Commit Graph

24580 Commits (eda8a90cea012b2ee95efac897b145a6b0438f49)

Author SHA1 Message Date
HD Moore eda8a90cea Fix merge issues with os.js 2014-05-19 13:04:36 -05:00
HD Moore ddc8a4f103 Merge branch 'master' of github.com:rapid7/metasploit-framework into feature/recog 2014-05-19 11:42:30 -05:00
HD Moore 81194684ae Require MDM >= 0.17.2 for Recog support 2014-05-19 11:41:44 -05:00
William Vu a30d6b1f2d
Quick cleanup for sap_icm_urlscan 2014-05-19 09:21:26 -05:00
William Vu dc0e649a10
Clean up case statement 2014-05-19 09:21:07 -05:00
William Vu bc64e47698
Land #3370, cleanup for sap_icm_urlscan 2014-05-19 09:16:18 -05:00
William Vu 8235556cec
Land #3372, release fixes 2014-05-19 09:10:38 -05:00
Tod Beardsley 0ef2e07012
Minor desc and status updates, cosmetic 2014-05-19 08:59:54 -05:00
Tod Beardsley 1ef16fb722
Land #3367, new wordlists from unhash
Thanks @tkisason!
2014-05-19 08:44:54 -05:00
Meatballs 848227e18a
401 should be a valid url 2014-05-19 10:59:38 +01:00
Meatballs 5d96f54410
Be verbose about 307 2014-05-19 10:52:06 +01:00
Meatballs 88b7dc3def
re-add content length 2014-05-19 10:46:47 +01:00
Meatballs e59f104195
Use unless 2014-05-19 10:41:01 +01:00
sinn3r bf52c0b888
Land #3364 - Symantec Workspace Streaming Arbitrary File Upload 2014-05-19 00:25:33 -05:00
jvazquez-r7 2fb0dbb7f8 Delete debug print_status 2014-05-18 23:34:04 -05:00
jvazquez-r7 d35ba208ed
Land #3369 @bugch3ck's support for plugin flash exploitation on adobe_flash_pixel_bender 2014-05-18 23:25:08 -05:00
jvazquez-r7 975cdcb537 Allow exploitation also on FF 2014-05-18 23:24:01 -05:00
Jonas Vestberg 033757812d Updates to adobe_flash_pixel_bender_bof:
1. Added embed-element to work with IE11 (and Firefox). Removed browser-requirements for ActiveX (clsid and method).
2. Added Cache-Control header on SWF-download to avoid AV-detection (no disk caching = no antivirus-analysis :).

Testing performed:
Successfully tested with Adobe Flash Player 13.0.0.182 with IE9, IE10 and IE11 running on Windows 7SP1. (Exploit will trigger on FF29, although sandboxed.)
2014-05-18 22:43:51 +02:00
Tonimir Kisasondi 9b29c572a7 Comments dont work with auth_brute.rb 2014-05-18 21:14:17 +02:00
Tonimir Kisasondi c9bb2d5165 Added headers to files 2014-05-18 20:55:50 +02:00
Tonimir Kisasondi 97b63d708c Corrected naming to be in line with msf convention 2014-05-18 18:18:23 +02:00
Tonimir Kisasondi 7d79f8a4c2 Removed wrongly named list. 2014-05-18 18:15:17 +02:00
Tonimir Kisasondi d7bf66973c Fixed userpass delimiters. 2014-05-18 18:13:03 +02:00
HD Moore 1d205081cb Merge Gemfile changes properly 2014-05-18 11:10:31 -05:00
HD Moore a8bf53479d Fix a merge error 2014-05-18 11:08:04 -05:00
HD Moore a844b5c30a Merge branch 'master' of github.com:hmoore-r7/metasploit-framework into feature/recog
Conflicts:
	Gemfile
	Gemfile.lock
	data/js/detect/os.js
	lib/msf/core/exploit/remote/browser_exploit_server.rb
2014-05-18 10:50:32 -05:00
Tonimir Kisasondi 6ec926b573 Added separate users/pass/userpass dictionaries 2014-05-18 10:18:07 +02:00
William Vu a97d9ed54f
Land #3148, check_urlprefixes for sap_icm_urlscan 2014-05-17 16:10:52 -05:00
sappirate dd1a47f31f Modified sap_icm_urlscan to check for authentication of custom URLs
Fixed ruby coding style
2014-05-17 22:47:49 +02:00
Tonimir Kisasondi af82ae262c Added a large default password list for services. 2014-05-16 23:27:18 +02:00
Christian Mehlmauer 488c3e6b93
Land #3358, @jvazquez-r7 Advantech WebAccess 7.1 SQLI module 2014-05-16 21:26:41 +02:00
jvazquez-r7 2012d41b3d Add origin of the user, and mark web users 2014-05-16 13:51:42 -05:00
jvazquez-r7 4143474da9 Add support for web databases 2014-05-16 11:47:01 -05:00
jvazquez-r7 883d2f14b5 delete debug print_status 2014-05-16 11:13:03 -05:00
jvazquez-r7 ea38a2c6e5 Handle ISO-8859-1 special chars 2014-05-16 11:11:58 -05:00
Tod Beardsley 10e4204829
Land #3365, SNMP info leak vulns 2014-05-16 09:05:42 -05:00
jvazquez-r7 c9465a8922 Rescue when the recovered info is in a format we can't understand 2014-05-16 08:57:59 -05:00
Tod Beardsley 3c1363b990
Add new SNMP enumeration modules 2014-05-16 08:32:46 -05:00
jvazquez-r7 7ec85c9d3a Delete blank lines 2014-05-16 01:03:04 -05:00
jvazquez-r7 9091ce443a Add suport to decode passwords 2014-05-16 00:59:27 -05:00
jvazquez-r7 1b68abe955 Add module for ZDI-14-127 2014-05-15 13:41:52 -05:00
William Vu 773fd7a9cb
Fix up whitespace 2014-05-14 15:31:40 -05:00
William Vu 340956f294
Add a newline after DISCLOSURE_DATE_FORMAT 2014-05-14 15:28:07 -05:00
William Vu f9982752f3
Land #3362, ax rank for aux/dos mods 2014-05-14 15:20:07 -05:00
Tod Beardsley dc57e31be1
Aux modules don't respect Rank anyway 2014-05-14 15:03:10 -05:00
Christian Mehlmauer dc7a8d32d8
Land #3324, msfconsole search timestamp fixes 2014-05-14 21:30:02 +02:00
nstarke bb6201d66d Fixing nil bug and making format constant
The date format has been moved into a constant variable.
Certain modules do not have a disclosure_date.  For example,
‘checkvm’.  This necessitated checking disclosure_date for nil
before attempting a format conversion.  Also, there was an additional
location in core.rb that needed the formatting / nil check added.  Specs
were also updated appropriately.
2014-05-14 15:51:42 +00:00
jvazquez-r7 5b3bb8fb3b Fix @FireFart's review 2014-05-14 09:00:52 -05:00
William Vu 9fbda3eae0
Land #3183, tab completion improvements 2014-05-14 02:20:12 -05:00
William Vu fdbfaacdf6
Land #3313, progress feedback for PASS_FILE
[FixRM #8704]
2014-05-14 02:03:39 -05:00