adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

2173 Commits

Author SHA1 Message Date
jvazquez-r7 749e141fc8 Do first clean up 2014-04-17 15:31:56 -05:00
jvazquez-r7 abd76c5000 Add module for CVE-2014-0322 2014-04-15 17:55:24 -05:00
joev 0b23fc2c40 Revert "Use actual vars so that jsobfu can randomize." 
This reverts commit b9284c5635.
 2014-04-11 16:51:29 -05:00
sinn3r 68a50e3663 Land #3224 - Fixes large-string expansion in JSObfu 2014-04-10 12:09:22 -05:00
Joe Vennix b9284c5635 Use actual vars so that jsobfu can randomize. 2014-04-09 16:56:10 -05:00
Spencer McIntyre 85197dffe6 MS14-017 Word RTF listoverridecount memory corruption 2014-04-08 14:44:20 -04:00
joev 2e4c2b1637 Disable Android 4.0, add arch detection. 
Android 4.0, it turns out, has a different echo builtin than the other androids.
Until we can figure out how to drop a payload on a 4.0 shell, we cannot support it.

Arch detection allows mips/x86/arm ndkstagers to work, unfortunately
x86 ndkstager was not working, so it is disabled for now.
 2014-04-07 09:44:43 -05:00
sinn3r 4d69f80728 Update explib2.js 
Remove a few lines
 2014-04-02 23:07:29 -05:00
jvazquez-r7 74554ed805 Land #3174, @wchen-r7's object detection for ie11 2014-04-02 15:27:13 -05:00
jvazquez-r7 577bd7c855 Land #3146, @wchen-r7's flash version detection code 2014-04-02 15:13:41 -05:00
sinn3r 5ffcfb22fa Add object detection for IE11 
While working on some stuff with IE11, I realized this is very
necessary.
 2014-04-02 02:21:16 -05:00
HD Moore 7e227581a7 Rework OS fingerprinting to match Recog changes 
This commit changes how os_name and os_flavor are handled
for client-side exploits, matching recent changes to the
server-side exploits and scanner fingerprints.

This commit also updates the client-side fingerprinting to
take into account Windows 8.1 and IE 9, 10, and 11.
 2014-04-01 08:14:58 -07:00
sinn3r 389ad7aca3 Land #3155 - Explib2 2014-03-28 18:31:40 -05:00
sinn3r 4f5944cfb8 Add JavaScript detection for Adobe Flash 2014-03-28 14:31:21 -05:00
jvazquez-r7 ce02f8a7c5 Allow easier control of sprayed memory 2014-03-28 11:58:41 -05:00
jvazquez-r7 b0bbe3f6a9 Add explib2 with some fixes into metasploit 2014-03-28 10:44:13 -05:00
sinn3r 4c44f69e86 Undo the IE8/IE7 objection detection 2014-03-27 15:01:03 -05:00
sinn3r fc1432fe53 This is probably the right way to do it for ie7/8 2014-03-27 13:53:24 -05:00
sinn3r 9c54421679 Update IE8/IE7 object detection 2014-03-27 13:34:07 -05:00
sinn3r 8df96a419b Make IE10 detection safer for older IEs 2014-03-27 13:31:15 -05:00
sinn3r 1f90115c8f Add default detection for IE 9 and IE 10 
How it's done:

On IE10, which should come first before the IE 9 check, the nodeName
function always returns the name in uppercase.

One IE9, the "Object doesn't support property or method" error always
repeats the name of the invalid method.
 2014-03-27 00:15:36 -05:00
joe 46f7e6060f Add the updated bins from timwr. 2014-03-25 09:39:53 -07:00
joe c71d52e769 Merge branch 'pr-android-bins' of https://github.com/jvennix-r7/metasploit-framework into new-android-bins 2014-03-25 09:35:25 -07:00
sinn3r 8c707b20e0 Add support for specific builds of MSIE 9 on Win 7 SP1 
These IE9 versions are vulnerable to MS14-012 (see #3120). If we don't
add them, then os_detect might recognize the target as IE 8, and fail.
 2014-03-19 21:54:36 -05:00
Tod Beardsley 05436dc2c5 Refresh binaries for Meterpreter 
This includes:

rapid7/meterpreter#69
rapid7/meterpreter#70
rapid7/meterpreter#75
rapid7/meterpreter#77
rapid7/meterpreter#78

As of commit: 45bcbd13a1e0215647f6a61631652b686931bba8
 2014-03-19 08:57:04 -05:00
joev 8e4708b51b Add support for firefox 28. 2014-03-18 11:26:24 -05:00
OJ 409787346e Bring build tools up to date, change some project settings 
This commit brings the source into line with the general format/settings
that are used in other exploits.
 2014-03-14 22:57:16 +10:00
James Lee 6438b9372c Land #3067, python meterp net.config additions 2014-03-13 13:03:43 -05:00
Tod Beardsley 6309c4a193 Metasploit LLC transferred assets to Rapid7 
The license texts should reflect this.
 2014-03-13 09:47:52 -05:00
Spencer McIntyre 5ea26688d7 Fix a syntax error for Python 2.4 2014-03-11 15:22:52 -04:00
Spencer McIntyre f3493ce220 Merge branch 'master' into pymeterpreter-net 
Conflicts:
	data/meterpreter/ext_server_stdapi.py
 2014-03-11 15:15:02 -04:00
Spencer McIntyre e874223421 Land #3083, fix pymet when ctypes isn't available 2014-03-11 14:31:44 -04:00
Joe Vennix 679cb03ac3 Yank armeabi-v7a bins. 2014-03-11 13:09:50 -05:00
sinn3r b431bf3da9 Land #3052 - Fix nil error in BES 2014-03-11 12:51:03 -05:00
James Lee b87c2dca0b Use older hash modules when hashlib isn't there 2014-03-11 12:25:54 -05:00
Tim 4f31eba7f4 android payload golf 2014-03-10 21:50:00 -05:00
joe 66ff5998a5 New multi-arch stagers. 2014-03-10 21:49:56 -05:00
joe 60b5191873 New meterpreter bins for testing. 2014-03-10 21:49:14 -05:00
joe 667bed8905 New multi-arch stagers. 2014-03-10 18:50:27 -07:00
James Lee 75c94cc5d7 Derp 2014-03-10 16:30:55 -05:00
James Lee e508079aff Don't crash when ctypes isn't available 2014-03-10 16:10:24 -05:00
joe 6616d36d63 New meterpreter bins for testing. 2014-03-07 13:21:30 -08:00
kyuzo 2a1e96165c Adding MS013-058 for Windows7 x86 2014-03-06 18:39:34 +00:00
Joe Vennix 05067b4e33 Oops. Need to init the profile before accessed. 2014-03-06 11:48:54 -06:00
Joe Vennix 3d7bc6c589 Remove form_post.js. 2014-03-05 23:35:54 -06:00
William Vu 096d6ad951 Land #3055, heapLib2 integration 2014-03-05 15:48:13 -06:00
Spencer McIntyre 1dea1c030e Add interface support via OSX SystemConfiguration 2014-03-05 13:59:13 -05:00
Joe Vennix 5790547d34 Start undoing some work. 2014-03-04 17:01:53 -06:00
Spencer McIntyre 0834102e2b Support tcp server channels and add a python MeterpreterSocket 2014-03-04 13:31:29 -05:00
Joe Vennix 3360f7004d Update form_post vars, add Expires to cookie. 2014-03-03 23:29:02 -06:00