infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
17,767 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

17767 Commits (fde119e889fabc979278b725ebc3777017186e77)

Author SHA1 Message Date
Brandon Turner fde119e889 Move optional gems to bundler groups 
Some users are having trouble installing pcap.  Others want postgres to
remain optional.  The move to requiring bundler in a git environment has
made this hard.

This commit provides a path for these users.  By default, bundler will
install all gems, including postgres and pcaprub.  If it fails to
install some, Metasploit will not function.  But there is hope.  Users
can explicitly exclude the gem groups they don't want.

For example:

    bundle install --without db pcap

will exclude the pcap and postgres gems (and their depedencies).

    bundle install --without db pcap development test

will exclude all non-essential gems.

The good news is that the user only needs to use the `--without` option
once.  Bundler will remember it.  So future runs can still do `bundle
install` (or simply `bundle`) and the gems will still be excluded.  And
if the user changes their mind and wants the optional gems, they can
remove their stored *without* preference using:

    bundle config --delete without

[FIXRM #7891]
 2013-04-12 09:47:40 -05:00
James Lee 15e2ceb749 Land #1660, dlink backdoor wordlist 
[Closes #1660][See #1648]
 2013-04-11 23:04:02 -05:00
Luke Imhoff 960392d614 Merge pull request #1725 from bturner-r7/mdm_from_rubygems 
Use metasploit_data_models from rubygems
 2013-04-11 13:51:08 -07:00
Brandon Turner 97f4882348 Use metasploit_data_models from rubygems 2013-04-11 15:35:19 -05:00
James Lee 8376531a32 Land #1217, java payload build system refactor 
[Closes #1217]
 2013-04-11 13:10:03 -05:00
James Lee 1d09d7e6e9 Java payload bins 
Compiled with the shiny new maven system
 2013-04-11 13:08:16 -05:00
jvazquez-r7 7e5d4bc893 Landing #1614, @jwpari nagios nrpe exploit 2013-04-11 17:53:52 +02:00
James Lee e3eef76372 Land #1223 
This adds rc4-encrypting stagers for Windows.

[Closes #1223]
 2013-04-10 12:14:52 -05:00
James Lee 6c980981db Break up long lines and add magic encoding comment 2013-04-10 09:28:45 -05:00
James Lee b3c78f74d2 Whitespace 2013-04-10 09:28:45 -05:00
Tod Beardsley 6a5d318749 Bumping version. 2013-04-10 08:59:56 -05:00
jvazquez-r7 a1605184ed Landing #1719, @m-1-k-3 dlink_diagnostic_exec_noauth exploit module 2013-04-10 11:17:29 +02:00
jvazquez-r7 4f2e3f0339 final cleanup for dlink_diagnostic_exec_noauth 2013-04-10 11:15:32 +02:00
m-1-k-3 8fbade4cbd OSVDB 2013-04-10 10:45:30 +02:00
Tod Beardsley 522642a65d Updating mailmap 2013-04-09 15:34:51 -05:00
Michael Schierl 263e967a6a Merge pull request #1 from todb-r7/pr1217-fix-gitignore-conflict 
Pr1217 fix gitignore conflict
 2013-04-09 10:04:18 -07:00
Tod Beardsley 2d09aa2a91 Landing #1709. 2013-04-09 10:55:21 -05:00
sinn3r 76d4538d2a Merge branch 'master' of github.com:rapid7/metasploit-framework 2013-04-09 10:24:54 -05:00
sinn3r 8de7b71303 Landing #1711, jhart-r7's improved check to detect unauth conn 
For CVE-2013-1899 Postgres modules
 2013-04-09 10:22:30 -05:00
sinn3r 1e258170dc It's a filename, so not trying to match any single char 2013-04-09 10:20:52 -05:00
sinn3r 50cf039170 Merge branch 'cve-2013-1899-not-auth' of github.com:jhart-r7/metasploit-framework into jhart-r7-cve-2013-1899-not-auth 2013-04-09 10:19:15 -05:00
Tod Beardsley 65e5ed8950 Merge #1716, version checker fix for UAC bypass 2013-04-09 09:00:30 -05:00
Tod Beardsley ba86e14d43 Whitespace and caps fixes 2013-04-09 08:57:53 -05:00
jvazquez-r7 157f25788b final cleanup for linksys_wrt54gl_apply_exec 2013-04-09 12:39:57 +02:00
jvazquez-r7 b090495ffb Landing pr #1703, m-1-k-3's linksys_wrt54gl_apply_exec exploit 2013-04-09 12:38:49 +02:00
m-1-k-3 b93ba58d79 EDB, BID 2013-04-09 11:56:53 +02:00
HD Moore e2b8d5ed23 Fix from David Kennedy, enable Windows 8 support 2013-04-09 02:07:40 -05:00
Tod Beardsley 95ff5c6ab7 Adding new .gitignores 2013-04-08 22:01:46 -05:00
Tod Beardsley b7ddedcb67 Replacing with master's .gitignore 2013-04-08 21:52:35 -05:00
Tod Beardsley f96126aeb7 Merging #1714, wireless interface fix 
No redmine ticket. Note that landing this will shadow commit:a2d6f7b
but landing this empty commit anyway so @jlee-r7 's history gets back to
normal.
 2013-04-08 20:23:14 -05:00
James Lee a2d6f7bb17 Landing #1714 - Don't bomb out if there are no wireless interfaces 
No redmine ticket reported.
 2013-04-08 17:17:47 -05:00
m-1-k-3 cbefc44a45 correct waiting 2013-04-08 21:40:50 +02:00
James Lee 14c1f58afb Don't bomb out if there are no wireless interfaces 2013-04-08 14:19:35 -05:00
jvazquez-r7 225342ce8f final cleanup for sysax_sshd_kexchange 2013-04-08 20:28:37 +02:00
jvazquez-r7 5bc454035c Merge remote-tracking branch 'origin/pr/1710' into landing-pr1710 2013-04-08 20:20:11 +02:00
Jon Hart b1152d1567 Improve Postgres CVE-2013-1899 to detect unauthorized connections 2013-04-08 09:55:23 -07:00
sinn3r d24371eaff Merge branch 'hp_imc_reportimgservlt_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_reportimgservlt_traversal 2013-04-08 10:18:30 -05:00
sinn3r 277bc69140 Merge branch 'bug/rm7288-post-rename' of github.com:jlee-r7/metasploit-framework into jlee-r7-bug/rm7288-post-rename 2013-04-08 10:18:09 -05:00
sinn3r 1b5c34db1a Merge branch 'hp_imc_ictdownloadservlet_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_ictdownloadservlet_traversal 2013-04-08 10:17:19 -05:00
sinn3r 11253c8f3e Merge branch 'hp_imc_faultdownloadservlet_traversal' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-hp_imc_faultdownloadservlet_traversal 2013-04-08 10:16:52 -05:00
Matt Andreko f96baa7e7e Code Review Feedback 
made the CLIENTVERSION always include the "SSH-2.0-OpenSSH_5.1p1 " to trigger DoS
 2013-04-08 10:58:35 -04:00
Matt Andreko 4c8e19ad1a Added reference 
Removed final debug print statement
 2013-04-08 08:28:53 -04:00
Jon Hart 8a98b1af4a Added command mode, plus fixed the dropping of payloads 2013-04-07 15:39:38 -07:00
m-1-k-3 955efc7009 final cleanup 2013-04-07 17:59:57 +02:00
m-1-k-3 9f89a996b2 final regex, dhcp check and feedback from juan 2013-04-07 17:57:18 +02:00
m-1-k-3 83e2f69faa Merge pull request #7 from jvazquez-r7/linksys_wrt54gl_work 
first cleanup for linksys_wrt54gl_apply_exec
 2013-04-07 08:51:51 -07:00
jvazquez-r7 0e69edc89e fixing use of regex 2013-04-07 11:39:29 +02:00
Jon Hart f482496795 Initial commit of an exploit module for the CVEs covered by APSB13-03. 
Not complete but will currently get command execution on Coldfusion 9.x
instances with CSRF protection disabled
 2013-04-06 20:08:50 -07:00
jvazquez-r7 6a410d984d adding get_config where I forgot 2013-04-06 19:13:42 +02:00
jvazquez-r7 0c25ffb4de Landing #1695, agix's smhstart local root exploit 2013-04-06 17:32:12 +02:00