adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

2369 Commits

Author SHA1 Message Date
jvazquez-r7 577bd7c855 Land #3146, @wchen-r7's flash version detection code 2014-04-02 15:13:41 -05:00
joev ebcf972c08 Add initial firefox xpi prompt bypass. 2014-04-01 23:48:35 -05:00
HD Moore 7e227581a7 Rework OS fingerprinting to match Recog changes 
This commit changes how os_name and os_flavor are handled
for client-side exploits, matching recent changes to the
server-side exploits and scanner fingerprints.

This commit also updates the client-side fingerprinting to
take into account Windows 8.1 and IE 9, 10, and 11.
 2014-04-01 08:14:58 -07:00
sinn3r a173fcf2fa Flash detection for firefox_svg_plugin 
Good test case
 2014-03-28 15:39:25 -05:00
Joe Vennix 80808fc98c Cleans up firefox SVG plugin. 2014-03-26 13:12:39 -05:00
Tod Beardsley d27264b402 Land #2782, fix expand_path abuse 2014-03-19 08:41:28 -05:00
Tod Beardsley c916b62f47 Removes hash rockets from references. 
[SeeRM #8776]
 2014-03-17 09:40:32 -05:00
William Vu 170608e97b Fix first chunk of msftidy "bad char" errors 
There needs to be a better way to go about preventing/fixing these.
 2014-03-11 11:18:54 -05:00
OJ 3ea3968d88 Merge branch 'upstream/master' into stop_abusing_expand_path 
Conflicts:
	lib/msf/core/post/windows/shadowcopy.rb
	modules/exploits/windows/local/bypassuac.rb
	modules/post/windows/gather/wmic_command.rb
	modules/post/windows/manage/persistence.rb
 2014-03-11 23:13:39 +10:00
jvazquez-r7 6c490af75e Add randomization to Rex::Zip::Jar and java_signed_applet 2014-02-27 12:38:52 -06:00
jvazquez-r7 c981bbeab9 Land #3011, @wchen-r7's fix for Dexter exploit 2014-02-24 10:53:10 -06:00
jakxx c8940c37f5 Updating References 2014-02-21 09:23:08 -05:00
jakxx ef51de3826 Updating References 2014-02-21 09:21:08 -05:00
jakxx b5bc3dd4fc Added py_web_delivery 2014-02-20 21:53:00 -05:00
jakxx 1834784b93 Added php_web_delivery 2014-02-20 13:41:26 -05:00
jvazquez-r7 998fa06912 Land #2998, @bit4bit's fix for the vtigercrm exploit 2014-02-20 08:36:05 -06:00
jvazquez-r7 0b27cd13e8 Make module work 2014-02-20 08:35:37 -06:00
sinn3r ed2ac95396 Always replace \ with / for Dexter exploit 
Fix for the following:
https://github.com/rapid7/metasploit-framework/commit/48199fec271006ed66c4de639cd39e41f05df511#commitcomment-5419010
 2014-02-19 09:24:07 -06:00
jvazquez-r7 4ca4d82d89 Land #2939, @Meatballs1 exploit for Wikimedia RCE and a lot more... 2014-02-18 17:48:02 -06:00
Tod Beardsley a863d0a526 Pre-release fixes, including msftidy errors. 2014-02-18 14:02:37 -06:00
sinn3r 52ac85be11 Land #2931 - Oracle Forms and Reports RCE 2014-02-17 08:54:23 -06:00
sinn3r 110ffbf342 Indent looks off for this line 2014-02-17 08:53:29 -06:00
sinn3r 632ea05688 100 columns 2014-02-17 08:52:56 -06:00
sinn3r 8da7ba131b In case people actually don't know what RCE means 2014-02-17 08:51:48 -06:00
sinn3r 73459baefd Add OSVDB references 2014-02-17 08:50:34 -06:00
Mekanismen fb7b938f8e check func fixed 2014-02-17 15:11:56 +01:00
Mekanismen e27d98368e fixed local server issues 2014-02-16 18:26:08 +01:00
Mekanismen e40b9e5f37 updated and improved 2014-02-16 16:24:39 +01:00
Jovany Leandro G.C 74344d6c7e vtigerolservice.php to vtigerservice.php 
using direct soap/vtigerolservice.php not work..php need require('config.php');
 2014-02-15 20:36:36 -05:00
Mekanismen b7d69c168c bugfix and user supplied local path support 2014-02-15 16:24:59 +01:00
sinn3r 9daffbd484 Land #2973 - Dexter panel (CasinoLoader) SQLi to file upload code exec 2014-02-14 17:16:27 -06:00
sinn3r 48199fec27 Change URL identifier, and make the user choose a target 2014-02-14 17:15:00 -06:00
jvazquez-r7 ff267a64b1 Have into account the Content-Transfer-Encoding header 2014-02-12 12:40:11 -06:00
bwall 783e62ea85 Applied changes from @wchen-r7's comments 2014-02-11 10:14:52 -08:00
jvazquez-r7 51df2d8b51 Use the fixed API on the mediawiki exploit 2014-02-11 08:28:58 -06:00
jvazquez-r7 79d559a0c9 Fix MIME message to_s 2014-02-10 22:23:23 -06:00
bwall 13fadffe7e Dexter panel (CasinoLoader) SQLi to PHP code exec - Initial 2014-02-10 13:44:30 -08:00
jvazquez-r7 8ece4a7750 Delete debug print 2014-02-10 08:57:45 -06:00
jvazquez-r7 57320a59f1 Do small clean up for mediawiki_thumb pr 2014-02-10 08:57:09 -06:00
Meatballs dcff06eba1 More verbose failure messages 2014-02-07 23:59:28 +00:00
Meatballs 783a986a19 Windows and auto target up and running 2014-02-07 23:26:57 +00:00
Meatballs a0f47f6b2b Correct error check logic 2014-02-07 22:06:53 +00:00
Meatballs 443a51bbf5 Undo revert from merge 2014-02-07 21:28:04 +00:00
Meatballs 56359aa99f Merge changes from other dev machine 2014-02-07 21:22:44 +00:00
Meatballs a4cc75bf98 Potential .pdf support 2014-02-07 20:37:44 +00:00
Meatballs e13520d7fb Handle a blank filename 2014-02-07 20:15:32 +00:00
Meatballs 103780c3da Merge remote-tracking branch 'upstream/master' into mediawiki 2014-02-07 20:07:04 +00:00
grimmlin 2d93b38e2a Fixed java_signed_applet for Java 7u51 2014-02-07 16:29:50 +01:00
Meatballs 0a3cb3377f AppendEncoder 2014-02-04 15:41:10 +00:00
Meatballs 26c506da42 Naming of follow method 2014-02-04 15:25:51 +00:00