f238c2a93f
change module filename
2014-07-11 10:30:50 -05:00
f7d60bebdc
Do clean up
2014-07-11 10:28:31 -05:00
4ea2daa96a
Minor cleanup
2014-07-11 09:50:22 -05:00
51cfa168b1
Fix deprecation information
2014-07-11 09:47:30 -05:00
109201a5da
little auto detect fix
2014-07-10 20:45:49 +02:00
781149f13f
little auto detect fix
2014-07-10 20:40:39 +02:00
f068006f05
auto target
2014-07-09 21:53:11 +02:00
6a765ae3b0
small cleanup
2014-07-09 21:16:29 +02:00
0674314c74
auto target included
2014-07-09 20:56:04 +02:00
b4812c1b7d
auto target included
2014-07-09 20:53:24 +02:00
f89f47c4d0
dlink_dspw215_info_cgi_rop
2014-07-08 22:29:57 +02:00
6fbd6bb4a0
stager
2014-07-08 22:17:02 +02:00
ac727dae89
dlink_dsp_w215_hnap_exploit
2014-07-08 22:13:13 +02:00
84d6d56e15
cleanup, deprecated
2014-07-08 21:36:07 +02:00
10bcef0c33
cleanup, deprecated
2014-07-08 21:34:28 +02:00
e7ade9f84d
migrate from wget to echo mechanism
2014-07-06 21:45:53 +02:00
98a82bd145
Land #3486 , @brandonprry's exploit for CVE-2014-4511 gitlist RCE
2014-07-04 16:41:04 -05:00
59881323b9
Clean code
2014-07-04 16:40:16 -05:00
a33a6dc79d
add bash to requiredcmd
2014-07-03 16:52:52 -05:00
806f26424c
&& not and
2014-07-03 16:50:21 -05:00
6fb2fc85a0
address @jvasquez-r7 review points
2014-07-03 16:43:01 -05:00
86a31b1896
Update gitlist_exec.rb
2014-07-03 12:40:37 -05:00
db6524106e
one more typo, last one I swear
2014-06-30 22:33:19 -05:00
d7dfa67e94
typo
2014-06-30 20:15:25 -05:00
acedf5e847
Update gitlist_exec.rb
...
Fix EDB ref and no twitter handles.
2014-06-30 20:12:08 -05:00
ecc1b08994
Create gitlist_exec.rb
...
This adds a metasploit module for CVE-2014-4511
2014-06-30 20:10:24 -05:00
5e900a9f49
Correct sock.get() to sock.get_once() to prevent indefinite hangs/misuse
2014-06-28 16:06:46 -05:00
bd49d3b17b
Explicitly use the echo stager and deregister options
...
Certain modules will only work with the echo cmd stager so
specify that one as a parameter to execute_cmdstager and
remove the datastore options to change it.
2014-06-28 16:21:08 -04:00
42ac3a32fe
Multi-fy two new linux/http/dlink exploits
2014-06-27 08:40:27 -04:00
41d721a861
Update two modules to use the new unified cmdstager
2014-06-27 08:34:57 -04:00
870fa96bd4
Allow quotes in CmdStagerFlavor metadata
2014-06-27 08:34:56 -04:00
91e2e63f42
Add CmdStagerFlavor to metadata
2014-06-27 08:34:55 -04:00
7ced5927d8
Use One CMDStagermixin
2014-06-27 08:34:55 -04:00
ae25c300e5
Initial attempt to unify the command stagers.
2014-06-27 08:34:55 -04:00
0219c4974a
Release fixups, word choice, refs, etc.
2014-06-23 11:17:00 -05:00
e8b914a62f
Download rankings for reliable exploit, but depending on a specific version without autodetection
2014-06-20 14:33:02 -05:00
f0d04fe77e
Do some randomizations
2014-06-20 11:38:10 -05:00
f26f8ae5db
Change module filename
2014-06-20 11:27:49 -05:00
33eaf643aa
Fix usage of :concat_operator operator
2014-06-20 11:27:23 -05:00
5542f846d6
Merge to solve conflicts
2014-06-20 11:24:08 -05:00
4203e75777
Land #3408 , @m-1-k-3's exploit for D-Link hedwig.cgi OSVDB 95950
2014-06-20 10:27:32 -05:00
f74594c324
Order metadata
2014-06-20 10:26:50 -05:00
d28ced5b7b
change module filename
2014-06-19 15:56:55 -05:00
a0386f0797
Fix cmd_concat_operator
2014-06-19 15:52:55 -05:00
86f523f00c
concator handling
2014-06-18 18:15:58 +02:00
508998263b
removed wrong module file
2014-06-17 08:57:46 +02:00
6f45eb13c7
moved module file
2014-06-17 08:56:07 +02:00
a5eed71d50
renamed and other module removed
2014-06-17 08:50:09 +02:00
e908b7bc25
renamed and other module removed
2014-06-17 08:49:46 +02:00
12ec785bdb
clean up, echo stager, concator handling
2014-06-14 17:37:09 +02:00
8eb21ded97
clean up
2014-06-14 17:02:55 +02:00
a3ae177347
echo stager, arch_cmd, echo module
2014-06-13 11:42:47 +02:00
894af92b22
echo stager, arch_cmd
2014-06-13 11:40:50 +02:00
76ed9bcf86
hedwig.cgi - cookie bof - return to system
2014-05-30 17:49:37 +02:00
1ddc2d4e87
hedwig.cgi - cookie bof - return to system
2014-05-30 17:32:49 +02:00
da0a9f66ea
Resolved all msftidy vars_get warnings
2014-05-25 19:29:39 +02:00
b85c0b7543
rop to system with telnetd
2014-05-23 20:51:25 +02:00
df4b832019
Resolved some more Set-Cookie warnings
2014-05-13 22:56:12 +02:00
1483f02f83
Land #3306 , @xistence's alienvault's exploit
2014-05-01 09:25:07 -05:00
1b39712b73
Redo response check
2014-05-01 09:10:16 -05:00
78cefae607
Use WfsDelay
2014-05-01 09:07:26 -05:00
5db24b8351
Fixes/Stability AlienVault module
2014-05-01 14:53:55 +07:00
c12d72b58c
Changes to alienvault module
2014-05-01 10:39:11 +07:00
9bcf5eadb7
Changes to alienvault module
2014-05-01 10:10:15 +07:00
9a1b216fdb
Move module to new location
2014-04-28 11:55:26 -05:00
fe066ae944
Land #3207 , @7a69 MIPS BE support for Fritz Box's exploit
2014-04-09 23:20:45 -05:00
fdda69d434
Align things
2014-04-09 23:19:41 -05:00
386e2e3d29
Do final / minor cleanup
2014-04-09 23:19:12 -05:00
eb9d3520be
Land #3208 - Sophos Web Protection Appliance Interface Authenticated Exec
2014-04-09 11:30:59 -05:00
8428b37e59
move file to .rb ext
2014-04-09 05:17:14 -07:00
82c9b539ac
Fix disclosure date, earlier than I thought
2014-04-08 21:43:49 -05:00
3013704c75
Create sophos_wpa_iface_exec
...
This module exploits both bugs in http://www.zerodayinitiative.com/advisories/ZDI-14-069/
2014-04-08 21:21:43 -05:00
8dce80fd30
Added Big Endianess, improved check()-Function
...
Some Fritz!Box devices also run in Big Endianess mode. However, since
"uname -a" always returns "mips" and the "file"-command is not
available, autodetection is not an easy task.
The check()-function now checks, whether the device is really
vulnerable.
Furthemore, it's possible to send 92 bytes.
2014-04-08 21:32:36 +02:00
fb1318b91c
Land #3193 , @m-1-k-3's exploit for the Fritzbox RCE vuln
2014-04-07 16:13:31 -05:00
ceaa99e64e
Minor final cleanup
2014-04-07 16:12:54 -05:00
b1a6b28af9
fixed disclosure date
2014-04-07 19:29:37 +02:00
003310f18a
feedback included
2014-04-07 19:25:26 +02:00
7572d6612e
Spelling and grammar on new release modules
2014-04-07 12:18:13 -05:00
85de6ed0c9
feedback included
2014-04-07 18:20:15 +02:00
11bbb7f429
fritzbox echo exploit
2014-04-07 09:12:22 +02:00
6d72860d58
Land #3004 , @m-1-k-3's linksys moon exploit
2014-04-04 14:04:48 -05:00
0ae75860ea
Code clean up
2014-04-04 14:02:12 -05:00
ffdca3bf42
Fixup on some modules for release
...
There may be more coming, but if not, this should cover
this week's minor style changes.
2014-03-31 12:42:19 -05:00
4319885420
we do not need pieces ...
2014-03-26 20:45:30 +01:00
0c3a535434
Land #3133 - LifeSize UVC Authenticated RCE via Ping
2014-03-24 21:16:10 -05:00
53b25c8c93
Fix header & author e-mail format
2014-03-24 21:15:27 -05:00
d2a9a26bc8
real fix for sinn3r bug
2014-03-24 18:40:48 -05:00
ec35f4b13f
some bugs for sinn3r
2014-03-24 18:17:50 -05:00
d6f397ab6d
whoops that isn't how you EDB
2014-03-22 11:48:41 -05:00
291692d6e0
Update lifesize_uvc_ping_rce.rb
2014-03-22 11:30:00 -05:00
67a3a7227b
Create lifesize_uvc_ping_rce.rb
2014-03-21 21:33:12 -05:00
170608e97b
Fix first chunk of msftidy "bad char" errors
...
There needs to be a better way to go about preventing/fixing these.
2014-03-11 11:18:54 -05:00
d1ea74c5fa
Make the password hash stand out as more important
2014-03-04 15:08:47 -06:00
9a403bf630
Also extract admin hash if password auth failed
2014-03-04 14:55:47 -06:00
423477bc52
auth_succeeded? is a better name for this method
2014-03-04 14:55:47 -06:00
917b09086b
Pull the copy-pasted verification into a method
2014-03-04 14:55:47 -06:00
4cfda88bad
Pull the copy-pasted sqli into a method
2014-03-04 14:55:47 -06:00
15345da9d8
remove the wget module, remove the cmd stuff, testing bind stuff ahead
2014-02-28 22:44:26 +01:00
2935f4f562
CMD target
2014-02-24 18:12:23 +01:00
0126e3fcc8
cleanup
2014-02-23 21:17:32 +01:00
dbbd080fc1
a first try of the cmd stager, wget in a seperated module included
2014-02-23 20:59:17 +01:00
3a8de6e124
replaced rhost by peer
2014-02-18 21:01:50 +01:00
66e2148197
linksys themoon command execution exploit
2014-02-18 19:43:47 +01:00
4dda7e6bad
linksys themoon command execution exploit
2014-02-18 19:42:50 +01:00
faae51f39e
Implemented @jlee-r7 requested changes
2014-02-17 10:13:18 -05:00
ca15d2d8e7
Added Pandora FMS RCE and SQLi module
2014-02-12 12:02:33 -05:00
79d559a0c9
Fix MIME message to_s
2014-02-10 22:23:23 -06:00
1236a4eb07
Fixup on description and some option descrips
2014-02-10 14:41:59 -06:00
c96116b193
Land #2949 - Add module Kloxo SQLi
2014-02-08 13:45:11 -06:00
c679b1001b
Make pring_warning verbose
2014-02-07 10:23:07 -06:00
4236abe282
Better SIGHUP handling
2014-02-06 15:21:54 -06:00
fdb954fdfb
Report credentials
2014-02-05 14:37:33 -06:00
631559a2e8
Add module for Kloco SQLi
2014-02-05 14:18:56 -06:00
50f860757b
Changes made to pandora_fms_exec module as requested
2014-02-03 14:10:27 +07:00
9a929e75e4
Added Pandora FMS RCE
2014-01-29 12:46:23 +07:00
a7fa4e312b
This module fails to load due to the missing end
2014-01-24 17:56:47 -06:00
cdc425e4eb
Update some checks
2014-01-24 12:08:23 -06:00
0a10c1297c
Address nil
2014-01-23 11:00:28 -06:00
333229ea7e
Throw Unknown if connection times out
2014-01-23 10:54:45 -06:00
c83053ba9b
Progress
2014-01-22 11:20:10 -06:00
646f7835a3
Saving progress
2014-01-21 17:14:55 -06:00
590547ebc7
Modify title to avoid versions
2014-01-07 13:01:10 -06:00
c34af35230
Add wrt100 to the description and title.
...
* The wrt110 and wrt100 share the same firmware, and are both vulnerable to this
bug.
2014-01-07 10:26:15 -06:00
7f9f4ba4db
Make gsubs compliant with the new indentation standard
2013-12-31 11:06:53 -06:00
5ce862a5b5
Add OSVDB
2013-12-26 10:33:46 -06:00
163a54f8b1
Do send_request_cgi final clean up
2013-12-20 17:00:57 -06:00
af13334c84
Revert gsub!
2013-12-20 11:39:49 -06:00
1da961343a
Do final (minor) cleanup
2013-12-20 11:20:29 -06:00
929f3ea35c
Turn Auxiliary module into Exploit module
2013-12-20 16:45:38 +01:00
ec64382efc
Fix cfme_manageiq_evm_upload_exec according to chat with @rcvalle
2013-12-18 11:53:30 -06:00
a28ea18798
Clean pull request
2013-12-18 11:32:34 -06:00
21661b168b
Add cfme_manageiq_evm_upload_exec.rb
...
This module exploits a path traversal vulnerability in the "linuxpkgs"
action of "agent" controller of the Red Hat CloudForms Management Engine
5.1 (ManageIQ Enterprise Virtualization Manager 5.0 and earlier).
2013-12-09 16:18:12 -02:00
bf3489203a
I missed this one
2013-12-03 13:13:14 -06:00
230db6451b
Remove @peer for modules that use HttpClient
...
The HttpClient mixin has a peer() method, therefore these modules
should not have to make their own. Also new module writers won't
repeat the same old code again.
2013-12-03 12:58:16 -06:00
55847ce074
Fixup for release
...
Notably, adds a description for the module landed in #2709 .
2013-12-02 16:19:05 -06:00
fc14a6c149
Land #2576 - NETGEAR ReadyNAS Perl Code Evaluation Vulnerability
2013-11-24 00:47:14 -06:00
36db6a4d59
Land #2616 , SuperMicro close_window BOF
2013-11-15 11:34:53 -06:00
2035983d3c
Fix a handful of msftidy warnings, and XXX SSL
...
Marked the SSL stuff as something that needs to be resolved in order to
fix a future bug in datastore manipulation. Also, fixed some whitespace
and exec complaints
[SeeRM #8498 ]
2013-11-11 21:23:35 -06:00
40f8e80775
Fix jlee-r7's feedback
2013-11-08 14:28:19 -06:00
b7e360922d
Update ranking
2013-11-07 15:10:26 -06:00
decf6ff6a0
Add module for CVE-2013-3623
2013-11-07 14:59:40 -06:00
c92e8ff98d
Delete extra space
2013-10-30 19:34:54 -05:00
9045eb06b0
Various title and description updates
2013-10-28 14:00:19 -05:00
dd094eee04
Use 443 by default with SSL
2013-10-24 16:30:26 -05:00
72f686d99a
Add module for CVE-2013-2751
2013-10-24 16:10:32 -05:00
2aed8a3aea
Update modules to use new ZDI reference
2013-10-21 15:13:46 -05:00
cacaf40276
Land #2542 - D-Link DIR-605L Captcha Handling Buffer Overflow
2013-10-21 12:03:07 -05:00
9bfd98b001
Change plate
2013-10-21 11:54:42 -05:00
7dd39ae5e6
Update ranking
2013-10-17 22:43:47 -05:00
a00a813649
Add real device libraries base addresses
2013-10-17 22:34:54 -05:00
3d3a7b3818
Add support for OSVDB 86824
2013-10-17 01:08:01 -05:00
ba2c52c5de
Fixed up some more weird splat formatting.
2013-10-16 16:25:48 -05:00
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
63e40f9fba
Release time fixes to modules
...
* Period at the end of a description.
* Methods shouldn't be meth_name! unless the method is destructive.
* "Setup" is a noun, "set up" is a verb.
* Use the clunky post module naming convention.
2013-10-14 15:17:39 -05:00
a6f17c3ba0
Clean zabbix_sqli
2013-10-14 14:01:58 -05:00
171b70fa7c
Zabbix v2.0.8 SQLi and RCE Module
...
Conflicts:
modules/exploits/linux/http/zabbix_sqli.rb
Commit completed version of zabbix_sqli.rb
2013-10-10 22:50:02 -04:00
4ba001d6dd
Put my short name to prevent conflicts.
2013-10-07 14:10:47 -05:00
ec6516d87c
Deprecate misnamed module.
...
* Renames to a linux linksys module.
2013-10-07 14:06:13 -05:00
fcba424308
Kill off EOL spaces on astium_sqli_upload.
2013-10-03 11:01:27 -05:00
813bd2c9a5
Land #2379 , @xistence's exploit for OSVDB 88860
2013-09-26 13:52:15 -05:00
c2ff5accee
stability fixes to astium_sqli_upload
2013-09-26 10:23:33 +07:00
c547e84fa7
Prefer Ruby style for single word collections
...
According to the Ruby style guide, %w{} collections for arrays of single
words are preferred. They're easier to type, and if you want a quick
grep, they're easier to search.
This change converts all Payloads to this format if there is more than
one payload to choose from.
It also alphabetizes the payloads, so the order can be more predictable,
and for long sets, easier to scan with eyeballs.
See:
https://github.com/bbatsov/ruby-style-guide#collections
2013-09-24 12:33:31 -05:00
4bff8f2cdc
Update descriptions for clarity.
2013-09-23 13:48:23 -05:00
1fc849bdd5
Land #2188 , @m-1-k-3's module for OSVDB 90221
2013-09-23 11:44:43 -05:00
71d74655f9
Modify description
2013-09-23 11:44:04 -05:00
0eb838156b
Land #2390 - Use payload.encoded because BadChars are defined
2013-09-19 22:10:55 -05:00
1a00cce8a9
Clean up
2013-09-19 11:51:07 -05:00
926ddf35bc
Fix possible collisions on binding port and handle rex socket
2013-09-19 08:23:25 -05:00
accad24f31
Use payload.encoded because BadChars are defined
2013-09-18 13:03:35 -05:00
61ab0e245c
Add Context to rex sockets plus track them with add_socket
2013-09-18 12:39:08 -05:00
1988085a94
Fix possible port conflict
2013-09-18 12:24:36 -05:00
adc1bd9c65
changes made to astium_sqli_upload based on suggestions
2013-09-18 16:52:31 +07:00
82aa3f97b0
added Astium confweb 25399 RCE
2013-09-17 12:32:10 +07:00
b4b7cecaf4
Various minor desc fixes, also killed some tabs.
2013-09-16 15:50:00 -05:00
f89af79223
Correct OSVDB for sophos sblistpack exploit
2013-09-16 15:41:50 -05:00
c18c41d8ea
Don't hidde exceptions
2013-09-16 09:26:13 -05:00
86e5163cad
Fix Indentation and cleanup
2013-09-16 09:19:26 -05:00
62cf9cb07c
Retab changes for PR #2188
2013-09-16 09:09:16 -05:00
842dba20b9
Merge for retab
2013-09-16 09:08:36 -05:00
ac90cd1263
Land #2248 - Fix dlink upnp exec noauth
2013-09-12 15:10:20 -05:00
c3ff9a03d8
Add module for CVE-2013-4983
2013-09-09 23:26:10 -05:00
f780a41f87
Retab changes for PR #2248
2013-09-05 14:12:24 -05:00
554d1868ce
Merge for retab
2013-09-05 14:12:18 -05:00
84aaf2334a
Retab new material
2013-09-03 11:47:26 -05:00
0c1e6546af
Update from master
2013-09-03 11:45:39 -05:00
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
0bfc12ada1
Fix the way to get a session over a telnet connection
2013-08-27 11:38:49 -05:00
7b555679e6
Really delete the telnet target
2013-08-19 15:06:47 -05:00
d64c8748e8
Fix descriptions and names
2013-08-19 15:05:27 -05:00
232289d500
Add new module to exploit to through telnet dlink_upnp_exec_noauth
2013-08-19 15:01:29 -05:00
846925e3ba
Delete telnet target from dlink_upnp_exec_noauth
2013-08-19 14:56:12 -05:00
c902b0ea4b
removed user and pass option
2013-08-19 18:07:11 +02:00
5fc806e3e0
little fixes
2013-08-18 16:18:27 +02:00
9ae977ec80
Merge branch 'raidsonic_telnet' of https://github.com/jvazquez-r7/metasploit-framework into raidsonic-ib5220-exec
...
Conflicts:
modules/exploits/linux/http/raidsonic_nas_ib5220_exec_noauth.rb
2013-08-18 15:56:39 +02:00
462ccc3d36
Missed these little devils
2013-08-15 16:50:13 -05:00
6c1ba9c9c9
Switch to Failure vs Exploit::Failure
2013-08-15 14:14:46 -05:00
7a8bafd82c
Beautify
2013-08-14 13:50:08 -05:00
90aec6cff5
Fix telnet negotiation for the raidsonic case
2013-08-14 13:38:51 -05:00
178a7b0dbb
Fix author's email format
2013-08-14 11:56:47 -05:00
2a4b8e4a64
Add useful comment
2013-08-14 11:49:32 -05:00
e6c36864c4
Fix telnet related stuff
2013-08-14 11:47:57 -05:00
6b87240323
thx to juan ... session stuff looks better
2013-08-14 16:51:09 +02:00
5436ec7dd3
Title change for dlink_dir300_exec_telnet
...
Title change for dlink_dir300_exec_telnet. Also correct the email
format.
2013-08-09 15:41:50 -05:00
74eeacf9f2
Fix regex
2013-08-08 08:40:45 -05:00
821673c4d2
Try to fix a little description
2013-08-07 10:26:39 -05:00
33ac0c5c3f
Make exploit more print friendly
2013-08-07 10:21:14 -05:00
32436973e4
Land #2192 , @m-1-k-3's exploit for OSVDB-89861
2013-08-07 10:16:49 -05:00
ae685ac41d
Beautify description
2013-08-07 09:52:29 -05:00
afb8a95f0a
Land #2179 , @m-1-k-3's exploit for OSVDB-92698
2013-08-07 09:00:41 -05:00
885417c9d9
removing config file from target
2013-08-06 15:11:54 +02:00
dd35495fb8
dir 300 and 600 auxiliary module replacement
2013-08-05 22:28:59 +02:00
786f16fc91
feedback included
2013-08-05 21:55:30 +02:00
2efc2a79bf
fail with
2013-08-05 21:41:28 +02:00
e7206af5b5
OSVDB and comment doc fixes
2013-08-05 09:08:17 -05:00
34134b2e11
feedback included
2013-08-04 14:45:55 +02:00
b8ed364cb8
telnet user working
2013-08-03 15:07:10 +02:00
62e3c01190
raidsonic nas - command execution
2013-08-02 21:04:19 +02:00
a19afd163a
feedback included
2013-08-02 17:30:39 +02:00
15906b76db
dir300 and 615 command injection
2013-07-31 14:36:51 +02:00
6b514bb44a
dir300 and 615 command injection telnet session
2013-07-31 14:34:03 +02:00
5efcbbd474
Land #2167 - PineApp Mail-SeCure livelog.html Exec
2013-07-29 13:18:18 -05:00
7967426db1
Land #2166 - PineApp Mail-SeCure ldapsyncnow.php EXEC
2013-07-29 13:16:42 -05:00
a1d9ed300e
Add module for ZDI-13-184
2013-07-28 09:57:41 -05:00
f4e35b62ac
Add module for ZDI-13-185
2013-07-27 12:12:06 -05:00
fab9d33092
Fix disclosure date
2013-07-27 12:10:21 -05:00
ac7bb1b07f
Add module for ZDI-13-188
2013-07-27 03:25:39 -05:00
147d432b1d
Move from DLink to D-Link
2013-07-23 14:11:16 -05:00
af1bd01b62
Change datastore options names for consistency
2013-07-22 16:57:32 -05:00
5e55c506cd
Land #2140 , add CWS as a first-class reference.
2013-07-22 13:50:38 -05:00
164153f1e6
Minor updates to titles and descriptions
2013-07-22 13:04:54 -05:00
77e8250349
Add support for CWE
2013-07-22 12:13:56 -05:00
6158415bd3
Clean CWE reference, will ad in new pr
2013-07-22 12:03:55 -05:00
da4fda6cb1
Land #2110 , @rcvalle's exploit for Foreman Ruby Injection
2013-07-22 12:02:43 -05:00
04e9398ddd
Fix CSRF regular expressions as per review
2013-07-22 13:10:56 -03:00
de6e2ef6f4
Final cleanup for dlink_upnp_exec_noauth
2013-07-22 10:53:09 -05:00
c1c72dea38
Land @2127, @m-1-k-3's exploit for DLink UPNP SOAP Injection
2013-07-22 10:52:13 -05:00
11ef4263a4
Remove call to handler as per review
2013-07-22 12:49:42 -03:00
4beea52449
Use instance variables
2013-07-19 14:46:17 -05:00
6761f95892
Change print_error/ret to fail_with as per review
2013-07-19 12:19:29 -03:00
e93eef4534
fixing server header check
2013-07-19 08:00:02 +02:00
f26b60a082
functions and some tweaking
2013-07-19 07:57:27 +02:00
a1a6aac229
Delete debug code from mutiny_frontend_upload
2013-07-18 14:03:19 -05:00
8fd6dd50de
Check session and CSRF variables as per review
2013-07-16 14:30:55 -03:00
dc51c8a3a6
Change URIPATH option to TARGETURI as per review
2013-07-16 14:27:47 -03:00
3dbe8fab2c
Add foreman_openstack_satellite_code_exec.rb
...
This module exploits a code injection vulnerability in the 'create'
action of 'bookmarks' controller of Foreman and Red Hat
OpenStack/Satellite (Foreman 1.2.0-RC1 and earlier).
2013-07-16 12:07:31 -03:00
f594c4b128
small cleanup
2013-07-15 08:48:18 +02:00
393c1b2a99
session stuff
2013-07-15 07:57:30 +02:00
a6b48f3082
HTTP GET
2013-07-14 19:02:53 +02:00
9f65264af4
make msftidy happy
2013-07-14 15:45:14 +02:00
jvazquez-r7
Michael Messner
Brandon Perry
HD Moore
Spencer McIntyre
Tod Beardsley
Christian Mehlmauer
xistence
sinn3r
Brandon Perry
Fabian Bräunlein
William Vu
James Lee
pyoor
Joe Vennix
Markus Wulftange
Ramon de C Valle
jvazquez-r7
pyoor
Tab Assassin
m-1-k-3