adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
20,790 Commits 27 Branches 1,043 Tags
2e8d19edcf1dfd3ec71e69a63e1107e4e2b7d883
Commit Graph

10789 Commits

Author SHA1 Message Date
Tab Assassin 2e8d19edcf Retab all the things (except external/) 2013-09-30 13:47:53 -05:00
Tod Beardsley 9ada96ac51 Fix sqlmap accidental codepoint 
See http://www.ruby-doc.org/core-1.9.3/String.html#method-i-3C-3C

Apparently, String#<< uses Integer#chr, not Integer#to_s. News to me.

Fixed originally by @TsCl in PR #2435, but fixing seperately in order to
avoid screwing up his downstream tracking. Note, this isn't a merge, so
using Closes tag on the commit message.

[Closes #2435]
 2013-09-30 11:23:17 -05:00
Meatballs b306415ecf Tidy and updates to info 2013-09-29 17:32:39 +01:00
Meatballs 29a7059eb4 Update AlwaysInstallElevated to use a generated MSI file 
Fixes bugs with MSI::UAC option, invalid logic and typo...
 2013-09-29 17:09:03 +01:00
Tod Beardsley 7cc2ad55a6 Land #1770, unattend.xml snarfing modules 2013-09-27 16:04:38 -05:00
Tod Beardsley 63d638888d Get rid of interior tabs 2013-09-27 16:04:03 -05:00
Tod Beardsley d869b1bb70 Unless, unless everywhere. 2013-09-27 15:55:57 -05:00
Tod Beardsley ae655e42d2 Touchups: boolean check, unless, and TODO comment 2013-09-27 15:54:03 -05:00
Tod Beardsley 37e4d58f4a Call CSV text/plain so it can be viewed normally 
Otherwise, things parsing through the loot table will treat it as binary
data, and not display it in a normal texty way, even though it's totally
readable with just a little squinting.
 2013-09-27 15:48:48 -05:00
Tod Beardsley 5e77dccd48 Add a ref to an example unattend.xml 2013-09-27 15:45:57 -05:00
jvazquez-r7 58600b6475 Land #2423, @TecR0c's exploit for OSVDB 96517 2013-09-27 09:48:52 -05:00
jvazquez-r7 6381bbfd39 Clean up freeftpd_pass 2013-09-27 09:47:39 -05:00
TecR0c b02a2b9ce0 Added crash info and basic tidy up 2013-09-27 17:05:42 +10:00
TecR0c 7dbc3f4f87 changed seh address to work on freeFTPd 1.0.10 and below 2013-09-27 12:37:52 +10:00
TecR0c 5fc98481a7 changed seh address to work on freeFTPd 1.0.10 and below 2013-09-27 12:35:03 +10:00
TecR0c a6e1bc61ec updated version in exploit freeFTPd 1.0.10 2013-09-27 11:27:51 +10:00
TecR0c 3a3f1c0d05 updated requested comments for freeFTPd 1.0.10 2013-09-27 11:13:28 +10:00
jvazquez-r7 813bd2c9a5 Land #2379, @xistence's exploit for OSVDB 88860 2013-09-26 13:52:15 -05:00
William Vu acb2a3490c Land #2419, nodejs_js_yaml_load_code_exec info 2013-09-26 12:55:48 -05:00
Tod Beardsley 8696b5d2dc Fix bug on missing hosts for SunRPC Portmap 
Also cleans up and normalizes the print messages to follow the
conventions of "host:port - proto - message"

[FixRM #8409], reported by Chris F.
 2013-09-26 09:42:38 -05:00
jvazquez-r7 b618c40ceb Fix English 2013-09-26 09:00:41 -05:00
TecR0c 0339c3ef48 added freeFTPd 1.0.10 (PASS Command) 2013-09-26 20:37:23 +10:00
xistence c2ff5accee stability fixes to astium_sqli_upload 2013-09-26 10:23:33 +07:00
jvazquez-r7 58d4096e0f Resolv conflicts on #2267 2013-09-25 13:06:14 -05:00
jvazquez-r7 ff610dc752 Add vulnerability discoverer as author 2013-09-25 12:45:54 -05:00
jvazquez-r7 5c88ad41a8 Beautify nodejs_js_yaml_load_code_exec metadata 2013-09-25 12:44:34 -05:00
FireFart 34b829abef bugfix 2013-09-25 09:15:07 +02:00
joev 99e46d2cdb Merge branch 'master' into cve-2013-4660_js_yaml_code_exec 
Conflicts:
	modules/exploits/multi/handler.rb
 2013-09-25 00:32:56 -05:00
joev cd98c4654d Remove unecessary print from #generate in payloads. 2013-09-25 00:12:28 -05:00
Tod Beardsley d91cb85a31 Not actually a typo 
Turns out, the object name is "CCaret," though we're talking about the
"caret." Confuz0ring!
 2013-09-24 15:55:52 -05:00
Tod Beardsley ac1388368f Typo in module name 2013-09-24 15:50:58 -05:00
jvazquez-r7 a50ab1ddd3 Land #2409, @xistence exploit for ZeroShell 2013-09-24 15:32:55 -05:00
jvazquez-r7 6c2063c9c0 Do not get a session on every execute_command call 2013-09-24 15:31:40 -05:00
jvazquez-r7 79ca123051 Use snake_case 2013-09-24 15:16:51 -05:00
jvazquez-r7 34b84395c1 Fix References field 2013-09-24 15:16:02 -05:00
Tod Beardsley 93486a627d Whoops on trailing commas 2013-09-24 15:14:11 -05:00
jvazquez-r7 adfacfbed1 Do not fail_with on method used from check 2013-09-24 15:08:48 -05:00
jvazquez-r7 4b6a646899 Fix typo 2013-09-24 15:06:35 -05:00
jvazquez-r7 f5cac304f4 Use default send_request_cgi timeout 2013-09-24 15:05:24 -05:00
William Vu 52a92a55ce Land #2394, ms13_005_hwnd_broadcast require fix 2013-09-24 13:43:21 -05:00
jvazquez-r7 ce4cf55d22 Land #2417, @todb-r7's change to Platform field to make ruby style compliant 2013-09-24 13:30:48 -05:00
William Vu 89222f4b16 Land #2416, OSVDB refs for arkeia_upload_exec 2013-09-24 13:22:24 -05:00
Tod Beardsley 3906d4a2ca Fix caps that throw msftidy warnings 2013-09-24 13:03:16 -05:00
Tod Beardsley f47d4d7927 Revert change for resolve_hosts after #2415 2013-09-24 12:47:00 -05:00
jvazquez-r7 7eecf7e6f0 Land #2415, @Meatballs1's fix for resolve_hosts platform list 2013-09-24 12:37:03 -05:00
Tod Beardsley c547e84fa7 Prefer Ruby style for single word collections 
According to the Ruby style guide, %w{} collections for arrays of single
words are preferred. They're easier to type, and if you want a quick
grep, they're easier to search.

This change converts all Payloads to this format if there is more than
one payload to choose from.

It also alphabetizes the payloads, so the order can be more predictable,
and for long sets, easier to scan with eyeballs.

See:
  https://github.com/bbatsov/ruby-style-guide#collections
 2013-09-24 12:33:31 -05:00
Meatballs1 4b4ab3a6a0 Remove Linux Plat from ResolveHosts 2013-09-24 12:00:53 -05:00
Tod Beardsley 081c279b61 Remove misleading comment 2013-09-24 11:42:31 -05:00
jvazquez-r7 d15f442e56 Add OSVDB references to arkeia_upload_exec 2013-09-24 08:48:28 -05:00
FireFart aeb663a5d4 fix output 2013-09-24 10:48:38 +02:00