Commit Graph

14283 Commits (eca8555a92a4b5227de378feef00fc25b926d642)

Author SHA1 Message Date
Borja Merino eca8555a92 Applying changes 2012-09-07 11:29:42 +02:00
Borja Merino d16d004969 added windows post module rpcapd service 2012-09-05 19:26:26 +02:00
James Lee 828f37701d Fix linux shell_bind_tcp payload
It was calling bind(2) with a family of 0x02ff, which makes no sense and
causes execution to fall off the end and segfault.  Fix it by replacing
0x02ff with the appropriate 0x0002, or AF_INET.

[Fixrm #7216]
2012-09-04 04:23:48 -05:00
James Lee 7afd470eb0 Clean up linux shellcode Makefile
Now you can "make single_bind_tcp_shell", or the like, and build one
payload instead of the kludgy embedded shell script that always builds
all of them.

Need to do the same with BSD.
2012-09-04 04:23:48 -05:00
sinn3r 783ffb13c2 Add Adobe security bulletin references 2012-09-04 00:07:53 -05:00
sinn3r b3bfaec089 Add reference about the patch 2012-09-03 23:58:21 -05:00
sinn3r 9d97dc8327 Add Metasploit blogs as references, because they're useful. 2012-09-03 15:57:27 -05:00
sinn3r 9ab62de637 Fix a spelling error 2012-09-03 01:44:02 -05:00
jvazquez-r7 943121dd61 Added module for CVE-2012-2611 2012-09-03 00:15:56 +02:00
sinn3r af211d9455 Change how it looks a little 2012-09-01 12:51:52 -05:00
eddiezab c13d24c0db Update lib/msf/ui/console/framework_event_manager.rb
Includes the session host IP when displaying closed sessions. Useful for users who have large numbers of sessions open.
2012-08-31 21:24:45 -03:00
sinn3r 53a9a8afce Awww, typo! Nice catch, @Agarri_FR! :-) 2012-08-31 14:23:51 -05:00
sinn3r c421ccc05b Merge branch 'pdf_exe_specs' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-pdf_exe_specs 2012-08-31 14:21:30 -05:00
sinn3r d106a1150e Be more clear that we dislike certain PDF templates 2012-08-31 14:07:58 -05:00
Tod Beardsley dc77b435a7 Remove trailing commas
Tend to cause problems in Ruby 1.8 anyway.
2012-08-31 11:00:37 -05:00
Tod Beardsley ce51761193 Fixes uictl's disappearance
utctl shouldn't check for stdapi_ui_disable_mouse or disable_keyboard
since neither exist.

Removed the check, tested both enable and disable on mouse and keyboard,
uictl seems to work as advertised now.

[FIXRM #7217]
2012-08-31 10:53:01 -05:00
sinn3r d37b52c9d3 Update source information 2012-08-30 17:48:02 -05:00
sinn3r f48fbaccb0 Add Oracle's security alert 2012-08-30 14:04:16 -05:00
sinn3r 4758eb0dc3 Merge branch 'jvazquez-r7-taget_host_glassflish_deployer' 2012-08-30 12:18:02 -05:00
jvazquez-r7 f99982a85e added java as platform to avoid confussion between target and payload 2012-08-30 18:39:20 +02:00
jvazquez-r7 4fd9f88304 avoid the redefinition of Module.target_host 2012-08-30 14:45:14 +02:00
sinn3r e3e566323a Merge branch 'bug/redmine-6481-File-open' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-bug/redmine-6481-File-open 2012-08-30 03:45:03 -05:00
jvazquez-r7 f439f256b5 Debug line deleted on 2012-08-30 00:18:07 +02:00
James Lee e7dc8e5ac2 Add a File.open method for meterpreter
Same semantics as Ruby stdlib File.open - if you give it a block, yields
a new File object and closes it after the block, otherwise same as
File.new.

[FixRM #6481]
2012-08-29 16:19:03 -05:00
James Lee bbded154d9 Fix tab-completion on meterpreter run
[FixRM #7143]
2012-08-29 14:55:12 -05:00
sinn3r c3159e369a A lot gotcha
When res is nil, that condition can fall into the 'else' clause.
If that happens, we can trigger a bug when we try to read res.code.
2012-08-29 14:46:35 -05:00
sinn3r b70e205a7e Merge branch 'sap_host_control_cmd_exec' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-sap_host_control_cmd_exec 2012-08-29 14:45:46 -05:00
James Lee 44801c217d Linux bins for #609 2012-08-29 14:09:37 -05:00
James Lee 5a5ca66bff Merge branch 'mephos-arp-linux' into rapid7 2012-08-29 11:19:04 -05:00
sinn3r 5f64c55112 Update description 2012-08-29 11:10:35 -05:00
jvazquez-r7 6a24e042f9 fixing indentation 2012-08-29 16:17:56 +02:00
jvazquez-r7 2ed712949e Added check function 2012-08-29 16:12:11 +02:00
jvazquez-r7 72cb39925a Added exploit for OSVDB 84821 2012-08-29 12:17:44 +02:00
Patrick Webster be63aad0d1 Added Windows wordlist. 2012-08-29 10:51:09 +10:00
James Lee 049494752c Bins for #609, adds netstat and arp cmds 2012-08-28 18:21:57 -05:00
James Lee c86b3c64a9 Whitespace at EOL 2012-08-28 17:02:37 -05:00
James Lee dd9ef0c7e5 Fix crash with long exe name in process list
Instead of invoking the Watson crashamajigger when the process
associated with a connection has a long executable name, truncate to the
length available in the buffer.

[See #609]
2012-08-28 17:02:37 -05:00
m m bcfaf577ec fix typo 2012-08-28 17:02:37 -05:00
m m c1ca9fea79 netstat and arp commands in win32/posix meterpreter 2012-08-28 17:02:37 -05:00
jvazquez-r7 363c0913ae changed dir names according to CVE 2012-08-28 16:33:01 +02:00
sinn3r 34b12c4f55 Update CVE/OSVDB refs 2012-08-28 01:21:32 -05:00
jvazquez-r7 6e2369680b Safari added 2012-08-28 02:04:03 +02:00
jvazquez-r7 30fd2cf256 Description updated 2012-08-28 02:01:26 +02:00
sinn3r 7e579db705 Add AlienVault reference 2012-08-27 13:29:27 -05:00
sinn3r 15a87a79f8 Add mihi's analysis 2012-08-27 13:24:43 -05:00
jvazquez-r7 52ca1083c2 Added java_jre17_exec 2012-08-27 11:25:04 +02:00
Rob Fuller b0661a33a3 Update modules/post/windows/gather/tcpnetstat.rb
forgot to change table name with table code reuse
'connection table' is a better table header than
'routing table'.
2012-08-26 02:34:54 -03:00
sinn3r 8e56d4f2eb This reference is too damn useful, must add 2012-08-25 16:05:58 -05:00
Tod Beardsley d4cccda8e1 Add in missing require
Reverse_https handler needs to specifically require reverse_http in
order to ensure that the Msf::Handler::ReverseHttp mixin is available at
run time.
2012-08-25 15:43:32 -04:00
sinn3r 638d9d1095 Fix nil res bug, change action name, etc 2012-08-25 02:41:50 -05:00