infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
39,713 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

39713 Commits (fb0a438fdf1801a777bfbf0c9f54ce855b17afbf)

Author SHA1 Message Date
Brent Cook 6241e48b34
Land #7350, add 'sess' command for direct session switching support 2016-09-29 23:18:53 -05:00
Tod Beardsley de9434870c
Land #7375, mock some rex tests for DNS lookups 
Fixes #6467, as far as @lsato-r7 and I can tell.
 2016-09-29 16:37:38 -05:00
Pearce Barry e0cd4d082a
Bump MDM ver to get pro and msf back in sync. 
Per discussion with @dmaloney-r7
 2016-09-29 13:42:13 -05:00
dana-at-cp b06a3d3c68
Refactor code that calls zipalign on injected APK 2016-09-29 07:49:50 -07:00
dana-at-cp e8d99fb3f5
Run zipalign as last step during APK injection process 
Running zipalign on an APK after signing and before distribution
is considered general best practice. Also, properly aligning an APK
makes it less likely to be flagged as suspicious by mobile security
solutions.

More on zipalign from Google:

https://developer.android.com/studio/command-line/zipalign.html
 2016-09-28 20:05:17 -07:00
William Vu bcb040c1ac
Land #7377, read_file for some modules 2016-09-28 18:00:23 -05:00
jvoisin 2272e15ca2 Remove some anti-patterns, in the same spirit than #7372 2016-09-29 00:15:01 +02:00
William Vu 075401d702
Update dynamic_size for andterp spec 2016-09-28 16:58:34 -05:00
William Vu 988471b860
Land #7372, useless use of cat fix 
Obligatory: modules/exploits/linux/local/kloxo_lxsuexec.rb.
 2016-09-28 16:37:11 -05:00
William Vu 3033c16da6 Add missing rank 2016-09-28 16:37:04 -05:00
Jeffrey Martin 21ec4915a7
Land #7292, android stageless with new payload gem 2016-09-28 16:31:45 -05:00
jvoisin b46073b34a Replace `cat` with Ruby's `read_file` 
Thanks to wvu-r7 for the comment
 2016-09-28 23:22:19 +02:00
Jeffrey Martin a457f64e2a
update to latest release payload gem 2016-09-28 16:14:29 -05:00
Jeffrey Martin 1689f10890
Land #7292, add android stageless meterpreter_reverse_tcp 2016-09-28 16:05:22 -05:00
William Vu 45ee59581b
Fix inverted logic in Docker exploit 
Positive condition should be tested first, imo. Confusing otherwise. My
bad, though.

Credit to @fslavin-r7.
 2016-09-28 15:36:09 -05:00
William Vu ab94bb9cdd
Land #7365, nonce fix for Ninja Forms exploit 2016-09-28 13:57:08 -05:00
averagesecurityguy f7e588cdeb Initial commit of module. 2016-09-28 14:55:32 -04:00
Brent Cook ea625d4ea3
Enhance #7360, more stance fixes 2016-09-28 13:49:29 -05:00
Brent Cook 5a611b0ec4 use the correct scope for the Stance names 2016-09-28 13:48:28 -05:00
Louis Sato ca683576d0 Mock rex-socket getaddress call for loginscanner 
Since we're using the rex-socket gem, we don't need to
test the getaddress call for each one of the login scanner specs
 2016-09-28 11:32:06 -05:00
Pearce Barry 76124af8b4
Land #7363, Add LPE exploit module for the capcom driver flaw 2016-09-28 11:02:14 -05:00
Julien (jvoisin) Voisin dbb2abeda1 Remove the `cat $FILE | grep $PATTERN` anti-pattern 
The `kloxo_lxsuexec.rb` and `netfilter_pvi_esc.rb` exploits
were using the infamous `cat+grep` anti-pattern, this commit
replaces it with `cat` and Ruby's `.include?` method.
 2016-09-28 13:41:25 +02:00
Tim b4a1adaf0f refactor into android.rb 2016-09-28 18:23:34 +08:00
Tim dc43f59dcf dalvik -> android 2016-09-28 14:50:52 +08:00
wchen-r7 f838c9990f Fix nonce bug in wp_ninja_forms_unauthenticated_file_upload 
If wordpress saves the nonce value in JavaScript, we could get an
undefined method for nil.
 2016-09-27 11:30:52 -05:00
Jeffrey Martin cdf544be9e
Land #7364, update to latest metasploit-payloads 2016-09-27 11:26:16 -05:00
Brent Cook 8f9be92b1b update to latest metasploit-payloads 2016-09-27 11:06:34 -05:00
OJ 76b3c37262
Fix msftidy errors 2016-09-27 22:56:07 +10:00
OJ 0e82ced082
Add LPE exploit module for the capcom driver flaw 
This commit includes:

* RDI binary that abuses the SMEP bypass and userland function pointer
  invocation that is provided by the driver.
* Related metasploit module.
* Associated make.build to build from command line.
* Updated command line build file.

This also includes the beginnings of a new set of functions that help
with the management/automation of kernel-related work on Windows for
local priv esc exploits.
 2016-09-27 22:37:45 +10:00
Tim de1e0aae99 add missing payload tests 2016-09-27 11:05:19 +08:00
William Vu b87911bd0b
Land #7340, auxiliary/server/socks4a docs 2016-09-26 17:34:45 -05:00
Pearce Barry edbe1c3e14
Land #7361, Make OSX screencapture silent 2016-09-26 17:24:03 -05:00
HD Moore 8bef4e4ec6
Land #7360, restore passive?/aggressive? behavior 
This PR restores the mod.aggressive? and mod.passive? methods to the
implementation prior to 0f7e3e9.
 2016-09-26 15:05:41 -05:00
Brendan b9de73e803
Land #7334, Add aux module to exploit WINDOWS based (java) Colorado 
FTP server directory traversal
 2016-09-26 14:15:23 -05:00
Metasploit 5ea1e7b379
Bump version of framework to 4.12.29 2016-09-26 12:06:21 -07:00
Pearce Barry 6382fffc75
Land #7326, Linux Kernel Netfilter Privesc 2016-09-26 12:38:50 -05:00
Tim 53823a4807 oops msftidy 2016-09-26 23:50:38 +08:00
SJCaldwell 7144d2c96a Put missing nessus_scanner_list command back where it's supposed to be. 
Must have deleted the line by accident somehow.
 2016-09-26 05:26:43 -04:00
Brent Cook 006c749e6a directly check to match the former definition of aggressive? 2016-09-25 23:57:13 -04:00
Henry Pitcairn e5c05c05d2 Make OSX screencapture silent 
By default, the `screencapture` command on OS X plays a camera sound effect. The -x option silences this.
 2016-09-25 22:54:57 -04:00
Brent Cook 743bea912a fix exploit Passive / Aggressive overrides to do the right thing 2016-09-25 19:57:41 -04:00
Adam Cammack a13e83af8a
Land #7357, Stagefright CVE-2015-3864 2016-09-25 17:10:06 -05:00
Pearce Barry 00258a4d31
Land #7351, restore NTLM constant class shortcuts 2016-09-25 12:09:38 -05:00
h00die 23e5556a4c binary drops work! 2016-09-24 21:31:00 -04:00
Brent Cook e0ff8859e9
Land #7359, add EXTRABACON auxiliary module auxiliary/admin/cisco/cisco_asa_extrabacon 2016-09-24 10:46:13 -04:00
zerosum0x0 90bd2a96cd Merge pull request #1 from bcook-r7/land-7353-bacon-too 
Add module docs, credit
 2016-09-24 07:59:30 -06:00
Brent Cook df28e2a85e Add credit to wwebb-r7 for the initial module and ASA hacking notes 2016-09-24 05:48:31 -04:00
Brent Cook 6f4c9435be Add module documentation 2016-09-24 05:48:18 -04:00
TheNaterz cd4299b3a2 Added offsets for version 9.2(4)14 
This version of the ASA is patched and our offsets do not work currently. We may do more work on this to find a solution.
 2016-09-23 16:57:08 -06:00
TheNaterz 087e9461ce Added offsets for version 9.2(4)13 2016-09-23 16:50:50 -06:00