ae9b462b99
Fix baud rate (see PR #1008 )
2012-11-04 22:38:16 -06:00
fca8208171
Some minor code cleanup
2012-11-04 14:45:15 -06:00
f69ccc779f
Unified smarter module
2012-11-04 13:14:02 -06:00
c30ada5eac
Adds temp vbs mod and tweaked decoder stub
2012-11-04 12:49:15 -06:00
963fdd6430
Initial commit for Digi RealPort modules
2012-11-03 17:44:53 -05:00
a88031a02a
added web exploit mixin
2012-11-01 21:37:12 +02:00
519eb0c2be
Behold the King of Typos in all my glory
2012-11-01 11:30:52 -05:00
0eccfaf1bb
Add a disclosure date
2012-11-01 10:24:28 -05:00
dd7ab11e38
Minor cleanup
2012-10-31 16:14:34 -05:00
bfbae5fbb7
Merge branch 'upstream-master' into WinRM_piecemeal
...
Conflicts:
lib/msf/core/exploit/winrm.rb
2012-10-24 14:12:28 -05:00
1dcbbdf162
changed indent level
2012-10-24 13:50:44 -05:00
a15c35091d
Add the WinRM login module
2012-10-24 11:25:39 -05:00
8c1304557f
Code cleanup
2012-10-23 16:32:26 -05:00
e19f2d235c
Actually use the timeout in winrm cmd
2012-10-23 11:29:32 -05:00
04fd990741
bad indent
2012-10-22 17:03:40 -05:00
e08cedec2e
Requested revisions/cleanup
...
minor fixes to spacing, some typos, and abse64 switched to Rex
2012-10-22 17:01:00 -05:00
57514e5407
Msftidyness
2012-10-19 16:56:52 -05:00
56cbe6a67e
Some minor fixups
2012-10-19 15:25:03 -05:00
3a8dd261ae
WinRM mixin and basic discovery module
2012-10-19 15:08:58 -05:00
ffa4373242
Merge branch 'rapid7' into wchen-r7-print_warning
...
[Closes #899 ]
2012-10-19 13:49:32 -05:00
768d2c5921
Go back to old behavior for unknown versions
...
May not be correct, but it's what we used to do, so probably better than
just raising.
Also documents things a bit better.
2012-10-18 16:57:40 -05:00
1eccb24bf8
Raise if the version isn't what we expect
...
Also adds some clarifying commentation and adds todb to the list of
authors since he wrote the original module for windows upon which this
one is based.
2012-10-18 15:55:55 -05:00
0221f75f39
Merge branch 'rapid7' into midnitesnake-postgres_payload
2012-10-18 13:57:25 -05:00
46ed888ffe
Don't require .rb
2012-10-15 17:27:23 -05:00
932b8ba841
Require, not load, msf, not lib/msf
2012-10-15 07:11:15 -05:00
9c6fdbe9d7
Compile a .so instead of being version-specific
...
This makes it possible to use payloads for the appropriate architecture
NOTE: need to test windows and make sure I didn't break it
2012-10-13 15:18:25 -05:00
d36f642edc
Add print_warning()
2012-10-12 21:48:15 -05:00
ad1870d819
Merge branch 'rapid7' into midnitesnake-postgres_payload
2012-10-12 14:18:34 -05:00
13a5892e95
Add a mixin for uploading/executing bins with PHP
...
And use it in three modules that had copy-paste versions of the same
idea.
2012-10-12 02:57:41 -05:00
d832aac629
msftidy caught the space I left in there.
2012-10-01 17:27:00 -05:00
f2c7731b39
Add RopDb mixin
2012-10-01 17:09:01 -05:00
9629ea5d05
Got rid of methods upload_elf, write_to_disk_elf, as module uses cmd injection payload, rather than binary payload.
2012-09-13 14:42:10 +01:00
221eb88313
Make filename easy to override
2012-09-10 15:59:01 -05:00
2cb2b281d6
Fix NoMethodError for nil:NilClass bug
...
The 'unless' statement expects there's always a value for USERNAME
and PASSWORD. We might as well just set '' as the default value
to avoid the NoMethodError mistake. Related to bug #7140 .
2012-09-06 01:09:40 -05:00
25ee8fd357
Run postgres.rb & postgres_payload through msftidy, and cleaned up the files
2012-08-25 01:44:49 +01:00
5cf7f22a13
corrections following on from jlee-r7 comments
2012-08-21 23:57:07 +01:00
ad2b457fda
Added linux port for postgres payload
2012-08-14 17:46:35 +01:00
c1cf71c4e9
Remove debugging load()
2012-07-18 11:02:21 -06:00
f4547527a8
Merge branch 'omg-post-exploits' of https://github.com/jlee-r7/metasploit-framework
2012-07-17 17:43:40 -05:00
c887e0aaff
Re-add AFP changes due to mangled merge
2012-07-17 00:42:49 -05:00
f62e0b1cca
AFP fixes and JTR typo fix
2012-07-16 21:45:45 -05:00
bc2edeace2
Cleanup AFP module output
2012-07-16 21:02:40 -05:00
efe478f847
Merge branch 'master' into omg-post-exploits
2012-07-16 09:20:23 -06:00
7091d1c65b
Add an exploit for sock_sendpage
...
Unfortunately, adds a dep on bionic for runtime compilation.
Gets ring0, sets the (res)uid to 0 and jumps to the payload. Still some
payload issues because linux stagers don't mprotect(2) the buffer they
read(2) into. Single payloads work fine, though.
Also cleans up and improves local exploits' ability to compile C.
[SEERM #3038 ]
2012-07-15 20:29:48 -06:00
4509c11916
Fingerprint dd-wrt even when auth is required
2012-07-15 21:21:13 -05:00
f111ae097e
Bail early if the user did not configure an injection parameter
2012-07-15 21:14:39 -05:00
2254086dbe
Replace event handler with a straightforward filter
2012-07-11 03:00:44 -05:00
6d6b4bfa92
Merge remote branch 'rapid7/master' into omg-post-exploits
2012-07-08 17:32:39 -06:00
d656e3185f
Mark all libraries as defaulting to 8-bit strings
2012-06-29 00:18:28 -05:00
807142e988
'Size' may not exist in certain PDF structure.
...
This is a fix for issues related to:
'undefined method `[]' for nil:NilClass'
It is possible that a PDF may not have the 'Size' xref, and people
are running into the 'undefined method'[]' for NilClass' exception.
Because the pdf parser always assumes there is a Size field,
so it uses a match() function to find the value for Size, which
can be nil.
See the following bug report for example:
https://dev.metasploit.com/redmine/issues/7014
2012-06-26 16:09:13 -05:00
HD Moore