Commit Graph

23385 Commits (db76962b4a560deed8dedd3f6d5c3b8872340df6)

Author SHA1 Message Date
OJ 712f47cb4e Remove Palm configuration from bypassuac config 2014-02-26 16:07:22 +10:00
OJ 9159512a3d Fix VS 2013 build, remove old files, rejig project config
This wasn't building cleanly for a few reasons with VS 2013 on my desktop.
This commit fixes this problems with the configuration and makes things fit
with the way we're now doing things (ie. output locations, etc).

Incremental builds are disabled as they were causing problems, but this isn't
a concern for a project as small as this.
2014-02-26 16:05:24 +10:00
jvazquez-r7 75cac284f5
Land #3037, @wchen-r7's rspec fix 2014-02-25 16:44:56 -06:00
sinn3r 8be99fc299 Fix payload_generator.format_payload rspec
The platform should match.
2014-02-25 16:37:21 -06:00
Fr330wn4g3 a7cacec0c3 Add module for EDB 29799 2014-02-25 23:07:28 +01:00
David Maloney f229932d16 Merge branch 'master' of github.com:rapid7/metasploit-framework 2014-02-25 15:56:24 -06:00
David Maloney f51cbfffb8
minor fix to payload generator
was passing platform string instead of the
platform lsit when formatting the payload
2014-02-25 15:51:06 -06:00
jvazquez-r7 96ffb1db47 Delete extra comma 2014-02-25 15:29:46 -06:00
jvazquez-r7 cb18639b66 Add small fixes and clean up 2014-02-25 15:25:01 -06:00
jvazquez-r7 1d4b2ea60d Add module for ZDI-14-015 2014-02-25 15:07:09 -06:00
William Vu 63bbe7bef2
Land #3034, 302 redirect for http_basic 2014-02-25 13:54:58 -06:00
William Vu 4cc91095de Fix minor formatting issues 2014-02-25 13:48:37 -06:00
jvazquez-r7 a45c8c2b4a
Land #3029, @xistence Symantec endpoint exploit 2014-02-25 07:59:35 -06:00
jvazquez-r7 bfe0fdb776 Move module 2014-02-25 07:58:00 -06:00
xistence ab167baf56 Added randomness instead of payload and xxe keywords 2014-02-25 15:23:10 +07:00
jvazquez-r7 4908d80d6c Clean up module 2014-02-24 16:00:54 -06:00
kn0 6783e31c67 Used the builtin send_redirect method in Msf::Exploit::Remote::HttpServer instead of creating a redirect inline 2014-02-24 15:59:49 -06:00
sinn3r 72da8299a5
Land #3025 - Auto LHOST for reverse shells 2014-02-24 15:53:43 -06:00
sinn3r 17f8cf900a Add another condition to check if the payload name is a reverse shell
Only reverse shells need LHOST
2014-02-24 15:37:01 -06:00
sho-luv 47ae4b470a added recommendations 2014-02-24 15:24:57 -06:00
ribeirux ead7cbc692 Author and URI fixed 2014-02-24 22:20:34 +01:00
kn0 f1e71b709c Added 301 Redirect option to Basic Auth module 2014-02-24 14:59:20 -06:00
William Vu 6f398f374e
Land #3032, inside_workspace_boundary? typo fix 2014-02-24 14:55:09 -06:00
James Lee d2945b55c1
Fix typo
inside_workspace_boundary() -> inside_workspace_boundary?()
2014-02-24 14:46:08 -06:00
jvazquez-r7 e4a0578813
Land #3031, @wchen-r7's capitalization fix 2014-02-24 11:49:41 -06:00
sinn3r a50b4e88be Fix msftidy warning: Suspect capitalization in module title: 'encoder' 2014-02-24 11:25:46 -06:00
sinn3r d0780cd1a2
Land #3010 - EXITFUNC as OptEnum 2014-02-24 11:07:10 -06:00
jvazquez-r7 c981bbeab9
Land #3011, @wchen-r7's fix for Dexter exploit 2014-02-24 10:53:10 -06:00
jvazquez-r7 b2d4048f50
Land #3027, @OJ's fix for ultraminihttp_bof 2014-02-24 10:50:08 -06:00
jvazquez-r7 c9f0885c54 Apply @jlee-r7's feedback 2014-02-24 10:49:13 -06:00
sinn3r 5cdd9a2ff3
Land #2995 - sqlmap minor cleanup, description & file tests 2014-02-24 10:39:01 -06:00
xistence 5485759353 Added Symantec Endpoint Protection Manager RCE 2014-02-24 15:04:37 +07:00
xistence 8e3f70851d Added Symantec Endpoint Protection Manager RCE 2014-02-24 15:01:13 +07:00
David Maloney 2e512abd31 put new binaries in place
after cleaning up the source a bit and
updateing it for 2013, compiled new BINs.
These BINS avoid almost all current AV detections
and have been tested to ensure they still work.
2014-02-23 15:24:55 -06:00
OJ fdd0d91817 Updated the Ultra Minit HTTP bof exploit
After exploiting this application manually I decided to make this
an MSF exploit, only to find that other people had beaten me to it.
However, the existing exploit was broken in a few ways, and this
commit makes those problems go away. They include:

* Correct use of alpha chars in the buffer leading up to the payload
  which results in bad chars being avoided. Bad chars muck with the
  offsets because they get expanded.
* Adjustment of the payload so that it runs in another thread instead
  of in the thread of the request handler. This prevents the session
  from being killed after the hard-coded 60-second timeout that is
  baked into the application.
* The handler thread terminates itself so that the process doesn't
  crash.
* Extra targets were added based on the machines I had access to.
2014-02-23 21:23:41 +10:00
Meatballs e31a144f4d
Use better system call 2014-02-22 20:34:56 +00:00
Meatballs 9f4b9e2f62
Land #3021, Post::Windows::LDAP Yarddoc fixes 2014-02-22 19:51:59 +00:00
ribeirux 8f7f1d0497 Add module for CVE-2014-0050 2014-02-22 14:56:59 +01:00
sho-luv ce94475810 added auto lhost to msfpayload 2014-02-21 21:58:44 -06:00
sho-luv b598a5e4de added auto lhost to msfvenom 2014-02-21 21:51:07 -06:00
Michael Messner ec8e1e3d6f small fixes 2014-02-21 21:59:45 +01:00
Michael Messner 1384150b7a make msftidy happy 2014-02-21 21:56:46 +01:00
Michael Messner c77fc034da linksys wrt120 admin reset exploit 2014-02-21 21:53:56 +01:00
James Lee 0179faa66f
Fix yardoc for Post::Windows::LDAP
Also fix some style issues and warnings.
2014-02-21 13:25:11 -06:00
David Maloney 289580777c remove unneccsary logging elements
update soloutions for VS2013
remove the CLogger
Remove Print Usage
this removes unneccsary strings that can
be used to easily identify our executable
2014-02-20 20:00:19 -06:00
jvazquez-r7 998fa06912
Land #2998, @bit4bit's fix for the vtigercrm exploit 2014-02-20 08:36:05 -06:00
jvazquez-r7 0b27cd13e8 Make module work 2014-02-20 08:35:37 -06:00
jvazquez-r7 0b5e617236
Land #3016 lsanchez-r7's send_message mod to return info 2014-02-19 17:01:06 -06:00
jvazquez-r7 c0cdea37f7 Initialize send_status at the function's start 2014-02-19 16:54:29 -06:00
lsanchez-r7 f7a483523c changing the initial state from false to nil 2014-02-19 16:45:00 -06:00