infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
22,339 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

22339 Commits (d291cd92d7fa41900574b850d9344defc0d24828)

Author SHA1 Message Date
sinn3r a26e12b746 Updates descriiption and improves regex for safari_lastsession.rb 
This updates two things for the safari_lastsession post module:

1. The description is updated: More information is added to describe
how Safari would end up storing the Gmail credential in the last
session state, and what it means to you as an attacker.

2. Regex update for the domain to search for: Before the module starts
extract the session data, it needs to know which domain to extract from.
Originally I only added mail.google.com, but turns out the sensitive info
can be found in accounts.google.com, so I added that one.
 2013-12-24 14:00:55 -06:00
jvazquez-r7 95c4092f0f
Land #2797, @rbsec's patch for lotus domino regex 2013-12-24 07:28:57 -06:00
jvazquez-r7 136d635300
Land #2796, @Meatballs1's patch for [FixRM #8716] 2013-12-24 07:20:38 -06:00
rbsec 86a94022c0 Fix lotus_domino_hashes not working. 
Some Lotus Domino servers prefix the "dspHTTPPassword" with a dollar
sign. Updated regex to take this into account.
 2013-12-24 11:57:13 +00:00
sinn3r 90ce761681
Land #2790 - RealNetworks RealPlayer Version Attribute Buffer Overflow 2013-12-24 00:39:54 -06:00
sinn3r 367dce505b Minor details 2013-12-24 00:39:15 -06:00
sgabe f687a14539 Added support for opening via menu. 2013-12-24 03:12:49 +01:00
sinn3r 213556761a
Land #2765 - Added Poison Ivy Command and Control Scanner 2013-12-23 17:36:18 -06:00
sinn3r 0a07bbdf2e Minor changes 2013-12-23 17:35:42 -06:00
Meatballs 075f48a49f
Fix path 2013-12-23 22:44:56 +00:00
sinn3r 8a1f701081
Land #2795 - Increment MDM version to 0.16.9 2013-12-23 15:09:22 -06:00
Tod Beardsley 1599d9a134
Update Gemfile.lock 2013-12-23 14:47:32 -06:00
jvazquez-r7 2cc4fa35cf
Land #2785, @todb-r7's support for post modules on msfcli 2013-12-23 12:05:40 -06:00
Tod Beardsley c156d2a694
Increment MDM version to 0.16.9 
[SeeRM #8725]
 2013-12-23 10:29:36 -06:00
sinn3r 9c484dd0a3
Land #2786 - HP SiteScope issueSiebelCmd Remote Code Execution 2013-12-23 02:34:01 -06:00
sinn3r 5b647ba6f8 Change description 
Pre-auth is implied.
 2013-12-23 02:33:17 -06:00
Meatballs dc87575b9d
Retab and whitespace 2013-12-22 21:04:44 +00:00
Meatballs f112e78de9
Fixes .war file creation 2013-12-22 20:58:21 +00:00
sgabe 287271cf98 Fixed date format. 2013-12-22 01:32:16 +01:00
sgabe 0ac495fef8 Replaced hex with plain text. 2013-12-22 01:31:37 +01:00
Timothy Swartz fc792bdaae Fix for Rspec failure in Msf::Util::EXE 
[FixRM #8723]
 2013-12-21 02:49:44 -07:00
Meatballs bf8c0b10fa
Dont store n/a creds 2013-12-21 09:04:02 +00:00
jvazquez-r7 f43bc02297 Land #2787, @mwulftange's exploit for CVE-2013-6955 2013-12-20 17:03:10 -06:00
jvazquez-r7 163a54f8b1 Do send_request_cgi final clean up 2013-12-20 17:00:57 -06:00
sgabe 44ab583611 Added newline to end of file. 2013-12-20 22:40:45 +01:00
sgabe 62f71f6282 Added module for CVE-2013-6877 2013-12-20 22:37:09 +01:00
SeawolfRN bf2dc97595 Merge branch 'poisonivyscanner' of github.com:SeawolfRN/metasploit-framework into poisonivyscanner 2013-12-20 18:46:35 +00:00
SeawolfRN ae7a0159e7 Changed to Puts and get_once - also forgot the timeout... 2013-12-20 18:44:42 +00:00
Markus Wulftange 13a4c62b0d Merge pull request #2 from jvazquez-r7/review_2787 
Do final (minor) cleanup
 2013-12-20 09:53:23 -08:00
jvazquez-r7 8be481f324
Land #2681, @mcantoni and @todb-r7's support for chargen 2013-12-20 11:53:08 -06:00
sinn3r 7b80fadc5d
Land #2780 - Convert gendocs.sh to use rake yard 2013-12-20 11:48:03 -06:00
jvazquez-r7 12efa99ce5 Fix udp_sweep 2013-12-20 11:47:48 -06:00
jvazquez-r7 2dc7ef4398 Fix udp_probe 2013-12-20 11:45:27 -06:00
jvazquez-r7 af13334c84 Revert gsub! 2013-12-20 11:39:49 -06:00
sinn3r ce8b8e8ef9
Land #2783 - OpenSIS 'modname' PHP Code Execution 2013-12-20 11:29:10 -06:00
sinn3r d0ef860f75 Strip default username/password 
There isn't one. So force the user to supply one.
 2013-12-20 11:28:18 -06:00
sinn3r 52a4e55804
Land #2781 - Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution 2013-12-20 11:25:50 -06:00
jvazquez-r7 1da961343a Do final (minor) cleanup 2013-12-20 11:20:29 -06:00
Matteo Cantoni 038d6d526c Merge pull request #2 from todb-r7/simplify-chargen-detection 
Add chargen to udp_probe and udp_sweep
 2013-12-20 08:48:50 -08:00
Tod Beardsley 2f34f8458b
Downcase chargen service name 2013-12-20 10:41:53 -06:00
Tod Beardsley 35c847da94
Add chargen to udp_probe and udp_sweep 
This simplifies the checks considerably for PR #2681 from @mcantoni
 2013-12-20 10:32:15 -06:00
jvazquez-r7 a043d384d4
Land #2738, @jiuweigui update to enum_prefetch 2013-12-20 10:26:54 -06:00
Markus Wulftange 929f3ea35c Turn Auxiliary module into Exploit module 2013-12-20 16:45:38 +01:00
Matteo Cantoni d26303e3e7 Merge pull request #1 from jvazquez-r7/review-2681 
Clean chargen_probe
 2013-12-20 07:42:08 -08:00
jvazquez-r7 eba164d2e3 Clean chargen_probe 2013-12-20 09:10:15 -06:00
Markus Wulftange 15f6a62f90 Msf::Exploit::Remote::HttpClient already provides 'peer' 2013-12-20 15:10:10 +01:00
Markus Wulftange 0718c27f47 Use 'unless' instead of 'if not' 2013-12-20 15:09:32 +01:00
Markus Wulftange fe66d2437b Add module for CVE-2013-6955 
Auxiliary module for Synology DiskStation Manager (DMS) SLICEUPLOAD
vulnerability, which allows unauthenticated remote command execution
under root privileges.
 2013-12-20 11:50:02 +01:00
bcoles fb6cd9c149 add osvdb+url refs and module tidy up 2013-12-20 20:27:07 +10:30
sinn3r 2510580c19
Land #2784 - Remove EOL whitespace from OS X hashdump 2013-12-20 03:54:37 -06:00