infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
46,390 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

222 Commits (3f394755796f46ec8b31e7ff5270e55ddc165c81)

Author SHA1 Message Date
joev 1e3860d648 Add gzip bomb dos aux module. 2013-11-17 14:44:33 -06:00
William Vu 2c485c509e Fix caps on module titles (first pass) 2013-11-15 00:03:42 -06:00
Tod Beardsley 9045eb06b0
Various title and description updates 2013-10-28 14:00:19 -05:00
jvazquez-r7 bdf07456ba Last cleanup for nodejs_pipelining 2013-10-22 15:00:58 -05:00
Jonathan Rudenberg db447b65f9 Add exploit for Node.js HTTP Pipelining DoS 2013-10-22 15:12:14 -04:00
Tod Beardsley 23d058067a
Redo the boilerplate / splat 
[SeeRM #8496]
 2013-10-15 13:51:57 -05:00
FireFart 09fa7b7692 remove rport methods since it is already defined in Msf::Exploit::Remote::HttpClient 2013-09-25 23:50:34 +02:00
FireFart 84ec2cbf11 remove peer methods since it is already defined in Msf::Exploit::Remote::HttpClient 2013-09-25 23:42:44 +02:00
Tab Assassin 41e4375e43 Retab modules 2013-08-30 16:28:54 -05:00
Tod Beardsley bc24f99f8d Various description and title updates 2013-07-01 15:37:37 -05:00
sinn3r 6168eb7590 Land #1981 - Canon Wireless Printer Denial of Service 2013-06-18 19:04:48 -05:00
sinn3r 7d15dc379d Make msftidy happy 2013-06-18 19:04:03 -05:00
Matt Andreko 0533ca68dc Added DoS result checking 
Lowered the http timeout
 2013-06-18 19:48:21 -04:00
Matt Andreko 8c28631d4b Fixed the date format 
Removed the rport option
These are items that were code-review for my other related module, so
I figured they should be done here too
 2013-06-18 12:17:50 -04:00
Tod Beardsley 4ca9a88324 Tidying up grammar and titles 2013-06-17 16:49:14 -05:00
Matt Andreko d877e4d489 Added CVE and disclosure date 2013-06-17 17:41:50 -04:00
Matt Andreko 3923bbeee9 Update 2013-06-15 18:28:58 -04:00
Matt Andreko 0494ac9218 Added Canon Wireless Printer DoS module 2013-06-15 18:23:04 -04:00
jvazquez-r7 fd74390952 Clean monkey_headers 2013-06-13 18:07:35 -05:00
sinn3r 73aff97053 Land #1950 - Monkey HTTPD Header Parsing Denial-of-Service 
This is the reviewed/updated version of pull request #1950. We're
landing this one instead because the other one has a lot of
unnecessary commit messages.
 2013-06-13 15:56:34 -05:00
sinn3r a09b3b8023 Lands #1169 - Adds a check 
[Closes #1169]

Conflicts:
	modules/auxiliary/dos/http/apache_range_dos.rb
 2013-04-22 15:50:15 -05:00
sinn3r 882b084cba Changes the default action 2013-04-22 15:47:38 -05:00
sinn3r 7e28a4ddb0 Uses "ACTIONS" keys instead of datastore options 
It's better to use ACTIONS instead of datastore in this case. Also,
did some cleanup.
 2013-04-22 15:41:47 -05:00
James Lee 2f11796dfa Fix typo 
[SeeRM #7800]
 2013-03-13 16:10:20 -05:00
sinn3r 92093cd7d8 There's no HttpClient, so it shouldn't be using normalize_uri 2013-02-19 15:04:18 -06:00
sinn3r c174e6a208 Correctly use normalize_uri() 
normalize_uri() should be used when you're joining URIs.  Because if
you're merging URIs after it's normalized, you could get double
slashes again.
 2013-01-30 23:23:41 -06:00
Tod Beardsley 33751c7ce4 Merges and resolves CJR's normalize_uri fixes 
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules

Note that this trips all kinds of msftidy warnings, but that's for another
day.

Conflicts:
	modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
	modules/exploits/windows/http/xampp_webdav_upload_php.rb
 2013-01-07 11:16:58 -06:00
Christian Mehlmauer 95948b9d7c msftidy: remove $Revision$ 2013-01-03 00:58:09 +01:00
Christian Mehlmauer ca890369b1 msftidy: remove $Id$ 2013-01-03 00:54:48 +01:00
T0X1C-1 1714fa21b1 adjusted DOS part to use HttpClient 2012-12-17 15:46:39 +01:00
T0X1C-1 a48c14124b added CHECK functionality to the existing module 2012-12-13 16:54:50 +01:00
sinn3r 64a8b59ff9 Change CVE forma 
Although the original text should work perfectly, for better
consistency, it's best to remove the "CVE" part. This may not
be a big deal in framework, but stands out a lot in Pro.
 2012-12-09 01:09:21 -06:00
HD Moore 93a69ea62e Fix instances of invalid lower-case datastore use 2012-11-29 00:05:36 -06:00
Tod Beardsley 6b4c131cf5 Avoiding a future conflict with release 2012-11-20 13:24:19 -06:00
jvazquez-r7 e8fe6031e9 Let default timeout for send_request_cgi 2012-11-16 18:09:47 +01:00
jvazquez-r7 51f238ec38 up to date 2012-11-16 16:03:09 +01:00
Chris John Riley f88ec5cbc8 Add normalize_uri to modules that may have 
been missed by PULL 1045.

Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)

ref --> https://github.com/rapid7/metasploit-framework/pull/1045
 2012-11-08 17:42:48 +01:00
sinn3r 2c4273e478 Correct some modules with res nil 2012-10-29 04:41:30 -05:00
Michael Schierl 910644400d References EDB cleanup 
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
 2012-10-23 21:02:09 +02:00
HD Moore e31a09203d Take into account an integer-normalized datastore 2012-06-24 22:59:14 -05:00
Christian Mehlmauer 6ae17db7d3 Adding FireFart's hashcollision DoS module 
Have some minor edits below, looks like it all works now though.

Squashed commit of the following:

commit b7befd4889f12105f36794b1caca316d1691b335
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Jun 1 14:31:32 2012 -0500

    Removing ord in favor of unpack.

    Also renaming a 'character' variable to 'c' rather than 'i' which is
    easy to mistake for an Integer counter variable.

commit e80f6a5622df2136bc3557b2385822ba077e6469
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Jun 1 14:24:41 2012 -0500

    Cleaning up print msgs

commit 5fd65ed54cb47834dc646fdca8f047fca4b74953
Author: Tod Beardsley <todb@metasploit.com>
Date:   Fri Jun 1 14:19:10 2012 -0500

    Clean up hashcollision_dos description

    Caps, mostly. One sentence I still don't get but it's not really a show
    stopper.

commit bec0ee43dc9078d34a328eb416970cdc446e6430
Author: Christian Mehlmauer <FireFart@gmail.com>
Date:   Thu May 24 19:11:32 2012 +0200

    Removed RPORT, ruby 1.8 safe, no case insensitive check, error handling

commit 20793f0dfd9103c4d7067a71e81212b48318d183
Author: Christian Mehlmauer <FireFart@gmail.com>
Date:   Tue May 22 23:11:53 2012 +0200

    Hashcollision Script (again)
 2012-06-01 14:51:11 -05:00
Tod Beardsley 4772c1258e Removing hashcollision_dos module due to license violation 
The description text is a copy-paste of
http://www.ocert.org/advisories/ocert-2011-003.html , which has a
specific creative commons liscence prohibiting derivative works.

Since I have no idea what else in this module is a license violating,
I'm pulling it completely. I suspect a lot, though -- there are weird
all-caps methods in the module that look like copy-pastes as well.

Next time, please contribute original work, or at least work that is not
encumbered by restrictive licensing.
 2012-05-21 11:28:58 -05:00
Tod Beardsley eea20e773b Capitalization fixups on hashcollision_dos 2012-05-21 11:06:18 -05:00
sinn3r 8428d16db3 Format correction 2012-05-15 19:21:16 -05:00
Christian Mehlmauer 19e32c210a Added more references 2012-05-15 23:59:30 +02:00
Christian Mehlmauer 46e58f8618 Ruby naming style 2012-05-15 23:53:33 +02:00
Christian Mehlmauer 5f0075e24f Revert API change 2012-05-15 23:28:51 +02:00
Christian Mehlmauer b298597218 Switched to Http Library, Code formatting issues 2012-05-15 19:43:28 +02:00
Christian Mehlmauer dc10fac885 Ported my Hashcollision Script to Ruby 2012-05-13 20:59:42 +02:00
Tod Beardsley 2f3bbdc00c Sed replacement of exploit-db links with EDB refs 
This is the result of:

find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/\([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
 2012-03-21 16:43:21 -05:00
HD Moore ceb4888772 Fix up the boilerplate comment to use a better url 2012-02-20 19:40:50 -06:00
James Lee 67120d4263 msftidy on aux modules, see #5749 2011-11-20 13:12:07 +11:00
Tod Beardsley 30ac88694f More msftidy fixes. Now I'm going to get a little more surgical to get this to move faster. 
git-svn-id: file:///home/svn/framework3/trunk@13963 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 02:58:53 +00:00
HD Moore 0ff7f17cba Cosmetic module and service name fixes 
git-svn-id: file:///home/svn/framework3/trunk@13917 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-14 00:52:15 +00:00
David Rude 4d850c1ee6 Adds Apache Range DoS aka Apache Killer 
git-svn-id: file:///home/svn/framework3/trunk@13781 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-23 16:38:35 +00:00
Patrick Webster 1c2e08d95d Added SonicWall SSL-VPN format string module. 
git-svn-id: file:///home/svn/framework3/trunk@12261 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-07 03:56:35 +00:00
Joshua Drake d9fe9da849 add DoS module from Paulino Calderon 
git-svn-id: file:///home/svn/framework3/trunk@11634 4d416f70-5f16-0410-b530-b9f4589650da
 2011-01-25 00:11:41 +00:00
Steve Tornio 8175d25148 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@9977 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-10 20:45:44 +00:00
Joshua Drake 0ea6eca4bc big module whitespace/formatting cleanup pass 
git-svn-id: file:///home/svn/framework3/trunk@9179 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-30 08:40:19 +00:00
Joshua Drake df395f3ff0 added Brett Gervasoni to authors 
git-svn-id: file:///home/svn/framework3/trunk@8758 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-09 09:12:57 +00:00
Joshua Drake 5543e4551f add auxiliary dos module for apache mod_isapi bug 
git-svn-id: file:///home/svn/framework3/trunk@8752 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-08 23:21:17 +00:00
Steve Tornio 4ae27e32b0 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@8600 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-23 17:16:38 +00:00
Patrick Webster 50fc339988 Correct spelling re: RFC. Thanks to Shuyao Yu. 
git-svn-id: file:///home/svn/framework3/trunk@6748 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-06 10:07:46 +00:00
Patrick Webster 28440435f3 Added 3com_superstack_switch DoS aux module. 
git-svn-id: file:///home/svn/framework3/trunk@6734 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-01 03:57:04 +00:00
Patrick Webster 9b94ee52ef Added dell_openmanage_post aux module. 
git-svn-id: file:///home/svn/framework3/trunk@6699 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-23 13:23:50 +00:00
kris 37c2e301ed replacing defunct framework URL in header comments in most modules and pcap_log 
git-svn-id: file:///home/svn/framework3/trunk@6479 4d416f70-5f16-0410-b530-b9f4589650da
 2009-04-13 14:33:26 +00:00
kris 1eb8c8dfc0 meh, what can I say? I like my name 
git-svn-id: file:///home/svn/framework3/trunk@6459 4d416f70-5f16-0410-b530-b9f4589650da
 2009-04-03 15:05:35 +00:00
Patrick Webster 0b9e8cd2b9 Added aux filezilla_server_port.rb. Moved dos aux to OS-based folder. 
git-svn-id: file:///home/svn/framework3/trunk@6095 4d416f70-5f16-0410-b530-b9f4589650da
 2009-01-09 05:33:26 +00:00
kris 704a92d43a add name to author list and switch some modules to use it 
git-svn-id: file:///home/svn/framework3/trunk@6034 4d416f70-5f16-0410-b530-b9f4589650da
 2008-12-20 21:53:17 +00:00
HD Moore 9a2d5aa9c4 Tag up all the DoS modules properly with the DoS mixin last 
git-svn-id: file:///home/svn/framework3/trunk@5949 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-18 20:00:31 +00:00
Ramon de C Valle f124597a56 Code cleanups 
git-svn-id: file:///home/svn/framework3/trunk@5773 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-19 21:03:39 +00:00
Ramon de C Valle fbed757aa5 Added webrick_regex.rb module from Kris Katterjohn 
git-svn-id: file:///home/svn/framework3/trunk@5764 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-17 15:40:20 +00:00