adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
21,207 Commits 27 Branches 1,043 Tags
2e8c369c692dac5ef0cdc84dfd0a1618d3caea3a
Commit Graph

11059 Commits

Author SHA1 Message Date
sinn3r 2e8c369c69 Land #2559 - remove content-length 2013-10-22 16:03:42 -05:00
Tod Beardsley dc0d9ae21d Land #2560, ZDI references 
[FixRM #8513]
 2013-10-22 15:58:21 -05:00
sinn3r e1c4aef805 Land #1789 - Windows SSO Post Module 2013-10-22 15:48:15 -05:00
sinn3r ba1edc6fa8 Land #2402 - Windows Management Instrumentation Local -> Peers 2013-10-22 15:39:32 -05:00
jvazquez-r7 6989f16661 Land #2548, @titanous's aux module for CVE-2013-4450 2013-10-22 15:02:54 -05:00
jvazquez-r7 bdf07456ba Last cleanup for nodejs_pipelining 2013-10-22 15:00:58 -05:00
Jonathan Rudenberg db447b65f9 Add exploit for Node.js HTTP Pipelining DoS 2013-10-22 15:12:14 -04:00
jvazquez-r7 11b2719ccc Change module plate 2013-10-22 12:36:58 -05:00
jvazquez-r7 df42dfe863 Land #2536, @ddouhine's exploit for ZDI-11-061 2013-10-22 12:35:40 -05:00
jvazquez-r7 c34155b8be Clean replication_manager_exec 2013-10-22 12:34:35 -05:00
Rob Fuller e447aff0ec Fix misleading statement in Outlook post module 
Since this module doesn't retrieve domain exchange information as it isn't stored there it shouldn't say that Outlook isn't installed at all.
 2013-10-22 11:53:15 -04:00
sinn3r 72f3d4f86c Land #2496 - Added ability to generate multiple payloads 
Thx Dave!
 2013-10-22 01:42:03 -05:00
jvazquez-r7 71fab72e06 Delete duplicate content-length from axis2_deployer 2013-10-21 15:35:51 -05:00
William Vu 2aed8a3aea Update modules to use new ZDI reference 2013-10-21 15:13:46 -05:00
jvazquez-r7 10a4ff41de Delete Content-Length duplicate header 2013-10-21 15:11:37 -05:00
sinn3r 57e39c2b2c Land #2498 - multiple payload capabilities 2013-10-21 14:51:24 -05:00
sinn3r 03adb48d48 Resolve NoMethodError undefined method `empty?' for nil:NilClass 
blank? should fix this.
 2013-10-21 14:50:25 -05:00
sinn3r 1599d1171d Land #2558 - Release fixes 2013-10-21 13:48:11 -05:00
Tod Beardsley c1954c458c Just warn, don't bail 
Even if the OS detection returns non-Win7, maybe it's Win 8 or something
where it'll still work. We rarely bail out on checks like these.

If I'm crazy, feel free to skip or revert this commit (it shouldn't hold
up the release at all)

For details on this module, see #2503. I don't see any comments about
this line in particular
 2013-10-21 13:39:45 -05:00
Tod Beardsley bce8d9a90f Update license comments with resplat. 2013-10-21 13:36:15 -05:00
Tod Beardsley c070108da6 Release-related updates 
* Lua is not an acronym
  * Adds an OSVDB ref
  * credit @jvazquez-r7, not HD, for the Windows CMD thing
 2013-10-21 13:33:00 -05:00
sinn3r 4c14595525 Land #2535 - Use %PATH% for notepad 2013-10-21 13:14:44 -05:00
sinn3r 032da9be10 Land #2426 - make use of Msf::Config.data_directory 2013-10-21 13:07:33 -05:00
Tod Beardsley e7d3206dc9 Revert "Land #2505" to resolve new rspec fails 
This reverts commit 717dfefead, reversing
changes made to 6430fa3354.
 2013-10-21 12:47:57 -05:00
sinn3r cacaf40276 Land #2542 - D-Link DIR-605L Captcha Handling Buffer Overflow 2013-10-21 12:03:07 -05:00
sinn3r 9bfd98b001 Change plate 2013-10-21 11:54:42 -05:00
William Vu 717dfefead Land #2505, missing source fix for sock_sendpage 2013-10-21 11:47:55 -05:00
sinn3r 6430fa3354 Land #2539 - Support Windows CMD generic payload 
This also upgrades auxiliary/admin/scada/igss_exec_17 to an exploit
 2013-10-21 11:26:13 -05:00
sinn3r 45d06dd28d Change plate 2013-10-21 11:24:30 -05:00
sinn3r 0670020701 Land #2553 - HP Intelligent Management BIMS DownloadServlet Directory Traversal 2013-10-21 11:20:16 -05:00
sinn3r 8c05f8cf51 Land #2550 - Add HP Intelligent Managemetn UploadServlet dir traversal 2013-10-21 11:14:22 -05:00
sinn3r d22e4ac2f1 Check timeout condition 2013-10-21 11:13:48 -05:00
sinn3r 36dace26fa Land #2538 - Fix redirect URLs 2013-10-21 11:08:03 -05:00
jvazquez-r7 183116c81f Make module work, and final cleanup 2013-10-20 18:39:41 -05:00
jvazquez-r7 27078eb5a6 Add support for HP imc /BIMS 5.1 2013-10-20 18:18:34 -05:00
jvazquez-r7 b0d32a308a Update version information 2013-10-19 00:52:22 -05:00
jvazquez-r7 7d8a0fc06c Add BID reference 2013-10-19 00:29:43 -05:00
jvazquez-r7 aa6a24da1b Add module template 2013-10-19 00:27:57 -05:00
jvazquez-r7 cf239c2234 Add module for ZDI-13-238 2013-10-19 00:05:09 -05:00
William Vu 5a0b8095c0 Land #2382, Lua bind and reverse shells 2013-10-18 17:11:37 -05:00
jvazquez-r7 70fced1d74 Delete unnecessary requires and make msftidy compliant 2013-10-18 16:54:20 -05:00
jvazquez-r7 dbd74bceed Add the ARCH_CMD target 2013-10-18 16:35:22 -05:00
jvazquez-r7 2339cdc713 Land #2513, @joev-r7's osx persistence local exploit 2013-10-18 15:13:50 -05:00
joev 83f27296d3 Fix some bugs in osx persistence. 
- the RUN_NOW datastore option did not work as expected
- Adds support for OSX < 10.4 KeepAlive option
- organizes private methods alphabetically.
 2013-10-18 14:12:33 -05:00
joev 681db6cb41 Use fully qualified constant in include. 2013-10-18 11:31:02 -05:00
joev 05bea41458 mkdir -p the dirname, not the file. 2013-10-18 11:27:37 -05:00
Norbert Szetei 9d6031acdb Reverting payload_inject because of x64 shellcode 
Injecting x64 shellcode in a SYSWOW64 process spawn a 32 bit notepad, so
we revert the changes.
 2013-10-18 09:51:18 +02:00
joev 7a47059e1d Fix a couple more shellescapes. 2013-10-18 00:47:22 -05:00
joev a2e3c6244e Remove unnecessary Exe::Custom logic. 
- this is handled by the exe.rb mixin.
- adds support for a RUN_NOW datastore option.
- tested working on java meterpreter and x86 shell session.
 2013-10-18 00:41:18 -05:00
jvazquez-r7 7dd39ae5e6 Update ranking 2013-10-17 22:43:47 -05:00