infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
34,774 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

8640 Commits (e9203060b0e16b2ab4c68a1bc526217b53907347)

Author SHA1 Message Date
William Vu ea4a7d98b9
Land #5728, Arch specification for psexec 2015-07-15 15:36:27 +00:00
jvazquez-r7 886ca47dfb
Land #5650, @wchen-r7's browser autopwn 2 2015-07-15 10:21:44 -05:00
Christian Mehlmauer b31c637c1b
Land #5533, DSP-W110 cookie command injection 2015-07-15 11:22:33 +02:00
Christian Mehlmauer 21375edcb2
final cleanup 2015-07-15 11:21:39 +02:00
Brent Cook a7d866bc83 specify the 'Arch' values that psexec supports 2015-07-14 15:45:52 -06:00
William Vu 405261df4f
Land #5710, php_wordpress_total_cache removal 
Deprecated.
 2015-07-13 18:33:12 +00:00
William Vu 3feef639b9
Land #5711, php_wordpress_optimizepress removal 
Deprecated.
 2015-07-13 18:32:37 +00:00
William Vu 6e12cbf98f
Land #5712, php_wordpress_lastpost removal 
Deprecated.
 2015-07-13 18:31:31 +00:00
William Vu dd188b1943
Land #5713, php_wordpress_infusionsoft removal 
Deprecated.
 2015-07-13 18:31:01 +00:00
wchen-r7 4960e64597 Remove php_wordpress_foxypress, use wp_foxypress_upload 
Please use exploit/unix/webapp/wp_foxypress_upload instead.
 2015-07-13 12:53:34 -05:00
wchen-r7 dfbeb24a8f Remove php_wordpress_infusionsoft, use wp_infusionsoft_upload 
Please use exploit/unix/webapp/wp_infusionsoft_upload instead.
 2015-07-13 12:51:48 -05:00
wchen-r7 b80427aed2 Remove php_wordpress_lastpost, use wp_lastpost_exec instead. 
Please use exploit/unix/webapp/wp_lastpost_exec instead
 2015-07-13 12:49:27 -05:00
wchen-r7 90cc3f7891 Remove php_wordpress_optimizepress, use wp_optimizepress_upload 
Please use exploit/unix/webapp/wp_optimizepress_upload instead.
 2015-07-13 12:45:39 -05:00
wchen-r7 4177cdacd6 Remove php_wordpress_total_cache, please use wp_total_cache_exec 
The time is up for exploit/unix/webapp/php_wordpress_total_cache,
please use exploit/unix/webapp/wp_total_cache_exec instead.
 2015-07-13 12:41:29 -05:00
wchen-r7 e638d85f30
Merge branch 'upstream-master' into bapv2 2015-07-12 02:01:09 -05:00
wchen-r7 f7ce6dcc9f We agreed to Normal 2015-07-11 02:07:18 -05:00
wchen-r7 0ff7333090 Lower the ranking for CVE-2015-5122 
As an initial release we forgot to lower it.
 2015-07-11 02:05:56 -05:00
wchen-r7 1289ec8863 authors 2015-07-11 01:38:21 -05:00
wchen-r7 6eabe5d48c Update description 2015-07-11 01:36:26 -05:00
wchen-r7 54fc712131 Update Win 8.1 checks 2015-07-11 01:33:23 -05:00
jvazquez-r7 6f0b9896e1
Update description 2015-07-11 00:56:18 -05:00
jvazquez-r7 115549ca75
Delete old check 2015-07-11 00:42:59 -05:00
jvazquez-r7 63005a3b92
Add module for flash CVE-2015-5122 
* Just a fast port for the exploit leaked
* Just tested on win7sp1 / IE11
 2015-07-11 00:28:55 -05:00
jvazquez-r7 5a045677bc
Add waiting message 2015-07-10 18:48:46 -05:00
jvazquez-r7 8d52c265d9
Delete wfsdelay 2015-07-10 18:46:27 -05:00
jvazquez-r7 63e91fa50f
Add reference 2015-07-10 18:46:06 -05:00
jvazquez-r7 677cd97cc2
Update information 2015-07-10 18:39:11 -05:00
jvazquez-r7 6c6a778218
Modify arkeia_agent_exec title 2015-07-10 18:38:25 -05:00
jvazquez-r7 4995728459
Modify arkeia_agent_exec ranking 2015-07-10 18:37:24 -05:00
jvazquez-r7 858f63cdbf
Land #5693, @xistence VNC Keyboard EXEC module 2015-07-10 18:35:44 -05:00
jvazquez-r7 1326a26be5
Do code cleanup 2015-07-10 18:35:13 -05:00
jvazquez-r7 917282a1f1
Fix ranking 2015-07-10 17:49:15 -05:00
jvazquez-r7 e063e26627
Land #5689, @xistence's module for Western Digital Arkeia command injection 2015-07-10 17:11:35 -05:00
jvazquez-r7 bdd8b56336
fix comment 2015-07-10 16:28:20 -05:00
jvazquez-r7 95ae7d8cae
Fix length limitation 2015-07-10 16:24:49 -05:00
Mo Sadek 3347b90db7 Land #5676, print_status with ms14_064 2015-07-10 14:40:49 -05:00
jvazquez-r7 29a497a616
Read header as 6 bytes 2015-07-10 14:25:57 -05:00
jvazquez-r7 bed3257a3f
Change default HTTP_DELAY 2015-07-10 12:50:26 -05:00
jvazquez-r7 c9d2ab58d3
Use HttpServer::HTML 
* And make the exploit Aggressive
 2015-07-10 12:48:21 -05:00
jvazquez-r7 e1192c75a9
Fix network communication on `communicate` 
* Some protocol handling just to not read amounts of data blindly
 2015-07-10 11:57:48 -05:00
Tod Beardsley 9206df077f
Land #5694, R7-2015-08 2015-07-10 11:42:57 -05:00
jvazquez-r7 9ba515f185
Fix network communication on `check` 
* Some protocol handling just to not read amounts of data blindly
 2015-07-10 11:32:49 -05:00
jvazquez-r7 c70be64517
Fix version check 2015-07-10 10:57:55 -05:00
jvazquez-r7 34a6984c1d
Fix variable name 2015-07-10 10:44:38 -05:00
jvazquez-r7 2c7cc83e38
Use single quotes 2015-07-10 10:34:47 -05:00
jvazquez-r7 f66cf91676
Fix metadata 2015-07-10 10:33:02 -05:00
xistence b916a9d267 VNC Keyboard Exec 2015-07-10 14:08:32 +07:00
xistence 52d41c8309 Western Digital Arkeia 'ARKFS_EXEC_CMD' <= v11.0.12 Remote Code Execution 2015-07-10 09:51:28 +07:00
Michael Messner d7beb1a685 feedback included 2015-07-09 08:31:11 +02:00
HD Moore 25e0f888dd Initial commit of R7-2015-08 coverage 2015-07-08 13:42:11 -05:00
wchen-r7 a3ec56c4cb Do it in on_request_exploit because it's too specific 2015-07-08 12:32:38 -05:00
wchen-r7 cefbdbb8d3 Avoid unreliable targets 
If we can't garantee GreatRanking on specific targets, avoid them.
 2015-07-08 12:12:53 -05:00
wchen-r7 6a33807d80 No Chrome for now 2015-07-07 15:56:58 -05:00
jvazquez-r7 f8b668e894
Update ranking and References 2015-07-07 15:43:02 -05:00
Tod Beardsley 116c3f0be1
Add CVE as a real ref, too 2015-07-07 14:46:44 -05:00
Tod Beardsley 3d630de353
Replace with a real CVE number 2015-07-07 14:44:12 -05:00
wchen-r7 fdb715c9dd
Merge branch 'upstream-master' into bapv2 2015-07-07 13:45:39 -05:00
jvazquez-r7 829b08b2bf
Complete authors list 2015-07-07 12:49:54 -05:00
wchen-r7 49effdf3d1 Update description 2015-07-07 12:46:02 -05:00
wchen-r7 d885420aff This changes the version requirement for adobe_flash_hacking_team_uaf.rb 
Because it works for Win 8.1 + IE11 too
 2015-07-07 12:42:56 -05:00
wchen-r7 d30688b116 Add more requirement info 2015-07-07 12:33:47 -05:00
jvazquez-r7 d9aacf2d41
Add module for hacking team flash exploit 2015-07-07 11:19:48 -05:00
wchen-r7 c37b60de7b Do some print_status with ms14_064 2015-07-07 00:57:37 -05:00
Michael Messner 5b6ceff339 mime message 2015-07-06 15:00:12 +02:00
HD Moore 43d47ad83e Port BAPv2 to Auxiliary 2015-07-02 15:29:24 -05:00
William Vu 8892cbdd10 Fix some minor things 2015-07-02 14:32:16 -05:00
Tod Beardsley 95f19e6f1f
Minor description edits for clarity 
Edited modules/exploits/multi/browser/adobe_flash_nellymoser_bof.rb
first landed in #5642, Adobe Flash CVE-2015-3113 Nellymoser Audio
Decoding BOF

Edited modules/post/windows/gather/credentials/enum_laps.rb first landed
in #5590, @Meatballs1 adds MS LAPS Enum post mod

Edited modules/post/windows/gather/enum_ad_bitlocker.rb first landed in
Keys from AD
 2015-07-02 13:51:37 -05:00
HD Moore 87e6325737 Revert BAPv2 changes to framework/libraries/handlers 2015-07-02 12:10:21 -05:00
wchen-r7 2957924c78
Merge branch 'upstream-master' into bapv2 2015-07-02 01:46:31 -05:00
jvazquez-r7 3b9ba189f7
Add CVE-2015-3043 information 2015-07-01 19:56:35 -05:00
wchen-r7 8051a99f4a
Merge branch 'upstream-master' into bapv2 2015-07-01 18:45:42 -05:00
wchen-r7 32d5e7f3de
Land #5642, Adobe Flash CVE-2015-3113 Nellymoser Audio Decoding BOF 2015-07-01 18:44:38 -05:00
wchen-r7 93c74efb97 Add Ubuntu as a tested target 2015-07-01 18:43:22 -05:00
jvazquez-r7 ee118aa89d
Fix description 2015-07-01 13:30:22 -05:00
jvazquez-r7 1de94a6865
Add module for CVE-2015-3113 2015-07-01 13:13:57 -05:00
William Vu 3632cc44c5 Fix nil error when target not found 2015-06-30 11:48:41 -05:00
wchen-r7 7aeb9e555b Change ranking and support CAMPAIGN_ID 2015-06-29 12:13:46 -05:00
wchen-r7 9bd920b169
Merge branch 'upstream-master' into bapv2 2015-06-27 12:19:55 -05:00
William Vu 326bec0a1f
Land #5581, s/shell_command_token/cmd_exec/ 2015-06-26 16:59:40 -05:00
jvazquez-r7 a10fa02b00
Land #5606, @wchen-r7's glassfish fixes 2015-06-26 14:12:50 -05:00
wchen-r7 3b5e2a0c6e Use TARGETURI 2015-06-26 14:02:17 -05:00
wchen-r7 b46e1be22f
Land #5371, Add file checking to the on_new_session cleanup 2015-06-26 13:33:57 -05:00
Tod Beardsley 31eedbcfa0
Minor cleanups on recent modules 
Edited modules/auxiliary/scanner/http/ms15_034_http_sys_memory_dump.rb
first landed in #5577, MS15-034 HTTP.SYS Information Disclosure

Edited modules/exploits/multi/browser/adobe_flash_shader_drawing_fill.rb
first landed in #5605, CVE-2015-3105 flash exploit

Edited modules/exploits/multi/browser/adobe_flash_shader_job_overflow.rb
first landed in #5559, Adobe Flash Player ShaderJob Buffer Overflow

Edited modules/auxiliary/test/report_auth_info.rb first landed in #5540,
@wchen-r7's changes for multiple auxiliary modules to use the new cred
API
 2015-06-26 12:18:33 -05:00
jvazquez-r7 7ccc86d338
Use cmd_exec 2015-06-26 11:54:19 -05:00
jvazquez-r7 31b7ef49d6
Solve conficts 2015-06-26 11:36:17 -05:00
wchen-r7 c70e38a14e Do more reporting 2015-06-25 22:39:56 -05:00
wchen-r7 5ef4cc2bb4 Save creds 2015-06-25 17:10:20 -05:00
wchen-r7 1a371b11b0 Update description 2015-06-25 17:04:31 -05:00
jvazquez-r7 ee0377ca16
Add module for CVE-2015-3105 2015-06-25 13:35:01 -05:00
wchen-r7 c330d10403 Make SSL as a basic option 
Also:

Fix #5558
 2015-06-25 02:06:51 -05:00
wchen-r7 5c98da05fb This works for Glassfish 4.0 & 9.1 2015-06-25 01:58:24 -05:00
wchen-r7 c826785ebb Fix auth bypass 2015-06-24 19:49:04 -05:00
wchen-r7 8e4fa80728 This looks good so far 2015-06-24 19:30:02 -05:00
Spencer McIntyre 2206a6af73 Support older targets x86 for MS15-051 2015-06-25 09:33:15 +10:00
William Vu a149fb5710
Land #5554, @g0tmi1k's persistence improvements 
age aborts
age aborts
 2015-06-24 14:37:25 -05:00
William Vu e7e8135acd Clean up module 2015-06-24 14:35:10 -05:00
Michael Messner c8dddbff70 server header 2015-06-24 21:32:01 +02:00
wchen-r7 380af29482 Progress? 2015-06-24 14:17:45 -05:00
Michael Messner 8bc012a665 echo stager via upload vulnerability 2015-06-23 23:09:08 +02:00
wchen-r7 6046994138 version does not return nil 2015-06-23 10:31:01 -05:00