Joshua Drake
|
447e208abf
|
add httpdx handlepeer() exploit (cve-2009-3711)
git-svn-id: file:///home/svn/framework3/trunk@7557 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-17 22:29:20 +00:00 |
Joshua Drake
|
98c60be1f1
|
rough cut at some format string support
git-svn-id: file:///home/svn/framework3/trunk@7556 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-17 22:14:44 +00:00 |
HD Moore
|
4b9a54a2f6
|
Fixes #529 by correcting the variable name
git-svn-id: file:///home/svn/framework3/trunk@7555 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-17 12:45:34 +00:00 |
HD Moore
|
e88ef79af8
|
And here we go again...
git-svn-id: file:///home/svn/framework3/trunk@7554 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-17 04:01:10 +00:00 |
HD Moore
|
195ee9a5fd
|
Update the 3.3 release notes
git-svn-id: file:///home/svn/framework3/trunk@7553 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-17 00:09:20 +00:00 |
HD Moore
|
30a7a467a3
|
Fix the trac url
git-svn-id: file:///home/svn/framework3/trunk@7552 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-17 00:07:42 +00:00 |
HD Moore
|
c7712d45d6
|
Mark this as 3.3-release, hopefully this is the last commit before 3.4-dev starts
git-svn-id: file:///home/svn/framework3/trunk@7551 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-17 00:06:44 +00:00 |
HD Moore
|
61e233df91
|
Keywords on all modules, plugins, and scripts
git-svn-id: file:///home/svn/framework3/trunk@7550 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-17 00:05:19 +00:00 |
James Lee
|
0150e7a4de
|
add a simple encoder for sh payloads that only replaces spaces. fixes #525
git-svn-id: file:///home/svn/framework3/trunk@7549 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-17 00:00:08 +00:00 |
HD Moore
|
a92fbb1ff4
|
Fixes #526. Correct socket name and call to super in the socket output io
git-svn-id: file:///home/svn/framework3/trunk@7548 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 23:35:34 +00:00 |
HD Moore
|
9b1935eb2a
|
Fixes #522. Allow RHOSTS to contain hostnames with dashes
git-svn-id: file:///home/svn/framework3/trunk@7547 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 23:20:59 +00:00 |
HD Moore
|
dc0dc98771
|
Fixes #517. Disables meterpreter stages for passivex stagers
git-svn-id: file:///home/svn/framework3/trunk@7546 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 22:45:33 +00:00 |
James Lee
|
777317d0ad
|
make sure everybody is using the same SRVHOST. fixes #511
git-svn-id: file:///home/svn/framework3/trunk@7545 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 22:06:32 +00:00 |
Stephen Fewer
|
6142f5d509
|
re-enable the passivex stager. we still need to force the meterpreter stage to be incompatible with this stager as their is a known issue between the two.
git-svn-id: file:///home/svn/framework3/trunk@7544 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 19:34:14 +00:00 |
Joshua Drake
|
d8b9e030e3
|
really fixed, test case: "db_create/db_nmap -P"
git-svn-id: file:///home/svn/framework3/trunk@7543 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 19:13:33 +00:00 |
Joshua Drake
|
6d18c6dd53
|
bugfix for NMAP failure, test case: "db_nmap -P"
git-svn-id: file:///home/svn/framework3/trunk@7542 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 19:06:42 +00:00 |
James Lee
|
10e897b94f
|
make sure we got a response before trying to pull headers out of it. see #519
git-svn-id: file:///home/svn/framework3/trunk@7541 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 19:00:16 +00:00 |
James Lee
|
36921e6d4b
|
fix a bug where a failed encoder would try to convert nil to Integer. see #519
git-svn-id: file:///home/svn/framework3/trunk@7540 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 18:57:04 +00:00 |
James Lee
|
9f134512c2
|
give up if we can't get the password hash. see #519
git-svn-id: file:///home/svn/framework3/trunk@7539 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 18:51:51 +00:00 |
James Lee
|
dd323e2a7b
|
don't try to run methods on an object we just confirmed was nil
git-svn-id: file:///home/svn/framework3/trunk@7538 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 18:48:34 +00:00 |
HD Moore
|
3f811a801e
|
Fixes #509. Fix the last shadowed var issue, the rest dont seem significant
git-svn-id: file:///home/svn/framework3/trunk@7537 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 18:34:08 +00:00 |
HD Moore
|
0251f21dc9
|
See #509
git-svn-id: file:///home/svn/framework3/trunk@7536 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 18:30:07 +00:00 |
HD Moore
|
58711ec7ad
|
See #509
git-svn-id: file:///home/svn/framework3/trunk@7535 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 18:28:45 +00:00 |
James Lee
|
b4d04ab22d
|
fix 1.9 str[idx] error; see #519
git-svn-id: file:///home/svn/framework3/trunk@7534 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 18:28:34 +00:00 |
Joshua Drake
|
4edc6d942c
|
updated awingsoft web3d bof module from trancer
git-svn-id: file:///home/svn/framework3/trunk@7533 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 16:51:52 +00:00 |
James Lee
|
94729103b4
|
added osvdb ref and keywords
git-svn-id: file:///home/svn/framework3/trunk@7532 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 16:18:51 +00:00 |
HD Moore
|
bd28e044f0
|
Handle instances where the pipe does not exist gracefully
git-svn-id: file:///home/svn/framework3/trunk@7531 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 15:20:50 +00:00 |
HD Moore
|
8cadfe66cf
|
Mostly cosmetic
git-svn-id: file:///home/svn/framework3/trunk@7530 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 15:16:08 +00:00 |
HD Moore
|
ba5da501bf
|
Log the exploit name when the module raises an exception, helps track down bugs during automation
git-svn-id: file:///home/svn/framework3/trunk@7529 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 15:08:58 +00:00 |
James Lee
|
7fb9c4a791
|
add coverage for cve-2009-1151
git-svn-id: file:///home/svn/framework3/trunk@7528 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 08:42:32 +00:00 |
HD Moore
|
ffcd613450
|
Commit the rc2 installer
git-svn-id: file:///home/svn/framework3/trunk@7527 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 04:05:45 +00:00 |
HD Moore
|
5c39fd102a
|
Tag this a rc1, one more big bug shakeout
git-svn-id: file:///home/svn/framework3/trunk@7526 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 03:30:16 +00:00 |
HD Moore
|
d67cb3cdde
|
Really fixes #464
git-svn-id: file:///home/svn/framework3/trunk@7525 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 02:52:23 +00:00 |
HD Moore
|
ba9f7b41b3
|
Fix save() again
git-svn-id: file:///home/svn/framework3/trunk@7524 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 02:48:00 +00:00 |
HD Moore
|
1ad262a53e
|
Fixes #464 by using the correct logic to only save user defined variables and to reset default options after a register_*_options call by a mixin
git-svn-id: file:///home/svn/framework3/trunk@7523 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-16 02:39:08 +00:00 |
James Lee
|
53640065da
|
license
git-svn-id: file:///home/svn/framework3/trunk@7522 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-15 19:53:03 +00:00 |
Joshua Drake
|
04725e70cc
|
reference updates from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7521 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-15 16:03:01 +00:00 |
Mario Ceballos
|
4c23734e72
|
added exploit module oracle_dc_submittoexpress.rb
git-svn-id: file:///home/svn/framework3/trunk@7520 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-15 01:01:21 +00:00 |
HD Moore
|
4549ca2eb3
|
Adds an OSVDB reference from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7519 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-14 23:08:27 +00:00 |
Joshua Drake
|
7573994152
|
add exploit module for another winds3d 0day
git-svn-id: file:///home/svn/framework3/trunk@7518 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-14 22:26:08 +00:00 |
HD Moore
|
18ba91cebc
|
Adds the find/save wrapper back, it seems to help a little, but doesn't solve all cases. See #514
git-svn-id: file:///home/svn/framework3/trunk@7517 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-14 22:11:53 +00:00 |
HD Moore
|
291aad8cc1
|
Fixes #516 and fixes #515. This patch makes database support a little more user-friendly. The db commands now accept -h and --help, the db_drivers command will indicate how to install support for a given database, the db_create/db_destroy commands will indicate what tools are required to use them, and the postgres driver will now roperly handle sameuser authentication over a unix domain socket with postgres-pr
git-svn-id: file:///home/svn/framework3/trunk@7516 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-14 21:41:38 +00:00 |
Joshua Drake
|
240a8444b0
|
Fixed some license problems
git-svn-id: file:///home/svn/framework3/trunk@7515 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-14 18:09:05 +00:00 |
Mario Ceballos
|
bbfc195735
|
added patch from Steve Tornio.
git-svn-id: file:///home/svn/framework3/trunk@7514 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-14 13:26:27 +00:00 |
James Lee
|
e296ec92ea
|
more uninitalized var warnings
git-svn-id: file:///home/svn/framework3/trunk@7513 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-14 06:21:22 +00:00 |
Joshua Drake
|
8d382ef487
|
oops -- removed CVE/BID/OSVDB references
git-svn-id: file:///home/svn/framework3/trunk@7512 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-14 04:46:21 +00:00 |
Joshua Drake
|
74269325db
|
added CVE/BID/OSVDB references
git-svn-id: file:///home/svn/framework3/trunk@7511 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-14 04:42:02 +00:00 |
Joshua Drake
|
f86eca488a
|
minor fixup in email addr
git-svn-id: file:///home/svn/framework3/trunk@7510 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-14 04:39:00 +00:00 |
Joshua Drake
|
9381abf41a
|
swap L to V for packing
git-svn-id: file:///home/svn/framework3/trunk@7509 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-14 04:38:03 +00:00 |
Joshua Drake
|
70cf288b99
|
added trancer's exploit for cve-2009-2386
git-svn-id: file:///home/svn/framework3/trunk@7508 4d416f70-5f16-0410-b530-b9f4589650da
|
2009-11-14 04:36:20 +00:00 |