Tod Beardsley
4ee24f7e42
Adding Justin's CCTV module.
2012-05-15 08:03:39 -05:00
sinn3r
8b06835109
Make changes to proper API usage, whitespace, and extra characters.
2012-05-15 01:26:42 -05:00
sinn3r
3c683fcf99
Merge branch 'pyoor' of https://github.com/pyoor/metasploit-framework into pyoor-pyoor
2012-05-15 01:20:01 -05:00
sinn3r
d54a228f65
Correct version number
2012-05-15 01:16:41 -05:00
Brandon Perry
c4052b3f6c
add missing import methods?
2012-05-14 21:03:37 -05:00
pyoor
a8b534ddec
Cisco Secure ACS Module - Updated error handling
2012-05-14 20:03:26 -04:00
pyoor
2e49e56126
Made suggested changes
2012-05-14 19:50:34 -04:00
Brandon Perry
1beaeb8e2f
OpenVAS import functionality. See qa/sample_data for two openvas reports.
2012-05-14 18:40:08 -05:00
sinn3r
06b12bcd7d
Merge pull request #385 from brandonprry/wapiti_report
...
Wapiti XML report import
2012-05-14 16:02:03 -07:00
sinn3r
6bbf018423
Fix bug #6815 : A race condition that results in an invalid handle.
...
Under certain conditions, the module may run into an "The handle
is invalid" while obtaining registry keys and values from the
victim machine. The fix is to retry a couple of times, and hope
we don't hit the race condition again.
2012-05-14 17:44:35 -05:00
HD Moore
3033838909
Correct reflective DLL references
2012-05-14 15:17:03 -05:00
sinn3r
84269f399b
Correct EDB reference
2012-05-14 15:10:21 -05:00
sinn3r
f4a446a6c1
Add module CVE-2011-4404
2012-05-14 15:08:43 -05:00
root
5aeab77499
fix tabs that I missed in db.rb
2012-05-14 07:26:37 -07:00
sinn3r
d17b07a6e1
Merge pull request #387 from swtornio/master
...
add osvdb refs
2012-05-14 07:26:28 -07:00
Steve Tornio
7690e86a89
add osvdb ref
2012-05-14 07:14:10 -05:00
Steve Tornio
bcfa96ced8
add osvdb ref
2012-05-14 07:13:49 -05:00
sinn3r
0b817944c3
Merge pull request #386 from jlee-r7/fix-posix-execute
...
Fix posix execute
2012-05-13 16:17:34 -07:00
sinn3r
2e8b11ca78
Merge pull request #383 from rsmudge/armitage
...
Armitage 05.14.12
2012-05-13 16:15:59 -07:00
root
99a5d1a7b5
fix :pname in the web_vuln_info hash to no include the parameter value
2012-05-13 14:43:02 -07:00
James Lee
ecb106d714
throw is not the same as raise
...
Clearly this code never gets called.
2012-05-13 15:31:57 -06:00
root
2906686da1
forgot to git add db.rb. oops
2012-05-13 14:30:27 -07:00
root
d5cec05cc3
fix tabs
2012-05-13 14:28:50 -07:00
root
253802761f
Remove extraneous puts
2012-05-13 14:19:19 -07:00
root
d0f49c1213
Finished! Importing wapiti now adds Mdm::WebVulns to the db.
...
However, I see no way to actually seeing the webvulns in framework
after importing the report.
2012-05-13 13:58:25 -07:00
James Lee
73331b66e6
Fix execution with spaces in args by using sh -c
...
In posix, a command like "echo 'foo bar'" would previously get parsed
out into arguments for execve like [ "echo", "'foo", "bar'" ] which
obviously isn't what you want. After this commit, it sticks the whole
thing in an arg to sh so the execve call ends up looking like
execve("/bin/sh", ["sh", "-c", "echo 'foo bar'"], [/* 26 vars */]) = 0
This is still a little less than ideal because shell escapes become a
problem; fortunately, that's easy to deal with on the client side as
long as module developers take it into account.
2012-05-13 14:55:57 -06:00
pyoor
6b6dc60b25
Cisco Secure ACS Auth Bypass Module
2012-05-13 16:16:18 -04:00
Christian Mehlmauer
dc10fac885
Ported my Hashcollision Script to Ruby
2012-05-13 20:59:42 +02:00
sinn3r
79a590ccf7
Merge pull request #380 from wchen-r7/bmerinofe-telnet_ruggedcom
...
Modified version of pull request #379 - RuggedCom Telnet Password Generator by bmerinofe
2012-05-13 11:13:27 -07:00
Brandon Perry
b0b72b05d5
Adding the beginning of the wapiti report import nokogiri document
2012-05-13 13:02:48 -05:00
Raphael Mudge
c7b9b711f1
Armitage 05.14.12
...
This release SSL-enables the red team collaboration architecture, adds several keyboard
shortcuts and it improves the workflow for viewing downloaded files/loots.
2012-05-13 13:56:10 -04:00
sinn3r
d2c26f989c
Cleanup whitespace
2012-05-13 04:42:22 -05:00
sinn3r
c1fbf1f931
Merge branch 'mozilla_attribchildremoved' of https://github.com/corelanc0d3r/metasploit-framework into corelanc0d3r-mozilla_attribchildremoved
2012-05-13 04:37:49 -05:00
Peter Van Eeckhoutte (corelanc0d3r)
dd42c3096e
added exploit for Firefox 8&9 AttributeChildRemoved UAF
2012-05-13 11:31:46 +02:00
sinn3r
15fbb1e86c
This the modified version of pull request #379 . Changes include:
...
* Add more references
* Update description
* MSF license disclaimer
* Remove the to() function. Instead it's in run_host()
* Put 'info' in the :proof key
* Remove ::Exception handling, so we can see the original that's also logged in framework.log
2012-05-13 04:09:17 -05:00
James Lee
e2bf3c5750
throw is not the same as raise
...
Clearly this code never gets called.
2012-05-12 16:53:54 -06:00
Tod Beardsley
bc1c9a7fe4
Prepend all messages with victim host:port
...
Redefining print_status locally to handle this. Seems like an easy way
to do this kind of thing for a particular module.
[Closes #272 ]
2012-05-11 17:48:54 -05:00
Tod Beardsley
ab655677b4
Fixed typo, converted to OptEnum for fakedns targetaction
2012-05-11 17:12:31 -05:00
Jose Selvi
af71cdafe2
Update modules/auxiliary/server/fakedns.rb
2012-05-11 17:01:14 -05:00
Jose Selvi
1d6b2eb3fe
Added TARGETACTION options and wildcard support
2012-05-11 17:01:13 -05:00
sinn3r
5d8fbefc3d
Merge pull request #378 from wchen-r7/distinct
...
Add OSVDB-80984 - Distinct TFTP Directory traversal
2012-05-11 13:14:19 -07:00
sinn3r
653d7e5923
Add OSVDB-80984
2012-05-11 15:07:31 -05:00
Tod Beardsley
aa3930fcb9
Typo on fixed tftp module
2012-05-10 21:42:33 -05:00
Tod Beardsley
36c805c5ff
Move the context setting to the module
...
Apparently you can't hit the framework object before running the module
any more. Bummer.
[Fixes #6843 ]
2012-05-10 21:21:32 -05:00
sinn3r
7eabce8872
Add comment for PrependEncoder
2012-05-10 12:18:50 -05:00
sinn3r
2b13330483
Merge pull request #376 from wchen-r7/wikkawiki
...
Add CVE-2011-4449
2012-05-10 10:13:56 -07:00
sinn3r
6e8c3ad1e3
It's "inject", not "upload"... because technically that's what really happens.
2012-05-10 12:06:02 -05:00
sinn3r
c69e34d407
Update description
2012-05-10 12:02:55 -05:00
sinn3r
86c3ad5e0c
Add CVE-2011-4449
2012-05-10 11:57:40 -05:00
Tod Beardsley
65800f7c6e
Whitespace on solarwinds
2012-05-09 12:47:22 -05:00