infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,674 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

11674 Commits (c5e667a1dc0f91718e63752f7997f51088fe3606)

Author SHA1 Message Date
andurin 7b4de2380f Small fix: RPC client exception handling 
IMHO rpc client should transform the error code from Msf::RPC::Exception
into it's own Msf::RPC::ServerException and should not take the msgpack
response code.

In deep:
I ran into a '401 invalid auth token' after a token timeout (300s).
RPC Daemon raised a 401 - invalid auth token as expected but rpc client
transformed it to a '200 - invalid auth token' using the successful http
transaction to transport the exception.
 2011-12-30 05:44:26 +01:00
Tod Beardsley bc22b7de99 MSFConsole should display hostless loot, also typo fix. 
Fixes the console to display loot not associated with a host, as when
the CorpWatch modules save loot. Also fixes a typo on
corpwatch_lookup_id.rb

Fixes #6177
 2011-12-29 15:11:15 -06:00
Tod Beardsley 78da15ed15 Always check for the current workspace when calling Report#myworkspace(). 
Fixes #6175
 2011-12-29 13:48:05 -06:00
sinn3r b202c29153 Correct e-mail format 2011-12-29 11:27:10 -06:00
sinn3r d484e18300 Add e-mail for tecr0c 2011-12-29 11:14:15 -06:00
sinn3r 9972f42953 Add e-mail for mr_me for consistency 2011-12-29 11:01:38 -06:00
sinn3r b5b2c57b9f Correct e-mail format 2011-12-29 10:57:00 -06:00
sinn3r a330a5c63a Add e-mail for Brandon 2011-12-29 10:53:39 -06:00
sinn3r 9b154972cf Merge branch 'master' of https://github.com/swtornio/metasploit-framework into swtornio-master 2011-12-29 09:36:15 -06:00
Tod Beardsley 4d8aea4ef8 Missed a session.options. 2011-12-29 08:59:16 -06:00
Steve Tornio 778d396bc6 add osvdb ref 2011-12-29 07:54:15 -06:00
Steve Tornio 6d72dbb609 add osvdb ref 2011-12-29 07:54:01 -06:00
Steve Tornio a00dad32fe Merge branch 'master' of git://github.com/rapid7/metasploit-framework 2011-12-29 07:50:33 -06:00
Steve Tornio 27d1601028 add osvdb ref 2011-12-29 07:49:16 -06:00
chao-mu ebe461cce7 Merge branch 'master' of git://github.com/rapid7/metasploit-framework 2011-12-28 20:14:01 -05:00
chao-mu 0054fb5167 using select! instead of delete_if to avoid double negatives... 2011-12-28 20:05:54 -05:00
Tod Beardsley 84dfd46006 Merge pull request #83 from dirtyfilthy/rename_ssh_forward_options_var 
rename non existent local variable 'options' to correct session.options
 2011-12-28 13:52:28 -08:00
Brandon Perry c88b582f97 Add CorpWatch Name lookup module by bperry 2011-12-28 15:43:21 -06:00
Brandon Perry d896f128e5 Add CorpWatch ID Lookup module by bperry 2011-12-28 15:41:28 -06:00
Tod Beardsley dc1b9570b8 Grammar and spelling on splunk and oracle exploits 2011-12-28 13:44:44 -06:00
Tod Beardsley 65b4cb3a40 Merge branch 'master' of github_r7:rapid7/metasploit-framework 2011-12-28 13:43:16 -06:00
Tod Beardsley 0e3370f1fe Grammar and spelling on splunk and oracle exploits 2011-12-28 13:42:56 -06:00
David Maloney 5a860f45ef Fixed typo in validation routine 2011-12-28 12:10:38 -06:00
David Maloney 3bb2b5b7fd Fixed typo in validation routine 2011-12-28 09:40:36 -08:00
David Maloney 9e1e87508f Fix to boundary validation for when no db is present 
Fixes #6171
 2011-12-28 08:47:22 -08:00
HD Moore 5dc647a125 Make it clear that this exploit is for RHEL 3 (White Box 3 uses the same 
packages)
 2011-12-28 02:02:03 -06:00
HD Moore 5d67bd2a5e Phew. Exhaustive test of all i386 FreeBSD versions complete 2011-12-28 01:38:55 -06:00
HD Moore 1ff0cb2eef More testing - looks like 5.5 is not exploitable, at least not the same 
way
 2011-12-28 01:30:25 -06:00
HD Moore e071944a1a Allow ff in payloads but double them back up 2011-12-28 00:04:24 -06:00
HD Moore edb9843ef9 Add Linux exploit with one sample target (Whitebox Linux 3) 2011-12-28 00:00:10 -06:00
chao-mu 5560c6b17e Moved and adapted code relating to looking up constant names by constant value 2011-12-28 00:40:08 -05:00
HD Moore 79103074cb Add credit for Dan's advice 2011-12-27 23:39:02 -06:00
HD Moore f9224d6010 Adds basic coverage for CVE-2011-4862. Ported from Jaime Penalba 
Estebanez's code, mostly written by Brandon Perry, exploit method (jmp
edx) by Dan Rosenberg, and general mangling/targets by hdm.
 2011-12-27 23:37:30 -06:00
chao-mu ffcf5af9b0 Merge remote branch 'upstream/master' 2011-12-27 22:06:51 -05:00
HD Moore 2ad5c56d48 Typo in comment 2011-12-27 19:11:09 -06:00
HD Moore 617f3250cf Handle patched systems accurately (requires actually triggering the bug) 2011-12-27 19:04:34 -06:00
HD Moore f8e3119215 Add references 2011-12-27 17:50:06 -06:00
David Maloney a2760b219d Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-12-27 11:34:36 -08:00
David Maloney 9b995bc0a5 Adds boundary validation to the framework 
enforces boudnary checking on netbios probes
 2011-12-27 11:33:52 -08:00
Jonathan Cran b409560088 bring up to date with master 2011-12-27 11:33:08 -06:00
sinn3r 101eba6aa5 Add CVE-2011-3587 Plone/Zope Remote CMD Injection (Feature #6151) 2011-12-27 00:59:26 -06:00
James Lee 80603e03cb grab the appropriate shell from mult-platform meterpreters and use /bin/sh instead of /bin/bash for linux to improve compatibility, fixes #5996 2011-12-26 14:41:24 -07:00
David Maloney 05f3af1e77 Fixed typo in the windows autlogin post module 2011-12-26 11:17:17 -08:00
alhazred 39b365702f rename non existent local variable 'options' to correct session.options 2011-12-26 21:40:46 +13:00
sinn3r a00937b4d8 Fix typo. 2011-12-24 15:32:08 -06:00
sinn3r 87cf4cefea Fix bug #6164 2011-12-24 15:26:20 -06:00
sinn3r 062f661991 Fix bug #6161 - Must explicitly convert e to e.to_s 2011-12-24 15:11:26 -06:00
sinn3r 8a705c9223 Fix bug #6158 - session.db_record might return nil but wasn't checked 2011-12-24 15:06:43 -06:00
chao-mu 1604162ba3 A place to add railgun convenience code for use in modules 2011-12-24 15:59:46 -05:00
sinn3r dcb66307be Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-12-24 14:58:40 -06:00