infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
27,252 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

14424 Commits (f6708b4d836c389f22530b81874d07e531ea0544)

Author SHA1 Message Date
Joe Vennix f6708b4d83
Check for running vmware processes first. 2014-09-24 19:11:38 -05:00
Joe Vennix 99da950734
Adds osx vmware/bash priv escalation. 2014-09-24 17:44:14 -05:00
sinn3r 3e09283ce5
Land #3777 - Fix struts_code_exec_classloader on windows 2014-09-16 13:09:58 -05:00
sinn3r 158d4972d9 More references and pass msftidy 2014-09-16 12:54:27 -05:00
Vincent Herbulot 7a7b6cb443 Some refactoring 
Use EDB instead of URL for Exploit-DB.
Remove peer variable as peer comes from HttpClient.
 2014-09-16 17:49:45 +02:00
us3r777 4c615ecf94 Module for CVE-2014-5519, phpwiki/ploticus RCE 2014-09-16 00:09:41 +02:00
jvazquez-r7 7d4c4c3658
Land #3699, @dmaloney-r7's ipboard login refactor 2014-09-15 08:29:42 -05:00
jvazquez-r7 83bf220a10
Land #3730, @TomSellers's post module for Remote Desktop Connection Manager 2014-09-12 15:38:33 -05:00
jvazquez-r7 5da6a450f1 fix find condition 2014-09-12 15:21:50 -05:00
jvazquez-r7 1749fc73c2 Change module filename 2014-09-12 15:05:33 -05:00
jvazquez-r7 95b6529579 Fix run method 2014-09-12 14:27:25 -05:00
jvazquez-r7 373861abb0
Land #3526, @jhart-r7's soap_xml scanner cleanup 2014-09-12 13:29:52 -05:00
jvazquez-r7 12f949781a Use double quote for xml strings 2014-09-12 13:18:48 -05:00
jvazquez-r7 67c0ee654b Use Gem::Version 2014-09-12 10:35:12 -05:00
jvazquez-r7 0d054d8354 Update with master changes 2014-09-12 09:52:32 -05:00
William Vu 60b29cbd5e
Fix word splitting problem 2014-09-12 06:50:53 -05:00
William Vu 8a6a205e39
Land #3724, NetworkManager creds module 2014-09-12 05:48:35 -05:00
William Vu 131401f024
Remove unused method 2014-09-12 05:48:11 -05:00
Luke Imhoff 706655f755
Land #3779, Glassfish LoginScanner exception 
MSP-11343
 2014-09-11 15:57:47 -05:00
Tod Beardsley d2f2b142b4
Land #3760, Arris WEP/WPA leak from @dheiland-r7 2014-09-11 15:39:19 -05:00
Tod Beardsley 4fc1ec09c7
Land #3759, Android UXSS, with ref/desc fixes 
Incidentally, this also closes jvennix-r7#14 (let's see if I can close a
PR by merging from another repo!)

Also fixes #3782 (opened by accident).
 2014-09-11 14:27:51 -05:00
Tod Beardsley fbba4b32e0
Update the title and desc to be more descriptive 
See #3759
 2014-09-11 14:06:14 -05:00
Tod Beardsley d627ab7628
Add refs for Android UXSS 
See #3759
 2014-09-11 14:05:50 -05:00
James Lee 8aa06b8605
Better api for check_setup 2014-09-10 23:43:54 -05:00
James Lee c1658e5d51 Add a check_setup method 2014-09-10 20:09:46 -05:00
James Lee 84e4db9035 Don't raise in the middle 
MSP-11343

This means we don't bomb out with an unhandled exception, instead
continuing attempting logins against the host even though it will never
succeed. Next up: verify state before running scan!()
 2014-09-10 20:09:33 -05:00
Deral Heiland 872ba6a53b Update arris_dg950 module with required changes 
Collapsed several levels of the if/else statement and changed out 2 with
case. Changed print_good to print_line. Removed rescue ::Interrupt and
altered variable names to make them more readable
 2014-09-10 19:07:53 -04:00
jvazquez-r7 373eb3dda0 Make struts_code_exec_classloader to work on windows 2014-09-10 18:00:16 -05:00
sinn3r 280e16c241
Land #3677 - Updated shodan_search for new API 2014-09-10 11:39:00 -05:00
sinn3r 006393360e Add conditions to check healthy shodan results 2014-09-10 11:38:06 -05:00
James Lee 257f0fc93e
Quick fix for ssh_login_pubkey 
Fixes #3772, closes #3774
 2014-09-10 09:57:17 -05:00
Jon Hart 495e1c14a1
Land #3721, @brandonprry's module for Railo CVE-2014-5468 2014-09-09 19:10:46 -07:00
Jon Hart 26d8432a22
Minor style and usability changes to @brandonprry's #3721 2014-09-09 19:09:45 -07:00
Brandon Perry db6052ec6a Update check method 2014-09-09 18:51:42 -05:00
sinn3r 0a6ce1f305
Land #3727 - SolarWinds Storage Manager exploit AND Msf::Payload::JSP 2014-09-09 17:21:03 -05:00
sinn3r 027f543bdb
Land #3732 - Eventlog Analzyer exploit 2014-09-09 11:33:20 -05:00
sinn3r 75269fd0fa Make sure we're not doing a 'negative' timeout 2014-09-09 11:26:49 -05:00
Joe Vennix 7793ed4fea
Add some common UXSS scripts. 2014-09-09 02:31:27 -05:00
James Lee b8000517cf
Land #3746, reinstate DB_ALL_CREDS 2014-09-08 17:24:12 -05:00
David Maloney 2ac15f2088
some fixes based on Christruncer's feedback 
fixed some stuff i borked, back to you chris
 2014-09-08 15:27:01 -05:00
David Maloney cd3cdc5384
Merge branch 'master' into feature/ipboard-login-refactor 2014-09-08 14:48:37 -05:00
Tod Beardsley 4abee39ab2
Fixup for release 
Ack, a missing disclosure date on the GDB exploit. I'm deferring to the
PR itself for this as the disclosure and URL reference.
 2014-09-08 14:00:34 -05:00
David Maloney 09e6c2f51f
Merge branch 'master' into feature/MSP-11162/db-all-creds 2014-09-08 12:52:25 -05:00
William Vu ae5a8f449c
Land #3691, gdbserver hax 2014-09-08 11:48:39 -05:00
Deral Heiland 9a6ee5090a Add Arris DG950A SNMP data extraction module 
This module will extract critical data such as WPA and WEP keys from
the Arris DG950a model cable modem via the SNMP protocal.
 2014-09-08 11:04:31 -04:00
sinn3r 0ccb39c057
Land #3726 - Fix typos in wordpress login 2014-09-08 09:40:57 -05:00
cx 1b5e40ff78 New Creds model added 2014-09-08 11:42:05 +03:00
Joe Vennix 27889ea411
Add a safety fallback on js load. 2014-09-08 00:46:47 -05:00
Joe Vennix 8407d45c9c
Rework the timers. 2014-09-08 00:40:00 -05:00
Joe Vennix 5c9c8edfcf
Fix refs. 2014-09-07 23:33:45 -05:00