Joshua Drake
5c271db9b5
add OSVDB reference from Steve Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@7695 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-04 15:52:20 +00:00
Joshua Drake
e8e98b9be6
add exploit module for cve-2000-0573
...
git-svn-id: file:///home/svn/framework3/trunk@7693 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-04 07:50:53 +00:00
Mario Ceballos
80422f24c4
added exploit module ca_arcserve_342.rb
...
git-svn-id: file:///home/svn/framework3/trunk@7690 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-04 02:55:00 +00:00
Mario Ceballos
93d02320cf
updated oracle mixin and adjusted affected modules. now compatible with ruby 1.8 and 1.9
...
git-svn-id: file:///home/svn/framework3/trunk@7688 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-03 23:57:02 +00:00
HD Moore
9ebcd40a4e
Updated references to work better with NeXpose integration
...
git-svn-id: file:///home/svn/framework3/trunk@7683 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-03 15:27:29 +00:00
James Lee
8e0eef03c6
see #594 . remove some extraneous junk, don't run the shell in a terminal (it dies immediately). space is the only badchar. still doesn't actually work without a modification to encoder/cmd/generic_sh.
...
git-svn-id: file:///home/svn/framework3/trunk@7680 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-03 09:09:56 +00:00
James Lee
8e5d2b98b0
prefer the echo encoder over the simpler and more error prone ifs encoder
...
git-svn-id: file:///home/svn/framework3/trunk@7679 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-03 08:39:22 +00:00
Joshua Drake
b8302e6f61
changed default target
...
git-svn-id: file:///home/svn/framework3/trunk@7675 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-03 00:04:33 +00:00
Joshua Drake
b9a97f310e
fixed typo in targets
...
git-svn-id: file:///home/svn/framework3/trunk@7674 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 23:50:09 +00:00
Joshua Drake
267ed23223
this exploits an ssh server, moving to ssh dir
...
git-svn-id: file:///home/svn/framework3/trunk@7673 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 22:31:13 +00:00
Joshua Drake
dcc05c7494
typo fix
...
git-svn-id: file:///home/svn/framework3/trunk@7672 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 21:06:36 +00:00
Mario Ceballos
10d636c894
applied patch provided by Erwin Paternotte
...
git-svn-id: file:///home/svn/framework3/trunk@7670 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 17:38:13 +00:00
Mario Ceballos
faa27f93b9
updated with the bid id
...
git-svn-id: file:///home/svn/framework3/trunk@7669 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 12:20:40 +00:00
Mario Ceballos
25106b555f
log to the appropiated place.
...
git-svn-id: file:///home/svn/framework3/trunk@7664 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-01 23:00:42 +00:00
Joshua Drake
b48e5d34e7
added svn keywords
...
git-svn-id: file:///home/svn/framework3/trunk@7660 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-01 20:36:55 +00:00
HD Moore
b0403cfde2
OSVDB references from Steve Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@7658 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-01 16:44:25 +00:00
Joshua Drake
38d04631e6
recorded some additional test results
...
git-svn-id: file:///home/svn/framework3/trunk@7657 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-01 16:42:58 +00:00
Joshua Drake
ec45ea8c22
minor cleanups, removed 0day text, Fixes #573
...
git-svn-id: file:///home/svn/framework3/trunk@7646 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-30 18:42:00 +00:00
HD Moore
16ae0112d1
Typo fix from antoine
...
git-svn-id: file:///home/svn/framework3/trunk@7645 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-30 14:17:17 +00:00
HD Moore
bcd7343803
Fixes #563 . Make fakedns act like a normal passive aux module
...
git-svn-id: file:///home/svn/framework3/trunk@7640 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-29 15:27:37 +00:00
et
75ca12439e
Added new testing options
...
git-svn-id: file:///home/svn/framework3/trunk@7638 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-29 04:00:26 +00:00
Mario Ceballos
09cb98678f
added exploit module intersystems_cache.rb
...
git-svn-id: file:///home/svn/framework3/trunk@7631 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-28 15:26:21 +00:00
et
6e975b57ee
Include Auxiliary Report
...
git-svn-id: file:///home/svn/framework3/trunk@7629 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 20:39:15 +00:00
Joshua Drake
f845a7db54
dissected most of the u3d data
...
git-svn-id: file:///home/svn/framework3/trunk@7628 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 07:26:08 +00:00
Joshua Drake
623f3b88ec
minor cleanups, fixed u3d_pad function
...
git-svn-id: file:///home/svn/framework3/trunk@7626 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 06:21:39 +00:00
Joshua Drake
8e8a52fe26
removed meta data, randomized mesh name
...
git-svn-id: file:///home/svn/framework3/trunk@7624 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 04:42:42 +00:00
HD Moore
7324108c14
Support non-default interfaces for idle scan host detection
...
git-svn-id: file:///home/svn/framework3/trunk@7623 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 04:14:16 +00:00
Joshua Drake
dd713f96de
broke up u3d data a bit, first pass
...
git-svn-id: file:///home/svn/framework3/trunk@7619 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 00:34:22 +00:00
Joshua Drake
f88dee904a
add exploit module for cve-2009-2994
...
git-svn-id: file:///home/svn/framework3/trunk@7617 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 22:24:10 +00:00
HD Moore
927563c135
Correct some assumptions about client-side exploit signature development, remove the prepend since we dont use .net anymore
...
git-svn-id: file:///home/svn/framework3/trunk@7616 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 21:18:26 +00:00
Joshua Drake
e3a1a7958e
cleaned up the descriptions
...
git-svn-id: file:///home/svn/framework3/trunk@7615 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 20:05:18 +00:00
Joshua Drake
a4dd52543c
removed .net dll bypass, recorded some crash addresses
...
git-svn-id: file:///home/svn/framework3/trunk@7614 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 19:39:15 +00:00
James Lee
5fb4ef2005
make OUTFILE actually do something other than stack dump. fixes #538
...
git-svn-id: file:///home/svn/framework3/trunk@7613 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 18:32:28 +00:00
James Lee
00eaff0550
stupid ruby string differences
...
git-svn-id: file:///home/svn/framework3/trunk@7611 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 17:16:45 +00:00
HD Moore
0c19f50718
Fix broken .NET method
...
git-svn-id: file:///home/svn/framework3/trunk@7610 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 17:11:38 +00:00
Joshua Drake
f733856974
add exploit module for cve-2009-3762
...
git-svn-id: file:///home/svn/framework3/trunk@7609 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 07:25:04 +00:00
et
5b81d85447
Replaced reporting to use notes
...
git-svn-id: file:///home/svn/framework3/trunk@7605 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 06:08:28 +00:00
James Lee
f516edacfb
only works on ie7
...
git-svn-id: file:///home/svn/framework3/trunk@7603 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 02:14:40 +00:00
James Lee
07543fd526
fix potential hang when server doesn't respond
...
git-svn-id: file:///home/svn/framework3/trunk@7602 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 02:01:27 +00:00
James Lee
825cbfca66
remove the deprecated Thread.critical. fixes #544
...
git-svn-id: file:///home/svn/framework3/trunk@7601 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 01:48:11 +00:00
James Lee
c45c15cd29
add autopwn info
...
git-svn-id: file:///home/svn/framework3/trunk@7599 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 23:50:08 +00:00
James Lee
d5e09a90e2
add minver and maxver options and prepare for universal module ranking
...
git-svn-id: file:///home/svn/framework3/trunk@7598 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 21:40:02 +00:00
Joshua Drake
3bca7d14c4
payload compatability: no findsock allowed
...
git-svn-id: file:///home/svn/framework3/trunk@7597 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 19:35:05 +00:00
Joshua Drake
6a2bc85729
oops, hasty commit -- removed comment
...
git-svn-id: file:///home/svn/framework3/trunk@7596 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 17:47:22 +00:00
Joshua Drake
6e7de5b6d3
changed module from exploit to auxiliary
...
git-svn-id: file:///home/svn/framework3/trunk@7595 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 17:45:21 +00:00
Patrick Webster
796e8cdfc3
Ported hdm's exchange2000_xexch50 module to version 3.
...
git-svn-id: file:///home/svn/framework3/trunk@7592 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 07:11:12 +00:00
James Lee
99319d2a55
don't unintentionally create a UNC path. see #558
...
git-svn-id: file:///home/svn/framework3/trunk@7591 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 06:23:03 +00:00
James Lee
4a912e7c0c
don't inadvertantly create a UNC path. see #558
...
git-svn-id: file:///home/svn/framework3/trunk@7590 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 06:02:21 +00:00
James Lee
7490e4c4a8
use an absolute uri to the evil gif. fixes #558 . we probably ought to have a method for doing this since it seems to be a fairly common problem.
...
git-svn-id: file:///home/svn/framework3/trunk@7589 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 05:44:21 +00:00
et
e354c8dbcc
Multiple headers handling bug fixes
...
git-svn-id: file:///home/svn/framework3/trunk@7588 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 05:27:11 +00:00
Mario Ceballos
0d44958233
not needed. getting things ready for ruby 1.9.1 compat.
...
git-svn-id: file:///home/svn/framework3/trunk@7586 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-23 23:53:01 +00:00
Patrick Webster
f2d998d514
Added check support.
...
git-svn-id: file:///home/svn/framework3/trunk@7585 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-23 07:37:54 +00:00
et
f70cf1e74f
Make EXT optional so other dictionaries with files containing extensions can be used
...
git-svn-id: file:///home/svn/framework3/trunk@7583 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-23 03:01:46 +00:00
Joshua Drake
fc9648f332
little fix submission for foxit auth bypass exploit
...
git-svn-id: file:///home/svn/framework3/trunk@7581 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-22 18:50:24 +00:00
Joshua Drake
3bcc51e155
added exloit module for cve-2009-2990
...
git-svn-id: file:///home/svn/framework3/trunk@7580 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-22 01:15:13 +00:00
Joshua Drake
008fbedf93
created multi-platform fileformat dir
...
git-svn-id: file:///home/svn/framework3/trunk@7579 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-22 01:14:52 +00:00
Joshua Drake
5dbd32cd98
added japanese target from TomokiSanaki
...
git-svn-id: file:///home/svn/framework3/trunk@7578 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-22 01:09:59 +00:00
Joshua Drake
b9939a836f
fixed PDF header (oops)
...
git-svn-id: file:///home/svn/framework3/trunk@7577 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-22 01:01:11 +00:00
Joshua Drake
b54a7aa1d3
confirmed SEH target works on Windows XP SP3
...
git-svn-id: file:///home/svn/framework3/trunk@7576 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-21 17:44:09 +00:00
Mario Ceballos
fcd7effcc6
baah.
...
git-svn-id: file:///home/svn/framework3/trunk@7575 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-21 00:35:27 +00:00
Mario Ceballos
02301c88e4
oops, read in the scv.
...
git-svn-id: file:///home/svn/framework3/trunk@7574 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-21 00:16:19 +00:00
Mario Ceballos
b19ecf9c74
ruby 1.9.1 compatible for the csv issue.
...
git-svn-id: file:///home/svn/framework3/trunk@7573 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-21 00:12:57 +00:00
Patrick Webster
52792c2de7
Added two Citrix Aux modules.
...
git-svn-id: file:///home/svn/framework3/trunk@7571 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-19 14:45:10 +00:00
Joshua Drake
e5796f5b3b
changed address to 0x0a0a0a0a
...
tested against various reader versions
removed pdf version randomization
git-svn-id: file:///home/svn/framework3/trunk@7570 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-19 05:56:03 +00:00
Joshua Drake
f767129e61
fixed some typos, thx mubix!
...
git-svn-id: file:///home/svn/framework3/trunk@7569 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-19 03:36:02 +00:00
Joshua Drake
106350ac97
Stop randomizing the module version, it breaks Acrobat 9
...
git-svn-id: file:///home/svn/framework3/trunk@7568 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-18 17:39:37 +00:00
Joshua Drake
5bbbafefa2
osvdb reference update from Steve Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@7565 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-18 04:16:10 +00:00
Joshua Drake
c2bcad1f4c
add exploit http version
...
git-svn-id: file:///home/svn/framework3/trunk@7563 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-18 02:29:37 +00:00
Joshua Drake
82706981de
dynamically get ip address length
...
git-svn-id: file:///home/svn/framework3/trunk@7561 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-18 00:49:20 +00:00
Joshua Drake
31e9d9929c
add exploit module for another 0day
...
git-svn-id: file:///home/svn/framework3/trunk@7560 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-17 23:54:26 +00:00
Joshua Drake
447e208abf
add httpdx handlepeer() exploit (cve-2009-3711)
...
git-svn-id: file:///home/svn/framework3/trunk@7557 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-17 22:29:20 +00:00
HD Moore
61e233df91
Keywords on all modules, plugins, and scripts
...
git-svn-id: file:///home/svn/framework3/trunk@7550 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-17 00:05:19 +00:00
James Lee
0150e7a4de
add a simple encoder for sh payloads that only replaces spaces. fixes #525
...
git-svn-id: file:///home/svn/framework3/trunk@7549 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-17 00:00:08 +00:00
HD Moore
dc0dc98771
Fixes #517 . Disables meterpreter stages for passivex stagers
...
git-svn-id: file:///home/svn/framework3/trunk@7546 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 22:45:33 +00:00
James Lee
777317d0ad
make sure everybody is using the same SRVHOST. fixes #511
...
git-svn-id: file:///home/svn/framework3/trunk@7545 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 22:06:32 +00:00
Stephen Fewer
6142f5d509
re-enable the passivex stager. we still need to force the meterpreter stage to be incompatible with this stager as their is a known issue between the two.
...
git-svn-id: file:///home/svn/framework3/trunk@7544 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 19:34:14 +00:00
James Lee
10e897b94f
make sure we got a response before trying to pull headers out of it. see #519
...
git-svn-id: file:///home/svn/framework3/trunk@7541 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 19:00:16 +00:00
James Lee
9f134512c2
give up if we can't get the password hash. see #519
...
git-svn-id: file:///home/svn/framework3/trunk@7539 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 18:51:51 +00:00
James Lee
dd323e2a7b
don't try to run methods on an object we just confirmed was nil
...
git-svn-id: file:///home/svn/framework3/trunk@7538 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 18:48:34 +00:00
James Lee
b4d04ab22d
fix 1.9 str[idx] error; see #519
...
git-svn-id: file:///home/svn/framework3/trunk@7534 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 18:28:34 +00:00
Joshua Drake
4edc6d942c
updated awingsoft web3d bof module from trancer
...
git-svn-id: file:///home/svn/framework3/trunk@7533 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 16:51:52 +00:00
James Lee
94729103b4
added osvdb ref and keywords
...
git-svn-id: file:///home/svn/framework3/trunk@7532 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 16:18:51 +00:00
HD Moore
bd28e044f0
Handle instances where the pipe does not exist gracefully
...
git-svn-id: file:///home/svn/framework3/trunk@7531 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 15:20:50 +00:00
James Lee
7fb9c4a791
add coverage for cve-2009-1151
...
git-svn-id: file:///home/svn/framework3/trunk@7528 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 08:42:32 +00:00
James Lee
53640065da
license
...
git-svn-id: file:///home/svn/framework3/trunk@7522 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-15 19:53:03 +00:00
Joshua Drake
04725e70cc
reference updates from Steve Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@7521 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-15 16:03:01 +00:00
Mario Ceballos
4c23734e72
added exploit module oracle_dc_submittoexpress.rb
...
git-svn-id: file:///home/svn/framework3/trunk@7520 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-15 01:01:21 +00:00
HD Moore
4549ca2eb3
Adds an OSVDB reference from Steve Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@7519 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 23:08:27 +00:00
Joshua Drake
7573994152
add exploit module for another winds3d 0day
...
git-svn-id: file:///home/svn/framework3/trunk@7518 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 22:26:08 +00:00
Joshua Drake
240a8444b0
Fixed some license problems
...
git-svn-id: file:///home/svn/framework3/trunk@7515 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 18:09:05 +00:00
Mario Ceballos
bbfc195735
added patch from Steve Tornio.
...
git-svn-id: file:///home/svn/framework3/trunk@7514 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 13:26:27 +00:00
Joshua Drake
8d382ef487
oops -- removed CVE/BID/OSVDB references
...
git-svn-id: file:///home/svn/framework3/trunk@7512 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:46:21 +00:00
Joshua Drake
74269325db
added CVE/BID/OSVDB references
...
git-svn-id: file:///home/svn/framework3/trunk@7511 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:42:02 +00:00
Joshua Drake
f86eca488a
minor fixup in email addr
...
git-svn-id: file:///home/svn/framework3/trunk@7510 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:39:00 +00:00
Joshua Drake
9381abf41a
swap L to V for packing
...
git-svn-id: file:///home/svn/framework3/trunk@7509 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:38:03 +00:00
Joshua Drake
70cf288b99
added trancer's exploit for cve-2009-2386
...
git-svn-id: file:///home/svn/framework3/trunk@7508 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:36:20 +00:00
Joshua Drake
e98036bc9c
oops, forgot to remove debugging cruft
...
git-svn-id: file:///home/svn/framework3/trunk@7507 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:33:42 +00:00
HD Moore
8b9238e33b
Cosmetic/reference cleanups.
...
git-svn-id: file:///home/svn/framework3/trunk@7506 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:31:00 +00:00
Joshua Drake
cc41639170
add exploit for cve-2009-2485
...
git-svn-id: file:///home/svn/framework3/trunk@7505 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 02:37:18 +00:00
James Lee
d90b932383
add a bit more entropy
...
git-svn-id: file:///home/svn/framework3/trunk@7504 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 02:09:32 +00:00
James Lee
38c0a3bd1b
302 is not the same as 200...
...
git-svn-id: file:///home/svn/framework3/trunk@7503 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 02:03:16 +00:00
James Lee
d2451547d6
add exploit module for osCommerce file upload
...
git-svn-id: file:///home/svn/framework3/trunk@7502 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 01:56:21 +00:00
James Lee
4c0ba49a65
fix syntax error
...
git-svn-id: file:///home/svn/framework3/trunk@7500 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 23:22:19 +00:00
Joshua Drake
cd11c784e0
added CVE references
...
git-svn-id: file:///home/svn/framework3/trunk@7499 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 22:54:10 +00:00
Mario Ceballos
8a2a16c921
fixes a syntax error. console yells when loaded.
...
git-svn-id: file:///home/svn/framework3/trunk@7496 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 22:37:45 +00:00
HD Moore
fbdccdc9e2
Adds a module for eDirectory cookie prediction - trivial bug found while working on others.
...
git-svn-id: file:///home/svn/framework3/trunk@7493 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 21:31:39 +00:00
Joshua Drake
da6fa072f2
add module for cve-2008-0492
...
git-svn-id: file:///home/svn/framework3/trunk@7490 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 18:09:50 +00:00
Joshua Drake
7758ebfda4
uniquified name
...
git-svn-id: file:///home/svn/framework3/trunk@7488 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 00:22:14 +00:00
Joshua Drake
61f2c0b195
uniqified name
...
git-svn-id: file:///home/svn/framework3/trunk@7487 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 00:21:54 +00:00
Joshua Drake
2e4f5734ea
fixed typo
...
git-svn-id: file:///home/svn/framework3/trunk@7486 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 00:21:09 +00:00
James Lee
41604957fa
fix no compatible payloads due to misplaced compat options
...
git-svn-id: file:///home/svn/framework3/trunk@7483 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-12 20:36:23 +00:00
HD Moore
0d8eaa9190
Fix up a typo in the ddwrt exploit
...
git-svn-id: file:///home/svn/framework3/trunk@7481 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-12 16:13:51 +00:00
HD Moore
d892264ad7
Adds a DoS proof of concept for MS09-065 (EOT)
...
git-svn-id: file:///home/svn/framework3/trunk@7470 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-11 23:48:53 +00:00
James Lee
68959ece65
use the new DisablePayloadHandler option to reduce the number of open ports required; lports per OS can be modified via advanced options
...
git-svn-id: file:///home/svn/framework3/trunk@7469 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-11 21:38:30 +00:00
HD Moore
a305bc82c2
Add a status message, fix syntax error in references
...
git-svn-id: file:///home/svn/framework3/trunk@7468 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-11 20:17:20 +00:00
HD Moore
3980a7f18e
Add a metasploit module implement laurent's latest bug
...
git-svn-id: file:///home/svn/framework3/trunk@7467 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-11 16:59:55 +00:00
Carlos Perez
10cf618c19
Fix AXFR error handling
...
git-svn-id: file:///home/svn/framework3/trunk@7466 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-11 14:14:55 +00:00
Joshua Drake
c9f6e32c70
optimization for extra stack data
...
git-svn-id: file:///home/svn/framework3/trunk@7463 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-11 01:01:53 +00:00
Joshua Drake
92408fbed4
added patch, finder, and pub exploit refs
...
git-svn-id: file:///home/svn/framework3/trunk@7457 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-10 23:52:07 +00:00
Joshua Drake
9edcda6862
updated badchars/encoder, increased bytes to end of stack, ppr had badchar in it
...
git-svn-id: file:///home/svn/framework3/trunk@7456 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-10 23:36:54 +00:00
Joshua Drake
e812a2317c
added exploit for cve-2009-0184
...
git-svn-id: file:///home/svn/framework3/trunk@7455 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-10 21:52:17 +00:00
HD Moore
6deb2fe58e
windows 2000 target via anonymous submission
...
git-svn-id: file:///home/svn/framework3/trunk@7454 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-10 20:03:57 +00:00
Stephen Fewer
159ca526b4
Fixed a null pointer dereference bug (occurring in stages loaded by the PassiveX stager) that was being caused when an invalid exit funk was being patched into the stage by the PassiveX stager. This happened because the PassiveX stager uses the old type exit funks while the stages use the new type. This fix ensures the PassiveX stager gets the expected old exit funk value while the chosen stage gets the new exit funk value. This patch does not fix Bug #291 (PassiveX broken). Also I have left the PassiveX stager disabled until we can resolve the rest of the problems.
...
git-svn-id: file:///home/svn/framework3/trunk@7448 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-10 16:07:01 +00:00
Carlos Perez
b91d198e09
Fix AXFR false positive bug
...
git-svn-id: file:///home/svn/framework3/trunk@7441 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-10 04:14:25 +00:00
Carlos Perez
2620ad3a3c
Fix AXFR Bug, Added SRV checks for MS OCS Services, Option to Exit on Wildcard detection for ENUM_BRT and modified ENUM_TLD to properly test for IANA TLD list
...
git-svn-id: file:///home/svn/framework3/trunk@7439 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-10 03:08:16 +00:00
Joshua Drake
434ee654b4
minor tweaks
...
git-svn-id: file:///home/svn/framework3/trunk@7429 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-09 19:31:11 +00:00
Joshua Drake
55c32f8bb1
miscellanous cleanups and minimized
...
git-svn-id: file:///home/svn/framework3/trunk@7421 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-09 05:55:50 +00:00
James Lee
d9b5d62a3e
disable passivex for the rc1 until we can figure out why it doesn't work. see #291
...
git-svn-id: file:///home/svn/framework3/trunk@7419 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-09 04:32:22 +00:00
Joshua Drake
0e2c8f4894
StackAdjustment or Prepend, not both :)
...
git-svn-id: file:///home/svn/framework3/trunk@7418 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-09 04:31:02 +00:00
Joshua Drake
b07d997787
initial commit, randomization to come
...
git-svn-id: file:///home/svn/framework3/trunk@7417 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-09 04:27:30 +00:00
HD Moore
06372f3c40
See #430 . This adds the AllowWin32SEH option to the upper/mixed alphanumeric encoders, providing 100% alphanumeric payloads for Windows platforms
...
git-svn-id: file:///home/svn/framework3/trunk@7405 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-08 00:45:51 +00:00
HD Moore
10b1e4e703
Fixes #469 . Check address[0]
...
git-svn-id: file:///home/svn/framework3/trunk@7403 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-08 00:16:00 +00:00
et
5a460d451c
Ugly mixin
...
git-svn-id: file:///home/svn/framework3/trunk@7401 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-07 22:17:42 +00:00
et
7b832b9d3e
Wmap checking for vulnerabilities and launching exploits
...
git-svn-id: file:///home/svn/framework3/trunk@7399 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-07 21:55:33 +00:00
Mario Ceballos
95694ddd97
updated module targets from Brett Gervasoni.
...
git-svn-id: file:///home/svn/framework3/trunk@7398 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-07 13:18:03 +00:00
HD Moore
2075377fc8
Fix to correct the IP TTL of all raw modules - these were defaulting to 0. Reported by Job Kibler
...
git-svn-id: file:///home/svn/framework3/trunk@7397 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-07 03:17:19 +00:00
HD Moore
1d5f1e5f69
Fixes #472 . This module still needs alot of work, but this solves this particular bug. Caused by unsetting the variable
...
git-svn-id: file:///home/svn/framework3/trunk@7396 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-06 21:16:56 +00:00
Mario Ceballos
c3dd1698fc
added exploit module hp_power_manager_login.rb
...
git-svn-id: file:///home/svn/framework3/trunk@7371 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-06 01:31:17 +00:00
Mario Ceballos
0c12d36cad
added patch from Steve Tornio.
...
git-svn-id: file:///home/svn/framework3/trunk@7365 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-05 12:09:58 +00:00
Mario Ceballos
3da8b7b7f6
added exploit module safenet_softremote_groupname.rb
...
git-svn-id: file:///home/svn/framework3/trunk@7358 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 23:10:50 +00:00
James Lee
70b2d06c86
speed up content creation, string concat sucks
...
git-svn-id: file:///home/svn/framework3/trunk@7356 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 19:06:01 +00:00
James Lee
c675cfb1cf
Fix 1.9.1 issues, make the vbs smaller (down to about 4MB from almost 10)
...
git-svn-id: file:///home/svn/framework3/trunk@7355 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 18:55:32 +00:00
James Lee
68564f9d5e
modules should not handle exceptions like this. if you're just going to print a backtrace, let the dispatcher deal with it so we can get logs
...
git-svn-id: file:///home/svn/framework3/trunk@7353 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 17:04:01 +00:00
HD Moore
9e654c51f2
Revive
...
git-svn-id: file:///home/svn/framework3/trunk@7348 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 04:04:39 +00:00
HD Moore
4b53b1d378
Purge
...
git-svn-id: file:///home/svn/framework3/trunk@7347 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 04:04:17 +00:00
HD Moore
98d9d66905
Replaced with encoded shiny bits
...
git-svn-id: file:///home/svn/framework3/trunk@7346 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 03:56:12 +00:00
HD Moore
0a52c98e03
Purging this module due to lame AV sigs, re-adding in a sillier form
...
git-svn-id: file:///home/svn/framework3/trunk@7345 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 03:50:31 +00:00
HD Moore
84ebdfa7eb
Move the mercantec check to the exploit code from autofilter
...
git-svn-id: file:///home/svn/framework3/trunk@7333 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-03 17:02:03 +00:00
Mario Ceballos
aef3817db9
added patch from steve tornio.
...
git-svn-id: file:///home/svn/framework3/trunk@7331 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-03 12:02:54 +00:00
Mario Ceballos
b62dc9705e
remove some debugging.
...
git-svn-id: file:///home/svn/framework3/trunk@7329 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-02 21:21:50 +00:00