infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
31,698 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

16507 Commits (dfbc50ff472ba66f0a4de3aec31e007a1e739c10)

Author SHA1 Message Date
sinn3r 215c209f88
Land #4901, CVE-2014-0311, Flash ByteArray Uncompress UAF 2015-03-11 14:04:17 -05:00
Brent Cook ceeee4446f
Land #4904, @hmoore-r7 reworks reverse_http/s stagers 
They are now assembled dynamically and support more flexible options,
such as long URLs.
 2015-03-11 10:41:59 -05:00
HD Moore ad39adf9c2 Missing comma 2015-03-11 00:49:07 -05:00
HD Moore a89926b663 Exclude vncinject from http stagers (depends on sockedi) 2015-03-11 00:46:04 -05:00
Brent Cook 9ade107325 disable reverse_http methods from upexec and shell payloads 
These don't work over http and don't appear to have ever, as far back as
I could test. They appear to be an accident perhaps.
 2015-03-10 17:08:58 -05:00
HD Moore 966848127a Refactor x86 Windows reverse_http and reverse_https stagers 2015-03-10 12:48:30 -05:00
Brent Cook 97f09b6ab0
Land #4894: hmoore-r7 cache payload sizes on start 
Avoid the hit of regenerating all of the static-size payloads when
loading the framework. This will facilitate conversion of payloads to
use metasm later.
 2015-03-09 23:06:55 -05:00
HD Moore 618fbf075a Update CachedSize for the fixed stager 2015-03-09 16:57:14 -05:00
HD Moore 746f18d9bb Fallback to a localhost variant to make the length predictable 2015-03-09 16:56:25 -05:00
jvazquez-r7 78167c3bb8 Use single quotes when possible 2015-03-09 16:55:21 -05:00
HD Moore 6543c3c36f Update CachedSize for the fixed stager 2015-03-09 16:54:57 -05:00
HD Moore c676ac1499 Fallback to a localhost variant to make the length predictable 2015-03-09 16:53:28 -05:00
jvazquez-r7 cb72b26874 Add module for CVE-2014-0311 2015-03-09 16:52:23 -05:00
HD Moore d0324e8ad3 Final cleanup, passing specs 2015-03-09 15:50:57 -05:00
HD Moore da81f6b2a0 Correct the :dynamic cache sizes 2015-03-09 15:44:14 -05:00
HD Moore 02509d02e4 The result of running ./tools/update_payload_cached_sizes.rb 2015-03-09 15:31:04 -05:00
Tod Beardsley df80d56fda
Land #4898, prefer URI to open-uri 2015-03-09 09:14:10 -05:00
William Vu 3075c56064 Fix "response HTML" message 
In modules/exploits/multi/browser/firefox_xpi_bootstrapped_addon.rb.
 2015-03-07 17:08:08 -06:00
joev d7295959ca Remove open-uri usage in msf. 2015-03-05 23:45:28 -06:00
jvazquez-r7 2134cc3d22
Modify description 2015-03-05 16:55:24 -06:00
jvazquez-r7 7b4776ee79 Deregister FOLDER_NAME 2015-03-05 16:42:07 -06:00
jvazquez-r7 1bc81ea723
Merge #4884 into updated master 2015-03-05 16:41:15 -06:00
Meatballs 33f089b1a5
Tidyup 2015-03-05 21:50:12 +00:00
jvazquez-r7 9f3f8bb727
Merging #3323 work 2015-03-05 15:44:15 -06:00
jvazquez-r7 c388fd49c2 Fix print message 2015-03-05 15:43:54 -06:00
jvazquez-r7 dd2559b748 Favor new target over new module 2015-03-05 15:41:53 -06:00
jvazquez-r7 e1a4b046a0 Add support for tomcat 7 to struts_code_exec_classloader 2015-03-05 15:40:24 -06:00
Meatballs c56679f33e
Modify for new SMB mixin 2015-03-05 21:26:13 +00:00
Tod Beardsley e429d4c04f Add reference and description for PTH on Postgres 
Dave and William did most of the work already over on PR #4871, this
just points it out in the module.
 2015-03-05 14:36:56 -06:00
jvazquez-r7 de08d8247b Do some module cleanup 2015-03-05 13:00:01 -06:00
jvazquez-r7 82659aba93 Populate metadata from code to make test easier 2015-03-05 12:40:20 -06:00
jvazquez-r7 dc02f8332f Pass msftidy 2015-03-05 12:29:31 -06:00
jvazquez-r7 a06eb04d59 Deregister FOLDER_NAME on exploit modules 2015-03-05 12:27:12 -06:00
sinn3r cb9922ad39
Land #4874, Add PHPMoAdmin command injection 2015-03-05 11:30:44 -06:00
sinn3r 8978b1d7b5 Add a version 2015-03-05 11:29:44 -06:00
Ricardo Almeida 32188f09d6 Update phpmoadmin_exec.rb 
Changes:
Added required comment at the top of the file;
Changed Class name "Metasploit3" >> "Metasploit4";
Standard name/email format for public PoC author.
 2015-03-05 12:56:08 +00:00
Ricardo Almeida 95962aab0d Update phpmoadmin_exec.rb 
Changes:
"Check if vulnerable" code improvement;
Payload delivery code improvement;
Minor indent issues.

Thanks for your feedback guys :)
 2015-03-05 12:46:53 +00:00
aushack 2f4df39dc9 Fixed typo 2015-03-05 17:40:51 +11:00
jvazquez-r7 e715eaba58 Update description 2015-03-04 16:39:27 -06:00
jvazquez-r7 e155f2998e Change module filename 2015-03-04 16:38:08 -06:00
jvazquez-r7 77abd57397 Do code cleanup 2015-03-04 16:37:31 -06:00
jvazquez-r7 22ff4d0097 Update with master changes 2015-03-04 16:30:19 -06:00
jvazquez-r7 e7de09df29 Change module filename 2015-03-04 16:18:45 -06:00
jvazquez-r7 1337b7ace8 Clean module 2015-03-04 16:18:10 -06:00
Ricardo Almeida 9530e15c81 Update phpmoadmin_exec.rb 
Changes:
Changed description section;
Changed 'URL' to 'EDB' in references section;
Added newline at the end.
 2015-03-04 21:59:08 +00:00
jvazquez-r7 d4738d8c0a
Update #3076 branch 2015-03-04 15:51:00 -06:00
Ricardo Almeida c19895ac85 Update phpmoadmin_exec.rb 
Changes:
Added new URL;
Added CVE number;
Corrected the disclosure date;
Corrected the normalize_uri() function syntax.
 2015-03-04 21:31:44 +00:00
jvazquez-r7 5cc9ea3618 Update with master changes 2015-03-04 15:16:12 -06:00
William Vu a64dd4a1af
Land #4871, Postgres PTH support 
MSP-12244
 2015-03-04 15:08:57 -06:00
David Maloney 2d46c06b97
Merge branch 'master' into feature/MSP-12244/postgres-pass-the-hash 2015-03-04 13:56:10 -06:00