adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
18,206 Commits 27 Branches 1,043 Tags
154894bda6ef76d4eb2bec80e861ba94de97e4a5
Commit Graph

9100 Commits

Author SHA1 Message Date
sinn3r a90ed82413 Correct CVE format 2012-12-06 03:57:46 -06:00
sinn3r 2b96c4e2a5 Add Kingcope's MySQL 'Stuxnet' technique exploit 
Because why not.  One more trick to a pentest + coverage = better.
 2012-12-06 03:56:23 -06:00
sinn3r 530332b176 Apply evil-e's fix when port isn't 22 
See #1130
 2012-12-05 21:42:53 -06:00
sinn3r 32c5f12912 Hmm, I should change the target name 2012-12-05 21:38:31 -06:00
sinn3r d3c1fa842a Lots of improvements 
Keyboard-interactive method isn't required to exploit Tectia SSH.
So this update will just go straight to password method. There's
also improvements for the check() method: Not only does it check
the SSH version (banner), it will also check and see if the server
is using password method to auth.
 2012-12-05 21:34:33 -06:00
malerisch 5e28563e4e Advisories URLs changed 2012-12-05 14:33:25 -08:00
sinn3r 49999a56ea Added CVE & vendor advisory information 2012-12-05 10:13:44 -06:00
jvazquez-r7 dd1d60293c Merge branch 'indesign_server' of https://github.com/h0ng10/metasploit-framework into h0ng10-indesign_server 2012-12-05 15:27:25 +01:00
jvazquez-r7 232eb7bf2d Final cleanup plus name change 2012-12-05 00:32:42 +01:00
jvazquez-r7 9cff72af72 Merge branch 'loggedin_users' of https://github.com/R3dy/metasploit-framework into R3dy-loggedin_users 2012-12-05 00:31:24 +01:00
sinn3r 86cbb672fc Merge branch 'psexec_command_fix' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-psexec_command_fix 2012-12-04 15:56:54 -06:00
sinn3r 353ea7bab7 Merge branch 'patch-4' of git://github.com/mubix/metasploit-framework into mubix-patch-4 2012-12-04 15:56:20 -06:00
sinn3r b85919266d Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-12-04 15:55:08 -06:00
jvazquez-r7 3dada00f43 fix typo accor ding to redmine 7550 2012-12-04 22:37:08 +01:00
Rob Fuller 5e9a5268cd remove .inspect debug code 
cosmetic change
 2012-12-04 16:24:15 -05:00
jvazquez-r7 2cca857f6f added support for Mac OS X 2012-12-04 22:04:21 +01:00
jvazquez-r7 9d8f0f94f6 added support for Mac OS X 2012-12-04 22:03:58 +01:00
jvazquez-r7 5548bebb16 embeding payload on the c# script 2012-12-04 17:44:55 +01:00
sinn3r e6c6133c90 must be password authentication 2012-12-04 09:56:51 -06:00
sinn3r 2467183c4f "Appears" is better 
"Appears" is a more accureate way describing how much we think the
host is vulnerable.
 2012-12-04 09:28:05 -06:00
sinn3r b5e7009283 Since we have included Tcp for check(), we don't need to reg rhost 2012-12-04 09:25:24 -06:00
sinn3r 3c59c2d5c0 This extra space must die. 2012-12-03 21:09:07 -06:00
sinn3r 211a1674f5 Add kingcope's Tectia SSH 0day 2012-12-03 21:07:32 -06:00
h0ng10 752907d5f0 exploit for OSVDB-87548 2012-12-03 19:01:40 -05:00
jvazquez-r7 3f3bdb8473 my editor... 2012-12-03 21:45:26 +01:00
jvazquez-r7 8a9ad4253a comment about the original discoverer updated 2012-12-03 21:44:35 +01:00
jvazquez-r7 2cb824d62d Added module for CVE-2012-5357 2012-12-03 20:12:02 +01:00
Brandon McCann 65f9f8ec2e fixed net use cmd 2012-12-02 23:43:35 -06:00
Royce Davis a1136be59e Fixed last ip changed it to peer 2012-12-02 19:17:59 -06:00
Royce Davis 2b171bb003 Added report_note functionality 2012-12-02 18:49:50 -06:00
Royce Davis e4e3ec8fdd Fixed module to use clean psexec method 2012-12-02 18:35:23 -06:00
Royce Davis 476a5dc58c Fixed return without disconnect 2012-12-02 18:27:27 -06:00
Royce Davis 4276279dd8 Fixed print_status to use peer instead of ip 2012-12-02 18:25:09 -06:00
Brandon McCann 5be12c1ad3 add verbose output 2012-12-01 12:04:34 -06:00
Brandon McCann e03ace17d9 typo 2012-12-01 11:57:51 -06:00
Brandon McCann 73b4a9d573 cleaned up rescue statements 2012-12-01 11:09:01 -06:00
Brandon McCann 501224f21f setup() added 2012-12-01 11:03:11 -06:00
Brandon McCann 16c5879d08 error handling added 2012-12-01 09:09:33 -06:00
sinn3r 1085357dbb Talked to Todb, we like "." better 2012-11-30 14:53:57 -06:00
sinn3r 01fc69b2b5 Merge branch 'mandreko-http_hsts' 2012-11-30 14:26:49 -06:00
sinn3r 61a74bf257 Minor changes here and there 
Changes include:
* Some corrections in metadata
* report_note()
* Removes connect(), usually don't need it in modules
 2012-11-30 14:24:27 -06:00
James Lee bc63ee9c46 Merge branch 'jvazquez-r7-file_dropper_support_local' into rapid7 2012-11-30 13:43:02 -06:00
Matt Andreko a73d8792ee Changed RPORT definition per egypt 2012-11-30 13:57:25 -05:00
sinn3r 7ae8f5b338 Modify name a little 2012-11-30 12:11:06 -06:00
sinn3r 9db84a16fa Change output 2012-11-30 12:06:21 -06:00
sinn3r 44022baefa Fix bug: NoMethodError undefined method `empty?' for nil:NilClass 2012-11-30 12:02:32 -06:00
sinn3r 37367bbaa0 Mostly cosmetic changes 2012-11-30 12:01:47 -06:00
sinn3r 4df86c08db Merge branch 'ftpx_post_gather' of git://github.com/bcoles/metasploit-framework into bcoles-ftpx_post_gather 2012-11-30 11:19:32 -06:00
Matt Andreko 40b8c93ef8 Added HSTS scanner for HTTPS sites 2012-11-30 09:30:11 -05:00
sinn3r 9d52048d7f Forgot to remove this after badchar analysis 2012-11-30 02:17:08 -06:00