bc92b43408
Update to metasploit_data_models 0.11.0
...
[#47979793 ]
2013-05-09 13:25:26 -05:00
94f841dd3f
Land #1810 , @wchen-r7's modification to make ie_cgenericelement_uaf more stable
2013-05-08 21:53:18 -05:00
f9f769cec8
Landing #1805 - Fix unintelligible error when importing empty file
2013-05-08 20:10:45 -05:00
9043eeda66
A slight change for stability
...
While updating ie_cgenericelement_uaf earlier today, I noticed the
changes made it a tiny bit less stable. Juan's test log in #1809
also kinda shows that (with the first attempt failing), so I decided
to go back and move the string crafting part, that way between
CollectGarbage() and the overwrite, there is less noise, and hopefully
more stable. I did a few tests, seems better.
2013-05-08 20:02:55 -05:00
bdd2287daf
Land #1809 , @wchen-r7's modification for ie_cgenericelement_uaf
2013-05-08 16:21:11 -05:00
0e51042a01
Landing #1808 - ERS Viewer 2011 bof (CVE-2013-0726)
2013-05-08 15:51:46 -05:00
9a1400a75b
Forgot to remove this print_warning
2013-05-08 15:44:04 -05:00
075f6e8d45
Updates ROP chain and mstime_malloc usage
2013-05-08 15:42:45 -05:00
4c75354a6a
Land #1786 , request_cgi instead of request_raw
...
Also some other small changes to modules, such as sensible defaults for
options.
2013-05-08 14:58:04 -05:00
c7609ac7d1
Initial update
2013-05-08 14:24:52 -05:00
1aa80cd35e
Add module for CVE-2013-0726
2013-05-08 13:48:48 -05:00
a5648a8830
Merge branch 'master' into feature/mdm-module-namespace
...
Conflicts:
Gemfile
Gemfile.lock
lib/msf/core/db_manager.rb
2013-05-08 13:22:41 -05:00
e939de583c
Clean up and multi platform support for sap_soap_rfc_sxpg_command_exec
2013-05-07 22:46:39 -05:00
5f59d9f723
Move sap_soap_rfc_sxpg_command_exec to multi dir
2013-05-07 22:46:04 -05:00
ab60e0bfb7
Fix print message
2013-05-07 22:41:15 -05:00
9ab68ac935
Fix unintelligible error when importing empty file
...
IO#read returns nil for an empty file if given a length argument, which
caused a stack trace when attempting to import a file instead of a
useful error message.
2013-05-07 18:05:45 -05:00
24bad9c15c
Clean up sap_soap_rfc_sxpg_call_system_exec and make it multi platform
2013-05-07 17:03:10 -05:00
76f6d9f130
Move module to multi-platform location
2013-05-07 17:01:56 -05:00
3d5eb24a33
Merge pull request #1802 from limhoff-r7/feature/new-rvm-ignores
...
[Delivers #49402505 ]
2013-05-07 06:58:53 -07:00
75e77f5801
Add new rvm control files to ignores
...
[#49402505 ]
rvm stable (1.19.6) has deprecated .rvmrc in favor of the .ruby-version
file used by other ruby version switchers and .ruby-gemset. These files
only contain strings to be looked up instead of bash or sh code, so it's
also a safer format than the old script in the .rvmrc.
2013-05-07 08:32:21 -05:00
e3582887cf
OSVDB, Base64
2013-05-07 08:28:48 +02:00
fff8593795
Fix author name
2013-05-06 17:34:37 -05:00
c84febb81a
Fix extra character
2013-05-06 15:19:15 -05:00
92b4d23c09
Add Mariano as Author because of the abuse disclosure
2013-05-06 15:15:15 -05:00
db243e78c8
Land #1682 , sap_router_info_request fix from @nmonkee
2013-05-06 15:13:57 -05:00
85581a0b6f
Clean up sap_soap_rfc_eps_get_directory_listing
2013-05-06 13:21:42 -05:00
1fc0bfa165
Change module filename
2013-05-06 13:20:07 -05:00
0f2a3fc2d4
dsl320b authentication bypass - password extract
2013-05-06 14:31:47 +02:00
7b960a4f18
Add OSVDB reference
2013-05-06 00:54:00 -05:00
a17062405d
Clean up for sap_soap_rfc_eps_delete_file
2013-05-06 00:53:07 -05:00
5adc2879bf
Change module filename
2013-05-06 00:51:23 -05:00
66a5eb74c5
Move file to auxiliary/dos/sap
2013-05-06 00:50:50 -05:00
0390baff64
Merge pull request #1798 from dmaloney-r7/upstream-master
...
fix ssh_creds module
2013-05-05 14:46:28 -07:00
e40695769d
unbotch merge?
2013-05-05 16:43:56 -05:00
2d99167fe7
Merge commit 'b0f5255de8f78fb0d54be1ee49f43455968d6740' into upstream-master
2013-05-05 16:41:18 -05:00
b0f5255de8
fix ssh_creds username
...
ssh_creds post module as not saving
the username in the cred objects
2013-05-05 16:31:28 -05:00
8239998ada
Typo on URL for #1797 . Thx @Meatballs1
2013-05-05 12:26:06 -05:00
c9ea7e250e
Fix disclosure date, ref for #1897
2013-05-05 12:13:02 -05:00
e9841b216c
Land #1797 , IE8 DoL exploit module from @wchen-r7
...
Exploit for an in-the-wild unpatched vuln in IE8. @jvazquez-r7 already
reviewed functionality
2013-05-05 12:06:45 -05:00
a33510e821
Add MS IE8 DoL 0day exploit (CVE-2013-1347)
...
This module exploits a use-after-free vuln in IE 8, used in the
Department of Labor attack.
2013-05-05 12:04:17 -05:00
1b485f15db
Land #1796 - Adds missing require to shodan_search aux.
...
[Closes #1796 ]
2013-05-05 11:49:38 +02:00
63b0eace32
Add a missing require
2013-05-04 22:39:57 -05:00
c3e9503c0b
tplink traversal - initial commit
2013-05-03 14:27:13 -05:00
589be270bf
Land #1658 , @nmonkee's SAP module for PFL_CHECK_OS_FILE_EXISTENCE
2013-05-03 14:19:36 -05:00
2396c265f8
Landing #1790 - AudioCoder .m3u bof module
2013-05-03 11:59:12 -05:00
13202a3273
Add OSVDB reference
2013-05-03 09:46:29 -05:00
d8bbd9d78b
Merge pull request #6 from jvazquez-r7/sap_soap_rfc_pfl_check_os_file_existence
...
Clean up for sap_soap_rfc_pfl_check_os_file_existence
2013-05-03 05:40:56 -07:00
a95de101e7
Delete extra line
2013-05-02 22:04:27 -05:00
6210b42912
Port EDB 25141 to msf
2013-05-02 22:00:43 -05:00
a2e1fbe7a9
Make msftidy happy
2013-05-02 19:46:26 -05:00
Luke Imhoff
jvazquez-r7
sinn3r
Tod Beardsley
James Lee
Samuel Huckins
m-1-k-3
dmaloney-r7
Meatballs
HD Moore
nmonkee