6e122e683a
Add module for CVE-2013-5045
2014-05-29 11:42:54 -05:00
145776db4d
Add a DEBUGGING option to the python meterpreter
2014-05-29 10:52:49 -04:00
15b1c79039
Adjust whitespace and set bytes to str for Python 2
2014-05-28 16:30:27 -04:00
eda8a90cea
Fix merge issues with os.js
2014-05-19 13:04:36 -05:00
ddc8a4f103
Merge branch 'master' of github.com:rapid7/metasploit-framework into feature/recog
2014-05-19 11:42:30 -05:00
9b29c572a7
Comments dont work with auth_brute.rb
2014-05-18 21:14:17 +02:00
c9bb2d5165
Added headers to files
2014-05-18 20:55:50 +02:00
97b63d708c
Corrected naming to be in line with msf convention
2014-05-18 18:18:23 +02:00
7d79f8a4c2
Removed wrongly named list.
2014-05-18 18:15:17 +02:00
d7bf66973c
Fixed userpass delimiters.
2014-05-18 18:13:03 +02:00
a844b5c30a
Merge branch 'master' of github.com:hmoore-r7/metasploit-framework into feature/recog
...
Conflicts:
Gemfile
Gemfile.lock
data/js/detect/os.js
lib/msf/core/exploit/remote/browser_exploit_server.rb
2014-05-18 10:50:32 -05:00
6ec926b573
Added separate users/pass/userpass dictionaries
2014-05-18 10:18:07 +02:00
af82ae262c
Added a large default password list for services.
2014-05-16 23:27:18 +02:00
5fd732d24a
Add module for CVE-2014-0515
2014-05-07 17:13:16 -05:00
6bfc9a8aa0
Land #3333 - Adobe Flash Player Integer Underflow Remote Code Execution
2014-05-05 10:39:26 -05:00
7e37939bf2
Land #3090 - Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)
2014-05-04 16:41:17 +10:00
b4c7c5ed1f
Add module for CVE-2014-0497
2014-05-03 20:04:46 -05:00
06c8082187
Use signed binary
2014-05-02 14:45:14 +01:00
4bd2dabfcd
Land #3121 , new kiwi extension, with compiled bins
...
See also rapid7/meterpreter#79
2014-04-29 17:53:37 -05:00
60e7e9f515
Add module for CVE-2013-5331
2014-04-27 10:40:46 -05:00
5c0664fb3b
Land #3292 - Mac OS X NFS Mount Privilege Escalation Exploit
2014-04-24 13:43:20 -05:00
143aede19c
Add osx nfs_mount module.
2014-04-23 02:32:42 -05:00
acb12a8bef
Beautify and fix both ruby an AS
2014-04-17 23:32:29 -05:00
91d9f9ea7f
Update from master
2014-04-17 15:32:49 -05:00
749e141fc8
Do first clean up
2014-04-17 15:31:56 -05:00
abd76c5000
Add module for CVE-2014-0322
2014-04-15 17:55:24 -05:00
0b23fc2c40
Revert "Use actual vars so that jsobfu can randomize."
...
This reverts commit b9284c5635
2014-04-11 16:51:29 -05:00
68a50e3663
Land #3224 - Fixes large-string expansion in JSObfu
2014-04-10 12:09:22 -05:00
b9284c5635
Use actual vars so that jsobfu can randomize.
2014-04-09 16:56:10 -05:00
85197dffe6
MS14-017 Word RTF listoverridecount memory corruption
2014-04-08 14:44:20 -04:00
2e4c2b1637
Disable Android 4.0, add arch detection.
...
Android 4.0, it turns out, has a different echo builtin than the other androids.
Until we can figure out how to drop a payload on a 4.0 shell, we cannot support it.
Arch detection allows mips/x86/arm ndkstagers to work, unfortunately
x86 ndkstager was not working, so it is disabled for now.
2014-04-07 09:44:43 -05:00
4d69f80728
Update explib2.js
...
Remove a few lines
2014-04-02 23:07:29 -05:00
74554ed805
Land #3174 , @wchen-r7's object detection for ie11
2014-04-02 15:27:13 -05:00
577bd7c855
Land #3146 , @wchen-r7's flash version detection code
2014-04-02 15:13:41 -05:00
5ffcfb22fa
Add object detection for IE11
...
While working on some stuff with IE11, I realized this is very
necessary.
2014-04-02 02:21:16 -05:00
7e227581a7
Rework OS fingerprinting to match Recog changes
...
This commit changes how os_name and os_flavor are handled
for client-side exploits, matching recent changes to the
server-side exploits and scanner fingerprints.
This commit also updates the client-side fingerprinting to
take into account Windows 8.1 and IE 9, 10, and 11.
2014-04-01 08:14:58 -07:00
389ad7aca3
Land #3155 - Explib2
2014-03-28 18:31:40 -05:00
4f5944cfb8
Add JavaScript detection for Adobe Flash
2014-03-28 14:31:21 -05:00
ce02f8a7c5
Allow easier control of sprayed memory
2014-03-28 11:58:41 -05:00
b0bbe3f6a9
Add explib2 with some fixes into metasploit
2014-03-28 10:44:13 -05:00
4c44f69e86
Undo the IE8/IE7 objection detection
2014-03-27 15:01:03 -05:00
fc1432fe53
This is probably the right way to do it for ie7/8
2014-03-27 13:53:24 -05:00
9c54421679
Update IE8/IE7 object detection
2014-03-27 13:34:07 -05:00
8df96a419b
Make IE10 detection safer for older IEs
2014-03-27 13:31:15 -05:00
1f90115c8f
Add default detection for IE 9 and IE 10
...
How it's done:
On IE10, which should come first before the IE 9 check, the nodeName
function always returns the name in uppercase.
One IE9, the "Object doesn't support property or method" error always
repeats the name of the invalid method.
2014-03-27 00:15:36 -05:00
46f7e6060f
Add the updated bins from timwr.
2014-03-25 09:39:53 -07:00
c71d52e769
Merge branch 'pr-android-bins' of https://github.com/jvennix-r7/metasploit-framework into new-android-bins
2014-03-25 09:35:25 -07:00
8c707b20e0
Add support for specific builds of MSIE 9 on Win 7 SP1
...
These IE9 versions are vulnerable to MS14-012 (see #3120 ). If we don't
add them, then os_detect might recognize the target as IE 8, and fail.
2014-03-19 21:54:36 -05:00
05436dc2c5
Refresh binaries for Meterpreter
...
This includes:
rapid7/meterpreter#69
rapid7/meterpreter#70
rapid7/meterpreter#75
rapid7/meterpreter#77
rapid7/meterpreter#78
As of commit: 45bcbd13a1e0215647f6a61631652b686931bba8
2014-03-19 08:57:04 -05:00
8e4708b51b
Add support for firefox 28.
2014-03-18 11:26:24 -05:00
jvazquez-r7