f58e279066
Cleanup on module names, descriptions.
2013-06-10 10:52:22 -05:00
1596fb478a
Land #1886 , awk bind shell
2013-06-05 09:05:37 -05:00
f6977c41c3
Modifications done in each PR.
2013-06-05 07:55:05 -03:00
b20401ca8c
Modifications done in each PR.
2013-06-05 07:51:10 -03:00
34243165c5
Some changes with improvements.
2013-06-04 21:22:10 -03:00
e2988727fb
Some changes with improvements.
2013-06-04 21:10:51 -03:00
d9609fb03e
Was breaking with repeated commands
2013-05-31 18:44:48 -03:00
00debd01c6
Listen for a connection and spawn a command shell via AWK
2013-05-29 21:22:49 -03:00
d4a864c29f
Creates an interactive shell via AWK (reverse)
2013-05-29 21:19:08 -03:00
1d9a695d2b
Landing #1772 - Adds phpMyadmin Preg_Replace module (CVE-2013-3238)
...
[Closes #1772 ]
2013-04-28 12:17:16 -05:00
9c8b93f1b7
Make sure LPORT is a string when subbing
...
* Gets rid of conversion errors like this:
[-] Exploit failed: can't convert Fixnum into String
* also removes comments from php meterp. Works for me with the
phpmyadmin_preg_replace bug, so seems legit.
2013-04-26 15:26:31 -05:00
be39079830
Trailing whitespace fix
...
Note that this commit needed a --no-verify because of the erroneous
check in msftidy for writing to stdout. The particular syntax of this
payload makes it look like we're doing that when we're really not.
So don't sweat it.
2013-04-15 13:58:06 -05:00
efdf4e3983
Lands #1485 , fixes for Windows-based Ruby targets
2013-04-15 13:56:41 -05:00
e149c8670b
Unconflicting ruby_string method
...
Looks like the conflict was created by the msftidy fixes that happened
over on the master branch. No big deal after all.
2013-03-20 15:49:23 -05:00
627e7f6277
avoiding grouping options
2013-03-11 18:26:03 +01:00
f0cee29100
modified CommandDispatcher::Exploit to have the change into account
2013-03-11 18:08:46 +01:00
c9268c3d54
original modules renamed
2013-03-11 18:04:22 +01:00
2160718250
Fix file header comment
...
[See #1555 ]
2013-03-07 17:53:19 -06:00
7f80692457
everyone will comply, resistance is futile
2013-03-06 18:38:14 -05:00
1cc49f75f5
move flag comment to where it's used.
2013-03-03 03:26:43 -05:00
ecdb884b13
Make download_exec work with authenticated proxies
...
Adds INTERNET_FLAG_KEEP_CONNECTION to HttpOpenRequest flags to allow
download_exec to transparently authenticate to a proxy device through
wininet.
Fun trivia, Windows 7 systems uses Connection: keep-alive by default.
This flag benefits older targets (e.g., Windows XP).
2013-03-03 01:42:17 -05:00
c423ad2583
Merge branch 'master' of github.com:rapid7/metasploit-framework into rapid7
2013-02-21 15:30:43 -06:00
04ec4e432d
minor cleanup for shell_bind_tcp
2013-02-20 01:02:58 +01:00
3d199fe6db
Merge branch 'mipsle-shell_bind_tcp' of https://github.com/kost/metasploit-framework into kost-mipsle-shell_bind_tcp
2013-02-20 01:00:34 +01:00
e9f4900beb
Merge branch 'fixgenericcustom' of github.com:rsmudge/metasploit-framework into rsmudge-fixgenericcustom
2013-02-19 14:47:18 -06:00
06ba2ef791
Allow generic/custom payload to generate an exe
...
The datastore value of ARCH has no effect on the array of
architectures the generic/custom payload is compatible with.
This commit forces the payload to update its list of compatible
architectures on generation if the ARCH value is set in the
datastore.
See:
http://dev.metasploit.com/redmine/issues/7755
2013-02-17 20:39:54 -05:00
cae6661574
Handle invalid commands gracefully (dont exit)
2013-02-12 11:33:23 -08:00
4c2bddc452
Fix a typo and always treat ports as integers:
2013-02-12 08:59:11 -08:00
a33d1ef877
This allows the ruby payloads to work properly on Windows
2013-02-12 08:55:37 -08:00
47f3c09616
Fix typo that snuck in during merge
2013-02-03 17:38:19 -06:00
5be4d41420
This is redundant/less-reliable than reverse_openssl
2013-02-03 17:35:14 -06:00
ffb88baf4a
initial module import from SV rev_ssl branch
2013-02-03 15:06:24 -05:00
c3801ad083
This adds an openssl CMD payload and handler
2013-02-03 04:44:25 -06:00
92c736a6a9
Move fork stuff out of exploit into payload mixin
...
Tested xml against 3.2.10 and json against 3.0.19
2013-01-28 21:34:39 -06:00
f691652594
attempt to fix cmd/windows/reverse_perl payload
2013-01-23 11:21:44 +00:00
52251867d8
Ensure Windows single payloads use payload backend
...
This means the singles that define their own assembly will use the payload backend to generate it.
2013-01-18 16:34:39 -06:00
c89b2b2ec6
Once more, with feeling
2013-01-10 15:29:54 -06:00
7fd3440c1a
Fix hd's attempt to rename ruby payloads
2013-01-10 15:25:50 -06:00
4fcb8b6f8d
Revert "Rename again to be consistent with payload naming"
...
This reverts commit 0fa2fcd811
2013-01-10 15:24:25 -06:00
0fa2fcd811
Rename again to be consistent with payload naming
2013-01-10 14:16:37 -06:00
88b08087bf
Renamed and made more robust
2013-01-10 14:05:29 -06:00
e05f4ba927
Thread wrappers were causing instant session closure
2013-01-10 00:41:58 -06:00
4c1e501ed0
Exploit for CVE-2013-0156 and new ruby-platform modules
2013-01-09 23:10:13 -06:00
8f2dd8e2ce
msftidy: Remove $Revision$
2013-01-04 00:48:10 +01:00
25aaf7a676
msftidy: Remove $Id$
2013-01-04 00:41:44 +01:00
0822e8eae2
Merge branch 'kost-mipsle-shell_reverse_tcp'
2012-12-24 10:52:19 -06:00
26f561795d
fix cmd windows ruby payloads
2012-12-20 00:50:02 +01:00
7145078e63
Merge branch 'mipsle-shell_reverse_tcp' of git://github.com/kost/metasploit-framework into kost-mipsle-shell_reverse_tcp
2012-12-18 11:50:41 -06:00
482846942a
Fix: download_exec appends an extra / to request
...
The download_exec module parses the provided URL and appends an
unnecessary, nay--damaging I say!!!! '/' to the parsed URI. This
renders the module unusable for those who want a payload to
download and execute a file.
Before and after access.log snippets are in the redmine ticket
http://dev.metasploit.com/redmine/issues/7592
2012-12-12 14:01:31 -06:00
4ac79c91a6
Remove spaces at EOL
2012-11-17 12:00:59 +01:00
Tod Beardsley
William Vu
Roberto Soares Espreto
sinn3r
James Lee
Tod Beardsley
jvazquez-r7
RageLtMan
Raphael Mudge
sinn3r
HD Moore
Kacper Nowak
scriptjunkie
Christian Mehlmauer
Vlatko Kosturjak