly. This introduces a fail_reason method
to the exploit base class, which attempts to determine why an exploit
did not work (closed port, unreachable host, missing page, etc). There
is still quite a bit of work to do around this to finish it up.
2012-06-10 03:15:48 -05:00
4743c9fb33
Add MS12-005 (CVE-2012-0013) exploit
2012-06-10 01:08:28 -05:00
55bdbb6ec9
Merge branch 'master' into feature/vuln-info
2012-06-09 01:37:11 -05:00
e840f7e9ee
Add additional host detail columns and parsers
2012-06-09 00:43:03 -05:00
1be9ce8649
Fixes command parsing in Post::Common
...
The meterpreter API wants arguments in a seperate string (not an array,
mind you) just so it can concatenate them on the server side.
Originally, I worked around that by using Shellwords.shellwords to pull
out the first token. But! Shellwords.shellwords inexplicably and
inexcusably removes backslashes in ways that make it impossible to quote
things on Windows. This commit works around both of those things.
2012-06-07 22:24:59 -06:00
68dd0cd497
Armitage 06.07.12 - improved collaboration performance and fixed two bugs.
2012-06-07 13:16:16 -04:00
49b3c9b0e8
More cleanup related to vuln schema
2012-06-07 04:42:16 -05:00
42c3bedfad
Merge MDM, add migrations, tweak report_vuln
2012-06-07 00:40:26 -05:00
e8af6882eb
Permissions
2012-06-06 20:05:29 -05:00
93741770e2
Added module for CVE-2011-3400
2012-06-05 18:21:55 +02:00
315d68b6f5
Add fix for counter_cache migration to keep from throwing readonly column error.
2012-06-01 13:31:00 -05:00
c5c1e71b32
Add migrations for counter_cache columns to framework.
2012-06-01 12:07:08 -05:00
b5f1554caf
Adding rsmudge's Armitage update
...
Squashed commit of the following:
commit 60be1b2d1d66134c54c82857a569bbf3a005baf8
Author: Raphael Mudge <rsmudge@gmail.com>
Date: Wed May 30 19:43:07 2012 -0400
Armitage 05.30.12
A small collection of bug fixes.
2012-05-30 19:20:14 -05:00
287d68f304
added module for CVE-2008-0320
2012-05-23 17:14:11 +02:00
3f1a72932e
Merge pull request #401 from rsmudge/armitage
...
Armitage 05.21.12
2012-05-20 20:01:12 -07:00
c14a3e655e
Armitage 05.21.12
...
This release improves collaboration performance and fixes a few Windows specific issues.
2012-05-20 22:54:25 -04:00
fec2ec37f8
Squashed commit of the following:
...
commit fa9b2841cfcb7c833da5454f108f15ad229e6b75
Author: syndrowm <syndrowm@gmail.com>
Date: Mon Apr 2 17:00:59 2012 -0600
header files needed to generate solaris and bsd elf executables
commit f03fb2ff97823f3c177f3e1678aec26d92dd16ab
Author: syndrowm <syndrowm@gmail.com>
Date: Mon Apr 2 16:59:46 2012 -0600
add functions to allow generating elf executables for bsd and solaris
[Closes #292 ]
2012-05-18 10:21:34 -06:00
14d8ba00af
Added batik svg java module
2012-05-17 16:48:38 +02:00
a88af1dd36
Merge pull request #391 from rsmudge/armitage
...
add color to armitage's presentation of the Metasploit console
2012-05-16 21:57:43 -07:00
fe7928c18d
Merge pull request #390 from jlee-r7/consolidate-250-254-375
...
Consolidate #250 , #254 , #375
2012-05-16 17:07:33 -07:00
aee9c8292c
Undo mode change from last commit
...
>_<
2012-05-16 16:14:56 -06:00
Chris John Riley
sinn3r
Raphael Mudge
jvazquez-r7
smilingraccoon
scriptjunkie
SphaZ
Tod Beardsley
f8lerror
Luke Imhoff
Sam Gaudet
HD Moore
Tasos Laskos
nmonkee
David Maloney
m m
Cristiano Maruti
James Lee
h0ng10
Patrick Webster
Tod Beardsley
jcran
m m
LittleLightLittleFire
jcran
Steven Seeley
Michael Schierl
Joe Vennix
sinn3r
syndrowm
jlee-r7