Commit Graph

8187 Commits (e6731878958c0ef98ecfe44b6a4f904ce58ea90d)

Author SHA1 Message Date
James Lee 90182c01f5 update documentation for executable dropper, thanks mihi
git-svn-id: file:///home/svn/framework3/trunk@11105 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-23 00:58:17 +00:00
James Lee 85a4eb703c remove examples. if a user wants examples, they can build them.
git-svn-id: file:///home/svn/framework3/trunk@11104 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-23 00:56:54 +00:00
Jonathan Cran e295408327 typo!
git-svn-id: file:///home/svn/framework3/trunk@11103 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 22:43:34 +00:00
James Lee 52389d28f4 make windows the default target
git-svn-id: file:///home/svn/framework3/trunk@11102 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 20:54:25 +00:00
James Lee 7a3770f87b don't use java_basicservice_impl in browser autopwn because it doesn't work in an iframe against IE and causes popups in other browsers
git-svn-id: file:///home/svn/framework3/trunk@11101 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 20:44:16 +00:00
HD Moore 04f9aec2d8 Pass framework into the TcpReverseDoubleSessionChannel class
git-svn-id: file:///home/svn/framework3/trunk@11100 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 19:18:24 +00:00
James Lee 669ef3b86e clarify targets
git-svn-id: file:///home/svn/framework3/trunk@11099 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 17:53:49 +00:00
James Lee 9df192497b make sure we're not turning nil into [nil], since it breaks the arch detection
git-svn-id: file:///home/svn/framework3/trunk@11098 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 17:48:35 +00:00
James Lee 1a07889c53 revert r11058, unnecessary because of the check near the bottom of the file
git-svn-id: file:///home/svn/framework3/trunk@11097 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 17:46:06 +00:00
Joshua Drake 75873aedb4 add exploit for foxit reader title stack bof
git-svn-id: file:///home/svn/framework3/trunk@11096 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 17:43:42 +00:00
Tod Beardsley 53f6416dad Makes SMB login console output more readable for default "." domain brute forcing -- masks the domain-part for the username, drops it from the machine name unless it's something more interesting.
git-svn-id: file:///home/svn/framework3/trunk@11095 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 16:16:40 +00:00
Tod Beardsley 80853f0e10 Make the MySQL aux scanner a little more helpful in the event of a missing target.
git-svn-id: file:///home/svn/framework3/trunk@11094 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 14:12:35 +00:00
Joshua Drake 14e147c931 add the rservices mixin
git-svn-id: file:///home/svn/framework3/trunk@11093 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 13:18:02 +00:00
Joshua Drake b495ca8aab add a mixin for pdf gen, see #2841
git-svn-id: file:///home/svn/framework3/trunk@11092 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 12:21:49 +00:00
Joshua Drake 3bd3ea5724 carlos, plz use the ./tools/msftidy.rb script, see #3198
git-svn-id: file:///home/svn/framework3/trunk@11091 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 09:11:25 +00:00
HD Moore 57f3008de5 Work with Ruby 1.8
git-svn-id: file:///home/svn/framework3/trunk@11090 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 05:25:13 +00:00
Joshua Drake db0a7978e6 update comments
git-svn-id: file:///home/svn/framework3/trunk@11089 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 02:39:53 +00:00
Joshua Drake 5092a8063c exclude wow64
git-svn-id: file:///home/svn/framework3/trunk@11088 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 02:35:50 +00:00
Matt Weeks 2e72926638 Add audio (microphone) recording support to stdapi.
git-svn-id: file:///home/svn/framework3/trunk@11087 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 00:32:39 +00:00
Matt Weeks e7bc3268c1 Set keywords.
git-svn-id: file:///home/svn/framework3/trunk@11086 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 00:27:29 +00:00
Matt Weeks 3c1af11268 Update header
git-svn-id: file:///home/svn/framework3/trunk@11085 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 00:23:56 +00:00
James Lee d608db778c we're not sending an applet, just a jar, clarify the output
git-svn-id: file:///home/svn/framework3/trunk@11084 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-21 19:58:04 +00:00
Joshua Drake 4be4c763c8 show cmd if -c is used, add quotes on cmdline
git-svn-id: file:///home/svn/framework3/trunk@11083 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-21 16:21:24 +00:00
Joshua Drake 66d0012200 error on platform mismatch separately
git-svn-id: file:///home/svn/framework3/trunk@11082 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-21 10:14:31 +00:00
Joshua Drake 0c4ea7908b pre-set winver
git-svn-id: file:///home/svn/framework3/trunk@11081 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-21 09:39:25 +00:00
Joshua Drake 03978e72b2 oops, raise not return
git-svn-id: file:///home/svn/framework3/trunk@11080 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-21 09:36:37 +00:00
Joshua Drake cb3b06f7ad add exploit for windows task scheduler 2.0
git-svn-id: file:///home/svn/framework3/trunk@11079 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-21 02:52:52 +00:00
James Lee 6f7af42667 add an exploit for cve-2010-3563, thanks Matthias Kaiser
git-svn-id: file:///home/svn/framework3/trunk@11078 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 23:02:35 +00:00
Joshua Drake 4c93eb974f this fixes #3602, incompatabilities TBD
git-svn-id: file:///home/svn/framework3/trunk@11077 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 22:36:38 +00:00
Joshua Drake 51fd4fb550 this fixes #3602, incompatabilities TBD
git-svn-id: file:///home/svn/framework3/trunk@11076 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 22:32:29 +00:00
Joshua Drake b5c5e21b24 this fixes #3602, incompatabilities TBD
git-svn-id: file:///home/svn/framework3/trunk@11075 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 22:28:35 +00:00
Steve Tornio eab8c24b8b add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@11074 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 20:43:56 +00:00
Joshua Drake dbcb6d0dc4 use max instead of .sort.last
git-svn-id: file:///home/svn/framework3/trunk@11073 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 18:34:10 +00:00
Joshua Drake 3b6edefe44 fix up auto targeting to not assign to "target"
git-svn-id: file:///home/svn/framework3/trunk@11072 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 18:33:34 +00:00
Joshua Drake fe9710b836 add a rand: special case for OptAddress options
git-svn-id: file:///home/svn/framework3/trunk@11071 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 18:31:14 +00:00
Joshua Drake b42a04a7aa add cakephp exploit from tdz
git-svn-id: file:///home/svn/framework3/trunk@11070 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 18:30:07 +00:00
James Lee 1c5481dcfb add a method for getting the full uri from an HttpServer to complement get_resource
git-svn-id: file:///home/svn/framework3/trunk@11069 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 18:15:20 +00:00
Steve Tornio 8f3b64e15c add cve and osvdb refs
git-svn-id: file:///home/svn/framework3/trunk@11068 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 14:17:35 +00:00
Mario Ceballos df9a0cfea8 added exploit module realwin_10.rb
git-svn-id: file:///home/svn/framework3/trunk@11067 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-18 23:45:40 +00:00
Tod Beardsley c05ff818dd Incrementally more useful survey of mixins already in use in Metasploit.
Current results, for fun:

<pre>
Msf::Exploit::Remote::Tcp                    | 268
Msf::Auxiliary::Report                       | 238
Msf::Exploit::Remote::TcpServer              | 183
Msf::Exploit::Remote::HttpServer             | 147
Msf::Exploit::Remote::HttpServer::HTML       | 141
Msf::Exploit::Seh                            | 109
Msf::Exploit::Remote::HttpClient             | 95
Msf::Exploit::FILEFORMAT                     | 70
Msf::Exploit::EXE                            | 40
Msf::Exploit::Remote::Udp                    | 33
Msf::Exploit::Remote::DCERPC                 | 32
Msf::Exploit::Remote::DCERPC_EPM             | 32
Msf::Exploit::Remote::DCERPC_LSA             | 32
Msf::Exploit::Remote::DCERPC_MGMT            | 32
Msf::Exploit::Remote::SMB                    | 31
Msf::Exploit::Remote::Ftp                    | 27
Msf::Exploit::Egghunter                      | 21
Msf::Exploit::Brute                          | 20
Msf::Exploit::Remote::BrowserAutopwn         | 16
Msf::Exploit::Remote::Imap                   | 13
Msf::Exploit::Remote::FtpServer              | 12
Msf::Exploit::BruteTargets                   | 7
Msf::Exploit::Remote::SunRPC                 | 6
Msf::Exploit::Remote::SMTPDeliver            | 6
Msf::Exploit::Remote::MSSQL                  | 5
Msf::Exploit::KernelMode                     | 5
Msf::Exploit::Remote::MSSQL_COMMANDS         | 5
Msf::Exploit::FormatString                   | 4
Msf::Exploit::CmdStager                      | 4
Msf::Exploit::Lorcon2                        | 4
Msf::Exploit::Remote::HttpServer::PHPInclude | 3
Msf::Exploit::CmdStagerVBS                   | 3
Msf::Exploit::Remote::TNS                    | 3
Msf::Exploit::Remote::Smtp                   | 2
Msf::Exploit::Remote::Dialup                 | 2
Msf::Exploit::Java                           | 2
Msf::Exploit::Remote::NDMP                   | 2
Msf::Exploit::Remote::Arkeia                 | 2
Msf::Exploit::PDF_Parse                      | 1
Msf::Exploit::CmdStagerTFTP                  | 1
Msf::Exploit::Omelet                         | 1
Msf::Exploit::TFTPServer                     | 1
Msf::Exploit::RIFF                           | 1
Msf::Exploit::Remote::SMB::Authenticated     | 1
Msf::Exploit::Capture                        | 1
Msf::Exploit::Remote::SMBServer              | 1

</pre>


git-svn-id: file:///home/svn/framework3/trunk@11064 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-18 16:40:33 +00:00
Mario Ceballos 1729f8f075 removed extra stuff.
git-svn-id: file:///home/svn/framework3/trunk@11063 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-18 12:31:55 +00:00
Carlos Perez f5715cd310 Removed shebang and added keywords
git-svn-id: file:///home/svn/framework3/trunk@11060 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-18 02:02:08 +00:00
Carlos Perez a4e77c13cc Applied patch by Manuel Schilt
git-svn-id: file:///home/svn/framework3/trunk@11059 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-18 01:58:46 +00:00
James Lee 2895dc409a make sure the session is a windows host
git-svn-id: file:///home/svn/framework3/trunk@11058 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-17 20:22:18 +00:00
Tod Beardsley d33b55474a Adds a utility script to list all exploit modules and their included mixins. Handy for getting a better idea of what modules intend.
git-svn-id: file:///home/svn/framework3/trunk@11057 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-17 17:18:43 +00:00
Matt Weeks c424d6b403 Make options more consistent when launching a handler.
git-svn-id: file:///home/svn/framework3/trunk@11054 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-17 00:26:39 +00:00
Joshua Drake 2fe78ec685 double grammar fail
git-svn-id: file:///home/svn/framework3/trunk@11053 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-16 20:23:11 +00:00
Joshua Drake f4d2af3e73 fix typo
git-svn-id: file:///home/svn/framework3/trunk@11052 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-16 20:17:25 +00:00
Joshua Drake c30bc9cb69 check for exploit rank and disclosure date
git-svn-id: file:///home/svn/framework3/trunk@11051 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-16 20:17:03 +00:00
Joshua Drake 25611afb6c add sap businessobject modules from jabra, woot!
git-svn-id: file:///home/svn/framework3/trunk@11046 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-15 05:12:48 +00:00