Commit Graph

34844 Commits (c02df6b39dd577aeca1a9153d2f0958881362a11)

Author SHA1 Message Date
jvazquez-r7 c02df6b39d
Land #5800, @bperry's Symantec Endpoint Protection Manager RCE module 2015-08-14 17:03:48 -05:00
jvazquez-r7 b33abd72ce
Complete description 2015-08-14 17:03:21 -05:00
jvazquez-r7 4aa3be7ba2
Do ruby fixing and use FileDropper 2015-08-14 17:00:27 -05:00
Brent Cook 3d92e9d71c
Land #5802, add support for background colors in prompts 2015-08-14 15:02:51 -05:00
jvazquez-r7 ddb7224160
Land #5847, @todb-r7 on behalf of anonymous contributor, exploit for FF CVE-2015-4495
* To exfiltrate arbitrary files
* Tested successfully on linux
2015-08-14 14:57:28 -05:00
jvazquez-r7 a560496455 Do minor ruby style fixes 2015-08-14 14:50:03 -05:00
jvazquez-r7 82193f11e7 Minor js fixes 2015-08-14 14:45:48 -05:00
Brent Cook 0a4651a553
Land #5359, add PuTTY session enumeration module 2015-08-14 13:20:05 -05:00
jvazquez-r7 b908f41b0f
Land #5838, @bcook-r7's fixes for paylaod cached sizes 2015-08-14 12:39:58 -05:00
jvazquez-r7 f25a5da46f
Do Minor fixes 2015-08-14 12:37:49 -05:00
Tod Beardsley e4cb6872f2
Add exploit for CVE-2015-4495, Firefox PDF.js 2015-08-14 12:07:15 -05:00
Brent Cook 6b1e911041 Instantiate payload modules so parameter validation occurs
Calling .new on payload modules does not perform parameter validation, leading
to a number cached sizes based on invalid parameters. Most notably,
normalization does not occur either, which makes all OptBool params default to
true.
2015-08-14 11:35:39 -05:00
Spencer McIntyre 33f1324fa9
Land #5813, @jakxx adds VideoCharge SEH file exploit 2015-08-13 18:01:25 -04:00
William Vu f19186adda
Land #5841, homm3_h3m default target change 2015-08-13 14:54:58 -05:00
Tod Beardsley 02c6ea31bb
Use the more recent HD version as default target 2015-08-13 14:42:21 -05:00
William Vu 605a14350f
Land #5833, sshexec improvements 2015-08-13 14:16:22 -05:00
William Vu 3bd6c4cee4 Add a comma 2015-08-13 14:16:09 -05:00
Mo Sadek 677ec341dd
Land #5839, pre-bloggery cleanup edits 2015-08-13 13:43:57 -05:00
William Vu c94a185610
Land #5697, Werkzeug debug RCE 2015-08-13 13:32:27 -05:00
William Vu d54ee19ce9 Clean up module 2015-08-13 13:32:22 -05:00
Tod Beardsley bb4116ed9d
Avoid msftidy.rb rule breaking on missing newline 2015-08-13 12:38:05 -05:00
Tod Beardsley 50041fad2a
Pre-Bloggery cleanup
Edited modules/auxiliary/gather/lansweeper_collector.rb first landed in
and minor description word choice changes.

Edited modules/auxiliary/server/browser_autopwn2.rb first landed in
options. Also removed from the description the missing options of
'WhiteList' and 'RealList' -- those don't appear to be available
according to `show options` and `show advanced`, @wchen-r7.

Edited modules/post/multi/recon/local_exploit_suggester.rb first landed
in #5823, mv local_exploit_{suggestor,suggester} for minor description
cleanup and axing the description of the SHOWDESCRIPTION option (it's
already described identically on the option itself).
2015-08-13 12:33:04 -05:00
jakxx e7566d6aee Adding print_status line 2015-08-12 16:08:04 -04:00
Spencer McIntyre 28fbb7cdde Update the description of the sshexec module 2015-08-12 16:05:09 -04:00
Andrew Smith 7eb5b8e03f Merge pull request #1 from FireFart/videocharge
improve module from @FireFart
2015-08-12 16:04:59 -04:00
Spencer McIntyre dfe2bbf1e9 Add a python target to the sshexec module 2015-08-12 15:46:47 -04:00
Christian Mehlmauer 979d7e6be3
improve module 2015-08-12 15:37:37 +02:00
jakxx 2b225b2e7e Added changes per feedback
Updated to include and use seh mixin
changed offset and space for reliability
got rand_text buffer junk working
removed double spaces and stupid fillers in file data
2015-08-12 01:34:45 -04:00
William Vu 80f415074b
Land #5823, mv local_exploit_{suggestor,suggester} 2015-08-11 13:52:55 -05:00
Mo Sadek 7f0d992914 Fixed name typo 2015-08-11 11:51:52 -05:00
jakxx 4c28cae5d1 updated to include recommendation from @zerosteiner 2015-08-10 18:38:23 -04:00
jvazquez-r7 a611fff7bf
Use Rex::ThreadSafe.select on CVE-2015-1793 2015-08-08 07:43:39 -07:00
jvazquez-r7 c8ba5bb90c
Land #5513, @rcvalle's exploit for incomplete internal state distinction in JSSE 2015-08-08 07:41:53 -07:00
jvazquez-r7 2707b3b402
Use Rex::ThreadSafe.select 2015-08-08 07:40:19 -07:00
jvazquez-r7 a0eef3880a
Initialize version local variable 2015-08-08 07:35:37 -07:00
jvazquez-r7 bb74b6fecb
Fix data reading 2015-08-08 07:18:01 -07:00
jakxx 23f51bf265 specify junk data 2015-08-07 18:04:11 -04:00
jakxx 28ad0fccbd Added VideoCharge Studio File Format Exploit 2015-08-07 15:54:32 -04:00
jvazquez-r7 6fe7672732
Improve Rex sockets usage 2015-08-07 00:11:58 -07:00
jvazquez-r7 67f661823a
Land #5614, @cldrn's module to collect lansweeper credentials 2015-08-04 16:55:49 -05:00
jvazquez-r7 ed3f993b75
Do some style fixes 2015-08-04 16:41:15 -05:00
jvazquez-r7 0e3434ebad
Fix metadata 2015-08-04 16:28:50 -05:00
Brent Cook 0b6a52e162
bump metasploit-framework gemspec version to match pro 2015-08-04 14:25:44 -05:00
jvazquez-r7 cb0a2c1688
Land #5801, @Meatballs1 fixes Post WMIC issues with SYSTEM 2015-08-04 10:21:32 -05:00
Brandon Perry 74ed8cf0c9 actually that didn't work 2015-08-02 18:57:13 -05:00
Brandon Perry 06754c36a4 unless, not if not 2015-08-02 18:51:23 -05:00
Brandon Perry 527eaea6ec single quotes and some error handling 2015-08-02 18:25:17 -05:00
Brandon Perry a33724667c small code cleanup 2015-08-02 16:36:41 -05:00
Brandon Perry 830aee8aa5 check if cookie is actually returned, and if not, fail 2015-08-02 15:22:40 -05:00
Brandon Perry a534008ba6 add some status lines 2015-08-02 15:03:59 -05:00