Squashed commit of the following:
commit 1dcad7c21b
Merge: 1a2f35d35d29f5
Author: OJ <oj@buffered.io>
Date: Thu Mar 19 14:43:27 2015 +1000
Land #4953 : Updated POSIX meterpreter binaries
commit 35d29f5d08
Author: Brent Cook <bcook@rapid7.com>
Date: Wed Mar 18 22:57:03 2015 -0500
update linux meterpreter bins
commit 1a2f35d806
Merge: 076f15f346b1d5
Author: OJ <oj@buffered.io>
Date: Thu Mar 19 12:41:20 2015 +1000
Land #4951: Dynamic URI generation for Java/Python reverse_http(s)
commit 076f15f933
Merge: b33e7f43f8ed56
Author: Spencer McIntyre <zeroSteiner@gmail.com>
Date: Wed Mar 18 20:59:54 2015 -0400
Land #4792 @jakxx Publish It PUI file exploit
commit 3f8ed56a9a
Author: Spencer McIntyre <zeroSteiner@gmail.com>
Date: Wed Mar 18 20:57:58 2015 -0400
Add available space to the payload info
commit b33e7f477c
Merge: 0d1f2055dd718e
Author: joev <joev@metasploit.com>
Date: Wed Mar 18 17:17:34 2015 -0500
Land #4947, h0ng10's TWiki exploit.
commit 346b1d539f
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 16:24:01 2015 -0500
Revert Java back to static size for cache purposes (less cpu usage on startup)
commit 33bbf7cb7e
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 16:08:11 2015 -0500
Dynamic URI generation for python/java http(s) stagers
commit 0d1f2055c5
Merge: e943cb5dab4333
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 15:31:22 2015 -0500
Lands #4949 which fixes#4845
commit dab4333867
Author: rwhitcroft <rw81junk@gmail.com>
Date: Wed Mar 18 16:07:46 2015 -0400
updated asm in block
commit 7ae97393e0
Author: rwhitcroft <rw81junk@gmail.com>
Date: Wed Mar 18 15:34:31 2015 -0400
fix x64/reverse_https stager shellcode
commit e943cb550f
Merge: d152c41d1a2f58
Author: OJ <oj@buffered.io>
Date: Wed Mar 18 22:34:52 2015 +1000
Land #4585 : CVE-2015-0975 XXE in OpenNMS
commit d1a2f58303
Author: OJ <oj@buffered.io>
Date: Wed Mar 18 22:17:44 2015 +1000
Fix of regex for file capture and format tweaks
commit 5dd718e4fa
Author: Hans-Martin Münch (h0ng10) <muench@mogwaisecurity.de>
Date: Wed Mar 18 09:51:51 2015 +0100
Better description
commit 00de437918
Author: Hans-Martin Münch (h0ng10) <muench@mogwaisecurity.de>
Date: Wed Mar 18 09:45:08 2015 +0100
Initial commit
commit fa7242388b
Author: OJ <oj@buffered.io>
Date: Wed Mar 18 18:18:54 2015 +1000
Move the module to the correct location
commit d152c41826
Merge: b46e5f8b62da42
Author: OJ <oj@buffered.io>
Date: Wed Mar 18 17:42:19 2015 +1000
Land #4934 : Proxy and auth support in reverse_http(s)
commit b62da42927
Merge: c607cf7b46e5f8
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 01:51:15 2015 -0500
Merge branch 'master' into feature/add-proxies-to-wininet
commit b46e5f8d13
Merge: bd4738b97def50
Author: OJ <oj@buffered.io>
Date: Wed Mar 18 16:49:13 2015 +1000
Land #4295 : Refactory proxy-enabled payload handling
commit c607cf7b11
Merge: 0513852bd4738b
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 01:45:44 2015 -0500
Merging master
commit 97def50cc2
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 01:26:59 2015 -0500
Whitespace cleanup
commit 8d3cb8bde5
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 01:25:42 2015 -0500
Fix up meterpreter patching arguments and names
commit ef443c83b9
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 01:21:53 2015 -0500
Fix overgreed search/replace
commit 390a704cc7
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 01:19:05 2015 -0500
Cleanup proxyhost/proxyport arguments to match new names
commit f7a06d8e44
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 01:15:32 2015 -0500
Rework PROXY_{HOST|PORT|TYPE|USERNAME|PASSWORD) to the new syntax
commit 3aa8cb69a4
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 01:08:09 2015 -0500
Fix two use cases of PROXYHOST/PROXYPORT
commit 87a489907c
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Dec 15 14:48:09 2014 -0600
Place an IPv6 proxy IP between brackets
commit 259db269bd
Author: HD Moore <hd_moore@rapid7.com>
Date: Tue Dec 2 15:36:14 2014 -0600
Remove user/pass and invalid class from the options
commit 2ab14e7e79
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 01:01:10 2015 -0500
Adds IPv6 and option-related issues with the previous patch
commit 0601946830
Author: HD Moore <hd_moore@rapid7.com>
Date: Tue Dec 2 13:29:39 2014 -0600
Don't mandate and default PROXY_HOST (miscopy from the proxy stager)
commit a4df6d539f
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 00:59:59 2015 -0500
Cleanup proxy handling code (consistency & bugs)
One subtle bug was that each time a request was received, a null byte was being appended to the datastore options for PROXY_USERNAME and PROXY_PASSWORD. Eventually this would break new sessions. This change centralizes the proxy configuration and cleans up the logic.
commit 85fb534e63
Author: HD Moore <hd_moore@rapid7.com>
Date: Tue Dec 2 12:57:30 2014 -0600
Fix up the offset detection again, cleanup redundant code
commit 2f13988d7b
Author: HD Moore <hd_moore@rapid7.com>
Date: Tue Dec 2 12:33:53 2014 -0600
Use OptPort vs OptInt and cleanup the description
commit a01be365b0
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 00:59:13 2015 -0500
Rework PROXYHOST/PROXYPORT to PROXY_HOST/PROXY_PORT
This also cleans up the windows reverse_https_proxy stager.
commit b197b7aaf0
Author: jakxx <jakx.ppr@gmail.com>
Date: Tue Mar 17 19:24:13 2015 -0400
Additional Updates
-Removed unused mixin
-Cleaned up Module name
-Cleaned up author name
commit bd4738b93e
Merge: 47a7f99ad7fa0ec
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 17 17:37:55 2015 -0500
Land #4827, capture and nbns fixups
commit d7fa0ec669
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 17 17:36:45 2015 -0500
Let IPAddr#hton do the calculating
commit 47a7f99aae
Merge: d1d63785fd3637
Author: Brent Cook <bcook@rapid7.com>
Date: Tue Mar 17 16:22:46 2015 -0500
Land #4930, @hmoore-r7 winhttp stager certificate check
commit 085e6cc815
Author: jakxx <jakx.ppr@gmail.com>
Date: Tue Mar 17 16:39:56 2015 -0400
Implemented Recommended Changes
-corrected spelling error
-set only option to required
-dumped header data to included file
-Used Rex for jmp values
commit 0490af8ba8
Author: jstnkndy <jstnkndy@gmail.com>
Date: Tue Mar 17 10:20:22 2015 -0400
Added error checks, randomness, and uuid delimeter
commit f3fc4003d0
Author: jstnkndy <jstnkndy@gmail.com>
Date: Tue Mar 17 10:19:40 2015 -0400
typo
commit b92d243c0e
Merge: e0a7f53766a07a
Author: jstnkndy <jstnkndy@gmail.com>
Date: Tue Mar 17 10:18:32 2015 -0400
Merge branch 'module-cve-2015-0975' of https://github.com/jstnkndy/metasploit-framework into module-cve-2015-0975
commit e0a7f531cc
Author: jstnkndy <jstnkndy@gmail.com>
Date: Tue Mar 17 10:10:51 2015 -0400
Added error checking, randomness, uuid delimiters
commit 2ea984423b
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Mar 16 14:08:01 2015 -0500
while(true)->loop, use thread.join
commit 5fd3637d34
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Mar 16 14:00:51 2015 -0500
Remove the i32 size specifier (not needed)
commit 69d9280748
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Mar 16 13:52:13 2015 -0500
Fix yard docs, retries, push.i8 instructions. See commit 05138524e3
Note that StagerRetryCount is not defined here, but will be in the parent class once #4934 lands
commit 05138524e3
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Mar 16 13:35:36 2015 -0500
Fix yard docs, fix retries, trim bytes, retested and working
commit 69a808b744
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Mar 16 12:14:42 2015 -0500
StagerProxy -> PayloadProxy
commit f361e4ee52
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Mar 16 00:22:10 2015 -0500
Prefer the new-style proxy datastore options when available
commit 7e89281485
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Mar 16 00:03:31 2015 -0500
Adds proxy (with authentication) support to reverse_http(s)
commit 8e37342c50
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Mar 14 16:52:04 2015 -0500
Comment typo
commit 0d12ca49a7
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Mar 14 16:19:13 2015 -0500
Work around lack of option normalization during size calculation
commit 03019cf451
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Mar 14 15:53:21 2015 -0500
Adds StagerVerifySSLCert support (SHA1 of HandlerSSLCert)
commit 11593800b6
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Mar 14 15:52:23 2015 -0500
Move X509 PEM parsing into Rex::Parser::X509Certificate
commit 1001061a96
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 4 18:52:18 2015 -0600
Initialize @capture_count
commit 1b1716bcf6
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Feb 22 22:01:01 2015 -0600
Fix a handful of bugs that broke this modules. Fixes#4799
commit 9730a1655e
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Feb 22 22:00:42 2015 -0600
Small cleanups to the LLMR responder module
commit bdd5276524
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Feb 22 21:53:47 2015 -0600
This fixes a number of issues with the Capture mixin
* The use of www.metasploit.com in a datastore option results in a DNS lookup (infoleak). Switch to 8.8.8.8 (TTL=1)
* The hackey code around #each_packet is no longer necessary in newer Ruby versions
* The arp()/probe_gateway() calls to inject_reply() had broken logic leading to early exit and missed replies
* The arp() function now tries up to three times to get a reply (helpful with lossy L2)
* GC.start is extraneous and should be removed
* Increased timeouts
commit 615d71de6e
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Feb 22 21:51:33 2015 -0600
Remove extraneous calls to GC.start()
commit 44a7e7e4bc
Author: jakxx <jakx.ppr@gmail.com>
Date: Wed Feb 18 13:22:54 2015 -0500
publish-it fileformat exploit
commit 766a07a904
Author: jstnkndy <jstnkndy@gmail.com>
Date: Tue Jan 13 22:08:08 2015 -0500
Add CVE-2015-0975 XXE for OpenNMS <= 14.0.2
Includes the following:
* Clean builds
* Removal of kitrap0d from getsystem
* Doc updates
* Webcam crash fix
* Schedular and channel refactor
* Posix crash fix for post modules
Includes the following changes:
* Security cleanup - remove use of insecure functions
* Windows 8/8.1/2012 R2 support to sysinfo
* VS 2013 upgrade
* Command dispatcher refactor
* Getproxy command added (needs MSF side too)
This includes 2 bug fixes:
1) Returning a handle with execute
2) Bug in process_channel_read that caused the following to always
return nil or a single byte:
p = client.sys.process.execute("id", "-u", "Channelized"=>true)
p.channel.read
[SeeRM #7005][See #681]
commit 6a3ad1d887
Author: James Lee <egypt@metasploit.com>
Date: Wed May 9 16:22:49 2012 -0600
Add register_command calls for md5 and sha1
commit dbd52c5a1e
Author: James Lee <egypt@metasploit.com>
Date: Wed May 9 16:22:09 2012 -0600
Read the file instead of downloading it
commit 55b84ad8e2
Author: James Lee <egypt@metasploit.com>
Date: Wed May 9 15:27:11 2012 -0600
Re-compile linux meterp to support the loadlib api
commit d112e84e49
Author: James Lee <egypt@metasploit.com>
Date: Wed May 9 14:50:25 2012 -0600
Re-compile java meterp to support the loadlib api
commit c137187b34
Author: James Lee <egypt@metasploit.com>
Date: Wed May 9 14:44:10 2012 -0600
Don't try to get interfaces if this session doesn't implement it
commit 88bba1e6c3
Author: James Lee <egypt@metasploit.com>
Date: Wed May 9 14:38:17 2012 -0600
Remove debugging load
commit 02954cbf93
Merge: d9ef25688b35a3
Author: James Lee <egypt@metasploit.com>
Date: Wed May 9 12:06:53 2012 -0600
Merge branch 'rapid7' into feature/4905
Conflicts:
data/meterpreter/ext_server_stdapi.php
modules/exploits/windows/browser/adobe_flashplayer_flash10o.rb
commit d9ef2569b8
Author: James Lee <egypt@metasploit.com>
Date: Wed May 2 18:06:06 2012 -0600
PHP doesn't support rev2self
commit bf13ea0ff2
Author: James Lee <egypt@metasploit.com>
Date: Tue May 1 18:21:59 2012 -0600
Add php support for returning new extension commands
commit 7e35f2d671
Author: James Lee <egypt@metasploit.com>
Date: Tue May 1 16:03:26 2012 -0600
Reset CVE-2012-0507 back to master
Purges commits unrelated to this branch.
commit 86a77b3cd0
Author: James Lee <egypt@metasploit.com>
Date: Tue May 1 15:59:35 2012 -0600
Revert "Make building the jar for cve-2012-0507 a bit easier"
This reverts commit 27ef76522a.
Conflicts:
external/source/exploits/CVE-2012-0507/Makefile
external/source/exploits/CVE-2012-0507/src/msf/x/PayloadX.java
commit 8c259fb779
Merge: fe2c2731c03c2b
Author: James Lee <egypt@metasploit.com>
Date: Tue May 1 15:35:44 2012 -0600
Merge branch 'rapid7' into feature/4905
Conflicts:
data/meterpreter/ext_server_stdapi.jar
data/meterpreter/meterpreter.jar
external/source/meterpreter/java/src/meterpreter/com/metasploit/meterpreter/Meterpreter.java
modules/auxiliary/server/browser_autopwn.rb
commit fe2c273a6d
Merge: 8caff474e955e5
Author: James Lee <egypt@metasploit.com>
Date: Fri Apr 6 10:19:53 2012 -0600
Merge branch 'rapid7' into feature/4905
commit 8caff47d97
Author: James Lee <egypt@metasploit.com>
Date: Thu Apr 5 17:51:18 2012 -0600
Fix requires to find the test library
commit 51c33574ce
Author: James Lee <egypt@metasploit.com>
Date: Thu Apr 5 17:48:35 2012 -0600
Fix a load order problem with solaris post mods
commit 81b658362e
Merge: adad2cf6ef4257
Author: James Lee <egypt@metasploit.com>
Date: Thu Apr 5 15:43:19 2012 -0600
Merge branch 'master' into feature/4905
commit 6ef4257947
Merge: 70ab8c05852455
Author: James Lee <egypt@metasploit.com>
Date: Thu Apr 5 15:16:56 2012 -0600
Merge branch 'rapid7'
Conflicts:
lib/rex/exploitation/javascriptosdetect.rb
commit adad2cf04c
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 20:20:21 2012 -0600
Deal with null data/jar
Not sure why "" turns into null sometimes, but it was breaking shells;
this fixes it.
commit 4f8a437b49
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 18:10:59 2012 -0600
Prev commit moved these to src/a
commit 27ef76522a
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 18:08:32 2012 -0600
Make building the jar for cve-2012-0507 a bit easier
Mostly stolen from cve-2008-5353
commit db3dbad0a5
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 14:52:23 2012 -0600
Fix incorrect option name
commit 776976af31
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 28 15:36:20 2012 -0600
Add bap support to java_rhino
commit a611ab16e0
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 28 15:35:16 2012 -0600
Put next_exploit on the window object so it's always in scope
Solves some issues with Chrome not running more than one exploit
commit 5114d35de7
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 27 14:31:53 2012 -0600
Pull common stuff up out of the body
commit 748309465a
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 27 11:04:03 2012 -0600
Fix indentation level
commit 954d485e3b
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 27 11:02:42 2012 -0600
Abstract out copy-pasted methods
Need to do the same thing for OSX, but it's a different implementation.
commit cba8d7c911
Author: James Lee <egypt@metasploit.com>
Date: Fri Mar 23 18:04:50 2012 -0600
Linux doesn't implement (drop|steal)_token
commit 1cfda3a7b0
Author: James Lee <egypt@metasploit.com>
Date: Fri Mar 23 17:57:37 2012 -0600
Add availability checks for net, sys, ui, and webcam
commit 4bdf39a8bf
Author: James Lee <egypt@metasploit.com>
Date: Fri Mar 23 16:45:59 2012 -0600
add requirement checking for fs and core commands
commit 42e35971c9
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 21 17:20:59 2012 -0600
Add a to_octal method that converts e.g. "A" to \0101
commit c3b9415a0a
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 21 17:20:07 2012 -0600
Don't use "echo -n"
It's not portable
commit b0f3ceccfa
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 20 17:01:10 2012 -0600
Return a list of new commands after core_loadlib, java version
Thanks mihi for the patch and the awesome responsiveness!
commit d65303e1b6
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 20 13:21:06 2012 -0600
Make sure we have a response before doing stuff with it
commit 721001ead4
Author: James Lee <egypt@metasploit.com>
Date: Mon Mar 19 21:25:31 2012 -0600
Add missing rmdir and mkdir protocol commands to PHP
Now passes all the stdapi tests that it can
[*] Session type is meterpreter and platform is php/php
[+] should return a user id
[+] should return a sysinfo Hash
[-] FAILED: should return network interfaces
[-] Exception: Rex::Post::Meterpreter::RequestError : stdapi_net_config_get_interfaces: Operation failed: 1
[-] FAILED: should have an interface that matches session_host
[-] Exception: Rex::Post::Meterpreter::RequestError : stdapi_net_config_get_interfaces: Operation failed: 1
[-] FAILED: should return network routes
[-] Exception: Rex::Post::Meterpreter::RequestError : stdapi_net_config_get_routes: Operation failed: 1
[+] should return the proper directory separator
[+] should return the current working directory
[+] should list files in the current directory
[+] should stat a directory
[+] should create and remove a dir
[+] should change directories
[+] should create and remove files
[+] should upload a file
[-] Passed: 10; Failed: 3
commit 024e99167a
Author: James Lee <egypt@metasploit.com>
Date: Mon Mar 19 15:26:00 2012 -0600
Use a proper TLV type instead of a generic one
commit 1836d915cb
Author: James Lee <egypt@metasploit.com>
Date: Mon Mar 19 15:24:25 2012 -0600
Fix a counting error that caused segfaults (Linux)
commit 1e419d3fc3
Author: James Lee <egypt@metasploit.com>
Date: Mon Mar 19 15:06:02 2012 -0600
Return a list of new commands after core_loadlib
Gets Windows back in sync with Linux
commit 3d3959f720
Author: James Lee <egypt@metasploit.com>
Date: Mon Mar 19 14:50:55 2012 -0600
Refactor extensionList -> extension_commands
It's not the same as extension_list.
commit a7acb638af
Author: sinn3r <msfsinn3r@gmail.com>
Date: Sun Mar 18 00:07:27 2012 -0500
Massive whitespace cleanup
commit ef8b9fd5ce
Author: sinn3r <msfsinn3r@gmail.com>
Date: Sat Mar 17 16:00:20 2012 -0500
Add back enum_protections with some new changes
commit d778eec369
Author: ohdae <bindshell@live.com>
Date: Sat Mar 17 13:28:31 2012 -0400
Added fix for enum_protections
commit 64611819d4
Author: sinn3r <msfsinn3r@gmail.com>
Date: Sat Mar 17 03:14:26 2012 -0500
A bunch of fixes
commit bb1a0205d7
Author: sinn3r <msfsinn3r@gmail.com>
Date: Sat Mar 17 00:28:05 2012 -0500
The comments in get_chatlogs need an update
commit 666477e42a
Author: sinn3r <msfsinn3r@gmail.com>
Date: Sat Mar 17 00:25:41 2012 -0500
Correct license format
commit 3c8eecbcd7
Author: sinn3r <msfsinn3r@gmail.com>
Date: Sat Mar 17 00:22:03 2012 -0500
Add enum_adium.rb post module
commit d290cf4fef
Author: ohdae <bindshell@live.com>
Date: Fri Mar 16 16:54:36 2012 -0300
Changed store_note to store_loot. Fixed local/remote file retrieval
commit ccb830b594
Author: James Lee <egypt@metasploit.com>
Date: Fri Mar 16 11:29:07 2012 -0600
Fall back to MIB method if we can't get netmasks
Misses IPv6 addresses, but at least doesn't break everything.
[Fixes#6525]
commit a9a30232dd
Author: sinn3r <msfsinn3r@gmail.com>
Date: Fri Mar 16 11:49:31 2012 -0500
This module is not ready, yanked.
commit 6bb34f7fd0
Author: Gregory Man <man.gregory@gmail.com>
Date: Fri Mar 16 18:09:08 2012 +0200
sockso_traversal 1.8 compatibility fix
commit e76965ce56
Author: ohdae <bindshell@live.com>
Date: Fri Mar 16 09:17:35 2012 -0400
fix
commit 61ce7b587d
Author: ohdae <bindshell@live.com>
Date: Fri Mar 16 09:14:48 2012 -0400
saves each config to loot instead of notes
commit f4713974fa
Author: James Lee <egypt@metasploit.com>
Date: Fri Mar 16 03:46:10 2012 -0600
Check for a 0 prefix length
If the OnLinkPrefixLength is 0, something is wrong, try the value in the
prefix linked list. Appears to fix v4 addresses on XP but not 2k3.
[See #6525]
commit cde7fcc012
Author: James Lee <egypt@metasploit.com>
Date: Fri Mar 16 01:46:41 2012 -0600
Return network prefixes when available
Solves #6525 on Vista+. Win2k still works using the old MIB method
(which doesn't support ipv6). Win2k3 and XP are still busted for
unknown reasons.
commit 98bd9a7bd0
Author: ohdae <bindshell@live.com>
Date: Thu Mar 15 22:59:42 2012 -0400
Enumerate important and interesting configuration files
commit 9336df2ac2
Author: David Maloney <David_Maloney@rapid7.com>
Date: Thu Mar 15 19:06:48 2012 -0500
More Virtualisation SSL fixes
commit f24c378281
Author: David Maloney <David_Maloney@rapid7.com>
Date: Thu Mar 15 18:15:29 2012 -0500
Default SSL to true for esx_fingerprint module
commit d6e14c4212
Author: sinn3r <msfsinn3r@gmail.com>
Date: Thu Mar 15 15:56:24 2012 -0500
Fix typo
commit b24dcfe43e
Author: sinn3r <msfsinn3r@gmail.com>
Date: Thu Mar 15 15:55:54 2012 -0500
Add sockso dir traversal
commit 033052c1e0
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 15 14:31:25 2012 -0600
Fix syntax error in 1.8, thanks Jun Koi for the patch
commit 4529efaeaa
Author: sinn3r <msfsinn3r@gmail.com>
Date: Thu Mar 15 14:27:40 2012 -0500
enum_protections is now find_apps
commit 49e823802b
Author: sinn3r <msfsinn3r@gmail.com>
Date: Thu Mar 15 14:22:23 2012 -0500
File rename, as well as design and cosmetic changes
commit ccf6b01114
Author: ohdae <bindshell@live.com>
Date: Thu Mar 15 15:29:52 2012 -0300
added report_note, removed store_loot function, cleaned up info/author
commit 27d571932e
Author: ohdae <bindshell@live.com>
Date: Thu Mar 15 12:18:29 2012 -0300
fixed output newline issue
commit 5a828e35d1
Author: ohdae <bindshell@live.com>
Date: Thu Mar 15 01:05:35 2012 -0300
fixed save line
commit 805c2ee987
Author: ohdae <bindshell@live.com>
Date: Thu Mar 15 01:02:07 2012 -0300
removed unneeded comments
commit 5861e1512f
Author: ohdae <bindshell@live.com>
Date: Thu Mar 15 01:00:55 2012 -0300
fixed output issue
commit 593a364811
Author: ohdae <bindshell@live.com>
Date: Wed Mar 14 18:26:53 2012 -0300
removed unneeded dependency
commit 05053e6e74
Author: ohdae <bindshell@live.com>
Date: Wed Mar 14 13:30:16 2012 -0400
locates installed 3rd part av, fws, etc
commit 5bf512d0e9
Author: sinn3r <msfsinn3r@gmail.com>
Date: Wed Mar 14 16:50:54 2012 -0500
Add OSVDB-79863 NetDecision Directory Traversal
commit 18715d0367
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 14 23:03:01 2012 -0600
Store the retrieved commands on the session
commit b752cb8b31
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 14 22:45:16 2012 -0600
Retrieve the list of new commands
The client side doesn't do anything with them yet
commit 69ce8ef42d
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 14 22:41:16 2012 -0600
Return a list of the new commands in response to core_loadlib
Linux
commit 354c754aa4
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 14 15:13:45 2012 -0600
Whitespace at EOL
commit 4afcb4cb9d
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 14 14:30:09 2012 -0600
Create instance methods that return extensions
Before this change, meterpreter sessions would not #respond_to? their
extensions despite having a pseudo-accessor for them:
```
>> client.respond_to? :sys
=> false
>> client.sys
=> #<Rex::Post::Meterpreter::ObjectAliases:0x0000000e263488 @aliases={"config"=>#<Rex::Post::Meterpreter::Extensions::Stdapi::Sys::Config:0x0000000e268dc8 @client=#<Session:meterpreter 192.168.99.1:55882 (192.168.99.1) "uid=1000, gid=1000, euid=1000, egid=1000, suid=1000, sgid=1000 @ wpad">>, "process"=>#<Class:0x0000000e268d20>, "registry"=>#<Class:0x0000000e266da0>, "eventlog"=>#<Class:0x0000000e2654e8>, "power"=>#<Class:0x0000000e263c30>}>
```
After:
```
>> client.respond_to? :sys
=> true
```
commit 70ab8c018f
Merge: a8a39385f2bace
Author: James Lee <egypt@metasploit.com>
Date: Tue Apr 3 11:46:25 2012 -0600
Merge branch 'master' into bap-refactor
Conflicts:
external/source/exploits/CVE-2012-0507/Help.java
external/source/exploits/CVE-2012-0507/Makefile
external/source/exploits/CVE-2012-0507/msf/x/Help.java
external/source/exploits/CVE-2012-0507/src/a/Exploit.java
external/source/exploits/CVE-2012-0507/src/a/Help.java
commit a8a3938915
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 20:20:21 2012 -0600
Deal with null data/jar
Not sure why "" turns into null sometimes, but it was breaking shells;
this fixes it.
commit 5e5eb39d3c
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 18:10:59 2012 -0600
Prev commit moved these to src/a
commit 5074eadbea
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 18:08:32 2012 -0600
Make building the jar for cve-2012-0507 a bit easier
Mostly stolen from cve-2008-5353
commit bdb3fbe7fd
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 14:52:23 2012 -0600
Fix incorrect option name
commit 78824ef600
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 13:24:33 2012 -0600
Add the detected browser version to the DOM
Doing it this way lets modules grab the info a bit more easily.
commit 9813ccb8d6
Merge: 0faa3f6b5fc8e4
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 13:19:05 2012 -0600
Merge branch 'master' into bap-refactor
commit 0faa3f6524
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 28 15:36:20 2012 -0600
Add bap support to java_rhino
commit 66ca27f994
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 28 15:35:16 2012 -0600
Put next_exploit on the window object so it's always in scope
Solves some issues with Chrome not running more than one exploit
commit 7fc2ca1a06
Merge: 325d306e48c47e
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 28 15:10:54 2012 -0600
Merge branch 'master' into bap-refactor
commit 325d306059
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 27 14:31:53 2012 -0600
Pull common stuff up out of the body
commit 4f2b3260bf
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 27 11:04:03 2012 -0600
Fix indentation level
commit 9b905c53b4
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 27 11:02:42 2012 -0600
Abstract out copy-pasted methods
Need to do the same thing for OSX, but it's a different implementation.
It's easier to deal with one Array of all routes regardless of INET
family than having get_routes() return a two-element Array of Arrays.
Also fixes a bug in each_route() which was expecting get_routes() to
return a single Array of all routes. Thanks to valsmith for reporting.
This will make it easier to hopefully track down bugs.
exploitme-posix.c - make complete stack executable. On some kernel versions, execstack doesn't do the trick.
git-svn-id: file:///home/svn/framework3/trunk@10485 4d416f70-5f16-0410-b530-b9f4589650da
Matt Buck