sinn3r
a59c474e3e
Merge branch 'jvazquez-r7-ibm_cognos_tm1admsd_bof'
2013-01-07 13:34:52 -06:00
Tod Beardsley
36adf86184
Various and sundry fixes for normalize_uri
2013-01-07 12:02:08 -06:00
Tod Beardsley
33751c7ce4
Merges and resolves CJR's normalize_uri fixes
...
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules
Note that this trips all kinds of msftidy warnings, but that's for another
day.
Conflicts:
modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
modules/exploits/windows/http/xampp_webdav_upload_php.rb
2013-01-07 11:16:58 -06:00
jvazquez-r7
883b3446f3
license text
2013-01-05 08:03:25 +01:00
jvazquez-r7
0a13f01f23
Added module for ZDI-12-101
2013-01-05 07:40:32 +01:00
Christian Mehlmauer
6654faf55e
Msftidy fixes
2013-01-04 09:29:34 +01:00
sinn3r
b50e040e69
Fix e-mail format, and the extra comma
2013-01-04 01:11:40 -06:00
sinn3r
6d4abe947d
Merge branch 'id_revision' of github.com:FireFart/metasploit-framework into FireFart-id_revision
2013-01-04 00:23:03 -06:00
sinn3r
38de5d63d8
Merge branch 'master' of github.com:rapid7/metasploit-framework
2013-01-03 17:49:24 -06:00
Christian Mehlmauer
8f2dd8e2ce
msftidy: Remove $Revision$
2013-01-04 00:48:10 +01:00
sinn3r
b061a0f9c1
Merge branch 'enterasys_netsight_syslog_bof' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-enterasys_netsight_syslog_bof
2013-01-03 17:45:24 -06:00
Christian Mehlmauer
25aaf7a676
msftidy: Remove $Id$
2013-01-04 00:41:44 +01:00
jvazquez-r7
a0b4045b4b
trying to fix the variable offset length
2013-01-04 00:25:34 +01:00
sinn3r
724fa62019
Merge branch 'enterasys_netsight_syslog_bof' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-enterasys_netsight_syslog_bof
2013-01-03 15:35:29 -06:00
sinn3r
6fd35482cc
This exploit should be in browser auto pwn
2013-01-03 14:45:00 -06:00
jvazquez-r7
9cea2d9af9
reference updated
2013-01-03 19:39:18 +01:00
jvazquez-r7
45808a3a44
Added module for ZDI-11-350
2013-01-03 19:17:45 +01:00
sinn3r
06b937ec11
Implements WTFUzz's no-spray technique
...
Do not try to bend the spoon, that is impossible. Instead, only
try to realize the truth: there is no spoon.
2013-01-03 11:57:47 -06:00
sinn3r
c86c6f1ba0
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
2013-01-02 17:26:42 -06:00
jvazquez-r7
758edd7aed
make msftidy happy
2013-01-03 00:02:03 +01:00
Charlie Eriksen
97253d46a1
Multiple change for Juan
...
Incooperated changes as per Juan's suggestions.
- Removed redundant space option for the payload
- Doing the uri more intelligently
- Detecting allow_url_include being disabled and reporting it
- Moved to unix/webapp
- Removed redundant handler call
- Adding to description that this requires allow_url_include to be
enabled
2013-01-02 21:19:06 +00:00
Charlie Eriksen
78c6d04b31
Fixing from crlf to lf
...
By accident the line endings changed to crlf.
Mihi pointed out that the last diff was funky because the commit by
accident had crlf rather than the lf from the initial commits.
Also adding an email, as per the HACKING guide and since hdm pointed out
the usefulness of it.
2013-01-02 20:14:09 +00:00
Charlie Eriksen
ef3f15e881
Adding a PLUGINSPATH option
...
Adding a PUGINSPATH option as per FireFart's comment.
Because the path to plugins(and wp-content) can be changed, I've added a
PLUGINSPATH options.
This allows for targeting of sites where either folder has been moved,
by specifying the relative path to where all plugins are stored.
2013-01-02 18:56:49 +00:00
Charlie Eriksen
6fb2130265
Adding a damn space
...
It suddenly jumped at me that there was a missing space in the module
info. Couldn't unsee.
2013-01-01 23:40:01 +00:00
Charlie Eriksen
4ba5b45ad3
Fixed the check
...
Turns out the export returns a 500 by default. Fixing.
2013-01-01 23:15:10 +00:00
Charlie Eriksen
dd0482cb9d
Code style fix!
...
Now variable names are in-line with the coding guidelines!
2013-01-01 23:01:14 +00:00
Charlie Eriksen
2fe2d5d3dd
Adding exploit for OSVDB 87353
...
Adding an exploit for OSVDB 87353, which allows for a remote file
inclusion in the Advanced Custom Fields plugin for Wordpress. and shell
given that url include is enabled in the php installation.
2013-01-01 22:52:55 +00:00
sinn3r
38157b86a9
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
2012-12-31 11:15:44 -06:00
sinn3r
f7543e18fe
Your def of commit apparently is a little different than mine, git.
2012-12-31 00:35:13 -06:00
sinn3r
2b3f7c4430
Module rename
...
Sorry, Tod, this must be done.
2012-12-31 00:29:19 -06:00
sinn3r
5703274bc4
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
2012-12-30 20:34:57 -06:00
sinn3r
1084334d5e
Randomness
2012-12-30 20:34:14 -06:00
sinn3r
7cb42a5eb4
Add BID ref
2012-12-30 18:14:22 -06:00
sinn3r
cc52e2c533
Where's Juan's name?
2012-12-30 12:58:16 -06:00
jvazquez-r7
14f21c0a29
using the rop as expected
2012-12-30 16:13:48 +01:00
jvazquez-r7
eed5a74f32
description updated and reference added
2012-12-30 16:08:01 +01:00
Christian Mehlmauer
f7d6594314
re-deleted comma
2012-12-30 13:39:14 +01:00
jvazquez-r7
6be8ed6168
readd fix for #1219
2012-12-30 13:25:42 +01:00
jvazquez-r7
cd58cc73d9
fixed rop chain for w2003
2012-12-30 13:12:55 +01:00
Christian Mehlmauer
cab84b5c27
Fix for issue #1219
2012-12-30 13:02:13 +01:00
Christian Mehlmauer
dcf018c339
Comma
2012-12-30 12:54:44 +01:00
Christian Mehlmauer
14d197eeb2
Added Windows Server 2003
2012-12-30 11:35:29 +01:00
jvazquez-r7
6cb9106218
Added module for CVE-2012-4792
2012-12-30 01:46:56 +01:00
sinn3r
eb2037bdba
Merge branch 'inotes_dwa85w_bof' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-inotes_dwa85w_bof
2012-12-28 12:16:06 -06:00
jvazquez-r7
9ffb0dcf79
switch to some random data
2012-12-28 12:48:36 +01:00
jvazquez-r7
8f62cd5561
swith to some random data
2012-12-28 12:47:20 +01:00
jvazquez-r7
af61438b0b
added module for zdi-12-132
2012-12-28 11:45:32 +01:00
jvazquez-r7
8ea5c993a2
added module for zdi-12-134
2012-12-28 11:44:30 +01:00
sinn3r
771460fa4c
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
2012-12-26 11:35:52 -06:00
sinn3r
d2dc7ebc2d
Merge branch 'feature/windows-postgres-payload-dll' of git://github.com/jlee-r7/metasploit-framework into jlee-r7-feature/windows-postgres-payload-dll
2012-12-26 11:18:21 -06:00