infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
43,516 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

43516 Commits (c67e407c9c5cd28d555e1c2614776e05b628749d)

Author SHA1 Message Date
h00die 8f05f7eeb6 add tool to dump descriptions 2017-08-24 21:41:46 -04:00
h00die 32a4436ecd first round of spelling/grammar fixes 2017-08-24 21:38:44 -04:00
Adam Cammack bd94a46c70
Land #8884, Fix logic for on_session callbacks 2017-08-24 17:24:56 -05:00
William Vu 602a29ae55
Land #8885, phpmailer_arg_injection redirect fix 2017-08-24 01:53:09 -05:00
n00py 8f17d536a7 Update phpmailer_arg_injection.rb 
Removed second parameter as it was not necessary.  Only changed needed was to change "send_request_cgi" to "send_request_cgi!"
 2017-08-24 00:29:28 -06:00
Metasploit 2f72404b26
Bump version of framework to 4.16.2 2017-08-23 19:11:11 -07:00
n00py c49b72a470 Follow 301 re-direct 
I found that in some cases, the trigger URL cannot be accessed directly.  For example, if the uploaded file was example.php, browsing to "example.php" would hit a 301 re-direct to "/example".  It isn't until hitting "/example" that the php is executed.  This small change will just allow the trigger to follow one 301 redirect.
 2017-08-23 18:53:54 -06:00
h00die 899c2cc6fa
Land #8866 tcp scanner docs 2017-08-23 20:23:51 -04:00
h00die a54ef94c79 style fixes 2017-08-23 20:20:31 -04:00
Brent Cook 821121d40b
Land #8871, improve compatibility and speed of JDWP exploit 2017-08-23 18:53:47 -05:00
Brent Cook d3775c3919 fix logic for calling on_session callbacks 2017-08-23 18:41:50 -05:00
Adam Cammack eb5ec8cdd7
Land #8883, Fixup R payload platform and metadata 2017-08-23 17:07:25 -05:00
Jeffrey Martin cba4d36df2
provide missing bits for R platform 2017-08-23 16:58:48 -05:00
Metasploit 7c2fa20191
Bump version of framework to 4.16.1 2017-08-23 10:36:19 -07:00
William Webb 6edc0c8fd0
Land #8882, Add ./ to cmd_use for paths and simplify cases 2017-08-23 10:42:04 -05:00
William Vu 100afaf251 Add ./ to cmd_use for paths and simplify cases 
Don't accommodate typos.
 2017-08-23 10:24:37 -05:00
Deepanshu Gajbhiye 0fac36c2af Update tcp.md 2017-08-23 10:36:56 +05:30
Deepanshu Gajbhiye 99dfc9901c Update tcp.md 
Adding documentation for tcp module
 2017-08-23 10:36:08 +05:30
Deepanshu Gajbhiye d254da5150 Update tcp.md 2017-08-23 10:23:28 +05:30
Deepanshu Gajbhiye 6fb90640b9 Update tcp.md 2017-08-23 10:02:21 +05:30
William Vu 4c285c0129
Land #8827, QNAP Transcode Server RCE 2017-08-22 23:07:01 -05:00
Brent Cook 41eba74ddf prefer Addrinfo over ipaddress gem 2017-08-22 23:03:45 -05:00
h00die a0585dcb9e
Land #8872 docs for octopusdeploy_deploy 2017-08-22 21:36:44 -04:00
Jon Hart e4fc307ebb
Add docs 2017-08-22 15:12:02 -07:00
Jon Hart 7b18c17445
Appease rubocop 2017-08-22 14:53:21 -07:00
Brent Cook 128949217e more osx 2017-08-22 16:48:09 -05:00
Jon Hart 2969da3d70
Merge branch 'upstream-master' into feature/cisco-smi-scanner 2017-08-22 14:39:44 -07:00
Brent Cook bb120962aa more osx support 2017-08-22 14:01:48 -05:00
Brent Cook 7263c7a66e add 64-bit, osx support 2017-08-22 13:51:28 -05:00
Brent Cook 17aef43bb8 Fix UDP scanner mixin with multicast addresses 
This fixes #8828 by only binding UDP sockets when we have unicast
targets. If we have multicast, prefer unbound sockets.

This also brings in the 'ipaddress' gem for identifying multicast
addresses. It looks like it could replace a lot of custom-built
functionality in rex-socket, including RangeWalker. Will need to see how
efficient it is.
 2017-08-22 06:44:43 -05:00
Brent Cook 29c48f9d8d cleanup accounts post API 2017-08-21 23:00:57 -05:00
Brent Cook e3a9ddfc22 fix retry case for acquiring security descriptor 2017-08-21 22:52:53 -05:00
Brent Cook 33f2ebc2aa code cleanup 2017-08-21 22:46:30 -05:00
Brent Cook 58e332cc7c only fail if the group sids fail to resolve and we actually have to add a user 2017-08-21 22:36:40 -05:00
Brent Cook 0d17e94f54 handle unmapped sids consistently 2017-08-21 22:36:26 -05:00
james 7f8e6b83dc Update documentation for exploit/windows/http/octopusdeploy_deploy 
Remove self explanatory options.
 2017-08-21 19:47:24 -05:00
james 60215297be Update documentation for exploit/windows/http/octopusdeploy_deploy 
Fix awkward wording.
 2017-08-21 19:17:41 -05:00
james de9392995a Add documentation for exploit/windows/http/octopusdeploy_deploy 2017-08-21 19:11:36 -05:00
Louis Sato e01caac9ed
removing slice operators from jdwp_debugger 2017-08-21 16:36:54 -05:00
Brent Cook 031f48725f
add missing quotes 2017-08-21 16:16:03 -05:00
Brent Cook edbe8d73c2
Revert "Revert passive stance for multi/handler" 
This reverts commit 66a4ea4f0b.
 2017-08-21 16:14:23 -05:00
Brent Cook c14daf3fcc
Land #8857, Reverse and bind shells in R 2017-08-21 15:49:24 -05:00
Brent Cook 605330faf6
Land #8842, add linux/aarch64/shell_reverse_tcp 2017-08-21 15:44:28 -05:00
Brent Cook 970a784066
Land #8869, fix php create_function errors with non-suhosin environments 2017-08-21 15:40:24 -05:00
Brent Cook 430251b8f6
fix compatibility with php meterpreter 2017-08-21 15:37:31 -05:00
Brent Cook d39fb1ca07
Land #8867, Fix typo s/rport/port/ in build_brute_message 2017-08-21 15:28:14 -05:00
William Vu 8876919f38 Fix typo s/rport/port/ in build_brute_message 
I missed this in #7202.
 2017-08-21 12:32:41 -05:00
Deepanshu Gajbhiye 8f4fcb5094 tcp.md 
This module does a complete full tcp scan of each port on the target host. It does a full 3 way handshake on each port.
 2017-08-21 13:09:12 -04:00
OJ 14b49bff06
Land #8863 - Fix packet parser and payload specs 2017-08-21 19:08:34 +10:00
Brent Cook 22e245ac99 call from_r before checking packet output 2017-08-21 03:44:13 -05:00