infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
41,618 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

41618 Commits (e04f01ed6bdf974821f892f104635e688b89e756)

Author SHA1 Message Date
Brent Cook b65919e7b1
Land #7956, Add QNAP NAS/NVR administrator hash disclosure 2017-03-15 11:12:59 -05:00
William Vu 94d445ff48 Remove an old habit with curl 2017-03-15 05:18:50 -05:00
William Vu 0a71e4a903 Update check with Exploit::CheckCode::Appears 2017-03-15 05:13:30 -05:00
William Vu f58c6b96d8 Add addendum to module doc 2017-03-15 05:03:35 -05:00
William Vu 559e426f37 Add module doc to appease the @h00die god 2017-03-15 04:48:49 -05:00
William Vu 86d2217f4d Fix whitespace and clarify options 2017-03-15 04:27:30 -05:00
William Vu a0bff5c8c3 Bump RETRIES to 10 
3 was a bit too low. I was using 10 and had more success with it.
 2017-03-15 03:18:09 -05:00
Chris Higgins b3fbbbee34 Spelling is hard 2017-03-14 23:34:00 -05:00
Chris Higgins cc4f18e6c5 Add sysgauge_client_bof module and documentation 2017-03-14 23:29:19 -05:00
Spencer McIntyre befc5e05e5 Fix more kernel32 railgun definitions using DWORD 2017-03-14 18:42:52 -04:00
William Webb e96013cd0f
Land #7781, IBM Websphere Java Deserialization RCE 2017-03-14 17:21:18 -05:00
wchen-r7 cf8b4a78fa
Bring branch up to date with upstream-master 2017-03-14 16:48:33 -05:00
Rich Whitcroft 04f11b0bf7 fix migrate by process name 2017-03-14 17:27:46 -04:00
wchen-r7 1736332638
Land #8103, Add CVE-2017-5638, Struts2 Content-Type OGNL injection 2017-03-14 16:10:49 -05:00
wchen-r7 295ac63a1c Add doc for struts2_content_type_ognl 2017-03-14 16:09:44 -05:00
Spencer McIntyre d759c603b2 Fix more kernel32 railgun definitions using DWORD 
Some railgun definitions for the kernel32 module define DWORD for the
functions return type when it should be HANDLE. This causes errors on
64-bit systems when the return value is truncated.
 2017-03-14 16:58:22 -04:00
Jeffrey Martin 7e7e09e402
Land #8108, temporarily fix bundles on aarch64 2017-03-14 15:49:23 -05:00
Jeffrey Martin baf7e01ec8
Land #8108, temporarily fix bundles on aarch64 2017-03-14 15:48:29 -05:00
wchen-r7 9201f5039d Use vprint for check because of rules 2017-03-14 15:02:54 -05:00
William Vu f06bdad375
Land #8108, load -l to list available plugins 2017-03-14 14:39:34 -05:00
wchen-r7 18cdb2f82f Add a -l option to the load command to list plugins 
This allows the load command in msfconsole to list all the
available plugins in Framework.
 2017-03-14 14:15:52 -05:00
Brent Cook 409bc26f25 whitelist rather than blacklist 2017-03-14 13:42:42 -05:00
James Lee f429b80c4e
Forgot to rm this when i combined 2017-03-14 12:18:11 -05:00
William Vu 01ea5262b8
Land #8070, msftidy vars_get fixes 2017-03-14 12:05:24 -05:00
William Vu 5c436f2867 Appease msftidy in tr064_ntpserver_cmdinject 
Also s/"/'/g.
 2017-03-14 11:52:21 -05:00
William Vu 5d6a159ba9 Use query instead of uri in mvpower_dvr_shell_exec 
I should have caught this in #7987, @bcoles, but I forgot. Apologies.
This commit finishes what @itsmeroy2012 attempted to do in #8070.
 2017-03-14 11:51:55 -05:00
itsmeroy2012 79331191be msftidy error updated 2.5 2017-03-14 22:02:59 +05:30
itsmeroy2012 67fc43a0a1 msftidy error updated 2.4 2017-03-14 21:33:53 +05:30
Jon P 32edeb9eba
New tree output for command wmap_sites -s with unicode option (wmap_sites -s [ids] (true/false)) 
Filtering 404 in tree output
 2017-03-14 15:33:35 +01:00
James Lee 53c9caa013
Allow native payloads 2017-03-13 20:10:02 -05:00
James Lee 2053b77b01
ARCH_CMD works 2017-03-13 18:37:50 -05:00
Brent Cook e6baaf59cf temporarily fix bundles on aarch64 platforms 2017-03-13 12:20:58 -05:00
itsmeroy2012 fe4e2306b4 Reverting one step 2017-03-13 22:22:24 +05:30
Jon P 665adec298 Patching storedb function (adding host/port/ssl for correct report_web_page) 2017-03-13 17:37:47 +01:00
Jon P 4628dfe16b Remove old banner + rubygems requirements 2017-03-13 17:36:21 +01:00
Jon P c9a5190726 Patching "undefined method empty?" errors + "encoding error" 2017-03-13 17:32:56 +01:00
Jon P e8257122b3 Creation of a sub-module for modules/auxiliary/crawler/msfcrawler 
Catching links in comments
 2017-03-13 17:18:39 +01:00
wizard32 78ff7a8865 Module renamed 
Renamed from websphere_java_deserialize.rb to ibm_websphere_java_deserialize.rb
 2017-03-13 08:22:24 +02:00
William Vu 9f76b4d99c Change default RPORT to 443 with SSL 
I never really tested port 80, so I wonder why I didn't change this.
Turns out 80 isn't even the vuln service. Welp. Hat tip @bcoles.
 2017-03-12 21:03:31 -05:00
William Vu e7c920db44 Remove DEBEUG/print_debeug :( 2017-03-12 21:01:48 -05:00
William Vu d57b772ac9 Bump default RETRIES to 3 2017-03-12 21:00:38 -05:00
Jeffrey Martin 437cba84b0
Revert "Land #8090, support rails usage of spec files list" 
Another approach is needed here.
This reverts commit 82073020ef.
This reverts commit b55ee87e2d.
 2017-03-11 22:18:11 -06:00
William Vu 8b7125e263
Land #8095, CmdStager fix for freesshd_authbypass 2017-03-11 22:07:49 -06:00
Pearce Barry bc9aa14153
Merge pull request #1 from wvu-r7/pr/8095 
Update freesshd_authbypass to use CmdStager fully
 2017-03-11 21:49:08 -06:00
William Vu 8638f9ec7e Update freesshd_authbypass to use CmdStager fully 2017-03-11 19:59:39 -06:00
Pearce Barry 4e32c80e8e
Use the Msf::Exploit::CmdStager mixin. Fixes #8092. 2017-03-11 17:44:05 -06:00
Jeffrey Martin 51298ac833
Land #8090, support rails usage of spec files list 2017-03-11 12:41:36 -06:00
Jeffrey Martin b55ee87e2d
support rails usage of spec files list 2017-03-10 22:39:18 -06:00
William Vu fe4f20c0cc
Land #7968, NETGEAR R7000 exploit 2017-03-10 16:02:30 -06:00
dmohanty-r7 25bfa88c46
Land #7877, Add mDNS query spoofing service 2017-03-10 15:44:57 -06:00