Commit Graph

1877 Commits (008c72e255e0de7aaf98dbcbc5718d5fc8fc94cc)

Author SHA1 Message Date
Joshua Drake 5c271db9b5 add OSVDB reference from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7695 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-04 15:52:20 +00:00
Joshua Drake e8e98b9be6 add exploit module for cve-2000-0573
git-svn-id: file:///home/svn/framework3/trunk@7693 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-04 07:50:53 +00:00
Mario Ceballos 80422f24c4 added exploit module ca_arcserve_342.rb
git-svn-id: file:///home/svn/framework3/trunk@7690 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-04 02:55:00 +00:00
Mario Ceballos 93d02320cf updated oracle mixin and adjusted affected modules. now compatible with ruby 1.8 and 1.9
git-svn-id: file:///home/svn/framework3/trunk@7688 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-03 23:57:02 +00:00
HD Moore 9ebcd40a4e Updated references to work better with NeXpose integration
git-svn-id: file:///home/svn/framework3/trunk@7683 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-03 15:27:29 +00:00
James Lee 8e0eef03c6 see #594. remove some extraneous junk, don't run the shell in a terminal (it dies immediately). space is the only badchar. still doesn't actually work without a modification to encoder/cmd/generic_sh.
git-svn-id: file:///home/svn/framework3/trunk@7680 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-03 09:09:56 +00:00
James Lee 8e5d2b98b0 prefer the echo encoder over the simpler and more error prone ifs encoder
git-svn-id: file:///home/svn/framework3/trunk@7679 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-03 08:39:22 +00:00
Joshua Drake b8302e6f61 changed default target
git-svn-id: file:///home/svn/framework3/trunk@7675 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-03 00:04:33 +00:00
Joshua Drake b9a97f310e fixed typo in targets
git-svn-id: file:///home/svn/framework3/trunk@7674 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 23:50:09 +00:00
Joshua Drake 267ed23223 this exploits an ssh server, moving to ssh dir
git-svn-id: file:///home/svn/framework3/trunk@7673 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 22:31:13 +00:00
Joshua Drake dcc05c7494 typo fix
git-svn-id: file:///home/svn/framework3/trunk@7672 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 21:06:36 +00:00
Mario Ceballos 10d636c894 applied patch provided by Erwin Paternotte
git-svn-id: file:///home/svn/framework3/trunk@7670 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 17:38:13 +00:00
Mario Ceballos faa27f93b9 updated with the bid id
git-svn-id: file:///home/svn/framework3/trunk@7669 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 12:20:40 +00:00
Mario Ceballos 25106b555f log to the appropiated place.
git-svn-id: file:///home/svn/framework3/trunk@7664 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-01 23:00:42 +00:00
Joshua Drake b48e5d34e7 added svn keywords
git-svn-id: file:///home/svn/framework3/trunk@7660 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-01 20:36:55 +00:00
HD Moore b0403cfde2 OSVDB references from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7658 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-01 16:44:25 +00:00
Joshua Drake 38d04631e6 recorded some additional test results
git-svn-id: file:///home/svn/framework3/trunk@7657 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-01 16:42:58 +00:00
Joshua Drake ec45ea8c22 minor cleanups, removed 0day text, Fixes #573
git-svn-id: file:///home/svn/framework3/trunk@7646 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-30 18:42:00 +00:00
HD Moore 16ae0112d1 Typo fix from antoine
git-svn-id: file:///home/svn/framework3/trunk@7645 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-30 14:17:17 +00:00
HD Moore bcd7343803 Fixes #563. Make fakedns act like a normal passive aux module
git-svn-id: file:///home/svn/framework3/trunk@7640 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-29 15:27:37 +00:00
et 75ca12439e Added new testing options
git-svn-id: file:///home/svn/framework3/trunk@7638 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-29 04:00:26 +00:00
Mario Ceballos 09cb98678f added exploit module intersystems_cache.rb
git-svn-id: file:///home/svn/framework3/trunk@7631 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-28 15:26:21 +00:00
et 6e975b57ee Include Auxiliary Report
git-svn-id: file:///home/svn/framework3/trunk@7629 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 20:39:15 +00:00
Joshua Drake f845a7db54 dissected most of the u3d data
git-svn-id: file:///home/svn/framework3/trunk@7628 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 07:26:08 +00:00
Joshua Drake 623f3b88ec minor cleanups, fixed u3d_pad function
git-svn-id: file:///home/svn/framework3/trunk@7626 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 06:21:39 +00:00
Joshua Drake 8e8a52fe26 removed meta data, randomized mesh name
git-svn-id: file:///home/svn/framework3/trunk@7624 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 04:42:42 +00:00
HD Moore 7324108c14 Support non-default interfaces for idle scan host detection
git-svn-id: file:///home/svn/framework3/trunk@7623 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 04:14:16 +00:00
Joshua Drake dd713f96de broke up u3d data a bit, first pass
git-svn-id: file:///home/svn/framework3/trunk@7619 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 00:34:22 +00:00
Joshua Drake f88dee904a add exploit module for cve-2009-2994
git-svn-id: file:///home/svn/framework3/trunk@7617 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 22:24:10 +00:00
HD Moore 927563c135 Correct some assumptions about client-side exploit signature development, remove the prepend since we dont use .net anymore
git-svn-id: file:///home/svn/framework3/trunk@7616 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 21:18:26 +00:00
Joshua Drake e3a1a7958e cleaned up the descriptions
git-svn-id: file:///home/svn/framework3/trunk@7615 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 20:05:18 +00:00
Joshua Drake a4dd52543c removed .net dll bypass, recorded some crash addresses
git-svn-id: file:///home/svn/framework3/trunk@7614 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 19:39:15 +00:00
James Lee 5fb4ef2005 make OUTFILE actually do something other than stack dump. fixes #538
git-svn-id: file:///home/svn/framework3/trunk@7613 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 18:32:28 +00:00
James Lee 00eaff0550 stupid ruby string differences
git-svn-id: file:///home/svn/framework3/trunk@7611 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 17:16:45 +00:00
HD Moore 0c19f50718 Fix broken .NET method
git-svn-id: file:///home/svn/framework3/trunk@7610 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 17:11:38 +00:00
Joshua Drake f733856974 add exploit module for cve-2009-3762
git-svn-id: file:///home/svn/framework3/trunk@7609 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 07:25:04 +00:00
et 5b81d85447 Replaced reporting to use notes
git-svn-id: file:///home/svn/framework3/trunk@7605 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 06:08:28 +00:00
James Lee f516edacfb only works on ie7
git-svn-id: file:///home/svn/framework3/trunk@7603 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 02:14:40 +00:00
James Lee 07543fd526 fix potential hang when server doesn't respond
git-svn-id: file:///home/svn/framework3/trunk@7602 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 02:01:27 +00:00
James Lee 825cbfca66 remove the deprecated Thread.critical. fixes #544
git-svn-id: file:///home/svn/framework3/trunk@7601 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 01:48:11 +00:00
James Lee c45c15cd29 add autopwn info
git-svn-id: file:///home/svn/framework3/trunk@7599 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 23:50:08 +00:00
James Lee d5e09a90e2 add minver and maxver options and prepare for universal module ranking
git-svn-id: file:///home/svn/framework3/trunk@7598 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 21:40:02 +00:00
Joshua Drake 3bca7d14c4 payload compatability: no findsock allowed
git-svn-id: file:///home/svn/framework3/trunk@7597 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 19:35:05 +00:00
Joshua Drake 6a2bc85729 oops, hasty commit -- removed comment
git-svn-id: file:///home/svn/framework3/trunk@7596 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 17:47:22 +00:00
Joshua Drake 6e7de5b6d3 changed module from exploit to auxiliary
git-svn-id: file:///home/svn/framework3/trunk@7595 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 17:45:21 +00:00
Patrick Webster 796e8cdfc3 Ported hdm's exchange2000_xexch50 module to version 3.
git-svn-id: file:///home/svn/framework3/trunk@7592 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 07:11:12 +00:00
James Lee 99319d2a55 don't unintentionally create a UNC path. see #558
git-svn-id: file:///home/svn/framework3/trunk@7591 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 06:23:03 +00:00
James Lee 4a912e7c0c don't inadvertantly create a UNC path. see #558
git-svn-id: file:///home/svn/framework3/trunk@7590 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 06:02:21 +00:00
James Lee 7490e4c4a8 use an absolute uri to the evil gif. fixes #558. we probably ought to have a method for doing this since it seems to be a fairly common problem.
git-svn-id: file:///home/svn/framework3/trunk@7589 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 05:44:21 +00:00
et e354c8dbcc Multiple headers handling bug fixes
git-svn-id: file:///home/svn/framework3/trunk@7588 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 05:27:11 +00:00
Mario Ceballos 0d44958233 not needed. getting things ready for ruby 1.9.1 compat.
git-svn-id: file:///home/svn/framework3/trunk@7586 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-23 23:53:01 +00:00
Patrick Webster f2d998d514 Added check support.
git-svn-id: file:///home/svn/framework3/trunk@7585 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-23 07:37:54 +00:00
et f70cf1e74f Make EXT optional so other dictionaries with files containing extensions can be used
git-svn-id: file:///home/svn/framework3/trunk@7583 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-23 03:01:46 +00:00
Joshua Drake fc9648f332 little fix submission for foxit auth bypass exploit
git-svn-id: file:///home/svn/framework3/trunk@7581 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-22 18:50:24 +00:00
Joshua Drake 3bcc51e155 added exloit module for cve-2009-2990
git-svn-id: file:///home/svn/framework3/trunk@7580 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-22 01:15:13 +00:00
Joshua Drake 008fbedf93 created multi-platform fileformat dir
git-svn-id: file:///home/svn/framework3/trunk@7579 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-22 01:14:52 +00:00
Joshua Drake 5dbd32cd98 added japanese target from TomokiSanaki
git-svn-id: file:///home/svn/framework3/trunk@7578 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-22 01:09:59 +00:00
Joshua Drake b9939a836f fixed PDF header (oops)
git-svn-id: file:///home/svn/framework3/trunk@7577 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-22 01:01:11 +00:00
Joshua Drake b54a7aa1d3 confirmed SEH target works on Windows XP SP3
git-svn-id: file:///home/svn/framework3/trunk@7576 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-21 17:44:09 +00:00
Mario Ceballos fcd7effcc6 baah.
git-svn-id: file:///home/svn/framework3/trunk@7575 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-21 00:35:27 +00:00
Mario Ceballos 02301c88e4 oops, read in the scv.
git-svn-id: file:///home/svn/framework3/trunk@7574 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-21 00:16:19 +00:00
Mario Ceballos b19ecf9c74 ruby 1.9.1 compatible for the csv issue.
git-svn-id: file:///home/svn/framework3/trunk@7573 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-21 00:12:57 +00:00
Patrick Webster 52792c2de7 Added two Citrix Aux modules.
git-svn-id: file:///home/svn/framework3/trunk@7571 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-19 14:45:10 +00:00
Joshua Drake e5796f5b3b changed address to 0x0a0a0a0a
tested against various reader versions
removed pdf version randomization



git-svn-id: file:///home/svn/framework3/trunk@7570 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-19 05:56:03 +00:00
Joshua Drake f767129e61 fixed some typos, thx mubix!
git-svn-id: file:///home/svn/framework3/trunk@7569 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-19 03:36:02 +00:00
Joshua Drake 106350ac97 Stop randomizing the module version, it breaks Acrobat 9
git-svn-id: file:///home/svn/framework3/trunk@7568 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-18 17:39:37 +00:00
Joshua Drake 5bbbafefa2 osvdb reference update from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7565 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-18 04:16:10 +00:00
Joshua Drake c2bcad1f4c add exploit http version
git-svn-id: file:///home/svn/framework3/trunk@7563 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-18 02:29:37 +00:00
Joshua Drake 82706981de dynamically get ip address length
git-svn-id: file:///home/svn/framework3/trunk@7561 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-18 00:49:20 +00:00
Joshua Drake 31e9d9929c add exploit module for another 0day
git-svn-id: file:///home/svn/framework3/trunk@7560 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-17 23:54:26 +00:00
Joshua Drake 447e208abf add httpdx handlepeer() exploit (cve-2009-3711)
git-svn-id: file:///home/svn/framework3/trunk@7557 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-17 22:29:20 +00:00
HD Moore 61e233df91 Keywords on all modules, plugins, and scripts
git-svn-id: file:///home/svn/framework3/trunk@7550 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-17 00:05:19 +00:00
James Lee 0150e7a4de add a simple encoder for sh payloads that only replaces spaces. fixes #525
git-svn-id: file:///home/svn/framework3/trunk@7549 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-17 00:00:08 +00:00
HD Moore dc0dc98771 Fixes #517. Disables meterpreter stages for passivex stagers
git-svn-id: file:///home/svn/framework3/trunk@7546 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 22:45:33 +00:00
James Lee 777317d0ad make sure everybody is using the same SRVHOST. fixes #511
git-svn-id: file:///home/svn/framework3/trunk@7545 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 22:06:32 +00:00
Stephen Fewer 6142f5d509 re-enable the passivex stager. we still need to force the meterpreter stage to be incompatible with this stager as their is a known issue between the two.
git-svn-id: file:///home/svn/framework3/trunk@7544 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 19:34:14 +00:00
James Lee 10e897b94f make sure we got a response before trying to pull headers out of it. see #519
git-svn-id: file:///home/svn/framework3/trunk@7541 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 19:00:16 +00:00
James Lee 9f134512c2 give up if we can't get the password hash. see #519
git-svn-id: file:///home/svn/framework3/trunk@7539 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 18:51:51 +00:00
James Lee dd323e2a7b don't try to run methods on an object we just confirmed was nil
git-svn-id: file:///home/svn/framework3/trunk@7538 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 18:48:34 +00:00
James Lee b4d04ab22d fix 1.9 str[idx] error; see #519
git-svn-id: file:///home/svn/framework3/trunk@7534 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 18:28:34 +00:00
Joshua Drake 4edc6d942c updated awingsoft web3d bof module from trancer
git-svn-id: file:///home/svn/framework3/trunk@7533 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 16:51:52 +00:00
James Lee 94729103b4 added osvdb ref and keywords
git-svn-id: file:///home/svn/framework3/trunk@7532 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 16:18:51 +00:00
HD Moore bd28e044f0 Handle instances where the pipe does not exist gracefully
git-svn-id: file:///home/svn/framework3/trunk@7531 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 15:20:50 +00:00
James Lee 7fb9c4a791 add coverage for cve-2009-1151
git-svn-id: file:///home/svn/framework3/trunk@7528 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 08:42:32 +00:00
James Lee 53640065da license
git-svn-id: file:///home/svn/framework3/trunk@7522 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-15 19:53:03 +00:00
Joshua Drake 04725e70cc reference updates from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7521 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-15 16:03:01 +00:00
Mario Ceballos 4c23734e72 added exploit module oracle_dc_submittoexpress.rb
git-svn-id: file:///home/svn/framework3/trunk@7520 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-15 01:01:21 +00:00
HD Moore 4549ca2eb3 Adds an OSVDB reference from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7519 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 23:08:27 +00:00
Joshua Drake 7573994152 add exploit module for another winds3d 0day
git-svn-id: file:///home/svn/framework3/trunk@7518 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 22:26:08 +00:00
Joshua Drake 240a8444b0 Fixed some license problems
git-svn-id: file:///home/svn/framework3/trunk@7515 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 18:09:05 +00:00
Mario Ceballos bbfc195735 added patch from Steve Tornio.
git-svn-id: file:///home/svn/framework3/trunk@7514 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 13:26:27 +00:00
Joshua Drake 8d382ef487 oops -- removed CVE/BID/OSVDB references
git-svn-id: file:///home/svn/framework3/trunk@7512 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:46:21 +00:00
Joshua Drake 74269325db added CVE/BID/OSVDB references
git-svn-id: file:///home/svn/framework3/trunk@7511 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:42:02 +00:00
Joshua Drake f86eca488a minor fixup in email addr
git-svn-id: file:///home/svn/framework3/trunk@7510 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:39:00 +00:00
Joshua Drake 9381abf41a swap L to V for packing
git-svn-id: file:///home/svn/framework3/trunk@7509 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:38:03 +00:00
Joshua Drake 70cf288b99 added trancer's exploit for cve-2009-2386
git-svn-id: file:///home/svn/framework3/trunk@7508 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:36:20 +00:00
Joshua Drake e98036bc9c oops, forgot to remove debugging cruft
git-svn-id: file:///home/svn/framework3/trunk@7507 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:33:42 +00:00
HD Moore 8b9238e33b Cosmetic/reference cleanups.
git-svn-id: file:///home/svn/framework3/trunk@7506 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:31:00 +00:00
Joshua Drake cc41639170 add exploit for cve-2009-2485
git-svn-id: file:///home/svn/framework3/trunk@7505 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 02:37:18 +00:00
James Lee d90b932383 add a bit more entropy
git-svn-id: file:///home/svn/framework3/trunk@7504 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 02:09:32 +00:00
James Lee 38c0a3bd1b 302 is not the same as 200...
git-svn-id: file:///home/svn/framework3/trunk@7503 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 02:03:16 +00:00
James Lee d2451547d6 add exploit module for osCommerce file upload
git-svn-id: file:///home/svn/framework3/trunk@7502 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 01:56:21 +00:00
James Lee 4c0ba49a65 fix syntax error
git-svn-id: file:///home/svn/framework3/trunk@7500 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 23:22:19 +00:00
Joshua Drake cd11c784e0 added CVE references
git-svn-id: file:///home/svn/framework3/trunk@7499 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 22:54:10 +00:00
Mario Ceballos 8a2a16c921 fixes a syntax error. console yells when loaded.
git-svn-id: file:///home/svn/framework3/trunk@7496 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 22:37:45 +00:00
HD Moore fbdccdc9e2 Adds a module for eDirectory cookie prediction - trivial bug found while working on others.
git-svn-id: file:///home/svn/framework3/trunk@7493 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 21:31:39 +00:00
Joshua Drake da6fa072f2 add module for cve-2008-0492
git-svn-id: file:///home/svn/framework3/trunk@7490 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 18:09:50 +00:00
Joshua Drake 7758ebfda4 uniquified name
git-svn-id: file:///home/svn/framework3/trunk@7488 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 00:22:14 +00:00
Joshua Drake 61f2c0b195 uniqified name
git-svn-id: file:///home/svn/framework3/trunk@7487 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 00:21:54 +00:00
Joshua Drake 2e4f5734ea fixed typo
git-svn-id: file:///home/svn/framework3/trunk@7486 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 00:21:09 +00:00
James Lee 41604957fa fix no compatible payloads due to misplaced compat options
git-svn-id: file:///home/svn/framework3/trunk@7483 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-12 20:36:23 +00:00
HD Moore 0d8eaa9190 Fix up a typo in the ddwrt exploit
git-svn-id: file:///home/svn/framework3/trunk@7481 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-12 16:13:51 +00:00
HD Moore d892264ad7 Adds a DoS proof of concept for MS09-065 (EOT)
git-svn-id: file:///home/svn/framework3/trunk@7470 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-11 23:48:53 +00:00
James Lee 68959ece65 use the new DisablePayloadHandler option to reduce the number of open ports required; lports per OS can be modified via advanced options
git-svn-id: file:///home/svn/framework3/trunk@7469 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-11 21:38:30 +00:00
HD Moore a305bc82c2 Add a status message, fix syntax error in references
git-svn-id: file:///home/svn/framework3/trunk@7468 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-11 20:17:20 +00:00
HD Moore 3980a7f18e Add a metasploit module implement laurent's latest bug
git-svn-id: file:///home/svn/framework3/trunk@7467 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-11 16:59:55 +00:00
Carlos Perez 10cf618c19 Fix AXFR error handling
git-svn-id: file:///home/svn/framework3/trunk@7466 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-11 14:14:55 +00:00
Joshua Drake c9f6e32c70 optimization for extra stack data
git-svn-id: file:///home/svn/framework3/trunk@7463 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-11 01:01:53 +00:00
Joshua Drake 92408fbed4 added patch, finder, and pub exploit refs
git-svn-id: file:///home/svn/framework3/trunk@7457 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-10 23:52:07 +00:00
Joshua Drake 9edcda6862 updated badchars/encoder, increased bytes to end of stack, ppr had badchar in it
git-svn-id: file:///home/svn/framework3/trunk@7456 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-10 23:36:54 +00:00
Joshua Drake e812a2317c added exploit for cve-2009-0184
git-svn-id: file:///home/svn/framework3/trunk@7455 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-10 21:52:17 +00:00
HD Moore 6deb2fe58e windows 2000 target via anonymous submission
git-svn-id: file:///home/svn/framework3/trunk@7454 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-10 20:03:57 +00:00
Stephen Fewer 159ca526b4 Fixed a null pointer dereference bug (occurring in stages loaded by the PassiveX stager) that was being caused when an invalid exit funk was being patched into the stage by the PassiveX stager. This happened because the PassiveX stager uses the old type exit funks while the stages use the new type. This fix ensures the PassiveX stager gets the expected old exit funk value while the chosen stage gets the new exit funk value. This patch does not fix Bug #291 (PassiveX broken). Also I have left the PassiveX stager disabled until we can resolve the rest of the problems.
git-svn-id: file:///home/svn/framework3/trunk@7448 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-10 16:07:01 +00:00
Carlos Perez b91d198e09 Fix AXFR false positive bug
git-svn-id: file:///home/svn/framework3/trunk@7441 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-10 04:14:25 +00:00
Carlos Perez 2620ad3a3c Fix AXFR Bug, Added SRV checks for MS OCS Services, Option to Exit on Wildcard detection for ENUM_BRT and modified ENUM_TLD to properly test for IANA TLD list
git-svn-id: file:///home/svn/framework3/trunk@7439 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-10 03:08:16 +00:00
Joshua Drake 434ee654b4 minor tweaks
git-svn-id: file:///home/svn/framework3/trunk@7429 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-09 19:31:11 +00:00
Joshua Drake 55c32f8bb1 miscellanous cleanups and minimized
git-svn-id: file:///home/svn/framework3/trunk@7421 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-09 05:55:50 +00:00
James Lee d9b5d62a3e disable passivex for the rc1 until we can figure out why it doesn't work. see #291
git-svn-id: file:///home/svn/framework3/trunk@7419 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-09 04:32:22 +00:00
Joshua Drake 0e2c8f4894 StackAdjustment or Prepend, not both :)
git-svn-id: file:///home/svn/framework3/trunk@7418 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-09 04:31:02 +00:00
Joshua Drake b07d997787 initial commit, randomization to come
git-svn-id: file:///home/svn/framework3/trunk@7417 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-09 04:27:30 +00:00
HD Moore 06372f3c40 See #430. This adds the AllowWin32SEH option to the upper/mixed alphanumeric encoders, providing 100% alphanumeric payloads for Windows platforms
git-svn-id: file:///home/svn/framework3/trunk@7405 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-08 00:45:51 +00:00
HD Moore 10b1e4e703 Fixes #469. Check address[0]
git-svn-id: file:///home/svn/framework3/trunk@7403 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-08 00:16:00 +00:00
et 5a460d451c Ugly mixin
git-svn-id: file:///home/svn/framework3/trunk@7401 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-07 22:17:42 +00:00
et 7b832b9d3e Wmap checking for vulnerabilities and launching exploits
git-svn-id: file:///home/svn/framework3/trunk@7399 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-07 21:55:33 +00:00
Mario Ceballos 95694ddd97 updated module targets from Brett Gervasoni.
git-svn-id: file:///home/svn/framework3/trunk@7398 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-07 13:18:03 +00:00
HD Moore 2075377fc8 Fix to correct the IP TTL of all raw modules - these were defaulting to 0. Reported by Job Kibler
git-svn-id: file:///home/svn/framework3/trunk@7397 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-07 03:17:19 +00:00
HD Moore 1d5f1e5f69 Fixes #472. This module still needs alot of work, but this solves this particular bug. Caused by unsetting the variable
git-svn-id: file:///home/svn/framework3/trunk@7396 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-06 21:16:56 +00:00
Mario Ceballos c3dd1698fc added exploit module hp_power_manager_login.rb
git-svn-id: file:///home/svn/framework3/trunk@7371 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-06 01:31:17 +00:00
Mario Ceballos 0c12d36cad added patch from Steve Tornio.
git-svn-id: file:///home/svn/framework3/trunk@7365 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-05 12:09:58 +00:00
Mario Ceballos 3da8b7b7f6 added exploit module safenet_softremote_groupname.rb
git-svn-id: file:///home/svn/framework3/trunk@7358 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 23:10:50 +00:00
James Lee 70b2d06c86 speed up content creation, string concat sucks
git-svn-id: file:///home/svn/framework3/trunk@7356 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 19:06:01 +00:00
James Lee c675cfb1cf Fix 1.9.1 issues, make the vbs smaller (down to about 4MB from almost 10)
git-svn-id: file:///home/svn/framework3/trunk@7355 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 18:55:32 +00:00
James Lee 68564f9d5e modules should not handle exceptions like this. if you're just going to print a backtrace, let the dispatcher deal with it so we can get logs
git-svn-id: file:///home/svn/framework3/trunk@7353 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 17:04:01 +00:00
HD Moore 9e654c51f2 Revive
git-svn-id: file:///home/svn/framework3/trunk@7348 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 04:04:39 +00:00
HD Moore 4b53b1d378 Purge
git-svn-id: file:///home/svn/framework3/trunk@7347 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 04:04:17 +00:00
HD Moore 98d9d66905 Replaced with encoded shiny bits
git-svn-id: file:///home/svn/framework3/trunk@7346 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 03:56:12 +00:00
HD Moore 0a52c98e03 Purging this module due to lame AV sigs, re-adding in a sillier form
git-svn-id: file:///home/svn/framework3/trunk@7345 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 03:50:31 +00:00
HD Moore 84ebdfa7eb Move the mercantec check to the exploit code from autofilter
git-svn-id: file:///home/svn/framework3/trunk@7333 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-03 17:02:03 +00:00
Mario Ceballos aef3817db9 added patch from steve tornio.
git-svn-id: file:///home/svn/framework3/trunk@7331 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-03 12:02:54 +00:00
Mario Ceballos b62dc9705e remove some debugging.
git-svn-id: file:///home/svn/framework3/trunk@7329 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-02 21:21:50 +00:00