infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
38,948 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

38948 Commits (ea94e9752aa78f5ba495fa7cd56de2aacf909cb2)

Author SHA1 Message Date
Brendan 09dcd1dade Added version check and error handling, changed regex to ruby syntax. 
Also made a few syntax changes to placate rubocop.
 2016-07-07 10:35:18 -07:00
wchen-r7 deecb24967 Update doc 2016-07-07 11:43:03 -05:00
wchen-r7 54fa43030d Add module documentation for linux/x86/meterpreter/reverse_tcp 2016-07-07 11:39:28 -05:00
Brent Cook 1c8556d8e0 add mettle payload tests 2016-07-06 15:53:20 -05:00
Brent Cook a362d8b9c8 update payload test generator to work with MetasploitModules 2016-07-06 15:53:06 -05:00
wchen-r7 fee361dae0
Land #7075, Add ms16-016 local privilege escalation 2016-07-06 12:01:01 -05:00
wchen-r7 532ea5d4c4 Make sure there's a ref and checkcode 2016-07-06 12:00:20 -05:00
Tod Beardsley 7a321c7350
Import, sign, and publish signed dev keys 
This largely automates the process of importing developer keys,
much like `import-dev-keys.sh`, but also takes the additional, sadly
manual step of signing the key with your default key, and uploading
those keys to https://sks-keyservers.net.

In effect, you are stating that you trust keys published on keybase.io
and are listed as such on the official Metasploit-Framework development
wiki.

If your own default key either has no passphrase, or has a passphrase
cached in a keymanager, the process merely requires you hit `y` for
every key, and `y` again for keys with multiple IDs. Otherwise, you
will need to provide your passphrase for each signing. Temporarily
removing the passphrase alleviates this pain.

Of course, this assumes you actually trust the development wiki
and keybase to do the right thing. The tradition is to individually
verify each key through some personally invented means, such as in
person with a government ID check.

Note that `import-dev-keys.sh` currently lists a number of keys
not on Keybase, and that functionality has not been carried over
to this script.
 2016-07-06 10:33:02 -05:00
Spencer McIntyre c23be2bb79
Land #7077, add module doc for py/met/rev_tcp 2016-07-06 11:22:43 -04:00
Spencer McIntyre bd566da5ca
Minor grammar changes and versions note 2016-07-06 11:10:05 -04:00
wchen-r7 45401bfe45
Land #7069, modify check codes in multiple local exploits 2016-07-06 00:04:24 -05:00
wchen-r7 4ec69236d2 Add module documentation for python/meterpreter/reverse_tcp 2016-07-05 23:56:11 -05:00
William Webb d923a5d42d typos in mod docs 2016-07-05 22:52:35 -05:00
William Webb 899ea558e3 added module doc for ms16_016_webdav 2016-07-05 22:12:35 -05:00
William Webb b4b3a84fa5 refactor ms16-016 code 2016-07-05 20:50:43 -05:00
Metasploit 82e092c2df
Bump version of framework to 4.12.12 2016-07-05 14:57:43 -07:00
Sonny Gonzalez a14f4992ab
Merge branch 'landing-7074' into upstream-master 2016-07-05 16:48:15 -05:00
James Lee 1164c025a2 Revert "Land #7009, egypt's rubyntlm cleanup" 
This reverts commit d90f0779f8, reversing
changes made to e3e360cc83.
 2016-07-05 15:22:44 -05:00
Brendan 1e0dcb9268
Land #7071, Fix off-by-one error in #6954 2016-07-05 10:07:09 -07:00
Brent Cook 21bede1166 unify stager style 2016-07-05 11:24:54 -05:00
Brent Cook e404dfeaea update to gem 0.0.5 (with libev/eio support) 2016-07-05 11:24:54 -05:00
Brent Cook 049b322ae4 add x86 and x64 stagers for mettle 2016-07-05 11:24:54 -05:00
Adam Cammack 8490a3b775 Remove hard-float requirement for MIPS O32 2016-07-05 11:24:54 -05:00
Adam Cammack 0390ed4d6e Add MIPS O32 Linux support (big and little endian) 2016-07-05 11:24:54 -05:00
Adam Cammack 8de508c4e0 Add mettle module for ARM 2016-07-05 11:24:54 -05:00
Adam Cammack 2f3f655352 Add gem for mettle 
This adds the gem for the mettle binaries, which contains reflective
payloads for a variety of Linux architectures (and more OSs in the
future)
 2016-07-05 11:24:54 -05:00
Brent Cook 74b4087d5c
Land #7072, update module class to MetasploitModule 2016-07-05 11:17:03 -05:00
wchen-r7 6290cb681f Change class name Metasploit4 to MetasploitModule 2016-07-05 11:12:49 -05:00
William Vu 6e7f07f0f3 Fix off-by-one error in #6954 
Props to @egypt for noticing. My bad. :-)
 2016-07-05 11:12:12 -05:00
David Maloney 7f341336b2
Land #7067, bcook's rex tools fix 
this pr fixes rex requires in the various tools that were
disrupted by the new gemification of rex
 2016-07-05 10:34:59 -05:00
David Maloney 85937ab839
require new gems inside rex.rb 
have the root rex namespace require the new rex gems
to prevent broken requires when things greedily require all of rex
 2016-07-05 10:33:45 -05:00
agix 7d638a0975 Remove misc_anti_emu 2016-07-05 17:29:37 +02:00
Metasploit 054ac5ac19
Bump version of framework to 4.12.11 2016-07-05 07:49:37 -07:00
Brendan e29d5b9efe
Land #6954, Fix the available size of payload for exploit/.../payload_inject 2016-07-05 07:38:27 -07:00
Clément Notin 0f8efec001 Fix modules broken by @wchen-r7 's 4275a65407 commit. 
These modules call check() in the exploit() function and expected to get a CheckCode::Vulnerable, now that check() returns Appears instead of Vulnerable they always refuse to run.
I've flipped the logic, based on examples in other modules, now they refuse to run only if check() positively returns Safe.
 2016-07-05 13:49:14 +02:00
Brent Cook f9f47f7a79 fix tools that need rex-text to function 2016-07-05 02:38:40 -05:00
Brent Cook 5dc7d4b16e
Land #7043, Fix-up double slash handling with the LURI parameter 2016-07-05 01:21:33 -05:00
Brent Cook 85dfec0cf5 minor whitespace 2016-07-05 01:20:54 -05:00
Brent Cook 58e37931c5
Land #7040, Decrease chance of an error when exiting a interactive shell 2016-07-05 01:15:39 -05:00
Brent Cook 5a8469d1cb
Land #7053, Account for the newer R7 committers in mailmap 2016-07-05 01:07:22 -05:00
OJ ef322ab9aa
Land #7066 - revert #6581 as it causes a regression 2016-07-05 16:05:48 +10:00
Brent Cook 4b77de2174
Land #7030, Ensure 'show options' reflects correct values 2016-07-05 00:48:46 -05:00
Brent Cook cfc368ab65
Land #6959, Add Linux ARM big endian ipv4 bind shellcode 2016-07-05 00:41:00 -05:00
Brent Cook 6575be72de
Land #7059, restore default pattern length for pattern_offset 2016-07-05 00:33:40 -05:00
Brent Cook 5181fa53ba
Land #7052, Update nokogiri to v1.6.8, fixes #7051 2016-07-05 00:27:19 -05:00
Brent Cook b9891aab27
Land #7007, Added JCL header data to mainframe payload module 2016-07-05 00:22:20 -05:00
Brent Cook 9b4028d2d7
Revert #6581, it causes regressions 
We need a more clever solution without breaking HttpUnknownRequestResponse.
 2016-07-05 00:11:15 -05:00
Brent Cook 54dfcee665
Land #7055, add netgear_soap_password_extractor docs 2016-07-04 23:59:10 -05:00
Pedro Ribeiro ec4769fade Create exploit for WebNMS credential disclosure 2016-07-04 21:15:15 +01:00
Pedro Ribeiro 05ef5316df Create exploit for WebNMS arbitrary file download 2016-07-04 21:10:14 +01:00