infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
19,201 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

9786 Commits (c4485b127cb9063bcf4052daa876582c0ff38a7e)

Author SHA1 Message Date
jvazquez-r7 867eed7957 Make msftidy happy 2013-06-30 10:01:40 -05:00
jvazquez-r7 db00599d44 Move carberp_backdoor_exec to unix webapp exploits foler 2013-06-30 10:00:14 -05:00
jvazquez-r7 79fb381412 Landing #2035, @bwall exploit for carberp control panel 2013-06-30 09:58:47 -05:00
HD Moore 8e4dd29a4c Add cipher zero scanner 2013-06-30 02:35:37 -05:00
jvazquez-r7 520a78e2c8 Add final cleanup for enable_support_account 2013-06-29 23:30:29 -05:00
jvazquez-r7 df88ace6d1 Land #1989, @salcho's post module for enable windows support account 2013-06-29 23:29:16 -05:00
HD Moore 1e21f0e2aa Updated output formats, top 1000 passwords 2013-06-29 22:01:25 -05:00
jvazquez-r7 6e7945ca5e Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-29 16:24:45 -05:00
salcho 8717a3b7d8 using post mixins, fixed checks, module renamed 2013-06-29 15:44:36 -05:00
salcho 00bf9070aa using post mixins, fixed checks, module renamed 2013-06-29 15:41:36 -05:00
Brian Wallace d990c7f21f Dat line 2013-06-29 09:46:36 -07:00
Brian Wallace ec7c9b039a Further refactoring requested 2013-06-29 09:45:22 -07:00
jvazquez-r7 a2b8daf149 Modify fail message when exploitation doen't success 2013-06-29 10:45:13 -05:00
jvazquez-r7 a5c3f4ca9b Modify ruby code according to comments 2013-06-29 08:54:00 -05:00
Brian Wallace 8542342ff6 Merge branch 'carberp_backdoor_exec' of git@github.com:bwall/metasploit-framework.git into carberp_backdoor_exec 2013-06-28 22:45:03 -07:00
Brian Wallace b8cada9ab0 Applied some refactoring to decrease line count 2013-06-28 22:44:23 -07:00
jvazquez-r7 427e26c4dc Fix current_pid 2013-06-28 21:36:49 -05:00
jvazquez-r7 32ae7ec2fa Fix error description and bad variable usage 2013-06-28 21:30:33 -05:00
jvazquez-r7 fb67002df9 Switch from print_error to print_warning 2013-06-28 21:29:20 -05:00
jvazquez-r7 3ab948209b Fix module according to @wchen-r7 feedback 2013-06-28 20:44:42 -05:00
jvazquez-r7 00416f3430 Add a new print_status 2013-06-28 18:23:49 -05:00
jvazquez-r7 7725937461 Add Module for cve-2013-3660 2013-06-28 18:18:21 -05:00
(B)rian (Wall)ace 9486364cc4 Added Steven K's email 2013-06-28 15:31:17 -07:00
sinn3r 82eed1582f No need for the 2nd element 2013-06-28 17:05:43 -05:00
Brian Wallace fe0e16183c Carberp backdoor eval PoC 2013-06-28 14:47:13 -07:00
sinn3r a7ee95381b Updates module description, and uses the proper func for hex dump 
As an user, it's important to know that using this module may result
a lost session because it must migrate to grep memory, but does not
migrate back.

The module also has its own hex dump routine, which is no longer
needed because we have a built-in Rex::Text.to_hex_dump
 2013-06-28 16:28:00 -05:00
James Lee f158e421fa Add requires for pptp_tunnel 2013-06-28 10:07:52 -05:00
jvazquez-r7 3c1af8217b Land #2011, @matthiaskaiser's exploit for cve-2013-2460 2013-06-26 14:35:22 -05:00
jvazquez-r7 81a2d9d1d5 Merge branch 'module_java_jre17_provider_skeleton' of https://github.com/matthiaskaiser/metasploit-framework 2013-06-26 14:32:59 -05:00
jvazquez-r7 90b30dc317 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-26 14:31:52 -05:00
William Vu e4fb5b327f Land #2028, update references for multiple modules 2013-06-26 10:18:27 -05:00
Steve Tornio 6ea622c45e reference updates 2013-06-26 09:44:56 -05:00
jvazquez-r7 8d914a5a00 Land #2026, @egypt's patch for write_file on freebsd 2013-06-26 08:25:02 -05:00
sinn3r 88a42aeffe Land #2021 - Add SMTP open relay detection 2013-06-25 22:14:30 -05:00
sinn3r 7009748cf5 Fix module 2013-06-25 22:09:45 -05:00
jvazquez-r7 7ab4d4dcc4 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-25 17:34:29 -05:00
James Lee 3e929fb812 Use fixed `write_file` instead of re-implementing 2013-06-25 17:25:14 -05:00
Bruno Morisson 2da278f151 fixed indent 2013-06-25 23:08:58 +01:00
sinn3r 7ba54e2ece IIS requires a hello first 2013-06-25 15:43:58 -05:00
jvazquez-r7 5c265c99d2 Clean jboss_seam_exec @cmaruti's collab 2013-06-25 14:09:30 -05:00
jvazquez-r7 45a3e004c6 Land #1993, @cmaruti changes for jboss_seam_exec 2013-06-25 14:07:10 -05:00
Steve Tornio 5b71013dde reference updates 2013-06-25 13:41:22 -05:00
jvazquez-r7 4fa789791d Explain Ranking 2013-06-25 13:10:15 -05:00
jvazquez-r7 127300c62d Fix also ruby module 2013-06-25 12:59:42 -05:00
jvazquez-r7 1ade467ac9 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-25 11:10:43 -05:00
jvazquez-r7 b32513b1b8 Fix CVE-2013-2171 with @jlee-r7 feedback 2013-06-25 10:40:55 -05:00
zyx2k c829a7ec86 SMTP Open Relay scanner 2013-06-25 16:22:51 +01:00
jvazquez-r7 3244013b1f Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-25 09:48:20 -05:00
jvazquez-r7 c9a7372f9f Land #2014, @wchen-r7's exploit for CVE-2013-2171 2013-06-25 09:33:56 -05:00
jvazquez-r7 0c306260be Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-25 09:13:01 -05:00
William Vu d6374ddfff Land #2020, CVE and OSVDB update 2013-06-25 08:17:54 -05:00
William Vu 55ea0cb3bd Land #2019, correct module naming style 2013-06-25 08:17:33 -05:00
sinn3r 4df943d1a2 CVE and OSVDB update 2013-06-25 02:06:20 -05:00
sinn3r ecfe083b0e Correct module naming style 
I was just looking at these modules on the web gui, and these names
need to be fixed to maintain style consistency.
 2013-06-25 00:26:53 -05:00
jvazquez-r7 795dd6a02a Add module for OSVDB 93718 2013-06-24 23:51:28 -05:00
jvazquez-r7 e9fccb8dbd Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-24 22:07:48 -05:00
sinn3r 72847ee4c9 Land #2007 - Add local privilege escalation for ZPanel zsudo 2013-06-24 19:25:27 -05:00
jvazquez-r7 ca8ce363b8 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-24 16:32:55 -05:00
sinn3r d974e395e4 Add a check by checking uname 2013-06-24 15:54:41 -05:00
sinn3r 6b8e0605c0 Use FileDropper 2013-06-24 15:48:54 -05:00
HD Moore be20a76be1 Remove 'Hash' string from the written output 2013-06-24 15:45:09 -05:00
HD Moore 24b7d19ecc Fix target regex and wfsdelay 2013-06-24 14:56:43 -05:00
HD Moore 1801a5a270 Better HP iLO compatibility (retry on session ID error) 2013-06-24 14:23:53 -05:00
jvazquez-r7 b86b4d955a Make random strings also length random 2013-06-24 12:01:30 -05:00
jvazquez-r7 98fddb6ce1 up to date 2013-06-24 11:57:11 -05:00
sinn3r 6780566a54 Add CVE-2013-2171: FreeBSD 9 Address Space Manipulation Module 2013-06-24 11:50:21 -05:00
jvazquez-r7 f7650a4b18 Fix wrong local variable 2013-06-24 11:35:26 -05:00
sinn3r b3d90c68a4 Land #2008 - More OSVDB refs 2013-06-24 01:53:29 -05:00
Matthias Kaiser 8a96b7f9f2 added Java7u21 RCE module 
Click2Play bypass doesn't seem to work anymore.
 2013-06-24 02:04:38 -04:00
RageLtMan 593a99d76e ipmi version scanner: fix probe method name 2013-06-24 01:38:17 -04:00
jvazquez-r7 31fcb911f2 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-23 21:41:10 -05:00
Steve Tornio a920127f8c reference updates for several modules 2013-06-23 20:43:34 -05:00
sinn3r 5b0092ff39 Land #2006 - Ref updates 2013-06-23 18:26:48 -05:00
Bruno Morisson 7ab8485acc output as table, added info on ports, added comment with default ports. msftidy cleanup. 2013-06-23 23:59:31 +01:00
Bruno Morisson 3cfcdfca9e output as table, added info on ports, added comment with default ports 2013-06-23 23:52:48 +01:00
Bruno Morisson 9f5eceec10 minor cleanups 2013-06-23 17:55:38 +01:00
jvazquez-r7 6672679530 Add local privilege escalation for ZPanel zsudo abuse 2013-06-23 11:00:39 -05:00
HD Moore c869112407 Cleanup, reporting, and automatic cracking 2013-06-23 01:35:31 -05:00
HD Moore 5656e0cb7a Initial commit of IPMI library, scanner, & cracker 2013-06-22 23:38:28 -05:00
jvazquez-r7 b49c4c4e9e up to date 2013-06-22 18:28:17 -05:00
Bruno Morisson e969cbb0bb added INSTANCES option, and support for it on PORTS 2013-06-22 23:09:59 +01:00
jvazquez-r7 345773592f Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-22 13:54:47 -05:00
jvazquez-r7 04e6167f90 zpanel 2013-06-22 13:54:22 -05:00
jvazquez-r7 e9883fe5b9 Land #2005, @wchen-r7's exploit for ZPanel htpasswd 2013-06-22 13:24:23 -05:00
jvazquez-r7 2150d9efb0 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-22 12:06:18 -05:00
Steve Tornio 427f063c48 fix formatting 2013-06-22 07:32:29 -05:00
Steve Tornio 1e25dedb66 fix formatting 2013-06-22 07:31:47 -05:00
Steve Tornio 14850cd387 reference updates for multiple modules 2013-06-22 07:28:04 -05:00
sinn3r de659326ce Land #2003 - Novell Client 4.91 SP4 nwfs.sys Local Privilege Escalation 2013-06-21 21:52:32 -05:00
sinn3r 5de7fff685 Credit 2013-06-21 21:38:40 -05:00
sinn3r 339f2a5c83 Hmmm, one extra ',' 2013-06-21 21:29:17 -05:00
sinn3r 8d422c9a39 Forgot to randomize the fake pass and remove the payload during testing 2013-06-21 21:27:11 -05:00
sinn3r e7d75d6d16 Add OSVDB-94038: ZPanel htpasswd Module Username Command Execution 2013-06-21 21:03:10 -05:00
Markus Wulftange afa0e6c42a Use CmdStagerVBS instead of CmdStagerTFTP 
By using `php.exe` as stager, the bad characters can be completely
bypassed. This allows the use of the CmdStagerVBS, which should be
working on all supported Windows systems.
 2013-06-22 01:13:03 +02:00
jvazquez-r7 f106b6db50 Add comment with the component version 2013-06-21 17:38:30 -05:00
jvazquez-r7 5fe9a80bf0 Add module for OSVDB 46578 2013-06-21 17:31:40 -05:00
jvazquez-r7 469d7b968f Land #1997, @wchen-r7's brute forcer login for HP SMH 2013-06-20 23:56:24 -05:00
salcho 36c3460911 changed reference 2013-06-20 18:02:25 -05:00
salcho c1994db2a7 shorter title, included msf::post mixins, added reference and overall readability 2013-06-20 17:42:38 -05:00
jvazquez-r7 785639148c Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-20 17:18:42 -05:00