Skip to content

Retab/pr/2183 #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 586 commits into from
Sep 14, 2013
Merged

Retab/pr/2183 #6

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
586 commits
Select commit Hold shift + click to select a range
586ae8d
Land #2249, @wchen-r7's patch for [SeeRM #8314]
Aug 20, 2013
8adc4f0
Land #2250, @wchen-r7's clean up for mssql_ping
Aug 20, 2013
546c523
Land #2252, @wchen-r7's patch for print_line vs print
Aug 20, 2013
533d98b
Adding module for CVE 2013-5093, Graphite Web Exploit
Aug 20, 2013
42f774a
Fix check method
Aug 20, 2013
6cf0cc7
Land #2261, @CharlieEriksen's exploit for CVE-2013-5093
Aug 20, 2013
202b31d
Better fix based on feedback
wchen-r7 Aug 20, 2013
3ac59fe
Land #2251, @wchen-r7's patch to use OptRegexp
Aug 20, 2013
1702cf2
Use TARGETURI
wchen-r7 Aug 20, 2013
ceb0f56
Land #2258, @wchen-r7's patch for [SeeRM #8318]
Aug 20, 2013
fe08903
Land #2257, @wchen-r7's patch for [SeeRM #8317]
Aug 20, 2013
97933c4
Moving meterpreter scripts out of exe.rb into a templates folder.
Aug 20, 2013
c2cf822
Commit adding the template scripts.
Aug 20, 2013
7b7ffef
Merge remote-tracking branch 'upstream/master'
Aug 20, 2013
ea78e83
Fix undefined method error
wchen-r7 Aug 21, 2013
35b15b6
Fix undefined method error
wchen-r7 Aug 21, 2013
9f98d4a
Fix undefined method error
wchen-r7 Aug 21, 2013
5993cbe
Fix undefined method error
wchen-r7 Aug 21, 2013
9ca7a72
Fix undefined method error
wchen-r7 Aug 21, 2013
37eaa62
Fix undefined method error
wchen-r7 Aug 21, 2013
8806e76
Fix undefined method error
wchen-r7 Aug 21, 2013
3a271e7
Fix undefined method error
wchen-r7 Aug 21, 2013
217d89f
Fix undefined method error
wchen-r7 Aug 21, 2013
32a190f
Fix undefined method error
wchen-r7 Aug 21, 2013
092b43c
Fix undefined method error
wchen-r7 Aug 21, 2013
2597c71
Fix undefined method error
wchen-r7 Aug 21, 2013
0561928
Fix undefined method error
wchen-r7 Aug 21, 2013
785f633
Fix undefined method error
wchen-r7 Aug 21, 2013
8eeb66f
Fix undefined method error
wchen-r7 Aug 21, 2013
0f85fa2
Fix undefined method error
wchen-r7 Aug 21, 2013
42a7766
Fix undefined method error
wchen-r7 Aug 21, 2013
ae8c40c
Fix undefined method error
wchen-r7 Aug 21, 2013
be29e44
Fix undefined method error
wchen-r7 Aug 21, 2013
2fa75e0
Fix undefined method error
wchen-r7 Aug 21, 2013
77942f0
Fix undefined method error
wchen-r7 Aug 21, 2013
92752de
Fix undefined method error
wchen-r7 Aug 21, 2013
89753a6
Fix undefined method error
wchen-r7 Aug 21, 2013
50e7d80
Validate datastore option "YEAR"
wchen-r7 Aug 21, 2013
3a2433d
Remove unneeded filetime read
jiuweigui Aug 21, 2013
0cc499f
Minor deletes related to filetime change.
jiuweigui Aug 21, 2013
b72566b
Add module for ZDI-13-190
Aug 21, 2013
514d2b4
Fix to make msftidy happy.
jiuweigui Aug 21, 2013
ffac647
Un typo a client and server socket mixup.
zeroSteiner Aug 21, 2013
965e2d8
Use normalize_uri
Aug 21, 2013
c070067
Fix SessionManager database leak
bturner-r7 Aug 21, 2013
86a8339
Merge remote-tracking branch 'upstream/master'
Aug 21, 2013
a6e5e9c
Updated using limhof-r7 advice
Aug 21, 2013
cd45c77
Fix a few database leaks
bturner-r7 Aug 21, 2013
ff6ad30
Add module for ZDI-13-006
Aug 22, 2013
23a067a
Refactor reading of script files and substitution
Meatballs1 Aug 23, 2013
cfd6c66
Fix VBS
Meatballs1 Aug 23, 2013
a45f49e
Use a new Ranking
Aug 23, 2013
9aba91a
Land #2275, @Ruslaideemin's badchars improve for intrasrv_bof
Aug 23, 2013
12b5dbe
Initialize the hash_sub
Meatballs1 Aug 23, 2013
418505a
Fix psh-net
Meatballs1 Aug 23, 2013
5040347
Fix psh and add powershell transform
Meatballs1 Aug 23, 2013
7370fc3
vbs transform
Meatballs1 Aug 23, 2013
dd13a7e
Working .asp
Meatballs1 Aug 23, 2013
1cb1afa
Fix aspx
Meatballs1 Aug 23, 2013
4d21b06
Aspx uses transform
Meatballs1 Aug 23, 2013
cd83077
Fix vba_exe
Meatballs1 Aug 23, 2013
41b1b30
vba transform
Meatballs1 Aug 23, 2013
dfc606f
Slightly saner filenames
Meatballs1 Aug 23, 2013
cf5ddfe
Some war fixes
Meatballs1 Aug 23, 2013
09ceeb5
Fix war generation
Meatballs1 Aug 23, 2013
ad214da
Switch to powershell to exec payload
Aug 23, 2013
ba27eab
Comment out ctrl-z hax.
jvennix-r7 Aug 23, 2013
7ebe663
Finish fixing ruby 1.8.7 regressions. Works on 10.8 and 10.7.
jvennix-r7 Aug 23, 2013
413474f
Move module to the correct path
Aug 23, 2013
f3415f4
Make msftidy compliant
Aug 23, 2013
a5c9f8d
Beautify targets metadata
Aug 23, 2013
2a68e44
Oops. Don't write the ruby payload to /Users/joe/Desktop, thats not g…
jvennix-r7 Aug 23, 2013
c3b9826
Seriously ,stop writing things to my desktop.
jvennix-r7 Aug 23, 2013
6c4ad6a
Move modules to post/osx/manage.
jvennix-r7 Aug 23, 2013
7b5e98d
Land #2269 - Oracle Endeca Server Remote Command Execution
wchen-r7 Aug 23, 2013
ba00395
Set filename to osx_mic_rec instead of webcam.
jvennix-r7 Aug 23, 2013
87d8e16
Use defined? instead of version float check.
jvennix-r7 Aug 23, 2013
2d3f599
Moves ruby_dl helpers to proper place in repo.
jvennix-r7 Aug 23, 2013
4c4fe0b
Fix x64 exe droppers
Meatballs1 Aug 23, 2013
f50ede1
Remove redundant methods
Meatballs1 Aug 23, 2013
fc91380
Add work code
Aug 23, 2013
9e2d9da
Make spec exercise non-exes
Meatballs1 Aug 23, 2013
ffc575d
Whitespace in spec
Meatballs1 Aug 23, 2013
155f336
Merge pull request #2 from jvazquez-r7/test_osx
jvennix-r7 Aug 24, 2013
a4c2ba0
Pass cmd through /bin/sh to set default /Users/joe/.rvm/gems/ruby-1.9…
jvennix-r7 Aug 24, 2013
099b824
Merge pull request #1 from Meatballs1/pr/2270
Aug 24, 2013
140d8ae
Need to set timezone first.
jvennix-r7 Aug 24, 2013
3cdc6ab
Clean up some code, get CMD working.
jvennix-r7 Aug 24, 2013
3fae6c5
Initial exe-service
Meatballs1 Aug 24, 2013
9ea17ef
Merge upstream
Meatballs1 Aug 24, 2013
9786f84
Service exes
Meatballs1 Aug 24, 2013
b4b59aa
Add guards against empty payloads
Meatballs1 Aug 24, 2013
4532474
Allow cleanup from the new session
Aug 24, 2013
832fa88
Change the command to launch after background the payload job
Aug 24, 2013
480794a
Make small fixes
Aug 24, 2013
82cf812
Switch to PrependMigrate
Aug 24, 2013
ab293d2
Make msftidy happy
Aug 24, 2013
73f4259
Fix based on suggestions
jiuweigui Aug 24, 2013
3ce23ff
Make a test before running the payload
Aug 24, 2013
2ebfdcc
Fix to description
jiuweigui Aug 24, 2013
b13d357
Add ranking
Aug 24, 2013
d44a33c
Merge pull request #3 from jvazquez-r7/work_osx
jvennix-r7 Aug 24, 2013
0e11673
Polishing module. Tested on 10.8, 10.8.2, and 10.8.4.
jvennix-r7 Aug 24, 2013
b4ad8c8
Beautify module
Aug 24, 2013
546397e
Merge pull request #4 from jvazquez-r7/work_osx
jvennix-r7 Aug 24, 2013
5b812b0
Add references
Aug 24, 2013
90d2dab
Merge pull request #5 from jvazquez-r7/work_osx
jvennix-r7 Aug 24, 2013
29320f5
Fix vn refs. Add juan as an @author.
jvennix-r7 Aug 24, 2013
757886b
Remove some extra wip files.
jvennix-r7 Aug 24, 2013
bf89c95
Just the one file, please
jvennix-r7 Aug 24, 2013
50dfac9
Merge pull request #2 from Meatballs1/psh_fix
Aug 24, 2013
19e47d5
Really fix war
Meatballs1 Aug 24, 2013
83da0b3
Correct fname
Meatballs1 Aug 24, 2013
d45d37b
Really fix...
Meatballs1 Aug 24, 2013
526e504
More fix
Meatballs1 Aug 25, 2013
0a6ac04
Merge pull request #3 from Meatballs1/psh_fix
Aug 25, 2013
7121a94
Merge remote-tracking branch 'origin/master' into exe-template-refactor
Aug 25, 2013
bb5f71e
Merge branch 'exe-template-refactor' of https://github.com/shellster/…
Aug 25, 2013
355c311
Merge pull request #2277 from Meatballs1/service_exes
Aug 25, 2013
f8d1d29
Add module for ZDI-13-182
Aug 26, 2013
64d21c7
added portproxy post meterpreter module
BorjaMerino Aug 26, 2013
2b57755
OptEnum option changed
BorjaMerino Aug 26, 2013
9cb8ec9
Fix module description
Aug 26, 2013
0baaf98
Delete on_new_session cleanup, as discusses with @jlee-r7
Aug 26, 2013
252f48a
Land #2272, @jvennix-r7's exploit for CVE-2013-1775
Aug 26, 2013
8c7f4b3
Avoid using inline rescue
wchen-r7 Aug 26, 2013
6b8feaf
Type conversion
wchen-r7 Aug 26, 2013
3769da2
Better fixes
wchen-r7 Aug 26, 2013
5b4890f
Fix caps on typo3_winstaller module
Aug 26, 2013
6b15a07
Update for grammar in descriptions on new modules.
Aug 26, 2013
a58750f
Land #2266, @wchen-r7's patch forn [SeeRM #8345] and [SeeRM #8344]
Aug 26, 2013
c660279
Land #2259, @wchen-r7's patch for [SeeRM #8319]
Aug 26, 2013
007b3de
Merge pull request #2271 from bturner-r7/bug/db-leaks
Aug 26, 2013
7fad269
More fix to jboss_seam_exec
wchen-r7 Aug 26, 2013
9f80511
Properly implement normalize_uri
wchen-r7 Aug 26, 2013
85ed916
Print target endpoint
wchen-r7 Aug 26, 2013
4cbdf38
updated contact info
Aug 26, 2013
8e9bcb4
Land #2287, @frank2's updated contact info
Aug 26, 2013
b9360b9
Land #2286, @wchen-r7's patch for undefined method errors
Aug 27, 2013
7a4d781
Land #2274 - Firefox XMLSerializer Use After Free
wchen-r7 Aug 27, 2013
63786f9
Add local exploit for taviso's vmware privesc
egypt Aug 27, 2013
e1e8891
Add references and comments
Aug 27, 2013
8efe2d9
Land #2289, @jlee-r7's exploit for CVE-2013-1662
Aug 27, 2013
93c46c4
Complete the Author metadata
Aug 27, 2013
7efe85d
php_include - added @wchen-r7's code improvements
g0tmi1k Aug 27, 2013
66fa1b4
Fix logic to spray correctly IE9
Aug 27, 2013
f59f57e
Randomize object id
Aug 27, 2013
82e0adb
Merge pull request #1 from jvazquez-r7/spip_connect_exec_review
ddouhine Aug 27, 2013
15b741b
Require the powershell mixin explicitly
Aug 27, 2013
997c5e5
Land #2291, @todb-r7's patch for oracle_endeca_exec's requires
Aug 27, 2013
2e4e3fd
Land #2237 - Fix check function
wchen-r7 Aug 27, 2013
b0226ca
Land #2290 - HP LoadRunner lrFileIOService ActiveX Vulnerability
wchen-r7 Aug 27, 2013
e4a567b
Land #2284 - Fix description
wchen-r7 Aug 27, 2013
16ace44
Move keylogger.rb to post/osx/capture/keylog_recorder
wchen-r7 Aug 27, 2013
a9459ef
Update module title for naming style consistency
wchen-r7 Aug 27, 2013
728d0a0
Land #2240 - OSX keylogger
wchen-r7 Aug 27, 2013
0bfc12a
Fix the way to get a session over a telnet connection
Aug 27, 2013
a91b38c
Land #2276 - osx webcam and record_mic post modules
wchen-r7 Aug 27, 2013
13996b9
Correct action description for recording
wchen-r7 Aug 27, 2013
589e9a2
Land #2293, @wchen-r7's description fix for the post webcam mod
Aug 27, 2013
b702a0d
Fix "A payload has not been selected."
kost Aug 28, 2013
ab572d7
Fix Authors metadata section
Aug 28, 2013
26531db
Land #2100, @ddouhine's exploit for OSVDB 83543
Aug 28, 2013
bc593aa
Avoid confusion between variable and method name
Aug 28, 2013
8ac82b8
Beautify timezone_key_values function
Aug 28, 2013
ef30858
Use default timeout value
Aug 28, 2013
904bd12
Fix print over nil or empty string
Aug 28, 2013
4f8ba82
Make gather_pf_info return a prefetch entry
Aug 28, 2013
5c32bb4
Beautify metadata
Aug 28, 2013
0fbe411
Ensure use Ruby File
Aug 28, 2013
1042dbe
Land #2108, @jiuweigui's post module to get info from prefetch files
Aug 28, 2013
57c7d06
Land #2295 - Add platform info
wchen-r7 Aug 28, 2013
feae4a4
I don't like end-of-line comments
egypt Aug 28, 2013
c31a233
Juan changes applied
BorjaMerino Aug 28, 2013
f490277
Always os.fork() when available.
zeroSteiner Aug 28, 2013
aa05632
Update unsafe scripting module
Meatballs1 Aug 28, 2013
a12f509
Encode the powershell cmd
Meatballs1 Aug 28, 2013
3a2a2a9
Beautify metadata
Aug 28, 2013
c68986e
Favor unless over if not
Aug 28, 2013
ad1b9fb
Use datastore options to avoid complex logic around args
Aug 28, 2013
ad8b6ec
Avoid redefine builtin datastore options
Aug 28, 2013
f339510
Use OptPort
Aug 28, 2013
c04e6b2
Reduce code complexity on check_ipv6
Aug 28, 2013
6b8c7cb
Omit parentheses for method call with no args
Aug 28, 2013
05863cb
Delete vague exception handling only done on one place
Aug 28, 2013
43badfa
Move the check_ipv6 call to the run metod
Aug 28, 2013
f477711
Provide more information about installing IPv6
Aug 28, 2013
66886ee
Land #2283, @bmerinofe's post module for PortProxy Port Forwarding
Aug 28, 2013
9f04fa6
Add metsrv.dll updates for proxy support
egypt Aug 29, 2013
ee9b1ef
Greatly shortened to_mem_old.ps1.template by using [Math]::max.
Aug 25, 2013
fbbfb0a
Merge and rescue ex correctly
Meatballs1 Aug 28, 2013
eba6762
Land #2270, Util::EXE refactor
egypt Aug 29, 2013
7b93147
Add the require boilerplate
Aug 29, 2013
4a6bf1d
Add module for ZDI-13-207
Aug 29, 2013
657be3a
Fix typo
Aug 29, 2013
2176f0b
Land #2303, @todb-r7's patch to avoid loading order issues on sudo_pa…
Aug 29, 2013
0a1b078
Add CVE-2013-3184 (MS13-058) CFlatMarkupPointer Use After Free
wchen-r7 Aug 30, 2013
7401f83
Land #2305 - HP LoadRunner lrFileIOService ActiveX WriteFileString Bug
wchen-r7 Aug 30, 2013
1ea3d91
Lands #2244 Python Meterpreter
Meatballs1 Aug 30, 2013
38dbab9
Fix typos
wchen-r7 Aug 30, 2013
f4e0910
Correct file name
wchen-r7 Aug 30, 2013
a283f1d
Correct module title
wchen-r7 Aug 30, 2013
ea8cd2d
Update authors list
Aug 30, 2013
5b32c63
Land #2308, @wchen-r7's exploit for MS13-059
Aug 30, 2013
ee4ba04
Initial commit of the python meterpreter.
zeroSteiner Aug 6, 2013
e426177
Add process enumeration for windows.
zeroSteiner Aug 7, 2013
89508af
Add Windows registry manipulation support.
zeroSteiner Aug 9, 2013
c035278
Improve process execution on Linux.
zeroSteiner Aug 9, 2013
d132aa9
Add process enumeration via PS for OSX.
zeroSteiner Aug 12, 2013
2e152a5
Remove debug print and fix channel additions.
zeroSteiner Aug 13, 2013
796ac18
Sort import statements alphabetically.
zeroSteiner Aug 15, 2013
b5ccca4
Un typo a client and server socket mixup.
zeroSteiner Aug 21, 2013
4788d86
Always os.fork() when available.
zeroSteiner Aug 28, 2013
0bebf04
Add module for ZDI-13-207
Aug 29, 2013
be06e67
Fix typo
Aug 29, 2013
20b3452
Add CVE-2013-3184 (MS13-058) CFlatMarkupPointer Use After Free
wchen-r7 Aug 30, 2013
6a29a36
Fix typos
wchen-r7 Aug 30, 2013
4e808a4
Correct file name
wchen-r7 Aug 30, 2013
8eccb04
Correct module title
wchen-r7 Aug 30, 2013
83c8680
Update authors list
Aug 30, 2013
1b87853
Merge branch 'upstream-master'
Aug 30, 2013
d84939c
Fixes three minor issues in the python meterpreter.
zeroSteiner Aug 30, 2013
7e5e0f7
Retab lib
tabassassin Aug 30, 2013
41e4375
Retab modules
tabassassin Aug 30, 2013
c4aa557
Land #2292 - Fix the way to get a session over a telnet connection
wchen-r7 Aug 31, 2013
0736677
Land #2299 - Add powershell support & removes ADODB.Stream requirement
wchen-r7 Aug 31, 2013
a4bcc1f
Correct module naming style
wchen-r7 Aug 31, 2013
bcc0152
Correct metasploit_pcaplog's naming style
wchen-r7 Aug 31, 2013
ac0b14e
Add the missing CVE reference
wchen-r7 Aug 31, 2013
b8f9f1d
Land #2310, Minor Python Meterpreter Issues
Meatballs1 Sep 2, 2013
2951e8c
Land #2315, @wchen-r7's CVE coverage
Sep 3, 2013
a88c63c
Merge branch 'upstream-master'
Sep 3, 2013
ca8dacb
Minor module description updates for grammar.
Sep 3, 2013
8acabe4
Trailing whitespace fixup
Sep 3, 2013
6daa90a
Msftidy: use binary on File.open always
Sep 3, 2013
ff6ee5b
Fix require
Sep 3, 2013
7919672
Land #2322, @todb-r7's fix to make File.open msftidy compliant
Sep 3, 2013
0c1e654
Update from master
tabassassin Sep 3, 2013
4259bc6
Merge pull request #2323 from jvazquez-r7/fix_python_load
bturner-r7 Sep 3, 2013
84aaf23
Retab new material
tabassassin Sep 3, 2013
f3ab6d1
Retab should optionally keep local backups
Sep 3, 2013
264031a
Land #2324, make retab backups optional
egypt Sep 3, 2013
cbb9984
Merge branch 'master' into retab/rumpus
tabassassin Sep 3, 2013
b9ceed0
Land #2313, lockout_keylogger title correction
Sep 3, 2013
cc83840
Land #2314, metasploit_pcaplog title correction
Sep 3, 2013
999b802
Merge branch 'master' into retab/rumpus
tabassassin Sep 4, 2013
9f3a5dc
Retab new modules
tabassassin Sep 4, 2013
8566c1d
Land #2330, @todb-r7's retab rumpus war
Sep 5, 2013
b2815dc
Merge for retab
tabassassin Sep 5, 2013
4eded34
Retab changes for PR #2183
tabassassin Sep 5, 2013
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
The diff you're trying to view is too large. We only load the first 3000 changed files.
4 changes: 4 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
.bundle
# Rubymine project directory
.idea
# Sublime Text project directory (not created by ST by default)
.sublime-project
# Portable ruby version files for rvm
.ruby-gemset
.ruby-version
Expand Down Expand Up @@ -40,3 +42,5 @@ tags
*.orig
*.rej
*~
# Ignore backups of retabbed files
*.notab
2 changes: 1 addition & 1 deletion Gemfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ group :db do
# Needed for Msf::DbManager
gem 'activerecord'
# Database models shared between framework and Pro.
gem 'metasploit_data_models', '~> 0.16.1'
gem 'metasploit_data_models', '~> 0.16.6'
# Needed for module caching in Mdm::ModuleDetails
gem 'pg', '>= 0.11'
end
Expand Down
4 changes: 2 additions & 2 deletions Gemfile.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ GEM
i18n (0.6.1)
json (1.7.7)
metaclass (0.0.1)
metasploit_data_models (0.16.1)
metasploit_data_models (0.16.6)
activerecord (>= 3.2.13)
activesupport
pg
Expand Down Expand Up @@ -67,7 +67,7 @@ DEPENDENCIES
database_cleaner
factory_girl (>= 4.1.0)
json
metasploit_data_models (~> 0.16.1)
metasploit_data_models (~> 0.16.6)
msgpack
network_interface (~> 0.0.1)
nokogiri
Expand Down
Binary file added data/exploits/CVE-2013-2465/Exploit$MyColorModel.class
View file
Open in desktop
Binary file not shown.
Binary file added data/exploits/CVE-2013-2465/Exploit$MyColorSpace.class
View file
Open in desktop
Binary file not shown.
Binary file added data/exploits/CVE-2013-2465/Exploit.class
View file
Open in desktop
Binary file not shown.
Loading