Commit Graph

1357 Commits (ceb0f56f427a3f23481a9bd74dfd3e013c8984e0)

Author SHA1 Message Date
jvazquez-r7 c8778587f5 rename the xml template for s4u 2013-02-18 15:25:03 +01:00
jvazquez-r7 be0feecf8f Merge branch 's4u_persistence' of https://github.com/smilingraccoon/metasploit-framework into smilingraccoon-s4u_persistence 2013-02-18 15:22:37 +01:00
Chris John Riley 6519444112 Addition defaults 2013-02-15 13:35:25 +01:00
Chris John Riley 5df03f790b Remove end of line spaces and rerun uniq 2013-02-15 13:31:35 +01:00
Chris John Riley fb7d0159c3 Further URLs 2013-02-15 13:26:44 +01:00
Chris John Riley 21366dd4df Updated SAP URL list to include further known URLs 2013-02-15 13:20:23 +01:00
sinn3r 398e6cb202 Merge branch 'rsmudge-armitage' 2013-02-13 10:38:30 -06:00
Raphael Mudge 596b62b831 Armitage 02.12.13 - Distributed Operations
This update adds the ability to manage multiple team server instances
through one Armitage client. This update also adds nickname completion
to the event log. Several bug fixes are included too.
2013-02-11 21:20:03 -05:00
jvazquez-r7 41564fd51d Merge branch 'aux-word_unc_injector.rb' of https://github.com/SphaZ/metasploit-framework into SphaZ-aux-word_unc_injector.rb 2013-02-11 15:05:27 +01:00
smilingraccoon 3a499b1a6d added s4u_persistence.rb 2013-02-10 14:22:36 -05:00
scriptjunkie 447f78cb24 Handle nonstandard ports when starting new msfrpcd. 2013-02-04 17:24:41 -06:00
SphaZ 24de0d2274 Data files moved. Updated to use Rex::zip and Msf::Exploit::FILEFORMAT 2013-02-04 13:37:09 +01:00
Tod Beardsley 293f9da5cf Merge branch 'bug/pro-only-models'
Updates to use MDM 0.4.0 (was using 0.3.0)
2013-01-31 16:14:51 -06:00
jvazquez-r7 d0ecb617c3 Merge branch 'joomla-scanner' of https://github.com/Newpid0/metasploit-framework into Newpid0-joomla-scanner 2013-01-25 21:47:05 +01:00
f8lerror bf2b01f8ef Delete a file and strip space 2013-01-24 09:30:04 -05:00
f8lerror 6e94c04a52 Code Corrections and Enhancements 2013-01-23 20:26:23 -05:00
sinn3r e376bb6fab Merge branch 'rsmudge-armitage' 2013-01-22 22:52:35 -06:00
Raphael Mudge 8c86c49d43 Armitage 01.23.13
This update to Armitage adds the ability to assign labels to hosts
and create dynamic workspaces based on these labs. This update also
adds helpers to configure USERNAME/PASSWORD options and EXE::Custom
and EXE::Template. Several bugs were fixed as well.
2013-01-22 22:48:16 -05:00
jvazquez-r7 807bd6e88a Merge branch 'java_jre17_glassfish_averagerangestatisticimpl' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-java_jre17_glassfish_averagerangestatisticimpl 2013-01-22 15:33:39 +01:00
jvazquez-r7 78279a0397 Added new module for cve-2012-5076 2013-01-17 21:27:47 +01:00
jvazquez-r7 d0b9808fc7 Added module for CVE-2012-5088 2013-01-17 21:14:49 +01:00
f8lerror 0b61d28e0e added Joomla scanner and url wordlist 2013-01-17 11:36:59 -05:00
jvazquez-r7 51f3f59d2f cve and references available 2013-01-11 00:54:53 +01:00
Luke Imhoff f8e1ccc27e Remove cred_files migration
[#41837027]

Mdm::CredFile is only used in Pro, so for metasploit_data_models 0.4.0,
Mdm::CredFiles has been moved to Pro, so the migration has been moved to
Pro too.
2013-01-10 17:50:00 -06:00
jvazquez-r7 876d889d82 added exploit for j7u10 0day 2013-01-10 20:30:43 +01:00
Sam Gaudet 7d1716b79f Turnkey Linux default password 2013-01-08 22:47:53 -05:00
Raphael Mudge 5348127fd2 Metasploit 4.5 Installer Environment Tweak
Armitage on Windows requires the user to specify their MSF
install folder. This tweak checks for an MSF 4.5 environment
and updates the specified folder to make everything work.

Like magic.
2013-01-04 13:08:47 -05:00
Raphael Mudge a79f2fa8d1 Armitage Updates and Bug Fixes
This is Armitage release 01.04.13. This update fixes several bugs
and improves the user experience launching *_login modules from
Armitage. This update adds a Windows 8 icon and includes a fix to
better work with the Metasploit 1.45 installer's environment.
2013-01-04 12:05:09 -05:00
jvazquez-r7 133ad04452 Cleanup of #1062 2012-12-07 11:55:48 +01:00
HD Moore 5e44987271 Really fix this by resetting schema cache 2012-12-06 06:33:46 -08:00
HD Moore a5b3be6dfa Fix a conflicting rename that breaks ActiveRecord 2012-12-06 06:14:49 -08:00
HD Moore 087b2c39ae Whitespace cleanup only 2012-12-06 06:13:53 -08:00
jvazquez-r7 b7f304f0db added build exec_payload.msi 2012-11-28 21:51:01 +01:00
Tod Beardsley 8d6289d8d6 Merge remote branch 'rsmudge/armitage' 2012-11-26 10:52:06 -06:00
Raphael Mudge a2615102c9 Armitage 11.26.12 - several usability enhancements and bug fixes. 2012-11-25 20:51:32 -05:00
sinn3r e6208a7993 Merge branch 'guiOptions' of git://github.com/scriptjunkie/metasploit-framework into scriptjunkie-guiOptions 2012-11-19 10:09:54 -06:00
jvazquez-r7 24fe043960 Merge branch 'samba' of https://github.com/mephos/metasploit-framework into mephos-samba 2012-11-19 14:13:15 +01:00
jvazquez-r7 eddea29568 Merge branch 'sap_soap_rfc_brute_login' of https://github.com/nmonkee/metasploit-framework into nmonkee-sap_soap_rfc_brute_login 2012-11-18 21:36:54 +01:00
scriptjunkie 39dee758e6 Remember last options used for each module, and fill them in by default. 2012-11-17 10:08:45 -06:00
Tasos Laskos 8a9f0a0890 Merge remote-tracking branch 'upstream/master' into web-modules 2012-11-14 18:10:41 +02:00
jvazquez-r7 5076198ba2 fixing bperry comments 2012-11-11 20:18:19 +01:00
jvazquez-r7 8619c5291b Added module for CVE-2012-5076 2012-11-11 17:05:51 +01:00
Tasos Laskos 7032ef0f6f Merge remote-tracking branch 'upstream/master' into web-modules 2012-11-09 00:21:38 +02:00
nmonkee f521e70bee wordlists to accompany sap_soap_rfc_brute_login.rb 2012-11-07 10:46:36 +00:00
David Maloney c30ada5eac Adds temp vbs mod and tweaked decoder stub 2012-11-04 12:49:15 -06:00
Tasos Laskos 385d225305 Updated support for Web modules and analysis techniques (committing to new clean branch due to corruption) 2012-11-01 21:14:38 +02:00
m m f7481b160c add centos5 target 2012-10-31 18:21:41 +01:00
m m f819ec8e75 typo 2012-10-30 17:19:23 +01:00
m m 3855ba88b1 add meterpreter/command support to samba exploit using ROP 2012-10-29 17:33:00 +01:00
Raphael Mudge eee6248795 Armitage 10.16.12 - a lot of bug fixes. 2012-10-15 19:19:31 -04:00
jvazquez-r7 b4485fdb2b added chm templates 2012-10-10 19:21:47 +02:00
sinn3r 858fd9ff43 Merge branch 'ropdb' of https://github.com/wchen-r7/metasploit-framework 2012-10-03 15:21:11 -05:00
sinn3r ba1b65742e Separate XML for various DLLs. 2012-10-02 11:27:10 -05:00
sinn3r f2c7731b39 Add RopDb mixin 2012-10-01 17:09:01 -05:00
Cristiano Maruti 75f5e24178 Dell iDrac login aux scanner 2012-09-27 01:33:11 -05:00
scriptjunkie 10e1574d8a Bugfix with dragging tabbed panes when right-clicked.
Also don't displaly annoying null pointer error when no connection.
2012-09-22 16:32:18 -05:00
James Lee ac2ec99fb7 Add bin for mephos' netstat fixes
[Closes #777]
2012-09-12 16:57:17 -05:00
James Lee 46dfeec402 Adds meterpreter bins all compiled with the same VS
Not sure exactly what was causing the breakage, but using bins compiled
with the same version of Visual Studio seems to have fixed the issue.

[FixRM #7233]
2012-09-11 14:16:21 -05:00
sinn3r c4fb285288 Merge branch 'armitage' of https://github.com/rsmudge/metasploit-framework into rsmudge-armitage 2012-09-05 13:48:09 -05:00
Raphael Mudge e8b3f0193b Armitage 09.05.12 - this release detects several user errors on startup (incorrect permissions, whitespace in the host/port/user/pass parameters, etc.). This release also cleans up the token stealing dialog. 2012-09-05 01:54:28 -04:00
h0ng10 2b6aa6bbdb Added Exploit for deployfilerepository via JMX 2012-09-03 13:50:16 -04:00
James Lee 44801c217d Linux bins for #609 2012-08-29 14:09:37 -05:00
James Lee 5a5ca66bff Merge branch 'mephos-arp-linux' into rapid7 2012-08-29 11:19:04 -05:00
Patrick Webster be63aad0d1 Added Windows wordlist. 2012-08-29 10:51:09 +10:00
James Lee 049494752c Bins for #609, adds netstat and arp cmds 2012-08-28 18:21:57 -05:00
jvazquez-r7 363c0913ae changed dir names according to CVE 2012-08-28 16:33:01 +02:00
jvazquez-r7 52ca1083c2 Added java_jre17_exec 2012-08-27 11:25:04 +02:00
sinn3r f715527423 Improve CVE-2012-1535 2012-08-21 19:58:21 -05:00
Tod Beardsley f46545db58 Merge pull request #700 from rsmudge/armitage
Armitage 08.16.12
2012-08-18 05:55:26 -07:00
Raphael Mudge a6e50497f0 Armitage 08.16.12 - several little fixes and updates. Nothing to write home to mom about. 2012-08-17 16:25:22 -04:00
sinn3r 13df1480c8 Add exploit for CVE-2012-1535 2012-08-17 12:16:54 -05:00
jcran 0a6e0b2415 raspberry pi username / password 2012-08-15 01:55:40 -05:00
James Lee ce94bc2628 Add posix bins for previous commits
This includes 2 bug fixes:
1) Returning a handle with execute
2) Bug in process_channel_read that caused the following to always
return nil or a single byte:
  p = client.sys.process.execute("id", "-u", "Channelized"=>true)
  p.channel.read

[SeeRM #7005][See #681]
2012-08-09 18:35:01 -06:00
HD Moore fac4ba270c Merge pull request #662 from rsmudge/armitage
Armitage 08.02.12 - adds Cortana scripting technology.
2012-08-02 14:31:11 -07:00
Raphael Mudge 32ee1263f9 Armitage 08.02.12 - adds Cortana scripting technology. 2012-08-02 13:24:15 -04:00
HD Moore c4fa86da93 Add missing 64-bit sniffer DLL 2012-08-02 11:33:11 -05:00
m m 5531fd18a0 Really limit packet count and data in linux sniffer
Squashed commit of the following:

commit 57795ff9c33a53167fca85845b96b82b5c92315f
Author: James Lee <egypt@metasploit.com>
Date:   Wed Aug 1 14:13:20 2012 -0600

    Add recompiled sniffer bin for linux

commit 0e11fdb06fcb9771a11eb631e6f10ec7a2d315f3
Author: m m <gaspmat@gmail.com>
Date:   Thu Jul 12 15:08:10 2012 +0200

    really limit packet count and data in linux sniffer

[Closes #605]
2012-08-01 14:16:00 -06:00
James Lee e200f43183 Squashed commit of the following:
commit 1de16b41c8808df2919706eaa8cc89ae44d9b591
Author: m m <gaspmat@gmail.com>
Date:   Mon Jul 9 21:55:32 2012 +0200

    typo

commit a396b55018175f3eb2a83baecb1ec601cc99eef4
Author: m m <gaspmat@gmail.com>
Date:   Mon Jul 9 21:51:32 2012 +0200

    various posix meterpreter bugfixes

[Closes #584]
[FIXRM #7042]
2012-07-19 15:56:47 -06:00
m m 6605e2910c Squashed commit of the following:
commit f0a1d2ad004e5c77cc4d5dcc71935aa530f1729f
Author: m m <gaspmat@gmail.com>
Date:   Tue Jul 17 11:56:43 2012 +0200

    linux meterpreter : correct netmask computation

[Closes #613]
2012-07-19 14:22:39 -06:00
HD Moore 430351fe79 Better handle of module cache when db_connect is run manually 2012-07-10 23:56:48 -05:00
LittleLightLittleFire e9ac90f7b0 added CVE-2012-1723 2012-07-10 12:20:37 +10:00
jcran 8d3ad94f3a enhanced tftp.txt bruteforce list 2012-07-05 22:54:22 -04:00
sinn3r 6dee4781df Merge branch 'armitage' of https://github.com/rsmudge/metasploit-framework into rsmudge-armitage 2012-07-05 18:47:07 -05:00
Raphael Mudge 6c53dffa50 Armitage 07.05.12
This release fixes a few small bugs.
2012-07-05 18:19:59 -04:00
HD Moore c31f70cfb6 Switch to METERPRETER_UA as intended 2012-07-02 00:02:47 -05:00
HD Moore 27bdf78a5a Add support for user-agent control 2012-06-30 23:00:08 -05:00
Tod Beardsley 414214eb9d Permissions. 2012-06-28 11:42:37 -05:00
jvazquez-r7 6ec990ed85 Merge branch 'Openfire-auth-bypass' of https://github.com/h0ng10/metasploit-framework into h0ng10-Openfire-auth-bypass 2012-06-27 23:09:26 +02:00
h0ng10 428ae21928 Changed readme.html file (was from the statistics plugin) 2012-06-26 12:03:52 -04:00
h0ng10 6cc8390da9 Module rewrite, included Java support, direct upload, plugin deletion 2012-06-26 11:56:44 -04:00
HD Moore 85faf53c5d Compromise on MDM counter cache initialization 2012-06-25 13:52:48 -07:00
HD Moore 13b4cb7e88 Revert "Remove reset_column_information (breaks badly)"
This reverts commit 02e124a330.
2012-06-25 13:52:48 -07:00
HD Moore fce5ff00ca Revert "Remove column reset - triggers issue with existing columns"
This reverts commit f479fae6aa.
2012-06-25 13:52:47 -07:00
HD Moore f479fae6aa Remove column reset - triggers issue with existing columns 2012-06-25 10:20:48 -07:00
HD Moore 02e124a330 Remove reset_column_information (breaks badly) 2012-06-25 10:08:38 -07:00
HD Moore 4c0877954e Rename migrations to avoid collisions during merge 2012-06-25 02:22:35 -05:00
HD Moore 3a40dac7d1 Merge branch 'master' into feature/vuln-info 2012-06-25 00:37:01 -05:00
HD Moore 6a91626d94 Permissions 2012-06-25 00:36:39 -05:00
HD Moore 348a0b8f6e Merge branch 'master' into feature/vuln-info 2012-06-24 23:00:13 -05:00
HD Moore 75f1484d63 Respin of binaries to remove debug output 2012-06-24 13:40:27 -05:00
HD Moore 6e61878393 Respin of meterpreter bins (add Win 8 to sysinfo, fix a few bugs) 2012-06-24 13:27:10 -05:00
h0ng10 65197e79e2 added Exploit for CVE-2008-6508 (Openfire Auth bypass) 2012-06-24 07:35:38 -04:00
sinn3r 54309c3c3d Merge branch 'armitage' of https://github.com/rsmudge/metasploit-framework into rsmudge-armitage 2012-06-24 02:25:38 -05:00
Raphael Mudge 322e0766a1 Armitage 06.23.12 2012-06-23 13:03:55 -04:00
jvazquez-r7 b891e868f5 Added actionscript and swf needed 2012-06-23 08:36:35 +02:00
sinn3r d7d314862f Need the trigger to actually make it work, duh! 2012-06-22 23:16:12 -05:00
Tod Beardsley 572fb4cb0c Permissions fix 2012-06-21 15:39:17 -05:00
HD Moore f7ecc98923 Merge branch 'master' into feature/vuln-info 2012-06-20 13:34:53 -05:00
sinn3r 79fc053a2e Merge branch 'module-CVE-2011-2110' of https://github.com/mrmee/metasploit-framework into mrmee-module-CVE-2011-2110 2012-06-19 22:05:07 -05:00
Steven Seeley fcf42d3e7b added adobe flashplayer array indexing exploit (CVE-2011-2110) 2012-06-20 12:52:37 +10:00
HD Moore d5768080bf Add a fail_message to attempts and fix bugs 2012-06-19 00:48:39 -05:00
HD Moore ffdcea6a0a Permissions, ignore 2012-06-18 18:12:51 -05:00
HD Moore e8ad66b799 Exploit attempt tracking is mostly complete 2012-06-17 23:00:21 -05:00
HD Moore 8709473e72 Add fullname to modules, load mixins, fix platform 2012-06-17 11:57:33 -05:00
HD Moore b4b1a4168e Add missing module_detail_id's and references 2012-06-17 01:44:32 -05:00
HD Moore e4fffc36de Move to one to many instead of m2m for module_detail tracking 2012-06-17 01:21:38 -05:00
HD Moore 03b29fff68 Merge up the latest, does not automaticlly load
the module tree into the database right now.
2012-06-14 04:35:43 -05:00
HD Moore a6070f8584 Tweak schema (type gets mangled by AR), add caching routine 2012-06-14 03:27:36 -05:00
HD Moore 1401ec0b19 Keep ID columns for record mgmt 2012-06-14 01:50:08 -05:00
HD Moore 80db388354 Fix up the schema relationships 2012-06-14 00:23:23 -05:00
HD Moore 2aa9de7f63 Fix the boolean definition 2012-06-13 22:16:59 -05:00
HD Moore 1bdd8dc533 Fix the constant 2012-06-13 22:15:58 -05:00
HD Moore d48a99146f Add the migration for new module_details tables 2012-06-13 22:07:56 -05:00
HD Moore 5922ec1f7a Permissions 2012-06-12 15:20:25 -05:00
HD Moore 7a449bffe2 Permissions 2012-06-12 15:19:41 -05:00
HD Moore 6290bba71b Merge branch 'master' into feature/vuln-info 2012-06-12 12:41:41 -05:00
HD Moore 21ea539648 Permissions 2012-06-12 11:50:28 -05:00
Michael Schierl 34ecc7fd18 Adding @schierlm 's AES encryption for Java
Tested with and without AES, works as advertised. Set an AESPassword,
get encryptification. Score.

Squashed commit of the following:

commit cca6c5c36ca51d585b8d2fd0840ba34776bc0668
Author: Michael Schierl <schierlm@gmx.de>
Date:   Wed Apr 4 00:45:24 2012 +0200

    Do not break other architectures
    even when using `setg AESPassword`

commit 422d1e341b3865b02591d4c135427903c8da8ac5
Author: Michael Schierl <schierlm@gmx.de>
Date:   Tue Apr 3 21:50:42 2012 +0200

    binaries

commit 27368b5675222cc1730ac22e4b7a387b88d0d2b3
Author: Michael Schierl <schierlm@gmx.de>
Date:   Tue Apr 3 21:49:10 2012 +0200

    Add AES support to Java stager

    This is compatible to the AES mode of the JavaPayload project.

    I'm pretty sure the way I did it in the handlers (Rex::Socket::tcp_socket_pair())
    is not the supposed way, but it works :-)
2012-06-11 16:13:25 -05:00
HD Moore d975d1a236 Add counter caches for host_details, vuln_details, vuln_attempts 2012-06-10 17:15:53 -05:00
HD Moore beefea6fb9 Merge branch 'master' into feature/vuln-info 2012-06-10 12:54:58 -05:00
HD Moore 9dcb3059f8 MDM update 2012-06-10 03:46:58 -05:00
HD Moore 7c8cb2d79e Add vuln_attempts, track exploit attempts when a matching vuln exists.
This also fixes an issue with report_vuln() from exploited hosts not
setting the service correctly. This introduces a fail_reason method
to the exploit base class, which attempts to determine why an exploit
did not work (closed port, unreachable host, missing page, etc). There
is still quite a bit of work to do around this to finish it up.
2012-06-10 03:15:48 -05:00
sinn3r 4743c9fb33 Add MS12-005 (CVE-2012-0013) exploit 2012-06-10 01:08:28 -05:00
HD Moore 55bdbb6ec9 Merge branch 'master' into feature/vuln-info 2012-06-09 01:37:11 -05:00
HD Moore e840f7e9ee Add additional host detail columns and parsers 2012-06-09 00:43:03 -05:00
James Lee 1be9ce8649 Fixes command parsing in Post::Common
The meterpreter API wants arguments in a seperate string (not an array,
mind you) just so it can concatenate them on the server side.
Originally, I worked around that by using Shellwords.shellwords to pull
out the first token. But! Shellwords.shellwords inexplicably and
inexcusably removes backslashes in ways that make it impossible to quote
things on Windows. This commit works around both of those things.
2012-06-07 22:24:59 -06:00
Raphael Mudge 68dd0cd497 Armitage 06.07.12 - improved collaboration performance and fixed two bugs. 2012-06-07 13:16:16 -04:00
HD Moore 49b3c9b0e8 More cleanup related to vuln schema 2012-06-07 04:42:16 -05:00
HD Moore 42c3bedfad Merge MDM, add migrations, tweak report_vuln 2012-06-07 00:40:26 -05:00
HD Moore e8af6882eb Permissions 2012-06-06 20:05:29 -05:00
jvazquez-r7 93741770e2 Added module for CVE-2011-3400 2012-06-05 18:21:55 +02:00
Joe Vennix 315d68b6f5 Add fix for counter_cache migration to keep from throwing readonly column error. 2012-06-01 13:31:00 -05:00
Joe Vennix c5c1e71b32 Add migrations for counter_cache columns to framework. 2012-06-01 12:07:08 -05:00
Raphael Mudge b5f1554caf Adding rsmudge's Armitage update
Squashed commit of the following:

commit 60be1b2d1d66134c54c82857a569bbf3a005baf8
Author: Raphael Mudge <rsmudge@gmail.com>
Date:   Wed May 30 19:43:07 2012 -0400

    Armitage 05.30.12
    A small collection of bug fixes.
2012-05-30 19:20:14 -05:00
jvazquez-r7 287d68f304 added module for CVE-2008-0320 2012-05-23 17:14:11 +02:00
sinn3r 3f1a72932e Merge pull request #401 from rsmudge/armitage
Armitage 05.21.12
2012-05-20 20:01:12 -07:00
Raphael Mudge c14a3e655e Armitage 05.21.12
This release improves collaboration performance and fixes a few Windows specific issues.
2012-05-20 22:54:25 -04:00
syndrowm fec2ec37f8 Squashed commit of the following:
commit fa9b2841cfcb7c833da5454f108f15ad229e6b75
Author: syndrowm <syndrowm@gmail.com>
Date:   Mon Apr 2 17:00:59 2012 -0600

    header files needed to generate solaris and bsd elf executables

commit f03fb2ff97823f3c177f3e1678aec26d92dd16ab
Author: syndrowm <syndrowm@gmail.com>
Date:   Mon Apr 2 16:59:46 2012 -0600

    add functions to allow generating elf executables for bsd and solaris

[Closes #292]
2012-05-18 10:21:34 -06:00
jvazquez-r7 14d8ba00af Added batik svg java module 2012-05-17 16:48:38 +02:00
sinn3r a88af1dd36 Merge pull request #391 from rsmudge/armitage
add color to armitage's presentation of the Metasploit console
2012-05-16 21:57:43 -07:00