adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
18,206 Commits 27 Branches 1,043 Tags
154894bda6ef76d4eb2bec80e861ba94de97e4a5
Commit Graph

9100 Commits

Author SHA1 Message Date
Tod Beardsley 48a46f3b94 Pack / Unpack should be V not L 
Packing or unpacking to/from L, I, or S as pack types will cause
problems on big-endian builds of Metasloit, and are best avoided.
 2012-09-17 09:52:43 -05:00
Tod Beardsley d77efd587a Merge remote branch 'wchen-r7/ie_0day_execcommand' 2012-09-17 08:48:22 -05:00
sinn3r 5eaefcf4c7 This is the right one, I promise 2012-09-17 08:41:25 -05:00
sinn3r 8f50a167bd This is the right module 2012-09-17 08:36:04 -05:00
sinn3r e43cae70a7 Add IE 0day exploiting the execcommand uaf 2012-09-17 08:28:33 -05:00
Tod Beardsley c83b49ad58 Unix linefeeds, not windows 
That's what I get for just committing willy-nilly with a fresh install
of Gvim for Windows.

Also, this is an experiment to see if linefeeds are being respected in
this editor Window. I doubt it will be, given GitHub's resistence to
50/72 as a sensible default.
 2012-09-16 18:10:35 -05:00
Tod Beardsley 2fc34e0073 Auth successful, not successfully 
Just fixing up some adverb versus adjective grammar.
 2012-09-16 17:51:00 -05:00
sinn3r b07b30839e Merge branch 'webmin_edit_html_fileaccess' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-webmin_edit_html_fileaccess 2012-09-16 03:17:09 -05:00
jvazquez-r7 63d2d60c68 delete don't needed line 2012-09-15 23:56:38 +02:00
jvazquez-r7 ff2e9fc157 add changes proposed by sinn3r 2012-09-15 23:55:55 +02:00
jvazquez-r7 cbc778cb47 add changes proposed by sinn3r 2012-09-15 23:53:09 +02:00
jvazquez-r7 0708ec72fc module moved to a more correct location 2012-09-15 15:31:21 +02:00
jvazquez-r7 0f67f8d08a target modified 2012-09-15 15:14:33 +02:00
jvazquez-r7 70ff7621d6 added module for CVE-2012-2983 2012-09-15 15:11:12 +02:00
jvazquez-r7 0061d23b37 Added module for CVE-2012-2982 2012-09-15 15:09:19 +02:00
jvazquez-r7 9a83c7c338 changes according to egypt review 2012-09-14 18:47:50 +02:00
jvazquez-r7 eae571592c Added rgod email 2012-09-14 17:45:16 +02:00
jvazquez-r7 a2649dc8d1 fix typo 2012-09-14 17:10:41 +02:00
jvazquez-r7 e27d5e2eb7 Description improved 2012-09-14 17:08:59 +02:00
jvazquez-r7 9c77c15cf5 Added module for osvdb 85087 2012-09-14 16:54:28 +02:00
James Lee 3c6319b75f Add nonx stagers for linux 
[See #784]
 2012-09-13 15:15:38 -05:00
James Lee caf7619b86 Remove extra comma, fixes syntax errors in 1.8 
Thanks, Kanedaaa, for reporting
 2012-09-13 12:07:34 -05:00
sinn3r 1f58458073 Merge branch 'udev_netlink' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-udev_netlink 2012-09-13 10:37:52 -05:00
sinn3r b31e8fd080 Merge branch 'qdpm_upload_exec' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-qdpm_upload_exec 2012-09-13 10:37:10 -05:00
sinn3r 71a0db9ae5 Make sure the user has a 'myAccount' page 2012-09-13 10:33:43 -05:00
jvazquez-r7 6771466cb7 Added module for CVE-2011-2750 2012-09-13 17:24:16 +02:00
sinn3r 658502d5ad Add OSVDB-82978 
This module exploits a vuln in qdPM - a web-based project
management software. The user profile's photo upload feature can
be abused to upload any arbitrary file onto the victim server
machine, which allows remote code execution. However, note in
order to use this module, the attacker must have a valid cred
to sign.
 2012-09-13 10:01:08 -05:00
jvazquez-r7 12f3ef9c7c added osvdb numbers 2012-09-13 14:00:12 +02:00
0a2940 733f656b00 code style improvement - start counter at 0 2012-09-13 11:32:10 +02:00
0a2940 f48f77c0d7 compatibility improvement - backticks not $() 
For the comments above, and the fact we're using backticks later in the line also (uniformity++)
 2012-09-13 11:19:00 +02:00
0a2940 f728d32f60 code style improvement - remove 'then' from 'if's 2012-09-13 11:14:45 +02:00
Meatballs1 28b941251e Removed ACCOUNT_LOCKOUT as this replies to invalid logins too 2012-09-13 06:22:35 +01:00
James Lee f38ac954b8 Update linux stagers for NX compatibility 
- Adds a call to mprotect(2) to the reverse and bind stagers

- Adds accurate source for some other linux shellcode, including some
  comments to make it more maintainable

- Adds tools/module_payload.rb for listing all payloads for each exploit
  in a greppable format. Makes it easy to find out if a payload change
  causes a payload to no longer be compatible with a given exploit.

- Missing from this commit is source for reverse_ipv6_tcp
 2012-09-12 18:44:00 -05:00
Doug Prostko d64208a604 changed return address 2012-09-12 18:46:53 -04:00
Doug P f65e2ea923 description spacing 2013-04-12 16:20:43 -04:00
Doug P 90574b869f added description 2013-04-12 16:16:30 -04:00
Doug P 6e6b98e589 got freefloatftp_user.rb working 2013-04-12 16:07:54 -04:00
Doug P d33d6854b8 ... 2013-04-12 09:53:21 -04:00
Doug P be36b466ec Merge branch 'master' into freefloatftp_user 2013-04-11 12:25:19 -04:00
Doug P 96f3a2dd67 freefloatftp_user.rb 2013-04-11 10:36:06 -04:00
doug bd11b4feda working on freefloatftp_user.rb 2013-03-22 16:13:38 -04:00
Tod Beardsley 39f2cbfc3c Older targets confirmed for CoolType SING 2012-09-12 16:51:51 -05:00
Meatballs1 10466090ee Added additional valid status and defaulted SMBDomain to blank 2012-09-12 22:26:51 +01:00
Meatballs1 7d5b3b6066 Added a couple of valid status codes and defaulted SMBDomain to be blank 2012-09-12 22:22:53 +01:00
Tod Beardsley fba219532c Updating BID for openfiler 2012-09-12 14:13:21 -05:00
Tod Beardsley 32e2232de3 Disambiguating hkm from hdm 
Having an author name of "hkm" really looks like a typo for "hdm," but
it's not.
 2012-09-11 11:13:20 -05:00
HD Moore c901002e75 Add ssh login module for cydia / ios defaults 2012-09-10 19:36:20 -05:00
HD Moore fbbed2262b Updated iOS modules 2012-09-10 17:42:17 -05:00
sinn3r 83f4b38609 Merge branch 'winamp_maki_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-winamp_maki_bof 2012-09-10 16:19:14 -05:00
jvazquez-r7 61bf15114a deregistering FILENAME option 2012-09-10 23:14:14 +02:00