infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
31,338 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

31338 Commits (c836078292f0fe42b126f1efd9055a05903d4693)

Author SHA1 Message Date
David Maloney c836078292
allow credentials to have a type of postgres_md5 
add postgres_md5 to the type validation on
Metasploit::Framework::Credential to account
for the new Private type

MSP-12244
 2015-03-03 16:35:30 -06:00
David Maloney aa4038d539
allow the postgres librry to take an md5 hash 
allow the raw md5 password hash to be passed in instead of
a password for md5 authentication in postgres. Adds an extra exception
class for when an md5 hash is given but the server expects
a different form of authentication.

MSP-12244
 2015-03-03 13:16:46 -06:00
Brent Cook 4b54517b95
Land #4864 @wvu-r7 changes reverse_python to be non-interactive 
This avoids sourcing the shell RC scripts, writing history, etc.
 2015-03-02 16:21:49 -06:00
William Vu a648e74c4b Remove unnecessary semicolon 2015-03-02 15:36:45 -06:00
William Vu 80169de4d0 Remove -i from shell in reverse_python 2015-03-02 15:29:50 -06:00
William Vu ecd7ae9c3b
Land #4857, symantec_web_gateway_restore module 2015-03-02 15:00:10 -06:00
sinn3r ad28f9767f Use include 2015-03-02 14:41:25 -06:00
sinn3r cb140434f9 Update 2015-03-02 12:59:21 -06:00
sinn3r 5f3ed83922
Land #4836, Solarwinds Core Orion Service SQL injection 2015-03-02 11:44:26 -06:00
Brandon Turner 6b3de2850b
Merge remote-tracking branch 'origin/release' 2015-03-01 00:50:34 -06:00
Brandon Turner c86b56684a
Fix bug preventing updates in pro 
The RPC code previously tested return values to see if an error key was
equal to true.  In 251c284458, this was
changed to check if the error key was truthy.

The pro updater returns an error key with a string describing an error
(or an empty string for no error).  Ruby strings evaluate as truthy
which caused the new behavior to throw an error.  This prevented
checking for and applying updates.

This reverts to the original behavior of checking for true explicitly
instead of checking for a truthy value.

MSP-12235
 2015-02-28 23:46:57 -06:00
William Vu ef330b970b
Land #4860, @OJ's Seagate 0day hotness 2015-02-28 21:55:54 -06:00
OJ 905a539a00 Add exploit for Seagate Business NAS devices 
This module is an exploit for a pre-authenticated remote code execution
vulnerability in Seagate Business NAS products.
 2015-03-01 13:25:28 +10:00
Brandon Perry f8e3874203 add nil check 2015-02-28 20:43:19 -06:00
sinn3r 4a1fbbdc3b Use datastore to find payload name 2015-02-28 19:56:32 -06:00
William Vu b27c9b9efc
Land #4838, reverse_http{,s} listening service fix 2015-02-27 21:02:58 -06:00
Tod Beardsley 7ab86be72a
Land #4859, reverting #4823. 
PR #4823 caused some update issues. I think #4823's heart was in the
right place, and I imagine it was only one or two lines that caused the
failures.
 2015-02-27 17:55:29 -06:00
sinn3r ac81318e7a Revert #4823, changes for ruby style guide 
This reverts commit 885469ca52, reversing
changes made to fd73445d9b.

Please see: #4823 for why.
 2015-02-27 17:28:00 -06:00
sinn3r ef9196ba6c Correct comment 2015-02-27 13:27:49 -06:00
sinn3r 7b6c39058a Correct target name 2015-02-27 13:24:57 -06:00
sinn3r 90aff51676 Add CVE-2014-7285, Symantec Web Gateway restore.php Command Injection 2015-02-27 12:31:29 -06:00
Brent Cook 49ae173057
Land #4844: the final tweaks to @wv-r7's PJL extensions 2015-02-26 17:39:49 -06:00
Brent Cook 1454ad79d8
Land #4844: @wv-r7 extends the PJL repetoire 2015-02-26 17:29:28 -06:00
Tod Beardsley 14b46161e3
Land #4851, fix rb-readline-r7 checker 2015-02-26 15:19:17 -06:00
William Vu 260c603ffb Fix msfconsole -L 
s/rb-readline/rb-readline-r7/

Should have been in #4816 (#4128).
 2015-02-26 15:14:38 -06:00
Tod Beardsley f9b47a329d
Land #4800, remove Lorcon source 
It's maintained upstream, mentioned in #3200, and the modules that did
use these were themselves broken.
 2015-02-26 15:03:32 -06:00
William Vu b35011012c Remove LORCON from LICENSE 2015-02-26 14:53:23 -06:00
William Vu b223dbdfcf Nuke external LORCON code from orbit 2015-02-26 14:52:01 -06:00
William Vu 3efae77212 Use /dev/null instead of /etc/passwd 
File.read returns "" on /dev/null. Don't try it on /dev/zero. :-)
 2015-02-26 14:19:25 -06:00
William Vu f625ad4f9c Remove unnecessary tests in spec 2015-02-26 14:12:39 -06:00
William Vu 0a51ca12a5 Download all of every file implicitly 2015-02-26 14:10:53 -06:00
William Vu d0ca1b2dc6 Delete a thing I added for no reason 2015-02-26 14:06:10 -06:00
William Vu 5996256ccc Fix formatting 2015-02-26 14:05:50 -06:00
Brandon Perry ceb92cdf5e update login method 2015-02-26 07:33:51 -06:00
William Vu 4aedd7e5d3 Fix spec for fsquery support 2015-02-25 18:14:17 -06:00
William Vu f24da1b178 Add file checking to printer_delete_file 2015-02-25 18:14:13 -06:00
William Vu dc3ba40e5d Add file checking to printer_upload_file 2015-02-25 18:13:36 -06:00
William Vu ed9213eb4c Add fsquery check to fs{download,delete} methods 2015-02-25 17:37:20 -06:00
William Vu ea5b6f66d4 Add UEL to fsdownload method 2015-02-25 17:35:34 -06:00
William Vu a543eccdb4 Add FSQUERY test to spec 2015-02-25 17:18:29 -06:00
William Vu 5d3c7f3b4a Add fsquery method 2015-02-25 17:18:23 -06:00
Tod Beardsley 2edd268275
Land #4816, switch to rb-readline-r7 
Fixes #4816

See also MSP-12070
 2015-02-25 17:10:08 -06:00
William Vu 1f981dd336 Add FSQUERY constant 2015-02-25 17:00:27 -06:00
William Vu af5e0ec0d6 Update spec with a couple more cases 
Also fix a bad copypasta.
 2015-02-25 16:43:40 -06:00
William Vu 513d11ce93 Complete replacement of "pathname" with "path" 
See e8c2c3687d.
 2015-02-25 15:52:26 -06:00
William Vu b3d4fc798f Add printer_delete_file module 2015-02-25 15:47:53 -06:00
William Vu c95855ff11 Add fsdelete test to spec 2015-02-25 15:44:12 -06:00
William Vu 91f0713056 Add fsdelete method 2015-02-25 15:41:40 -06:00
William Vu a096a17e21 Add FSDELETE constant 2015-02-25 15:39:51 -06:00
William Vu 90d179e56f Add printer_upload_file module 2015-02-25 15:01:01 -06:00