infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
9,745 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

518 Commits (23cc89482b9823e1bc219786a85ae1a604c2d4af)

Author SHA1 Message Date
Joshua Drake 3fffd15549 add exploit for cve-2010-3552 (w/dep bypass) 
git-svn-id: file:///home/svn/framework3/trunk@10819 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-25 20:21:41 +00:00
Steve Tornio 0251c446f1 add cve, osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@10784 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-22 12:21:30 +00:00
Joshua Drake 6bd75bb2d5 add shockwave exploit from abysssec/rel1k 
git-svn-id: file:///home/svn/framework3/trunk@10779 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-22 03:15:22 +00:00
Joshua Drake 7de96a710f add trendmicro extsetowner exploit from Trancer 
git-svn-id: file:///home/svn/framework3/trunk@10538 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-04 04:26:09 +00:00
Joshua Drake 279c604015 missed a couple exe generater includes 
git-svn-id: file:///home/svn/framework3/trunk@10504 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-28 16:19:50 +00:00
Joshua Drake b8b21cd53c handle dirs and index.html specially 
git-svn-id: file:///home/svn/framework3/trunk@10454 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-24 01:11:05 +00:00
Joshua Drake 600ec0a848 add two exploits from Trancer! woot! 
git-svn-id: file:///home/svn/framework3/trunk@10429 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-21 18:46:29 +00:00
HD Moore d89004753c Fixes #2450 by allowing any length extension 
git-svn-id: file:///home/svn/framework3/trunk@10411 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-21 02:59:22 +00:00
Joshua Drake 8e5cf31e9a big exe/dll update, see #2017 
NOTE: These changes specifically affect payload encoding via RPC, "use
payload", and msfencode

1. consolidate user-specified exe generation routine (now
Msf::Util::EXE.to_executable_fmt)
2. supported format types are now queried/checked using arrays
3. cleaned up and standardized exe option passing
4. rename data store options for EXE mixin
5. add generate_payload_exe_service for psexec/smb_relay
6. reworked default template handling in Msf::Util::EXE
  a. added template search path option (not used if template includes
a path separator)
  b. "fallback" flag to enable using default if specified file doesn't
exist
7. added Msf::Util::EXE.to_win64pe_dll
8. improved error messages from exe generation



git-svn-id: file:///home/svn/framework3/trunk@10404 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-21 00:13:30 +00:00
Joshua Drake 4590844871 tons of indentation fixes, some other style tweaks 
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-20 08:06:27 +00:00
Joshua Drake 19db412383 convert remaining EXE generation to use the mixin, fixes #2017 
git-svn-id: file:///home/svn/framework3/trunk@10389 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-20 04:38:13 +00:00
Joshua Drake 21d88b36c1 rename generate_exe -> generate_payload_exe 
git-svn-id: file:///home/svn/framework3/trunk@10388 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-20 04:37:25 +00:00
Joshua Drake 5250ff20bb add svn:keywords, increase ranking, add browser version 
git-svn-id: file:///home/svn/framework3/trunk@10280 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-09 23:23:40 +00:00
Joshua Drake ace873a37a update test notes 
git-svn-id: file:///home/svn/framework3/trunk@10204 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-31 17:55:43 +00:00
Steve Tornio 3c704ec753 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@10201 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-31 11:44:11 +00:00
Joshua Drake 3ab9a9b8d7 add Win7 IE8 target 
git-svn-id: file:///home/svn/framework3/trunk@10199 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-30 23:31:01 +00:00
Joshua Drake 561c861a3a add CVE reference 
git-svn-id: file:///home/svn/framework3/trunk@10196 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-30 21:52:45 +00:00
Joshua Drake 2d6a956763 update description 
git-svn-id: file:///home/svn/framework3/trunk@10194 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-30 20:50:52 +00:00
Joshua Drake f68fd01772 nudge reliability up 
git-svn-id: file:///home/svn/framework3/trunk@10193 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-30 20:44:43 +00:00
Joshua Drake a39639c56f add exploit for quicktime backdoor 
git-svn-id: file:///home/svn/framework3/trunk@10192 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-30 20:42:51 +00:00
Joshua Drake 330281eadd see #684, adds checksum support, updates modules to use it, fixes some wfs_delay/WfsDelay issues 
git-svn-id: file:///home/svn/framework3/trunk@10150 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-25 20:55:37 +00:00
Joshua Drake bc56ae73a1 correct typo, thx jcran 
git-svn-id: file:///home/svn/framework3/trunk@10142 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-25 16:18:02 +00:00
Joshua Drake aac956db50 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@10128 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-24 18:22:48 +00:00
HD Moore 65af96745f Set manual ranking until we have a vulnerable extension list added by default 
git-svn-id: file:///home/svn/framework3/trunk@10101 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-23 13:41:59 +00:00
HD Moore cc3554601f Tools for testing DLL hijack flaws 
git-svn-id: file:///home/svn/framework3/trunk@10100 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-23 05:43:47 +00:00
Steve Tornio 0e1ed07e73 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@10078 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-20 11:36:50 +00:00
Joshua Drake 1cc13485ae bring ranking down 
git-svn-id: file:///home/svn/framework3/trunk@10070 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-19 23:55:59 +00:00
Joshua Drake 791af4b6c5 add exploit for sonicwall aventail activex format string 
git-svn-id: file:///home/svn/framework3/trunk@10069 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-19 23:52:11 +00:00
Joshua Drake 5f0d68d883 add exploit for cve-2010-1799 
git-svn-id: file:///home/svn/framework3/trunk@10011 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-13 23:11:23 +00:00
Joshua Drake 1b31a44b57 move riff support from ani_loadimage browser sploit to mixin 
git-svn-id: file:///home/svn/framework3/trunk@9984 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-12 16:56:41 +00:00
Joshua Drake b93462a27f add msb and rename module 
git-svn-id: file:///home/svn/framework3/trunk@9956 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-04 02:21:33 +00:00
Joshua Drake 459c046ac2 add msb and rename module 
git-svn-id: file:///home/svn/framework3/trunk@9955 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-04 02:21:20 +00:00
Joshua Drake a31e133e80 add 3 easy ftp server exploits, 1 chemview activex 
git-svn-id: file:///home/svn/framework3/trunk@9935 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-27 02:25:15 +00:00
Joshua Drake f4103fd7f5 increase ranking 
git-svn-id: file:///home/svn/framework3/trunk@9933 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-26 19:30:02 +00:00
Joshua Drake 2448f6b1a8 fix lnk file generation, tested OK on win7 x86 
git-svn-id: file:///home/svn/framework3/trunk@9930 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-26 01:51:17 +00:00
Joshua Drake 2ccf0a0c81 add UNCHOST var, remove \r chars 
git-svn-id: file:///home/svn/framework3/trunk@9897 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-21 00:02:47 +00:00
Joshua Drake dd7a8178d7 actually use Msf::Exploit::EXE 
git-svn-id: file:///home/svn/framework3/trunk@9896 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-21 00:02:04 +00:00
Joshua Drake 1ca054ba53 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@9893 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-20 23:28:47 +00:00
HD Moore 99e2c9aa72 Looks like my initial testing was wrong - you can trigger this entirely through HTTP with a meta refresh, just not with a 301 (IE only). 
git-svn-id: file:///home/svn/framework3/trunk@9888 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-20 19:54:56 +00:00
Joshua Drake 786ccb3d5f add support for OWC11 (from DSR!) 
git-svn-id: file:///home/svn/framework3/trunk@9883 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-20 06:24:19 +00:00
HD Moore d388c1bc4f Handle unknown requests in a cleaner way 
git-svn-id: file:///home/svn/framework3/trunk@9879 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-20 03:08:43 +00:00
Joshua Drake e30164e09e possibly fix a bug 
git-svn-id: file:///home/svn/framework3/trunk@9873 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-20 00:23:18 +00:00
Steve Tornio 3674a11fa5 add osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@9870 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-19 23:02:22 +00:00
HD Moore fcd23fbdce Adds coverage for the Windows Shell LNK code execution flaw (CVE-2010-2568) 
git-svn-id: file:///home/svn/framework3/trunk@9869 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-19 22:36:26 +00:00
Joshua Drake d07e613504 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@9842 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-16 02:33:25 +00:00
HD Moore 24800ca1ec Add reference for the help center bug 
git-svn-id: file:///home/svn/framework3/trunk@9810 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-13 19:31:40 +00:00
HD Moore 19f1583ba5 Change to match MSB 
git-svn-id: file:///home/svn/framework3/trunk@9809 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-13 19:30:47 +00:00
HD Moore edae6e2d02 Change to match MSB 
git-svn-id: file:///home/svn/framework3/trunk@9808 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-13 19:30:36 +00:00
James Lee a5786cdc64 stop using some older exploits in browser_autopwn in favor of ie_behaviors which works on more versions 
git-svn-id: file:///home/svn/framework3/trunk@9787 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-12 02:51:50 +00:00
Joshua Drake c7f5ba801c add lots of disclosure dates from OSVDB (missed a few) 
git-svn-id: file:///home/svn/framework3/trunk@9670 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-03 03:19:07 +00:00
Joshua Drake 7d945ed9dc add lots of disclosure dates from OSVDB 
git-svn-id: file:///home/svn/framework3/trunk@9669 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-03 03:13:45 +00:00
Joshua Drake 56ea22716e oops, broke the tree 
git-svn-id: file:///home/svn/framework3/trunk@9668 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-03 01:38:15 +00:00
Joshua Drake 9984b662e0 switch some URL references to US-CERT-VU type 
git-svn-id: file:///home/svn/framework3/trunk@9666 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-03 01:09:32 +00:00
Joshua Drake f6f954a18c add missing CVE/OSVDB references, plenty still missing *wink wink* 
git-svn-id: file:///home/svn/framework3/trunk@9659 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-02 00:10:51 +00:00
Joshua Drake 0882838491 ensure binary mode when opening files, whitespace fixes 
git-svn-id: file:///home/svn/framework3/trunk@9653 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-01 23:33:07 +00:00
Joshua Drake 8676a88ce3 fix typo, thx chad 
git-svn-id: file:///home/svn/framework3/trunk@9646 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-01 20:35:56 +00:00
Joshua Drake a040b3708a add some MSB numbers that were missing, rename ms08-070 msmask32 module 
git-svn-id: file:///home/svn/framework3/trunk@9532 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-15 23:49:17 +00:00
Joshua Drake fa505a4069 various fixes, mostly consistency changes to disclosure dates 
git-svn-id: file:///home/svn/framework3/trunk@9525 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-15 07:18:08 +00:00
Joshua Drake 09f4c42aee fix whitespace 
git-svn-id: file:///home/svn/framework3/trunk@9518 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-15 05:44:29 +00:00
natron 7cbc566c7b Bug fixes for WMP11 and IE8, new configurable setting for exploit trigger, and output cleanup. 
git-svn-id: file:///home/svn/framework3/trunk@9495 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 20:54:35 +00:00
Joshua Drake 75b906ac4c switch to %uFFFF per secunia analysis, fix regexp handling 
git-svn-id: file:///home/svn/framework3/trunk@9491 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 17:40:42 +00:00
Joshua Drake cb69258fb2 fix regexp handling 
git-svn-id: file:///home/svn/framework3/trunk@9490 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 17:40:12 +00:00
Joshua Drake e32abab8dc a HTTP -> an HTTP (http://www.english-zone.com/grammar/a-anlessn.html) 
git-svn-id: file:///home/svn/framework3/trunk@9488 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 16:12:05 +00:00
Joshua Drake 565397e989 fix CVE reference -- shakes stick 
git-svn-id: file:///home/svn/framework3/trunk@9487 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 16:10:12 +00:00
Joshua Drake c62b62d35d style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@9486 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 15:17:23 +00:00
Steve Tornio e2f4a6ad0d add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@9485 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 10:39:41 +00:00
HD Moore 7c87a96e65 Add CVE from Kurt S. 
git-svn-id: file:///home/svn/framework3/trunk@9484 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 06:49:54 +00:00
natron f4394bf0e0 Initial commit for Tavis Ormandy's Help Ctr bug. Needs improvement on stealthiness, but works for now. 
-n


git-svn-id: file:///home/svn/framework3/trunk@9483 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 06:10:08 +00:00
Joshua Drake 619d088ada updated test results 
git-svn-id: file:///home/svn/framework3/trunk@9477 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-10 20:55:17 +00:00
Joshua Drake 07ed2d636c add browser version of cve-2010-1297 
git-svn-id: file:///home/svn/framework3/trunk@9475 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-10 20:28:05 +00:00
Joshua Drake 6d1e7bdaa5 big commit - lots of cmdstager changes 
created 4 cmd stagers (instead of just one): CmdStagerVBS, CmdStagerDebugAsm, CmdStagerDebugWrite, CmdStagerTFTP
created a TFTPServer mixin
created Msf::Exploit::EXE mixin to generate executables
updated all uses of CmdStager to use CmdStagerVBS for the time being
add exploit for cve-2001-0333 using CmdStagerTFTP
updated tftp server to wait for transfers to finish (up to 30 seconds) before shutting down
write debug.exe stager stub in 16-bit assembly (used in CmdStagerDebugAsm)


git-svn-id: file:///home/svn/framework3/trunk@9375 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-26 22:39:56 +00:00
Steve Tornio cfb850b41b add osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@9363 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-25 02:09:42 +00:00
Joshua Drake acf45118a2 add exploit module for communicrypt activex from dookie 
git-svn-id: file:///home/svn/framework3/trunk@9356 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-24 22:37:59 +00:00
Steve Tornio 365f13551b added refs. I think all the auxiliary and exploit modules should now be covered. 
git-svn-id: file:///home/svn/framework3/trunk@9298 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-13 16:53:50 +00:00
Joshua Drake 128e0515ef stop perpetuating the ambiguity! 
git-svn-id: file:///home/svn/framework3/trunk@9262 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-09 17:45:00 +00:00
Joshua Drake 4bc86e603e fix a couple more silly regex mishaps 
git-svn-id: file:///home/svn/framework3/trunk@9220 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-04 23:09:32 +00:00
Joshua Drake 0e72894e58 more cleanups 
git-svn-id: file:///home/svn/framework3/trunk@9212 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-03 17:13:09 +00:00
Joshua Drake 665baa7691 modify ms09-002 exploit to use encrypt_js 
git-svn-id: file:///home/svn/framework3/trunk@9200 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-02 20:42:34 +00:00
Joshua Drake ce372f62ff fix aurora encrypt and add js_encrypt to chilikat module 
git-svn-id: file:///home/svn/framework3/trunk@9185 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-01 02:31:17 +00:00
Joshua Drake 2662055be8 add encrypt_js call to aurora exploit 
git-svn-id: file:///home/svn/framework3/trunk@9184 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-01 02:14:26 +00:00
Joshua Drake 0ea6eca4bc big module whitespace/formatting cleanup pass 
git-svn-id: file:///home/svn/framework3/trunk@9179 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-30 08:40:19 +00:00
Joshua Drake d91046c470 detect and split JS and non-JS versions 
git-svn-id: file:///home/svn/framework3/trunk@9160 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-27 17:45:35 +00:00
Joshua Drake 49f6fc4d98 ugh 
git-svn-id: file:///home/svn/framework3/trunk@9159 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-27 16:46:21 +00:00
Joshua Drake 2f3171906c remove splash screen 
git-svn-id: file:///home/svn/framework3/trunk@9158 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-27 15:58:05 +00:00
Joshua Drake ac188bebdb added support for older JREs using javascript methods from taviso's exploit 
git-svn-id: file:///home/svn/framework3/trunk@9151 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-27 00:42:52 +00:00
Joshua Drake a953c47cfb remove carriage returns 
git-svn-id: file:///home/svn/framework3/trunk@9140 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-26 18:29:24 +00:00
Joshua Drake bc68b7d92e fix name 
git-svn-id: file:///home/svn/framework3/trunk@9097 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-16 08:08:40 +00:00
Joshua Drake fc2fab9bd7 fix name 
git-svn-id: file:///home/svn/framework3/trunk@9096 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-16 08:08:36 +00:00
Joshua Drake 51e6a64e07 add UNCPATH option 
git-svn-id: file:///home/svn/framework3/trunk@9095 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-16 08:08:14 +00:00
Joshua Drake 80cec47e17 added cve 
git-svn-id: file:///home/svn/framework3/trunk@9091 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-16 00:31:31 +00:00
Joshua Drake 180ca93bbb updated description 
git-svn-id: file:///home/svn/framework3/trunk@9090 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-16 00:31:03 +00:00
Joshua Drake 8e5f0a37d8 rename modules to microsoft bulletin names and update references 
git-svn-id: file:///home/svn/framework3/trunk@9085 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-15 16:08:27 +00:00
Joshua Drake 73dfe9729b update default option settings and auto_target 
git-svn-id: file:///home/svn/framework3/trunk@9083 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-15 15:23:43 +00:00
Steve Tornio ec74d862a7 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@9082 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-15 11:18:25 +00:00
Joshua Drake 950f571488 add module for java web start arguments vuln - no CVE yet 
git-svn-id: file:///home/svn/framework3/trunk@9074 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-14 21:45:23 +00:00
pusscat 99ecd361d3 Fix variable name (care of Monica Sojeong Hong) 
git-svn-id: file:///home/svn/framework3/trunk@9061 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-13 19:05:52 +00:00
HD Moore c8aae09827 Correct english in the quotation 
git-svn-id: file:///home/svn/framework3/trunk@9029 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-07 00:59:20 +00:00
Joshua Drake e9083bda0d add exploit module for cve-2010-0805 - from zsploit 
git-svn-id: file:///home/svn/framework3/trunk@9018 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-05 20:25:56 +00:00
HD Moore 52faebea30 Typo 
git-svn-id: file:///home/svn/framework3/trunk@9006 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-04 04:57:42 +00:00
HD Moore 8f0e3ced67 Correct spelling typo 
git-svn-id: file:///home/svn/framework3/trunk@9004 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-04 00:46:49 +00:00
Joshua Drake ff8cdc29aa update description with a little history 
git-svn-id: file:///home/svn/framework3/trunk@8968 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-31 22:36:10 +00:00
Joshua Drake da874c323a renamed and udpated "iepeers" vuln with latest information/name 
git-svn-id: file:///home/svn/framework3/trunk@8965 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-31 20:15:22 +00:00
Joshua Drake 79e277450a add reliable IE7 trigger from Nanika 
git-svn-id: file:///home/svn/framework3/trunk@8935 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-27 01:31:19 +00:00
Joshua Drake 89d6907a8f fix typoez 
git-svn-id: file:///home/svn/framework3/trunk@8933 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-27 00:35:48 +00:00
HD Moore 13410d4daa Rename aurora module to the MSB naming convention 
git-svn-id: file:///home/svn/framework3/trunk@8780 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-11 05:49:45 +00:00
HD Moore a23344b5d0 Consistency in how IE/Internet Explorer is named 
git-svn-id: file:///home/svn/framework3/trunk@8779 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-11 05:49:14 +00:00
Steve Tornio d3da883aa2 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@8774 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-10 22:07:04 +00:00
Joshua Drake 3c57fe6e81 add exploit module for cve-2010-0806 
git-svn-id: file:///home/svn/framework3/trunk@8770 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-10 22:01:32 +00:00
Joshua Drake b419a40c45 finished periodic missing CVE reference check (hint vulns w/o CVEs here!) 
also some minor cleanups here and there

git-svn-id: file:///home/svn/framework3/trunk@8762 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-10 05:58:01 +00:00
Joshua Drake 83419da78b check for vulnerable version in JS prior to triggering vuln, closes #1011 
git-svn-id: file:///home/svn/framework3/trunk@8731 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-06 04:36:16 +00:00
Joshua Drake 73da75a931 big update to cmd stager 
1. returns array of commands instead of big blob of lines
2. combine lines together when possible (to reduce # of commands to execute)
3. add cmd stager usage in mssql_payload
4. remove extraneous stuff here and there

git-svn-id: file:///home/svn/framework3/trunk@8721 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-05 00:29:44 +00:00
Joshua Drake 0900314a15 redirect requests without subdirectories 
git-svn-id: file:///home/svn/framework3/trunk@8713 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-04 18:28:05 +00:00
Joshua Drake 4bd857b53e add exploit module for cve-2008-3558 
git-svn-id: file:///home/svn/framework3/trunk@8712 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-04 17:41:26 +00:00
Joshua Drake e8f22a7136 add exploit module for cve-2008-3878 
git-svn-id: file:///home/svn/framework3/trunk@8705 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-04 06:19:37 +00:00
Joshua Drake 5aebed8fe7 add exploit module for cve-2008-5002 
git-svn-id: file:///home/svn/framework3/trunk@8703 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-03 21:17:31 +00:00
Joshua Drake fb5906385d add exploit module for cve-2009-1534 
git-svn-id: file:///home/svn/framework3/trunk@8698 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-03 18:12:37 +00:00
Joshua Drake d86575701d added CVE, KB references 
git-svn-id: file:///home/svn/framework3/trunk@8696 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-03 03:20:58 +00:00
Steve Tornio 074b4ada44 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@8688 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-02 12:23:17 +00:00
Joshua Drake 4b59410507 rename module per ms bulletin 
git-svn-id: file:///home/svn/framework3/trunk@8686 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-02 07:50:25 +00:00
Joshua Drake d0153225a0 add exploit module for cve-2009-1612 
git-svn-id: file:///home/svn/framework3/trunk@8685 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-02 02:26:55 +00:00
Joshua Drake cc9113397c add exploit for IE Windows Help vulnerability 
git-svn-id: file:///home/svn/framework3/trunk@8682 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-01 23:14:20 +00:00
Joshua Drake cc891bce80 whitespace cleanups 
git-svn-id: file:///home/svn/framework3/trunk@8677 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-01 15:13:04 +00:00
Joshua Drake afd2df315b rename module part deux! 
git-svn-id: file:///home/svn/framework3/trunk@8607 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-23 18:12:10 +00:00
Joshua Drake 705a4626e4 remove dash from file name 
git-svn-id: file:///home/svn/framework3/trunk@8605 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-23 18:06:35 +00:00
Joshua Drake 797ab55f52 add exploit module for cve-2009-2011 
git-svn-id: file:///home/svn/framework3/trunk@8541 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-17 20:14:40 +00:00
Patrick Webster 3fd3d44ad6 Added barcode_ax49.rb exploit module. 
git-svn-id: file:///home/svn/framework3/trunk@8466 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-12 18:06:49 +00:00
James Lee eb6ce38e0c old zero-day shows its age 
git-svn-id: file:///home/svn/framework3/trunk@8445 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-10 20:41:07 +00:00
HD Moore ba34abc232 Fix unpack("H*") vs unpack("H*")[0] 
git-svn-id: file:///home/svn/framework3/trunk@8416 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-08 21:37:07 +00:00
Joshua Drake fde3fbb2e3 add exploit module for cve-2009-1569 
git-svn-id: file:///home/svn/framework3/trunk@8339 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-01 03:56:02 +00:00
Joshua Drake c073cd707a removed unecessary parameter, commented target 
git-svn-id: file:///home/svn/framework3/trunk@8338 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-01 03:33:38 +00:00
Joshua Drake 2783c5884e add exploit module for cve-2009-1568 
git-svn-id: file:///home/svn/framework3/trunk@8336 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-01 02:40:47 +00:00
Joshua Drake 4751d83cb8 some cleanups, added some CVE references 
git-svn-id: file:///home/svn/framework3/trunk@8304 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 20:15:32 +00:00
Joshua Drake d9e5de5683 note the CLSID of this control 
git-svn-id: file:///home/svn/framework3/trunk@8302 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 19:17:50 +00:00
Joshua Drake 31949c4343 svn keywords fixups 
fixed a bunch of $Id$ and $Revision$ typos
added keywords property to files missing it



git-svn-id: file:///home/svn/framework3/trunk@8242 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-26 20:12:13 +00:00
Joshua Drake 83f47796fe add reference to ms09-032 (the mitigation) 
git-svn-id: file:///home/svn/framework3/trunk@8212 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-24 00:05:19 +00:00
Joshua Drake 409d44bfad fix another typo 
git-svn-id: file:///home/svn/framework3/trunk@8190 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-21 19:26:04 +00:00
Joshua Drake 9cb3ac9340 fix typo 
git-svn-id: file:///home/svn/framework3/trunk@8189 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-21 19:24:54 +00:00
Joshua Drake ab1a1c58db escape more format specifiers passed to util.printd 
prevents mucking with the allocation size (hopefully)
a better solution would be to find a different way to allocate the freed memory..


git-svn-id: file:///home/svn/framework3/trunk@8188 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-21 18:32:01 +00:00
Joshua Drake a87d4e7eb4 escape randomly generated format specifiers passed to util.printd 
prevents mucking with the allocation size (hopefully)


git-svn-id: file:///home/svn/framework3/trunk@8186 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-21 17:09:46 +00:00
Joshua Drake 2b8a2d56a1 some variable renaming 
git-svn-id: file:///home/svn/framework3/trunk@8184 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-21 04:55:16 +00:00
James Lee bbe10b439f let the user know when a client connects 
git-svn-id: file:///home/svn/framework3/trunk@8140 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-16 01:00:01 +00:00
HD Moore 69f609bdcd Updated description to make the source of the exploit clear and why it only triggers reliably vs 6 now. Adjusts the heap spray to be slightly bigger 
git-svn-id: file:///home/svn/framework3/trunk@8138 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-16 00:55:42 +00:00
Steve Tornio a0326fc842 add CVE and OSVDB refs 
git-svn-id: file:///home/svn/framework3/trunk@8137 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-15 22:05:02 +00:00
HD Moore 579a6fe799 Metasploit port of the IE "Aurora" exploit, based on this sample: http://wepawet.iseclab.org/view.php?hash=1aea206aa64ebeabb07237f1e2230d0f&type=js 
git-svn-id: file:///home/svn/framework3/trunk@8136 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-15 21:36:04 +00:00
Joshua Drake fba8a1d110 added a German target with 0x0a0a0a0a as the spray addr 
git-svn-id: file:///home/svn/framework3/trunk@8125 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-14 22:24:56 +00:00
James Lee 3c6cbbc47e make sure IE service packs don't throw off the version comparison 
git-svn-id: file:///home/svn/framework3/trunk@8049 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-31 21:24:00 +00:00
Joshua Drake 2283e029db crossing fingers, big cr removal batch 
git-svn-id: file:///home/svn/framework3/trunk@8038 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-30 22:24:22 +00:00
Joshua Drake 19d32b6c97 add jabra to author list 
git-svn-id: file:///home/svn/framework3/trunk@7931 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-21 17:01:12 +00:00
Steve Tornio 544efd879b Add OSVDB references 
git-svn-id: file:///home/svn/framework3/trunk@7929 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-21 11:53:20 +00:00
Joshua Drake 47ef693b77 add CVE references! 
git-svn-id: file:///home/svn/framework3/trunk@7928 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-21 09:38:42 +00:00