Commit Graph

11457 Commits (c07686988c8102b44fe8751a99119bdd1e18f5d3)

Author SHA1 Message Date
sinn3r b5fc0493a5
Land #2642 - Fix titles 2013-11-18 12:14:36 -06:00
William Vu 455934a545
Land #2645, Redis spec conformity for redis_server 2013-11-18 12:00:38 -06:00
jvazquez-r7 9e46975a95
Land #2643, @ChrisJohnRiley SkipVersionCheck for exim4_dovecot_bannercheck 2013-11-18 11:28:07 -06:00
jvazquez-r7 540b85df3f Set SkipVersionCheck as not required 2013-11-18 11:27:32 -06:00
jvazquez-r7 f6f0d81149
Land #2632, @peto01 OSX VPN Manager post module 2013-11-18 09:49:14 -06:00
jvazquez-r7 0a930ef6e1 Clean osx vpn post module 2013-11-18 09:47:52 -06:00
jvazquez-r7 bddb314073 Fix usage of Retries 2013-11-18 09:09:20 -06:00
jvazquez-r7 237bb22771 Disable auto migrate 2013-11-18 08:54:22 -06:00
Thomas Hibbert 960f7c9bbb Add DesktopCentral arbitrary file upload exploit. 2013-11-18 16:11:28 +13:00
Thomas Hibbert 60a245b0c3 Fix the arch declaration in uploaded module. 2013-11-18 14:49:03 +13:00
Thomas Hibbert 636fdfe2d2 Added Kaseya uploadImage exploit. 2013-11-18 14:23:34 +13:00
joev 8e889c61f7 Update description. 2013-11-17 15:48:27 -06:00
joev f7820139dc Add a content_type datastore option. 2013-11-17 15:38:55 -06:00
joev 43d2711b98 Default to 1 round compression. 2013-11-17 15:35:35 -06:00
joev 1e3860d648 Add gzip bomb dos aux module. 2013-11-17 14:44:33 -06:00
jvazquez-r7 7d22312cd8 Fix redis communication 2013-11-15 19:36:18 -06:00
Tod Beardsley 89d0b3c41c
Return the splat and require on a module. 2013-11-15 12:19:53 -06:00
Tod Beardsley 36db6a4d59
Land #2616, SuperMicro close_window BOF 2013-11-15 11:34:53 -06:00
jvazquez-r7 cbb7eb192c Add module for CVE-2013-3918 2013-11-15 10:38:52 -06:00
Chris John Riley 5bd5eacd77 Added option to ignore banner checks 2013-11-15 15:01:11 +01:00
William Vu 2c485c509e Fix caps on module titles (first pass) 2013-11-15 00:03:42 -06:00
jvazquez-r7 4cf16cf360
Land #2633, @OJ's port of Kitrap0d as local exploit 2013-11-14 09:27:10 -06:00
Peter Toth 7db42efdd4 Code restructure and more robust error handling 2013-11-14 13:44:49 +01:00
jvazquez-r7 fe2cd93a65 Delete ms13_037_svg_dashstyle from the browser_autopwn list 2013-11-13 23:46:50 -06:00
OJ 506a4d9e67
Remove genericity, x64 and renamed stuff
As per discussion on the github issue, the following changes were made:

* Project renamed from elevate to kitrap0d, implying that this is not
  intended to be a generic local priv esc exploit container.
* Container DLL no longer generic, always calls the kitrap0d exploit.
* Removal of all x64 code and project configurations.
* Invocation of the exploit changed so that the address of the payload
  is passed in to the exploit entry point. The exploit is now responsible
  for executing the payload if the exploit is successful. This removes
  the possibility of the payload getting executed when the exploit fails.
* Source moved to the appropriate CVE folder.
* Binary moved to the appropriate CVE folder.
* Little bit of source rejigging to tidy things up.
2013-11-14 12:22:53 +10:00
James Lee 5b96ad595f
Skip reg values with no secretes
Also update header comment to match new standard
2013-11-13 19:05:16 -06:00
James Lee cb10b4783b
Mark XP hashes as mscash for JtR to recognize 2013-11-13 19:04:16 -06:00
James Lee 0aef145f64 Merge remote-tracking branch 'upstream/master' into land-2532-enum-lsa 2013-11-13 18:11:21 -06:00
James Lee 8471f74b75
Refactor ivar to a more reasonable method
Also changes jtr output for cachedump to produce hashes that can be
auto-detected as mscash2 format for a better user experience.
2013-11-13 18:09:41 -06:00
James Lee 8bb72764ec
Rename credentials/lsa -> lsa_secrets
Secrets are not necessarily credentials
2013-11-13 15:23:15 -06:00
James Lee 16627c1bd3
Add spec for capture_lsa_key 2013-11-13 15:16:34 -06:00
William Vu 334a93af45
Land #2638, refs for android_htmlfileprovider 2013-11-13 14:51:46 -06:00
joev 0612f340f1 Commas are good. 2013-11-13 14:38:50 -06:00
joev ad5f82d211 Add missing refs to aux/gather/android_htmlfileprovider. 2013-11-13 14:36:18 -06:00
jvazquez-r7 2594427999
Land #2631, @peto01's osx screen capture post module 2013-11-13 13:58:03 -06:00
jvazquez-r7 2b19490095 Fix Exception handling 2013-11-13 13:57:15 -06:00
jvazquez-r7 95f371a1a6 Move screen_capture to the capture folder 2013-11-13 13:41:11 -06:00
jvazquez-r7 f65e82523b Clean screen_capture 2013-11-13 13:40:41 -06:00
James Lee 3168359a82
Refactor lsa and add a spec for its crypto methods 2013-11-13 11:55:39 -06:00
Peter Toth 0c096c10fb Submitting first version for pull request 2013-11-13 17:03:38 +01:00
Peter Toth f5760d5e4c Removed unnecessary delay 2013-11-13 16:25:47 +01:00
Peter Toth c4a8bfb175 Tighter error handling 2013-11-13 16:19:38 +01:00
Peter Toth 78199409dd Changes according to feedback 2013-11-13 14:13:40 +01:00
Peter Toth 92da6760ef Modified module to use windows/screen_spy code 2013-11-13 13:30:20 +01:00
Peter Toth 3fdaf4de94 Work in progress 2013-11-13 13:11:27 +01:00
Peter Toth 76660b858c In progress 2013-11-13 12:32:49 +01:00
Peter Toth 049111cd94 In progress 2013-11-13 11:21:39 +01:00
Peter Toth d9c402c035 Fixed the module name 2013-11-13 08:57:50 +01:00
jvazquez-r7 8771b163f0 Solve conflicts with aladdin_choosefilepath_bof 2013-11-12 23:11:42 -06:00
Peter Toth 2d9e8e09e6 Minor bugfix 2013-11-13 02:07:06 +01:00
Peter Toth 1fed50c96a General improvements according to feedback 2013-11-13 01:54:42 +01:00
OJ e4fc361b37 Various tidies and fixes
* Change ranking.
* Update references to comply with correct approach.
* Update messages to better describe what should happen.
* Update the Windows version regex to match XP.
* Update `check` function to use `unless`.

Thanks again @jvazquez-r7 for the feedback!
2013-11-13 10:38:48 +10:00
Peter Toth 6e12553393 Changed option SNAP_FILETYPE to FILETYPE 2013-11-13 00:51:58 +01:00
Peter Toth 779cb48b76 General improvements addressing feedback 2013-11-13 00:42:00 +01:00
jvazquez-r7 ef6d9db48f
Land #2613, @wchen-r7's BrowserExploitServer mixin 2013-11-12 17:33:12 -06:00
William Vu da25785eba
Land #2350, shell_bind_tcp_random_port for Linux 2013-11-12 16:06:37 -06:00
jvazquez-r7 004c1bac78 Reduce number of modules available on BrowserAutopwn 2013-11-12 12:37:29 -06:00
sinn3r 970e70a853
Land #2626 - Add wordpress scanner 2013-11-12 11:30:23 -06:00
sinn3r 6a28f1f2a7
Change 4-space tabs to 2-space tabs 2013-11-12 11:29:28 -06:00
OJ 40f58ce534
Finalise the local exploit for kitrap0d
The exploit now properly injects the DLL using RDI and invokes the
exploit based on a parameter passed by the Ruby module. The elevate
code is 'generic' with a goal of possibly supporting more exploits
down the track.

New sessions are now created with the SYSTEM creds, rather than
modifying the existing session. This is now inline with how things
are done with other local modules.
2013-11-12 23:01:24 +10:00
Peter Toth c5f21ef463 added osx vpn module 2013-11-12 12:47:33 +01:00
Peter Toth b722fee15c added OSX module screen_capture 2013-11-12 12:32:30 +01:00
Tod Beardsley 65993704c3
Actually commit the mode change. 2013-11-11 22:16:29 -06:00
Tod Beardsley 2035983d3c
Fix a handful of msftidy warnings, and XXX SSL
Marked the SSL stuff as something that needs to be resolved in order to
fix a future bug in datastore manipulation. Also, fixed some whitespace
and exec complaints

[SeeRM #8498]
2013-11-11 21:23:35 -06:00
jvazquez-r7 b01d8c50e0 Restore module crash documentation 2013-11-11 17:09:41 -06:00
jvazquez-r7 30de61168d Support heap spray obfuscation 2013-11-11 17:05:54 -06:00
jvazquez-r7 922f0eb900 Switch aladdin_choosefilepath_bof2 to use BrowserExploitServer 2013-11-11 17:01:09 -06:00
Geyslan G. Bem 28c5dd63fd references fix 2013-11-11 17:14:50 -03:00
Geyslan G. Bem 8f6917a117 references fix 2013-11-11 17:12:45 -03:00
Geyslan G. Bem e3641158d9 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-11-11 14:29:19 -03:00
Geyslan G. Bem 030fbba539 Merge branch 'master' of https://github.com/geyslan/metasploit-framework 2013-11-11 14:22:00 -03:00
Tod Beardsley 81a7b1a9bf
Fixes for #2350, random bind shellcode
* Moved shortlink to a reference.
  * Reformat e-mail address.
  * Fixed whitespace
  * Use multiline quote per most other module descriptions

Still need to resplat the modules, but it's no big thang to do that
after landing. Also, References do not seem to appear for post modules
in the normal msfconsole. This is a bug in the UI, not for these modules
-- many payloads would benefit from being explicit on their references,
so may as well start with these.
2013-11-11 10:33:15 -06:00
sinn3r b887ed68b5
Land #2608 - Allow guest login option for psexec. 2013-11-11 10:09:41 -06:00
OJ 82739c0315 Add extra URL for exploit detail 2013-11-11 22:07:36 +10:00
OJ 6a25ba18be Move kitrap0d exploit from getsystem to local exploit
This version modifies the existing meterpreter session and bumps the privs
up to SYSTEM. However it's not how local exploits are supposed to work.
More work will be done to make this create a new session with the elevated
privs instead.
2013-11-11 17:14:40 +10:00
FireFart 48faa38c44 bugfix for wordpress_scanner 2013-11-11 00:24:32 +01:00
FireFart b472c2b195 added a wordpress scanner 2013-11-10 23:08:59 +01:00
jvazquez-r7 40f8e80775 Fix jlee-r7's feedback 2013-11-08 14:28:19 -06:00
jvazquez-r7 d419c73488
Land #2517, @3v0lver's exploit for cve-2008-2286 2013-11-08 08:41:04 -06:00
jvazquez-r7 fddb69edb3 Use instance variables for 1-time injections 2013-11-08 08:30:35 -06:00
jvazquez-r7 69b261a9f2 Clean post exploitation code 2013-11-07 18:11:54 -06:00
jvazquez-r7 9f51268d21 Make xp_shell_enable instance variable 2013-11-07 17:53:28 -06:00
jvazquez-r7 aa1000df72 Clean check method 2013-11-07 17:44:22 -06:00
jvazquez-r7 c2662d28e0 Move module to the misc folder 2013-11-07 17:34:22 -06:00
jvazquez-r7 b068e4beb5 Fix indentation and refactor send_update_computer 2013-11-07 17:33:35 -06:00
FireFart bdd33d4daf implement feedback from @jlee-r7 2013-11-07 23:07:58 +01:00
FireFart cc3ee5f97b typo3_bruteforce: update msf license 2013-11-07 22:53:28 +01:00
FireFart e897c8379f typo3_bruteforce: bugfix 2013-11-07 22:46:26 +01:00
FireFart 9d616dbfe9 added typo3 bruteforcer 2013-11-07 22:38:27 +01:00
jvazquez-r7 b7e360922d Update ranking 2013-11-07 15:10:26 -06:00
jvazquez-r7 decf6ff6a0 Add module for CVE-2013-3623 2013-11-07 14:59:40 -06:00
jvazquez-r7 bdba80c05c
Land #2569, @averagesecurityguy and others exploit for CVE-2013-4468, CVE-2013-4467 2013-11-07 12:20:42 -06:00
scriptjunkie 7615264b17 Merge branch 'lanattacks_fix' of git://github.com/OJ/metasploit-framework into OJ-lanattacks_fix 2013-11-07 10:35:00 -06:00
root 944528e633 Updated for temporal pathing with TEMP variable 2013-11-07 01:34:55 -05:00
jvazquez-r7 2d4090d9c3 Make option astGUIclient credentials 2013-11-06 20:33:47 -06:00
jvazquez-r7 24d22c96a5 Improve exploitation 2013-11-06 20:15:40 -06:00
jvazquez-r7 2b2ec1a576 Change module location 2013-11-06 15:53:45 -06:00
jvazquez-r7 b9cb8e7930 Add new options 2013-11-06 15:53:12 -06:00
HD Moore 09c31f7582 Small nitpicks to catch bad http responses 2013-11-06 15:06:04 -06:00
Tod Beardsley 7ec7248500
Land #2610, new Supermicro modules 2013-11-06 14:26:19 -06:00
Tod Beardsley 91639dbb99
Trailing whitespace 2013-11-06 14:25:28 -06:00
Tod Beardsley 079816777a
I kin spel 2013-11-06 14:22:41 -06:00
HD Moore 6b43d94c72 Rename, change titles/descriptions, fix minor bugs 2013-11-06 13:45:40 -06:00
jvazquez-r7 b9caf091d4 Change supermicro_ipmi_traversal location 2013-11-06 12:47:50 -06:00
jvazquez-r7 c132a60973 Move Supermicro web interface name to a constant 2013-11-06 12:47:50 -06:00
jvazquez-r7 0609c5b290 Move private key to a constant 2013-11-06 12:47:50 -06:00
jvazquez-r7 275fd5e2ba Sort options by name 2013-11-06 12:47:50 -06:00
jvazquez-r7 9f87fb33a7 Move digest calculation to a variable 2013-11-06 12:47:50 -06:00
Tod Beardsley 46f0998903 Add URL refs 2013-11-06 12:47:50 -06:00
Tod Beardsley a973862c74 Add new modules 2013-11-06 12:47:50 -06:00
scriptjunkie 61e4700832
Allow guest login option.
This enables obtaining or maintaining access to properly misconfigured
systems through the Guest account.
2013-11-06 11:28:13 -06:00
OJ 7dcb071f11 Remote shebang and fix pxexeploit 2013-11-06 07:10:25 +10:00
James Lee faf6be4529
Missed an errant require
Wasn't even using it anyway
2013-11-05 14:00:55 -06:00
James Lee 9e30c58495 Blow away remnants of Local::Unix 2013-11-05 13:51:45 -06:00
James Lee 36f96d343e Revert "Revert "Land #2505" to resolve new rspec fails"
This reverts commit e7d3206dc9.
2013-11-05 13:45:00 -06:00
OJ f62247e731 Fix comments, indenting and pxexploit module
Updated the comments and indentation so they're not blatantly wrong.

Adjusted the pxexploit module so that it doesn't break any more as
a result of the refactoring.
2013-11-05 06:35:50 +10:00
Tod Beardsley 84572c58a8
Minor fixup for release
* Adds some new refs.
  * Fixes a typo in a module desc.
  * Fixes a weird slash continuation for string building (See #2589)
2013-11-04 12:10:38 -06:00
jvazquez-r7 79e59b2066 Fix metasm data 2013-11-02 10:37:57 -05:00
jvazquez-r7 b077b0accf Add byte xori mipsle encoder 2013-11-02 10:22:41 -05:00
root 5c923757e8 Removed generic command execution capability 2013-10-30 21:35:24 -04:00
William Vu f5d1d8eace chmod -x .rb files without #! in modules and lib
It wasn't just cmdstager_printf.rb. :/
2013-10-30 19:51:25 -05:00
jvazquez-r7 c92e8ff98d Delete extra space 2013-10-30 19:34:54 -05:00
Tod Beardsley e488a54a06
Resplat new WMI module 2013-10-30 15:14:16 -05:00
Tod Beardsley 98224ee89f
CVE update for vtiger issue 2013-10-30 13:48:35 -05:00
Tod Beardsley 344413b74d
Reorder refs for some reason. 2013-10-30 12:25:55 -05:00
Tod Beardsley 32794f9d37
Move OpenBravo to aux module land 2013-10-30 12:20:04 -05:00
Tod Beardsley 17d796296c
Un-dupe References for ispconfig 2013-10-30 12:03:35 -05:00
Tod Beardsley 0d480f3a7d
Typo fix 2013-10-30 11:38:04 -05:00
Tod Beardsley 97a4ca0752
Update references for FOSS modules 2013-10-30 11:36:16 -05:00
Tod Beardsley 78381316a2
Add @brandonprry's seven new modules
Already reviewed privately, no associated PR.
2013-10-30 11:04:21 -05:00
Tod Beardsley 5b76947767
Add a few more modules. 2013-10-30 10:25:48 -05:00
jvazquez-r7 c8ceaa25c6
Land #2589, @wvu-r7's exploit for OSVDB 98714 2013-10-29 14:56:30 -05:00
jvazquez-r7 9f81aeb4ad Fix style 2013-10-29 14:55:16 -05:00
William Vu 5af42f2c28 Add short comment on why the padding is necessary 2013-10-29 11:46:10 -05:00
William Vu e368cb0a5e Add Win7 SP1 to WinXP SP3 target 2013-10-29 10:45:14 -05:00
jvazquez-r7 c4c171d63f Clean processmaker_exec 2013-10-29 09:53:39 -05:00
bcoles 3eed800b85 Add ProcessMaker Open Source Authenticated PHP Code Execution 2013-10-29 23:27:29 +10:30
William Vu ea7bba4035 Add Beetel Connection Manager NetConfig.ini BOF 2013-10-28 22:52:02 -05:00
Tod Beardsley 4128aa8c08
Resplat and tabs 2013-10-28 14:03:15 -05:00
Tod Beardsley 9045eb06b0
Various title and description updates 2013-10-28 14:00:19 -05:00
Tod Beardsley 9bb9f8b27b
Update descriptions on SMB file utils. 2013-10-28 13:48:25 -05:00
Tod Beardsley 0f63420e9f
Be specific about the type of hash
See #2583. Since there are several types of hashes, we need to be more
specific about this -- see modules/exploits/windows/smb/psexec.rb which
uses an "smb_hash" as a password type.

Also, the fixes in #2583 do not appear to address anything else reported
on the Redmine issue, namely, operating system and architecture
identification discovered with this module (assuming good credentials).
Therefore, the Redmine issue should not be considered resolved.

[SeeRM #4398]
2013-10-28 13:40:07 -05:00
William Vu 1fee3ce952
Land #2584, reporting for energizer_duo_detect 2013-10-28 10:48:20 -05:00
jvazquez-r7 efcfc9eef7
Land #2273, @kaospunk's enum domain feature for owa_login 2013-10-28 09:47:54 -05:00
jvazquez-r7 71a1ccf771 Clean owa_login enum_domain feature 2013-10-28 09:46:41 -05:00
sinn3r 87dc58191d
Land #2583 - Report creds to db 2013-10-26 23:22:40 -05:00
William Vu 278dff93e7 Add missing require for Msf::Exploit::Powershell
Thanks for the report, @mubix.
2013-10-25 21:41:24 -05:00
jvazquez-r7 e0aec13ce1 [FixRM #4397] Add reporting for energizer_duo_detect 2013-10-25 16:51:44 -05:00
jvazquez-r7 9276a839d4 [FixRM #4398] Report credentials to database 2013-10-25 16:19:47 -05:00
jvazquez-r7 df83114f0b
Land #2578, @wchen-r7's [FixRM #8525] 2013-10-25 13:28:59 -05:00
sinn3r a95425de08 Check dec instead 2013-10-25 10:47:41 -05:00
jvazquez-r7 b69ee1fc67 [FixRM #8419] Add module platform to ms04_011_pct 2013-10-25 09:29:19 -05:00
sinn3r 1d0a3aad70 [FixRM #8525] undefined method `+' for nil:NilClass in enum_ie
Looks like for some reason if CryptUnprotectData fails, the decrypt_reg()
method will return "". And when you unpack "", you produce an array of nils.
Since you cannot add something to nil, this should cause an
"undefined method `+' for nil:NilClass" error.

This will check if we get an array of nils, we jump to the next iteration.
2013-10-25 00:26:38 -05:00
jvazquez-r7 dd094eee04 Use 443 by default with SSL 2013-10-24 16:30:26 -05:00
jvazquez-r7 72f686d99a Add module for CVE-2013-2751 2013-10-24 16:10:32 -05:00
sinn3r 7d788fbf76
Land #2571 - HP Intelligent Management SOM FileDownloadServlet Arbitrary Download 2013-10-24 14:15:26 -05:00
sinn3r 7ee615223d
Land #2570 - HP Intelligent Management SOM Account Creation 2013-10-24 14:14:06 -05:00
jvazquez-r7 ea80c15c3b
Land #2383, @jamcut's aux module for jenkins enum 2013-10-24 11:31:36 -05:00
jvazquez-r7 8428671f32
Land #2455, @juushya's aux module for radware 2013-10-24 10:54:02 -05:00
jvazquez-r7 1673b66cbe Delete some white lines 2013-10-24 10:50:14 -05:00
jvazquez-r7 b589e9aa6e Use the peer method 2013-10-24 10:45:02 -05:00
jvazquez-r7 2ef33aabe7 Clean open_flash_chart_upload_exec 2013-10-24 10:15:28 -05:00
AverageSecurityGuy 110daa6e96 Check for nil response from request in check method. 2013-10-24 09:12:37 -04:00
bcoles 8a5d4d45b4 Add Open Flash Chart v2 Arbitrary File Upload exploit 2013-10-24 22:46:41 +10:30
AverageSecurityGuy ecbbd7bb4b Ran resplat.rb and retab.rb. Fixed msftidy issues. 2013-10-23 20:59:27 -04:00
Tod Beardsley b5f26455a3
Land #2545, javascript library overhaul 2013-10-23 16:12:49 -05:00
jvazquez-r7 255cd18868 Use peer helper 2013-10-23 16:08:40 -05:00
jvazquez-r7 69da39ad52 Add module for ZDI-13-240 2013-10-23 16:01:01 -05:00
AverageSecurityGuy 655e09f007 Fixed description to look better in info output. 2013-10-23 16:36:39 -04:00
AverageSecurityGuy 9f84ced00e Fixed boilerplate text. 2013-10-23 16:13:25 -04:00
AverageSecurityGuy 58a32ebb45 Initial commit. 2013-10-23 14:47:42 -04:00
sinn3r d1e1968cb9
Land #2566 - Download and delete a file via SMB 2013-10-23 12:28:57 -05:00
sinn3r 9a51dd5fc4 Do exception handling and stuff 2013-10-23 12:28:25 -05:00
sinn3r 0500842625 Do some exception handling 2013-10-23 12:22:49 -05:00
sinn3r 83a4ac17e8 Make sure fd is closed to avoid a possible resource leak 2013-10-23 12:16:18 -05:00
sinn3r af02fd0355 Use store_loot, sorry mubix 2013-10-23 12:13:05 -05:00
jvazquez-r7 55e3f36589 Add module for ZDI-13-242 2013-10-23 11:24:29 -05:00
William Vu bea04cceeb Remove the trailing slash from the ZDI ref 2013-10-23 11:05:33 -05:00
Booboule 7d84fa487e Correct ZDI ref to match new scheme 2013-10-23 11:44:44 +02:00
Rob Fuller 8f3228d191 chage author but basic copied from hdms upload_file 2013-10-22 21:13:30 -04:00
sinn3r acc73dd545
Land #2282 - BypassUAC now checks if the process is LowIntegrityLevel 2013-10-22 17:16:26 -05:00
sinn3r af174639cd
Land #2468 - Hwnd Broadcast Performance 2013-10-22 17:03:02 -05:00
sinn3r 2e8c369c69
Land #2559 - remove content-length 2013-10-22 16:03:42 -05:00
Tod Beardsley dc0d9ae21d
Land #2560, ZDI references
[FixRM #8513]
2013-10-22 15:58:21 -05:00
sinn3r e1c4aef805
Land #1789 - Windows SSO Post Module 2013-10-22 15:48:15 -05:00
Meatballs 8611a2a24c
Merge remote-tracking branch 'upstream/master' into low_integ_bypassuac 2013-10-22 21:42:36 +01:00
sinn3r ba1edc6fa8
Land #2402 - Windows Management Instrumentation Local -> Peers 2013-10-22 15:39:32 -05:00
Rob Fuller b2b8824e2e add delete and download modules for smb 2013-10-22 16:31:56 -04:00
root 85479f5994 removed PrependMigrate, introduced migrate -f 2013-10-22 16:11:19 -04:00
jvazquez-r7 6989f16661
Land #2548, @titanous's aux module for CVE-2013-4450 2013-10-22 15:02:54 -05:00
jvazquez-r7 bdf07456ba Last cleanup for nodejs_pipelining 2013-10-22 15:00:58 -05:00
Jonathan Rudenberg db447b65f9 Add exploit for Node.js HTTP Pipelining DoS 2013-10-22 15:12:14 -04:00
jvazquez-r7 11b2719ccc Change module plate 2013-10-22 12:36:58 -05:00
jvazquez-r7 df42dfe863
Land #2536, @ddouhine's exploit for ZDI-11-061 2013-10-22 12:35:40 -05:00
jvazquez-r7 c34155b8be Clean replication_manager_exec 2013-10-22 12:34:35 -05:00
jvazquez-r7 a4dd53f650 Chane module filename 2013-10-22 11:16:14 -05:00
jvazquez-r7 cdd183f43a Add reporting 2013-10-22 11:15:16 -05:00
Rob Fuller e447aff0ec Fix misleading statement in Outlook post module
Since this module doesn't retrieve domain exchange information as it isn't stored there it shouldn't say that Outlook isn't installed at all.
2013-10-22 11:53:15 -04:00
jvazquez-r7 0d73275c3f Delete not necessary check 2013-10-22 10:39:54 -05:00
jvazquez-r7 c50e7c73b6 Make parsing easier 2013-10-22 10:30:03 -05:00