Commit Graph

254 Commits (3936725958080e5b5c345d8d15e8e659da4b45f1)

Author SHA1 Message Date
Rob Fuller c411c216c0 Solved most of msftidy issues with the /modules directory 2011-11-28 17:10:29 -06:00
Wei Chen e767214411 Fix: whitespaces, svn propset, author e-mail format
git-svn-id: file:///home/svn/framework3/trunk@14175 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 22:02:26 +00:00
Joshua Drake 62c8c6ea9f big msftidy pass, ping me if there are issues
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 11:56:13 +00:00
HD Moore 5916a4afe3 Cosmetic
git-svn-id: file:///home/svn/framework3/trunk@13991 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 09:56:33 +00:00
HD Moore f2469fc23f Drop phpi to normal ranking, it eats too much time
git-svn-id: file:///home/svn/framework3/trunk@13990 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 09:10:45 +00:00
Wei Chen 975cc52bac Fix spelling errors
git-svn-id: file:///home/svn/framework3/trunk@13983 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 00:54:05 +00:00
Wei Chen d204f4027b Catch nil first before do .empty?
git-svn-id: file:///home/svn/framework3/trunk@13978 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 15:59:57 +00:00
Tod Beardsley 30ac88694f More msftidy fixes. Now I'm going to get a little more surgical to get this to move faster.
git-svn-id: file:///home/svn/framework3/trunk@13963 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 02:58:53 +00:00
HD Moore cf8524b1b4 Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types
git-svn-id: file:///home/svn/framework3/trunk@13949 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 09:53:53 +00:00
Wei Chen 14d7db1641 Add disclosure dates to all the exploit modules that didn't have one
git-svn-id: file:///home/svn/framework3/trunk@13938 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 21:09:17 +00:00
Wei Chen 1a02a2199b These are considered as cmd exec and do not cause crashes, therefore received an ExcellentRanking
git-svn-id: file:///home/svn/framework3/trunk@13937 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 20:42:20 +00:00
Chao Mu 4b9346e40e Switching my BSD modules to MSF_LICENSE to make life easier. Resistance is Futile! Assimilate!
git-svn-id: file:///home/svn/framework3/trunk@13925 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-14 23:29:52 +00:00
HD Moore 0ff7f17cba Cosmetic module and service name fixes
git-svn-id: file:///home/svn/framework3/trunk@13917 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-14 00:52:15 +00:00
HD Moore 643223ff11 Fixes #5651 by applying patch
git-svn-id: file:///home/svn/framework3/trunk@13850 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 15:40:59 +00:00
Wei Chen 9ddfc122af Fix indentation, white spaces, add patch URL to reference
git-svn-id: file:///home/svn/framework3/trunk@13847 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 20:39:02 +00:00
Tod Beardsley 921549fc3d Adding OSVDB ref that just popped up for me.
git-svn-id: file:///home/svn/framework3/trunk@13844 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 15:49:02 +00:00
Tod Beardsley 3d9c94633d Adding MyBB backdoor exploit submitted by tdz. Thanks!
git-svn-id: file:///home/svn/framework3/trunk@13838 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 03:22:07 +00:00
Wei Chen 37069a252c Support POST. Feature #5571
git-svn-id: file:///home/svn/framework3/trunk@13814 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-04 16:02:52 +00:00
Wei Chen f47a2c7565 Format dictatorship round 2: Fix author e-mail format for all exploit modules
git-svn-id: file:///home/svn/framework3/trunk@13297 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-22 20:17:58 +00:00
Patrick Webster 5617d23635 Removed erroneous awstatstotals_multisort print_status.
git-svn-id: file:///home/svn/framework3/trunk@12715 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 10:45:36 +00:00
Patrick Webster 51ce0dba58 Added awstatstotals_multisort exploit module.
git-svn-id: file:///home/svn/framework3/trunk@12714 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 10:42:37 +00:00
James Lee 486c0556d0 don't leave unnecessary evil-looking logs
git-svn-id: file:///home/svn/framework3/trunk@12604 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 22:46:43 +00:00
David Rude a8b6c43636 reverting the disclosure dates for now need to clean up the patch
git-svn-id: file:///home/svn/framework3/trunk@12540 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 20:43:19 +00:00
David Rude 3b7ea08f6a Fixes a ton of Disclosure Date discrepencies in various modules, thanks a ton to Michael Baker for spending the time to ensure accuracy
git-svn-id: file:///home/svn/framework3/trunk@12539 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 19:17:31 +00:00
Joshua Drake d682069aec add cve-2010-4566 exploit from Erwin Paternotte
git-svn-id: file:///home/svn/framework3/trunk@11873 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-03 20:51:12 +00:00
HD Moore 2dbbdc18dd Explicitly yield to other threads after each request, reducing the chance that this module will eat all cycles.
git-svn-id: file:///home/svn/framework3/trunk@11857 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-02 05:03:20 +00:00
Joshua Drake b6b9b83dd7 add CVE reference
git-svn-id: file:///home/svn/framework3/trunk@11579 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-14 16:25:37 +00:00
Joshua Drake 287f4c87fe style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@11516 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-08 01:13:26 +00:00
Steve Tornio 860e29228b add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@11414 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-25 14:43:13 +00:00
HD Moore e7f3c63e1c Exploit for a recent Redmine command injection vulnerability, provided as a holiday gift by Joernchen of Phenoelit.
git-svn-id: file:///home/svn/framework3/trunk@11406 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-25 05:46:29 +00:00
Steve Tornio 3662fb4bc6 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@11389 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-21 19:16:18 +00:00
HD Moore 4708d5b159 Add coverage for the mitel audio web conferencing web interface command injection.
git-svn-id: file:///home/svn/framework3/trunk@11388 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-21 19:02:13 +00:00
Joshua Drake add6955501 add disclosure date, fix parse error on 1.8.7
git-svn-id: file:///home/svn/framework3/trunk@11253 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-08 16:17:16 +00:00
Joshua Drake 9c1576b20e update the title
git-svn-id: file:///home/svn/framework3/trunk@11246 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-07 17:46:24 +00:00
Joshua Drake bbab0e3fd9 add cve-2008-6825 exploit from Larry Wert, fixes #3145
git-svn-id: file:///home/svn/framework3/trunk@11245 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-07 17:44:47 +00:00
Joshua Drake 26a9fe6fc7 add some missing CVE references
git-svn-id: file:///home/svn/framework3/trunk@11180 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-30 20:19:18 +00:00
Joshua Drake e9faf75503 fix some more titles with periods
git-svn-id: file:///home/svn/framework3/trunk@11127 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 19:35:38 +00:00
Steve Tornio eab8c24b8b add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@11074 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 20:43:56 +00:00
Joshua Drake b42a04a7aa add cakephp exploit from tdz
git-svn-id: file:///home/svn/framework3/trunk@11070 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 18:30:07 +00:00
Joshua Drake 3992eb7ef8 Mass RE-update: fix all framework URL references
git-svn-id: file:///home/svn/framework3/trunk@10998 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:43:22 +00:00
Joshua Drake 9fc6f2f3a3 Mass update: fix all framework URL references
git-svn-id: file:///home/svn/framework3/trunk@10996 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:25:13 +00:00
Joshua Drake e78aa83021 style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@10821 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-25 20:58:49 +00:00
Joshua Drake 672fc87055 fixed typo, thx rmkml
git-svn-id: file:///home/svn/framework3/trunk@10803 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-23 23:35:44 +00:00
Steve Tornio ddf8294beb add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@10783 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-22 12:09:10 +00:00
Joshua Drake 7a9fe2c4d7 add exploit module for cve-2010-3585
git-svn-id: file:///home/svn/framework3/trunk@10780 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-22 06:16:31 +00:00
Tod Beardsley 865b711b5c Fixes #2974. Adds an "Unknown" level to Exploit::CheckCode, fixes the URI check for exploit/unix/webapp/php_include (which was relying on Unknown).
git-svn-id: file:///home/svn/framework3/trunk@10694 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-15 12:24:17 +00:00
Joshua Drake 7e4f4b3791 silly whitespace tweak
git-svn-id: file:///home/svn/framework3/trunk@10642 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-11 19:30:57 +00:00
Joshua Drake 8230bb6edf update disclosure date
git-svn-id: file:///home/svn/framework3/trunk@10637 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-11 03:59:19 +00:00
HD Moore a3ad8f5061 Add a quick module for exploiting basic web cmd injection
git-svn-id: file:///home/svn/framework3/trunk@10624 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-09 21:32:19 +00:00
HD Moore c1f934dbb4 jduck the grammar checker strikes again (thanks!)
git-svn-id: file:///home/svn/framework3/trunk@10476 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-25 04:54:10 +00:00
HD Moore 25d18f1f1b Quit when we get an SSL exception
git-svn-id: file:///home/svn/framework3/trunk@10470 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-25 03:14:21 +00:00
HD Moore 048b21e3b9 Ensure that errors in the PHPInclude mixin lead to the service being stopped. Handle unreachable services in the php_include module better. Fix database-enabled tab completion to be workspace friendly
git-svn-id: file:///home/svn/framework3/trunk@10410 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-21 02:52:49 +00:00
Joshua Drake 4590844871 tons of indentation fixes, some other style tweaks
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 08:06:27 +00:00
Joshua Drake 330281eadd see #684, adds checksum support, updates modules to use it, fixes some wfs_delay/WfsDelay issues
git-svn-id: file:///home/svn/framework3/trunk@10150 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-25 20:55:37 +00:00
James Lee 34eb75af73 overhaul smtp to add support for authentication and STARTTLS. can now send email through a gmail account
git-svn-id: file:///home/svn/framework3/trunk@10148 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-25 20:31:46 +00:00
Joshua Drake f6033b9bd6 change some print_status to print_error, rename a few msft modules using msb convention
git-svn-id: file:///home/svn/framework3/trunk@9929 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-25 21:37:54 +00:00
HD Moore fb57dde60c Do not spew HTML to the screen
git-svn-id: file:///home/svn/framework3/trunk@9829 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-14 18:23:47 +00:00
Joshua Drake 663b863b6d http fingerprint checking update
git-svn-id: file:///home/svn/framework3/trunk@9719 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-07 17:38:59 +00:00
Joshua Drake a3d901a6b9 various minor fixes, some added fingerprinting
git-svn-id: file:///home/svn/framework3/trunk@9671 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 06:21:31 +00:00
Joshua Drake 7d945ed9dc add lots of disclosure dates from OSVDB
git-svn-id: file:///home/svn/framework3/trunk@9669 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 03:13:45 +00:00
Joshua Drake f6f954a18c add missing CVE/OSVDB references, plenty still missing *wink wink*
git-svn-id: file:///home/svn/framework3/trunk@9659 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-02 00:10:51 +00:00
Joshua Drake 0882838491 ensure binary mode when opening files, whitespace fixes
git-svn-id: file:///home/svn/framework3/trunk@9653 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 23:33:07 +00:00
James Lee 571aeb119c make this much less verbose.
git-svn-id: file:///home/svn/framework3/trunk@9634 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-28 23:42:50 +00:00
Joshua Drake 12fbdcd878 add http_fingerprint calls to modules that use various headers
git-svn-id: file:///home/svn/framework3/trunk@9627 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-25 20:53:12 +00:00
James Lee 73c680eeff reduce the timeout. it's annoying to have to wait 25 seconds for my shell
git-svn-id: file:///home/svn/framework3/trunk@9621 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-25 05:45:15 +00:00
James Lee e47f38365d make the description a little more descriptive.
git-svn-id: file:///home/svn/framework3/trunk@9611 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-24 18:34:37 +00:00
James Lee 43799f505b not a command execution anymore.
git-svn-id: file:///home/svn/framework3/trunk@9601 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-23 23:12:59 +00:00
James Lee 1f957891fb ARCH_CMD -> ARCH_PHP. tested with php/reverse_php and php/meterpreter[/_]reverse_tcp. see #2105
git-svn-id: file:///home/svn/framework3/trunk@9598 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-23 22:51:50 +00:00
Tod Beardsley 9d46383040 Fixes #2134. Subs select for sleep in exploit modules.
git-svn-id: file:///home/svn/framework3/trunk@9583 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-22 19:11:05 +00:00
Joshua Drake fa505a4069 various fixes, mostly consistency changes to disclosure dates
git-svn-id: file:///home/svn/framework3/trunk@9525 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-15 07:18:08 +00:00
James Lee ce8a9e9318 update space requirements
git-svn-id: file:///home/svn/framework3/trunk@9392 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-02 05:04:24 +00:00
Steve Tornio 365f13551b added refs. I think all the auxiliary and exploit modules should now be covered.
git-svn-id: file:///home/svn/framework3/trunk@9298 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-13 16:53:50 +00:00
Joshua Drake 7a32c8add2 add exploit for cve-2009-4098
git-svn-id: file:///home/svn/framework3/trunk@9247 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-08 03:07:51 +00:00
Joshua Drake 0e72894e58 more cleanups
git-svn-id: file:///home/svn/framework3/trunk@9212 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-03 17:13:09 +00:00
Joshua Drake 0ea6eca4bc big module whitespace/formatting cleanup pass
git-svn-id: file:///home/svn/framework3/trunk@9179 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 08:40:19 +00:00
Joshua Drake 5f7d3cd0d1 fix final "end" statement -- wow almost 3 years like that
git-svn-id: file:///home/svn/framework3/trunk@9175 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 06:08:08 +00:00
Joshua Drake 5b629c8dc7 fix copy pasta error
git-svn-id: file:///home/svn/framework3/trunk@9174 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 02:12:29 +00:00
James Lee 8923de2d8d change squirrelmail_pgp_plugin to manual rank because it requires an email address
git-svn-id: file:///home/svn/framework3/trunk@9171 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-29 18:29:22 +00:00
Joshua Drake fda05bfe16 update check functionality
git-svn-id: file:///home/svn/framework3/trunk@9111 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-20 01:55:21 +00:00
Joshua Drake ef7aef50db correct BID reference
git-svn-id: file:///home/svn/framework3/trunk@9110 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-20 00:09:11 +00:00
Joshua Drake 9a5c1ccf68 minor whitespace tweaks
git-svn-id: file:///home/svn/framework3/trunk@9108 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-19 23:53:27 +00:00
Joshua Drake 6a794fc25a better url generation (more random and more reliable)
git-svn-id: file:///home/svn/framework3/trunk@9106 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-19 22:55:08 +00:00
Joshua Drake 78d1338171 clean up extra slashes in uris
git-svn-id: file:///home/svn/framework3/trunk@9036 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-07 20:25:34 +00:00
Joshua Drake 40dd65494e add notes about vulnerable versions
git-svn-id: file:///home/svn/framework3/trunk@8811 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-13 18:15:06 +00:00
Joshua Drake b419a40c45 finished periodic missing CVE reference check (hint vulns w/o CVEs here!)
also some minor cleanups here and there

git-svn-id: file:///home/svn/framework3/trunk@8762 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 05:58:01 +00:00
Joshua Drake 6414821ea8 add exploit modules for CVEs 2005-2877 and 2004-1037
git-svn-id: file:///home/svn/framework3/trunk@8578 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-21 20:31:09 +00:00
Joshua Drake 6e8eddcf5e add exploit module for cve-2008-0506
git-svn-id: file:///home/svn/framework3/trunk@8562 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 07:31:12 +00:00
et cf29ff333e Added a path to prepend
git-svn-id: file:///home/svn/framework3/trunk@8514 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 05:24:31 +00:00
HD Moore 1857268af8 Uber-fast-get-me-a-php-shell mode :)
git-svn-id: file:///home/svn/framework3/trunk@8505 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 17:59:54 +00:00
Joshua Drake 310be42bfa try not to repeatedly load static files - see #694
git-svn-id: file:///home/svn/framework3/trunk@8166 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 19:12:42 +00:00
HD Moore d0969746a4 Mostly cosmetic changes from local tree
git-svn-id: file:///home/svn/framework3/trunk@7970 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-26 03:31:20 +00:00
Joshua Drake 5ef4545a1b fd.read -> fd.read(fd.stat.size)
git-svn-id: file:///home/svn/framework3/trunk@7903 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 05:22:40 +00:00
James Lee 2570fcee15 get rid of some more ^Ms
git-svn-id: file:///home/svn/framework3/trunk@7880 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 18:47:29 +00:00
HD Moore 4fcdceccb7 No ruby access on the common target
git-svn-id: file:///home/svn/framework3/trunk@7776 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 15:13:35 +00:00
HD Moore 8a784339c4 Remove a debug print
git-svn-id: file:///home/svn/framework3/trunk@7774 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 14:00:21 +00:00
HD Moore ba1b032207 Adds coverage for the QTSS metachar injection bug
git-svn-id: file:///home/svn/framework3/trunk@7772 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 13:23:59 +00:00
Joshua Drake ff83f1cd2f add ranking to every exploit module, pfew!
git-svn-id: file:///home/svn/framework3/trunk@7724 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 05:50:37 +00:00
HD Moore 61e233df91 Keywords on all modules, plugins, and scripts
git-svn-id: file:///home/svn/framework3/trunk@7550 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-17 00:05:19 +00:00
James Lee 9f134512c2 give up if we can't get the password hash. see #519
git-svn-id: file:///home/svn/framework3/trunk@7539 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 18:51:51 +00:00
James Lee dd323e2a7b don't try to run methods on an object we just confirmed was nil
git-svn-id: file:///home/svn/framework3/trunk@7538 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 18:48:34 +00:00
James Lee 94729103b4 added osvdb ref and keywords
git-svn-id: file:///home/svn/framework3/trunk@7532 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 16:18:51 +00:00
James Lee 7fb9c4a791 add coverage for cve-2009-1151
git-svn-id: file:///home/svn/framework3/trunk@7528 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 08:42:32 +00:00
James Lee 53640065da license
git-svn-id: file:///home/svn/framework3/trunk@7522 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-15 19:53:03 +00:00
Mario Ceballos bbfc195735 added patch from Steve Tornio.
git-svn-id: file:///home/svn/framework3/trunk@7514 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 13:26:27 +00:00
HD Moore 8b9238e33b Cosmetic/reference cleanups.
git-svn-id: file:///home/svn/framework3/trunk@7506 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:31:00 +00:00
James Lee d90b932383 add a bit more entropy
git-svn-id: file:///home/svn/framework3/trunk@7504 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 02:09:32 +00:00
James Lee 38c0a3bd1b 302 is not the same as 200...
git-svn-id: file:///home/svn/framework3/trunk@7503 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 02:03:16 +00:00
James Lee d2451547d6 add exploit module for osCommerce file upload
git-svn-id: file:///home/svn/framework3/trunk@7502 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 01:56:21 +00:00
HD Moore 5eed9deb2d Adds the joomla TinyMCE file upload exploit from spinbad.
git-svn-id: file:///home/svn/framework3/trunk@7283 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-26 20:00:39 +00:00
HD Moore e3f68f2639 Another large number of warnings fixed by Yoann Guillot
git-svn-id: file:///home/svn/framework3/trunk@7248 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 17:18:23 +00:00
HD Moore a0fbc2914f Remove the milw0rm references, as the links are no longer valid.
git-svn-id: file:///home/svn/framework3/trunk@7237 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-24 18:13:07 +00:00
Mario Ceballos 2b85ceb4c1 added exploit modules base_qry_common.rb and mambo_cache_lite.rb
git-svn-id: file:///home/svn/framework3/trunk@7210 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-20 15:01:10 +00:00
HD Moore 26db223636 OSVDB reference update from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7149 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-12 14:39:51 +00:00
James Lee 9ace8f33eb OSVDB references from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7030 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-12 04:22:58 +00:00
James Lee 85a4f1b9db add a simple check for the generic php exploits
git-svn-id: file:///home/svn/framework3/trunk@7025 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-10 05:24:03 +00:00
HD Moore 7fb18d6e11 Add coverage for the new nagios3 cmd execution bug
git-svn-id: file:///home/svn/framework3/trunk@6936 4d416f70-5f16-0410-b530-b9f4589650da
2009-08-04 19:27:50 +00:00
HD Moore 876a80f601 Updated osvdb references from Steve Tornio, updated capture/eth_spoof modules
git-svn-id: file:///home/svn/framework3/trunk@6907 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-27 14:05:23 +00:00
kris 7262621d35 switch 'Version' Rev to Revision since msf doesn't handle it correctly
git-svn-id: file:///home/svn/framework3/trunk@6877 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-23 03:06:01 +00:00
HD Moore e70ac6cc19 Added a new set of match flags for cmd injection exploits (RequiredCmds). This reduces the number of 'bad' payloads listed for explot modules. A good example is disabling the netcat -e payloads for old Solaris exploits
git-svn-id: file:///home/svn/framework3/trunk@6854 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-21 15:20:35 +00:00
HD Moore f8c2a203fd OSVDB references updates from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@6812 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-16 16:02:24 +00:00
James Lee bc037bbbac make php findsock work again for php_eval and php_include
git-svn-id: file:///home/svn/framework3/trunk@6678 4d416f70-5f16-0410-b530-b9f4589650da
2009-06-20 05:50:52 +00:00
HD Moore a5f567e76e Massive OSVDB reference update from Steve Tornio.
git-svn-id: file:///home/svn/framework3/trunk@6629 4d416f70-5f16-0410-b530-b9f4589650da
2009-06-07 20:20:42 +00:00
HD Moore 92d242cc2f osvdb references from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@6568 4d416f70-5f16-0410-b530-b9f4589650da
2009-05-19 13:20:32 +00:00
James Lee 6c8a93035f make the new random header stuff work with magic_quotes
git-svn-id: file:///home/svn/framework3/trunk@6559 4d416f70-5f16-0410-b530-b9f4589650da
2009-05-17 00:35:56 +00:00
HD Moore 9d8581a17e More osvdb references from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@6550 4d416f70-5f16-0410-b530-b9f4589650da
2009-05-13 17:39:42 +00:00
HD Moore 0981295879 More osvdb references from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@6547 4d416f70-5f16-0410-b530-b9f4589650da
2009-05-12 19:56:54 +00:00
James Lee b31abbc6f9 move the payload into a random X- header so it doesn't show up in access logs
git-svn-id: file:///home/svn/framework3/trunk@6493 4d416f70-5f16-0410-b530-b9f4589650da
2009-04-19 15:47:14 +00:00
kris 37c2e301ed replacing defunct framework URL in header comments in most modules and pcap_log
git-svn-id: file:///home/svn/framework3/trunk@6479 4d416f70-5f16-0410-b530-b9f4589650da
2009-04-13 14:33:26 +00:00
HD Moore eccfcdfced Sets svn keywords on modules missing it, tweaks the emailer module
git-svn-id: file:///home/svn/framework3/trunk@6407 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-28 06:03:35 +00:00
Patrick Webster 46351557bc Added dogfood_spell_exec exploit module from LSO.
git-svn-id: file:///home/svn/framework3/trunk@6282 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-03 03:32:36 +00:00
Mario Ceballos ff8323e6d2 added modules from Matteo Cantoni.
git-svn-id: file:///home/svn/framework3/trunk@6170 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-21 12:51:30 +00:00
Patrick Webster 33ba28346d Added exploit module awstats_migrate_exec.
git-svn-id: file:///home/svn/framework3/trunk@6155 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-15 07:09:56 +00:00
Ramon de C Valle c66d6c4e46 Set property 'svn:keywords'
git-svn-id: file:///home/svn/framework3/trunk@5783 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-23 02:43:21 +00:00
Ramon de C Valle f124597a56 Code cleanups
git-svn-id: file:///home/svn/framework3/trunk@5773 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-19 21:03:39 +00:00
James Lee 4c091edac1 fixes #198; generic php eval exploit
git-svn-id: file:///home/svn/framework3/trunk@5746 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-13 05:55:10 +00:00
HD Moore fd256ec4a1 This massive commit changes the metasploit 3 module format. The new syntax allows for greater scalability and future improvements to the metasploit module loader. This change also makes it easier for users to add new modules, since the class name no longer needs to match the directory structure.
git-svn-id: file:///home/svn/framework3/trunk@5709 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-02 05:23:59 +00:00
James Lee 647118f333 remove debug statements, add disabled_functions evasion in php findsock stuff
git-svn-id: file:///home/svn/framework3/trunk@5700 4d416f70-5f16-0410-b530-b9f4589650da
2008-09-30 19:56:16 +00:00
James Lee 36a06e7576 initial commit of php findsock. This patch makes all http connections global and removes the "close if (!pipelining)" checks, so beware of bugs.
git-svn-id: file:///home/svn/framework3/trunk@5678 4d416f70-5f16-0410-b530-b9f4589650da
2008-09-24 04:41:51 +00:00
Patrick Webster 405637297f Added guestbook_ssi_exec.rb module.
git-svn-id: file:///home/svn/framework3/trunk@5517 4d416f70-5f16-0410-b530-b9f4589650da
2008-06-04 12:19:43 +00:00
HD Moore 6a329ea831 Update title to match code
git-svn-id: file:///home/svn/framework3/trunk@5474 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-14 18:24:06 +00:00
Patrick Webster 1f7eb2147f phpBB2_highlight module port
git-svn-id: file:///home/svn/framework3/trunk@5432 4d416f70-5f16-0410-b530-b9f4589650da
2008-03-05 09:42:57 +00:00
James Lee dfa0f6c0c4 More reliable reverse shell
git-svn-id: file:///home/svn/framework3/trunk@5429 4d416f70-5f16-0410-b530-b9f4589650da
2008-03-04 07:34:26 +00:00
Patrick Webster e15dd5a7dc Added SPHPBlog exploit module.
git-svn-id: file:///home/svn/framework3/trunk@5193 4d416f70-5f16-0410-b530-b9f4589650da
2007-11-11 09:17:49 +00:00
Patrick Webster 0ebb7c95bd Updated module by Matteo Cantoni
git-svn-id: file:///home/svn/framework3/trunk@5187 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-30 13:22:46 +00:00
fab 5b3768ef29 added exploit module squirrelmail_pgp_plugin from Nicob
git-svn-id: file:///home/svn/framework3/trunk@5047 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-14 17:59:53 +00:00
HD Moore f915504cfa Fix #53, use Author, not Authors
git-svn-id: file:///home/svn/framework3/trunk@4529 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-12 01:08:18 +00:00
Matt Miller d42194e14a updated modules to use base class rand_xxx methods
git-svn-id: file:///home/svn/framework3/trunk@4498 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-01 08:21:36 +00:00
HD Moore abbeb2e87e Adding an Id tag and a standard header to all modules
git-svn-id: file:///home/svn/framework3/trunk@4419 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-18 00:10:39 +00:00
HD Moore b278bef22d Reference updates
git-svn-id: file:///home/svn/framework3/trunk@4266 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-05 14:44:09 +00:00
HD Moore 9dc2148eb9 Moved the other web app bugs into the right place, added php_wordpress_lastpost
git-svn-id: file:///home/svn/framework3/trunk@4262 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-05 05:58:13 +00:00