infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
29,284 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

29284 Commits (fbd1e9ba6e48ae101099d875c9a515e48f9eac84)

Author SHA1 Message Date
jvazquez-r7 c52104e91d Beautify metadata 2014-11-24 11:24:41 -06:00
jvazquez-r7 fcb4bea3c1 Fix code comments 2014-11-24 11:23:27 -06:00
Tod Beardsley 77b1f2d2f0
Fixup for release 
Fixes the grammar on the SMTP enumeration module and the Cisco CDP
module, and adds a more informative description and reference for the
CDP module introduced on PR #4061.
 2014-11-24 10:50:43 -06:00
jvazquez-r7 10d0305cb2 Update from upstream master 2014-11-24 09:48:43 -06:00
Jon Hart e9750e2df8
Minor style/usability cleanups 2014-11-24 06:57:31 -08:00
jvazquez-r7 1e38e194a8
Land #4251, @hmoore-r7's fixes #4244 msfrpcd 
* msfrpcd quits with undefined method error
* FIX: Remove call to legacy db.sink queue
 2014-11-24 08:57:25 -06:00
Luke Imhoff 38ee3d8c93
Up aruba timeout for simplecov overhead 
MSP-11647

Doubling the timeout is arbitrary, but travis-ci's limit for no output
is 10 minutes, so it can't go much higher.
 2014-11-24 08:43:25 -06:00
Luke Imhoff 62ffbaca51
Add simplecov to cucumber env 
MSP-11647

Port simplecov setup from metasploit-version so that child processes, in
this case msfconsole, will load simplecov and report coverage back to
the parent process.  Coverage from msfconsole's cucumber features is the
only way to get coverage on portions of the command dispatcher commands.
 2014-11-24 08:07:00 -06:00
spdfire 08a67d78c5 module for CVE-2014-6332. 2014-11-24 08:25:18 +01:00
sinn3r c8d72f97eb
Land #4252 - Print access level for snmp_login 2014-11-24 00:27:19 -06:00
sinn3r 57419bb0fc Fix #4253 - Print access level for snmp_login 
Fix #4253 - module should print the access level
 2014-11-22 23:09:15 -06:00
HD Moore b96769fe8a Remove call to legacy db.sink queue, closes #4244 2014-11-22 17:19:12 -06:00
HD Moore 8becf417a7 Qualify ::File to prevent a stacktrace 2014-11-22 17:16:13 -06:00
HD Moore 673e21cfaf Rework meterpreter SSL & pass datastore to handle_connection() 
This allows HandlerSSLCert to be used to pass a SSL certificate into the Meterpreter handler. The datastore has to be passed into handle_connection() for this to work, as SSL needs to be initialized on Session.new. This still doesn't pass the datastore into Meterpreter directly, but allows the Session::Meterpreter code to extract and pass down the :ssl_cert option if it was specified. This also fixes SSL certificate caching by expiring the cached cert from the class variables if the configuration has changed. A final change is to create a new SSL SessionID for each connection versus reusing the SSL context, which is incorrect and may lead to problems in the future (if not already).
 2014-11-22 15:35:00 -06:00
Peter Marszalik 705bd42b41 tab to space change - line 296 2014-11-22 14:48:44 -06:00
sinn3r b34ddbdfff
Land #4247 - Auto-generated SSL certs now match "snakeoil" defaults 2014-11-22 13:36:06 -06:00
tate 9828598cb7 removing timeout method and option 2014-11-22 00:28:56 -07:00
tate 57b04f96a7 working with DLSw protocol check 2014-11-21 23:54:00 -07:00
tate b9a274f869 improving DLSw detection 2014-11-21 18:58:02 -07:00
HD Moore ba9c763f7e Auto-generated SSL certs now match "snakeoil" defaults 
This change emulates the auto-generated snakeoil certificate from Ubuntu 14.04. The main changes including moving to 2048-bit RSA, SHA256, a single name CN for subject/issuer, and the removal of most certificate extensions.
 2014-11-21 18:25:04 -06:00
wez3 53b69583f4 Add Windows post module for reading/searching Outlook e-mail #4 2014-11-21 20:00:30 +01:00
jvazquez-r7 3ac1f7d4fb
Land #4242, @Meatballs1 fix for sap_service_discovery report_note 
* I cannot reproduce @Meatballs1 issue
* But I noticed report_note should :update with :unique_data
* Fixed the :update
 2014-11-21 10:16:08 -06:00
jvazquez-r7 e30ee9fee2 Update with :unique_data 2014-11-21 10:14:39 -06:00
jvazquez-r7 90ae9a3ff8
Land #4173, @wchen-r7's fix for SMB find_first 
* Fixes #4119, SMB find_first("\\*") does not return accurate results
* It missed initialization of sid
 2014-11-21 09:51:57 -06:00
sinn3r f2add929d7
Land #4239 - Support SSL intermediate certs 2014-11-21 02:09:40 -06:00
HD Moore 85de75cd5d
Adds a smtp ntlm domain scanner, lands #4241 2014-11-20 22:18:26 -06:00
rwhitcroft 3ddf848abf Merge pull request #1 from hmoore-r7/smtp_ntlm_domain 
Module cleanup, error handling, and reporting
 2014-11-20 20:43:25 -05:00
HD Moore 99a23ada5c Module cleanup, error handling, and reporting 2014-11-20 16:18:20 -06:00
HD Moore 2f6c4a9ba4 Slight tweak to description/author email formatting 2014-11-20 14:53:52 -06:00
HD Moore 2f92a83092 Change to example.com as the default domain 2014-11-20 14:53:36 -06:00
Meatballs ee15179441
Fix service discovery errors 2014-11-20 18:22:33 +00:00
Meatballs f2b80f4ef1
Merge remote-tracking branch 'upstream/master' 2014-11-20 18:18:00 +00:00
Rich Whitcroft 8306d739e3 add scanner module to extract domain from NTLM challenge 2014-11-20 11:02:21 -05:00
HD Moore d530046164 Bugfix. Chrome is a liar (chain certs properly) 2014-11-19 16:08:03 -06:00
HD Moore 0d091f1c03 Support SSL intermediate certs, closes #4238 
Note that this does not apply to reverse_tcp meterpreter clients yet, as
they do not allow certificates to be supplied. I abstracted out the SSL
certificate generation and parsing methods so that we can address this
next.
 2014-11-19 15:56:49 -06:00
HD Moore abc0640b7b
Fix placeholder, lands #4237 2014-11-19 14:26:10 -06:00
Mark Schloesser 9e9954e831 fix placeholder to show the firmware version I used 2014-11-19 21:23:39 +01:00
Tod Beardsley 6daa8b48a3
Land #4235, Hikvision exploit 2014-11-19 14:18:54 -06:00
Mark Schloesser a718e6f83e add exploit for r7-2014-18 / CVE-2014-4880 2014-11-19 21:07:02 +01:00
Tod Beardsley 6a58774dd6
Land #4234, crediting @jduck 2014-11-19 12:43:04 -06:00
tate a4a1048f95 modified to get data collection off sock working 2014-11-19 11:17:58 -07:00
Jon Hart a91a5f3c4b
Land #4067, @fozavci's IN:SRV support for fakedns 2014-11-19 08:38:00 -08:00
Jon Hart 684975a315 Use correct target address for fake As 2014-11-19 08:28:56 -08:00
Jon Hart 3777e78a85 Sanitize creation of target host. Return minimal for SRV 2014-11-19 08:28:56 -08:00
Jon Hart 52e004d8ab Use less conflicting name for SRV record port 2014-11-19 08:28:56 -08:00
Jon Hart ee90e4353b Add more consistent logging for fakedns types that support fake vs bypass 2014-11-19 08:28:55 -08:00
Jon Hart 0910275fac Don't artificially insert additional records when BYPASS 2014-11-19 08:28:55 -08:00
Fatih Ozavci a38cb3ee53 @jhart-r7 commits are accepted and conflicts fixed. 2014-11-19 08:28:55 -08:00
Fatih Ozavci ab7f6866f5 FAKE and BYPASS actions are implemented for SRV queries 2014-11-19 08:28:55 -08:00
Fatih Ozavci f403d27fbd Author update for the fakedns module 2014-11-19 08:28:55 -08:00