adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

2235 Commits

Author SHA1 Message Date
jvazquez-r7 74a6de828a Cannot delete @cmd_list, is used at least by one module 2014-06-27 08:34:55 -04:00
jvazquez-r7 7ced5927d8 Use One CMDStagermixin 2014-06-27 08:34:55 -04:00
jvazquez-r7 0a99b549d6 Change filenames 2014-06-27 08:34:55 -04:00
jvazquez-r7 cff580162b Move stagers 2014-06-27 08:34:55 -04:00
Spencer McIntyre 9991316ae6 Minor code cleanup and honor the datastore decoder. 2014-06-27 08:34:55 -04:00
Spencer McIntyre 80bdf750e9 Multi-fy the new printf stager and add to sshexec. 2014-06-27 08:34:55 -04:00
Spencer McIntyre ae25c300e5 Initial attempt to unify the command stagers. 2014-06-27 08:34:55 -04:00
navs 28872c7ea2 added suport to generate_payload_dll for x64 arch, linux platform 2014-06-19 11:46:05 -05:00
Tim Wright 9b43749916 Land #3418 - android adobe reader addjisf pdf exploit 
Merge branch 'landing-3418' into upstream-master
 2014-06-14 11:25:29 +01:00
joev 289bae88de Remove lie in comment. 2014-06-12 10:02:29 -05:00
sinn3r 2a7227f443 Land #3427 - Adds webcam module for firefox privileged sessions on OSX 2014-06-11 22:27:25 -05:00
Meatballs 936c7088ad Merge branch 'master' into psexec_refactor_round2 
Conflicts:
	lib/msf/core/exploit/smb/psexec.rb
	modules/exploits/windows/smb/psexec.rb
 2014-06-07 13:38:30 +01:00
Meatballs bf1a665259 Land #2657, Dynamic generation of windows service executable functions 
Allows a user to specify non service executables as EXE::Template as
long as the file has enough size to store the payload.
 2014-06-07 13:28:20 +01:00
Meatballs 897ad6f963 Some service yarddoc 2014-06-07 13:27:32 +01:00
joev d990fb4999 Remove a number of stray edits and bs. 2014-06-06 16:24:45 -05:00
joev 7c762ad42c Fix some minor bugs in webrtc stuff, inline API code. 2014-06-06 16:18:39 -05:00
joev cf6b181959 Revert change to trailer(). Kill dead method. 
* I verified that changes to PDF mixin do not affect any older modules that
generate PDF. I did this by (on each branch) running  in irb, then
running the module and diffing the pdf's generated by each branch. There were
no changes.
 2014-06-02 22:26:14 -05:00
joev 9f5dfab9ea Add better interface for specifying custom #eol. 2014-06-02 22:26:11 -05:00
joev 09e965d54e Remove extraneous method from pdf.rb 2014-06-02 22:26:03 -05:00
joev feca6c4700 Add exploit for ajsif vuln in Adobe Reader. 
* This refactors the logic of webview_addjavascriptinterface into a mixin (android.rb).
* Additionally, some behavior in pdf.rb had to be modified (in backwards-compatible ways).

Conflicts:
	lib/msf/core/exploit/mixins.rb
 2014-06-02 22:25:55 -05:00
Christian Mehlmauer 428df19739 Changed message 2014-06-02 17:28:09 +02:00
Christian Mehlmauer 03b4a29662 Clarify filedropper error message 2014-05-31 22:17:32 +02:00
sinn3r 1dbe972377 Fix URIPATH / for BrowserExploitServer 
[SeeRM #8804] Fix URIPATH / for BrowserExploitServer
 2014-05-22 12:18:49 -05:00
joev 14b796acbf First stab at refactoring webrtc mixin. 2014-05-21 15:32:29 -05:00
Meatballs 778138b0dc Refactors 
Add a Rex::Constants::Windows module to hold windows constants
Convert DCERPC_SERVICES to a class and move to Rex
 2014-05-21 20:15:32 +01:00
HD Moore a8bf53479d Fix a merge error 2014-05-18 11:08:04 -05:00
HD Moore a844b5c30a Merge branch 'master' of github.com:hmoore-r7/metasploit-framework into feature/recog 
Conflicts:
	Gemfile
	Gemfile.lock
	data/js/detect/os.js
	lib/msf/core/exploit/remote/browser_exploit_server.rb
 2014-05-18 10:50:32 -05:00
agix 1a3b319262 rebase to use the mixin psexec 2014-05-13 16:04:40 +02:00
agix 87be2e674a Rebase on https://github.com/rapid7/metasploit-framework/pull/2831 and adapt to the new mixin 2014-05-13 16:04:40 +02:00
Jeff Jarmoc 5f523e8a04 Rex::Text::uri_encode - make 'hex-all' really mean all. 
'hex-all' encoding was previously ignoring slashes.
This pull adds 'hex-noslashes' mode which carries forward the previous functionality, and replaces all existing references to 'hex-all' with 'hex-noslashes'  It then adds a replacement 'hex-all' mode, which really encodes *ALL* characters.
 2014-05-12 11:26:27 -05:00
Meatballs 19dd21abaf Remove duplicate methods 2014-04-25 15:40:03 +01:00
joev f94d1f6546 Refactors firefox js usage into a mixin. 2014-04-24 15:09:48 -05:00
Meatballs 72a2849bf1 Better specs 
90.6% line coverage in Exploit::Powershell
77.32% in Rex::Exploitation::Powershell and haven't even started
writing those specs...
 2014-04-23 08:07:42 +01:00
Meatballs 0137fdb690 Prepend sleep should be an int 2014-04-23 07:29:51 +01:00
Meatballs 61b8fb7921 Remove puts 2014-04-23 06:15:28 +01:00
Meatballs 11526b59a6 Boolean datastore options should always be present 
Dont evaluate true/false as 'true'/'false'!
 2014-04-23 05:03:16 +01:00
Meatballs 1347649a47 Remove unused EOFs 2014-04-23 02:37:07 +01:00
Meatballs 01bfad3489 Correct datastore values 2014-04-23 02:08:57 +01:00
Meatballs 647936e291 Add more yarddoc to Rex::Exploitation::Powershell 
encode_code doesn't use eof
no need to unicode encode in gzip as this is handled by encode_code
 2014-04-23 01:07:54 +01:00
Meatballs 88fe619c48 Yarddoc exploit::powershell 2014-04-23 00:15:55 +01:00
Meatballs 4c66e86f73 Dont add extra space in args 2014-04-22 14:44:01 +01:00
Meatballs 0f942d8c3d Still :shorten command args 2014-04-19 18:58:26 +01:00
Meatballs 270b4b9728 Catch first arg with shorten 2014-04-19 18:54:42 +01:00
Meatballs 67f44072ca Merge remote-tracking branch 'upstream/master' into pr2075 2014-04-19 18:45:55 +01:00
William Vu 7d801e3acc Land #3200, goodbye LORCON modules :( 2014-04-18 12:32:22 -05:00
RageLtMan 9f05760c50 Merge with Meatballs' initial changes 
Clean up arch detection code and dedup Msf/Rex
Reduce generated payload size
 2014-04-18 00:28:48 -04:00
RageLtMan 5c3289bbc6 merge fix 2014-04-17 21:26:04 -04:00
sinn3r 7a4e12976c First little bit at Bug 8498 
[FixRM #8489] rhost/rport modification
 2014-04-15 18:20:16 -05:00
Meatballs 38d8df4040 Merge remote-tracking branch 'upstream/master' into pr2075 
Conflicts:
	modules/exploits/windows/local/wmi.rb
 2014-04-15 22:06:45 +01:00
Tod Beardsley 9db01770ec Add custom rhost/rport, remove editorializing desc 
Verification:

````
resource (./a.rc)> run
[*] Connecting to FTP server ....
[*] FTP recv: "220 ProFTPD 1.3.3a Server (My FTP server)
[*] Connected to target FTP server.
[*] Authenticating as anonymous with password mozilla@example.com...
[*] FTP send: "USER anonymous\r\n"
[*] FTP recv: "331 Anonymous login ok, send your complete email address
as your password\r\n"
````

...etc.
 2014-04-14 21:46:05 -05:00