Commit Graph

39984 Commits (eeff24d2ef0b5569c7ee07a53060acca67dd0025)

Author SHA1 Message Date
Brent Cook 1415c34724
Land #7423, add localtime support for mettle, fix bad mettle gem 2016-10-11 21:12:30 -05:00
Brent Cook aa748ecc83 update to working mettle gem 0.0.8 2016-10-11 21:12:00 -05:00
William Vu e78d3d6bf0 Fix erroneous cred reporting in SonicWALL exploit
A session ID will be returned in the parsed JSON if the login succeeded.

Bad user:

{"noldapnouser"=>1, "loginfailed"=>1}

Bad password:

{"loginfailed"=>1}

Good user/password:

{"userid"=>"1", "sessionid"=>"4WJ9cNg1TkBrwjzX"}
2016-10-11 19:25:52 -05:00
David Maloney 7894d5b2c1 Revert "Revert "use the new rex-exploitation gem""
This reverts commit f3166070ba.
2016-10-11 17:40:43 -05:00
David Maloney 2493ff1886 Revert "Revert "remove leftover cruft""
This reverts commit 74e0256448.
2016-10-11 17:40:18 -05:00
David Maloney 13de5f9b1e fix missing require in rex
this missing required caused an unitialized
constant in browser_autopwn2 because it required
the js utils bit directly without requiring rex-exploitation
2016-10-11 17:36:55 -05:00
Brendan fe36801918 Changed to convert hostnames and domains to UTF-8 rather than ANSI
after pulling them from the NTLM blob
2016-10-11 15:51:50 -05:00
Alton J 98d7b19ab9 Passed IP parameter to additional functions. 2016-10-11 15:09:50 -05:00
Alton J acff0fa9cf Added IP addresses to output. 2016-10-11 14:43:42 -05:00
Alton J f0ff4a0721 Added IP addresses to output. 2016-10-11 14:42:06 -05:00
Spencer McIntyre bd110430e9 Remove unnecessary require statements 2016-10-11 15:35:49 -04:00
mr_me bd646ded1b fixed the check function 2016-10-11 14:06:03 -05:00
Sonny Gonzalez 55348d7342
Merge branch 'land-6993' into upstream-master 2016-10-11 09:39:15 -05:00
Sonny Gonzalez 3fd806b87f Merge remote-tracking branch 'upstream/pr/6993' into land-6993 2016-10-11 09:33:26 -05:00
mr_me fc5be2d2c6 Merge branch 'rails' of https://github.com/stevenseeley/metasploit-framework into rails 2016-10-11 08:32:05 -05:00
mr_me 95017cea0c Merge remote-tracking branch 'upstream/master' into rails 2016-10-11 08:31:33 -05:00
Brent Cook b447f32a28
Land #7423, add 'localtime' command to meterpreter and mettle 2016-10-11 07:59:12 -05:00
Brent Cook e5ac3eda61
Land #7362, Fix apk injection script to include android payload service and broadcast receivers 2016-10-11 07:54:10 -05:00
Brent Cook 157740ba06 update payload sizes 2016-10-11 07:01:17 -05:00
Brent Cook 8f8a54bf8c update to really-working payloads 1.1.21 2016-10-11 07:00:01 -05:00
Tim 3d9cb7375c
store Android payload information in byte array 2016-10-11 14:41:32 +08:00
Brent Cook deaa4047df bump payloads (and sqlite too) 2016-10-10 23:58:19 -05:00
Brent Cook 0d5a23b865 Merge branch 'master' into land-7423-localtime 2016-10-10 23:54:38 -05:00
mr_me 2a308f76b1 Update rails_dynamic_render_code_exec.md 2016-10-10 22:43:24 -05:00
mr_me d8f98ccd4e run through msftidy 2016-10-10 22:36:20 -05:00
mr_me f2252bb179 fixed a few things, thanks @h00die 2016-10-10 22:30:01 -05:00
mr_me 3c3f424a4d added a some references 2016-10-10 17:56:03 -05:00
mr_me bca3aab1db added CVE-2016-0752 2016-10-10 17:36:20 -05:00
Pearce Barry 2bd11f512a
Land #7422, fix nessus_db_import command
Fix #7391
2016-10-10 15:25:32 -05:00
OJ 699a8e91d2
Rework XOR code to make more sense 2016-10-10 13:38:08 +10:00
OJ e139a1ee8f
Land #7383: Rebase/Fix + SSL stager support for python 2016-10-10 13:06:09 +10:00
Pearce Barry 7b84e961ed
Minor output correction. 2016-10-09 19:01:06 -05:00
Pearce Barry d1a11f46e8
Land #7418, Linux recvmmsg Priv Esc (CVE-2014-0038) 2016-10-09 18:37:52 -05:00
h00die f9060b0ac7 fixed doc numbering 2016-10-09 00:02:18 -04:00
h00die 2dfebe586e working cve-2014-0038 2016-10-08 23:58:09 -04:00
Metasploit adb6f31e36
Bump version of framework to 4.12.33 2016-10-08 20:57:08 -07:00
Brent Cook 940bdedd21
Land #7417, backout rex-exploitation gem refactor 2016-10-08 22:38:06 -05:00
Brent Cook 74e0256448
Revert "remove leftover cruft"
This reverts commit 2be551cbd3.
2016-10-08 21:55:22 -05:00
Brent Cook f3166070ba
Revert "use the new rex-exploitation gem"
This reverts commit 52f6265d2e.
2016-10-08 21:55:16 -05:00
Brent Cook b77a910205
Land #7355, allwinner post to local exploit conversion 2016-10-08 21:38:54 -05:00
Brent Cook e074669406
Land #7296, Added a SCADA module for detecting Profinet devices, e.g. Siemens controllers 2016-10-08 21:34:40 -05:00
Brent Cook 7e2e98f96c
Land #7413, Add KB for post/firefox/gather/passwords 2016-10-08 21:31:27 -05:00
Brent Cook f6353b1a60
Land #5393, add remote .NET code compilation and persistence 2016-10-08 21:21:57 -05:00
Brent Cook bd24e7eba0 more cleanups and print output on auto-run 2016-10-08 21:14:26 -05:00
Brent Cook 63bf93be1b code and style cleanups 2016-10-08 21:04:15 -05:00
Brent Cook df597a7bb7 add module documentation 2016-10-08 20:17:54 -05:00
Brent Cook 5284db6b58 module cleanup 2016-10-08 20:17:29 -05:00
Brent Cook 7c1fa3eb51 fix 'info -d module', it assumed active module only 2016-10-08 19:31:00 -05:00
Brent Cook 199bf8e726 cleanups and update to require 4.0 CLR by default 2016-10-08 15:24:13 -05:00
RageLtMan 44c5fc3250 Sync build_net_code post module upstream
Fix merge conflicts and add missing lines to framework version of
the DotNet compiler example module.

Test output to come in PR #5393
2016-10-08 14:06:35 -05:00