adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
21,144 Commits 27 Branches 1,043 Tags
bce8d9a90f7ec2414a53cd6afbfbeaf6285f2b21
Commit Graph

5678 Commits

Author SHA1 Message Date
Tod Beardsley bce8d9a90f Update license comments with resplat. 2013-10-21 13:36:15 -05:00
Tod Beardsley c070108da6 Release-related updates 
* Lua is not an acronym
  * Adds an OSVDB ref
  * credit @jvazquez-r7, not HD, for the Windows CMD thing
 2013-10-21 13:33:00 -05:00
Tod Beardsley e7d3206dc9 Revert "Land #2505" to resolve new rspec fails 
This reverts commit 717dfefead, reversing
changes made to 6430fa3354.
 2013-10-21 12:47:57 -05:00
sinn3r cacaf40276 Land #2542 - D-Link DIR-605L Captcha Handling Buffer Overflow 2013-10-21 12:03:07 -05:00
sinn3r 9bfd98b001 Change plate 2013-10-21 11:54:42 -05:00
William Vu 717dfefead Land #2505, missing source fix for sock_sendpage 2013-10-21 11:47:55 -05:00
sinn3r 6430fa3354 Land #2539 - Support Windows CMD generic payload 
This also upgrades auxiliary/admin/scada/igss_exec_17 to an exploit
 2013-10-21 11:26:13 -05:00
sinn3r 45d06dd28d Change plate 2013-10-21 11:24:30 -05:00
sinn3r 8c05f8cf51 Land #2550 - Add HP Intelligent Managemetn UploadServlet dir traversal 2013-10-21 11:14:22 -05:00
sinn3r d22e4ac2f1 Check timeout condition 2013-10-21 11:13:48 -05:00
sinn3r 36dace26fa Land #2538 - Fix redirect URLs 2013-10-21 11:08:03 -05:00
jvazquez-r7 27078eb5a6 Add support for HP imc /BIMS 5.1 2013-10-20 18:18:34 -05:00
jvazquez-r7 b0d32a308a Update version information 2013-10-19 00:52:22 -05:00
jvazquez-r7 7d8a0fc06c Add BID reference 2013-10-19 00:29:43 -05:00
jvazquez-r7 cf239c2234 Add module for ZDI-13-238 2013-10-19 00:05:09 -05:00
jvazquez-r7 70fced1d74 Delete unnecessary requires and make msftidy compliant 2013-10-18 16:54:20 -05:00
jvazquez-r7 2339cdc713 Land #2513, @joev-r7's osx persistence local exploit 2013-10-18 15:13:50 -05:00
joev 83f27296d3 Fix some bugs in osx persistence. 
- the RUN_NOW datastore option did not work as expected
- Adds support for OSX < 10.4 KeepAlive option
- organizes private methods alphabetically.
 2013-10-18 14:12:33 -05:00
joev 681db6cb41 Use fully qualified constant in include. 2013-10-18 11:31:02 -05:00
joev 05bea41458 mkdir -p the dirname, not the file. 2013-10-18 11:27:37 -05:00
joev 7a47059e1d Fix a couple more shellescapes. 2013-10-18 00:47:22 -05:00
joev a2e3c6244e Remove unnecessary Exe::Custom logic. 
- this is handled by the exe.rb mixin.
- adds support for a RUN_NOW datastore option.
- tested working on java meterpreter and x86 shell session.
 2013-10-18 00:41:18 -05:00
jvazquez-r7 7dd39ae5e6 Update ranking 2013-10-17 22:43:47 -05:00
jvazquez-r7 a00a813649 Add real device libraries base addresses 2013-10-17 22:34:54 -05:00
James Lee 94db3f511a Avoid extra slash in redirect URI 
[SeeRM #8507]
 2013-10-17 14:10:15 -05:00
jvazquez-r7 be1d6ee0d3 Support Windows CMD generic payload 2013-10-17 14:07:27 -05:00
Tod Beardsley 22b4bf2e94 Resplat webtester_exec.rb 2013-10-17 13:30:54 -05:00
Tod Beardsley 07ab53ab39 Merge from master to clear conflict 
Conflicts:
	modules/exploits/windows/brightstor/tape_engine_8A.rb
	modules/exploits/windows/fileformat/a-pdf_wav_to_mp3.rb
 2013-10-17 13:29:24 -05:00
jvazquez-r7 352eca1147 Fix check method and set a big space available for payload 2013-10-17 09:30:59 -05:00
bcoles 54cf7855a2 Add WebTester 5.x Command Execution exploit module 2013-10-17 16:57:57 +10:30
jvazquez-r7 3d3a7b3818 Add support for OSVDB 86824 2013-10-17 01:08:01 -05:00
sinn3r 7a0671eba9 Land #2531 - rm deprecated mods 2013-10-16 20:02:58 -05:00
James Lee a54b4c7370 Land #2482, use runas when UAC is DoNotPrompt 2013-10-16 17:51:11 -05:00
Tod Beardsley f1a67ecafe Remove overdue deprecated modules 
[See PT #56795804]
[See PT #56796034]
 2013-10-16 17:02:28 -05:00
sinn3r 0ce221274b Change JS comments in Ruby. 2013-10-16 16:40:54 -05:00
Tod Beardsley ba2c52c5de Fixed up some more weird splat formatting. 2013-10-16 16:25:48 -05:00
James Lee 4fa3b8f820 Add support for IE7 on XP 2013-10-16 15:56:34 -05:00
sinn3r 06a212207e Put PrependMigrate on hold because of #1674 
But I will probably still want this.
 2013-10-16 09:24:46 -05:00
sinn3r ac78f1cc5b Use Base64 encoding for OS parameter 
I didn't even realize we already added this in server.rb. So instead
of just escaping the OS parameter, we also encode the data in base64.
I also added prependmigrate to avoid unstable conditions for the payload.
 2013-10-15 23:37:11 -05:00
Tod Beardsley 5d86ab4ab8 Catch mis-formatted bracket comments. 2013-10-15 14:52:12 -05:00
Tod Beardsley ed0b84b7f7 Another round of re-splatting. 2013-10-15 14:14:15 -05:00
Tod Beardsley c83262f4bd Resplat another common boilerplate. 2013-10-15 14:07:48 -05:00
Tod Beardsley 23d058067a Redo the boilerplate / splat 
[SeeRM #8496]
 2013-10-15 13:51:57 -05:00
jvazquez-r7 c68319d098 Fix author 2013-10-15 12:59:19 -05:00
jvazquez-r7 f60b29c7a6 Land #2503, @MrXors's local exploit using VSS 2013-10-15 12:35:26 -05:00
MrXors f345414832 Added correct spelling in info 2013-10-15 10:13:18 -07:00
jvazquez-r7 0b9cf24103 Convert vss_persistence to Local Exploit 2013-10-15 11:11:04 -05:00
William Vu 31dc7c0c08 Land #2522, @todb-r7's pre-release module fixes 2013-10-14 15:37:23 -05:00
Tod Beardsley 63e40f9fba Release time fixes to modules 
* Period at the end of a description.
  * Methods shouldn't be meth_name! unless the method is destructive.
  * "Setup" is a noun, "set up" is a verb.
  * Use the clunky post module naming convention.
 2013-10-14 15:17:39 -05:00
sinn3r 15e8c3bcd6 [FixRM #8470] - can't convert nil into String 
Target selection bug in ms13_069_caret.rb. Happens when the target
is Win 7 + IE8, which actually isn't a suitable target.

[FixRM #8470]
 2013-10-14 14:10:08 -05:00