infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
27,000 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

14318 Commits (d83131f1d97633f7308c74e7f707fa4a4147dd69)

Author SHA1 Message Date
jvazquez-r7 ecace8beec Refactor check method 2014-08-22 11:05:36 -05:00
Brandon Turner 05f0d09828
Merge branch staging/electro-release into master 
On August 15, shuckins-r7 merged the Metasploit 4.10.0 branch
(staging/electro-release) into master.  Rather than merging with
history, he squashed all history into two commits (see
149c3ecc63 and
82760bf5b3).

We want to preserve history (for things like git blame, git log, etc.).
So on August 22, we reverted the commits above (see
19ba7772f3).

This merge commit merges the staging/electro-release branch
(62b81d6814) into master
(48f0743d1b).  It ensures that any changes
committed to master since the original squashed merge are retained.

As a side effect, you may see this merge commit in history/blame for the
time period between August 15 and August 22.
 2014-08-22 10:50:38 -05:00
jvazquez-r7 ced65734e9 Make some datastore options advanced 2014-08-22 10:26:04 -05:00
jvazquez-r7 b4e3e84f92 Use CamelCase for target keys 2014-08-22 10:23:36 -05:00
jvazquez-r7 b58550fe00 Indent description and fix title 2014-08-22 10:21:08 -05:00
Brandon Turner 19ba7772f3
Revert "Various merge resolutions from master <- staging" 
This reverts commit 149c3ecc63.

Conflicts:
	lib/metasploit/framework/command/base.rb
	lib/metasploit/framework/common_engine.rb
	lib/metasploit/framework/require.rb
	lib/msf/core/modules/namespace.rb
	modules/auxiliary/analyze/jtr_postgres_fast.rb
	modules/auxiliary/scanner/smb/smb_login.rb
	msfconsole
 2014-08-22 10:17:44 -05:00
Christopher Truncer 3918acb1e1 Changed keyword used when returning 2014-08-21 12:34:54 -04:00
Christopher Truncer a0b72bba93 Updated module based on feedback 2014-08-21 12:26:41 -04:00
Pedro Ribeiro da752b0134 Add exploit for CVE-2014-3996 2014-08-21 15:30:28 +01:00
Christopher Truncer 383906c26c Removed function no longer used 2014-08-20 22:51:01 -04:00
Christopher Truncer c93bfb4673 Fixed targeturi value 2014-08-20 21:23:45 -04:00
Christopher Truncer 7f90b81711 IP Board Login Scanner Module 2014-08-20 21:18:19 -04:00
Jon Hart 9f9f28cc31
If a peer is 127.0.0.1, don't try to store it because we (currently...) can't 2014-08-20 15:48:54 -07:00
Jon Hart 9db3dc7ad8
Store peer data note in the same format as originally 2014-08-20 15:10:45 -07:00
Jon Hart 758c3fa518
Only discard monlist replies that are impossibly short 
This fixes the case where if a monlist reply only includes one peer
 2014-08-20 15:02:21 -07:00
Jon Hart 7ad9300d37
Update ntp_monlist to use UDPScanner, NTP and DRDoS mixins 2014-08-20 14:41:00 -07:00
Jon Hart 8fd4ee87ab
Allow singular NTP version and mode 7 implementation testing 2014-08-20 12:21:39 -07:00
sinn3r e2e2dfc6a3 Undo FF 2014-08-19 17:47:44 -05:00
sinn3r 777efb5e48
Land #3669 - Deprecate ff 17 svg exploit 2014-08-19 17:42:31 -05:00
sinn3r c73ec66c7a
Land #3659 - Add HybridAuth install.php PHP Code Execution 2014-08-19 17:19:01 -05:00
Tom Sellers 74920d26a4 Update to server/capture/imap.rb for new Credential system 2014-08-19 15:25:31 -05:00
Tom Sellers 3fdad4dc91
Update auxillary/scanner/ftp with Credential Gem 2014-08-19 13:13:05 -05:00
William Vu dc95b01cc5
Land #3670, smb_login private_type fix 
[FixRM #8841]
 2014-08-19 11:30:23 -05:00
William Vu b748cee760
Land #3664, enum_osx dump_hash removal 2014-08-19 11:29:23 -05:00
David Maloney 473b92a060
Merge branch 'master' into feature/MSP-10992/scanner-dry 
Conflicts:
	Gemfile.lock
	lib/metasploit/framework/command/console.rb
	lib/metasploit/framework/common_engine.rb
	lib/metasploit/framework/credential.rb
	lib/metasploit/framework/credential_collection.rb
	lib/metasploit/framework/login_scanner/afp.rb
	lib/metasploit/framework/login_scanner/axis2.rb
	lib/metasploit/framework/login_scanner/db2.rb
	lib/metasploit/framework/login_scanner/ftp.rb
	lib/metasploit/framework/login_scanner/http.rb
	lib/metasploit/framework/login_scanner/mssql.rb
	lib/metasploit/framework/login_scanner/mysql.rb
	lib/metasploit/framework/login_scanner/pop3.rb
	lib/metasploit/framework/login_scanner/postgres.rb
	lib/metasploit/framework/login_scanner/result.rb
	lib/metasploit/framework/login_scanner/smb.rb
	lib/metasploit/framework/login_scanner/snmp.rb
	lib/metasploit/framework/login_scanner/ssh.rb
	lib/metasploit/framework/login_scanner/telnet.rb
	lib/metasploit/framework/login_scanner/vnc.rb
	lib/metasploit/framework/parsed_options/console.rb
	lib/metasploit/framework/require.rb
	lib/metasploit/framework/version.rb
	lib/msf/core/modules/namespace.rb
	modules/auxiliary/analyze/jtr_postgres_fast.rb
	modules/auxiliary/scanner/afp/afp_login.rb
	modules/auxiliary/scanner/db2/db2_auth.rb
	modules/auxiliary/scanner/ftp/ftp_login.rb
	modules/auxiliary/scanner/http/axis_login.rb
	modules/auxiliary/scanner/http/http_login.rb
	modules/auxiliary/scanner/http/tomcat_mgr_login.rb
	modules/auxiliary/scanner/mssql/mssql_login.rb
	modules/auxiliary/scanner/mysql/mysql_login.rb
	modules/auxiliary/scanner/pop3/pop3_login.rb
	modules/auxiliary/scanner/postgres/postgres_login.rb
	modules/auxiliary/scanner/snmp/snmp_login.rb
	modules/auxiliary/scanner/ssh/ssh_login.rb
	modules/auxiliary/scanner/ssh/ssh_login_pubkey.rb
	modules/auxiliary/scanner/telnet/telnet_login.rb
	modules/auxiliary/scanner/vnc/vnc_login.rb
	modules/auxiliary/scanner/winrm/winrm_login.rb
	spec/lib/metasploit/framework/credential_spec.rb
	spec/lib/msf/core/framework_spec.rb
 2014-08-19 10:30:16 -05:00
James Lee f169b8dff3
Fix hashes being stored as passwords 2014-08-18 15:52:13 -05:00
joev b93fda5cef
Remove browser_autopwn hook from deprecated FF module. 2014-08-18 15:33:43 -05:00
joev 87aa63de6e
Deprecate FF17 SVG exploit. 
This exploit needs flash, the tostring_console injection one does not.
 2014-08-18 15:32:51 -05:00
Brendan Coles 564431fd41 Use arrays in refs for consistency 2014-08-18 18:54:54 +00:00
Tod Beardsley cad281494f
Minor caps, grammar, desc fixes 2014-08-18 13:35:34 -05:00
joev 5654370316
Remove hashdump functionality from enum_osx. 
There is a specific hashdump module that is more up-to-date, no need to duplicate
functionality (and code).
 2014-08-18 11:40:11 -05:00
joev 5bfbb7654e
Add android meterpreter to browser autopwn. 2014-08-18 11:09:16 -05:00
HD Moore d8e82b9394 Lands #3655, fixes pack operators 
the commit.
he commit.
 2014-08-17 17:25:52 -05:00
Brendan Coles b8b2e3edff Add HybridAuth install.php PHP Code Execution module 2014-08-16 23:31:46 +00:00
sinn3r e656a81c63
Land #3656 - FF toString console.time Privileged Javascript Injection 2014-08-15 17:07:23 -05:00
joev 6d958475d6
Oops, this doesn't work on 23, only 22. 2014-08-15 17:00:58 -05:00
joev fb1fe7cb8b
Add some obfuscation. 2014-08-15 16:54:30 -05:00
joev b574a4c4c5
Wow, this gets a shell all the way back to 15.0. 2014-08-15 16:39:36 -05:00
joev 5706371c77
Update browser autopwn settings. 2014-08-15 16:32:06 -05:00
joev 8c63c8f43d
Add browserautopwn hook now that this is not user-assisted. 2014-08-15 16:28:21 -05:00
joev 694d917acc
No need for web console YESSSS 2014-08-15 16:02:26 -05:00
joev 738a295f0a
Rename module to tostring_console*. 2014-08-15 15:17:37 -05:00
Meatballs 0cc3bdfb35
Moar bad packs 2014-08-15 21:11:37 +01:00
joev f182613034
Invalid CVE format. 2014-08-15 15:09:45 -05:00
joev edb9d32e5c
Add module for toString() injection in firefox. 2014-08-15 15:08:10 -05:00
Tod Beardsley 904c1b20b1
Land #3654, update to 4.10-dev (electro) 2014-08-15 12:51:28 -05:00
Samuel Huckins 149c3ecc63
Various merge resolutions from master <- staging 
* --ask option ported to new location
* --version option now works
* MSF version updated
* All specs passing
 2014-08-15 11:33:31 -05:00
jvazquez-r7 4cfd2abd8d
Land #3621, @kaospunk's exploit for gitlab-shell CVE-2013-4490 command injection 2014-08-15 09:17:16 -05:00
jvazquez-r7 4e0f6dfcc7 Do minor cleanup 2014-08-15 09:10:08 -05:00
sinn3r f91116a8e8
Land #3634 - Virtual box 3D Acceleration OpenGL Host escape 2014-08-13 20:08:13 -05:00
kaospunk 5ed3e6005a Implement suggestions 
This commit addresses feedback such as adding a check
function and changing the login fail case by being
more specific on what is checked for. The failing
ARCH_CMD payloads were addressed by adding BadChars.
Last, an ARCH_PYTHON target was added based on
@zerosteiner's feedback.
 2014-08-13 20:26:48 -04:00
jvazquez-r7 127d094a8d Dont share once device is opened 2014-08-13 16:13:38 -05:00
sinn3r 558cea6017
Land #3638 - Add VMTurbo Operations Manager 'vmtadmin.cgi' RCE 2014-08-13 11:55:56 -05:00
Meatballs 05a198bc96
Correct spelling 2014-08-13 14:06:25 +01:00
Meatballs 4a01c27ed4
Use get_env and good pack specifier 2014-08-13 10:59:22 +01:00
Emilio Pinna 4ff73a1467 Add version build check 2014-08-13 09:53:43 +02:00
James Lee b7e4bd4080
Fix 'domain\user' reporting in mremote 2014-08-12 18:01:42 -05:00
jvazquez-r7 da4b572a0d Change module name 2014-08-12 17:17:26 -05:00
jvazquez-r7 3eccc12f50 Switch from vprint to print 2014-08-12 17:11:24 -05:00
jvazquez-r7 f203fdebcb Use Msf::Exploit::Local::WindowsKernel 2014-08-12 17:09:39 -05:00
jvazquez-r7 e1debd68ad Merge to update 2014-08-12 16:21:39 -05:00
jvazquez-r7 183b27ee27 There is only one target 2014-08-12 16:14:41 -05:00
jvazquez-r7 c8e4048c19 Some style fixes 2014-08-12 16:11:31 -05:00
jvazquez-r7 ea3d2f727b Dont fail_with while checking 2014-08-12 16:09:59 -05:00
Emilio Pinna 3440f82b2e Minor description adjustment 2014-08-12 22:18:59 +02:00
Emilio Pinna 9e38ffb797 Add the check for the manual payload setting 2014-08-12 21:55:42 +02:00
sinn3r b84192c654
Land #3642 - Be sure which the full payload is used 2014-08-12 14:52:26 -05:00
jvazquez-r7 93990f4578
Land #3631, @wchen-r7's fixes to avoid datastore options assignment at runtime 2014-08-12 14:46:02 -05:00
jvazquez-r7 b46b6af50d
Land #3630, @wchen-r7's fix for datastore assignments on smb_enumusers 2014-08-12 14:26:55 -05:00
jvazquez-r7 33da1a6871 Give a chance to the mixin 2014-08-12 13:49:39 -05:00
Emilio Pinna 5b6be55c50 Fix (properly) 'execute_command()' missing 'opts' parameter 2014-08-12 19:49:27 +02:00
Emilio Pinna 3af17ffad0 Fixed 'execute_command()' missing 'opts' parameter 2014-08-12 19:24:24 +02:00
jvazquez-r7 042423088c Make sure which the full payload is used 2014-08-12 11:41:29 -05:00
David Maloney fcfce9efec
Merge branch 'staging/electro-release' into feature/MSP-10992/scanner-dry 2014-08-12 11:22:51 -05:00
Emilio Pinna f71589f534 Simplify payload upload using 'CmdStager' mixin 2014-08-12 10:49:17 +02:00
sinn3r 4aeb1eda9c Don't use datastore options as default values 2014-08-11 18:55:32 -05:00
kaospunk 4e6a04d3ad Modifications for login and key addition 
This commit adds additional support for logging in
on multiple versions of Gitlab as well as adding a
key to exploit the vulnerability.
 2014-08-11 19:54:10 -04:00
Emilio Pinna cc5770558d Remove local payload saving used for debugging 2014-08-11 19:16:14 +02:00
Emilio Pinna 4790b18424 Use FileDropper mixin to delete uploaded file 2014-08-11 19:02:09 +02:00
Emilio Pinna ac526ca9bd Fix print_* to vprint_* in check method 2014-08-11 18:58:11 +02:00
Emilio Pinna 4b4b24b79d Fix errors printing 2014-08-11 18:54:43 +02:00
Emilio Pinna c97cd75beb Rephrase 'Author' section 2014-08-11 18:52:21 +02:00
Emilio Pinna 0138f3648d Add VMTurbo Operations Manager 'vmtadmin.cgi' Remote Command Execution module. 2014-08-11 16:57:39 +02:00
kaospunk a995bcf2ef Fix URI building and failure cases 
This update uses the normalize_uri method for building
URIs. Additionally, failure cases have been modified
for a less generic version.
 2014-08-10 19:53:33 -04:00
Meatballs 351b687759
Land #3612, Windows Local Kernel exploits refactor 2014-08-10 22:05:06 +01:00
joev af3ca19ab2
Land #3501, @AnwarMohamed's android meterpreter commands. 2014-08-09 16:29:59 -05:00
Tod Beardsley 08bb815bd8
Add Yokogawa unauth admin module 2014-08-09 13:30:10 -05:00
jvazquez-r7 486b5523ee Refactor set_version 2014-08-09 02:17:07 -05:00
jvazquez-r7 d959affd6e Delete debug message 2014-08-09 01:58:42 -05:00
jvazquez-r7 da04b43861 Add module for CVE-2014-0983 2014-08-09 01:56:38 -05:00
Jon Hart a5e9abc227
Update R7-2014-12 NTP modules to use new DRDoS mixin 2014-08-08 23:15:54 -07:00
Jon Hart 00452b41c9
Gut admin functions from R7-2014-12 NTP modules 
None of these are admin modules.  All of that stuff should eventually go
in auxiliary/admin
 2014-08-08 21:22:11 -07:00
Jon Hart ed3ccdc9e0
Initial commit of modules for NTP vulns described in R7-2014-12 
Not entirely functional or polished, but mostly working
 2014-08-08 21:00:43 -07:00
Jon Hart 3307726c21
Land #3627, @wchen-r7's cleanup of ctypes in smb_enumshares 2014-08-08 19:17:15 -07:00
Jon Hart b3bb20f569
Land #3629, @wchen-r7's HTTP traversal fixes 2014-08-08 18:08:32 -07:00
Jon Hart c35dc4d3ac Extract query params separately 
Prevents stomping on data
 2014-08-08 18:07:25 -07:00
sinn3r 969e5ddd39 Override the correct smb_direct 2014-08-07 18:48:46 -05:00
sinn3r 3b27102c4c Override the correct smb_direct 2014-08-07 18:47:33 -05:00
sinn3r 436e2abfff Fix datastore options 2014-08-07 17:59:40 -05:00
sinn3r 1963318e70 Fix datastore options 2014-08-07 17:58:25 -05:00
sinn3r ab8f2c7d3f Datastore option fix 2014-08-07 17:57:44 -05:00
sinn3r 6f8c7f092a Fix direct datastore assignments to pass msftidy 2014-08-07 17:51:45 -05:00
sinn3r 2967d85e44
Land #3624 - Wordpress XMLRPC DoS 2014-08-07 17:25:22 -05:00
sinn3r c79fe731c5 Um, this is the right way to do it. 2014-08-07 13:32:48 -05:00
sinn3r f7bda738cf Fix file handle leak 2014-08-07 13:30:34 -05:00
sinn3r 711630d059 Fix datastore assignments 2014-08-07 13:28:51 -05:00
sinn3r c7090f57a5 Fix "text" ctype in smb_enumshares 
"text" is not a valid ctype, should be text/plain
 2014-08-07 11:25:55 -05:00
Christian Mehlmauer a7be5b5164
Added fingerprinting 2014-08-07 18:12:58 +02:00
jvazquez-r7 b259e5b464 Update description again 2014-08-07 09:21:25 -05:00
jvazquez-r7 4af0eca330 Update target description 2014-08-07 09:11:01 -05:00
Christian Mehlmauer d6e60453d6
Added Wordpress XMLRPC DoS 2014-08-07 11:38:44 +02:00
Brandon Turner 91bb0b6e10 Metasploit Framework 4.9.3-2014072301 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJT0CeVAAoJEJMMBVMNnmqO/7AP/0CBRHjtgiR9VnFKSQ+iWTQV
 iPNMBevn0mpSRq/gpoKCeFBZ6b+YQYrOLXDKVk62VV9LCslkr/P8LW8ul+m+JtB0
 mM6V5esUXM1XhgGEyTnTLRx6BR/WQU1RHlb56ae3nZjQlwCuH/5zEmcy5toZxpsY
 6HO46zE0GGBoLr/VgyYlfT08bfoQ+ICyJN0H5ixoovCc3iW0K1MNqLMfdani8zBJ
 gYJaMysV7XtepumWWQMSC+b/EuertdXXzWDy2bwe0Q3cQXNXzrkPAvtMqucWG+gy
 783OLKCPtVoEZiX87xAptkwmVCRdNGPclaWH7YRZDAh1tqBfRQUg72V/TIrOHCP1
 /lYO7yp5pBQg+1UNnpH+xI2YePFfYdHpYDNT5FSQGOnQjJg30ll4SqCm7cVmo2h5
 BRSYXkPCsQeXGaFarxGERNb8e+qN/WzSrHzY45tQw8mDuhg94tlf3VtDag3FXxhj
 zCxd6bu+tdboVm7FERS85T46kxzmeIycZ4p+Sf7d8gXitl2RKbBdKFNDi1gzeK1T
 yN7bDl4sL7qtDgZLXjFrnyC8vXyAqIrAgmFr2JywMBRm6TiCGQvgnrs+sScU3RFU
 W2tblGbKQq+CwDeC59uQPqxRkm72SMUrKX9448VEQ+9XbKE3TMQ5Q4qCxmnw31Op
 aJ0QgKJz8thZgafZc89I
 =e1z9
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCgAGBQJT4pb8AAoJEA+Ckxyj7hsHn+8P/3FlEYCmoqQ/JzsVtmP3Yi4Q
 gBRva+crY831mCCQXFrPJBvWfmy5HOzVh+Zh7zWF0GQ1WuuMppHfR5ARFVwmiDs3
 qwndhXwziDzBnznf0JKSgT5eJsH23s/ots1lyWymKJvPuT6hn6MRAHUawgnNmYR9
 ttnawmHvCM9Iha2oz3nmkLcNd+83bdBfEWi5l8AQ7jJxwMC2/8VPpMscVVwXqPzd
 CoQugAYZW5VeaEiGio5+19Ix9EPkIDvs6wnfGBtfPfeaOIDZV4XOFoIFUtEeZd5o
 olvEpYvdqscy4Qujzn4C++3wX3bUxkIbHTJHgrKmlD83dI7Cu1JH716G+yfLoJo0
 pQBWTGeWYKEh6leK/9J5Bo1/tOJ/ylbcbvH0Y0tmdu4icHar6uYe1QBrCB9xIdh1
 F+xo4guYnVo616DXJQSwjIye83b5dBxACrfA3bqCnFVFgTM5jXGV1cqiBgs9Dl++
 tIDPgUJkCe/bIdQ7PntlGRzxKihHahlxhCa++YaGKqSq7gXie8Rl4qgloIrbfNZ/
 z3XsoOLNdbMGO7ip88Zjwq4Khj5WZu7ijfCtXO7GU1UJZL1tJ2yK2ic7ZDLc251Y
 8EGMSTG53+6yvZYFtWMZeQzjwD2cpuF04dOmHOKi6KGJJ7KRPhn6gpsbc6U1mbH9
 AjGcfOzhhcsY+WAQ7OG+
 =Pjob
 -----END PGP SIGNATURE-----

Merge tag '2014072301' into staging/electro-release

Conflicts:
	Gemfile.lock
	modules/post/windows/gather/credentials/gpp.rb

This removes the active flag in the gpp.rb module.  According to Lance,
the active flag is no longer used.
 2014-08-06 15:58:12 -05:00
Spencer McIntyre b602e47454 Implement improvements based on feedback 2014-08-05 21:24:37 -07:00
kaospunk 48359faaaf Add gitlab-shell command injection module 
This request adds a module for gitlab-shell command
injection for versions prior to 1.7.4. This has been
tested by installing version 7.1.1 on Ubuntu and then
using information at http://intelligentexploit.com/view-details.html?id=17746
to modify the version of gitlab-shell to a vulnerable one. This
was done as I could not find a better method for downloading
and deploying an older, vulnerable version of Gitlab.
 2014-08-05 23:21:57 -04:00
sinn3r 9b6259e58b
Land #3569 - Updated smb_enumshares to support spidering 2014-08-05 20:23:09 -05:00
sinn3r f520616730 This fixes a few things, see commit message for more info 
This commit fixes the following:

1. Not handling eval_host()'s nil file return value, which can causes
   a NoMethodError at runtime due to various conditions.
2. Renames datastore option VERBOSE to ShowFiles to pass msftidy
3. Avoids overwriting datastore options directly to pass msftidy
 2014-08-05 19:20:11 -05:00
Alton Johnson da845c7e89 Changed default VERBOSE option to false. 2014-08-04 18:06:35 -05:00
Jon Hart f25bb735a0
Land #3543, @todb-r7's Rubocop cleanup of MS08-067 2014-08-04 14:35:30 -07:00
Jon Hart b81c7e28f4
Land #3588, @tobd-r7's Fix SpaceBeforeModifierKeyword Rubocop warning 2014-08-04 14:25:03 -07:00
Spencer McIntyre 9cd6353246 Update mqac_write to use the mixin and restore pointers 2014-08-04 12:15:39 -07:00
Spencer McIntyre a523898909 Apply rubocop suggestions for ms_ndproxy 2014-08-04 11:49:01 -07:00
Spencer McIntyre 86e2377218 Switch ms_ndproxy to use the new WindowsKernel mixin 2014-08-04 11:49:01 -07:00
Spencer McIntyre 58d29167e8 Refactor MS11-080 to use the mixin and for style 2014-08-04 11:49:01 -07:00
Tod Beardsley 4de59ad7d1
Add reasonable description for gnome-commander 2014-08-04 12:35:34 -05:00
jvazquez-r7 ed97751ead
Land #2999, @j0hnf's modifiction to check_dir_file to handle file: 2014-08-04 11:55:18 -05:00
jvazquez-r7 cd45ed0e0a Handle exceptions when connecting the SMBHSARE 2014-08-04 11:54:30 -05:00
jvazquez-r7 85b5c5a691 Refactor check_path 2014-08-04 11:48:13 -05:00
jvazquez-r7 1e29bef51b Fix msftidy warnings 2014-08-04 11:46:27 -05:00
jvazquez-r7 04bf0b4ab6 Fix forgotten comma 2014-08-04 11:34:12 -05:00
jvazquez-r7 68d8afc18d
Land #3604, @hmoore-r7's [FixRM #8838] smb_lookupsid nil class dereference 2014-08-04 10:38:42 -05:00
Joshua Smith 6c2b8f54cf rubocop cleanup, long lines, etc 2014-08-03 23:19:08 -05:00
OJ 2b021e647d Minor tidies to conform to standards 2014-08-03 23:19:08 -05:00
OJ 31c51eeb63 Move error messages to `check` 2014-08-03 23:19:08 -05:00
OJ cbf15660bf Add some small fixes to the MQAC local exploit 
* Check for `INVALID_HANDLE_VALUE` when attempting to open the
  device, as this is what is returned when the device doesn't exist.
* Make sure that we only run the exploit against tartgets that we
  support directly to make sure we don't BSOD machines (such as what
  happens with SP1/SP2).
* Add a call to `check` in the exploit code.
 2014-08-03 23:19:08 -05:00
HD Moore 3bc8d1fee9 See #RM8838. Handle null domain_sid properly 
This switches to the local sid if the domain sid is null, even if
the ACTION is set to DOMAIN. This solves the issue identified in

```
[*] 192.168.0.4 PIPE(LSARPC) LOCAL(NAS - 5-21-2272853860-1115691317-1341221697) DOMAIN(WORKGROUP - )
[-] 192.168.0.4 No domain SID identified, falling back to the local SID...
[*] 192.168.0.4 USER=guest RID=501
[*] 192.168.0.4 GROUP=None RID=513
```
 2014-08-02 14:25:17 -05:00
us3r777 cd2e225359 Refactored auxilliary jboss_bshdeployer 
Switch modules/auxiliary/admin/http/jboss_bshdeployer.rb to use the
changes.
 2014-08-02 11:10:49 +02:00
Tod Beardsley c31fc61617
Land #3270, @jlee-r7 deprecation ipv6 payloads 
These are not needed, since you can just config the regular handler now
and pick either.

This resolves the conflict (rm'ed the old modules)

Conflicts:
	modules/payloads/stagers/windows/reverse_ipv6_http.rb
	modules/payloads/stagers/windows/reverse_ipv6_https.rb
 2014-08-01 16:27:59 -05:00
David Maloney ab7111120b
and all the rest 
finally!
 2014-08-01 14:54:18 -05:00
David Maloney 4821851ae4
telnet and ssh next 2014-08-01 14:47:08 -05:00
David Maloney 12902b0a6d
the refactor continues! 2014-08-01 14:41:03 -05:00
David Maloney b74813b9a1
mysql and pop3 now 2014-08-01 14:30:33 -05:00
jvazquez-r7 73ca8c0f6d Work on jboss refactoring 2014-08-01 14:28:26 -05:00
David Maloney 2e7738c788
http and mssql now 2014-08-01 14:22:58 -05:00
David Maloney 33f73a8af7
refactor db2 2014-08-01 13:00:27 -05:00
David Maloney 439b893fea
refactor axislogin 2014-08-01 12:30:16 -05:00
David Maloney 0fffb179fa
refactor afp_login 2014-08-01 12:10:52 -05:00
David Maloney c3691ba056
finish refactoring ftp_login 2014-08-01 12:06:13 -05:00
David Maloney a380646667
start refactoring ftp loginscanner 2014-08-01 11:47:13 -05:00
Meatballs 15c1ab64cd Quick rubocop 2014-07-31 23:11:00 +01:00
Meatballs d336c56b99
Merge remote-tracking branch 'upstream/master' into land_2551 2014-07-31 23:06:37 +01:00