infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
22,308 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

22308 Commits (ffb7efb52bfc95b954b6262145da9ace08867810)

Author SHA1 Message Date
kicks4kittens ffb7efb52b Merge pull request #1 from jvazquez-r7/review-2801 
Review IBM Lotus Sametime modules
 2014-02-05 21:47:14 +01:00
jvazquez-r7 01ab6fd545 Do small fixes 2014-01-17 17:59:03 -06:00
jvazquez-r7 5ec062ea1c Beautify print message 2014-01-17 17:42:26 -06:00
jvazquez-r7 d96772ead1 Clean multi-threading on ibm_sametime_enumerate_users 2014-01-17 17:38:16 -06:00
jvazquez-r7 bb3d9da0bb Do first cleaning on ibm_sametime_enumerate_users 2014-01-17 16:33:25 -06:00
jvazquez-r7 584401dc3f Clean ibm_sametime_room_brute code 2014-01-17 15:57:12 -06:00
jvazquez-r7 4d079d47b8 Enable SSL by default 2014-01-17 15:34:33 -06:00
jvazquez-r7 277711b578 Fix metadata 2014-01-17 15:31:51 -06:00
jvazquez-r7 10fd5304ce Parse response body just one time 2014-01-17 15:17:25 -06:00
jvazquez-r7 fe64dbde83 Use rhost and rport methods 2014-01-17 14:49:50 -06:00
jvazquez-r7 5e8ab6fb89 Clea ibm_sametime_version 2014-01-17 12:23:11 -06:00
jvazquez-r7 bce321c628 Do response handling a little better, fake test 2014-01-17 11:02:35 -06:00
jvazquez-r7 11d613f1a7 Clean ibm_sametime_webplayer_dos 2014-01-17 10:52:42 -06:00
jvazquez-r7 51b3d164f7 Move the DoS module to the correct location 2014-01-17 09:30:51 -06:00
kicks4kittens 882c637a8c Remove unneeded empty line 2014-01-15 13:57:27 +01:00
kicks4kittens b2f42d2576 Fixed code issues as requested in PR2801 
Mostly coding style issues
Re-tested in testbed - output as expected
 2014-01-15 13:54:25 +01:00
kicks4kittens d0d82fe405 Fixed code issues as requested in PR2801 
Mostly coding style issues
Re-tested in testbed - output as expected
 2014-01-15 13:53:14 +01:00
kicks4kittens 87648476e1 Fixed code issues as requested in PR2801 
Mostly coding style issues
Re-tested in testbed - output as expected
 2014-01-15 13:52:45 +01:00
kicks4kittens 55d4ad1b6a Fixed code issues as requested in PR2801 
Mostly coding style issues
Re-tested in testbed - output as expected
 2014-01-15 13:51:19 +01:00
kicks4kittens 17c0751677 Create ibm_sametime_room_brute.rb 
init
 2013-12-26 13:02:52 +01:00
kicks4kittens 7ba1950424 Create ibm_sametime_enumerate_users.rb 
init
 2013-12-26 13:01:48 +01:00
kicks4kittens 2d6f41d67f Create ibm_sametime_version.rb 
init
 2013-12-26 13:00:39 +01:00
kicks4kittens 3814e3edef Create ibm_sametime_webplayer_dos.rb 
init
 2013-12-26 12:58:51 +01:00
jvazquez-r7 c2783c2746
Land #2798, @wchen-r7 update to safari post module 2013-12-25 10:24:39 -06:00
sinn3r 78db7429d0 Turns out the latest Safari is still vulnerable. 
The version check is currently disabled because turns out the latest
Safari (6.1.1) is still vulnerable - I can still loot it in plain
text.
 2013-12-24 19:27:45 -06:00
sinn3r a26e12b746 Updates descriiption and improves regex for safari_lastsession.rb 
This updates two things for the safari_lastsession post module:

1. The description is updated: More information is added to describe
how Safari would end up storing the Gmail credential in the last
session state, and what it means to you as an attacker.

2. Regex update for the domain to search for: Before the module starts
extract the session data, it needs to know which domain to extract from.
Originally I only added mail.google.com, but turns out the sensitive info
can be found in accounts.google.com, so I added that one.
 2013-12-24 14:00:55 -06:00
jvazquez-r7 95c4092f0f
Land #2797, @rbsec's patch for lotus domino regex 2013-12-24 07:28:57 -06:00
jvazquez-r7 136d635300
Land #2796, @Meatballs1's patch for [FixRM #8716] 2013-12-24 07:20:38 -06:00
rbsec 86a94022c0 Fix lotus_domino_hashes not working. 
Some Lotus Domino servers prefix the "dspHTTPPassword" with a dollar
sign. Updated regex to take this into account.
 2013-12-24 11:57:13 +00:00
sinn3r 90ce761681
Land #2790 - RealNetworks RealPlayer Version Attribute Buffer Overflow 2013-12-24 00:39:54 -06:00
sinn3r 367dce505b Minor details 2013-12-24 00:39:15 -06:00
sgabe f687a14539 Added support for opening via menu. 2013-12-24 03:12:49 +01:00
sinn3r 213556761a
Land #2765 - Added Poison Ivy Command and Control Scanner 2013-12-23 17:36:18 -06:00
sinn3r 0a07bbdf2e Minor changes 2013-12-23 17:35:42 -06:00
Meatballs 075f48a49f
Fix path 2013-12-23 22:44:56 +00:00
sinn3r 8a1f701081
Land #2795 - Increment MDM version to 0.16.9 2013-12-23 15:09:22 -06:00
Tod Beardsley 1599d9a134
Update Gemfile.lock 2013-12-23 14:47:32 -06:00
jvazquez-r7 2cc4fa35cf
Land #2785, @todb-r7's support for post modules on msfcli 2013-12-23 12:05:40 -06:00
Tod Beardsley c156d2a694
Increment MDM version to 0.16.9 
[SeeRM #8725]
 2013-12-23 10:29:36 -06:00
sinn3r 9c484dd0a3
Land #2786 - HP SiteScope issueSiebelCmd Remote Code Execution 2013-12-23 02:34:01 -06:00
sinn3r 5b647ba6f8 Change description 
Pre-auth is implied.
 2013-12-23 02:33:17 -06:00
sgabe 287271cf98 Fixed date format. 2013-12-22 01:32:16 +01:00
sgabe 0ac495fef8 Replaced hex with plain text. 2013-12-22 01:31:37 +01:00
jvazquez-r7 f43bc02297 Land #2787, @mwulftange's exploit for CVE-2013-6955 2013-12-20 17:03:10 -06:00
jvazquez-r7 163a54f8b1 Do send_request_cgi final clean up 2013-12-20 17:00:57 -06:00
sgabe 44ab583611 Added newline to end of file. 2013-12-20 22:40:45 +01:00
sgabe 62f71f6282 Added module for CVE-2013-6877 2013-12-20 22:37:09 +01:00
SeawolfRN bf2dc97595 Merge branch 'poisonivyscanner' of github.com:SeawolfRN/metasploit-framework into poisonivyscanner 2013-12-20 18:46:35 +00:00
SeawolfRN ae7a0159e7 Changed to Puts and get_once - also forgot the timeout... 2013-12-20 18:44:42 +00:00
Markus Wulftange 13a4c62b0d Merge pull request #2 from jvazquez-r7/review_2787 
Do final (minor) cleanup
 2013-12-20 09:53:23 -08:00