Commit Graph

1606 Commits (0ea8936c0d9452514c19cdc1bbace15dfad33c8e)

Author SHA1 Message Date
David Rude 36b83cde6f Added exploit for CVE-2010-3747 RealPlayer CDDA URI Code Execution
git-svn-id: file:///home/svn/framework3/trunk@12009 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-17 15:42:28 +00:00
David Rude 382e63e16e fixed a typo in javascript
git-svn-id: file:///home/svn/framework3/trunk@12007 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-17 04:40:36 +00:00
Wei Chen 5800608356 Not ready to be part of msf repo, killing it
git-svn-id: file:///home/svn/framework3/trunk@11993 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 20:42:56 +00:00
HD Moore f317d60e04 Fix a few cosmetic issues with the kingview module
git-svn-id: file:///home/svn/framework3/trunk@11991 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 18:04:15 +00:00
Wei Chen 26bee16b5c I should probably add myself as an author.
git-svn-id: file:///home/svn/framework3/trunk@11990 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 16:45:12 +00:00
Mario Ceballos dfd2df6b47 puts this in the appropiate place
git-svn-id: file:///home/svn/framework3/trunk@11987 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 10:22:07 +00:00
Steve Tornio 78d4822d27 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@11986 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 10:15:54 +00:00
David Rude eeb1aae9d0 Added Japanese NO NX Target
git-svn-id: file:///home/svn/framework3/trunk@11985 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 07:58:50 +00:00
Joshua Drake 4a1e59be8d oops =D
git-svn-id: file:///home/svn/framework3/trunk@11983 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 05:01:29 +00:00
Joshua Drake 4644110962 add exploit for cve-2010-4452, currently windows only and no payloads :(
git-svn-id: file:///home/svn/framework3/trunk@11982 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 04:50:25 +00:00
Wei Chen 7308a032f9 Added kingview historysvr exploit. by rick2600 & Dillon.
git-svn-id: file:///home/svn/framework3/trunk@11980 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 02:46:20 +00:00
Wei Chen e1ff12292f wrong directory
git-svn-id: file:///home/svn/framework3/trunk@11978 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 02:44:50 +00:00
Wei Chen 36c05de02e Added kingview historysvr exploit. By rick2600 and Dillon.
git-svn-id: file:///home/svn/framework3/trunk@11977 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 02:39:45 +00:00
Mario Ceballos 6d3d0adf93 added exploit module coldfusion_traversal.rb from webDEViL
git-svn-id: file:///home/svn/framework3/trunk@11974 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 01:38:16 +00:00
Steve Tornio abcce881b2 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@11969 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-15 21:56:11 +00:00
Mario Ceballos 8189a1f7a9 added exploit module hp_openview_insight_backdoor.rb
git-svn-id: file:///home/svn/framework3/trunk@11968 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-15 21:22:07 +00:00
Steve Tornio 45e29834be add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@11955 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-14 12:01:55 +00:00
David Rude 76ee9353aa changed exploit ranking to better reflect the privileges required
git-svn-id: file:///home/svn/framework3/trunk@11954 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-14 10:54:13 +00:00
David Rude a63534107b minor style fix
git-svn-id: file:///home/svn/framework3/trunk@11953 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-14 05:57:51 +00:00
David Rude 994e6eb450 Exploit for Foxit PDF Reader createDataObject() file write vulnerability
git-svn-id: file:///home/svn/framework3/trunk@11952 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-14 05:36:33 +00:00
Wei Chen ed6f8b5a78 Updated: Made a slight adjustment to the code format
git-svn-id: file:///home/svn/framework3/trunk@11945 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-13 07:27:19 +00:00
Wei Chen 74aab1efe4 Added mr_me's kolibri web server head buffer overflow
git-svn-id: file:///home/svn/framework3/trunk@11944 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-13 07:18:36 +00:00
amaloteaux dce7dd13fe type fix on psexec
git-svn-id: file:///home/svn/framework3/trunk@11926 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-10 18:46:58 +00:00
Jonathan Cran 79da0ead08 applying description update from zeknox -- thanks!
git-svn-id: file:///home/svn/framework3/trunk@11923 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-10 05:36:17 +00:00
Tod Beardsley 42531e097f Fixes #3916. Adds a module for mysql delivery of a payload via a UDF, using Bernardo's quite excellent UDF libraries.
git-svn-id: file:///home/svn/framework3/trunk@11899 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-08 22:42:26 +00:00
amaloteaux 5f6995e8d3 enable ntlmv2 and signing for smb client stack (pth implementation is coming), fixes #11678 and #152
git-svn-id: file:///home/svn/framework3/trunk@11893 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-07 19:57:53 +00:00
David Rude 695963dde7 Fixed references
git-svn-id: file:///home/svn/framework3/trunk@11888 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-07 02:28:15 +00:00
David Rude b51c9f8397 oops forgot a , =)
git-svn-id: file:///home/svn/framework3/trunk@11887 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-06 20:42:37 +00:00
David Rude 6dc0596870 Added Novell iPrint GetDriverSettings <= 5.52 exploit from mr_me thanks
git-svn-id: file:///home/svn/framework3/trunk@11886 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-06 20:27:06 +00:00
David Rude cdba0d532c Adds a ret for Windows Server 2003 thanks to securityxxpert
git-svn-id: file:///home/svn/framework3/trunk@11882 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-05 21:00:57 +00:00
Joshua Drake dee18a8995 add office 2007 msxml5 targets from SAHA! THX
git-svn-id: file:///home/svn/framework3/trunk@11875 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-04 08:39:48 +00:00
Mario Ceballos aa859e2f68 force ordinal payload
git-svn-id: file:///home/svn/framework3/trunk@11799 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-23 00:58:54 +00:00
Joshua Drake 8ef05017b8 style compliance fixes, naughty naughty
git-svn-id: file:///home/svn/framework3/trunk@11796 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-22 20:49:44 +00:00
Matt Weeks c322534907 Add exploit for CVE-2010-3765, firefox interleaved document.write and appendChild calls.
git-svn-id: file:///home/svn/framework3/trunk@11773 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-18 02:23:10 +00:00
Joshua Drake 160c683f18 Add WbemExec mixin, modify MS10-061 to use MOF technique
git-svn-id: file:///home/svn/framework3/trunk@11766 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-17 19:22:11 +00:00
Joshua Drake 41f0c2eaa5 typo
git-svn-id: file:///home/svn/framework3/trunk@11762 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-17 03:56:15 +00:00
Joshua Drake 8c8b181ffb Update ms11_xxx modules to reflect bulletin release, minor style fixes
git-svn-id: file:///home/svn/framework3/trunk@11730 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-08 23:31:44 +00:00
Joshua Drake dafeecdc96 Small fix from Dan Rosenberg
git-svn-id: file:///home/svn/framework3/trunk@11725 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-08 18:22:36 +00:00
Joshua Drake 7d72db3e8e More updates from Dan Rosenburg -- Works with DEP now!
git-svn-id: file:///home/svn/framework3/trunk@11724 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-08 17:50:05 +00:00
Joshua Drake e06d4d52fe convert VLC module to FileFormat, adjust spray
git-svn-id: file:///home/svn/framework3/trunk@11705 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-03 18:16:40 +00:00
Joshua Drake acf9b2088d remove half-browser half-fileformat /misc/ version, but preserve differences in comments in fileformat version
git-svn-id: file:///home/svn/framework3/trunk@11701 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-02 21:47:02 +00:00
Joshua Drake 3ac076c20a add exploit for VLC media player WebM processing from Dan Rosenburg
git-svn-id: file:///home/svn/framework3/trunk@11692 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-01 18:54:24 +00:00
Joshua Drake a62f1922b3 fix typos, lol?
git-svn-id: file:///home/svn/framework3/trunk@11662 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-28 23:56:35 +00:00
Joshua Drake 9682091cca Add SQLI version of MSSQL Payload from Rodrigo Marcos!
git-svn-id: file:///home/svn/framework3/trunk@11655 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-27 16:48:07 +00:00
Joshua Drake 81ff9483bf add ms09-004 exploit via sql injection from Rodrigo Marcos
git-svn-id: file:///home/svn/framework3/trunk@11631 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-24 19:37:58 +00:00
James Lee d7cda0f85a accept a client argument for get_uri()
git-svn-id: file:///home/svn/framework3/trunk@11623 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-22 00:16:57 +00:00
Joshua Drake ae33e3ac71 Fixes #3571, normalize 2k3r2 and fix language defaulting
git-svn-id: file:///home/svn/framework3/trunk@11614 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-21 04:09:48 +00:00
James Lee f3bda46333 doesn't work on IE8, fixes #3566, thanks Hauke Mehrtens for the patch
git-svn-id: file:///home/svn/framework3/trunk@11610 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-20 19:30:59 +00:00
Joshua Drake b6b9b83dd7 add CVE reference
git-svn-id: file:///home/svn/framework3/trunk@11579 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-14 16:25:37 +00:00
Joshua Drake ffbea6199f Do not wait for the DCERPC call to timeout
git-svn-id: file:///home/svn/framework3/trunk@11545 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-11 17:56:27 +00:00
Joshua Drake 739604ea12 Fixes #3469, silly typo
git-svn-id: file:///home/svn/framework3/trunk@11520 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-08 05:58:55 +00:00
Joshua Drake d994f595fe remove unused vars
git-svn-id: file:///home/svn/framework3/trunk@11517 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-08 01:59:10 +00:00
Joshua Drake 287f4c87fe style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@11516 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-08 01:13:26 +00:00
Joshua Drake 19e8a6a5b1 switch AutoRunScript for InitialAutoRunScript, oops
git-svn-id: file:///home/svn/framework3/trunk@11513 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-08 00:25:44 +00:00
Joshua Drake 452ab6f301 updated description
git-svn-id: file:///home/svn/framework3/trunk@11506 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-07 17:51:34 +00:00
Joshua Drake f7e70e8d42 add an automatic target and now includes Office XP SP3
git-svn-id: file:///home/svn/framework3/trunk@11505 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-07 17:48:29 +00:00
Jonathan Cran a206ed8418 clarifying wmi tools are not installed by default
git-svn-id: file:///home/svn/framework3/trunk@11481 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-06 05:27:37 +00:00
Joshua Drake bc7a8e3b47 fix silly merge conflict data in HTML
git-svn-id: file:///home/svn/framework3/trunk@11479 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-05 22:52:54 +00:00
Joshua Drake f0202c3350 add MSFT advisory references
git-svn-id: file:///home/svn/framework3/trunk@11473 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-04 23:00:45 +00:00
James Lee 1735dc8cb2 add bid reference, thanks jjarmoc
git-svn-id: file:///home/svn/framework3/trunk@11472 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-04 22:08:33 +00:00
Joshua Drake 152eb80710 fix debug target, adjust File reference
git-svn-id: file:///home/svn/framework3/trunk@11469 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-04 16:55:58 +00:00
Steve Tornio 4a1f45c633 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@11467 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-04 16:15:43 +00:00
Joshua Drake 4fc19971ae add exploit for cve-2010-3970
git-svn-id: file:///home/svn/framework3/trunk@11466 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-04 15:30:29 +00:00
Joshua Drake a59dcc512b switch target to p/p/r that works on multiple versions
git-svn-id: file:///home/svn/framework3/trunk@11459 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-02 09:56:43 +00:00
Joshua Drake 540bd3692c add fileformat exploit for cve-2010-3333
git-svn-id: file:///home/svn/framework3/trunk@11450 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-29 20:30:50 +00:00
Joshua Drake 08df4dac3b randomize import styles, patch from jjarmoc
git-svn-id: file:///home/svn/framework3/trunk@11443 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-29 16:49:20 +00:00
Joshua Drake b3bfb5834e change credit to passerby
git-svn-id: file:///home/svn/framework3/trunk@11427 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-28 17:10:19 +00:00
HD Moore a8cb5ee259 Updated return address from Tyler Reguly
git-svn-id: file:///home/svn/framework3/trunk@11407 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-25 06:01:12 +00:00
Joshua Drake 5f5d2992ce add reference to 0x557 slides (for .NET 2.0 rop)
git-svn-id: file:///home/svn/framework3/trunk@11405 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-23 01:36:54 +00:00
Joshua Drake cdfe03ce43 add MSFT advisory and CVE
git-svn-id: file:///home/svn/framework3/trunk@11404 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-23 01:30:43 +00:00
Steve Tornio 09b00739fb add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@11402 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-22 22:21:56 +00:00
Joshua Drake 4ddd78c4de add a couple targets
git-svn-id: file:///home/svn/framework3/trunk@11399 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-22 19:14:29 +00:00
Joshua Drake 0f24d1955c minor corrections, use .NET 2.0 ROP :)
git-svn-id: file:///home/svn/framework3/trunk@11398 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-22 18:26:18 +00:00
Joshua Drake 44c8a71dcf minor clean ups
git-svn-id: file:///home/svn/framework3/trunk@11397 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-22 18:23:16 +00:00
Mario Ceballos 1407d7f1d5 revert back. little more reliable.
git-svn-id: file:///home/svn/framework3/trunk@11396 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-22 17:40:13 +00:00
Mario Ceballos d89c60f2de add exploit module wmi_admintools.rb
git-svn-id: file:///home/svn/framework3/trunk@11395 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-22 14:35:36 +00:00
Joshua Drake 5fb2bfc969 fix super busted mssql_payload some more
git-svn-id: file:///home/svn/framework3/trunk@11392 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-21 20:36:34 +00:00
Joshua Drake 7db17e323e fix super busted mssql_payload, oops
git-svn-id: file:///home/svn/framework3/trunk@11391 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-21 20:20:20 +00:00
Joshua Drake c4c0cabccb switch to .NET 2.0 ROP, Merry Xmas!
git-svn-id: file:///home/svn/framework3/trunk@11390 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-21 19:24:19 +00:00
Joshua Drake 5d2f26b41b add exploit for unpatched IE css import bug
git-svn-id: file:///home/svn/framework3/trunk@11383 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-20 16:34:07 +00:00
Joshua Drake b8b0e1af97 fix typo
git-svn-id: file:///home/svn/framework3/trunk@11380 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-20 09:11:45 +00:00
James Lee f1c13e24a6 remove erroneous OUTPUTPATH overriding the sane one from the fileformat mixin
git-svn-id: file:///home/svn/framework3/trunk@11353 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-16 20:11:01 +00:00
Joshua Drake 6a5ebf2d91 fix nil access
git-svn-id: file:///home/svn/framework3/trunk@11344 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-15 19:49:40 +00:00
James Lee f15e6e5e62 update autopwn, replace ms10-018 behaviors with ms10-090 css clip.
git-svn-id: file:///home/svn/framework3/trunk@11333 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-14 18:53:22 +00:00
Joshua Drake af56bebfa1 note ms10-090 bulletin
git-svn-id: file:///home/svn/framework3/trunk@11331 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-14 18:41:20 +00:00
Joshua Drake 6a4e52f667 Account for SEH offset depending on the path
git-svn-id: file:///home/svn/framework3/trunk@11282 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-10 23:35:58 +00:00
Tod Beardsley 0204cedca6 Makes the print_status displays more consistent between smb_login and psexec by moving some of the domain display functions up into exploit/smb proper.
git-svn-id: file:///home/svn/framework3/trunk@11204 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-02 17:29:26 +00:00
James Lee 3fdfb3e945 syntax errors
git-svn-id: file:///home/svn/framework3/trunk@11195 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-01 19:26:57 +00:00
Joshua Drake 9156509c58 clarify authors list
git-svn-id: file:///home/svn/framework3/trunk@11192 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-01 16:23:04 +00:00
Steve Tornio e6f640bc17 add cve and osvdb refs
git-svn-id: file:///home/svn/framework3/trunk@11189 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-01 03:18:05 +00:00
Mario Ceballos 14ea7a85bb svn keywords
git-svn-id: file:///home/svn/framework3/trunk@11188 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-01 02:03:25 +00:00
Mario Ceballos 5ed387aa38 added exploit module enjoysapgui_comp_download.rb
git-svn-id: file:///home/svn/framework3/trunk@11187 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-01 02:01:46 +00:00
Steve Tornio 40ace0a218 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@11183 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-30 23:07:00 +00:00
Joshua Drake c6cf03021d add xion audio player exploit from m_101
git-svn-id: file:///home/svn/framework3/trunk@11182 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-30 22:03:55 +00:00
Joshua Drake 26a9fe6fc7 add some missing CVE references
git-svn-id: file:///home/svn/framework3/trunk@11180 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-30 20:19:18 +00:00
Joshua Drake 8f55c83ed0 clean up some oracle titles
git-svn-id: file:///home/svn/framework3/trunk@11128 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 19:43:49 +00:00
Joshua Drake e9faf75503 fix some more titles with periods
git-svn-id: file:///home/svn/framework3/trunk@11127 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 19:35:38 +00:00
Mario Ceballos 8c46a6be51 renamed.
git-svn-id: file:///home/svn/framework3/trunk@11125 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 13:44:46 +00:00
Joshua Drake 0d5c85b67a Improve Oracle module Name fields
git-svn-id: file:///home/svn/framework3/trunk@11122 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 06:10:13 +00:00
James Lee 52389d28f4 make windows the default target
git-svn-id: file:///home/svn/framework3/trunk@11102 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 20:54:25 +00:00
James Lee 7a3770f87b don't use java_basicservice_impl in browser autopwn because it doesn't work in an iframe against IE and causes popups in other browsers
git-svn-id: file:///home/svn/framework3/trunk@11101 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 20:44:16 +00:00
James Lee 669ef3b86e clarify targets
git-svn-id: file:///home/svn/framework3/trunk@11099 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 17:53:49 +00:00
Joshua Drake 75873aedb4 add exploit for foxit reader title stack bof
git-svn-id: file:///home/svn/framework3/trunk@11096 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 17:43:42 +00:00
James Lee d608db778c we're not sending an applet, just a jar, clarify the output
git-svn-id: file:///home/svn/framework3/trunk@11084 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-21 19:58:04 +00:00
James Lee 6f7af42667 add an exploit for cve-2010-3563, thanks Matthias Kaiser
git-svn-id: file:///home/svn/framework3/trunk@11078 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 23:02:35 +00:00
Joshua Drake 3b6edefe44 fix up auto targeting to not assign to "target"
git-svn-id: file:///home/svn/framework3/trunk@11072 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 18:33:34 +00:00
Steve Tornio 8f3b64e15c add cve and osvdb refs
git-svn-id: file:///home/svn/framework3/trunk@11068 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 14:17:35 +00:00
Mario Ceballos df9a0cfea8 added exploit module realwin_10.rb
git-svn-id: file:///home/svn/framework3/trunk@11067 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-18 23:45:40 +00:00
Mario Ceballos 1729f8f075 removed extra stuff.
git-svn-id: file:///home/svn/framework3/trunk@11063 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-18 12:31:55 +00:00
Joshua Drake 32c26f18f3 style compliance fixes, set test exploits to manual rank, fix s/ranking/rank/ in some exploits
git-svn-id: file:///home/svn/framework3/trunk@11039 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-14 19:03:24 +00:00
HD Moore a12d9f8dbf This patch adds detailed thread tracking across the metasploit framework, along with a new console command (threads) to manage these. This level of tracking is required to accurately monitor background tasks, assist with debugging, and kill orphaned threads.
git-svn-id: file:///home/svn/framework3/trunk@11003 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-12 06:19:49 +00:00
James Lee 326dc42bca add EncodedPayload#encoded_exe, encoded_jar, and encoded_war. simplifies exploits that need java and native payloads. see #406 and #3009
git-svn-id: file:///home/svn/framework3/trunk@10999 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 23:01:35 +00:00
Joshua Drake 3992eb7ef8 Mass RE-update: fix all framework URL references
git-svn-id: file:///home/svn/framework3/trunk@10998 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:43:22 +00:00
Joshua Drake 9fc6f2f3a3 Mass update: fix all framework URL references
git-svn-id: file:///home/svn/framework3/trunk@10996 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:25:13 +00:00
Steve Tornio 2f118dfc50 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@10990 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 20:09:15 +00:00
Joshua Drake a758dfe37d style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@10988 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 18:20:52 +00:00
Mario Ceballos 8042bf202f added exploit module bacnet_csv.rb
git-svn-id: file:///home/svn/framework3/trunk@10985 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 16:35:01 +00:00
Joshua Drake eab0a40caa switch up IE6 target to work on older version
git-svn-id: file:///home/svn/framework3/trunk@10978 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 02:54:56 +00:00
Tod Beardsley 996cc49408 Be more accomodating for SMB domains when bruteforcing SMB hosts.
git-svn-id: file:///home/svn/framework3/trunk@10977 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 02:07:31 +00:00
Joshua Drake 61e5d00722 switch title, comment out IE8 target for now
git-svn-id: file:///home/svn/framework3/trunk@10963 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-09 23:12:48 +00:00
Patrick Webster 5073e28854 Added citect_scada_odbc exploit module.
git-svn-id: file:///home/svn/framework3/trunk@10956 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-09 05:07:18 +00:00
Steve Tornio be7d349d60 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@10940 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-07 14:58:55 +00:00
Mario Ceballos f7717e5f51 added exploit module moxa_mdmtool.rb
git-svn-id: file:///home/svn/framework3/trunk@10935 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-06 22:25:36 +00:00
Steve Tornio 338d6e3693 add osvdb refs
git-svn-id: file:///home/svn/framework3/trunk@10914 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-05 02:58:01 +00:00
Joshua Drake b0f64ebba1 add a debug target
git-svn-id: file:///home/svn/framework3/trunk@10912 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-05 00:08:55 +00:00
Joshua Drake 76123e79c1 style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@10909 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-04 23:59:56 +00:00
Joshua Drake b7f2d57709 style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@10908 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-04 23:50:35 +00:00
Joshua Drake 979ddcd8e5 add exploit for cve-2010-3962
git-svn-id: file:///home/svn/framework3/trunk@10907 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-04 23:44:23 +00:00
Mario Ceballos f517b88d9c added exploit modules lgserver_multi.rb and moxa_mediadbplayback.rb
git-svn-id: file:///home/svn/framework3/trunk@10904 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-04 22:19:26 +00:00
Patrick Webster fc708df5c6 Added exploit module pgp_keyserver7.
git-svn-id: file:///home/svn/framework3/trunk@10897 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-04 15:44:21 +00:00
Joshua Drake dee671318e style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@10895 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-04 02:54:16 +00:00
Mario Ceballos 99eadeff89 added exploit module lgserver_rxssetdatagrowthscheduleandfilter.rb
git-svn-id: file:///home/svn/framework3/trunk@10893 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-04 01:51:54 +00:00
Mario Ceballos e276697af9 heh, put not puts.
git-svn-id: file:///home/svn/framework3/trunk@10892 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-03 22:09:44 +00:00
Patrick Webster b97cbff5af Added webster_http exploit module.
git-svn-id: file:///home/svn/framework3/trunk@10887 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-03 12:19:19 +00:00
Steve Tornio d79bbd8440 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@10886 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-03 11:17:25 +00:00
Mario Ceballos 45fd14417c removed. worked fine under IIS 6.0
git-svn-id: file:///home/svn/framework3/trunk@10874 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-02 23:51:17 +00:00
Mario Ceballos b12d03b7c4 add exploit module coldfusion_fckeditor.rb
git-svn-id: file:///home/svn/framework3/trunk@10865 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-02 20:13:36 +00:00
Joshua Drake b572414eac add exploit for cve-2010-3654
git-svn-id: file:///home/svn/framework3/trunk@10857 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-01 22:34:13 +00:00
Steve Tornio 9f5fca12f7 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@10828 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-26 15:28:04 +00:00
Joshua Drake f909b360ba note tested on 6u11
git-svn-id: file:///home/svn/framework3/trunk@10820 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-25 20:22:08 +00:00
Joshua Drake 3fffd15549 add exploit for cve-2010-3552 (w/dep bypass)
git-svn-id: file:///home/svn/framework3/trunk@10819 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-25 20:21:41 +00:00
Steve Tornio 0251c446f1 add cve, osvdb refs
git-svn-id: file:///home/svn/framework3/trunk@10784 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-22 12:21:30 +00:00
Joshua Drake 6bd75bb2d5 add shockwave exploit from abysssec/rel1k
git-svn-id: file:///home/svn/framework3/trunk@10779 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-22 03:15:22 +00:00
Steve Tornio 27d2761ec0 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@10775 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-21 11:41:18 +00:00
Mario Ceballos d384863a83 exploit module fatplayer_wav.rb from dookie.
git-svn-id: file:///home/svn/framework3/trunk@10764 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-20 11:53:12 +00:00
Joshua Drake 04858c69fc style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@10758 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-19 22:54:19 +00:00
Joshua Drake 20e2742596 fix indent
git-svn-id: file:///home/svn/framework3/trunk@10750 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-19 15:52:33 +00:00
Mario Ceballos 0411111dfd couple of modules from Luigi Auriemma's DATAC RealWin advisory
git-svn-id: file:///home/svn/framework3/trunk@10734 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-18 21:20:02 +00:00
Joshua Drake 8a17803279 add exploit for ZDI-10-190
git-svn-id: file:///home/svn/framework3/trunk@10726 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-18 07:05:22 +00:00
Joshua Drake f3f7b1dc83 fix typo
git-svn-id: file:///home/svn/framework3/trunk@10725 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-18 07:04:57 +00:00
HD Moore f88033f0cc Merge in R3L1K's Powershell enhancements and powerdump code (hashdump through powershell)
git-svn-id: file:///home/svn/framework3/trunk@10721 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-17 17:39:43 +00:00
Steve Tornio 62622d51c2 add osvdb refs
git-svn-id: file:///home/svn/framework3/trunk@10703 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-16 12:17:51 +00:00
Joshua Drake 4ca2007d67 add ranking
git-svn-id: file:///home/svn/framework3/trunk@10665 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-13 03:03:24 +00:00
Joshua Drake b11fbb67eb oops, messed up whitespace
git-svn-id: file:///home/svn/framework3/trunk@10661 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-12 18:40:13 +00:00
Joshua Drake e0e4aebcc1 fix a few stack bof vulnerability descriptions
git-svn-id: file:///home/svn/framework3/trunk@10660 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-12 18:39:21 +00:00
Joshua Drake ad4064ed20 add ftp client fuzzer and exploits from corelanc0d3r!
git-svn-id: file:///home/svn/framework3/trunk@10658 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-12 17:31:18 +00:00
Joshua Drake ae04e34cf7 fix some non-full-namespace includes
git-svn-id: file:///home/svn/framework3/trunk@10617 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-09 06:55:52 +00:00
Steve Tornio ba2f6f5efa add osvdb ref, add advisory link
git-svn-id: file:///home/svn/framework3/trunk@10613 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 22:59:19 +00:00
Joshua Drake c6d2f8b550 huh?
git-svn-id: file:///home/svn/framework3/trunk@10612 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 22:39:58 +00:00
Joshua Drake 996dfe86db fix egghunter reference
git-svn-id: file:///home/svn/framework3/trunk@10611 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 21:58:06 +00:00
Joshua Drake dd380c0716 add nuance pdf stack bof exploit from corelan
git-svn-id: file:///home/svn/framework3/trunk@10610 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 21:52:43 +00:00
Joshua Drake ede859f60e use Msf::WindowsError, see #2214
git-svn-id: file:///home/svn/framework3/trunk@10607 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 19:51:50 +00:00
Joshua Drake 425757a6e7 move more platform designations from target to exploit info block
git-svn-id: file:///home/svn/framework3/trunk@10559 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-05 23:41:17 +00:00
Joshua Drake de159e3fe7 rename with msXX_XXX name, fix platform
git-svn-id: file:///home/svn/framework3/trunk@10558 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-05 23:39:14 +00:00
Joshua Drake b36e383581 clean up exceptions a bit further
git-svn-id: file:///home/svn/framework3/trunk@10557 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-05 23:23:17 +00:00
Joshua Drake 74db9d7fe4 demote to manual ranking due to domain requirement
git-svn-id: file:///home/svn/framework3/trunk@10554 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-05 19:29:10 +00:00
Joshua Drake d2c5d62606 do not wait for WfsDelay if unable to enum printers
git-svn-id: file:///home/svn/framework3/trunk@10553 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-05 19:03:52 +00:00
Steve Tornio 3276451e3d add osvdb refs
git-svn-id: file:///home/svn/framework3/trunk@10551 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-05 12:38:46 +00:00
Mario Ceballos dc7a9cb321 use the right bid id.
git-svn-id: file:///home/svn/framework3/trunk@10550 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-05 01:05:49 +00:00
Joshua Drake 739bff4fb2 remove SRVPORT option, since it is set to the default
git-svn-id: file:///home/svn/framework3/trunk@10548 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-04 23:52:30 +00:00
Mario Ceballos f921aca916 brightstor blah blah blah
git-svn-id: file:///home/svn/framework3/trunk@10547 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-04 22:00:22 +00:00
Joshua Drake dd2d7d3864 fix fingerprint bug
git-svn-id: file:///home/svn/framework3/trunk@10546 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-04 20:53:51 +00:00
Joshua Drake 6f18c4a468 do not wait for WfsDelay if unable to bind
git-svn-id: file:///home/svn/framework3/trunk@10545 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-04 20:48:48 +00:00
Joshua Drake 7de96a710f add trendmicro extsetowner exploit from Trancer
git-svn-id: file:///home/svn/framework3/trunk@10538 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-04 04:26:09 +00:00
Joshua Drake c862fdd42b add exploit module from Abhishek Lyall
git-svn-id: file:///home/svn/framework3/trunk@10537 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-04 03:42:58 +00:00
Joshua Drake 279c604015 missed a couple exe generater includes
git-svn-id: file:///home/svn/framework3/trunk@10504 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-28 16:19:50 +00:00
HD Moore 2f344fe7c8 Moving to ManualRanking since it requires user/pass
git-svn-id: file:///home/svn/framework3/trunk@10503 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-28 15:23:14 +00:00
Mario Ceballos 811eb99980 free up the handler
git-svn-id: file:///home/svn/framework3/trunk@10477 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-25 11:59:02 +00:00
HD Moore 3ee6117219 Default to english, in the end, this is still the most common language pack
git-svn-id: file:///home/svn/framework3/trunk@10471 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-25 03:18:08 +00:00
Joshua Drake b8b21cd53c handle dirs and index.html specially
git-svn-id: file:///home/svn/framework3/trunk@10454 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-24 01:11:05 +00:00
Joshua Drake 3acede0f3c fix indent
git-svn-id: file:///home/svn/framework3/trunk@10442 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-23 02:15:40 +00:00
Joshua Drake 600ec0a848 add two exploits from Trancer! woot!
git-svn-id: file:///home/svn/framework3/trunk@10429 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-21 18:46:29 +00:00
HD Moore d89004753c Fixes #2450 by allowing any length extension
git-svn-id: file:///home/svn/framework3/trunk@10411 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-21 02:59:22 +00:00
Joshua Drake a0b193f9d3 note psexec release date
git-svn-id: file:///home/svn/framework3/trunk@10405 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-21 01:50:50 +00:00
Joshua Drake 8e5cf31e9a big exe/dll update, see #2017
NOTE: These changes specifically affect payload encoding via RPC, "use
payload", and msfencode

1. consolidate user-specified exe generation routine (now
Msf::Util::EXE.to_executable_fmt)
2. supported format types are now queried/checked using arrays
3. cleaned up and standardized exe option passing
4. rename data store options for EXE mixin
5. add generate_payload_exe_service for psexec/smb_relay
6. reworked default template handling in Msf::Util::EXE
  a. added template search path option (not used if template includes
a path separator)
  b. "fallback" flag to enable using default if specified file doesn't
exist
7. added Msf::Util::EXE.to_win64pe_dll
8. improved error messages from exe generation



git-svn-id: file:///home/svn/framework3/trunk@10404 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-21 00:13:30 +00:00
Joshua Drake bd1eeb3722 rework to_jsp_war a bit, fix uses, default msfencode -t war to x86/win32
git-svn-id: file:///home/svn/framework3/trunk@10397 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 15:59:46 +00:00
Joshua Drake 4590844871 tons of indentation fixes, some other style tweaks
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 08:06:27 +00:00
Joshua Drake 0149ec0253 bump exe name to 14 chars to avoid randomly smashing existing bins
git-svn-id: file:///home/svn/framework3/trunk@10391 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 05:06:51 +00:00
Joshua Drake 19db412383 convert remaining EXE generation to use the mixin, fixes #2017
git-svn-id: file:///home/svn/framework3/trunk@10389 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 04:38:13 +00:00
Joshua Drake 21d88b36c1 rename generate_exe -> generate_payload_exe
git-svn-id: file:///home/svn/framework3/trunk@10388 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 04:37:25 +00:00
HD Moore 3dae16482f Required admin creds == ManualRanking
git-svn-id: file:///home/svn/framework3/trunk@10384 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 02:56:29 +00:00
HD Moore ad4bf32a45 Move to the SMB directory
git-svn-id: file:///home/svn/framework3/trunk@10370 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-18 17:56:22 +00:00
HD Moore 36444591b8 Fix tab indent and make exe name more unique (since its not a fully-qualified path)
git-svn-id: file:///home/svn/framework3/trunk@10369 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-18 15:08:23 +00:00
Joshua Drake ff22e5212e revert to backward compatible method of using utc+zone
git-svn-id: file:///home/svn/framework3/trunk@10367 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-18 05:09:47 +00:00
Joshua Drake 3cf8dea0c6 add exploit for cve-2010-2729, finally
git-svn-id: file:///home/svn/framework3/trunk@10363 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-18 01:17:59 +00:00
Joshua Drake 9dae361383 typo fixes
git-svn-id: file:///home/svn/framework3/trunk@10332 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-16 16:23:46 +00:00
HD Moore 9d3bafce12 Do not automatically run the Lyris module
git-svn-id: file:///home/svn/framework3/trunk@10326 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-15 18:21:14 +00:00
Steve Tornio bceca3832b add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@10284 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-10 12:18:27 +00:00
Joshua Drake 7d3e892ad3 lol, how did those lines survive
git-svn-id: file:///home/svn/framework3/trunk@10283 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-10 06:37:41 +00:00
Joshua Drake 2d145aef6a add exploit for Integard from the Corelan Team
git-svn-id: file:///home/svn/framework3/trunk@10281 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-09 23:33:28 +00:00