infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
22,839 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

1506 Commits (ccd12e66a79aecf695fc36d26ec56bea12f81797)

Author SHA1 Message Date
Rob Fuller cdc6a863dd Add another default owa url 
Its not default, but not uncommon to find /exchange/ NTLM protected
 2013-11-07 08:50:22 -05:00
sinn3r b34b4ac2b6 Update the java stuff again 2013-11-07 00:57:20 -06:00
sinn3r 991240a87e Support java version detection 2013-11-07 00:54:52 -06:00
OJ 715fdc05ec
Updated meterpreter binaries 
Includes the following changes:

* Security cleanup - remove use of insecure functions
* Windows 8/8.1/2012 R2 support to sysinfo
* VS 2013 upgrade
* Command dispatcher refactor
* Getproxy command added (needs MSF side too)
 2013-11-07 14:31:54 +10:00
sinn3r cf5d9c7f01 Add case for IE10 + Win 7 SP1 detection 2013-11-06 11:41:36 -06:00
sinn3r 5f2d8358c0 Be more browser specific with Javascript generation 2013-11-05 01:04:52 -06:00
joev 5f85ede389 Prevent xhr shim from leaking. 2013-11-02 16:47:50 -05:00
joev 90d8da6a21 Fix some bugs in my edits, add a spec. 2013-11-02 16:46:33 -05:00
joev c7c1fcfa98 Pull shared XHR shim out, add option to static Js module method. 
* Moves shim to data/js/network/xhr_shim.js
* Add some yardoc comments
 2013-11-02 14:52:50 -05:00
sinn3r 391360d67f Update xmlhttprequest 2013-10-31 16:09:05 -05:00
sinn3r 6e7e5a0ff9 Put postInfo() in the js directory 2013-10-31 13:55:22 -05:00
joev 4425cf1dc1 Add support for firefox 25. 
Also replaces a bunch of missing semicolons.
 2013-10-30 12:19:22 -05:00
jvazquez-r7 2b5e2df94e
Land #2568, @h0ng10's update of SAP url's wordlist 2013-10-28 09:01:33 -05:00
jvazquez-r7 e88e523eaa Delete newline 2013-10-28 09:01:00 -05:00
Meatballs e18dd3ec0b
Use base64 to reduce size 2013-10-25 01:19:43 +01:00
Tod Beardsley 27739a0351
Meterpreter bins after Meterpreter PR 32 
Protects against potential BOFs due to strcpy usage.

These binaries were built against meterpreter master after
https://github.com/rapid7/meterpreter/pull/32 landed.

The CI tests can be seen here:

https://ci.metasploit.com/view/Meterpreter/job/MeterpreterWin/75/

Note, this commit is signed. Your merge commit should be signed, too, so
people can be assured that nobody is backdooring Meterpreter on the sly.
 2013-10-24 15:15:49 -05:00
Tod Beardsley b5f26455a3
Land #2545, javascript library overhaul 2013-10-23 16:12:49 -05:00
h0ng10 a834fec889 Added URL for PT-2013-13/SAP Note 1820894 2013-10-23 21:20:18 +02:00
h0ng10 e02bf0cce6 Added /AdapterFramework/version/version.jsp 2013-10-23 21:09:19 +02:00
sinn3r 19615ac4b7 Apparently I missed a lot of stuff 2013-10-21 21:02:01 -05:00
Tod Beardsley 824dd84982 Merge remote-tracking branch 'upstream/pr/2500' into temp 2013-10-21 14:26:05 -05:00
Meatballs1 1717a98ba3 Update to_exe.vbs.template 
Rename values
 2013-10-21 13:49:09 +01:00
sinn3r 8a94df7dcd Change category name for base64 2013-10-18 21:20:16 -05:00
sinn3r 62dadc80d3 Make sure the data type for the return value is a string 2013-10-18 21:08:46 -05:00
sinn3r 711399bb34 Update property_spray.js 2013-10-18 20:56:00 -05:00
sinn3r e1ca2d2730 Fix mstime_malloc.js 2013-10-18 20:49:33 -05:00
sinn3r 298f23c91c Fix extra slashes that cause browser autopwn to fail. 2013-10-18 20:43:39 -05:00
Meatballs 2ef89eaf35
Randomize exe name 2013-10-18 19:01:28 +01:00
Meatballs 56aa9ab01c
Reduce size 2013-10-18 18:59:30 +01:00
OJ 827bf23979
Updated binaries with railgun crash fixes 2013-10-18 19:43:17 +10:00
sinn3r c926fa710b Move all exploitation-related JavaScript to their new home 2013-10-17 16:43:29 -05:00
Tod Beardsley bd405277d9
Add a default Samsung community string 
See http://www.kb.cert.org/vuls/id/281284

and

http://www.h-online.com/security/news/item/Samsung-network-printer-vulnerability-discovered-Update-2-1757967.html
 2013-10-17 10:35:59 -05:00
Spencer McIntyre 6f23e95c14 Fix an endianess issue in pymeterpreter registry_query_value. 2013-10-12 23:39:22 +01:00
Meatballs 378f403fab
Land #2453, Add stdapi_net_resolve_host(s) to Python Meterpreter. 
Moves resolve_host post module to multi and depreciates Windows module.
Resolve will now return nil for failed lookups instead of an empty
string.
 2013-10-10 20:13:06 +01:00
g0tmi1k 6b004086ea Removed SVN from msfupdate 2013-10-10 12:25:00 +00:00
OJ b477ae369b
Updated stdapi binaries with railgun fix 
Changes are from https://github.com/rapid7/meterpreter/pull/28
 2013-10-10 16:03:38 +10:00
OJ 0a194b203d
Updated sniffer binaries 
These updated binaries include a packet-sniffer fix which results in
sniffing working on x86 builds of Windows 8 and Windows 8.1.
 2013-10-09 07:38:54 +10:00
Spencer McIntyre 7414dff958 Add fault tolerance for resolve_hosts. 2013-10-04 08:51:13 -04:00
sinn3r bc8604f151 Use safe_negate_size for hxds 2013-10-03 23:15:29 -05:00
sinn3r 63d7b8c309 Use safe_negate_size for java 2013-10-03 23:13:57 -05:00
sinn3r ab62af220b Use safe_negate_size key for msvcrt (XP) 2013-10-03 23:12:58 -05:00
jvazquez-r7 9df676ca7e
Land #2447, @wchen-r7's new msvcrt ROP chains without nulls 2013-10-03 22:38:29 -05:00
Spencer McIntyre ecf286a8c4 Add support for stdapi_net_resolve_host. 2013-10-03 10:31:54 -04:00
James Lee 56b6f0be02 Add bins for #2443 
See #740 and meterpreter#26
 2013-10-01 23:47:24 -05:00
sinn3r cd1f023f72 Update msvcrt.dll ROP chain for Windows Server 2003 2013-10-01 16:18:57 -05:00
sinn3r 14d99ffbdb Update Win XP msvcrt.dll ROP 
This updated ROP chain for msvcrt.dll does not have any null bytes.
 2013-10-01 15:00:43 -05:00
sinn3r 7c6c8291e2 Add ROP chains for Office 2007 and Office 2010 (hxds.dll) 
This adds two ROP chains for Office 2007 and Office 2010 based on
hxds.dll.
 2013-10-01 01:33:35 -05:00
Tab Assassin 2e8d19edcf Retab all the things (except external/) 2013-09-30 13:47:53 -05:00
Meatballs e806047411
Add MSI bins 2013-09-27 20:03:19 +01:00
Meatballs 8a9843cca6
Merge upstream/master 2013-09-27 20:02:23 +01:00
Meatballs 9fde8bee2b Merge branch 'master' of github.com:rapid7/metasploit-framework into upstream-master 2013-09-27 18:12:17 +01:00
Tod Beardsley 869c10af04
Land #2396, aspx-exe shellcode generator 
Looks good to me, specs are all happy (also added a #to_h spec)
 2013-09-27 11:42:16 -05:00
OJ c38f3b4a56 New meterpreter binaries 
New binaries contain fixes for:

* kitrap0d crashing during `getsystem` calls.
    * https://github.com/rapid7/meterpreter/pull/23
* Meterpreter crashing on XP SP0 in certain scenarios.
    * https://github.com/rapid7/meterpreter/pull/21
 2013-09-27 09:31:53 +10:00
Meatballs 079eec0aea Compile.bat and gitignore 2013-09-21 13:14:01 +01:00
Meatballs 85ea9ca05a Merge branch 'master' of github.com:rapid7/metasploit-framework into msi_payload 2013-09-21 12:49:38 +01:00
Meatballs 1bd1c3587d No UAC prompt MSI 2013-09-21 12:47:58 +01:00
OJ 3cdddb8ff3
New meterpreter binaries for ip resolv feature 
* New meterpreter binaries that include the IP resolve feature.
* Updated .gitignore to correctly match pivot file name.
 2013-09-21 07:12:40 +10:00
Meatballs 11bdf5d332 New pull 2013-09-19 19:57:38 +01:00
James Lee dc9246a770 New compiled bins for shiny vs2012 build 
* Fixes x64 sniffer [FixRM #8364]
 2013-09-17 18:11:13 -05:00
James Lee 21055f6856 Add x86 to meterpreter's binary suffix 
This makes x86 more consistent with x64.

Also replaces a bunch of instances of:
  File.join(Msf::Config.install_root, 'data', ...)
with the simpler
  File.join(Msf::Config.data_directory, ...)

[See rapid7/meterpreter#19]
 2013-09-16 21:52:04 -05:00
jvazquez-r7 299860b09d Land #2329, @kaospunk auxiliary module to enumerate ntlm info 2013-09-16 08:16:30 -05:00
James Lee 705e262061 Non-broken compiled bins for meterpreter/#14 
Somehow built bins with fatal linker errors last time. These seem to be
solid.

[SeeRM #8361]
 2013-09-12 23:36:05 -05:00
James Lee 9dae838422 New compiled bins for meterpreter/#14 
Should fix the flakiness of migrataion on 64-bit systems.

[FixRM #8361]
 2013-09-12 22:34:31 -05:00
Spencer McIntyre e3e2c69de1 Fix additional issues in the python meterpreter. 2013-09-10 15:06:33 -04:00
Tab Assassin 48cf2af685 Merge for retab 2013-09-05 16:16:00 -05:00
Tab Assassin 760943af2f Merge for retab 2013-09-05 13:02:51 -05:00
kaospunk 533643fe2c Host Information Enumeration via NTLM Authentication 
This aux module makes requests to resources on the target server in
an attempt to find resources which permit NTLM authentication. For
resources which permit NTLM authentication a blank NTLM type 1 message
is sent to enumerate a a type 2 message from the target server. The type
2 message is then parsed for information such as the Active Directory
domain and NetBIOS name.

The user can provide their own TARGETURIS file which contains URIs
to request to attempt to get a 401 with NTLM. This PR also includes
a list of URLs that can be used as the default.
 2013-09-04 21:39:02 -04:00
jvazquez-r7 94125a434b Add module for ZDI-13-205 2013-09-04 15:57:22 -05:00
Spencer McIntyre d84939c83b Fixes three minor issues in the python meterpreter. 2013-08-30 15:31:40 -04:00
Meatballs 1ea3d91f48 Lands #2244 Python Meterpreter 
[Closes #2244]
 2013-08-30 14:33:35 +01:00
Meatballs 53c3f6b2db Deconflict 2013-08-30 10:52:42 +01:00
James Lee eba6762977 Land #2270, Util::EXE refactor 
With a minor rebase to fix a commit message

[Closes #2270]

Conflicts:
	spec/support/shared/contexts/msf/util/exe.rb
 2013-08-28 21:49:59 -05:00
shellster ee9b1ef8e0 Greatly shortened to_mem_old.ps1.template by using [Math]::max. 
Added necessary end of line conversion in lib/msf/util/exe.rb so
that Powershell will parse multiline strings.
 2013-08-28 21:39:42 -05:00
James Lee 9f04fa6ab4 Add metsrv.dll updates for proxy support 
See #1033, #2014, and meterpreter/#12
 2013-08-28 21:18:59 -05:00
Spencer McIntyre f490277c6d Always os.fork() when available. 2013-08-28 17:19:49 -04:00
Meatballs 96c093dce0 Fix Exploit::Exe 2013-08-25 19:56:29 +01:00
Meatballs 66ee15f461 Merge and deconflict 2013-08-25 19:14:15 +01:00
Meatballs cf5ddfeebf Some war fixes 2013-08-23 18:59:48 +01:00
Meatballs dfc606fe56 Slightly saner filenames 2013-08-23 18:06:48 +01:00
Meatballs 41b1b30438 vba transform 2013-08-23 18:00:19 +01:00
Meatballs cd83077bec Fix vba_exe 2013-08-23 17:42:46 +01:00
Meatballs 4d21b06f4f Aspx uses transform 2013-08-23 17:22:33 +01:00
Meatballs 1cb1afa50a Fix aspx 2013-08-23 17:09:51 +01:00
Meatballs dd13a7e48f Working .asp 2013-08-23 16:55:07 +01:00
Meatballs 7370fc3f4e vbs transform 2013-08-23 16:26:03 +01:00
Meatballs 5040347521 Fix psh and add powershell transform 2013-08-23 15:59:19 +01:00
Meatballs 418505adc9 Fix psh-net 2013-08-23 15:21:26 +01:00
Meatballs cfd6c66ffd Fix VBS 2013-08-23 14:35:19 +01:00
shellster 86a83391fd Merge remote-tracking branch 'upstream/master' 2013-08-21 16:16:20 -07:00
Shelby Spencer c2cf822013 Commit adding the template scripts. 2013-08-20 16:52:58 -07:00
Spencer McIntyre e276b57ee7 Merge remote-tracking branch 'upstream/master' into python-meterpreter-dev 2013-08-19 08:37:12 -04:00
jvazquez-r7 795ad70eab Change directory names 2013-08-15 22:52:42 -05:00
jvazquez-r7 cc5804f5f3 Add Port for OSVDB 96277 2013-08-15 18:34:51 -05:00
Spencer McIntyre 71285f395d Sort import statements alphabetically. 2013-08-15 09:27:13 -04:00
Spencer McIntyre fcf2d4bf19 Remove debug print and fix channel additions. 2013-08-13 12:50:52 -04:00
Spencer McIntyre fdc9312272 Add process enumeration via PS for OSX. 2013-08-12 16:38:15 -04:00
Spencer McIntyre dd2438dd1e Improve process execution on Linux. 2013-08-09 10:39:19 -04:00
Spencer McIntyre 3fb4c2d27c Add Windows registry manipulation support. 2013-08-09 08:39:05 -04:00
Spencer McIntyre f3f4290783 Add process enumeration for windows. 2013-08-06 22:33:43 -04:00
Spencer McIntyre 2d69174c5b Initial commit of the python meterpreter. 2013-08-05 23:38:49 -04:00