Commit Graph

6516 Commits (d0b1fa33af891942cb889ac747e4b15b2bc7d9cd)

Author SHA1 Message Date
midnitesnake d0b1fa33af swapped out OptString for OptEnum 2012-08-22 02:20:13 +01:00
midnitesnake 8218a60b32 other corrections 2012-08-22 00:08:59 +01:00
midnitesnake 5cf7f22a13 corrections following on from jlee-r7 comments 2012-08-21 23:57:07 +01:00
midnitesnake ad2b457fda Added linux port for postgres payload 2012-08-14 17:46:35 +01:00
sinn3r dc5f8b874d Found a bug with retrying. 2012-08-14 17:04:17 -05:00
sinn3r b3791b1545 I missed one 2012-08-14 16:51:55 -05:00
sinn3r 6a0271fb11 Correct OSX naming. See ticket #7182 2012-08-14 15:29:21 -05:00
Tod Beardsley 0e4e7dc903 Indentation fix 2012-08-14 12:27:27 -05:00
Tod Beardsley 6597d25726 Shortening an over-200 long line for readability
It's a contrived fix, but scrolling over is a hassle. This comes up a
lot in long regexes, not sure the best way to address these.
2012-08-14 12:27:27 -05:00
sinn3r bfe2ed0737 Minor title update 2012-08-14 12:14:13 -05:00
jvazquez-r7 1ec7f03352 Changes proposed by todb: description, author email, zip data random 2012-08-14 18:45:05 +02:00
jvazquez-r7 3c79509780 Added module for BID 46375 2012-08-14 18:15:29 +02:00
sinn3r 3e0e5a1a75 No manual stuff, probably prones to failure anyway. 2012-08-14 10:58:57 -05:00
sinn3r 612848df6f Add priv escalation mod for exploiting trusted service path 2012-08-14 01:55:03 -05:00
Tod Beardsley bd408fc27e Updating msft links to psexec
Thanks for the spot @shuckins-r7 !
2012-08-13 15:28:04 -05:00
jvazquez-r7 a872f624a1 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2012-08-13 19:31:50 +02:00
jvazquez-r7 d6b28dc44d ranking changed plus on_new_session handler added 2012-08-13 19:29:13 +02:00
jvazquez-r7 468030786f small fixes, mainly check res agains nil, res.code and use send_request_cgi 2012-08-13 18:57:59 +02:00
sinn3r 7c6b6281d7 Merge branch 'beacon-addr' of https://github.com/bonsaiviking/metasploit-framework into bonsaiviking-beacon-addr 2012-08-13 11:57:22 -05:00
jvazquez-r7 29c48be2ed Merge branch 'testlink_upload_exec' of https://github.com/bcoles/metasploit-framework into bcoles-testlink_upload_exec 2012-08-13 18:54:33 +02:00
sinn3r e5666d70e2 Merge branch 'glassfish-uri' of https://github.com/bonsaiviking/metasploit-framework into bonsaiviking-glassfish-uri 2012-08-13 11:53:03 -05:00
sinn3r 6059bb5710 Merge branch 'cyclope' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-cyclope 2012-08-13 11:40:46 -05:00
sinn3r dfa00ac499 Merge branch 'zenworks_assetmgmt_uploadservlet' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-zenworks_assetmgmt_uploadservlet 2012-08-13 11:39:15 -05:00
bcoles 8bb3181f68 Add TestLink v1.9.3 arbitrary file upload module 2012-08-13 16:30:10 +09:30
HD Moore f72f334124 Fix an odd issue with search due to use of the builtin Proxies option 2012-08-12 23:22:38 -05:00
sinn3r f9b5f321cb ADD OSVDB-84517 2012-08-12 17:56:18 -05:00
RageLtMan 3711297719 dd Opt::Proxies and opthash[:proxies] to exploits 2012-08-12 16:29:39 -04:00
RageLtMan 33c74c97e2 Add Opt::Proxies and opthash[:proxies] to ssh mods 2012-08-12 16:23:22 -04:00
RageLtMan c9690033c7 This commit allows ssh_login to use socks proxies. Net::SSH::Transport::Session could take a :proxy option,
but it expects a factory object not a string, when setting :proxy => datastore['Proxies'] user got:
"Auxiliary failed: NoMethodError private method `open' called for \"socks4:localhost:1080\":String."
VALID_OPTIONS in ssh.rb now takes :proxies option which is passed to the Rex socket in
Net::SSH::Transport::Session.new.

Testing: block all outgoing to SSH server, try to connect with a proxy. Try with :proxy option,
then merge this pull request and try again.
2012-08-12 16:01:52 -04:00
jvazquez-r7 bf04e2dded Added module for CVE-2011-2653 2012-08-12 18:27:56 +02:00
Daniel Miller ed43418156 Fix unused ADDR_DST option in fuzz_beacon
auxiliary/fuzzers/wifi/fuzz_beacon offers ADDR_DST option, probably
copy-pasted from some other wifi modules, but does not use it, likely
because beacons are meant to be sent to broadcast address only. Since
this is a fuzzer, changing the destination address may be desirable.
Used the option in building the frame to be sent.
2012-08-10 16:14:50 -05:00
Daniel Miller db4f31de76 Fix use of URI option for glassfish_login
auxiliary/scanner/http/glassfish_login offers URI option to set the path
where Glassfish is installed, but it doesn't work. Replaced it with
TARGETURI and call target_uri.path to get a base path.
2012-08-10 15:44:53 -05:00
James Lee 67cdea1788 Fix load order issues (again)
This is getting annoying.  Some day we'll have autoload and never have
to deal with this.
2012-08-10 13:52:54 -06:00
Daniel Miller c8b8d7b8db Fix handling of PAYLOAD_TYPE in persistence
post/windows/manage/persistence incorrectly checked the STARTUP option
to set the payload, which meant it was always the default (reverse_tcp).
Changed to check PAYLOAD_TYPE instead, as intended.
2012-08-10 13:34:09 -05:00
sinn3r b4b860f356 Correct MC's name 2012-08-08 14:16:02 -05:00
sinn3r 9473d9f7c4 Merge branch 'osx_keychain' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-osx_keychain 2012-08-08 14:09:22 -05:00
sinn3r 880491c52f Update description 2012-08-08 14:07:51 -05:00
sinn3r 8a787f8342 typo 2012-08-08 14:04:49 -05:00
sinn3r 0fe385138f Merge branch 'netdecision_tftp_exploit' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-netdecision_tftp_exploit 2012-08-08 13:44:49 -05:00
sinn3r 5f46a1e239 Based on #676, with some changes 2012-08-08 12:44:39 -05:00
sinn3r 7cff1365a2 Merge branch 'master' of https://github.com/ipwnstuff/metasploit-framework into osx_keychain 2012-08-08 11:12:07 -05:00
Erran Carey 189a4ffb78 Edited spaceing 2012-08-08 10:40:33 -05:00
jvazquez-r7 8587ff535a Added exploit module for CVE-2009-1730 2012-08-08 16:28:03 +02:00
jvazquez-r7 d04fdc9382 Added aux module for CVE-2009-1730 2012-08-08 16:26:41 +02:00
Erran Carey bb588d338b Add Keychain Enumeration Mac OS X Post Module
Based off my `Keyjacker` script this module runs through an account's
keychains and returns internet accounts associated.
Setting the GETPASS option to true will return both many plain text
passwords given that the user allows their system to use the keychain
when prompted.
2012-08-08 03:03:19 -05:00
sinn3r b46fb260a6 Comply with msftidy
*Knock, knock!*  Who's there? Me, the msftidy nazi!
2012-08-07 15:59:01 -05:00
sinn3r 7221420267 When it hangs, it's actually the correct behavior, not a failure. 2012-08-07 15:00:08 -05:00
Tod Beardsley 955a5af8cf Adding OSVDB ref 2012-08-07 12:56:29 -05:00
sinn3r dc47551a5c Merge branch 'scrutinizer_add_admin' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-scrutinizer_add_admin 2012-08-07 12:40:04 -05:00
sinn3r ddcee6fee0 And the war between spaces and tabs goes on.... 2012-08-07 12:36:53 -05:00