adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

21851 Commits

Author SHA1 Message Date
xistence b916a9d267 VNC Keyboard Exec 2015-07-10 14:08:32 +07:00
xistence 13a69e4011 X11 Keyboard Exec 2015-07-10 13:57:54 +07:00
xistence 52d41c8309 Western Digital Arkeia 'ARKFS_EXEC_CMD' <= v11.0.12 Remote Code Execution 2015-07-10 09:51:28 +07:00
wchen-r7 f59c99e2ff Remove msfcli, please use msfconsole -x instead 
msfcli is no longer supported, please use msfconsole.

Announcement on SecurityStreet:
Weekly Metasploit Wrapup
Posted by Tod Beardsley in Metasploit on Jan 23, 2015 11:57:05 AM
 2015-07-09 12:50:02 -05:00
Michael Messner d7beb1a685 feedback included 2015-07-09 08:31:11 +02:00
HD Moore 67666160e8 Add patched server detection 2015-07-08 13:47:59 -05:00
HD Moore 25e0f888dd Initial commit of R7-2015-08 coverage 2015-07-08 13:42:11 -05:00
wchen-r7 a3ec56c4cb Do it in on_request_exploit because it's too specific 2015-07-08 12:32:38 -05:00
wchen-r7 cefbdbb8d3 Avoid unreliable targets 
If we can't garantee GreatRanking on specific targets, avoid them.
 2015-07-08 12:12:53 -05:00
Brent Cook c86d16ffb6 update payload sizes 2015-07-07 23:15:57 -05:00
Brent Cook 23abc288c8 Resolved conflicts with master 2015-07-07 22:34:30 -05:00
wchen-r7 6a33807d80 No Chrome for now 2015-07-07 15:56:58 -05:00
jvazquez-r7 f8b668e894 Update ranking and References 2015-07-07 15:43:02 -05:00
Tod Beardsley 116c3f0be1 Add CVE as a real ref, too 2015-07-07 14:46:44 -05:00
Tod Beardsley 3d630de353 Replace with a real CVE number 2015-07-07 14:44:12 -05:00
cldrn d3902771b6 Fixes call to the credentials API and adds version info 2015-07-07 13:48:16 -05:00
wchen-r7 fdb715c9dd Merge branch 'upstream-master' into bapv2 2015-07-07 13:45:39 -05:00
jvazquez-r7 829b08b2bf Complete authors list 2015-07-07 12:49:54 -05:00
wchen-r7 49effdf3d1 Update description 2015-07-07 12:46:02 -05:00
wchen-r7 d885420aff This changes the version requirement for adobe_flash_hacking_team_uaf.rb 
Because it works for Win 8.1 + IE11 too
 2015-07-07 12:42:56 -05:00
wchen-r7 d30688b116 Add more requirement info 2015-07-07 12:33:47 -05:00
jvazquez-r7 d9aacf2d41 Add module for hacking team flash exploit 2015-07-07 11:19:48 -05:00
wchen-r7 c37b60de7b Do some print_status with ms14_064 2015-07-07 00:57:37 -05:00
wchen-r7 9a1500ee96 Change module name a little bit, makes it easier to find in GUI 2015-07-06 22:31:07 -05:00
wchen-r7 4a70e23f9a Add ExploitReloadTimeout datastore option 
Some exploits require more time, and if we try the next exploit too
soon, it may crash the browser.
 2015-07-06 19:20:15 -05:00
Spencer McIntyre e16cd08599 Update the payload CachedSize 2015-07-06 17:16:56 -04:00
Spencer McIntyre 2a89e248d7 Pymet fix send uuid logic for Python 3.x 2015-07-06 11:20:34 -04:00
Tod Beardsley 3d30cef58e Land #5668, I don't know how to avoif things 2015-07-06 09:24:18 -05:00
Michael Messner 5b6ceff339 mime message 2015-07-06 15:00:12 +02:00
Donny Maasland a9edfa1b4b Fix a small typo 2015-07-06 13:37:36 +02:00
joev 133e221dcd Remove unnecessary steps. 2015-07-05 19:00:58 -05:00
joev c993c70006 Remove sleep(), clean up WritableDir usage. 2015-07-05 18:59:00 -05:00
HD Moore d2063c92e1 Refactor datastore names to match standards 2015-07-05 18:21:45 -05:00
joev 72a1e9ad99 Add module for rootpipe+entitlements exploit for 10.10.3. 2015-07-05 18:19:46 -05:00
joev b577f79845 Fix some bugs in the safari file navigation module. 2015-07-05 16:46:18 -05:00
Ben Lincoln 6e9a477367 Removed reference URL for the report to the vendor, as it is no 
longer valid.
 2015-07-03 13:48:24 -07:00
Ben Lincoln 02ace9218b Added handling for HTTP 401 (Authorization Required) response from target. 
Added Exploit DB entries to references list.

Minor change to description text for clarity.
 2015-07-03 13:36:44 -07:00
Spencer McIntyre 632bcda345 Land #5652, improve LAPS filter to reduce empty results 2015-07-03 15:02:39 -04:00
Spencer McIntyre 29d45e3b18 Pymet patch in timeout info on generate_stage 2015-07-03 14:12:29 -04:00
HD Moore 43d47ad83e Port BAPv2 to Auxiliary 2015-07-02 15:29:24 -05:00
David Maloney e843db78dc put rhost option back 
it is needed for the wmic query that
creates the shadowcopy

MSP-12867
 2015-07-02 14:46:40 -05:00
David Maloney 7b2b526ea1 deregister unwated options 
deregister mixin options that we don't need
for this module
 2015-07-02 14:33:21 -05:00
William Vu 8892cbdd10 Fix some minor things 2015-07-02 14:32:16 -05:00
David Maloney cc51d1e8fd use registry data for VSS grab 
use the location data we got from the registry for copying
the NTDS.dit file correctly with the VSS method
 2015-07-02 14:27:51 -05:00
David Maloney 89d283da09 check registry for ntds location 
check the registry for the location of the ntds.dit
file

MSP-12867
 2015-07-02 14:07:47 -05:00
Tod Beardsley 95f19e6f1f Minor description edits for clarity 
Edited modules/exploits/multi/browser/adobe_flash_nellymoser_bof.rb
first landed in #5642, Adobe Flash CVE-2015-3113 Nellymoser Audio
Decoding BOF

Edited modules/post/windows/gather/credentials/enum_laps.rb first landed
in #5590, @Meatballs1 adds MS LAPS Enum post mod

Edited modules/post/windows/gather/enum_ad_bitlocker.rb first landed in
Keys from AD
 2015-07-02 13:51:37 -05:00
HD Moore 87e6325737 Revert BAPv2 changes to framework/libraries/handlers 2015-07-02 12:10:21 -05:00
David Maloney 42daf4d38b fix up ordering of pre-checks 
i hate early returns, but we need to bail out early
if some of these checks fail

MSP-12867
 2015-07-02 11:52:02 -05:00
Josh Abraham 99c29052c7 Merge branch 'smb_enumuser_domain_storage' of github.com:jabra-/metasploit-framework into smb_enumuser_domain_storage 2015-07-02 08:24:04 -04:00
Josh Abraham dfa71a2b44 update to store creds using the new method 2015-07-02 08:22:21 -04:00