adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
35,959 Commits 27 Branches 1,043 Tags
0ae2e64bc56dd8543a97cc4ebc94de4738376488
Commit Graph

18796 Commits

Author SHA1 Message Date
jvazquez-r7 182c1bc7fe Disconnect socket when login fails 2015-08-17 18:20:04 -05:00
Brent Cook 6b94513a37 Land #5860, add tpwn OS X local kernel exploit (https://github.com/kpwn/tpwn) 2015-08-17 17:41:04 -05:00
William Vu 26165ea93f Add tpwn module 2015-08-17 17:11:11 -05:00
Brent Cook b17d8f8d49 Land #5768, update modules to use metasploit-credential 2015-08-17 17:08:58 -05:00
jvicente a9ad7b7c6f Modifications to use cmd_exec instead of session.shell_write. 
Refactoring of common functions to a new Post mixin /lib/msf/core/post/linux/busybox.rb.
 2015-08-17 18:24:22 +02:00
jvazquez-r7 a5bed0198a Use each_char 2015-08-17 11:08:40 -05:00
jvazquez-r7 e7433b81bd Reuse architecture check 2015-08-17 10:28:10 -05:00
Brent Cook 5dd015150c Land #5748, refactor google geolocate, add wlan_geolocate and send_sms to android meterpreter 2015-08-16 10:58:17 -05:00
benpturner 8800d89424 Updated to reflect HD's comments on indents and name of local script. 2015-08-16 10:47:20 +01:00
joev 98e2d074c3 Add disclosure date. 2015-08-15 20:09:41 -05:00
joev a133e98ba5 Adds a ff 35-36 RCE vector based off the recent ff bug. 2015-08-15 20:02:00 -05:00
Brent Cook 9720e8e081 normalize osx to darwin so python meterp works 2015-08-15 19:49:55 -05:00
Brent Cook 422bba87d3 style fixes, moved google_geolocate to google/geolocate 2015-08-15 19:49:32 -05:00
HD Moore 42e08cbe07 Fix bad use of get_profile (now browser_profile) 2015-08-14 19:50:42 -05:00
jvazquez-r7 c02df6b39d Land #5800, @bperry's Symantec Endpoint Protection Manager RCE module 2015-08-14 17:03:48 -05:00
jvazquez-r7 b33abd72ce Complete description 2015-08-14 17:03:21 -05:00
jvazquez-r7 4aa3be7ba2 Do ruby fixing and use FileDropper 2015-08-14 17:00:27 -05:00
jvazquez-r7 ddb7224160 Land #5847, @todb-r7 on behalf of anonymous contributor, exploit for FF CVE-2015-4495 
* To exfiltrate arbitrary files
* Tested successfully on linux
 2015-08-14 14:57:28 -05:00
jvazquez-r7 a560496455 Do minor ruby style fixes 2015-08-14 14:50:03 -05:00
jvazquez-r7 82193f11e7 Minor js fixes 2015-08-14 14:45:48 -05:00
Brent Cook 0a4651a553 Land #5359, add PuTTY session enumeration module 2015-08-14 13:20:05 -05:00
jvazquez-r7 b908f41b0f Land #5838, @bcook-r7's fixes for paylaod cached sizes 2015-08-14 12:39:58 -05:00
Tod Beardsley e4cb6872f2 Add exploit for CVE-2015-4495, Firefox PDF.js 2015-08-14 12:07:15 -05:00
Brent Cook 6b1e911041 Instantiate payload modules so parameter validation occurs 
Calling .new on payload modules does not perform parameter validation, leading
to a number cached sizes based on invalid parameters. Most notably,
normalization does not occur either, which makes all OptBool params default to
true.
 2015-08-14 11:35:39 -05:00
Stuart Morgan ee7c418ca8 Rubocop and msftidy-ied :-) 2015-08-14 17:19:07 +01:00
Stuart Morgan 02a58d459b Merge remote-tracking branch 'upstream/master' into pageant_extension 2015-08-14 17:05:38 +01:00
Stuart Morgan e2b6c11a3e Update 2015-08-14 16:24:52 +01:00
joev 0615d908c4 Update description to explain quarantine effects. 2015-08-13 23:46:37 -05:00
joev 84144bf6cf Update webarchive_uxss to use the webarchive mixin. 
- Fixes extension installation to use a new window, not an iframe
- Steals the entire cookie file
- Removes cache poisoning scripts, which no longer seem to work
 2015-08-13 23:41:27 -05:00
Spencer McIntyre 33f1324fa9 Land #5813, @jakxx adds VideoCharge SEH file exploit 2015-08-13 18:01:25 -04:00
jakxx e9d3289c23 EXITFUNC caps 2015-08-13 17:25:31 -04:00
jakxx 6e1c714b2b Update to leverage auto-NOP generation 2015-08-13 17:24:18 -04:00
jakxx 361624161b msftidy 2015-08-13 16:27:27 -04:00
jakxx 03eb2d71b2 Add watermark fileformat exploit 2015-08-13 16:26:17 -04:00
William Vu f19186adda Land #5841, homm3_h3m default target change 2015-08-13 14:54:58 -05:00
Tod Beardsley 02c6ea31bb Use the more recent HD version as default target 2015-08-13 14:42:21 -05:00
Christian Mehlmauer 80a22412d9 use EXITFUNC instead of ExitFunction 2015-08-13 21:22:32 +02:00
William Vu 605a14350f Land #5833, sshexec improvements 2015-08-13 14:16:22 -05:00
William Vu 3bd6c4cee4 Add a comma 2015-08-13 14:16:09 -05:00
Mo Sadek 677ec341dd Land #5839, pre-bloggery cleanup edits 2015-08-13 13:43:57 -05:00
William Vu c94a185610 Land #5697, Werkzeug debug RCE 2015-08-13 13:32:27 -05:00
William Vu d54ee19ce9 Clean up module 2015-08-13 13:32:22 -05:00
Jon Hart 61e23ad23e Switch back to ::Net::DNS::Packet.new 2015-08-13 11:29:56 -07:00
Jon Hart 9f2c62d4ce Use query_name instead of datastore 2015-08-13 11:17:27 -07:00
Tod Beardsley bb4116ed9d Avoid msftidy.rb rule breaking on missing newline 2015-08-13 12:38:05 -05:00
Tod Beardsley 50041fad2a Pre-Bloggery cleanup 
Edited modules/auxiliary/gather/lansweeper_collector.rb first landed in
and minor description word choice changes.

Edited modules/auxiliary/server/browser_autopwn2.rb first landed in
options. Also removed from the description the missing options of
'WhiteList' and 'RealList' -- those don't appear to be available
according to `show options` and `show advanced`, @wchen-r7.

Edited modules/post/multi/recon/local_exploit_suggester.rb first landed
in #5823, mv local_exploit_{suggestor,suggester} for minor description
cleanup and axing the description of the SHOWDESCRIPTION option (it's
already described identically on the option itself).
 2015-08-13 12:33:04 -05:00
Jon Hart 3a7cea51b4 Merge master and fix Net::DNS::RR merge conflicts 2015-08-13 08:53:25 -07:00
jakxx e7566d6aee Adding print_status line 2015-08-12 16:08:04 -04:00
Spencer McIntyre 28fbb7cdde Update the description of the sshexec module 2015-08-12 16:05:09 -04:00
Spencer McIntyre dfe2bbf1e9 Add a python target to the sshexec module 2015-08-12 15:46:47 -04:00