dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
38,947 Commits 10 Branches 885 Tags 1.3 GiB
Commit Graph

38947 Commits

Author SHA1 Message Date
Hans Jerry Illikainen 78335f8e20 Update the cache size in bsd/x64/shell_reverse_tcp 2016-07-04 00:35:52 +02:00
Hans Jerry Illikainen f246aa0b58 dup2() to STDERR_FILENO in bsd/x64/shell_reverse_tcp 2016-07-04 00:00:33 +02:00
Hans Jerry Illikainen 54092177a2 Remove superfluous xor in bsd/x64/shell_reverse_tcp 2016-07-03 23:53:11 +02:00
x90" * 365 3fe4ffb225 Change default pattern length 
Changed from 1024 to 8192 per previous version.
 2016-07-03 16:08:54 -04:00
Pearce Barry 12812650c0
Land #7054, Fix busted alpha encoding on ms02_018_htr 2016-07-02 17:07:25 -05:00
Francesco 4ed12d7077 Added: support for credentials saving using report_cred method as suggested 
Added: support for detection of valid user credentials to skip login SQLi if not necessary.
 2016-07-02 01:41:13 -04:00
h00die 844c13dc17 added new vuln device to netgear list, plus docs 2016-07-01 18:32:30 -04:00
James Lee 3850431966
Fix busted alpha encoding on this old-ass exploit 2016-07-01 17:20:00 -05:00
Tod Beardsley 6108352683
And Thao, too! 2016-07-01 16:10:21 -04:00
Tod Beardsley 10e45bbebe
Account for the newer R7'ers in mailmap 2016-07-01 15:55:49 -04:00
Pearce Barry c45f30a7a9 Update nokogiri to v1.6.8, fixes #7051. 2016-07-01 14:53:25 -05:00
wchen-r7 bca0d716c0
Land #7047, Ensure http_login scanner module saves passwds 2016-07-01 12:21:28 -05:00
ssyy201506 1bf03ab4ec Merge pull request #1 from wvu-r7/pr/6954 
Fix some silly things in payload land
 2016-07-02 01:01:52 +09:00
Brendan 70a79bb0e8
Land #7014, Nagios remote root shell exploit 2016-07-01 08:17:38 -07:00
William Webb 2e97a08954
Land #7046, Pad host field in notes -d command 2016-07-01 10:14:45 -05:00
William Webb 02d40eb576
Land #7044, Pass exploit SRVPORT in BrowserAutopwn2 2016-07-01 09:49:05 -05:00
William Vu 4b01213fb5 Rewrite the logic to be positive 
unless is the devil. unless/else doubly so.
 2016-07-01 09:15:42 -05:00
William Vu a1bd640eff Fix hashrocket alignment 2016-07-01 09:05:03 -05:00
William Vu d42d9f8557 Add module docs to appease the Thao god 2016-07-01 01:17:27 -05:00
William Vu 9663f88fdc Download profile.zip instead of including it 
profile.zip is GPL-licensed...
 2016-07-01 01:17:23 -05:00
Pearce Barry 159446ce92 Ensure http_login scanner module saves passwds. 
Fixes #6983.  When the auxiliary/scanner/http/http_login module discovers a successful basic auth user+password combination, make sure we properly store the password by specifically telling the credentials gem that the private data we're storing is a :password.
 2016-06-30 16:58:39 -05:00
William Vu 6e1b6e96a9
Land #7032, rm -rf lib/rex/encoders 
Dead code!
 2016-06-30 16:32:14 -05:00
William Vu f0cd25dcee
Land #7035, lib/sshkey* swap to gem 2016-06-30 16:25:27 -05:00
William Webb 1401a61f59
Land #6998, Fix #6984 Undefined method 'winver' in ms10_092_schelevator 2016-06-30 16:14:09 -05:00
William Vu fec2301fc8
Land #7037, db_export -f xml stack trace fix 
Missed during the Rails upgrade.
 2016-06-30 15:58:38 -05:00
Brent Cook cdf3c63af9
Land #7045, Fix interactive shell with Windows Meterpreter 2016-06-30 15:51:33 -05:00
William Vu 343f4010bd Prefer newer hash syntax 2016-06-30 15:43:06 -05:00
wchen-r7 dbcdc300e5 Fix #7019, Pad host field in notes -d command 
The notes -d command is always expecting a host address, but
fileformat exploits don't have this type of information when the
exploit file is generated, therefore there isn't enough fields
provided for Rex table.

Fix #7019
 2016-06-30 15:38:58 -05:00
Brent Cook d6c7ac51d6 Fix interactive shell with Windows Meterpreter 
see https://github.com/rapid7/metasploit-payloads/pull/105
 2016-06-30 15:34:40 -05:00
William Vu 20c2a10e8a
Add note about issues to CONTRIBUTING.md 2016-06-30 15:14:59 -05:00
wchen-r7 118caa13bf Fix #7021, Pass exploit SRVPORT in BrowserAutopwn2 
In BrowserAutoPwn2, the mixin forgets to pass the SRVPORT datastore
option to the exploits, so they always use the default 8080. As a
result, if a different SRVPORT is set, BAP2 would be serving the
target machine with bad exploit links.

Fix #7021
 2016-06-30 14:20:53 -05:00
HD Moore 23399326c2 Fix up double slashes, tweak syntax 2016-06-30 12:56:29 -05:00
agix 3edb0b3625 Reduce chance to get a null byte in the decoder stub 2016-06-30 19:14:32 +02:00
agix 31ea58d7f0 Inherit from Msf::Encoder::Xor to get key preventing badchars 
I guess it what Msf::Encoder::Xor find_bad_keys is for.
 2016-06-30 18:29:30 +02:00
Tod Beardsley afbeb2b668
Land #7023, fixes for swagger exploit 
Thanks @sdavis-r7!

See #7015 as well.
 2016-06-30 10:54:34 -04:00
Tod Beardsley d1281b6594
Chmod to remove the exec bit. 2016-06-30 10:43:46 -04:00
ssyy201506 0a85f1d233 Fix an error when exiting a interactive shell 2016-06-30 16:19:10 +09:00
Francesco 068a4007de Riverbed SteelCentral NetProfiler & NetExpress Exploit Module 
Changes to be committed:
    new file:   modules/exploits/linux/http/riverbed_netprofiler_netexpress_exec.rb
 2016-06-29 22:27:40 -04:00
agix 8a777bec41 Forget to rename function after msftidy correction 2016-06-29 23:30:48 +02:00
agix c489c5ce3e Add two x64 encoders to improve anti-virus evasion 2016-06-29 23:11:24 +02:00
Pearce Barry 5e39f895cf Fix exception on msf 'db_export' cmd (see #7008) 
Users reported (in GitHub issue #7008) hitting an exception when attempting to export the contents of the msf database (i.e. workspaces, hosts, events, etc.) via the 'db_export' command.  After some digging, it appears there were a few ActiveRecord changes with the new Rails upgrade that require a couple mods to the way we are querying.
 2016-06-29 16:02:31 -05:00
William Vu 68bd4e2375 Fire and forget the shell 
Edge case where reverse_perl returns 302 when app is unconfigured.
 2016-06-29 14:51:05 -05:00
David Maloney 80563b2c0f
Merge branch 'master' into feature/MS-1700/sshkey-gem 2016-06-29 09:44:57 -05:00
Brendan 55457ef977
Land #7034, use the bit-struct gem 2016-06-29 07:35:00 -07:00
thao doan 80c65ec4fc Land #7020, Added documentation for Netbios Spoof module 2016-06-28 14:26:26 -07:00
Pearce Barry d186844cde
Land #7033, Use the proper Author key, not Authors 2016-06-28 16:20:43 -05:00
David Maloney 2dba09a9ce
unvendor sshkey gem 
use the actual maintained gem rather than our vendored
copy

MS-1700
 2016-06-28 16:10:48 -05:00
David Maloney dcddd2d671
use the bit-struct gem 
removed vendored copy of bit-struct and use the gem
instead

MS-1699
 2016-06-28 15:58:47 -05:00
James Lee 4e63591ce8
Use the proper Author key, not Authors 2016-06-28 15:21:19 -05:00
David Maloney 356f4fd54d
delete deprecated lib/rex/encoders 
this directory is all dead code and has been replaced with
the lib/rex/encoder directory. these files should have been
purge a long time ago for cleanlieness

MS-1692
 2016-06-28 14:43:39 -05:00