adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
25,236 Commits 27 Branches 1,043 Tags
2cedee1aefeafd91cbc2cfb8b7b5ebd3e49b4e0f
Commit Graph

6620 Commits

Author SHA1 Message Date
James Lee 4b78f0ad7c Merge branch 'feature/MSP-9723/glassfish_deployer' into staging/electro-release 2014-06-13 16:11:14 -05:00
David Maloney 96e492f572 Merge branch 'master' into staging/electro-release 2014-06-12 14:02:27 -05:00
HD Moore 0bac24778e Fix the case statements to match platform 2014-06-11 15:22:55 -05:00
HD Moore d5b32e31f8 Fix a typo where platform was 'windows' not 'win' 
This was reported by dracu on freenode
 2014-06-11 15:10:33 -05:00
David Maloney 9593422f9c Merge branch 'master' into staging/electro-release 2014-06-11 10:23:56 -05:00
William Vu af04d5dd05 Use the new hash syntax for consistency 2014-06-10 12:54:35 -05:00
William Vu 00fcdc25f2 Use getaddress on rhost 2014-06-10 12:50:53 -05:00
jvazquez-r7 a554b25855 Use EXITFUNC 2014-06-10 09:51:06 -05:00
William Vu 384b65b3ec Refactor glassfish_deployer creds 2014-06-09 15:40:26 -05:00
David Maloney 8e35f5fa12 username and password flipped 
we reported the username as the password
and vice versa
 2014-06-09 13:45:12 -05:00
David Maloney 482aa2ea08 Merge branch 'master' into staging/electro-release 2014-06-09 10:27:22 -05:00
Brendan Coles 6bef6edb81 Update efs_easychatserver_username.rb 
Add targets for versions 2.0 to 3.1.
Add install path detection for junk size calculation.
Add version detection for auto targeting.
 2014-06-08 06:36:18 +10:00
Meatballs bf1a665259 Land #2657, Dynamic generation of windows service executable functions 
Allows a user to specify non service executables as EXE::Template as
long as the file has enough size to store the payload.
 2014-06-07 13:28:20 +01:00
David Maloney da09a2725b we need the service data in the login! 
ooopsie #2
 2014-06-06 10:51:12 -05:00
David Maloney a84980fa9d login creation was missing! 2014-06-05 13:56:08 -05:00
David Maloney 62866374b8 refactor tomcat_mgr_deploy 2014-06-04 16:22:22 -05:00
David Maloney f22447f91e refactor tomcat_mgr_upload 2014-06-04 16:07:57 -05:00
David Maloney 28bf29980e Merge branch 'master' into staging/electro-release 2014-06-04 10:21:08 -05:00
Tod Beardsley d0d389598a Land #3086, Android Java Meterpreter updates 
w00t.
 2014-06-02 17:28:38 -05:00
David Maloney 07093ada58 add realm handling to psexec 
oops, forgot to create the realm when applicable
 2014-06-02 14:53:40 -05:00
Tod Beardsley b136765ef7 Nuke extra space at EOL 2014-06-02 14:22:01 -05:00
David Maloney 361b9a1616 psexec credential refactor 
refactor psexec credential reporting
to use Metasploit::Credential
 2014-06-02 14:20:54 -05:00
Tod Beardsley ea383b4139 Make print/descs/case consistent 2014-06-02 13:20:01 -05:00
sinn3r 3a3d038904 Land #3397 - ElasticSearch Dynamic Script Arbitrary Java Execution 2014-05-29 12:21:21 -05:00
sinn3r dfa61b316e A bit of description change 2014-05-29 12:20:40 -05:00
William Vu 53ab2aefaa Land #3386, a few datastore msftidy error fixes 2014-05-29 10:44:37 -05:00
William Vu 8a2236ecbb Fix the last of the Set-Cookie msftidy warnings 2014-05-29 04:42:49 -05:00
jvazquez-r7 7a29ae5f36 Add module for CVE-2014-3120 2014-05-27 18:01:16 -05:00
William Vu 352e14c21a Land #3391, all vars_get msftidy warning fixes 2014-05-26 23:41:46 -05:00
Christian Mehlmauer da0a9f66ea Resolved all msftidy vars_get warnings 2014-05-25 19:29:39 +02:00
Christian Mehlmauer df97c66ff5 Fixed check 2014-05-24 00:37:52 +02:00
Christian Mehlmauer 8d4d40b8ba Resolved some Set-Cookie warnings 2014-05-24 00:34:46 +02:00
Tod Beardsley efffbf751a PHP module shouldnt zap CMD option (@wchen-r7) 
As far as I can tell, there is no purpose for this cleanup. No other CMD
exec module takes pains to clear out CMD after run, and it looks like a
bad idea -- what happens when you rexploit?
 2014-05-23 15:09:18 -05:00
mercd 28459299b2 Update ibstat_path.rb 
Add interface detection, defaulting to en0.
 2014-05-22 14:16:04 -07:00
jvazquez-r7 b9464e626e Delete unnecessary line 2014-05-21 10:18:03 -05:00
jvazquez-r7 af415c941b [SeeRM #8803] Avoid false positives when checking fb_cnct_group 2014-05-20 18:44:28 -05:00
Jonas Vestberg 7cabfacfa3 Test adobe_flash_pixel_bender_bof on Safari 5.1.7 
Added browser-requirement for Safari after successful test using Safari 5.1.7 with Adobe Flash Player 13.0.0.182 running on Windows 7 SP1.
 2014-05-20 01:43:19 +02:00
Meatballs 52b182d212 Add a small note to bypassuac_injection concerning EXE::Custom 2014-05-19 22:00:35 +01:00
Meatballs b84379ab3b Note about EXE::Custom 2014-05-19 22:00:09 +01:00
Tod Beardsley 0ef2e07012 Minor desc and status updates, cosmetic 2014-05-19 08:59:54 -05:00
sinn3r bf52c0b888 Land #3364 - Symantec Workspace Streaming Arbitrary File Upload 2014-05-19 00:25:33 -05:00
jvazquez-r7 2fb0dbb7f8 Delete debug print_status 2014-05-18 23:34:04 -05:00
jvazquez-r7 975cdcb537 Allow exploitation also on FF 2014-05-18 23:24:01 -05:00
Jonas Vestberg 033757812d Updates to adobe_flash_pixel_bender_bof: 
1. Added embed-element to work with IE11 (and Firefox). Removed browser-requirements for ActiveX (clsid and method).
2. Added Cache-Control header on SWF-download to avoid AV-detection (no disk caching = no antivirus-analysis :).

Testing performed:
Successfully tested with Adobe Flash Player 13.0.0.182 with IE9, IE10 and IE11 running on Windows 7SP1. (Exploit will trigger on FF29, although sandboxed.)
 2014-05-18 22:43:51 +02:00
jvazquez-r7 1b68abe955 Add module for ZDI-14-127 2014-05-15 13:41:52 -05:00
William Vu 750b6fc218 Land #3348, some Ruby warning fixes 2014-05-14 01:25:10 -05:00
William Vu c421b8e512 Change if not to unless 2014-05-14 01:24:29 -05:00
Christian Mehlmauer df4b832019 Resolved some more Set-Cookie warnings 2014-05-13 22:56:12 +02:00
agix 1a3b319262 rebase to use the mixin psexec 2014-05-13 16:04:40 +02:00
agix d3f2414d09 Fix merging typo 2014-05-13 16:04:40 +02:00