Commit Graph

140 Commits (0e82b47870a316210fef25e73355e733b588415b)

Author SHA1 Message Date
jvazquez-r7 5076198ba2 fixing bperry comments 2012-11-11 20:18:19 +01:00
jvazquez-r7 8619c5291b Added module for CVE-2012-5076 2012-11-11 17:05:51 +01:00
David Maloney c30ada5eac Adds temp vbs mod and tweaked decoder stub 2012-11-04 12:49:15 -06:00
jvazquez-r7 b4485fdb2b added chm templates 2012-10-10 19:21:47 +02:00
h0ng10 2b6aa6bbdb Added Exploit for deployfilerepository via JMX 2012-09-03 13:50:16 -04:00
jvazquez-r7 363c0913ae changed dir names according to CVE 2012-08-28 16:33:01 +02:00
jvazquez-r7 52ca1083c2 Added java_jre17_exec 2012-08-27 11:25:04 +02:00
sinn3r f715527423 Improve CVE-2012-1535 2012-08-21 19:58:21 -05:00
sinn3r 13df1480c8 Add exploit for CVE-2012-1535 2012-08-17 12:16:54 -05:00
HD Moore 430351fe79 Better handle of module cache when db_connect is run manually 2012-07-10 23:56:48 -05:00
LittleLightLittleFire e9ac90f7b0 added CVE-2012-1723 2012-07-10 12:20:37 +10:00
Tod Beardsley 414214eb9d Permissions. 2012-06-28 11:42:37 -05:00
jvazquez-r7 6ec990ed85 Merge branch 'Openfire-auth-bypass' of https://github.com/h0ng10/metasploit-framework into h0ng10-Openfire-auth-bypass 2012-06-27 23:09:26 +02:00
h0ng10 428ae21928 Changed readme.html file (was from the statistics plugin) 2012-06-26 12:03:52 -04:00
h0ng10 6cc8390da9 Module rewrite, included Java support, direct upload, plugin deletion 2012-06-26 11:56:44 -04:00
HD Moore 6a91626d94 Permissions 2012-06-25 00:36:39 -05:00
h0ng10 65197e79e2 added Exploit for CVE-2008-6508 (Openfire Auth bypass) 2012-06-24 07:35:38 -04:00
jvazquez-r7 b891e868f5 Added actionscript and swf needed 2012-06-23 08:36:35 +02:00
sinn3r d7d314862f Need the trigger to actually make it work, duh! 2012-06-22 23:16:12 -05:00
Tod Beardsley 572fb4cb0c Permissions fix 2012-06-21 15:39:17 -05:00
Steven Seeley fcf42d3e7b added adobe flashplayer array indexing exploit (CVE-2011-2110) 2012-06-20 12:52:37 +10:00
HD Moore 5922ec1f7a Permissions 2012-06-12 15:20:25 -05:00
sinn3r 4743c9fb33 Add MS12-005 (CVE-2012-0013) exploit 2012-06-10 01:08:28 -05:00
HD Moore e8af6882eb Permissions 2012-06-06 20:05:29 -05:00
jvazquez-r7 93741770e2 Added module for CVE-2011-3400 2012-06-05 18:21:55 +02:00
jvazquez-r7 287d68f304 added module for CVE-2008-0320 2012-05-23 17:14:11 +02:00
jvazquez-r7 14d8ba00af Added batik svg java module 2012-05-17 16:48:38 +02:00
James Lee 7a05f3eab4 Mark failed logins as inactive 2012-05-08 16:51:22 -06:00
James Lee 318b14af4c Fix improper reporting and stack traces when we missed a banner
Also makes sure we delete the session if we got a 221 response, even if
we haven't seen a login yet.
2012-05-08 16:40:56 -06:00
James Lee 1eec1cebb5 Fix improper reporting
:proto is always tcp, udp, etc., name is the higher layer name
2012-05-08 16:39:32 -06:00
James Lee 536fa39ae8 Keep the client and the server on tracked tcp sessions 2012-05-08 16:38:12 -06:00
Alexandre Maloteaux 452cead1e9 Merge psnuffle ntlmv2 support from Alex Malateaux
Testing this with smbclient requires setting "client ntlmv2 auth = yes"
in /etc/samba/smb.conf

Squashed commit of the following:

commit 7acc32f5f00914fed355a080ca237543448f80ca
Author: Alexandre Maloteaux <a.maloteaux@gmail.com>
Date:   Thu Apr 12 01:52:49 2012 +0100

    psnuffle : move protocol filtering in load function

commit 9c9ae9711c760b4f072271b7e5993f9bf8366671
Author: Alexandre Maloteaux <a.maloteaux@gmail.com>
Date:   Thu Apr 12 01:50:48 2012 +0100

    psnuffle : add hash exctratiopn from smbv2 session

[Closes #327]
2012-05-08 13:41:42 -06:00
HD Moore f6005ba06e Permission change, ignore 2012-04-23 13:42:18 -05:00
sinn3r 9a00823828 Merge branch '0a2940-CVE-2008-5499_adobe_flashplayer_aslaunch' 2012-04-19 18:08:22 -05:00
Tod Beardsley 18d83ee6c1 Permissions fix for modicon_ladder.apx 2012-04-12 14:26:27 -05:00
0a2940 654701f1b2 new file: data/exploits/CVE-2008-5499.swf
new file:   external/source/exploits/CVE-2008-5499/Exploit.as
	new file:   modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb
2012-04-10 20:58:22 +01:00
Tod Beardsley 14d9953634 Adding DigitalBond SCADA modules 2012-04-05 12:35:48 -05:00
Tod Beardsley ab269ac4ec Permissions fix for exploit jar file 2012-04-02 09:27:35 -05:00
James Lee 025d905c01 Compiled jar with -target 1.2 so it works on older JVMs 2012-03-30 17:05:20 -06:00
sinn3r e018c6604f Modify CVE-2012-0507 2012-03-30 02:06:56 -05:00
Tod Beardsley bec8d40a6c File permissions fix 2012-03-29 16:24:31 -05:00
sinn3r 791ebdb679 Add CVE-2012-0507 (Java) 2012-03-29 10:31:14 -05:00
HD Moore c8c73b076d Permisssions (ignore) 2012-03-08 16:16:13 -06:00
HD Moore 3e6cbe9486 Add source code to the player 2012-03-08 15:23:10 -06:00
HD Moore b0db18674c Test out new player code 2012-03-08 15:05:12 -06:00
sinn3r f2eab70c3f Add swf file for CVE-2012-0754 2012-03-07 19:23:11 -06:00
David Maloney d3fad51f3a Fix my screwup in winscp for servicename 2012-02-21 20:31:52 -06:00
juan e69037959f Added CVE-2010-0842 2012-02-15 23:32:31 +01:00
scriptjunkie 1e811aed02 Adds scriptjunkie's multilingual admin fie for pxexploit
Also removes duplicated code between external/source/exploits/pxesploit
and external/source/pxesploit.

[Closes #63]

Squashed commit of the following:

commit 325f52527233ded1bf6506c366ec8cb9efdc2610
Author: scriptjunkie <scriptjunkie@scriptjunkie.us>
Date:   Fri Dec 16 12:14:18 2011 -0600

    Jetzt auf Deutsch! y español! 中國人!
    [update pxexploit to resolve administrators' group name rather than assume the English 'Administrators']
    Also remove duplicate/old pxexploit source code from the tree.
2011-12-23 12:24:45 -06:00
David Maloney d939e33f1e Allows for Loot and Tasks to be imported from an MSF ZIP.
This should bring any loots and tasks along with
everything else when doing an improt from an MSF ZIP file.
2011-12-05 22:30:34 -05:00