From 2f6da8967487535a9146b9b7aba87b56d0b29e82 Mon Sep 17 00:00:00 2001 From: Patrick Webster Date: Thu, 9 Nov 2017 03:00:24 +1100 Subject: [PATCH] Change author name to nick. --- lib/msf/core/author.rb | 2 +- modules/auxiliary/admin/cisco/vpn_3000_ftp_bypass.rb | 2 +- modules/auxiliary/admin/http/contentkeeper_fileaccess.rb | 2 +- modules/auxiliary/admin/http/hp_web_jetadmin_exec.rb | 2 +- .../auxiliary/admin/http/iomega_storcenterpro_sessionid.rb | 2 +- modules/auxiliary/admin/http/tomcat_utf8_traversal.rb | 2 +- modules/auxiliary/admin/http/trendmicro_dlp_traversal.rb | 2 +- modules/auxiliary/admin/officescan/tmlisten_traversal.rb | 2 +- modules/auxiliary/admin/pop2/uw_fileretrieval.rb | 2 +- modules/auxiliary/admin/smb/check_dir_file.rb | 2 +- modules/auxiliary/dos/cisco/ios_http_percentpercent.rb | 2 +- modules/auxiliary/dos/http/3com_superstack_switch.rb | 4 ++-- modules/auxiliary/dos/http/dell_openmanage_post.rb | 2 +- modules/auxiliary/dos/http/sonicwall_ssl_format.rb | 2 +- modules/auxiliary/dos/pptp/ms02_063_pptp_dos.rb | 2 +- modules/auxiliary/dos/smtp/sendmail_prescan.rb | 2 +- modules/auxiliary/dos/windows/ftp/filezilla_admin_user.rb | 2 +- modules/auxiliary/dos/windows/ftp/filezilla_server_port.rb | 2 +- modules/auxiliary/gather/checkpoint_hostname.rb | 4 ++-- modules/auxiliary/gather/citrix_published_applications.rb | 2 +- modules/auxiliary/gather/citrix_published_bruteforce.rb | 2 +- modules/auxiliary/scanner/http/cisco_ios_auth_bypass.rb | 2 +- modules/auxiliary/scanner/http/dir_webdav_unicode_bypass.rb | 4 ++-- .../scanner/http/ms09_020_webdav_unicode_bypass.rb | 4 ++-- modules/auxiliary/scanner/http/soap_xml.rb | 2 +- modules/auxiliary/scanner/http/squiz_matrix_user_enum.rb | 2 +- modules/auxiliary/scanner/varnish/varnish_cli_login.rb | 2 +- .../exploits/linux/http/alcatel_omnipcx_mastercgi_exec.rb | 2 +- modules/exploits/linux/http/piranha_passwd_exec.rb | 2 +- modules/exploits/linux/imap/imap_uw_lsub.rb | 2 +- modules/exploits/linux/misc/gld_postfix.rb | 2 +- modules/exploits/multi/misc/openview_omniback_exec.rb | 4 ++-- modules/exploits/multi/misc/veritas_netbackup_cmdexec.rb | 2 +- modules/exploits/multi/ntp/ntp_overflow.rb | 2 +- modules/exploits/unix/http/contentkeeperweb_mimencode.rb | 2 +- modules/exploits/unix/misc/spamassassin_exec.rb | 2 +- modules/exploits/unix/smtp/clamav_milter_blackhole.rb | 2 +- modules/exploits/unix/webapp/awstats_migrate_exec.rb | 2 +- modules/exploits/unix/webapp/awstatstotals_multisort.rb | 2 +- modules/exploits/unix/webapp/dogfood_spell_exec.rb | 4 ++-- modules/exploits/unix/webapp/guestbook_ssi_exec.rb | 2 +- modules/exploits/unix/webapp/phpbb_highlight.rb | 2 +- modules/exploits/unix/webapp/sphpblog_file_upload.rb | 2 +- modules/exploits/unix/webapp/wp_foxypress_upload.rb | 2 +- modules/exploits/windows/brightstor/discovery_tcp.rb | 2 +- modules/exploits/windows/brightstor/discovery_udp.rb | 2 +- modules/exploits/windows/brightstor/message_engine.rb | 2 +- modules/exploits/windows/brightstor/tape_engine.rb | 2 +- modules/exploits/windows/browser/barcode_ax49.rb | 4 ++-- .../windows/browser/ebook_flipviewer_fviewerloading.rb | 2 +- .../exploits/windows/browser/juniper_sslvpn_ive_setupdll.rb | 2 +- modules/exploits/windows/browser/tumbleweed_filetransfer.rb | 2 +- modules/exploits/windows/fileformat/altap_salamander_pdb.rb | 2 +- modules/exploits/windows/fileformat/cain_abel_4918_rdp.rb | 2 +- modules/exploits/windows/fileformat/destinymediaplayer16.rb | 2 +- modules/exploits/windows/fileformat/ursoft_w32dasm.rb | 2 +- .../exploits/windows/fileformat/zinfaudioplayer221_pls.rb | 2 +- modules/exploits/windows/ftp/dreamftp_format.rb | 2 +- modules/exploits/windows/ftp/leapftp_pasv_reply.rb | 2 +- modules/exploits/windows/ftp/sami_ftpd_user.rb | 2 +- modules/exploits/windows/ftp/sasser_ftpd_port.rb | 2 +- modules/exploits/windows/games/racer_503beta5.rb | 2 +- modules/exploits/windows/http/amlibweb_webquerydll_app.rb | 4 ++-- modules/exploits/windows/http/apache_mod_rewrite_ldap.rb | 6 +++--- modules/exploits/windows/http/ca_igateway_debug.rb | 2 +- modules/exploits/windows/http/mcafee_epolicy_source.rb | 2 +- .../exploits/windows/http/mdaemon_worldclient_form2raw.rb | 4 ++-- modules/exploits/windows/http/psoproxy91_overflow.rb | 2 +- modules/exploits/windows/http/sambar6_search_results.rb | 2 +- modules/exploits/windows/http/savant_31_overflow.rb | 2 +- modules/exploits/windows/http/steamcast_useragent.rb | 2 +- modules/exploits/windows/http/webster_http.rb | 2 +- modules/exploits/windows/http/xitami_if_mod_since.rb | 2 +- modules/exploits/windows/iis/ms02_065_msadc.rb | 4 ++-- modules/exploits/windows/iis/msadc.rb | 4 ++-- modules/exploits/windows/imap/mdaemon_fetch.rb | 2 +- modules/exploits/windows/isapi/ms00_094_pbserver.rb | 2 +- modules/exploits/windows/ldap/pgp_keyserver7.rb | 2 +- modules/exploits/windows/license/calicclnt_getconfig.rb | 4 ++-- modules/exploits/windows/license/calicserv_getconfig.rb | 4 ++-- modules/exploits/windows/lotus/domino_sametime_stmux.rb | 2 +- modules/exploits/windows/misc/bigant_server_250.rb | 4 ++-- modules/exploits/windows/misc/mirc_privmsg_server.rb | 2 +- modules/exploits/windows/misc/netcat110_nt.rb | 2 +- modules/exploits/windows/misc/sap_2005_license.rb | 4 ++-- modules/exploits/windows/proxy/ccproxy_telnet_ping.rb | 2 +- modules/exploits/windows/proxy/qbik_wingate_wwwproxy.rb | 2 +- modules/exploits/windows/scada/citect_scada_odbc.rb | 2 +- modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb | 2 +- .../exploits/windows/smtp/ms03_046_exchange2000_xexch50.rb | 2 +- modules/exploits/windows/telnet/gamsoft_telsrv_username.rb | 2 +- modules/exploits/windows/tftp/attftp_long_filename.rb | 2 +- modules/exploits/windows/tftp/dlink_long_filename.rb | 2 +- modules/exploits/windows/tftp/tftpdwin_long_filename.rb | 2 +- modules/exploits/windows/vnc/winvnc_http_get.rb | 2 +- modules/payloads/singles/cmd/windows/bind_perl.rb | 2 +- modules/payloads/singles/cmd/windows/bind_perl_ipv6.rb | 2 +- modules/payloads/singles/cmd/windows/reverse_perl.rb | 2 +- 98 files changed, 115 insertions(+), 115 deletions(-) diff --git a/lib/msf/core/author.rb b/lib/msf/core/author.rb index e5ca594bdd..6dab2bee99 100644 --- a/lib/msf/core/author.rb +++ b/lib/msf/core/author.rb @@ -17,6 +17,7 @@ class Msf::Author KNOWN = { 'amaloteaux' => 'alex_maloteaux' + 0x40.chr + 'metasploit.com', 'anonymous' => 'Unknown', + 'aushack' => 'patrick' + 0x40.chr + 'osisecurity.com.au', 'bannedit' => 'bannedit' + 0x40.chr + 'metasploit.com', 'Carlos Perez' => 'carlos_perez' + 0x40.chr + 'darkoperator.com', 'cazz' => 'bmc' + 0x40.chr + 'shmoo.com', @@ -39,7 +40,6 @@ class Msf::Author 'mubix' => 'mubix' + 0x40.chr + 'hak5.org', 'natron' => 'natron' + 0x40.chr + 'metasploit.com', 'optyx' => 'optyx' + 0x40.chr + 'no$email.com', - 'patrick' => 'patrick' + 0x40.chr + 'osisecurity.com.au', 'pusscat' => 'pusscat' + 0x40.chr + 'metasploit.com', 'Ramon de C Valle' => 'rcvalle' + 0x40.chr + 'metasploit.com', 'sf' => 'stephen_fewer' + 0x40.chr + 'harmonysecurity.com', diff --git a/modules/auxiliary/admin/cisco/vpn_3000_ftp_bypass.rb b/modules/auxiliary/admin/cisco/vpn_3000_ftp_bypass.rb index 267a21fa22..d7d8a45b5d 100644 --- a/modules/auxiliary/admin/cisco/vpn_3000_ftp_bypass.rb +++ b/modules/auxiliary/admin/cisco/vpn_3000_ftp_bypass.rb @@ -17,7 +17,7 @@ class MetasploitModule < Msf::Auxiliary verifies that the directory has been created, then deletes it and verifies deletion to confirm the bug. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/auxiliary/admin/http/contentkeeper_fileaccess.rb b/modules/auxiliary/admin/http/contentkeeper_fileaccess.rb index b52505b78b..24ad229369 100644 --- a/modules/auxiliary/admin/http/contentkeeper_fileaccess.rb +++ b/modules/auxiliary/admin/http/contentkeeper_fileaccess.rb @@ -20,7 +20,7 @@ class MetasploitModule < Msf::Auxiliary [ 'OSVDB', '54551' ], [ 'URL', 'http://www.aushack.com/200904-contentkeeper.txt' ], ], - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE) register_options( diff --git a/modules/auxiliary/admin/http/hp_web_jetadmin_exec.rb b/modules/auxiliary/admin/http/hp_web_jetadmin_exec.rb index 2b4f81af1c..3c6d4bc109 100644 --- a/modules/auxiliary/admin/http/hp_web_jetadmin_exec.rb +++ b/modules/auxiliary/admin/http/hp_web_jetadmin_exec.rb @@ -17,7 +17,7 @@ class MetasploitModule < Msf::Auxiliary systems, however at this stage the module only works against Windows. This module does not apply to HP printers. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/auxiliary/admin/http/iomega_storcenterpro_sessionid.rb b/modules/auxiliary/admin/http/iomega_storcenterpro_sessionid.rb index 76f03693a3..e33e2f3163 100644 --- a/modules/auxiliary/admin/http/iomega_storcenterpro_sessionid.rb +++ b/modules/auxiliary/admin/http/iomega_storcenterpro_sessionid.rb @@ -19,7 +19,7 @@ class MetasploitModule < Msf::Auxiliary [ 'OSVDB', '55586' ], [ 'CVE', '2009-2367' ], ], - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE ) diff --git a/modules/auxiliary/admin/http/tomcat_utf8_traversal.rb b/modules/auxiliary/admin/http/tomcat_utf8_traversal.rb index 98f66d9436..2680d65785 100644 --- a/modules/auxiliary/admin/http/tomcat_utf8_traversal.rb +++ b/modules/auxiliary/admin/http/tomcat_utf8_traversal.rb @@ -29,7 +29,7 @@ class MetasploitModule < Msf::Auxiliary [ 'CVE', '2008-2938' ], [ 'URL', 'http://www.securityfocus.com/archive/1/499926' ], ], - 'Author' => [ 'patrick','guerrino di massa' ], + 'Author' => [ 'aushack','guerrino di massa' ], 'License' => MSF_LICENSE, 'DisclosureDate' => 'Jan 9 2009' ) diff --git a/modules/auxiliary/admin/http/trendmicro_dlp_traversal.rb b/modules/auxiliary/admin/http/trendmicro_dlp_traversal.rb index 3fc6403248..0e5679db0c 100644 --- a/modules/auxiliary/admin/http/trendmicro_dlp_traversal.rb +++ b/modules/auxiliary/admin/http/trendmicro_dlp_traversal.rb @@ -29,7 +29,7 @@ class MetasploitModule < Msf::Auxiliary [ 'EDB', '17388' ], [ 'BID', '48225' ], ], - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'DisclosureDate' => 'Jan 9 2009' ) diff --git a/modules/auxiliary/admin/officescan/tmlisten_traversal.rb b/modules/auxiliary/admin/officescan/tmlisten_traversal.rb index 4675bb60b2..ca7b23d680 100644 --- a/modules/auxiliary/admin/officescan/tmlisten_traversal.rb +++ b/modules/auxiliary/admin/officescan/tmlisten_traversal.rb @@ -23,7 +23,7 @@ class MetasploitModule < Msf::Auxiliary [ 'BID', '31531' ], [ 'URL', 'http://www.trendmicro.com/ftp/documentation/readme/OSCE_7.3_Win_EN_CriticalPatch_B1372_Readme.txt' ], ], - 'Author' => [ 'Anshul Pandey ', 'patrick' ], + 'Author' => [ 'Anshul Pandey ', 'aushack' ], 'License' => MSF_LICENSE ) diff --git a/modules/auxiliary/admin/pop2/uw_fileretrieval.rb b/modules/auxiliary/admin/pop2/uw_fileretrieval.rb index a4ed39faa3..114408d08c 100644 --- a/modules/auxiliary/admin/pop2/uw_fileretrieval.rb +++ b/modules/auxiliary/admin/pop2/uw_fileretrieval.rb @@ -17,7 +17,7 @@ class MetasploitModule < Msf::Auxiliary be exploited with a valid username and password. The From address is the file owner. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/auxiliary/admin/smb/check_dir_file.rb b/modules/auxiliary/admin/smb/check_dir_file.rb index 59c0c1705c..dc166d67d0 100644 --- a/modules/auxiliary/admin/smb/check_dir_file.rb +++ b/modules/auxiliary/admin/smb/check_dir_file.rb @@ -29,7 +29,7 @@ class MetasploitModule < Msf::Auxiliary }, 'Author' => [ - 'patrick', + 'aushack', 'j0hn__f' ], 'References' => diff --git a/modules/auxiliary/dos/cisco/ios_http_percentpercent.rb b/modules/auxiliary/dos/cisco/ios_http_percentpercent.rb index b6464a6afe..e9fd575d6c 100644 --- a/modules/auxiliary/dos/cisco/ios_http_percentpercent.rb +++ b/modules/auxiliary/dos/cisco/ios_http_percentpercent.rb @@ -16,7 +16,7 @@ class MetasploitModule < Msf::Auxiliary unresponsive. IOS 11.1 -> 12.1 are reportedly vulnerable. This module tested successfully against a Cisco 1600 Router IOS v11.2(18)P. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/auxiliary/dos/http/3com_superstack_switch.rb b/modules/auxiliary/dos/http/3com_superstack_switch.rb index c40f133e30..d67c7aba1d 100644 --- a/modules/auxiliary/dos/http/3com_superstack_switch.rb +++ b/modules/auxiliary/dos/http/3com_superstack_switch.rb @@ -18,11 +18,11 @@ class MetasploitModule < Msf::Auxiliary against a 3300SM firmware v2.66. Reported to affect versions prior to v2.72. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ - # patrickw - I am not sure if these are correct, but the closest match! + # aushack - I am not sure if these are correct, but the closest match! [ 'OSVDB', '7246' ], [ 'CVE', '2004-2691' ], [ 'URL', 'http://support.3com.com/infodeli/tools/switches/dna1695-0aaa17.pdf' ], diff --git a/modules/auxiliary/dos/http/dell_openmanage_post.rb b/modules/auxiliary/dos/http/dell_openmanage_post.rb index 70b6bea12d..967ad612d6 100644 --- a/modules/auxiliary/dos/http/dell_openmanage_post.rb +++ b/modules/auxiliary/dos/http/dell_openmanage_post.rb @@ -18,7 +18,7 @@ class MetasploitModule < Msf::Auxiliary This module will crash the web server, however it is likely exploitable under certain conditions. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/auxiliary/dos/http/sonicwall_ssl_format.rb b/modules/auxiliary/dos/http/sonicwall_ssl_format.rb index 2e244dd9c5..8fc13a0c06 100644 --- a/modules/auxiliary/dos/http/sonicwall_ssl_format.rb +++ b/modules/auxiliary/dos/http/sonicwall_ssl_format.rb @@ -18,7 +18,7 @@ class MetasploitModule < Msf::Auxiliary string data. With physical access to the device and debugging, this module may be able to be used to execute arbitrary code remotely. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ [ 'BID', '35145' ], diff --git a/modules/auxiliary/dos/pptp/ms02_063_pptp_dos.rb b/modules/auxiliary/dos/pptp/ms02_063_pptp_dos.rb index 6aad396325..d9d68bcb0e 100644 --- a/modules/auxiliary/dos/pptp/ms02_063_pptp_dos.rb +++ b/modules/auxiliary/dos/pptp/ms02_063_pptp_dos.rb @@ -16,7 +16,7 @@ class MetasploitModule < Msf::Auxiliary (Remote Access Services). Kernel memory is overwritten resulting in a BSOD. Code execution may be possible however this module is only a DoS. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/auxiliary/dos/smtp/sendmail_prescan.rb b/modules/auxiliary/dos/smtp/sendmail_prescan.rb index cc1583c8d3..7fc5008765 100644 --- a/modules/auxiliary/dos/smtp/sendmail_prescan.rb +++ b/modules/auxiliary/dos/smtp/sendmail_prescan.rb @@ -16,7 +16,7 @@ class MetasploitModule < Msf::Auxiliary parsing SMTP headers. Due to the prescan function, only 0x5c and 0x00 bytes can be used, limiting the likelihood for arbitrary code execution. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'References' => [ [ 'OSVDB', '2577' ], diff --git a/modules/auxiliary/dos/windows/ftp/filezilla_admin_user.rb b/modules/auxiliary/dos/windows/ftp/filezilla_admin_user.rb index 4c258ee293..85d5dc9e55 100644 --- a/modules/auxiliary/dos/windows/ftp/filezilla_admin_user.rb +++ b/modules/auxiliary/dos/windows/ftp/filezilla_admin_user.rb @@ -18,7 +18,7 @@ class MetasploitModule < Msf::Auxiliary when running, will overwrite the stack with our string and generate an exception. The FileZilla FTP Server itself will continue functioning. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/auxiliary/dos/windows/ftp/filezilla_server_port.rb b/modules/auxiliary/dos/windows/ftp/filezilla_server_port.rb index 663fec8cbf..f39899757f 100644 --- a/modules/auxiliary/dos/windows/ftp/filezilla_server_port.rb +++ b/modules/auxiliary/dos/windows/ftp/filezilla_server_port.rb @@ -15,7 +15,7 @@ class MetasploitModule < Msf::Auxiliary Server versions 0.9.21 and earlier. By sending a malformed PORT command then LIST command, the server attempts to write to a NULL pointer. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/auxiliary/gather/checkpoint_hostname.rb b/modules/auxiliary/gather/checkpoint_hostname.rb index 8b8fe85c16..0cf696d5e2 100644 --- a/modules/auxiliary/gather/checkpoint_hostname.rb +++ b/modules/auxiliary/gather/checkpoint_hostname.rb @@ -21,11 +21,11 @@ class MetasploitModule < Msf::Auxiliary networks where the hostname reveals the physical location and rack number of the device, which may be unintentionally published to the world. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'DisclosureDate' => 'Dec 14 2011', # Looks like this module is first real reference 'References' => [ - # patrickw - None? Stumbled across, probably an old bug/feature but unsure. + # aushack - None? Stumbled across, probably an old bug/feature but unsure. [ 'URL', 'http://www.osisecurity.com.au/advisories/checkpoint-firewall-securemote-hostname-information-disclosure' ], [ 'URL', 'https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk69360' ] ] diff --git a/modules/auxiliary/gather/citrix_published_applications.rb b/modules/auxiliary/gather/citrix_published_applications.rb index cce142b7bb..6146c7eb4a 100644 --- a/modules/auxiliary/gather/citrix_published_applications.rb +++ b/modules/auxiliary/gather/citrix_published_applications.rb @@ -13,7 +13,7 @@ class MetasploitModule < Msf::Auxiliary This module attempts to query Citrix Metaframe ICA server to obtain a published list of applications. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'References' => [ [ 'URL', 'http://www.securiteam.com/exploits/5CP0B1F80S.html' ], diff --git a/modules/auxiliary/gather/citrix_published_bruteforce.rb b/modules/auxiliary/gather/citrix_published_bruteforce.rb index c2afcd4012..d40f550b22 100644 --- a/modules/auxiliary/gather/citrix_published_bruteforce.rb +++ b/modules/auxiliary/gather/citrix_published_bruteforce.rb @@ -13,7 +13,7 @@ class MetasploitModule < Msf::Auxiliary This module attempts to brute force program names within the Citrix Metaframe ICA server. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'References' => [ [ 'OSVDB', '50617' ], diff --git a/modules/auxiliary/scanner/http/cisco_ios_auth_bypass.rb b/modules/auxiliary/scanner/http/cisco_ios_auth_bypass.rb index 59e07b41b2..14437759c5 100644 --- a/modules/auxiliary/scanner/http/cisco_ios_auth_bypass.rb +++ b/modules/auxiliary/scanner/http/cisco_ios_auth_bypass.rb @@ -26,7 +26,7 @@ class MetasploitModule < Msf::Auxiliary control. IOS 11.3 -> 12.2 are reportedly vulnerable. This module tested successfully against a Cisco 1600 Router IOS v11.3(11d). }, - 'Author' => [ 'patrick', 'hdm' ], + 'Author' => [ 'aushack', 'hdm' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/auxiliary/scanner/http/dir_webdav_unicode_bypass.rb b/modules/auxiliary/scanner/http/dir_webdav_unicode_bypass.rb index d84ea5fbd7..ca445829d1 100644 --- a/modules/auxiliary/scanner/http/dir_webdav_unicode_bypass.rb +++ b/modules/auxiliary/scanner/http/dir_webdav_unicode_bypass.rb @@ -22,7 +22,7 @@ class MetasploitModule < Msf::Auxiliary where WebDAV is enabled on the IIS6 server, and any protected folder requires either Basic, Digest or NTLM authentication. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ @@ -154,7 +154,7 @@ class MetasploitModule < Msf::Auxiliary 'ctype' => 'application/xml', 'headers' => { - #'Translate' => 'f', # Not required in PROPFIND, only GET - patrickw 20091518 + #'Translate' => 'f', # Not required in PROPFIND, only GET - aushack 20091518 }, 'data' => webdav_req + "\r\n\r\n", }, 20) diff --git a/modules/auxiliary/scanner/http/ms09_020_webdav_unicode_bypass.rb b/modules/auxiliary/scanner/http/ms09_020_webdav_unicode_bypass.rb index 8aaad8f9ef..41b7e500ee 100644 --- a/modules/auxiliary/scanner/http/ms09_020_webdav_unicode_bypass.rb +++ b/modules/auxiliary/scanner/http/ms09_020_webdav_unicode_bypass.rb @@ -20,7 +20,7 @@ class MetasploitModule < Msf::Auxiliary to be exploitable where WebDAV is enabled on the IIS6 server, and any protected folder requires either Basic, Digest or NTLM authentication. }, - 'Author' => [ 'et', 'patrick' ], + 'Author' => [ 'et', 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ @@ -83,7 +83,7 @@ class MetasploitModule < Msf::Auxiliary 'ctype' => 'application/xml', 'headers' => { - #'Translate' => 'f', # Not required in PROPFIND, only GET - patrickw 20091518 + #'Translate' => 'f', # Not required in PROPFIND, only GET - aushack 20091518 }, 'data' => webdav_req + "\r\n\r\n", }, 20) diff --git a/modules/auxiliary/scanner/http/soap_xml.rb b/modules/auxiliary/scanner/http/soap_xml.rb index 5e220ccb69..5d6f78714c 100644 --- a/modules/auxiliary/scanner/http/soap_xml.rb +++ b/modules/auxiliary/scanner/http/soap_xml.rb @@ -19,7 +19,7 @@ class MetasploitModule < Msf::Auxiliary This module attempts to brute force SOAP/XML requests to uncover hidden methods. ), - 'Author' => ['patrick'], + 'Author' => ['aushack'], 'License' => MSF_LICENSE)) register_options( diff --git a/modules/auxiliary/scanner/http/squiz_matrix_user_enum.rb b/modules/auxiliary/scanner/http/squiz_matrix_user_enum.rb index 67950be71b..806752145c 100644 --- a/modules/auxiliary/scanner/http/squiz_matrix_user_enum.rb +++ b/modules/auxiliary/scanner/http/squiz_matrix_user_enum.rb @@ -28,7 +28,7 @@ class MetasploitModule < Msf::Auxiliary ASSETBEGIN and ASSETEND values for greater results, or set VERBOSE. Information gathered may be used for later bruteforce attacks. }, - 'Author' => [ 'Troy Rose ', 'patrick' ], + 'Author' => [ 'Troy Rose ', 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/auxiliary/scanner/varnish/varnish_cli_login.rb b/modules/auxiliary/scanner/varnish/varnish_cli_login.rb index c5cf4dba78..c5c16614b7 100644 --- a/modules/auxiliary/scanner/varnish/varnish_cli_login.rb +++ b/modules/auxiliary/scanner/varnish/varnish_cli_login.rb @@ -27,7 +27,7 @@ class MetasploitModule < Msf::Auxiliary ], 'Author' => [ - 'patrick', #original module + 'aushack', #original module 'h00die ' #updates and standardizations ], 'License' => MSF_LICENSE diff --git a/modules/exploits/linux/http/alcatel_omnipcx_mastercgi_exec.rb b/modules/exploits/linux/http/alcatel_omnipcx_mastercgi_exec.rb index fbd10a7dbe..5cdcc5284a 100644 --- a/modules/exploits/linux/http/alcatel_omnipcx_mastercgi_exec.rb +++ b/modules/exploits/linux/http/alcatel_omnipcx_mastercgi_exec.rb @@ -21,7 +21,7 @@ class MetasploitModule < Msf::Exploit::Remote module only supports command line payloads, as the httpd process kills the reverse/bind shell spawn after the HTTP 200 OK response. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/linux/http/piranha_passwd_exec.rb b/modules/exploits/linux/http/piranha_passwd_exec.rb index ba80ef54c8..928e5e0576 100644 --- a/modules/exploits/linux/http/piranha_passwd_exec.rb +++ b/modules/exploits/linux/http/piranha_passwd_exec.rb @@ -22,7 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote /piranha/secure/passwd.php3 script. The package installs with a default user and password of piranha:q which was exploited in the wild. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/linux/imap/imap_uw_lsub.rb b/modules/exploits/linux/imap/imap_uw_lsub.rb index 9a889be080..2a87b8a174 100644 --- a/modules/exploits/linux/imap/imap_uw_lsub.rb +++ b/modules/exploits/linux/imap/imap_uw_lsub.rb @@ -18,7 +18,7 @@ class MetasploitModule < Msf::Exploit::Remote This vulnerability can only be exploited with a valid username and password. }, - 'Author' => [ 'patrick', 'jduck' ], + 'Author' => [ 'aushack', 'jduck' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/linux/misc/gld_postfix.rb b/modules/exploits/linux/misc/gld_postfix.rb index 32938f148d..39f9808be1 100644 --- a/modules/exploits/linux/misc/gld_postfix.rb +++ b/modules/exploits/linux/misc/gld_postfix.rb @@ -16,7 +16,7 @@ class MetasploitModule < Msf::Exploit::Remote GLD <= 1.4 greylisting daemon for Postfix. By sending an overly long string the stack can be overwritten. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'Arch' => ARCH_X86, 'Platform' => 'linux', 'References' => diff --git a/modules/exploits/multi/misc/openview_omniback_exec.rb b/modules/exploits/multi/misc/openview_omniback_exec.rb index ae77b0dae1..4d291640ff 100644 --- a/modules/exploits/multi/misc/openview_omniback_exec.rb +++ b/modules/exploits/multi/misc/openview_omniback_exec.rb @@ -21,7 +21,7 @@ class MetasploitModule < Msf::Exploit::Remote "unix/cmd/generic" payload and set CMD to your command. You can only pass a small amount of characters (4) to the command line on Windows. }, - 'Author' => [ 'hdm', 'patrick' ], + 'Author' => [ 'hdm', 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ @@ -164,7 +164,7 @@ class MetasploitModule < Msf::Exploit::Remote if (target.name =~ /Windows/) - # patrickw + # aushack # # Tested during pen test against Windows 2003 server. # Windows Service details: diff --git a/modules/exploits/multi/misc/veritas_netbackup_cmdexec.rb b/modules/exploits/multi/misc/veritas_netbackup_cmdexec.rb index b742744d91..89b2625eac 100644 --- a/modules/exploits/multi/misc/veritas_netbackup_cmdexec.rb +++ b/modules/exploits/multi/misc/veritas_netbackup_cmdexec.rb @@ -18,7 +18,7 @@ class MetasploitModule < Msf::Exploit::Remote allows direct console access as root or SYSTEM from any source address. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/multi/ntp/ntp_overflow.rb b/modules/exploits/multi/ntp/ntp_overflow.rb index 71b32d439e..be0cd9c9a7 100644 --- a/modules/exploits/multi/ntp/ntp_overflow.rb +++ b/modules/exploits/multi/ntp/ntp_overflow.rb @@ -18,7 +18,7 @@ class MetasploitModule < Msf::Exploit::Remote request it is possible to execute code remotely. As the stack is corrupted, this module uses the Egghunter technique. }, - 'Author' => 'patrick', + 'Author' => 'aushack', 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/unix/http/contentkeeperweb_mimencode.rb b/modules/exploits/unix/http/contentkeeperweb_mimencode.rb index 983320b10b..1714f4286b 100644 --- a/modules/exploits/unix/http/contentkeeperweb_mimencode.rb +++ b/modules/exploits/unix/http/contentkeeperweb_mimencode.rb @@ -17,7 +17,7 @@ class MetasploitModule < Msf::Exploit::Remote to enable remote command execution as the Apache user. By setting SkipEscalation to false, this module will attempt to setuid the bash shell. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'Arch' => [ ARCH_CMD ], 'License' => MSF_LICENSE, 'References' => diff --git a/modules/exploits/unix/misc/spamassassin_exec.rb b/modules/exploits/unix/misc/spamassassin_exec.rb index 607df7bbd9..0d661dd5cf 100644 --- a/modules/exploits/unix/misc/spamassassin_exec.rb +++ b/modules/exploits/unix/misc/spamassassin_exec.rb @@ -16,7 +16,7 @@ class MetasploitModule < Msf::Exploit::Remote a malicious vpopmail User header, when running with vpopmail and paranoid modes enabled (non-default). Versions prior to v3.1.3 are vulnerable }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/unix/smtp/clamav_milter_blackhole.rb b/modules/exploits/unix/smtp/clamav_milter_blackhole.rb index 37d60feb93..fd6bc72760 100644 --- a/modules/exploits/unix/smtp/clamav_milter_blackhole.rb +++ b/modules/exploits/unix/smtp/clamav_milter_blackhole.rb @@ -17,7 +17,7 @@ class MetasploitModule < Msf::Exploit::Remote When implemented with black hole mode enabled, it is possible to execute commands remotely due to an insecure popen call. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/unix/webapp/awstats_migrate_exec.rb b/modules/exploits/unix/webapp/awstats_migrate_exec.rb index 8d63607452..9a4342c20f 100644 --- a/modules/exploits/unix/webapp/awstats_migrate_exec.rb +++ b/modules/exploits/unix/webapp/awstats_migrate_exec.rb @@ -18,7 +18,7 @@ class MetasploitModule < Msf::Exploit::Remote present when AllowToUpdateStatsFromBrowser is enabled in the AWStats configuration file (non-default). }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/unix/webapp/awstatstotals_multisort.rb b/modules/exploits/unix/webapp/awstatstotals_multisort.rb index c338aa0e9f..c60655c7c4 100644 --- a/modules/exploits/unix/webapp/awstatstotals_multisort.rb +++ b/modules/exploits/unix/webapp/awstatstotals_multisort.rb @@ -15,7 +15,7 @@ class MetasploitModule < Msf::Exploit::Remote This module exploits an arbitrary command execution vulnerability in the AWStats Totals PHP script. AWStats Totals version v1.0 - v1.14 are vulnerable. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/unix/webapp/dogfood_spell_exec.rb b/modules/exploits/unix/webapp/dogfood_spell_exec.rb index 351606a391..4c9a2a2821 100644 --- a/modules/exploits/unix/webapp/dogfood_spell_exec.rb +++ b/modules/exploits/unix/webapp/dogfood_spell_exec.rb @@ -21,7 +21,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => [ 'LSO ', # Exploit module - 'patrick', # Added check code, QA tested ok 20090303, there are no references (yet). + 'aushack', # Added check code, QA tested ok 20090303, there are no references (yet). ], 'License' => BSD_LICENSE, 'References' => @@ -30,7 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote [ 'URL', 'http://downloads.sourceforge.net/dogfood/' ], ], 'Privileged' => false, - 'Platform' => ['unix'], # patrickw - removed win, linux -> untested + 'Platform' => ['unix'], # aushack - removed win, linux -> untested 'Arch' => ARCH_CMD, 'Payload' => { diff --git a/modules/exploits/unix/webapp/guestbook_ssi_exec.rb b/modules/exploits/unix/webapp/guestbook_ssi_exec.rb index 8badd69c4e..6133669486 100644 --- a/modules/exploits/unix/webapp/guestbook_ssi_exec.rb +++ b/modules/exploits/unix/webapp/guestbook_ssi_exec.rb @@ -20,7 +20,7 @@ class MetasploitModule < Msf::Exploit::Remote weakness with non-default server configuration, it is possible to exploit this vulnerability successfully. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/unix/webapp/phpbb_highlight.rb b/modules/exploits/unix/webapp/phpbb_highlight.rb index 9b2b446dfa..a52dafb445 100644 --- a/modules/exploits/unix/webapp/phpbb_highlight.rb +++ b/modules/exploits/unix/webapp/phpbb_highlight.rb @@ -21,7 +21,7 @@ class MetasploitModule < Msf::Exploit::Remote fixed in revision 5166. According to the "tags" within their tree, this corresponds to versions 2.0.4 through 2.0.15 (inclusive). }, - 'Author' => [ 'valsmith[at]metasploit.com', 'hdm', 'patrick' ], + 'Author' => [ 'valsmith[at]metasploit.com', 'hdm', 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/unix/webapp/sphpblog_file_upload.rb b/modules/exploits/unix/webapp/sphpblog_file_upload.rb index abd6877ae3..46d974a838 100644 --- a/modules/exploits/unix/webapp/sphpblog_file_upload.rb +++ b/modules/exploits/unix/webapp/sphpblog_file_upload.rb @@ -21,7 +21,7 @@ class MetasploitModule < Msf::Exploit::Remote vulnerability occurs within the blog comment functionality, allowing arbitrary files to be deleted. }, - 'Author' => [ 'Matteo Cantoni ', 'patrick' ], + 'Author' => [ 'Matteo Cantoni ', 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/unix/webapp/wp_foxypress_upload.rb b/modules/exploits/unix/webapp/wp_foxypress_upload.rb index a1c4e6bed5..4cd4937c6e 100644 --- a/modules/exploits/unix/webapp/wp_foxypress_upload.rb +++ b/modules/exploits/unix/webapp/wp_foxypress_upload.rb @@ -22,7 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => [ 'Sammy FORGIT', # Vulnerability Discovery, PoC - 'patrick' # Metasploit module + 'aushack' # Metasploit module ], 'License' => MSF_LICENSE, 'References' => diff --git a/modules/exploits/windows/brightstor/discovery_tcp.rb b/modules/exploits/windows/brightstor/discovery_tcp.rb index 925be50971..576c41d779 100644 --- a/modules/exploits/windows/brightstor/discovery_tcp.rb +++ b/modules/exploits/windows/brightstor/discovery_tcp.rb @@ -21,7 +21,7 @@ class MetasploitModule < Msf::Exploit::Remote This module is based on the 'cabrightstor_disco' exploit by HD Moore. }, - 'Author' => [ 'hdm', 'patrick' ], + 'Author' => [ 'hdm', 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/windows/brightstor/discovery_udp.rb b/modules/exploits/windows/brightstor/discovery_udp.rb index 924c992925..d376aca463 100644 --- a/modules/exploits/windows/brightstor/discovery_udp.rb +++ b/modules/exploits/windows/brightstor/discovery_udp.rb @@ -18,7 +18,7 @@ class MetasploitModule < Msf::Exploit::Remote request is sent to UDP port 41524, triggering a stack buffer overflow. }, - 'Author' => [ 'hdm', 'patrick' ], + 'Author' => [ 'hdm', 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/windows/brightstor/message_engine.rb b/modules/exploits/windows/brightstor/message_engine.rb index 52190c0ef7..276210b36c 100644 --- a/modules/exploits/windows/brightstor/message_engine.rb +++ b/modules/exploits/windows/brightstor/message_engine.rb @@ -16,7 +16,7 @@ class MetasploitModule < Msf::Exploit::Remote 11.1 - 11.5 SP2. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code. }, - 'Author' => [ 'MC', 'patrick' ], + 'Author' => [ 'MC', 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/windows/brightstor/tape_engine.rb b/modules/exploits/windows/brightstor/tape_engine.rb index 76ec8f5bf6..257710adf6 100644 --- a/modules/exploits/windows/brightstor/tape_engine.rb +++ b/modules/exploits/windows/brightstor/tape_engine.rb @@ -17,7 +17,7 @@ class MetasploitModule < Msf::Exploit::Remote r11.1 - r11.5. By sending a specially crafted DCERPC request, an attacker could overflow the buffer and execute arbitrary code. }, - 'Author' => [ 'MC', 'patrick' ], + 'Author' => [ 'MC', 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/windows/browser/barcode_ax49.rb b/modules/exploits/windows/browser/barcode_ax49.rb index 723d824519..40760859a6 100644 --- a/modules/exploits/windows/browser/barcode_ax49.rb +++ b/modules/exploits/windows/browser/barcode_ax49.rb @@ -17,7 +17,7 @@ class MetasploitModule < Msf::Exploit::Remote method of BarCodeAx.dll v4.9, an attacker may be able to execute arbitrary code. }, 'License' => MSF_LICENSE, - 'Author' => [ 'Trancek ', 'patrick' ], + 'Author' => [ 'Trancek ', 'aushack' ], 'References' => [ [ 'EDB', '4094' ], @@ -38,7 +38,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Platform' => 'win', 'Targets' => [ - [ 'Windows XP SP0 English', { 'Ret' => 0x71ab7bfb } ] # jmp esp ws2_32.dll patrickw xpsp0 + [ 'Windows XP SP0 English', { 'Ret' => 0x71ab7bfb } ] # jmp esp ws2_32.dll aushack xpsp0 ], 'DisclosureDate' => 'Jun 22 2007', 'DefaultTarget' => 0)) diff --git a/modules/exploits/windows/browser/ebook_flipviewer_fviewerloading.rb b/modules/exploits/windows/browser/ebook_flipviewer_fviewerloading.rb index 44bfe234e5..d991c1f2fb 100644 --- a/modules/exploits/windows/browser/ebook_flipviewer_fviewerloading.rb +++ b/modules/exploits/windows/browser/ebook_flipviewer_fviewerloading.rb @@ -37,7 +37,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Platform' => 'win', 'Targets' => [ - # Tested ok patrickw 20090303 + # Tested ok aushack 20090303 [ 'Windows XP SP0-SP3 / Windows Vista / IE 6.0 SP0-SP2 / IE 7', { 'Ret' => 0x0A0A0A0A } ], ], 'DisclosureDate' => 'Jun 6 2007', diff --git a/modules/exploits/windows/browser/juniper_sslvpn_ive_setupdll.rb b/modules/exploits/windows/browser/juniper_sslvpn_ive_setupdll.rb index 9792488ea9..8dad48f088 100644 --- a/modules/exploits/windows/browser/juniper_sslvpn_ive_setupdll.rb +++ b/modules/exploits/windows/browser/juniper_sslvpn_ive_setupdll.rb @@ -19,7 +19,7 @@ class MetasploitModule < Msf::Exploit::Remote is overwritten. }, 'License' => MSF_LICENSE, - 'Author' => 'patrick', + 'Author' => 'aushack', 'References' => [ [ 'CVE', '2006-2086' ], diff --git a/modules/exploits/windows/browser/tumbleweed_filetransfer.rb b/modules/exploits/windows/browser/tumbleweed_filetransfer.rb index 96b65bd1db..aa87e926cc 100644 --- a/modules/exploits/windows/browser/tumbleweed_filetransfer.rb +++ b/modules/exploits/windows/browser/tumbleweed_filetransfer.rb @@ -20,7 +20,7 @@ class MetasploitModule < Msf::Exploit::Remote to execute arbitrary code. }, 'License' => MSF_LICENSE, - 'Author' => 'patrick', + 'Author' => 'aushack', 'References' => [ [ 'CVE', '2008-1724' ], diff --git a/modules/exploits/windows/fileformat/altap_salamander_pdb.rb b/modules/exploits/windows/fileformat/altap_salamander_pdb.rb index c3ff5b9188..76ccd754cc 100644 --- a/modules/exploits/windows/fileformat/altap_salamander_pdb.rb +++ b/modules/exploits/windows/fileformat/altap_salamander_pdb.rb @@ -20,7 +20,7 @@ class MetasploitModule < Msf::Exploit::Remote SEH can be overwritten. }, 'License' => MSF_LICENSE, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'References' => [ [ 'CVE', '2007-3314' ], diff --git a/modules/exploits/windows/fileformat/cain_abel_4918_rdp.rb b/modules/exploits/windows/fileformat/cain_abel_4918_rdp.rb index 7d9eca857b..ca7da918ed 100644 --- a/modules/exploits/windows/fileformat/cain_abel_4918_rdp.rb +++ b/modules/exploits/windows/fileformat/cain_abel_4918_rdp.rb @@ -39,7 +39,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Platform' => 'win', 'Targets' => [ - # Tested ok patrickw 20090503 + # Tested ok aushack 20090503 [ 'Windows XP SP2 English', { 'Ret' => 0x7c82385d } ], #call esp [ 'Windows XP SP0/1 English', { 'Ret' => 0x71ab7bfb } ], #jmp esp [ 'Windows XP SP2 Spanish', { 'Ret' => 0x7c951eed } ], #jmp esp diff --git a/modules/exploits/windows/fileformat/destinymediaplayer16.rb b/modules/exploits/windows/fileformat/destinymediaplayer16.rb index aa3f6a2b21..5a9eccf641 100644 --- a/modules/exploits/windows/fileformat/destinymediaplayer16.rb +++ b/modules/exploits/windows/fileformat/destinymediaplayer16.rb @@ -38,7 +38,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Platform' => 'win', 'Targets' => [ - # Tested ok patrickw 20090503 + # Tested ok aushack 20090503 [ 'Destiny Universal', { 'Ret' => 0x00bf9d4d } ], #jmp esp Destiny.exe [ 'Windows XP SP2 Spanish', { 'Ret' => 0x7c951eed } ], #jmp esp ], diff --git a/modules/exploits/windows/fileformat/ursoft_w32dasm.rb b/modules/exploits/windows/fileformat/ursoft_w32dasm.rb index 6fc3454f39..defdb3b3c4 100644 --- a/modules/exploits/windows/fileformat/ursoft_w32dasm.rb +++ b/modules/exploits/windows/fileformat/ursoft_w32dasm.rb @@ -19,7 +19,7 @@ class MetasploitModule < Msf::Exploit::Remote locally as the user. }, 'License' => MSF_LICENSE, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'References' => [ [ 'CVE', '2005-0308' ], diff --git a/modules/exploits/windows/fileformat/zinfaudioplayer221_pls.rb b/modules/exploits/windows/fileformat/zinfaudioplayer221_pls.rb index 39b8b166cf..a145c7c5d9 100644 --- a/modules/exploits/windows/fileformat/zinfaudioplayer221_pls.rb +++ b/modules/exploits/windows/fileformat/zinfaudioplayer221_pls.rb @@ -20,7 +20,7 @@ class MetasploitModule < Msf::Exploit::Remote This functionality has not been tested in this module. }, 'License' => MSF_LICENSE, - 'Author' => [ 'Trancek ', 'patrick' ], + 'Author' => [ 'Trancek ', 'aushack' ], 'References' => [ [ 'CVE', '2004-0964' ], diff --git a/modules/exploits/windows/ftp/dreamftp_format.rb b/modules/exploits/windows/ftp/dreamftp_format.rb index e959770970..9b17090505 100644 --- a/modules/exploits/windows/ftp/dreamftp_format.rb +++ b/modules/exploits/windows/ftp/dreamftp_format.rb @@ -15,7 +15,7 @@ class MetasploitModule < Msf::Exploit::Remote This module exploits a format string overflow in the BolinTech Dream FTP Server version 1.02. Based on the exploit by SkyLined. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'Arch' => [ ARCH_X86 ], 'License' => MSF_LICENSE, 'References' => diff --git a/modules/exploits/windows/ftp/leapftp_pasv_reply.rb b/modules/exploits/windows/ftp/leapftp_pasv_reply.rb index f277033c1b..d0ddeeafdc 100644 --- a/modules/exploits/windows/ftp/leapftp_pasv_reply.rb +++ b/modules/exploits/windows/ftp/leapftp_pasv_reply.rb @@ -17,7 +17,7 @@ class MetasploitModule < Msf::Exploit::Remote client that is triggered through an excessively long PASV reply command. This module was ported from the original exploit by drG4njubas with minor improvements. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/windows/ftp/sami_ftpd_user.rb b/modules/exploits/windows/ftp/sami_ftpd_user.rb index 4204a62eb2..8b37f12ff1 100644 --- a/modules/exploits/windows/ftp/sami_ftpd_user.rb +++ b/modules/exploits/windows/ftp/sami_ftpd_user.rb @@ -20,7 +20,7 @@ class MetasploitModule < Msf::Exploit::Remote payloads. When the server is restarted, it will re-execute the exploit until the logfile is manually deleted via the file system. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'Arch' => [ ARCH_X86 ], 'License' => MSF_LICENSE, 'Stance' => Msf::Exploit::Stance::Passive, diff --git a/modules/exploits/windows/ftp/sasser_ftpd_port.rb b/modules/exploits/windows/ftp/sasser_ftpd_port.rb index ab320aef43..84fe672be6 100644 --- a/modules/exploits/windows/ftp/sasser_ftpd_port.rb +++ b/modules/exploits/windows/ftp/sasser_ftpd_port.rb @@ -15,7 +15,7 @@ class MetasploitModule < Msf::Exploit::Remote This module exploits the FTP server component of the Sasser worm. By sending an overly long PORT command the stack can be overwritten. }, - 'Author' => [ '', '', 'patrick' ], + 'Author' => [ '', '', 'aushack' ], 'Arch' => [ ARCH_X86 ], 'License' => MSF_LICENSE, 'References' => diff --git a/modules/exploits/windows/games/racer_503beta5.rb b/modules/exploits/windows/games/racer_503beta5.rb index ff545f49f5..f2834618a5 100644 --- a/modules/exploits/windows/games/racer_503beta5.rb +++ b/modules/exploits/windows/games/racer_503beta5.rb @@ -39,7 +39,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Platform' => 'win', 'Targets' => [ - # Tested ok patrickw 20090503 + # Tested ok aushack 20090503 [ 'Fmodex.dll - Universal', { 'Ret' => 0x10073FB7 } ], # jmp esp [ 'Win XP SP2 English', { 'Ret' => 0x77d8af0a } ], [ 'Win XP SP2 Spanish', { 'Ret' => 0x7c951eed } ], diff --git a/modules/exploits/windows/http/amlibweb_webquerydll_app.rb b/modules/exploits/windows/http/amlibweb_webquerydll_app.rb index cd2e6f4fc4..f0624a4f82 100644 --- a/modules/exploits/windows/http/amlibweb_webquerydll_app.rb +++ b/modules/exploits/windows/http/amlibweb_webquerydll_app.rb @@ -21,7 +21,7 @@ class MetasploitModule < Msf::Exploit::Remote In addition, it is possible to overwrite EIP by specifying an arbitrary parameter name with an '=' terminator. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'Arch' => [ ARCH_X86 ], 'License' => MSF_LICENSE, 'References' => @@ -47,7 +47,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Platform' => ['win'], 'Targets' => [ - # patrickw - Tested OK 20100803 w2k IIS5 + # aushack - Tested OK 20100803 w2k IIS5 [ 'Windows 2000 Pro All - English', { 'Ret' => 0x75022ac4 } ], # p/p/r ws2help.dll - 'dll?app={buff}' for SeH IIS5 # [ 'Windows 2003 Server All - English', { 'Ret' => 0x44434241 } ], # todo: 'dll?{buff}=' call edi for EIP in IIS6 w3wp.exe, 120 byte limit, ASCII only. ], diff --git a/modules/exploits/windows/http/apache_mod_rewrite_ldap.rb b/modules/exploits/windows/http/apache_mod_rewrite_ldap.rb index 4a77dae4ed..38643b7738 100644 --- a/modules/exploits/windows/http/apache_mod_rewrite_ldap.rb +++ b/modules/exploits/windows/http/apache_mod_rewrite_ldap.rb @@ -22,7 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote The flaw affects multiple platforms, however this module currently only supports Windows based installations. }, - 'Author' => 'patrick', + 'Author' => 'aushack', 'References' => [ [ 'CVE', '2006-3747' ], @@ -50,7 +50,7 @@ class MetasploitModule < Msf::Exploit::Remote }, 'Targets' => [ - [ 'Automatic', {} ], # patrickw tested OK 20090310 win32 + [ 'Automatic', {} ], # aushack tested OK 20090310 win32 ], 'DisclosureDate' => 'Jul 28 2006', 'DefaultTarget' => 0)) @@ -78,7 +78,7 @@ class MetasploitModule < Msf::Exploit::Remote def exploit # On Linux Apache, it is possible to overwrite EIP by - # sending ldap:// ... TODO patrickw + # sending ldap:// ... TODO aushack trigger = '/ldap://localhost/%3fA%3fA%3fCCCCCCCCCC%3fC%3f%90' diff --git a/modules/exploits/windows/http/ca_igateway_debug.rb b/modules/exploits/windows/http/ca_igateway_debug.rb index 16a5c8fb8a..415ef02818 100644 --- a/modules/exploits/windows/http/ca_igateway_debug.rb +++ b/modules/exploits/windows/http/ca_igateway_debug.rb @@ -18,7 +18,7 @@ class MetasploitModule < Msf::Exploit::Remote in igateway.conf (non-default), it is possible to overwrite the stack and execute code remotely. This module works best with Ordinal payloads. }, - 'Author' => 'patrick', + 'Author' => 'aushack', 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/windows/http/mcafee_epolicy_source.rb b/modules/exploits/windows/http/mcafee_epolicy_source.rb index de2bc48208..cde280d027 100644 --- a/modules/exploits/windows/http/mcafee_epolicy_source.rb +++ b/modules/exploits/windows/http/mcafee_epolicy_source.rb @@ -24,7 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'muts ', 'xbxice[at]yahoo.com', 'hdm', - 'patrick' # MSF3 rewrite, ePO v2.5.1 target + 'aushack' # MSF3 rewrite, ePO v2.5.1 target ], 'Arch' => [ ARCH_X86 ], 'License' => MSF_LICENSE, diff --git a/modules/exploits/windows/http/mdaemon_worldclient_form2raw.rb b/modules/exploits/windows/http/mdaemon_worldclient_form2raw.rb index 6e2d330a1f..3bd9a08880 100644 --- a/modules/exploits/windows/http/mdaemon_worldclient_form2raw.rb +++ b/modules/exploits/windows/http/mdaemon_worldclient_form2raw.rb @@ -26,7 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote continue to crash/execute the payload until the CGI output is manually deleted from the queue in C:\MDaemon\RawFiles\*.raw. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'Arch' => [ ARCH_X86 ], 'License' => MSF_LICENSE, 'References' => @@ -49,7 +49,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Platform' => ['win'], 'Targets' => [ - # Patrickw - Tested OK-ish 20090702 w2k + # Aushack - Tested OK-ish 20090702 w2k [ 'Universal MDaemon.exe', { 'Ret' => 0x022fcd46 } ], # direct memory jump :( [ 'Debugging test', { 'Ret' => 0x44434241 } ], ], diff --git a/modules/exploits/windows/http/psoproxy91_overflow.rb b/modules/exploits/windows/http/psoproxy91_overflow.rb index 612eae53d7..531044e687 100644 --- a/modules/exploits/windows/http/psoproxy91_overflow.rb +++ b/modules/exploits/windows/http/psoproxy91_overflow.rb @@ -15,7 +15,7 @@ class MetasploitModule < Msf::Exploit::Remote This module exploits a buffer overflow in the PSO Proxy v0.91 web server. If a client sends an excessively long string the stack is overwritten. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/windows/http/sambar6_search_results.rb b/modules/exploits/windows/http/sambar6_search_results.rb index 55442c2e0a..403a65471b 100644 --- a/modules/exploits/windows/http/sambar6_search_results.rb +++ b/modules/exploits/windows/http/sambar6_search_results.rb @@ -22,7 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => [ 'hdm', 'Andrew Griffiths ', - 'patrick', # msf3 port + 'aushack', # msf3 port ], 'Arch' => [ ARCH_X86 ], 'License' => MSF_LICENSE, diff --git a/modules/exploits/windows/http/savant_31_overflow.rb b/modules/exploits/windows/http/savant_31_overflow.rb index 9225f81aea..03ee643d42 100644 --- a/modules/exploits/windows/http/savant_31_overflow.rb +++ b/modules/exploits/windows/http/savant_31_overflow.rb @@ -22,7 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote Due to the limited space available for the payload in this exploit module, use of the "ord" payloads is recommended. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'Arch' => [ ARCH_X86 ], 'License' => MSF_LICENSE, 'References' => diff --git a/modules/exploits/windows/http/steamcast_useragent.rb b/modules/exploits/windows/http/steamcast_useragent.rb index 5f5ea78a9b..c8a20e5c1a 100644 --- a/modules/exploits/windows/http/steamcast_useragent.rb +++ b/modules/exploits/windows/http/steamcast_useragent.rb @@ -18,7 +18,7 @@ class MetasploitModule < Msf::Exploit::Remote }, 'Author' => [ 'LSO ', # Original exploit module - 'patrick' # Added references and check code. Default target to XP. + 'aushack' # Added references and check code. Default target to XP. ], 'License' => BSD_LICENSE, 'References' => diff --git a/modules/exploits/windows/http/webster_http.rb b/modules/exploits/windows/http/webster_http.rb index 4c89c20b47..1b08baab9a 100644 --- a/modules/exploits/windows/http/webster_http.rb +++ b/modules/exploits/windows/http/webster_http.rb @@ -18,7 +18,7 @@ class MetasploitModule < Msf::Exploit::Remote the Microsoft Systems Journal in February 1996 titled "Write a Simple HTTP-based Server Using MFC and Windows Sockets". }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'References' => [ [ 'CVE', '2002-2268' ], diff --git a/modules/exploits/windows/http/xitami_if_mod_since.rb b/modules/exploits/windows/http/xitami_if_mod_since.rb index a324b930cf..0c0fdd8874 100644 --- a/modules/exploits/windows/http/xitami_if_mod_since.rb +++ b/modules/exploits/windows/http/xitami_if_mod_since.rb @@ -19,7 +19,7 @@ class MetasploitModule < Msf::Exploit::Remote execute a payload remotely. Due to size constraints, this module uses the Egghunter technique. }, - 'Author' => 'patrick', + 'Author' => 'aushack', 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/windows/iis/ms02_065_msadc.rb b/modules/exploits/windows/iis/ms02_065_msadc.rb index 77cc0768a0..d7d86800cb 100644 --- a/modules/exploits/windows/iis/ms02_065_msadc.rb +++ b/modules/exploits/windows/iis/ms02_065_msadc.rb @@ -20,7 +20,7 @@ class MetasploitModule < Msf::Exploit::Remote the RDS DataStub 'Content-Type' string is overly long. Microsoft Data Access Components (MDAC) 2.1 through 2.6 are known to be vulnerable. }, - 'Author' => 'patrick', + 'Author' => 'aushack', 'Platform' => 'win', 'References' => [ @@ -43,7 +43,7 @@ class MetasploitModule < Msf::Exploit::Remote }, 'Targets' => [ - # patrickw tested OK 20120607 w2kpro en sp0 msadcs.dll v2.50.4403.0 + # aushack tested OK 20120607 w2kpro en sp0 msadcs.dll v2.50.4403.0 [ 'Windows 2000 Pro English SP0', { 'Ret' => 0x75023783 } ], # jmp eax ws2help.dll ], 'DefaultTarget' => 0, diff --git a/modules/exploits/windows/iis/msadc.rb b/modules/exploits/windows/iis/msadc.rb index 44c1b79239..8a2b21a780 100644 --- a/modules/exploits/windows/iis/msadc.rb +++ b/modules/exploits/windows/iis/msadc.rb @@ -32,7 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote and useful for debugging. Also set NAME to obtain the remote hostname, and METHOD to use the alternative VbBusObj technique. }, - 'Author' => 'patrick', + 'Author' => 'aushack', 'Platform' => 'win', 'References' => [ @@ -44,7 +44,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'Targets' => [ - # patrickw tested meterpreter OK 20120601 + # aushack tested meterpreter OK 20120601 # nt4server w/sp3, ie4.02, option pack, IIS4.0, mdac 1.5, over msaccess shell, reverse_nonx # w2k w/sp0, IIS5.0, mdac 2.7 RTM, sql2000, handunsf.reg, over xp_cmdshell, reverse_tcp [ 'Automatic', { } ], diff --git a/modules/exploits/windows/imap/mdaemon_fetch.rb b/modules/exploits/windows/imap/mdaemon_fetch.rb index 09e84297c5..f7eac8768d 100644 --- a/modules/exploits/windows/imap/mdaemon_fetch.rb +++ b/modules/exploits/windows/imap/mdaemon_fetch.rb @@ -17,7 +17,7 @@ class MetasploitModule < Msf::Exploit::Remote version 9.6.4 by sending an overly long FETCH BODY command. Valid IMAP account credentials are required. Credit to Matteo Memelli }, - 'Author' => [ 'Jacopo Cervini', 'patrick' ], + 'Author' => [ 'Jacopo Cervini', 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/windows/isapi/ms00_094_pbserver.rb b/modules/exploits/windows/isapi/ms00_094_pbserver.rb index f44d9df234..57ce6b7704 100644 --- a/modules/exploits/windows/isapi/ms00_094_pbserver.rb +++ b/modules/exploits/windows/isapi/ms00_094_pbserver.rb @@ -17,7 +17,7 @@ class MetasploitModule < Msf::Exploit::Remote for phone book updates, it is possible to overwrite the stack. This module has only been tested against Windows 2000 SP1. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/windows/ldap/pgp_keyserver7.rb b/modules/exploits/windows/ldap/pgp_keyserver7.rb index 20bccce385..c30ce6ec7a 100644 --- a/modules/exploits/windows/ldap/pgp_keyserver7.rb +++ b/modules/exploits/windows/ldap/pgp_keyserver7.rb @@ -18,7 +18,7 @@ class MetasploitModule < Msf::Exploit::Remote against PGP KeyServer v7.0. Due to space restrictions, egghunter is used to find our payload - therefore you may wish to adjust WfsDelay. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/windows/license/calicclnt_getconfig.rb b/modules/exploits/windows/license/calicclnt_getconfig.rb index 48533a760f..8307bc591c 100644 --- a/modules/exploits/windows/license/calicclnt_getconfig.rb +++ b/modules/exploits/windows/license/calicclnt_getconfig.rb @@ -26,7 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => [ 'hdm', # original msf v2 module - 'patrick', # msf v3 port :) + 'aushack', # msf v3 port :) ], 'License' => MSF_LICENSE, 'References' => @@ -57,7 +57,7 @@ class MetasploitModule < Msf::Exploit::Remote # name, jmp esi, writable, jmp edi #['Automatic', {} ], # - # patrickw - tested OK Windows XP English SP0-1 only 20100214 + # aushack - tested OK Windows XP English SP0-1 only 20100214 ['Windows 2000 English', { 'Rets' => [ 0x750217ae, 0x7ffde0cc, 0x75021421 ] } ], # ws2help.dll esi + peb + edi ['Windows XP English SP0-1', { 'Rets' => [ 0x71aa16e5, 0x7ffde0cc, 0x71aa19e8 ] } ], # ws2help.dll esi + peb + edi ['Windows XP English SP2', { 'Rets' => [ 0x71aa1b22, 0x71aa5001, 0x71aa1e08 ] } ], # ws2help.dll esi + .data + edi diff --git a/modules/exploits/windows/license/calicserv_getconfig.rb b/modules/exploits/windows/license/calicserv_getconfig.rb index fefa2db5e5..c73b69a518 100644 --- a/modules/exploits/windows/license/calicserv_getconfig.rb +++ b/modules/exploits/windows/license/calicserv_getconfig.rb @@ -19,7 +19,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => [ 'hdm', # original msf v2 module - 'patrick', # msf v3 port :) + 'aushack', # msf v3 port :) ], 'License' => MSF_LICENSE, 'References' => @@ -50,7 +50,7 @@ class MetasploitModule < Msf::Exploit::Remote # name, jmp esi, writable, jmp edi #['Automatic', {} ], # - # patrickw - tested OK Windows XP English SP0-1 only 20100214 + # aushack - tested OK Windows XP English SP0-1 only 20100214 ['Windows 2000 English', { 'Rets' => [ 0x750217ae, 0x7ffde0cc, 0x75021421 ] } ], # ws2help.dll esi + peb + edi ['Windows XP English SP0-1', { 'Rets' => [ 0x71aa16e5, 0x7ffde0cc, 0x71aa19e8 ] } ], # ws2help.dll esi + peb + edi ['Windows XP English SP2', { 'Rets' => [ 0x71aa1b22, 0x71aa5001, 0x71aa1e08 ] } ], # ws2help.dll esi + .data + edi diff --git a/modules/exploits/windows/lotus/domino_sametime_stmux.rb b/modules/exploits/windows/lotus/domino_sametime_stmux.rb index 18b58de464..fe21cba6fd 100644 --- a/modules/exploits/windows/lotus/domino_sametime_stmux.rb +++ b/modules/exploits/windows/lotus/domino_sametime_stmux.rb @@ -17,7 +17,7 @@ class MetasploitModule < Msf::Exploit::Remote STMux.exe service we are able to overwrite SEH. Based on the exploit by Manuel Santamarina Suarez. }, - 'Author' => [ 'patrick', 'riaf ' ], + 'Author' => [ 'aushack', 'riaf ' ], 'Arch' => [ ARCH_X86 ], 'License' => MSF_LICENSE, 'References' => diff --git a/modules/exploits/windows/misc/bigant_server_250.rb b/modules/exploits/windows/misc/bigant_server_250.rb index 9d7d4f04f9..7a08aeab65 100644 --- a/modules/exploits/windows/misc/bigant_server_250.rb +++ b/modules/exploits/windows/misc/bigant_server_250.rb @@ -47,8 +47,8 @@ class MetasploitModule < Msf::Exploit::Remote 'Platform' => 'win', 'Targets' => [ - [ 'BigAnt 2.5 Universal', { 'Ret' => 0x0f9a196a } ], # Tested OK (Dr_IDE & patrickw) p/p/r VBAJET32.dll xpsp3 & w2k - [ 'Windows 2000 Pro All English', { 'Ret' => 0x75022ac4 } ], # p/p/r Tested OK (patrickw 20090918) + [ 'BigAnt 2.5 Universal', { 'Ret' => 0x0f9a196a } ], # Tested OK (Dr_IDE & aushack) p/p/r VBAJET32.dll xpsp3 & w2k + [ 'Windows 2000 Pro All English', { 'Ret' => 0x75022ac4 } ], # p/p/r Tested OK (aushack 20090918) [ 'Windows XP Pro SP0/SP1 English', { 'Ret' => 0x71aa32ad } ], # Should Work ], 'DefaultTarget' => 0, diff --git a/modules/exploits/windows/misc/mirc_privmsg_server.rb b/modules/exploits/windows/misc/mirc_privmsg_server.rb index 57b83c5aef..4c99de4196 100644 --- a/modules/exploits/windows/misc/mirc_privmsg_server.rb +++ b/modules/exploits/windows/misc/mirc_privmsg_server.rb @@ -18,7 +18,7 @@ class MetasploitModule < Msf::Exploit::Remote command can be sent, overwriting the stack. Due to size restrictions, ordinal payloads may be necessary. This module is based on the code by SkD. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/windows/misc/netcat110_nt.rb b/modules/exploits/windows/misc/netcat110_nt.rb index 0d01d60312..2244acfbef 100644 --- a/modules/exploits/windows/misc/netcat110_nt.rb +++ b/modules/exploits/windows/misc/netcat110_nt.rb @@ -17,7 +17,7 @@ class MetasploitModule < Msf::Exploit::Remote exists when netcat is used to bind (-e) an executable to a port in doexec.c. This module tested successfully using "c:\>nc -L -p 31337 -e ftp". }, - 'Author' => 'patrick', + 'Author' => 'aushack', 'Arch' => [ ARCH_X86 ], 'License' => MSF_LICENSE, 'References' => diff --git a/modules/exploits/windows/misc/sap_2005_license.rb b/modules/exploits/windows/misc/sap_2005_license.rb index 9499a77bd6..48a5aec361 100644 --- a/modules/exploits/windows/misc/sap_2005_license.rb +++ b/modules/exploits/windows/misc/sap_2005_license.rb @@ -38,7 +38,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Platform' => 'win', 'Targets' => [ - # patrickw tested OK w2k3sp2 20090910 + # aushack tested OK w2k3sp2 20090910 [ 'Sap Business One 2005 B1 Universal', { 'Ret' => 0x00547b82 } ], # tao2005.dll push esp /ret ], 'Privileged' => true, @@ -54,7 +54,7 @@ class MetasploitModule < Msf::Exploit::Remote sploit = "\x47\x49\x4f\x50\x01\x00\x01\x00" + rand_text_english(1024) sploit << [target.ret].pack('V') # EIP for w2k3sp2 - jacopo (1024) - sploit << [target.ret].pack('V') # EIP for w2k3sp0 - patrickw (1028) + sploit << [target.ret].pack('V') # EIP for w2k3sp0 - aushack (1028) sploit << make_nops(44) + payload.encoded + make_nops(384) print_status("Trying target #{target.name}...") diff --git a/modules/exploits/windows/proxy/ccproxy_telnet_ping.rb b/modules/exploits/windows/proxy/ccproxy_telnet_ping.rb index 0071bd5bfc..6f46ad6c69 100644 --- a/modules/exploits/windows/proxy/ccproxy_telnet_ping.rb +++ b/modules/exploits/windows/proxy/ccproxy_telnet_ping.rb @@ -16,7 +16,7 @@ class MetasploitModule < Msf::Exploit::Remote Telnet service. The stack is overwritten when sending an overly long address to the 'ping' command. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'Arch' => [ ARCH_X86 ], 'License' => MSF_LICENSE, 'References' => diff --git a/modules/exploits/windows/proxy/qbik_wingate_wwwproxy.rb b/modules/exploits/windows/proxy/qbik_wingate_wwwproxy.rb index 56024b8e49..b497df5113 100644 --- a/modules/exploits/windows/proxy/qbik_wingate_wwwproxy.rb +++ b/modules/exploits/windows/proxy/qbik_wingate_wwwproxy.rb @@ -17,7 +17,7 @@ class MetasploitModule < Msf::Exploit::Remote HTTP proxy service on port 80, a remote attacker could overflow a buffer and execute arbitrary code. }, - 'Author' => 'patrick', + 'Author' => 'aushack', 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/windows/scada/citect_scada_odbc.rb b/modules/exploits/windows/scada/citect_scada_odbc.rb index b338f9bff0..76bc660f62 100644 --- a/modules/exploits/windows/scada/citect_scada_odbc.rb +++ b/modules/exploits/windows/scada/citect_scada_odbc.rb @@ -19,7 +19,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => [ 'KF ', # Original Metasploit module - 'patrick', # Some clean up - I'm sure there's more to be done :) + 'aushack', # Some clean up - I'm sure there's more to be done :) ], 'References' => [ diff --git a/modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb b/modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb index 046f18ba69..9fe9b5c6a9 100644 --- a/modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb +++ b/modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb @@ -15,7 +15,7 @@ class MetasploitModule < Msf::Exploit::Remote This module exploits the MailCarrier v2.51 suite SMTP service. The stack is overwritten when sending an overly long EHLO command. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/windows/smtp/ms03_046_exchange2000_xexch50.rb b/modules/exploits/windows/smtp/ms03_046_exchange2000_xexch50.rb index 1ab28acb44..de686297fb 100644 --- a/modules/exploits/windows/smtp/ms03_046_exchange2000_xexch50.rb +++ b/modules/exploits/windows/smtp/ms03_046_exchange2000_xexch50.rb @@ -22,7 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => [ 'hdm', # original module - 'patrick', # msf3 port :) + 'aushack', # msf3 port :) ], 'References' => [ diff --git a/modules/exploits/windows/telnet/gamsoft_telsrv_username.rb b/modules/exploits/windows/telnet/gamsoft_telsrv_username.rb index 9bdd4bbdbc..59d6666f17 100644 --- a/modules/exploits/windows/telnet/gamsoft_telsrv_username.rb +++ b/modules/exploits/windows/telnet/gamsoft_telsrv_username.rb @@ -16,7 +16,7 @@ class MetasploitModule < Msf::Exploit::Remote Other versions may also be affected. The service terminates after exploitation, so you only get one chance! }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'Arch' => [ ARCH_X86 ], 'License' => MSF_LICENSE, 'References' => diff --git a/modules/exploits/windows/tftp/attftp_long_filename.rb b/modules/exploits/windows/tftp/attftp_long_filename.rb index 0df62ca875..b9a3802d91 100644 --- a/modules/exploits/windows/tftp/attftp_long_filename.rb +++ b/modules/exploits/windows/tftp/attftp_long_filename.rb @@ -15,7 +15,7 @@ class MetasploitModule < Msf::Exploit::Remote This module exploits a stack buffer overflow in AT-TFTP v1.9, by sending a request (get/write) for an overly long file name. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'References' => [ ['CVE', '2006-6184'], diff --git a/modules/exploits/windows/tftp/dlink_long_filename.rb b/modules/exploits/windows/tftp/dlink_long_filename.rb index 4208af5357..e69459cecd 100644 --- a/modules/exploits/windows/tftp/dlink_long_filename.rb +++ b/modules/exploits/windows/tftp/dlink_long_filename.rb @@ -20,7 +20,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => [ 'LSO ', # Exploit module - 'patrick', # Refs, stability, targets etc + 'aushack', # Refs, stability, targets etc ], 'References' => [ diff --git a/modules/exploits/windows/tftp/tftpdwin_long_filename.rb b/modules/exploits/windows/tftp/tftpdwin_long_filename.rb index 749b7163d6..ee103390fe 100644 --- a/modules/exploits/windows/tftp/tftpdwin_long_filename.rb +++ b/modules/exploits/windows/tftp/tftpdwin_long_filename.rb @@ -15,7 +15,7 @@ class MetasploitModule < Msf::Exploit::Remote This module exploits the ProSysInfo TFTPDWIN threaded TFTP Server. By sending an overly long file name to the tftpd.exe server, the stack can be overwritten. }, - 'Author' => [ 'patrick' ], + 'Author' => [ 'aushack' ], 'References' => [ [ 'CVE', '2006-4948' ], diff --git a/modules/exploits/windows/vnc/winvnc_http_get.rb b/modules/exploits/windows/vnc/winvnc_http_get.rb index 1ceec34c73..824291023b 100644 --- a/modules/exploits/windows/vnc/winvnc_http_get.rb +++ b/modules/exploits/windows/vnc/winvnc_http_get.rb @@ -17,7 +17,7 @@ class MetasploitModule < Msf::Exploit::Remote enabled (non-default), an overly long GET request can overwrite the stack. This exploit does not work well with VNC payloads! }, - 'Author' => 'patrick', + 'Author' => 'aushack', 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/payloads/singles/cmd/windows/bind_perl.rb b/modules/payloads/singles/cmd/windows/bind_perl.rb index ecbb099b96..a0cfd2f733 100644 --- a/modules/payloads/singles/cmd/windows/bind_perl.rb +++ b/modules/payloads/singles/cmd/windows/bind_perl.rb @@ -18,7 +18,7 @@ module MetasploitModule super(merge_info(info, 'Name' => 'Windows Command Shell, Bind TCP (via Perl)', 'Description' => 'Listen for a connection and spawn a command shell via perl (persistent)', - 'Author' => ['Samy ', 'cazz', 'patrick'], + 'Author' => ['Samy ', 'cazz', 'aushack'], 'License' => BSD_LICENSE, 'Platform' => 'win', 'Arch' => ARCH_CMD, diff --git a/modules/payloads/singles/cmd/windows/bind_perl_ipv6.rb b/modules/payloads/singles/cmd/windows/bind_perl_ipv6.rb index c7a9a583b6..20e475eb1c 100644 --- a/modules/payloads/singles/cmd/windows/bind_perl_ipv6.rb +++ b/modules/payloads/singles/cmd/windows/bind_perl_ipv6.rb @@ -18,7 +18,7 @@ module MetasploitModule super(merge_info(info, 'Name' => 'Windows Command Shell, Bind TCP (via perl) IPv6', 'Description' => 'Listen for a connection and spawn a command shell via perl (persistent)', - 'Author' => ['Samy ', 'cazz', 'patrick'], + 'Author' => ['Samy ', 'cazz', 'aushack'], 'License' => BSD_LICENSE, 'Platform' => 'win', 'Arch' => ARCH_CMD, diff --git a/modules/payloads/singles/cmd/windows/reverse_perl.rb b/modules/payloads/singles/cmd/windows/reverse_perl.rb index 400d828bc1..accb73877a 100644 --- a/modules/payloads/singles/cmd/windows/reverse_perl.rb +++ b/modules/payloads/singles/cmd/windows/reverse_perl.rb @@ -18,7 +18,7 @@ module MetasploitModule super(merge_info(info, 'Name' => 'Windows Command, Double Reverse TCP Connection (via Perl)', 'Description' => 'Creates an interactive shell via perl', - 'Author' => ['cazz', 'patrick'], + 'Author' => ['cazz', 'aushack'], 'License' => BSD_LICENSE, 'Platform' => 'win', 'Arch' => ARCH_CMD,