adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
35,959 Commits 27 Branches 1,043 Tags
0ae2e64bc56dd8543a97cc4ebc94de4738376488
Commit Graph

1719 Commits

Author SHA1 Message Date
sinn3r 8cf5c3b97e Add heaplib2 
[SeeRM #8769] Add heapLib2 for browser exploitation
 2014-03-02 11:47:18 -06:00
David Maloney d358fe5f94 Merge branch 'payload_defaults' 2014-02-26 10:28:46 -06:00
Joe Vennix c760d37703 use the actual shellcode length. 2014-02-24 09:55:44 -06:00
jvazquez-r7 0b5e617236 Land #3016 lsanchez-r7's send_message mod to return info 2014-02-19 17:01:06 -06:00
jvazquez-r7 c0cdea37f7 Initialize send_status at the function's start 2014-02-19 16:54:29 -06:00
lsanchez-r7 f7a483523c changing the initial state from false to nil 2014-02-19 16:45:00 -06:00
Joe Vennix 50fb9b247e Restructure some of the exploit methods. 2014-02-19 02:31:22 -06:00
jvazquez-r7 4ca4d82d89 Land #2939, @Meatballs1 exploit for Wikimedia RCE and a lot more... 2014-02-18 17:48:02 -06:00
lsanchez-r7 07fd3494e5 changing send_message to return more information 2014-02-18 16:48:52 -06:00
Meatballs b8b36ef528 Merge remote-tracking branch 'upstream/master' into pr2075 2014-02-14 22:52:55 +00:00
RageLtMan 0056c26047 import msf exploit 2014-02-12 22:06:18 -05:00
RageLtMan b453362a52 Merge remote-tracking branch 'upstream/pr/2966' into integrate_with_meatballs 2014-02-12 16:43:30 -05:00
Meatballs d8ea11b851 Redirect HTTP too 2014-02-10 23:41:15 +00:00
sinn3r 442d212a94 Add vprint_debug to show what requirements are being compared 2014-02-10 17:33:36 -06:00
Meatballs a87f604c98 Merge remote-tracking branch 'upstream/master' into mediawiki 2014-02-10 21:43:56 +00:00
James Lee fab8e16a87 Unbreak server exploits 2014-02-10 10:54:14 -06:00
jvazquez-r7 57320a59f1 Do small clean up for mediawiki_thumb pr 2014-02-10 08:57:09 -06:00
Meatballs c76341c82d Dont dsub Invoke-Command etc... 2014-02-09 17:45:30 +00:00
Meatballs 151e45d8d1 Better exception descriptions 2014-02-09 12:52:56 +00:00
Meatballs 77dda5dc67 Give option to remove badchars 2014-02-09 12:34:25 +00:00
Meatballs 0379dc128c Raise exception on known issues 2014-02-09 12:15:02 +00:00
Meatballs 02f1ff27ee Add option to encode inner payload 2014-02-09 00:55:26 +00:00
Meatballs f398c982e3 Include option to ensure payload is fully encoded 2014-02-08 23:51:13 +00:00
Meatballs ad308efc05 Really minimize commandline size 2014-02-08 22:53:47 +00:00
Meatballs c37cb5075c Merge remote-tracking branch 'upstream/master' into pr2075 2014-02-08 22:11:31 +00:00
Meatballs c76862b391 Reduce payload size 2014-02-08 22:11:17 +00:00
Meatballs b10df54dbb Dont need to encode the compress payload 2014-02-08 21:34:51 +00:00
Meatballs 26c506da42 Naming of follow method 2014-02-04 15:25:51 +00:00
Meatballs a8ff6eb429 Refactor send_request_cgi_follow_redirect 2014-02-03 21:49:49 +00:00
Meatballs 9fa9402eb2 Better check and better follow redirect 2014-02-02 16:07:46 +00:00
Meatballs 0d3a40613e Add auto 30x redirect to send_request_cgi 2014-02-02 15:03:44 +00:00
Tod Beardsley 90207628cc Land #2666, SSLCompression option 
[SeeRM #823], where Stephen was asking for SSL compression for
Meterpreter -- this isn't that, but it's at least now possible for other
Metasploit functionality.
 2014-01-22 10:42:13 -06:00
Tod Beardsley 0b6e03df75 More comment docs on SSLCompression 2014-01-21 16:48:26 -06:00
Tod Beardsley b8219e3e91 Warn the user about SSLCompression 2014-01-21 16:41:45 -06:00
Joe Vennix d00acccd4f Remove Java target, since it no longer works. 2014-01-04 21:22:47 -06:00
Joe Vennix 60991b08eb Whitespace tweak. 2014-01-03 18:40:31 -06:00
Joe Vennix a5ebdce262 Add exec payload. Cleans up a lot of code. 
Adds some yardocs and whatnot.
 2014-01-03 18:23:48 -06:00
Meatballs 5606958320 Resolve require order 2014-01-02 23:46:18 +00:00
Joe Vennix 8d3130b19e Reorder targets. 2014-01-02 10:48:28 -06:00
Joe Vennix 694cb11025 Add firefox platform, architecture, and payload. 
* Enables chrome privilege exploits in firefox to run a javascript cmd
shell session without touching the disk.
* Adds a spec for the addon_generator.
 2014-01-02 10:48:28 -06:00
Joe Vennix ca23b32161 Add support for Procs in browserexploit requirements. 2013-12-19 12:49:05 -06:00
Joe Vennix cb390bee7d Move comment. 2013-12-18 20:37:33 -06:00
Joe Vennix f411313505 Tidy whitespace. 2013-12-18 20:31:31 -06:00
Joe Vennix 9ff82b5422 Move datastore options to mixin. 2013-12-18 14:52:41 -06:00
Joe Vennix 64273fe41d Move addon datastore options into mixin. 2013-12-18 14:42:01 -06:00
Joe Vennix 1235615f5f Add firefox 15 chrome privilege exploit. 
* Moves the logic for generating a firefox addon into its own mixin
* Updates the firefox_xpi_bootstrapped_addon module to use the mixin
* Module only works if you move your mouse 1px in any direction.
 2013-12-18 14:30:35 -06:00
Meatballs 435cc9b93f Add single quote encapsulation 
For WMI and psh_web_delivery
 2013-12-16 15:13:13 +00:00
Meatballs b252e7873b Merge remote-tracking branch 'upstream/master' into pr2075 2013-12-16 14:29:05 +00:00
William Vu ff9cb481fb Land #2464, fixes for llmnr_response and friends 
Fixed conflict in lib/msf/core/exploit/http/server.rb.
 2013-12-10 13:41:45 -06:00
William Vu 77b036ce5d Land #2703, uninit const fix for MSSQL_SQLI 2013-11-27 13:50:48 -06:00