HD Moore
|
0380c5e887
|
Add CVE-2014-6278 support, lands #3932
|
2014-10-01 18:25:41 -05:00 |
William Vu
|
c1b0acf460
|
Add CVE-2014-6278 support to the exploit module
Same thing.
|
2014-10-01 17:58:25 -05:00 |
|
William Vu
|
5df614d39b
|
Land #3928, release fixes
|
2014-10-01 17:21:08 -05:00 |
Spencer McIntyre
|
8cf718e891
|
Update pureftpd bash module rank and description
|
2014-10-01 17:19:31 -04:00 |
Tod Beardsley
|
4fbab43f27
|
Release fixes, all titles and descs
|
2014-10-01 14:26:09 -05:00 |
|
Spencer McIntyre
|
cf6029b2cf
|
Remove the less stable echo stager from the exploit
|
2014-10-01 15:15:07 -04:00 |
|
Spencer McIntyre
|
632edcbf89
|
Add CVE-2014-6271 exploit via Pure-FTPd ext-auth
|
2014-10-01 14:57:40 -04:00 |
|
William Vu
|
de65ab0519
|
Fix broken check in exploit module
See 71d6b37088.
|
2014-09-29 23:03:09 -05:00 |
|
William Vu
|
df44dfb01a
|
Add OSVDB and EDB references to Shellshock modules
|
2014-09-29 21:39:07 -05:00 |
sinn3r
|
8f3e03d4f2
|
Land #3903 - ManageEngine OpManager / Social IT Arbitrary File Upload
|
2014-09-29 17:53:43 -05:00 |
Pedro Ribeiro
|
533b807bdc
|
Add OSVDB id
|
2014-09-29 21:52:44 +01:00 |
|
sinn3r
|
ffe5aafb2f
|
Land #3905 - Update exploits/multi/http/apache_mod_cgi_bash_env_exec
|
2014-09-29 15:19:35 -05:00 |
|
sinn3r
|
9e5826c4eb
|
Land #3844 - Add the JSObfu mixin to Firefox exploits
|
2014-09-29 11:15:14 -05:00 |
|
Spencer McIntyre
|
fe12ed02de
|
Support a user defined header in the exploit too
|
2014-09-27 18:58:53 -04:00 |
|
Pedro Ribeiro
|
f20610a657
|
Added full disclosure URL
|
2014-09-27 21:34:57 +01:00 |
|
Pedro Ribeiro
|
030aaa4723
|
Add exploit for CVE-2014-6034
|
2014-09-27 19:33:49 +01:00 |
jvazquez-r7
|
0a3735fab4
|
Make it better
|
2014-09-26 16:01:10 -05:00 |
|
jvazquez-r7
|
3538b84693
|
Try to make a better check
|
2014-09-26 15:55:26 -05:00 |
|
jvazquez-r7
|
ad864cc94b
|
Delete unnecessary code
|
2014-09-25 16:18:01 -05:00 |
|
jvazquez-r7
|
9245bedf58
|
Make it more generic, add X86_64 target
|
2014-09-25 15:54:20 -05:00 |
|
jvazquez-r7
|
d8c03d612e
|
Avoid failures due to bad payload selection
|
2014-09-25 13:49:04 -05:00 |
|
jvazquez-r7
|
91e5dc38bd
|
Use datastore timeout
|
2014-09-25 13:36:05 -05:00 |
|
jvazquez-r7
|
8a43d635c3
|
Add exploit module for CVE-2014-6271
|
2014-09-25 13:26:57 -05:00 |
Joe Vennix
|
d9e6f2896f
|
Add the JSObfu mixin to a lot of places.
|
2014-09-21 23:45:59 -05:00 |
|
sinn3r
|
3e09283ce5
|
Land #3777 - Fix struts_code_exec_classloader on windows
|
2014-09-16 13:09:58 -05:00 |
|
sinn3r
|
158d4972d9
|
More references and pass msftidy
|
2014-09-16 12:54:27 -05:00 |
Vincent Herbulot
|
7a7b6cb443
|
Some refactoring
Use EDB instead of URL for Exploit-DB.
Remove peer variable as peer comes from HttpClient.
|
2014-09-16 17:49:45 +02:00 |
|
us3r777
|
4c615ecf94
|
Module for CVE-2014-5519, phpwiki/ploticus RCE
|
2014-09-16 00:09:41 +02:00 |
|
jvazquez-r7
|
373eb3dda0
|
Make struts_code_exec_classloader to work on windows
|
2014-09-10 18:00:16 -05:00 |
|
sinn3r
|
0a6ce1f305
|
Land #3727 - SolarWinds Storage Manager exploit AND Msf::Payload::JSP
|
2014-09-09 17:21:03 -05:00 |
|
sinn3r
|
027f543bdb
|
Land #3732 - Eventlog Analzyer exploit
|
2014-09-09 11:33:20 -05:00 |
|
sinn3r
|
75269fd0fa
|
Make sure we're not doing a 'negative' timeout
|
2014-09-09 11:26:49 -05:00 |
|
Tod Beardsley
|
4abee39ab2
|
Fixup for release
Ack, a missing disclosure date on the GDB exploit. I'm deferring to the
PR itself for this as the disclosure and URL reference.
|
2014-09-08 14:00:34 -05:00 |
|
William Vu
|
ae5a8f449c
|
Land #3691, gdbserver hax
|
2014-09-08 11:48:39 -05:00 |
|
sinn3r
|
85b48fd437
|
Land #3736 - Revert initial ff xpi prompt bypass for Firefox 22-27
|
2014-09-04 16:08:15 -05:00 |
|
Joe Vennix
|
0e18d69aab
|
Add extended mode to prevent service from dying.
|
2014-09-03 16:07:27 -05:00 |
|
Joe Vennix
|
4293500a5e
|
Implement running exe in multi.
|
2014-09-03 15:56:21 -05:00 |
|
Joe Vennix
|
268d42cf07
|
Add PrependFork to payload options.
|
2014-09-03 14:56:22 -05:00 |
|
Pedro Ribeiro
|
ded085f5cc
|
Add CVE ID
|
2014-09-03 07:22:10 +01:00 |
|
Pedro Ribeiro
|
c672fad9ef
|
Add OSVDB ID, remove comma from Author field
|
2014-09-02 23:17:10 +01:00 |
|
Joe Vennix
|
f7617183d9
|
Revert "Add initial firefox xpi prompt bypass."
This reverts commit ebcf972c08.
|
2014-09-02 12:27:41 -05:00 |
|
Pedro Ribeiro
|
d480a5e744
|
Credit h0ng10 properly
|
2014-09-01 07:58:26 +01:00 |
|
Pedro Ribeiro
|
59847eb15b
|
Remove newline at the top
|
2014-09-01 07:56:53 +01:00 |
|
Pedro Ribeiro
|
6a370a5f69
|
Add exploit for eventlog analyzer file upload
|
2014-09-01 07:56:01 +01:00 |
|
jvazquez-r7
|
c05edd4b63
|
Delete debug print_status
|
2014-08-31 01:34:47 -05:00 |
|
jvazquez-r7
|
559ec4adfe
|
Add module for ZDI-14-299
|
2014-08-31 01:11:46 -05:00 |
|
jvazquez-r7
|
58091b9e2b
|
Land #3708, @pedrib fix for manage_engine_dc_pmp_sqli
|
2014-08-28 10:47:03 -05:00 |
|
sinn3r
|
633eaab466
|
Land #3714 - Firefox 22-27 WebIDL Privileged Javascript Injection
|
2014-08-27 01:45:18 -05:00 |
|
Joe Vennix
|
26cfed6c6a
|
Rename exploit module.
|
2014-08-26 23:05:41 -05:00 |
|
Joe Vennix
|
96276aa6fa
|
Get the disclosure date right.
|
2014-08-26 20:36:58 -05:00 |