adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

4544 Commits

Author SHA1 Message Date
William Vu ff6c8bd5de Land #3479, broken sock.get fix 2014-07-16 14:57:32 -05:00
Spencer McIntyre 82abe49754 Mark windows/misc/psh_web_delivery as deprecated 2014-07-16 14:02:05 -04:00
David Maloney 52a29856b3 Merge branch 'master' into staging/electro-release 
Conflicts:
	Gemfile
	Gemfile.lock
 2014-07-16 09:38:44 -05:00
Spencer McIntyre e58100fe85 Land #3419, multi script delivery module by @jakxx 2014-07-15 17:07:51 -04:00
Spencer McIntyre 1a8d73fca8 Minor whitespace and grammar changes 2014-07-15 17:00:28 -04:00
jvazquez-r7 8937fbb2f5 Fix email format 2014-07-11 12:45:23 -05:00
Rob Fuller 755dec1629 msftidy up splunk_upload_app_exec 2014-07-10 00:24:48 -04:00
Gary Blosser c14b96f02e Add #3463 commits from @ghost 2014-07-09 17:56:06 -04:00
David Maloney aeda74f394 Merge branch 'master' into staging/electro-release 
Conflicts:
	Gemfile
	Gemfile.lock
 2014-07-07 16:41:23 -05:00
HD Moore 43d65cc93a Merge branch 'master' into feature/recog 
Resolves conflicts:
	Gemfile
	data/js/detect/os.js
	modules/exploits/android/browser/webview_addjavascriptinterface.rb
 2014-07-06 09:17:44 -05:00
jakxx a735fd3c59 Update web_delivery.rb 2014-07-01 16:52:18 -04:00
Spencer McIntyre 748589f56a Make cmdstager flavor explicit or from info 
Every module that uses cmdstager either passes the flavor
as an option to the execute_cmdstager function or relies
on the module / target info now.
 2014-06-28 17:40:49 -04:00
HD Moore 6e80481384 Fix bad use of sock.get() and check() implementations 
Many of these modules uses sock.get() when they meant get_once()
and their HTTP-based checks were broken in some form. The response
to the sock.get() was not being checked against nil, which would
lead to stack traces when the service did not reply (a likely
case given how malformed the HTTP requests were).
 2014-06-28 16:05:05 -05:00
David Maloney b680674b95 Merge branch 'master' into staging/electro-release 2014-06-27 11:55:57 -05:00
Spencer McIntyre 952c935730 Use a semi-intelligent OptEnum for CMDSTAGER::FLAVOR 2014-06-27 08:34:57 -04:00
Spencer McIntyre 219153c887 Raise NotImplementedError and let :flavor be guessed 2014-06-27 08:34:56 -04:00
jvazquez-r7 870fa96bd4 Allow quotes in CmdStagerFlavor metadata 2014-06-27 08:34:56 -04:00
jvazquez-r7 91e2e63f42 Add CmdStagerFlavor to metadata 2014-06-27 08:34:55 -04:00
jvazquez-r7 dd7b2fc541 Use constants 2014-06-27 08:34:55 -04:00
jvazquez-r7 9e413670e5 Include the CMDStager 2014-06-27 08:34:55 -04:00
jvazquez-r7 d47994e009 Update modules to use the new generic CMDstager mixin 2014-06-27 08:34:55 -04:00
jvazquez-r7 8bf36e5915 AutoDetection should work 2014-06-27 08:34:55 -04:00
jvazquez-r7 778f34bab6 Allow targets and modules to define compatible stagers 2014-06-27 08:34:55 -04:00
jvazquez-r7 7ced5927d8 Use One CMDStagermixin 2014-06-27 08:34:55 -04:00
Spencer McIntyre 2a442aac1f No long needs to extend bourne, and specify a flavor. 2014-06-27 08:34:55 -04:00
Spencer McIntyre 1a392e2292 Multi-fy the hyperic_hq_script_console exploit. 2014-06-27 08:34:55 -04:00
Spencer McIntyre 80bdf750e9 Multi-fy the new printf stager and add to sshexec. 2014-06-27 08:34:55 -04:00
Spencer McIntyre ae25c300e5 Initial attempt to unify the command stagers. 2014-06-27 08:34:55 -04:00
jakxx 4da28f1708 updated platform 2014-06-25 22:01:19 -04:00
jakxx 54ccc261d1 Updates 
Updated spacing, ranking, php command, platform, and merged *nix and
windows cmds
 2014-06-25 16:34:51 -04:00
jvazquez-r7 191c871e9b [SeeRM #8815] Dont try to exploit when generate_payload_exe fails 2014-06-20 14:07:49 -05:00
David Maloney 2b0bb608b1 Merge branch 'master' into staging/electro-release 2014-06-18 10:49:58 -05:00
Christian Mehlmauer 8e1949f3c8 Added newline at EOF 2014-06-17 21:03:18 +02:00
OJ b710014ece Land #3435 -- Rocket Servergraph ZDI-14-161/162 2014-06-17 18:06:03 +10:00
jvazquez-r7 d44d409ff2 Land #3407, @julianvilas's exploit for Java JDWP RCE 2014-06-16 13:38:51 -05:00
jvazquez-r7 6a780987d5 Do minor cleanup 2014-06-16 13:37:44 -05:00
Julian Vilas caa1e10370 Add feature for disabling Java Security Manager 2014-06-15 20:35:19 +02:00
jakxx 3abfa3e12e change to case switch 2014-06-13 19:17:28 -04:00
James Lee 4b78f0ad7c Merge branch 'feature/MSP-9723/glassfish_deployer' into staging/electro-release 2014-06-13 16:11:14 -05:00
David Maloney 96e492f572 Merge branch 'master' into staging/electro-release 2014-06-12 14:02:27 -05:00
jakxx 88273f87db Targets update 2014-06-11 21:50:16 -04:00
Julian Vilas 2296dea5ad Clean and fix 2014-06-12 01:55:27 +02:00
Julian Vilas 4f67db60ed Modify breakpoint approach by step into 2014-06-12 01:23:20 +02:00
HD Moore 0bac24778e Fix the case statements to match platform 2014-06-11 15:22:55 -05:00
HD Moore d5b32e31f8 Fix a typo where platform was 'windows' not 'win' 
This was reported by dracu on freenode
 2014-06-11 15:10:33 -05:00
William Vu af04d5dd05 Use the new hash syntax for consistency 2014-06-10 12:54:35 -05:00
William Vu 00fcdc25f2 Use getaddress on rhost 2014-06-10 12:50:53 -05:00
William Vu 384b65b3ec Refactor glassfish_deployer creds 2014-06-09 15:40:26 -05:00
David Maloney 8e35f5fa12 username and password flipped 
we reported the username as the password
and vice versa
 2014-06-09 13:45:12 -05:00
jvazquez-r7 e4d14194bb Add module for Rocket Servergraph ZDI-14-161 and ZDI-14-162 2014-06-08 11:07:10 -05:00