infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
23,496 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

12395 Commits (faaf0787a5cabb850a9eedcd629b3c619d9da5c5)

Author SHA1 Message Date
Meatballs 56c5eac823
Message correction 2014-05-02 14:18:18 +01:00
Meatballs 69915c0de5
Message correction 2014-05-02 14:17:27 +01:00
OJ 409787346e
Bring build tools up to date, change some project settings 
This commit brings the source into line with the general format/settings
that are used in other exploits.
 2014-03-14 22:57:16 +10:00
kyuzo 41720428e4 Refactoring exploit and adding build files for dll. 2014-03-12 10:25:52 +00:00
kyuzo 257c121c75 Adding MS013-058 for Windows7 x86 2014-03-06 20:34:01 +00:00
kyuzo 2a1e96165c Adding MS013-058 for Windows7 x86 2014-03-06 18:39:34 +00:00
Brendan Coles df2bdad4f9 Include 'msf/core/exploit/powershell' 
Prevent:

```
[-] 	/pentest/exploit/metasploit-framework/modules/exploits/windows/misc/hp_dataprotector_exec_bar.rb: NameError uninitialized constant Msf::Exploit::Powershell
```
 2014-03-06 12:57:43 +11:00
sinn3r 9d0743ae85
Land #3030 - SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write 2014-03-05 16:34:54 -06:00
bcoles 1ea35887db Add OSVDB reference 2014-03-06 01:40:15 +10:30
jvazquez-r7 4e9350a82b Add module for ZDI-14-008 2014-03-05 03:25:13 -06:00
OJ a1aef92652
Land #2431 - In-memory bypass uac 2014-03-05 11:15:54 +10:00
sinn3r 7cb6e7e261
Land #3057 - MantisBT Admin SQL Injection Arbitrary File Read 2014-03-04 17:52:29 -06:00
sinn3r f0e97207b7 Fix email format 2014-03-04 17:51:24 -06:00
sinn3r caaa419ef8
Land #3054 - Fix crash in osx/x64/exec on 10.9 Mavericks 2014-03-04 15:24:02 -06:00
Brandon Perry c86764d414 update default password to root 2014-03-04 11:55:30 -08:00
Brandon Perry 2b06791ea6 updates regarding PR comments 2014-03-04 10:08:31 -08:00
William Vu e30238fe0d
Land #3062, unused arg fix for vmware_mount 2014-03-04 11:37:41 -06:00
James Lee 68205fa43c
Actually use the argument 2014-03-04 11:30:42 -06:00
sinn3r f8310b86d1
Land #3059 - ALLPlayer M3U Buffer Overfloww 2014-03-04 11:29:52 -06:00
David Maloney db76962b4a
Land #2764, WMIC Post Mixin changes 
lands Meatballs WMIC changes
 2014-03-04 10:21:46 -06:00
Brandon Perry a3523bdcb9 Update mantisbt_admin_sqli.rb 
remove extra new line and fix author line
 2014-03-04 08:44:53 -06:00
OJ f0868c35bf
Land #3050 - Fix tained perl payloads 2014-03-04 10:05:47 +10:00
sgabe 408fedef93 Add module for OSVDB-98283 2014-03-04 00:51:01 +01:00
Meatballs 32d83887d3
Merge remote-tracking branch 'upstream/master' into wmic_post 2014-03-03 21:56:31 +00:00
Brandon Perry 98b59c4103 update desc 2014-03-03 12:40:58 -08:00
Brandon Perry c5d1071456 add mantisbt aux module 2014-03-03 12:36:38 -08:00
Tod Beardsley de6be50d64
Minor cleanup and finger-wagging about a for loop 2014-03-03 14:12:22 -06:00
Joe Vennix 6a02a2e3b3 NULL out envp pointer before execve call. 
This was causing a crash on 10.9.
 2014-03-03 08:56:52 -06:00
Sagi Shahar 8c4b663643 Fix payloads to bypass Perl's Taint mode. 2014-03-02 18:39:05 +02:00
bcoles f008c77f26 Write payload to startup for Vista+ 2014-03-02 18:10:10 +10:30
Meatballs 63751c1d1a
Small msftidies 2014-02-28 22:18:59 +00:00
David Maloney 42a730745e
Land #2418, Use meterpreter hostname resolution 2014-02-28 14:45:39 -06:00
sinn3r ac446d3b3f
Land #3043 - randomization for Rex::Zip::Jar and java_signed_applet 2014-02-28 14:10:55 -06:00
David Maloney e99e668a12 Merge branch 'master' of github.com:rapid7/metasploit-framework 2014-02-28 10:12:03 -06:00
David Maloney 2b5e4bea2b
Landing Pull Request 3003 2014-02-28 10:10:12 -06:00
William Vu fd1586ee6a
Land #2515, plaintext creds fix for John 
[FixRM #8481]
 2014-02-28 09:53:47 -06:00
OJ 7117d50fa4
Land #3028 - bypassuac revamp 2014-02-28 09:12:02 +10:00
William Vu 1a053909dc
Land #3044, chargen_probe reported service fix 2014-02-27 14:33:06 -06:00
sinn3r f531d61255
Land #3036 - Total Video Player buffer overflow 2014-02-27 14:28:53 -06:00
sinn3r 7625dc4880 Fix syntax error due to the missing , 2014-02-27 14:25:52 -06:00
sinn3r 49ded452a9 Add OSVDB reference 2014-02-27 14:22:56 -06:00
sinn3r e72250f08f Rename Total Video Player module 
The filename shouldn't include the version, because the exploit should
be able to target multiple versions if it has to.
 2014-02-27 14:20:26 -06:00
sinn3r 93ec12af43
Land #3035 - GE Proficy CIMPLICITY gefebt.exe Remote Code Execution 2014-02-27 14:13:28 -06:00
David Maloney b952b103bd
cleanup tior and .tmp files 
bypassuac module now also cleans
the tior.exe and all the .tmp files so we have a
clean environemnt afterwards
 2014-02-27 13:18:34 -06:00
David Maloney f66709b5bb
make bypassuac module clean itself up 
since the IO redirection hangs our original process
we have the moudle wait for the session then kills
the spawning process and delete the exe we dropped
 2014-02-27 12:54:40 -06:00
jgor 8be33f42fe Define service as udp 2014-02-27 12:53:29 -06:00
jvazquez-r7 6c490af75e Add randomization to Rex::Zip::Jar and java_signed_applet 2014-02-27 12:38:52 -06:00
David Maloney a8e0c3c255
remove copypasta mistake 2014-02-27 10:05:53 -06:00
Fr330wn4g3 63f74bddae 2° update total_video_player_131_ini_bof 2014-02-27 16:41:35 +01:00
David Maloney 96b611104e cleanup methods in bypassuac module 
apply the same sort of method cleanup as in
Meatballs injection based module.
 2014-02-26 11:00:55 -06:00