Commit Graph

283 Commits (34bbc5be90ec247ffb0735490121a8edf158c4ca)

Author SHA1 Message Date
Christian Mehlmauer de88908493
code style 2014-12-11 23:30:20 +01:00
URI Assassin 35d3bbf74d
Fix up comment splats with the correct URI
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
Spencer McIntyre 8095b4893c Rename and apply rubocop style to wing_ftp_admin_exec 2014-08-29 13:42:11 -04:00
nnam 02bbd53b82 Fix failure messages for check(). 2014-08-28 12:09:35 -07:00
Nicholas Nam 6c90a50e47 Handle res.nil case in check(). Revert check for res.nil in
execute_command() because it was failing prior to the reverse_shell
connecting.
2014-08-28 10:57:52 -07:00
Nicholas Nam 0788ce9745 Removed unused require and import. Handle the res.nil case in
execute_command() and authenticate().
2014-08-28 10:30:30 -07:00
Nicholas Nam 40b66fae33 Add Wing FTP Server post-auth remote command execution module 2014-08-26 07:28:41 -07:00
William Vu ff6c8bd5de
Land #3479, broken sock.get fix 2014-07-16 14:57:32 -05:00
William Vu b6ded9813a
Remove EOL whitespace 2014-07-16 14:56:34 -05:00
jvazquez-r7 8937fbb2f5 Fix email format 2014-07-11 12:45:23 -05:00
HD Moore e806222512 Fix bad copypast, sock.get usage, HTTP mistakes 2014-06-28 16:18:16 -05:00
HD Moore 5e900a9f49 Correct sock.get() to sock.get_once() to prevent indefinite hangs/misuse 2014-06-28 16:06:46 -05:00
HD Moore 6e80481384 Fix bad use of sock.get() and check() implementations
Many of these modules uses sock.get() when they meant get_once()
and their HTTP-based checks were broken in some form. The response
to the sock.get() was not being checked against nil, which would
lead to stack traces when the service did not reply (a likely
case given how malformed the HTTP requests were).
2014-06-28 16:05:05 -05:00
sinn3r d7ca537a41 Microsoft module name changes
So after making changes for MSIE modules (see #3161), I decided to
take a look at all MS modules, and then I ended up changing all of
them. Reason is the same: if you list modules in an ordered list
, this is a little bit easier to see for your eyes.
2014-03-28 20:56:53 -05:00
William Vu 25ebb05093 Add next chunk of fixes
Going roughly a third at a time.
2014-03-11 12:23:59 -05:00
sinn3r c403c521b3 Change check code 2014-01-23 11:03:40 -06:00
sinn3r fe767f3f64 Saving progress
Progress group 2: Making sure these checks comply with the new
guidelines. Please read: "How to write a check() method" found in
the wiki.
2014-01-21 11:07:03 -06:00
William Vu 2c485c509e Fix caps on module titles (first pass) 2013-11-15 00:03:42 -06:00
Tod Beardsley ed0b84b7f7
Another round of re-splatting. 2013-10-15 14:14:15 -05:00
Tod Beardsley c83262f4bd
Resplat another common boilerplate. 2013-10-15 14:07:48 -05:00
Tod Beardsley 23d058067a
Redo the boilerplate / splat
[SeeRM #8496]
2013-10-15 13:51:57 -05:00
Winterspite 0acb170ee8 Bug #8419 - Added platform info missing on exploits 2013-10-08 22:41:50 -04:00
Tod Beardsley 4dc88cf60f Expand descriptions for ease of use. 2013-09-30 13:30:31 -05:00
jvazquez-r7 6381bbfd39 Clean up freeftpd_pass 2013-09-27 09:47:39 -05:00
TecR0c b02a2b9ce0 Added crash info and basic tidy up 2013-09-27 17:05:42 +10:00
TecR0c 7dbc3f4f87 changed seh address to work on freeFTPd 1.0.10 and below 2013-09-27 12:37:52 +10:00
TecR0c 5fc98481a7 changed seh address to work on freeFTPd 1.0.10 and below 2013-09-27 12:35:03 +10:00
TecR0c a6e1bc61ec updated version in exploit freeFTPd 1.0.10 2013-09-27 11:27:51 +10:00
TecR0c 3a3f1c0d05 updated requested comments for freeFTPd 1.0.10 2013-09-27 11:13:28 +10:00
TecR0c 0339c3ef48 added freeFTPd 1.0.10 (PASS Command) 2013-09-26 20:37:23 +10:00
sinn3r feb76ea767 Modify check
Since auth is required, check function needs to look into that too
2013-09-20 12:28:21 -05:00
sinn3r 2d6c76d0ad Rename pcman module
Because this is clearly a msf module, we don't need 'msf' as a
filename. The shorter the better.
2013-09-20 12:18:24 -05:00
sinn3r 6690e35761 Account for username length
Username is part of the overflowing string, need to account for that
2013-09-20 12:17:34 -05:00
sinn3r 9d67cbb4db Retabbed 2013-09-20 11:58:53 -05:00
Rick Flores (nanotechz9l) 7d17eef7a7 Updated several msftidy [WARNING] Spaces at EOL issues. 2013-09-19 20:35:08 -07:00
Rick Flores (nanotechz9l) 058e0fdd80 Changed ret to push esp C:\WINDOWS\system32\msvcrt.dll 2013-09-19 07:21:51 -07:00
Rick Flores (nanotechz9l) 766e96510d Added minor indentation updates 2013-09-18 12:12:35 -07:00
Rick Flores (nanotechz9l) 6cbe371381 minor change 2013-09-17 20:33:46 -07:00
Rick Flores (nanotechz9l) 0052f9712b Updated hard tabs per new requirement 2013-09-17 17:42:01 -07:00
Rick Flores (nanotechz9l) 52a1b5fa57 updated pcman_stor_msf.rb module with community feedback. 2013-09-16 17:43:10 -07:00
Rick Flores (nanotechz9l) 226a75b5da updated pcman_stor_msf.rb module with community feedback. 2013-09-16 17:37:29 -07:00
Rick Flores (nanotechz9l) d4f2e72b9c updated module to include msftidy.rb 2013-09-16 12:46:13 -07:00
Rick Flores (nanotechz9l) 82e3910959 added PCMan's FTP Server Crafted Multiple Command Handling Remote Buffer Overflow (OSVDB 94624) 2013-09-16 12:40:36 -07:00
Rick Flores (nanotechz9l) 92cf886e49 updated module to include msftidy.rb 2013-09-16 12:38:00 -07:00
Rick Flores 4c83336944 Delete pcman_stor_msf.rb
delete because of commit issues.
2013-09-16 12:25:39 -07:00
Rick Flores (nanotechz9l) f657f4d145 added PCMan's FTP Server Crafted Multiple Command Handling Remote Buffer Overflow (OSVDB 94624) 2013-09-16 09:57:27 -07:00
Tab Assassin 41e4375e43 Retab modules 2013-08-30 16:28:54 -05:00
HD Moore 6c1ba9c9c9 Switch to Failure vs Exploit::Failure 2013-08-15 14:14:46 -05:00
jvazquez-r7 8ac01d3b8e Fix description and make it aggressive 2013-08-12 11:19:25 -05:00
bcoles d63d7bc7da Add Open-FTPD 1.2 Writable Directory Traversal Execution 2013-08-12 08:49:49 +09:30