Edited modules/auxiliary/dos/http/ms15_034_ulonglongadd.rb first landed
in #5150, @wchen-r7's DOS module for CVE-2015-1635 HTTP.sys
Edited modules/auxiliary/gather/apple_safari_ftp_url_cookie_theft.rb
first landed in #5192, @joevennix's module for Safari CVE-2015-1126
Edited modules/auxiliary/gather/java_rmi_registry.rb first landed in
Edited modules/auxiliary/gather/ssllabs_scan.rb first landed in #5016,
add SSL Labs scanner
Edited modules/auxiliary/scanner/http/goahead_traversal.rb first landed
in #5101, Add Directory Traversal for GoAhead Web Server
Edited modules/auxiliary/scanner/http/owa_iis_internal_ip.rb first
landed in #5158, OWA internal IP disclosure scanner
Edited modules/auxiliary/scanner/http/wp_mobileedition_file_read.rb
first landed in #5159, WordPress Mobile Edition Plugin File Read Vuln
Edited modules/exploits/linux/http/multi_ncc_ping_exec.rb first landed
in #4924, @m-1-k-3's DLink CVE-2015-1187 exploit
Edited modules/exploits/unix/webapp/wp_slideshowgallery_upload.rb first
landed in #5131, WordPress Slideshow Upload
Edited modules/exploits/windows/local/run_as.rb first landed in #4649,
improve post/windows/manage/run_as and as an exploit
(These results courtesy of a delightful git alias, here:
```
cleanup-prs = !"for i in `git status | grep modules | sed
s/#.*modules/modules/`; do echo -n \"Edited $i first landed in \" && git
log --oneline --first-parent $i | tail -1 | sed 's/.*Land //' && echo
''; done"
```
So that's kind of fun.
All but one of these modules credits both a team name and individual
team members. We should just be crediting team members. The domain
persists in all the other credits.
The one that didn't was credited to dflah_ specifically, so merely
changed the author name.
Longer description, if needed, wrapped at 72 characters.
[See #5012]
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
None of the lorcon / lorcon2 modules have been functional for a long
time, due to the lack of a "Lorcon" gem. It's unclear where it went.
I'm happy to include it and get these working again, but until someone
comes up with some functional code (hint: 'gem install' doesn't work) I
don't see any reason to keep shipping these.
Is there some trick people are doing to make these work? As far as I can
see, they are broken by default.
````
msf auxiliary(wifun) > show options
Module options (auxiliary/dos/wifi/wifun):
Name Current Setting Required Description
---- --------------- -------- -----------
CHANNEL 11 yes The initial channel
DRIVER autodetect yes The name of the wireless driver
for lorcon
INTERFACE wlan0 yes The name of the wireless
interface
msf auxiliary(wifun) > run
[*] The Lorcon2 module is not available: cannot load such file --
Lorcon2
[-] Auxiliary failed: RuntimeError Lorcon2 not available
[-] Call stack:
[-]
/home/todb/git/rapid7/metasploit-framework/lib/msf/core/exploit/lorcon2.rb:67:in
`open_wifi'
[-]
/home/todb/git/rapid7/metasploit-framework/modules/auxiliary/dos/wifi/wifun.rb:29:in
`run'
[*] Auxiliary module execution completed
````
So far, just a DoS. So far, just tested on recent Rails with Webrick and
Thin front ends -- would love to see some testing on ngix/apache with
passenger/mod_rails but I don't have it set up at the moment.
jvazquez-r7
William Vu
Tod Beardsley
Denis Kolegov
Brent Cook
wchen-r7
root
Christian Mehlmauer
rastating
URI Assassin
Jon Hart
JoseMi
ribeirux
kicks4kittens
joev
jvazquez-r7