jvazquez-r7
c8778587f5
rename the xml template for s4u
2013-02-18 15:25:03 +01:00
jvazquez-r7
be0feecf8f
Merge branch 's4u_persistence' of https://github.com/smilingraccoon/metasploit-framework into smilingraccoon-s4u_persistence
2013-02-18 15:22:37 +01:00
Chris John Riley
6519444112
Addition defaults
2013-02-15 13:35:25 +01:00
Chris John Riley
5df03f790b
Remove end of line spaces and rerun uniq
2013-02-15 13:31:35 +01:00
Chris John Riley
fb7d0159c3
Further URLs
2013-02-15 13:26:44 +01:00
Chris John Riley
21366dd4df
Updated SAP URL list to include further known URLs
2013-02-15 13:20:23 +01:00
sinn3r
398e6cb202
Merge branch 'rsmudge-armitage'
2013-02-13 10:38:30 -06:00
Raphael Mudge
596b62b831
Armitage 02.12.13 - Distributed Operations
...
This update adds the ability to manage multiple team server instances
through one Armitage client. This update also adds nickname completion
to the event log. Several bug fixes are included too.
2013-02-11 21:20:03 -05:00
jvazquez-r7
41564fd51d
Merge branch 'aux-word_unc_injector.rb' of https://github.com/SphaZ/metasploit-framework into SphaZ-aux-word_unc_injector.rb
2013-02-11 15:05:27 +01:00
smilingraccoon
3a499b1a6d
added s4u_persistence.rb
2013-02-10 14:22:36 -05:00
scriptjunkie
447f78cb24
Handle nonstandard ports when starting new msfrpcd.
2013-02-04 17:24:41 -06:00
SphaZ
24de0d2274
Data files moved. Updated to use Rex::zip and Msf::Exploit::FILEFORMAT
2013-02-04 13:37:09 +01:00
Tod Beardsley
293f9da5cf
Merge branch 'bug/pro-only-models'
...
Updates to use MDM 0.4.0 (was using 0.3.0)
2013-01-31 16:14:51 -06:00
jvazquez-r7
d0ecb617c3
Merge branch 'joomla-scanner' of https://github.com/Newpid0/metasploit-framework into Newpid0-joomla-scanner
2013-01-25 21:47:05 +01:00
f8lerror
bf2b01f8ef
Delete a file and strip space
2013-01-24 09:30:04 -05:00
f8lerror
6e94c04a52
Code Corrections and Enhancements
2013-01-23 20:26:23 -05:00
sinn3r
e376bb6fab
Merge branch 'rsmudge-armitage'
2013-01-22 22:52:35 -06:00
Raphael Mudge
8c86c49d43
Armitage 01.23.13
...
This update to Armitage adds the ability to assign labels to hosts
and create dynamic workspaces based on these labs. This update also
adds helpers to configure USERNAME/PASSWORD options and EXE::Custom
and EXE::Template. Several bugs were fixed as well.
2013-01-22 22:48:16 -05:00
jvazquez-r7
807bd6e88a
Merge branch 'java_jre17_glassfish_averagerangestatisticimpl' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-java_jre17_glassfish_averagerangestatisticimpl
2013-01-22 15:33:39 +01:00
jvazquez-r7
78279a0397
Added new module for cve-2012-5076
2013-01-17 21:27:47 +01:00
jvazquez-r7
d0b9808fc7
Added module for CVE-2012-5088
2013-01-17 21:14:49 +01:00
f8lerror
0b61d28e0e
added Joomla scanner and url wordlist
2013-01-17 11:36:59 -05:00
jvazquez-r7
51f3f59d2f
cve and references available
2013-01-11 00:54:53 +01:00
Luke Imhoff
f8e1ccc27e
Remove cred_files migration
...
[#41837027 ]
Mdm::CredFile is only used in Pro, so for metasploit_data_models 0.4.0,
Mdm::CredFiles has been moved to Pro, so the migration has been moved to
Pro too.
2013-01-10 17:50:00 -06:00
jvazquez-r7
876d889d82
added exploit for j7u10 0day
2013-01-10 20:30:43 +01:00
Sam Gaudet
7d1716b79f
Turnkey Linux default password
2013-01-08 22:47:53 -05:00
Raphael Mudge
5348127fd2
Metasploit 4.5 Installer Environment Tweak
...
Armitage on Windows requires the user to specify their MSF
install folder. This tweak checks for an MSF 4.5 environment
and updates the specified folder to make everything work.
Like magic.
2013-01-04 13:08:47 -05:00
Raphael Mudge
a79f2fa8d1
Armitage Updates and Bug Fixes
...
This is Armitage release 01.04.13. This update fixes several bugs
and improves the user experience launching *_login modules from
Armitage. This update adds a Windows 8 icon and includes a fix to
better work with the Metasploit 1.45 installer's environment.
2013-01-04 12:05:09 -05:00
jvazquez-r7
133ad04452
Cleanup of #1062
2012-12-07 11:55:48 +01:00
HD Moore
5e44987271
Really fix this by resetting schema cache
2012-12-06 06:33:46 -08:00
HD Moore
a5b3be6dfa
Fix a conflicting rename that breaks ActiveRecord
2012-12-06 06:14:49 -08:00
HD Moore
087b2c39ae
Whitespace cleanup only
2012-12-06 06:13:53 -08:00
jvazquez-r7
b7f304f0db
added build exec_payload.msi
2012-11-28 21:51:01 +01:00
Tod Beardsley
8d6289d8d6
Merge remote branch 'rsmudge/armitage'
2012-11-26 10:52:06 -06:00
Raphael Mudge
a2615102c9
Armitage 11.26.12 - several usability enhancements and bug fixes.
2012-11-25 20:51:32 -05:00
sinn3r
e6208a7993
Merge branch 'guiOptions' of git://github.com/scriptjunkie/metasploit-framework into scriptjunkie-guiOptions
2012-11-19 10:09:54 -06:00
jvazquez-r7
24fe043960
Merge branch 'samba' of https://github.com/mephos/metasploit-framework into mephos-samba
2012-11-19 14:13:15 +01:00
jvazquez-r7
eddea29568
Merge branch 'sap_soap_rfc_brute_login' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_brute_login
2012-11-18 21:36:54 +01:00
scriptjunkie
39dee758e6
Remember last options used for each module, and fill them in by default.
2012-11-17 10:08:45 -06:00
Tasos Laskos
8a9f0a0890
Merge remote-tracking branch 'upstream/master' into web-modules
2012-11-14 18:10:41 +02:00
jvazquez-r7
5076198ba2
fixing bperry comments
2012-11-11 20:18:19 +01:00
jvazquez-r7
8619c5291b
Added module for CVE-2012-5076
2012-11-11 17:05:51 +01:00
Tasos Laskos
7032ef0f6f
Merge remote-tracking branch 'upstream/master' into web-modules
2012-11-09 00:21:38 +02:00
nmonkee
f521e70bee
wordlists to accompany sap_soap_rfc_brute_login.rb
2012-11-07 10:46:36 +00:00
David Maloney
c30ada5eac
Adds temp vbs mod and tweaked decoder stub
2012-11-04 12:49:15 -06:00
Tasos Laskos
385d225305
Updated support for Web modules and analysis techniques (committing to new clean branch due to corruption)
2012-11-01 21:14:38 +02:00
m m
f7481b160c
add centos5 target
2012-10-31 18:21:41 +01:00
m m
f819ec8e75
typo
2012-10-30 17:19:23 +01:00
m m
3855ba88b1
add meterpreter/command support to samba exploit using ROP
2012-10-29 17:33:00 +01:00
Raphael Mudge
eee6248795
Armitage 10.16.12 - a lot of bug fixes.
2012-10-15 19:19:31 -04:00
jvazquez-r7
b4485fdb2b
added chm templates
2012-10-10 19:21:47 +02:00
sinn3r
858fd9ff43
Merge branch 'ropdb' of https://github.com/wchen-r7/metasploit-framework
2012-10-03 15:21:11 -05:00
sinn3r
ba1b65742e
Separate XML for various DLLs.
2012-10-02 11:27:10 -05:00
sinn3r
f2c7731b39
Add RopDb mixin
2012-10-01 17:09:01 -05:00
Cristiano Maruti
75f5e24178
Dell iDrac login aux scanner
2012-09-27 01:33:11 -05:00
scriptjunkie
10e1574d8a
Bugfix with dragging tabbed panes when right-clicked.
...
Also don't displaly annoying null pointer error when no connection.
2012-09-22 16:32:18 -05:00
James Lee
ac2ec99fb7
Add bin for mephos' netstat fixes
...
[Closes #777 ]
2012-09-12 16:57:17 -05:00
James Lee
46dfeec402
Adds meterpreter bins all compiled with the same VS
...
Not sure exactly what was causing the breakage, but using bins compiled
with the same version of Visual Studio seems to have fixed the issue.
[FixRM #7233 ]
2012-09-11 14:16:21 -05:00
sinn3r
c4fb285288
Merge branch 'armitage' of https://github.com/rsmudge/metasploit-framework into rsmudge-armitage
2012-09-05 13:48:09 -05:00
Raphael Mudge
e8b3f0193b
Armitage 09.05.12 - this release detects several user errors on startup (incorrect permissions, whitespace in the host/port/user/pass parameters, etc.). This release also cleans up the token stealing dialog.
2012-09-05 01:54:28 -04:00
h0ng10
2b6aa6bbdb
Added Exploit for deployfilerepository via JMX
2012-09-03 13:50:16 -04:00
James Lee
44801c217d
Linux bins for #609
2012-08-29 14:09:37 -05:00
James Lee
5a5ca66bff
Merge branch 'mephos-arp-linux' into rapid7
2012-08-29 11:19:04 -05:00
Patrick Webster
be63aad0d1
Added Windows wordlist.
2012-08-29 10:51:09 +10:00
James Lee
049494752c
Bins for #609 , adds netstat and arp cmds
2012-08-28 18:21:57 -05:00
jvazquez-r7
363c0913ae
changed dir names according to CVE
2012-08-28 16:33:01 +02:00
jvazquez-r7
52ca1083c2
Added java_jre17_exec
2012-08-27 11:25:04 +02:00
sinn3r
f715527423
Improve CVE-2012-1535
2012-08-21 19:58:21 -05:00
Tod Beardsley
f46545db58
Merge pull request #700 from rsmudge/armitage
...
Armitage 08.16.12
2012-08-18 05:55:26 -07:00
Raphael Mudge
a6e50497f0
Armitage 08.16.12 - several little fixes and updates. Nothing to write home to mom about.
2012-08-17 16:25:22 -04:00
sinn3r
13df1480c8
Add exploit for CVE-2012-1535
2012-08-17 12:16:54 -05:00
jcran
0a6e0b2415
raspberry pi username / password
2012-08-15 01:55:40 -05:00
James Lee
ce94bc2628
Add posix bins for previous commits
...
This includes 2 bug fixes:
1) Returning a handle with execute
2) Bug in process_channel_read that caused the following to always
return nil or a single byte:
p = client.sys.process.execute("id", "-u", "Channelized"=>true)
p.channel.read
[SeeRM #7005 ][See #681 ]
2012-08-09 18:35:01 -06:00
HD Moore
fac4ba270c
Merge pull request #662 from rsmudge/armitage
...
Armitage 08.02.12 - adds Cortana scripting technology.
2012-08-02 14:31:11 -07:00
Raphael Mudge
32ee1263f9
Armitage 08.02.12 - adds Cortana scripting technology.
2012-08-02 13:24:15 -04:00
HD Moore
c4fa86da93
Add missing 64-bit sniffer DLL
2012-08-02 11:33:11 -05:00
m m
5531fd18a0
Really limit packet count and data in linux sniffer
...
Squashed commit of the following:
commit 57795ff9c33a53167fca85845b96b82b5c92315f
Author: James Lee <egypt@metasploit.com>
Date: Wed Aug 1 14:13:20 2012 -0600
Add recompiled sniffer bin for linux
commit 0e11fdb06fcb9771a11eb631e6f10ec7a2d315f3
Author: m m <gaspmat@gmail.com>
Date: Thu Jul 12 15:08:10 2012 +0200
really limit packet count and data in linux sniffer
[Closes #605 ]
2012-08-01 14:16:00 -06:00
James Lee
e200f43183
Squashed commit of the following:
...
commit 1de16b41c8808df2919706eaa8cc89ae44d9b591
Author: m m <gaspmat@gmail.com>
Date: Mon Jul 9 21:55:32 2012 +0200
typo
commit a396b55018175f3eb2a83baecb1ec601cc99eef4
Author: m m <gaspmat@gmail.com>
Date: Mon Jul 9 21:51:32 2012 +0200
various posix meterpreter bugfixes
[Closes #584 ]
[FIXRM #7042 ]
2012-07-19 15:56:47 -06:00
m m
6605e2910c
Squashed commit of the following:
...
commit f0a1d2ad004e5c77cc4d5dcc71935aa530f1729f
Author: m m <gaspmat@gmail.com>
Date: Tue Jul 17 11:56:43 2012 +0200
linux meterpreter : correct netmask computation
[Closes #613 ]
2012-07-19 14:22:39 -06:00
HD Moore
430351fe79
Better handle of module cache when db_connect is run manually
2012-07-10 23:56:48 -05:00
LittleLightLittleFire
e9ac90f7b0
added CVE-2012-1723
2012-07-10 12:20:37 +10:00
jcran
8d3ad94f3a
enhanced tftp.txt bruteforce list
2012-07-05 22:54:22 -04:00
sinn3r
6dee4781df
Merge branch 'armitage' of https://github.com/rsmudge/metasploit-framework into rsmudge-armitage
2012-07-05 18:47:07 -05:00
Raphael Mudge
6c53dffa50
Armitage 07.05.12
...
This release fixes a few small bugs.
2012-07-05 18:19:59 -04:00
HD Moore
c31f70cfb6
Switch to METERPRETER_UA as intended
2012-07-02 00:02:47 -05:00
HD Moore
27bdf78a5a
Add support for user-agent control
2012-06-30 23:00:08 -05:00
Tod Beardsley
414214eb9d
Permissions.
2012-06-28 11:42:37 -05:00
jvazquez-r7
6ec990ed85
Merge branch 'Openfire-auth-bypass' of https://github.com/h0ng10/metasploit-framework into h0ng10-Openfire-auth-bypass
2012-06-27 23:09:26 +02:00
h0ng10
428ae21928
Changed readme.html file (was from the statistics plugin)
2012-06-26 12:03:52 -04:00
h0ng10
6cc8390da9
Module rewrite, included Java support, direct upload, plugin deletion
2012-06-26 11:56:44 -04:00
HD Moore
85faf53c5d
Compromise on MDM counter cache initialization
2012-06-25 13:52:48 -07:00
HD Moore
13b4cb7e88
Revert "Remove reset_column_information (breaks badly)"
...
This reverts commit 02e124a330
.
2012-06-25 13:52:48 -07:00
HD Moore
fce5ff00ca
Revert "Remove column reset - triggers issue with existing columns"
...
This reverts commit f479fae6aa
.
2012-06-25 13:52:47 -07:00
HD Moore
f479fae6aa
Remove column reset - triggers issue with existing columns
2012-06-25 10:20:48 -07:00
HD Moore
02e124a330
Remove reset_column_information (breaks badly)
2012-06-25 10:08:38 -07:00
HD Moore
4c0877954e
Rename migrations to avoid collisions during merge
2012-06-25 02:22:35 -05:00
HD Moore
3a40dac7d1
Merge branch 'master' into feature/vuln-info
2012-06-25 00:37:01 -05:00
HD Moore
6a91626d94
Permissions
2012-06-25 00:36:39 -05:00
HD Moore
348a0b8f6e
Merge branch 'master' into feature/vuln-info
2012-06-24 23:00:13 -05:00
HD Moore
75f1484d63
Respin of binaries to remove debug output
2012-06-24 13:40:27 -05:00
HD Moore
6e61878393
Respin of meterpreter bins (add Win 8 to sysinfo, fix a few bugs)
2012-06-24 13:27:10 -05:00
h0ng10
65197e79e2
added Exploit for CVE-2008-6508 (Openfire Auth bypass)
2012-06-24 07:35:38 -04:00
sinn3r
54309c3c3d
Merge branch 'armitage' of https://github.com/rsmudge/metasploit-framework into rsmudge-armitage
2012-06-24 02:25:38 -05:00
Raphael Mudge
322e0766a1
Armitage 06.23.12
2012-06-23 13:03:55 -04:00
jvazquez-r7
b891e868f5
Added actionscript and swf needed
2012-06-23 08:36:35 +02:00
sinn3r
d7d314862f
Need the trigger to actually make it work, duh!
2012-06-22 23:16:12 -05:00
Tod Beardsley
572fb4cb0c
Permissions fix
2012-06-21 15:39:17 -05:00
HD Moore
f7ecc98923
Merge branch 'master' into feature/vuln-info
2012-06-20 13:34:53 -05:00
sinn3r
79fc053a2e
Merge branch 'module-CVE-2011-2110' of https://github.com/mrmee/metasploit-framework into mrmee-module-CVE-2011-2110
2012-06-19 22:05:07 -05:00
Steven Seeley
fcf42d3e7b
added adobe flashplayer array indexing exploit (CVE-2011-2110)
2012-06-20 12:52:37 +10:00
HD Moore
d5768080bf
Add a fail_message to attempts and fix bugs
2012-06-19 00:48:39 -05:00
HD Moore
ffdcea6a0a
Permissions, ignore
2012-06-18 18:12:51 -05:00
HD Moore
e8ad66b799
Exploit attempt tracking is mostly complete
2012-06-17 23:00:21 -05:00
HD Moore
8709473e72
Add fullname to modules, load mixins, fix platform
2012-06-17 11:57:33 -05:00
HD Moore
b4b1a4168e
Add missing module_detail_id's and references
2012-06-17 01:44:32 -05:00
HD Moore
e4fffc36de
Move to one to many instead of m2m for module_detail tracking
2012-06-17 01:21:38 -05:00
HD Moore
03b29fff68
Merge up the latest, does not automaticlly load
...
the module tree into the database right now.
2012-06-14 04:35:43 -05:00
HD Moore
a6070f8584
Tweak schema (type gets mangled by AR), add caching routine
2012-06-14 03:27:36 -05:00
HD Moore
1401ec0b19
Keep ID columns for record mgmt
2012-06-14 01:50:08 -05:00
HD Moore
80db388354
Fix up the schema relationships
2012-06-14 00:23:23 -05:00
HD Moore
2aa9de7f63
Fix the boolean definition
2012-06-13 22:16:59 -05:00
HD Moore
1bdd8dc533
Fix the constant
2012-06-13 22:15:58 -05:00
HD Moore
d48a99146f
Add the migration for new module_details tables
2012-06-13 22:07:56 -05:00
HD Moore
5922ec1f7a
Permissions
2012-06-12 15:20:25 -05:00
HD Moore
7a449bffe2
Permissions
2012-06-12 15:19:41 -05:00
HD Moore
6290bba71b
Merge branch 'master' into feature/vuln-info
2012-06-12 12:41:41 -05:00
HD Moore
21ea539648
Permissions
2012-06-12 11:50:28 -05:00
Michael Schierl
34ecc7fd18
Adding @schierlm 's AES encryption for Java
...
Tested with and without AES, works as advertised. Set an AESPassword,
get encryptification. Score.
Squashed commit of the following:
commit cca6c5c36ca51d585b8d2fd0840ba34776bc0668
Author: Michael Schierl <schierlm@gmx.de>
Date: Wed Apr 4 00:45:24 2012 +0200
Do not break other architectures
even when using `setg AESPassword`
commit 422d1e341b3865b02591d4c135427903c8da8ac5
Author: Michael Schierl <schierlm@gmx.de>
Date: Tue Apr 3 21:50:42 2012 +0200
binaries
commit 27368b5675222cc1730ac22e4b7a387b88d0d2b3
Author: Michael Schierl <schierlm@gmx.de>
Date: Tue Apr 3 21:49:10 2012 +0200
Add AES support to Java stager
This is compatible to the AES mode of the JavaPayload project.
I'm pretty sure the way I did it in the handlers (Rex::Socket::tcp_socket_pair())
is not the supposed way, but it works :-)
2012-06-11 16:13:25 -05:00
HD Moore
d975d1a236
Add counter caches for host_details, vuln_details, vuln_attempts
2012-06-10 17:15:53 -05:00
HD Moore
beefea6fb9
Merge branch 'master' into feature/vuln-info
2012-06-10 12:54:58 -05:00
HD Moore
9dcb3059f8
MDM update
2012-06-10 03:46:58 -05:00
HD Moore
7c8cb2d79e
Add vuln_attempts, track exploit attempts when a matching vuln exists.
...
This also fixes an issue with report_vuln() from exploited hosts not
setting the service correctly. This introduces a fail_reason method
to the exploit base class, which attempts to determine why an exploit
did not work (closed port, unreachable host, missing page, etc). There
is still quite a bit of work to do around this to finish it up.
2012-06-10 03:15:48 -05:00
sinn3r
4743c9fb33
Add MS12-005 (CVE-2012-0013) exploit
2012-06-10 01:08:28 -05:00
HD Moore
55bdbb6ec9
Merge branch 'master' into feature/vuln-info
2012-06-09 01:37:11 -05:00
HD Moore
e840f7e9ee
Add additional host detail columns and parsers
2012-06-09 00:43:03 -05:00
James Lee
1be9ce8649
Fixes command parsing in Post::Common
...
The meterpreter API wants arguments in a seperate string (not an array,
mind you) just so it can concatenate them on the server side.
Originally, I worked around that by using Shellwords.shellwords to pull
out the first token. But! Shellwords.shellwords inexplicably and
inexcusably removes backslashes in ways that make it impossible to quote
things on Windows. This commit works around both of those things.
2012-06-07 22:24:59 -06:00
Raphael Mudge
68dd0cd497
Armitage 06.07.12 - improved collaboration performance and fixed two bugs.
2012-06-07 13:16:16 -04:00
HD Moore
49b3c9b0e8
More cleanup related to vuln schema
2012-06-07 04:42:16 -05:00
HD Moore
42c3bedfad
Merge MDM, add migrations, tweak report_vuln
2012-06-07 00:40:26 -05:00
HD Moore
e8af6882eb
Permissions
2012-06-06 20:05:29 -05:00
jvazquez-r7
93741770e2
Added module for CVE-2011-3400
2012-06-05 18:21:55 +02:00
Joe Vennix
315d68b6f5
Add fix for counter_cache migration to keep from throwing readonly column error.
2012-06-01 13:31:00 -05:00
Joe Vennix
c5c1e71b32
Add migrations for counter_cache columns to framework.
2012-06-01 12:07:08 -05:00
Raphael Mudge
b5f1554caf
Adding rsmudge's Armitage update
...
Squashed commit of the following:
commit 60be1b2d1d66134c54c82857a569bbf3a005baf8
Author: Raphael Mudge <rsmudge@gmail.com>
Date: Wed May 30 19:43:07 2012 -0400
Armitage 05.30.12
A small collection of bug fixes.
2012-05-30 19:20:14 -05:00
jvazquez-r7
287d68f304
added module for CVE-2008-0320
2012-05-23 17:14:11 +02:00
sinn3r
3f1a72932e
Merge pull request #401 from rsmudge/armitage
...
Armitage 05.21.12
2012-05-20 20:01:12 -07:00
Raphael Mudge
c14a3e655e
Armitage 05.21.12
...
This release improves collaboration performance and fixes a few Windows specific issues.
2012-05-20 22:54:25 -04:00
syndrowm
fec2ec37f8
Squashed commit of the following:
...
commit fa9b2841cfcb7c833da5454f108f15ad229e6b75
Author: syndrowm <syndrowm@gmail.com>
Date: Mon Apr 2 17:00:59 2012 -0600
header files needed to generate solaris and bsd elf executables
commit f03fb2ff97823f3c177f3e1678aec26d92dd16ab
Author: syndrowm <syndrowm@gmail.com>
Date: Mon Apr 2 16:59:46 2012 -0600
add functions to allow generating elf executables for bsd and solaris
[Closes #292 ]
2012-05-18 10:21:34 -06:00
jvazquez-r7
14d8ba00af
Added batik svg java module
2012-05-17 16:48:38 +02:00
sinn3r
a88af1dd36
Merge pull request #391 from rsmudge/armitage
...
add color to armitage's presentation of the Metasploit console
2012-05-16 21:57:43 -07:00