8f30e5548c
Fix bug: "TypeError can't convert nil into String" when fd.read can be nil
2012-03-02 02:18:07 -06:00
67f788768d
Fix tabs
2012-03-01 22:31:08 -06:00
fd2d9ae0ea
Add MP4 file generating function. Update the description regarding exploit usage.
2012-03-01 22:24:35 -06:00
b1b2ec2c7d
Merge branch 'CVE-2008-5036_vlc_realtext' of https://github.com/juanvazquez/metasploit-framework into juanvazquez-CVE-2008-5036_vlc_realtext
2012-03-01 21:13:33 -06:00
3c4c500544
Add a few more meterpreter API tests
2012-03-01 19:21:34 -07:00
8bad0033d3
Update description
2012-03-01 19:16:29 -06:00
0bc26c1665
Add CVE-2009-4656: DJ Studio .pls buffer overflow
2012-03-01 19:09:25 -06:00
323e58d944
Merge pull request #213 from rsmudge/armitage
...
Armitage 03.02.12
2012-03-01 16:32:39 -08:00
d06848ba56
Default to token impersonation before migrating to a different process
2012-03-01 18:31:33 -06:00
e564282ddc
fix armitage pivoting/arp scan tools to work with updated meterpreter route output
2012-03-01 18:35:05 -05:00
9bac806cdb
Add some simple meterpreter API tests
2012-03-01 16:30:37 -07:00
4f2fd918e4
Only add a Content-Type when it's not nil
...
Makes it possible to create MIME parts for non-file POST parameters when
sending a file.
2012-03-01 16:28:55 -07:00
687c50d0cd
Indent level fix
2012-03-01 16:14:29 -06:00
f1a6d8f535
Added exploit module for CVE-2008-5036
2012-03-01 23:06:40 +01:00
5a5e5eab95
Add msvcrt ROP target for IE8
2012-03-01 15:23:41 -06:00
1bc99646e7
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-03-01 15:14:05 -06:00
32a4f1149e
Merge pull request #211 from swtornio/master
...
osvdb ref updates
2012-03-01 09:39:21 -08:00
2d802750e3
fix osvdb ref
2012-03-01 08:07:11 -06:00
256fee3626
add osvdb ref
2012-03-01 08:06:53 -06:00
a32bcc44f2
Merge branch 'post-apple-ios-backup-osx-fix' of https://github.com/gregory-m/metasploit-framework
2012-03-01 00:43:17 -06:00
be65f421f7
New Java meterpreter bins for adding MTU
2012-02-29 20:31:56 -07:00
fbc8e25aaa
Add the new stdapi/net TLVs to java
2012-02-29 20:31:12 -07:00
14dfcce63a
Add the MTU when it's available
...
This doesn't work on 1.4, but I'm not Java-savvy enough to figure out
how to only compile it for 1.4, so do a ghetto try-catch block in case
the method doesn't exist.
2012-02-29 20:30:03 -07:00
bde9a846b9
Default the index to -1
...
This prevents stack traces on Java which doesn't provide the index.
2012-02-29 20:27:10 -07:00
8380d0e9e0
No need to set the driver anymore
...
Fixes a ridiculous stack trace when connecting with a yaml file.
2012-02-29 15:47:45 -07:00
e9df9d6c2c
Increase default depth
2012-02-29 16:24:18 -06:00
aacf9d2050
Add a check to be more aware of the fact a database might not be connected
2012-02-29 16:21:46 -06:00
4369f73c7a
Msftidy fixes on new modules
...
Dropped a cryptic year reference from jducks' java module, found a
spurious space in thelightcosine's telnet module.
2012-02-29 10:42:43 -06:00
73ba8aca60
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-02-29 10:14:11 -06:00
74cdb5dabc
It's a two-space tab, not one space. OMG.
2012-02-29 10:13:29 -06:00
f5e2d1c19b
Grevious typo causing load_session_info failure
...
That's the problem with rescue ::Exception, it catches crap like this
and it takes a while before anyone notices. =(
2012-02-29 08:14:02 -07:00
4a5d7debd5
Add the usleep back in
...
MM convinced me.
2012-02-29 02:20:23 -07:00
eaf41769ed
Fixed gather/apple_ios_backup to work with OSX
...
Also moved it to post/multi/gather
2012-02-29 10:31:26 +02:00
de9b35d7b0
Fixes #6485 by allowing validation to write back normalized values to
...
global. This isn't perfect, but we have no better solution unless we
clone the module datastore and unset the default imported_by for the
module run (actively testing that too in a branch)
2012-02-29 01:49:26 -06:00
7b40d8d819
Allow updates to fallthrough to the global store just like reads
2012-02-29 01:40:54 -06:00
278f394552
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-02-29 01:37:36 -06:00
6321ff7cb4
Change output message
2012-02-29 01:36:38 -06:00
bc8480715f
Add references to metadata. Do report_auth_info() when a credential is found. Plus other minor changes.
2012-02-29 01:32:21 -06:00
4290c2e569
Merge pull request #206 from rsmudge/armitage
...
Armitage 02.29.12
2012-02-28 22:17:13 -08:00
4c39cfd98a
Small tweak to the format of the type
2012-02-28 23:52:48 -06:00
4b1e67f94f
Add ROP target for Win2k3 SP1 and SP2
2012-03-04 17:18:34 -06:00
29cf8683ee
Merge pull request #218 from swtornio/master
...
add osvdb ref
2012-03-03 16:27:34 -08:00
8f93a5abbb
add osvdb ref
2012-03-03 12:28:30 -06:00
fa916d863d
Add Sysax SSH buffer overflow exploit
2012-03-03 10:11:51 -06:00
9f05562a18
Don't distinguish between IPv4 and IPv6 routes
...
It's easier to deal with one Array of all routes regardless of INET
family than having get_routes() return a two-element Array of Arrays.
Also fixes a bug in each_route() which was expecting get_routes() to
return a single Array of all routes. Thanks to valsmith for reporting.
2012-03-02 18:26:57 -07:00
c44c0ebf48
Refactor ModuleTest and add a few more tests
...
This makes running tests from a post module as easy as creating methods
that start with +test_+ and running +it()+ blocks inside them.
2012-03-02 17:56:40 -07:00
6c0f8636ec
Merge pull request #217 from rapid7/reverse-http-randomness
...
Reverse http randomness
2012-03-02 16:36:26 -08:00
165257db75
Remove unused "plus" code
2012-03-02 17:46:59 -06:00
b70b41091b
Tested fairly well - this randomizes the URLs and removes the user-agent string from the request
2012-03-02 17:44:23 -06:00
ce94ffd755
First round of changes to http(s) payloads
2012-03-02 17:13:51 -06:00
sinn3r