infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
38,609 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

2088 Commits (c0093381d7b38ea62d30017171318eb299a29dc1)

Author SHA1 Message Date
wwebb-r7 ab27c1b701 Merge pull request #6940 from samvartaka/master 
Exploit for previously unknown stack buffer overflow in Poison Ivy versions 2.1.x (possibly present in older versions too)
 2016-06-08 11:25:51 -05:00
samvartaka 5260031991 Modifications based on suggestions by @wchen-r7 2016-06-08 01:17:15 +02:00
William Vu 9128ba3e57 Add popen() vuln to ImageMagick exploit 
So... we've actually been sitting on this vuln for a while now. Now that
the cat's out of the bag [1], I'm updating the module. :)

Thanks to @hdm for his sharp eye. ;x

[1] http://permalink.gmane.org/gmane.comp.security.oss.general/19669
 2016-06-02 11:35:37 -05:00
Brent Cook 7b024d1a72
Land #6914, add siem to the namelist 2016-05-24 14:22:44 -05:00
x90" * 365 9d545b0a05 Update namelist.txt 2016-05-24 13:00:59 -04:00
William Vu 2bac46097f Remove url() for MVG 
Technically unnecessary here.
 2016-05-05 14:18:42 -05:00
William Vu 334c432901 Force https://localhost for SVG and MVG 
https: is all that's needed to trigger the bug, but we don't want wget
and curl to gripe. localhost should be a safe host to request.
 2016-05-05 14:18:42 -05:00
William Vu decd770a0b Encode the entire SVG string 
Because why not? Not like people care about what's around the command.
 2016-05-05 14:18:42 -05:00
William Vu 232cc114de Change placeholder text to something useful 
A la Shellshock. :)
 2016-05-05 14:18:42 -05:00
William Vu 5c04db7a09 Add ImageMagick exploit 2016-05-05 14:18:42 -05:00
wchen-r7 71c8ad555e Resolve #6839, Make Knowledge Base as default 
Resolve #6839
 2016-05-02 14:12:09 -05:00
wchen-r7 d80d2bb8d3 Land #6825, Fixed borders on code boxes 2016-04-27 11:59:52 -07:00
Brent Cook 57ab974737 File.exists? must die 2016-04-21 00:47:07 -04:00
wchen-r7 22831695dd
Land #6721, Add additional SOLMAN default creds 2016-03-30 10:48:53 -05:00
Meatballs 4f84c5a3b7
Add additional SOLMAN default creds 2016-03-29 15:53:15 +01:00
wchen-r7 57984706b8 Resolve merge conflict with Gemfile 2016-03-24 18:13:31 -05:00
wchen-r7 76c6f8c19d Move module_doc_template 2016-03-24 17:07:19 -05:00
l0gan e29fc5987f Add missing stream.raw for hp_sitescope_dns_tool 
This adds the missing stream.raw.
 2016-03-15 11:06:06 -05:00
wchen-r7 d6742c4097 Change <hr> color 2016-03-10 10:44:18 -06:00
wchen-r7 ad0a948ae7 Update module_doc_template 2016-03-08 12:21:20 -06:00
wchen-r7 58b8c35146 Escape HTML for KB and update rspec 2016-03-08 10:10:10 -06:00
wchen-r7 027315eeaa Update post_demo_template 2016-03-05 20:33:40 -06:00
wchen-r7 03eb568af7 Add --- to make sections to stand out more 2016-03-05 15:17:19 -06:00
wchen-r7 f4866fd5f0 Update template and web_delivery doc 2016-03-03 01:27:14 -06:00
wchen-r7 cececa749d Update css 2016-03-03 00:58:17 -06:00
wchen-r7 11964c5c1a Add remote exploit demo and web_delivery doc 2016-03-02 19:52:11 -06:00
wchen-r7 fd8e3e719d real demo 2016-02-26 14:43:53 -06:00
wchen-r7 ed0dfa5725 basic usage 2016-02-26 14:35:07 -06:00
wchen-r7 250ce6fb17 lets be clear 2016-02-26 14:30:12 -06:00
wchen-r7 1c53e53d23 More info about how to write the doc 2016-02-26 14:24:24 -06:00
wchen-r7 e40f1e69db Update default template 2016-02-26 14:18:24 -06:00
wchen-r7 6060c7b09b We make this pretty 2016-02-26 14:15:54 -06:00
wchen-r7 95a9f42996 Add a template for future module documentation 2016-02-24 19:28:17 -06:00
wchen-r7 24530e2734 Scrollable list, tab name change, print_status 2016-02-19 20:46:39 -06:00
wchen-r7 34d10d7829 Should be fullname 2016-02-19 00:13:55 -06:00
wchen-r7 7444a0ff04 Make it more obvious which tab the user is viewing 2016-02-18 17:59:45 -06:00
wchen-r7 4fc7008561 Close div properly 2016-02-18 16:12:27 -06:00
wchen-r7 56c2ba9f75 Turn the HTML template into external 2016-02-18 15:41:14 -06:00
wchen-r7 e5ad6fa781 Support "knowledge base" 2016-02-18 15:02:24 -06:00
wchen-r7 f8d6a59cdc Change wording 2016-02-18 12:19:25 -06:00
wchen-r7 089d6985b6 Add more demo templates 2016-02-18 00:17:32 -06:00
wchen-r7 1bfe1ad140 More demos 2016-02-17 19:04:06 -06:00
wchen-r7 76f2c917ee Allow no GITHUB_OAUTH_TOKEN, and gsub for demo 2016-02-17 15:38:30 -06:00
wchen-r7 714106174e Do external erb template 2016-02-17 14:27:29 -06:00
wchen-r7 b0cfb4aacf Add info -d to show module documentation in .md 2016-02-16 22:44:03 -06:00
Jay Turla aeb1d80e0d Adding top 100 adobe passwords 2016-02-11 08:55:45 +08:00
Bigendian Smalls b3e8bd1dab
Updated zsploit screens to use std msf colors 
Using Rex::Ui::Text::Colors now instead of ansi codes
Thanks to @mainframed for the quick turnaround
 2016-02-09 12:01:25 -06:00
Bigendian Smalls 90e37ea749
Added three cool new mainframe themed screens 
Thanks to *Solider of Fortran* @mainframed for his amazing original artwork!
These set of 3 limited edition, original, one-of-a-kind screens will modernize
your msf installation to the 1960s and beyond.  No seriously they are super cool
and now that metasploit-framework supports System Z - it seemed only fitting.
 2016-01-20 06:10:51 -06:00
Brent Cook 7f9b804060
Land #6410, remove JtR binaries, update for independent framework releases 2016-01-06 14:16:49 -06:00
Chris Doughty 97ae09729c Add john.conf to data dir as referenced by: lib/metasploit/framework/jtr/cracker.rb 2016-01-06 13:00:05 -06:00