infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,729 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

6195 Commits (d8a5af7084a7c5bbee52cb056bc66f2bac2dee74)

Author SHA1 Message Date
jvazquez-r7 d3bc78c53b applied changes proposed by sinn3r 2012-06-27 23:55:51 +02:00
jvazquez-r7 73360dfae3 minor fixes 2012-06-27 23:38:52 +02:00
jvazquez-r7 245205c6c9 changes on openfire_auth_bypass 2012-06-27 23:15:40 +02:00
jvazquez-r7 6ec990ed85 Merge branch 'Openfire-auth-bypass' of https://github.com/h0ng10/metasploit-framework into h0ng10-Openfire-auth-bypass 2012-06-27 23:09:26 +02:00
sinn3r dc30a2dddb Merge branch 'atlassian_crowd' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-atlassian_crowd 2012-06-27 15:37:15 -05:00
sinn3r 2f733ff8b9 Add CVE-2012-0663 Apple QuickTime TeXML Exploit 2012-06-27 14:41:45 -05:00
Tod Beardsley 97974d9241 Shorten title for display 2012-06-27 10:19:46 -05:00
Tod Beardsley 94e28933c8 Whitespace fixes. msftidy.rb yall 2012-06-27 10:06:15 -05:00
jvazquez-r7 2c5cc697c9 Added auxiliary module for CVE-2012-2926 2012-06-27 10:21:18 +02:00
HD Moore 2dd51690c2 Add a missing require 2012-06-27 00:47:32 -05:00
sinn3r be2692a623 Merge branch 'pdf_parser_fix' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-pdf_parser_fix 2012-06-26 16:55:26 -05:00
James Lee 891400fdbb Array#select! is only in 1.9 2012-06-26 15:32:39 -06:00
sinn3r 9ea6d84a7a Make it clear the exploit doesn't like certain PDF formats 
If the exploit cannot fetch certain xref fields, we warn the user
we don't like their PDF, and recommend them to try a different
one.
 2012-06-26 16:32:10 -05:00
h0ng10 6cc8390da9 Module rewrite, included Java support, direct upload, plugin deletion 2012-06-26 11:56:44 -04:00
jvazquez-r7 cc90a60a1b Correct the use of the platform argument 
The platform argument is meant to be a PlatformList object, not as an array:
http://dev.metasploit.com/redmine/issues/6826
This commit undoes the last change to init_platform() in alpha_mixed and modifies msfvenom to use it as intended.
 2012-06-26 17:32:55 +02:00
sinn3r b966dda980 Update missing CVE reference 2012-06-26 01:26:09 -05:00
sinn3r 8f355554c8 Update missing CVE reference 2012-06-26 01:21:24 -05:00
sinn3r 0d7b6d4053 Update missing CVE reference 2012-06-26 01:20:28 -05:00
sinn3r c7935e0e99 Update OSVDB reference 2012-06-26 01:18:25 -05:00
sinn3r 9980c8f416 Add rh0's analysis 2012-06-25 21:32:45 -05:00
sinn3r 7698b2994d Correct OSVDB typo 2012-06-25 18:32:35 -05:00
sinn3r 8927c8ae57 Make it more verbose, and do some exception handling for cleanup 2012-06-25 17:27:33 -05:00
sinn3r fef77bfd7f Merge branch 'sugarcrm_unserialize_exec' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-sugarcrm_unserialize_exec 2012-06-25 16:55:45 -05:00
jvazquez-r7 7b0f3383d2 delete default credentials 2012-06-25 23:53:56 +02:00
sinn3r 7f5687ef10 Merge branch 'sugarcrm_unserialize_exec' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-sugarcrm_unserialize_exec 2012-06-25 16:28:55 -05:00
jvazquez-r7 7dc1a572e5 trying to fix serialization issues 2012-06-25 23:25:38 +02:00
sinn3r 063a2119a3 Merge branch 'iis_auth_bypass' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-iis_auth_bypass 2012-06-25 15:51:33 -05:00
sinn3r f93658b37a Minor name change 2012-06-25 15:51:02 -05:00
sinn3r 637edc21ce Add CVE-2010-2731 2012-06-25 15:48:36 -05:00
jvazquez-r7 59bb9ac23b quoting ip to avoid php complaining 2012-06-25 18:52:26 +02:00
jvazquez-r7 4c453f9b87 Added module for CVE-2012-0694 2012-06-25 17:21:03 +02:00
HD Moore 807f7729f0 Merge branch 'master' into feature/vuln-info 2012-06-25 10:10:20 -05:00
Steve Tornio 5d2655b0ce add osvdb ref 2012-06-25 09:00:03 -05:00
HD Moore f7dca272b6 IE 10/Win8 detection support 2012-06-25 00:36:49 -05:00
HD Moore 1989f0ab46 IE 10/Win8 detection support 2012-06-25 00:36:04 -05:00
HD Moore 348a0b8f6e Merge branch 'master' into feature/vuln-info 2012-06-24 23:00:13 -05:00
HD Moore c28d47dc70 Take into account an integer-normalized datastore 2012-06-24 23:00:02 -05:00
HD Moore e31a09203d Take into account an integer-normalized datastore 2012-06-24 22:59:14 -05:00
sinn3r 05eaac9085 Fix possible param duplicates 2012-06-24 19:05:42 -05:00
dmaloney-r7 46dd286cc8 Merge pull request #519 from rapid7/gpp-passwords 
Gpp passwords
 2012-06-24 16:18:34 -07:00
David Maloney 6e19dddf2a Alleviate duplicated work in gpp module 2012-06-24 16:21:35 -05:00
David Maloney aa09cd7f82 More collaboration stuff on gpp module 2012-06-24 13:08:19 -05:00
h0ng10 65197e79e2 added Exploit for CVE-2008-6508 (Openfire Auth bypass) 2012-06-24 07:35:38 -04:00
sinn3r e805675c1f Add Apple iTunes 10 Extended M3U Stack Buffer Overflow 
New exploit against Apple iTunes. Note that this appears to be
different than liquidworm's CVE-2012-0677, because this one is
a stack-based buffer overflow, while CVE-2012-0677 is heap-based,
and a different crash/backtrace. However, according to Rh0, this
bug is patched anyway in the same update... possibly a silent
patch.

As of now, there seems to be no CVE or OSVDB addressing this
particular bug.
 2012-06-24 02:01:34 -05:00
David Maloney eefea8d9d3 Add newname attr in gpp module 2012-06-23 17:51:58 -05:00
David Maloney 7bcb9d1a45 Reintegrated extra options into gpp module 
reintegrated meatballs control options into the gpp module
 2012-06-23 17:38:07 -05:00
David Maloney b320679d1f Exception message fix for gpp 2012-06-23 12:56:12 -05:00
David Maloney 5497d091fc fix gpp attribution and description 2012-06-23 12:45:56 -05:00
David Maloney 534008b010 Major rework of the gpp module 
Took the combination work Meatballs did
on pulling togetehr the three seperate gpp modules.
Cleaned it up and cut it down to a smaller, smoother form.
 2012-06-23 12:42:33 -05:00
James Lee 3e974415d9 Give some verbose feedback if connection failed 2012-06-23 00:58:27 -06:00
Tod Beardsley d708f2526c Adding ref for APSB12-09 to new Flash sploit 2012-06-22 17:30:52 -05:00
jvazquez-r7 72ef8c91f0 module for CVE-2012-0779 added 2012-06-23 00:21:18 +02:00
m-1-k-3 315a1707e7 also new version v2.07.16 is vulnerable 2012-06-22 13:18:45 +02:00
Tod Beardsley 2729f33ff2 Merge Justin's TortoiseSVN module 
This adds Justin's TortoiseSVN module with minor edits.

[Closes #508]
 2012-06-21 11:56:08 -05:00
Tod Beardsley 504d3d477e Resolve http_proxy_host before reporting, too. 2012-06-21 11:55:13 -05:00
Tod Beardsley c795c2e438 Resolve hosts for tortoisesvn module reporting 
report_host() does not expect a DNS name, but an IPv4 or IPv6 address.
In many cases, an SVN password is going to be associated with only a
hostname.

This may be a bug in report_host -- it's certainly inconveninent.
However, we don't usually wnat report_host to be making tons of DNS
lookups when importing hosts, so this forced step is likely intended.

Also, begin/rescue/end blocks that don't hint at what errors are
intended to be caught are rarely a good idea, so this at least informs
the user which exception was raised.
 2012-06-21 11:47:37 -05:00
sinn3r 4004b544c0 The condition for "else" doesn't really do anything for us 2012-06-21 02:53:44 -05:00
sinn3r 9d52ecfbb6 Fix a few mistakes (typos & reference) 2012-06-21 02:32:04 -05:00
sinn3r d957c021cb Handle another possible condition 
If the path actually doesn't exist on the victim, we may run into
a RequestError. Need to handle that... should be pretty common.
 2012-06-21 01:38:51 -05:00
sinn3r 6a386b7a88 Rename the file for naming style consistency 2012-06-21 01:25:55 -05:00
sinn3r 367e75bb06 Multiple changes to file_collector.rb 
This module received the following changes:
* Make msftidy happy
* Remove the GETDRIVES option, and make the SEARCH_FROM option
  smarter.
* MSF license
* Other minor changes
 2012-06-21 01:21:53 -05:00
sinn3r 327e86e08c Merge branch 'file_collector' of https://github.com/3vi1john/metasploit-framework into 3vi1john-file_collector 2012-06-20 23:46:04 -05:00
Juan Vazquez 4a8e94463a Merge pull request #512 from jvazquez-r7/ezserver_add_reference 
ezserver_http: added bid reference
 2012-06-20 13:11:55 -07:00
jvazquez-r7 6be7ba98aa ezserver_http: added bid reference 2012-06-20 22:08:58 +02:00
Tod Beardsley 302ab963d1 Adding ref for intersil module 2012-06-20 15:05:56 -05:00
HD Moore f7ecc98923 Merge branch 'master' into feature/vuln-info 2012-06-20 13:34:53 -05:00
sinn3r 61cad28a8c Merge branch 'gather-ssh-cleanup' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-gather-ssh-cleanup 2012-06-20 11:23:51 -05:00
sinn3r beb8e33fc4 Fix a typo 2012-06-20 09:53:09 -05:00
sinn3r efaf5cf193 Oops, I found a typo. 2012-06-19 22:57:45 -05:00
sinn3r 9a9dd53e86 Use get_resource() instead of the hard-coded path 2012-06-19 22:56:25 -05:00
sinn3r 79fc053a2e Merge branch 'module-CVE-2011-2110' of https://github.com/mrmee/metasploit-framework into mrmee-module-CVE-2011-2110 2012-06-19 22:05:07 -05:00
Steven Seeley fcf42d3e7b added adobe flashplayer array indexing exploit (CVE-2011-2110) 2012-06-20 12:52:37 +10:00
HD Moore d40e39b71b Additional exploit fail_with() changes to remove raise calls 2012-06-19 19:43:41 -05:00
HD Moore 664458ec45 No more crap :/ 2012-06-19 19:43:29 -05:00
jvazquez-r7 a93eeca68d msxml_get_definition_code_exec: added support for ie9 2012-06-20 00:17:50 +02:00
Tod Beardsley 3b1c434252 Remove trailing space 2012-06-19 16:44:07 -05:00
James Lee 967026a501 Make ssh_creds store keys as creds 
Also cuts some redundant code by using existing Post API methods.
 2012-06-19 14:24:32 -06:00
HD Moore fb7f6b49f0 This mega-diff adds better error classification to existing modules 2012-06-19 12:59:15 -05:00
HD Moore a4c98f9627 Fix title to be consistent 2012-06-19 12:58:42 -05:00
justincmsf b9a2c88733 New Post Module: TortoiseSVN Saved Password Extraction 2012-06-19 09:57:22 -04:00
James Lee 7c417fa977 Add a select command for the various SQL modules 2012-06-18 23:59:57 -06:00
HD Moore 073205a875 Merge branch 'master' into feature/vuln-info 2012-06-18 20:21:36 -05:00
HD Moore f7a85f3f9d Make it clear that this works on Vista SP2 2012-06-18 20:13:37 -05:00
HD Moore 4739affd54 Fix the comment as well 2012-06-18 19:57:56 -05:00
HD Moore bd0fd8195d Add compatibility for Vista SP2 from troulouliou 2012-06-18 19:55:52 -05:00
sinn3r 4987acc703 Correct e-mail format, description, and some commas. 2012-06-18 18:52:26 -05:00
sinn3r 4a537675b5 Merge branch 'sempervictus-dns_enum_over_tcp' 2012-06-18 18:38:21 -05:00
sinn3r c0bf362084 Fix the fix for enum_dns 2012-06-18 18:37:56 -05:00
sinn3r af8cb03d1b Merge branch 'distcc-add-check' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-distcc-add-check 2012-06-18 18:33:21 -05:00
HD Moore e7688e1dba Merge branch 'master' into feature/vuln-info 2012-06-18 18:15:20 -05:00
HD Moore 29887272a9 Correct the description to mention IE8 on Windows 7 2012-06-18 18:14:59 -05:00
jvazquez-r7 2df237b066 minor fixes 2012-06-18 22:44:17 +02:00
Juan Vazquez 10bd72f3a1 Merge pull request #500 from modpr0be/module-ezserver 
added ezserver <=6.4.017 bof for winxp sp3
 2012-06-18 13:42:35 -07:00
James Lee 96c16a498a Add a check for distcc_exec 
Just executes the exploit with an "echo <random>" payload to see if it
works.
 2012-06-18 14:34:02 -06:00
modpr0be d706199a83 fix all changes suggested by jvazquez-r7 2012-06-19 02:05:25 +07:00
Rob Fuller 77022d10da Added a bit of verbosity to SMB capture module to enhance logging and post exploitation 2012-06-18 15:55:40 -03:00
sinn3r 10b733edf9 Merge branch 'dns_enum_over_tcp' of https://github.com/sempervictus/metasploit-framework into sempervictus-dns_enum_over_tcp 2012-06-18 12:14:04 -05:00
sinn3r 256290c206 Additional changes 2012-06-18 10:49:16 -05:00
sinn3r 50269c910a Add IE 8 targets 2012-06-18 10:44:52 -05:00
RageLtMan c68476cce2 Add DNS/TCP to enum_dns 2012-06-18 10:47:03 -04:00