adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
29,426 Commits 27 Branches 1,043 Tags
488f46c8a192abbeaa365a7a881663fe61a1873d
Commit Graph

4341 Commits

Author SHA1 Message Date
Tod Beardsley 488f46c8a1 Land #4324, payload_exe rightening. 
Fixes #4323, but /not/ #4246.
 2014-12-12 15:04:57 -06:00
HD Moore 50b734f996 Add Portuguese target, lands #3961 (also reorders targets) 2014-12-12 14:23:02 -06:00
Christian Mehlmauer 0f27c63720 fix msftidy warnings 2014-12-12 13:16:21 +01:00
Jon Hart 65b316cd8c Land #4372 2014-12-11 18:48:16 -08:00
Christian Mehlmauer 544f75e7be fix invalid URI scheme, closes #4362 2014-12-11 23:34:10 +01:00
Christian Mehlmauer de88908493 code style 2014-12-11 23:30:20 +01:00
Tod Beardsley 0eea9a02a1 Land #3144, psexec refactoring 2014-12-10 17:30:39 -06:00
William Vu 2f98a46241 Land #4314, @todb-r7's module cleanup 2014-12-05 14:05:09 -06:00
sinn3r 7ae786a53b Add a comment as an excuse to tag the issue 
Fix #4246

... so it will automatically close the ticket.
 2014-12-05 11:26:26 -06:00
sinn3r f25e3ebaaf Fix #4246 - More undef 'payload_exe' in other modules 
Root cause: payload_exe is an accessor in the TFPT command stager
mixin, you need stager_instance in order to retreive that info.
 2014-12-05 11:19:58 -06:00
Jon Hart 52851d59c0 Update GATEWAY to GATEWAY_PROBE_HOST, add GATEWAY_PROBE_PORT 2014-12-04 13:26:16 -08:00
Jon Hart 6bd56ac225 Update any modules that deregistered NETMASK 2014-12-04 13:22:06 -08:00
Tod Beardsley 79f2708a6e Slight fixes to grammar/desc/whitespace 
Note that the format_all_drives module had a pile of CRLFs that should
have been caught by msftidy. Not sure why it didn't.
 2014-12-04 13:11:33 -06:00
sinn3r 2fcbcc0c26 Resolve merge conflict for ie_setmousecapture_uaf (#4213) 
Conflicts:
	modules/exploits/windows/browser/ie_setmousecapture_uaf.rb
 2014-12-03 14:12:15 -06:00
sinn3r a88ee0911a Fix os detection 
See #3373
 2014-12-02 01:15:55 -06:00
sinn3r a42c7a81e7 Fix os detection 
See #4283
 2014-12-02 01:13:51 -06:00
sinn3r 0f973fdf2b Fix #4284 - Typo "neline" causing the exploit to break 
"neline" isn't supposed to be there at all.
 2014-12-01 01:24:30 -06:00
sinn3r 2a7d4ed963 Touchup 2014-11-28 10:12:05 -06:00
spdfire 583494c0db use BrowserExploitServer 2014-11-24 18:49:27 +01:00
spdfire 08a67d78c5 module for CVE-2014-6332. 2014-11-24 08:25:18 +01:00
Meatballs 1d0d5582c1 Remove datastore options 2014-11-19 15:05:36 +00:00
Meatballs 7004c501f8 Merge remote-tracking branch 'upstream/master' into psexec_refactor_round2 
Conflicts:
	modules/exploits/windows/smb/psexec.rb
 2014-11-19 14:40:50 +00:00
Jon Hart 60e31cb342 Allow sunrpc_create to raise on its own 2014-11-18 12:17:10 -08:00
jvazquez-r7 7daedac399 Land #3972 @jhart-r7's post gather module for remmina Remmina 
* Gather credentials managed with Remmina
 2014-11-17 16:44:41 -06:00
jvazquez-r7 145e610c0f Avoid shadowing new method 2014-11-17 12:22:30 -06:00
William Vu 91ba25a898 Land #4208, psexec delay fix 2014-11-17 11:35:56 -06:00
HD Moore 9fe4994492 Chris McNab has been working with MITRE to add these CVEs 
These CVEs are not live yet, but have been confirmed by cve-assign
t
 2014-11-16 18:42:53 -06:00
Rich Lundeen 27d5ed624f fix for IE9 exploit config 2014-11-14 17:21:59 -08:00
Rich Lundeen 17ab0cf96e ADD winxpIE8 exploit for MS13-080 2014-11-14 17:16:51 -08:00
sinn3r e194d5490d See #4162 - Don't delay before deleting a file via SMB 
So I was looking at issue #4162, and on my box I was seeing this
problem of the exploit failing to delete the payload in C:\Windows,
and the error was "Rex::Proto::SMB::Exceptions::NoReply The SMB
server did not reply to our request". I ended up removing the sleep(),
and that got it to function properly again. The box was a Win 7 SP1.

I also tested other Winodws boxes such as Win XP SP3, Windows Server
2008 SP2 and not having the sleep() doesn't seem to break anything.
So I don't even know why someone had to add the sleep() in the first
place.
 2014-11-14 15:45:37 -06:00
Tod Beardsley dd1920edd6 Minor typos and grammar fixes 2014-11-13 14:48:23 -06:00
jvazquez-r7 31f3aa1f6d Refactor create packager methods 2014-11-13 01:16:15 -06:00
jvazquez-r7 38a96e3cfc Update target info 2014-11-13 00:56:42 -06:00
jvazquez-r7 e25b6145f9 Add module for MS14-064 bypassing UAC through python for windows 2014-11-13 00:56:10 -06:00
jvazquez-r7 c35dc2e6b3 Add module for CVE-2014-6352 2014-11-12 01:10:49 -06:00
sinn3r 0dbfecba36 Better method name 
Should be srvhost, not lhost
 2014-11-07 02:23:34 -06:00
sinn3r 579481e5f8 Explain why I did this 
Also tagging Fix #4133
 2014-11-06 14:25:11 -06:00
sinn3r f210ade253 Use SRVHOST for msvidctl_mpeg2 2014-11-06 14:23:21 -06:00
jvazquez-r7 54c1e13a98 Land #4140, @wchen-r7's default template for adobe_pdf_embedded_exe 
* Fixes #4134
* Adds a default PDF template
 2014-11-05 20:21:14 -06:00
sinn3r 1b2554bc0d Add a default template for CVE-2010-1240 PDF exploit 2014-11-05 17:08:38 -06:00
sinn3r 9a27984ac1 switch from error to switch 2014-11-03 13:56:41 -06:00
sinn3r a823ca6b2f Add support for HTTP authentication. And more informative. 2014-11-03 13:46:53 -06:00
jvazquez-r7 6574db5dbb Fix the 64 bits code 2014-10-30 17:01:59 -05:00
Meatballs 4f61710c9a Merge remote-tracking branch 'upstream/master' into psexec_refactor_round2 2014-10-28 20:26:44 +00:00
jvazquez-r7 5e0993d756 Add OJ as author 2014-10-28 09:58:34 -05:00
Spencer McIntyre 830f631da4 Make the check routine less strict 2014-10-27 12:51:20 -04:00
Spencer McIntyre 46b1abac4a More robust check routine for cve-2014-4113 2014-10-27 11:19:12 -04:00
jvazquez-r7 4406972b46 Do version checking minor cleanup 2014-10-27 09:32:42 -05:00
jvazquez-r7 c319ea91b3 Delete verbose print 2014-10-26 17:31:19 -05:00
jvazquez-r7 34697a2240 Delete 'callback3' also from 32 bits version 2014-10-26 17:28:35 -05:00