1
mirror of https://github.com/rapid7/metasploit-framework synced 2024-10-29 18:07:27 +01:00
Commit Graph

19697 Commits

Author SHA1 Message Date
wchen-r7
57984706b8 Resolve merge conflict with Gemfile 2016-03-24 18:13:31 -05:00
dmohanty-r7
6a462d5f60
Land #6703, Make ms09_065_eot_integer passive 2016-03-23 13:39:41 -05:00
Adam Cammack
8fb55eeb6b
Land #6700, add aux module to gather browser info 2016-03-23 13:19:27 -05:00
wchen-r7
8c5c0086e6 Change cve_2012_6301 module path & make passive
This addresses two things:

1. The module is in the wrong directory. dos/http is for http
   servers, not browsers.
2. PassiveActions should not be a 2D array.
2016-03-23 11:10:23 -05:00
wchen-r7
53860bef1f Make ms09_065_eot_integer passive
MS-932
2016-03-23 10:50:24 -05:00
wchen-r7
8bf039a69e ignore_items! should not be used in a loop
because it's not necessary.
2016-03-22 15:56:38 -05:00
wchen-r7
8836393cb1 Add aux module to gather browser information. 2016-03-22 13:56:12 -05:00
h00die
ebc7316442 Spelling Fix
Fixed Thorugh to Through
2016-03-19 13:58:13 -04:00
Adam Cammack
570221379e
Land #6533, move ie_unsafe_scripting to BES 2016-03-18 11:22:44 -05:00
James Lee
d54bbdf9a3
Land #6566, filezilla xml file locations 2016-03-17 16:27:24 -05:00
James Lee
115a033036
Fix parsing the Last Server xml 2016-03-17 16:27:02 -05:00
wchen-r7
31279291c2 Resolve merge conflict for ie_unsafe_scripting.rb 2016-03-17 14:42:36 -05:00
wchen-r7
b1b68294bb Update class name 2016-03-17 14:41:23 -05:00
wchen-r7
7b2d717280 Change ranking to manual and restore BAP2 count to 21
Since the exploit requires the target to be configured manually,
it feel more appropriate to be ManualRanking.
2016-03-17 14:39:28 -05:00
James Lee
1375600780
Land #6644, datastore validation on assignment 2016-03-17 11:16:12 -05:00
Brent Cook
e9f87d2883
Land #6685, ensure platform variable is set for non-osx 2016-03-17 08:25:42 -05:00
James Lee
9e7a330ac8
OptInt -> OptPort 2016-03-16 15:47:29 -05:00
James Lee
af642379e6
Fix some OptInts 2016-03-16 14:13:18 -05:00
James Lee
c21bad78e8
Fix some more String defaults 2016-03-16 14:13:18 -05:00
Spencer McIntyre
4e3a188f75
Land #6401, EasyCafe server file retrieval module 2016-03-16 13:24:54 -04:00
Spencer McIntyre
9ac4ec4bfc Update the class name to MetasploitModule 2016-03-16 13:22:06 -04:00
Spencer McIntyre
53f1338ad0 Update module to remove references to print peer 2016-03-16 13:10:39 -04:00
Brent Cook
1769bad762 fix FORCE logic 2016-03-16 09:53:09 -05:00
Brent Cook
d70308f76e undo logic changes in adobe_flas_otf_font 2016-03-16 09:52:21 -05:00
Tim
f83cb4ee32 fix set_wallpaper 2016-03-16 13:07:41 +00:00
Adam Cammack
05f585157d
Land #6646, add SSL SNI and unify SSLVersion opts 2016-03-15 16:35:22 -05:00
l0gan
e29fc5987f Add missing stream.raw for hp_sitescope_dns_tool
This adds the missing stream.raw.
2016-03-15 11:06:06 -05:00
wchen-r7
38153d227c Move apache_karaf_command_execution to the SSH directory
apache_karaf_command_execution does not gather data, therefore
it is not suitable to be in the gather directory.
2016-03-14 00:32:59 -05:00
William Vu
6323f7f872 Fix a couple overlooked issues 2016-03-13 23:35:05 -05:00
Brent Cook
df0ff30468
Land #6642, make ipv6_neighbor_router_advertisement discovery smarter 2016-03-13 16:53:11 -05:00
Brent Cook
635e31961a generate valid prefixes 2016-03-13 16:44:57 -05:00
Brent Cook
cd84ac37d6
Land #6569, check if USERNAME env var exists before using in enum_chrome post module 2016-03-13 15:12:51 -05:00
Brent Cook
a50b21238e
Land #6669, remove debug code from apache_roller_ognl_injection that breaks Windows 2016-03-13 14:14:10 -05:00
Brent Cook
23eeb76294
update php_utility_belt_rce to use MetasploitModule 2016-03-13 13:59:47 -05:00
Brent Cook
a6316d326e
Land #6662, update disclosure date for php_utility_belt_rce 2016-03-13 13:58:04 -05:00
Brent Cook
c89e53d0a3
Land #6666, fix filezilla_server display bug showing the session ID 2016-03-13 13:56:44 -05:00
Brent Cook
dabe5c8465
Land #6655, use MetasploitModule as module class name 2016-03-13 13:48:31 -05:00
wchen-r7
b22a057165 Fix #6554, hardcoded File.open path in apache_roller_ognl_injection
The hardcoded File.open path was meant for debugging purposes during
development, but apparently we forgot to remove it. This line causes
the exploit to be unusable on Windows platform.

Fix #6554
2016-03-11 18:48:17 -06:00
wchen-r7
51cdb57d42 Fix #6569, Add a check for USERNAME env var in enum_chrome post mod
Fix #6569

Depending on the context, the USERNAME environment variable might
not always be there.
2016-03-11 15:36:44 -06:00
James Lee
8217d55e25
Fix display issue when SESSION is -1 2016-03-11 11:37:22 -06:00
Jay Turla
8953952a8f correction for the DisclosureDate based on Exploit-DB 2016-03-11 14:05:26 +08:00
James Barnett
7009682100
Landing #6659, Fix bug in MS08-067 related to incorrect service pack identification when fingerprinting 2016-03-10 14:29:29 -06:00
William Vu
8d22358892
Land #6624, PHP Utility Belt exploit 2016-03-09 14:12:45 -06:00
William Vu
52d12b68ae Clean up module 2016-03-09 14:08:26 -06:00
wchen-r7
179d38b914 Fix #6658, MS08-067 unable to find the right target for W2k3SP0
Fix #6658.

When there is no service pack, the
Msf::Exploit::Remote::SMB#smb_fingerprint_windows_sp method returns
an empty string. But in the MS08-067 exploit, instead of check an
empty string, it checks for "No Service Pack", which causes it to
never detect the right target for Windows Server 2003 SP0.
2016-03-09 11:05:34 -06:00
Fakhri Zulkifli
45c7e4b6ae Update ipv6_neighbor_router_advertisement.rb 2016-03-09 11:21:24 +08:00
Fakhri Zulkifli
e417909111 Update ipv6_neighbor_router_advertisement.rb 2016-03-09 11:21:07 +08:00
Christian Mehlmauer
3123175ac7
use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
wchen-r7
c2f99b559c Add documentation for auxiliary/scanner/http/tomcat_enum
Also fix a typo in normalizer
2016-03-07 15:39:15 -06:00
Brent Cook
f703fa21d6 Revert "change Metasploit3 class names"
This reverts commit 666ae14259.
2016-03-07 13:19:55 -06:00