infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
28,961 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

28961 Commits (f54fc3da87e4b00f30e07ae2f8cb1d6380dce9bb)

Author SHA1 Message Date
jvazquez-r7 cc8b37d619 Make directory mandatory 2014-11-17 12:15:33 -06:00
jvazquez-r7 15b7435c34 Make it YARD compliant documentation 2014-11-17 12:03:37 -06:00
William Vu fd53e969fd
Land #4217, browser_autopwn variable fix 2014-11-17 11:46:52 -06:00
William Vu 405eae4b6e
Remove EOL whitespace 2014-11-17 11:46:36 -06:00
jvazquez-r7 20195e7f37 Update from upstream/master 2014-11-17 11:43:48 -06:00
William Vu 91ba25a898
Land #4208, psexec delay fix 2014-11-17 11:35:56 -06:00
jvazquez-r7 2c36f79934
Land #4165, @jhart-r7's check for datastore options on Cisco dtp 
* Fix modules/auxiliary/spoof/cisco/dtp
* Just one of the two options is required
 2014-11-17 11:23:31 -06:00
William Vu fa9bd88091
Land #4215, new CVEs for older modules 2014-11-17 11:21:46 -06:00
Jon Hart cd32f00ebc
Add dir doc 2014-11-17 09:15:08 -08:00
Jon Hart 98db8b5ad9
When not a meterpreter session, split dir/ls output to match meterpreter entries output 2014-11-17 09:10:03 -08:00
Jon Hart d5afb2b766 %q 2014-11-17 09:01:14 -08:00
Jon Hart ce73e32673 Doc and named captures 2014-11-17 09:01:14 -08:00
Jon Hart bf05fe1389 Refactoring, simplification, better print_* 2014-11-17 09:01:14 -08:00
Jon Hart 6e1cdfde36 Rip out create_credential* stuff. Use what works 2014-11-17 09:01:14 -08:00
Jon Hart e5bb13a609 If remmina config files are missing data for creds, tell me what 2014-11-17 09:01:14 -08:00
Jon Hart 875d1f9ea0 Convert Remmina credential gatherer to use new credentials model 2014-11-17 09:01:14 -08:00
Jon Hart 5f1a1f8ed3 Use dir for Windows only, ls for the rest 2014-11-17 09:01:14 -08:00
Jon Hart 086f0c02d6 Remove excessive logging 2014-11-17 09:01:14 -08:00
Jon Hart 6519b0e2cb Add dir and ls to Msf::Post::File 2014-11-17 09:01:14 -08:00
Jon Hart 90e58e9e71 Binary encoding 2014-11-17 09:01:14 -08:00
Jon Hart e76373340e Correct some Rubocop things that I agree with 2014-11-17 09:01:14 -08:00
Jon Hart f729a6cf02 Add Remmina RDP/SSH/VNC password gathering 2014-11-17 09:01:13 -08:00
Matt Buck 5db7d1edd5
Bump mdm version number 2014-11-17 10:59:41 -06:00
William Vu 07c3c41269
Land #4211, Ruby version bump 2014-11-17 10:38:34 -06:00
Joe Vennix cd61975966
Change puts to vprint_debug. 2014-11-17 10:13:13 -06:00
Joe Vennix fc1635e80a
Fix BAP JS ref error. 2014-11-17 10:06:15 -06:00
Luke Imhoff 33b42389f0
Merge branch 'feature/MSP-11147/thread-leak-detection' into feature/MSP-11605/lazy-thread-creation 
MSP-11605
 2014-11-17 09:35:47 -06:00
Luke Imhoff e3869ee1ae
Include Thread status when printing leaked threads 
MSP-11147

Sometime travis-ci is showing leaked threads even when
'Msf::Framework#threads cleaner' is being used, so I'm adding the
`Thread#status` to the data printed about the Thread to see if the
sometimes leaked threads have an odd status.  There's still a chance
that there will be a race-condition between when I call Thread.list and
I ask for each Thread's status that the VM could finish aborting a
Thread so that status I print isn't the same as the one that caused the
Thread to be returned in Thread.list.
 2014-11-17 09:30:46 -06:00
Luke Imhoff ba836f2383
Only calculate thread UUIDs if they are needed 
MSP-11147

Only calculate thread UUIDs if the thread count exceeds
EXPECTED_THREAD_COUNT_AROUND_SUITE.
 2014-11-17 09:17:44 -06:00
Luke Imhoff 024b449b55
Merge branch 'master' into feature/MSP-11605/lazy-thread-creation 
MSP-11605
 2014-11-17 08:50:33 -06:00
jvazquez-r7 6f5183afec
Land #4216, @hmoore-r7 additions to the tftp dictionary 
* Changes originally submitted by Chris McNab
 2014-11-17 08:48:16 -06:00
Joe Vennix 2a24151fa8
Remove BAP target, payload is flaky. Add warning. 2014-11-17 02:02:37 -06:00
Joe Vennix 105a28d8fd
Run the tests again. 2014-11-16 23:42:40 -06:00
Joe Vennix a7aeac5df3
Fix APK signing on osx. 2014-11-16 23:29:54 -06:00
HD Moore 1d8b746d89 Adds new TFTP file names, submitted by Chris McNab 2014-11-16 18:47:11 -06:00
HD Moore 9fe4994492 Chris McNab has been working with MITRE to add these CVEs 
These CVEs are not live yet, but have been confirmed by cve-assign
t
 2014-11-16 18:42:53 -06:00
Joe Vennix 5de69ab6a6
minor syntax fixes. 2014-11-15 21:39:37 -06:00
Joe Vennix 3fb6ee4f7d
Remove dead constant. 2014-11-15 21:38:11 -06:00
Joe Vennix 7a62b71839
Some URL fixes from @jduck and exploit ideas from Andre Moulu. 
The exploit works with the URLs fixed, installs the APK, but hangs at the Installing...
screen and never actually launches. We tried opening the APK in a setTimeout() intent
URI, but the previously launched intent seemed unresponsive. Andre had the bright
idea of re-opening the previously launched intent with invalid args, crashing it and
allow us to launch the payload.
 2014-11-15 21:33:16 -06:00
William Vu a521d469ed
Land #4194, Quake protocol support 2014-11-15 17:44:19 -06:00
sinn3r d207345778
Land #4200 - report_note handling incorrect protocol names 2014-11-15 13:16:58 -06:00
Christian Mehlmauer 28135bcb09
Land #4159, MantisBT PHP code execution by @itseco 2014-11-15 07:49:54 +01:00
Luke Imhoff ceb7a63a5c
Merge branch 'master' into feature/MSP-11147/thread-leak-detection 
MSP-11147
 2014-11-14 18:20:55 -06:00
Tod Beardsley 9c4614f73c
Oh good, another Ruby version bump 
DoS Security issue in Ruby 1.9.3-p550 and prior, described here:

https://www.ruby-lang.org/en/news/2014/11/13/ruby-1-9-3-p551-is-released/

Not a hair-on-fire kind of deal, but should update at the earliest
opportunity to avoid getting DoS'ed by a malicious target.
 2014-11-14 17:28:16 -06:00
sinn3r e194d5490d See #4162 - Don't delay before deleting a file via SMB 
So I was looking at issue #4162, and on my box I was seeing this
problem of the exploit failing to delete the payload in C:\Windows,
and the error was "Rex::Proto::SMB::Exceptions::NoReply The SMB
server did not reply to our request". I ended up removing the sleep(),
and that got it to function properly again. The box was a Win 7 SP1.

I also tested other Winodws boxes such as Win XP SP3, Windows Server
2008 SP2 and not having the sleep() doesn't seem to break anything.
So I don't even know why someone had to add the sleep() in the first
place.
 2014-11-14 15:45:37 -06:00
William Vu 0477c5f8fe
Land #4191, merge_check_key update for Ruby 2.1.4 2014-11-14 15:33:47 -06:00
Luke Imhoff a2ccaad1ae
Merge branch 'master' into feature/MSP-11605/lazy-thread-creation 
MSP-11605
 2014-11-14 13:06:14 -06:00
Trevor Rosen 3b558624f3
Merge branch 'landing/4129' into upstream-master 
Landing #4129

* Detect leaked constants in spec runs
 2014-11-14 12:55:56 -06:00
Luke Imhoff bc53e7667d
Remove unnecessary thread cleaning from Msfcli spec 
MSP-11605
 2014-11-14 12:40:04 -06:00
Luke Imhoff 43511e648a
Merge branch 'chore/MSP-11614/remove-msf-db-manager-sink' into feature/MSP-11605/lazy-thread-creation 
MSP-11605

Conflicts:
	spec/lib/msf/core/task_manager_spec.rb
 2014-11-14 11:59:12 -06:00