Steve Tornio
bb26593da7
add osvdb ref. rename file to correct typo
...
git-svn-id: file:///home/svn/framework3/trunk@12279 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-08 12:41:18 +00:00
Wei Chen
717fb83fc9
Added RealNetworks RealGames ActiveX exec arbitrary code execution
...
git-svn-id: file:///home/svn/framework3/trunk@12276 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-08 02:39:11 +00:00
Wei Chen
b90d6fc16f
Modified the heap spraying function. Each block size should be more consistent now.
...
git-svn-id: file:///home/svn/framework3/trunk@12264 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-07 07:27:38 +00:00
Joshua Drake
0882f18ec0
add fix commit diff and fix broken cve reference
...
git-svn-id: file:///home/svn/framework3/trunk@12166 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-28 03:04:54 +00:00
Joshua Drake
24fd896bfb
add OSVDB reference back, conflict handling fail!
...
git-svn-id: file:///home/svn/framework3/trunk@12165 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-28 03:02:46 +00:00
Wei Chen
214751379f
Updated: using get_resource() instead of datastore['URIPATH']
...
git-svn-id: file:///home/svn/framework3/trunk@12156 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-27 03:56:45 +00:00
Wei Chen
25ca59b56f
Added Win Vista and debug target
...
git-svn-id: file:///home/svn/framework3/trunk@12153 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 23:22:51 +00:00
David Rude
349512f48d
Updated exploit ranking and description to reflect the new ranking
...
git-svn-id: file:///home/svn/framework3/trunk@12151 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 19:33:38 +00:00
Steve Tornio
81fae13258
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12147 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 12:05:48 +00:00
David Rude
ff3659aa37
Lots of work to make this a lot more reliable =)
...
git-svn-id: file:///home/svn/framework3/trunk@12146 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 06:35:28 +00:00
Wei Chen
eb7df0be8e
Updated how the trigger file should be loaded... the proper way.
...
git-svn-id: file:///home/svn/framework3/trunk@12140 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 00:07:36 +00:00
Wei Chen
77ceadc6ad
Updated description and how the trigger file loads
...
git-svn-id: file:///home/svn/framework3/trunk@12139 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-25 22:49:11 +00:00
Wei Chen
08f210ac52
Added CVE-2010-3275 (VLC AMV vulnerability)
...
git-svn-id: file:///home/svn/framework3/trunk@12137 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-25 21:03:12 +00:00
Steve Tornio
89ec6ab5da
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12092 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 11:19:45 +00:00
David Rude
8233030184
opps removed mixin require as well
...
git-svn-id: file:///home/svn/framework3/trunk@12091 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 04:41:48 +00:00
David Rude
f8534f06dd
opps removed mixin reference =)
...
git-svn-id: file:///home/svn/framework3/trunk@12090 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 04:40:38 +00:00
David Rude
d7266b6551
Add CVE-2011-0609 exploit for Adobe Flash
...
git-svn-id: file:///home/svn/framework3/trunk@12089 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 04:31:48 +00:00
Joshua Drake
586c1f9305
oops, broke the LIBPATH option
...
git-svn-id: file:///home/svn/framework3/trunk@12015 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-18 01:18:18 +00:00
Joshua Drake
f4fe3f11b0
enable bind payloads, thx hdm :)
...
git-svn-id: file:///home/svn/framework3/trunk@12014 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-18 00:52:58 +00:00
Steve Tornio
4992deed21
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12013 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-18 00:16:06 +00:00
Joshua Drake
fb6107ffb5
enable java payloads, currently via one-off method
...
git-svn-id: file:///home/svn/framework3/trunk@12012 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-17 23:57:11 +00:00
David Rude
36b83cde6f
Added exploit for CVE-2010-3747 RealPlayer CDDA URI Code Execution
...
git-svn-id: file:///home/svn/framework3/trunk@12009 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-17 15:42:28 +00:00
David Rude
382e63e16e
fixed a typo in javascript
...
git-svn-id: file:///home/svn/framework3/trunk@12007 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-17 04:40:36 +00:00
Joshua Drake
4a1e59be8d
oops =D
...
git-svn-id: file:///home/svn/framework3/trunk@11983 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 05:01:29 +00:00
Joshua Drake
4644110962
add exploit for cve-2010-4452, currently windows only and no payloads :(
...
git-svn-id: file:///home/svn/framework3/trunk@11982 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 04:50:25 +00:00
David Rude
695963dde7
Fixed references
...
git-svn-id: file:///home/svn/framework3/trunk@11888 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-07 02:28:15 +00:00
David Rude
b51c9f8397
oops forgot a , =)
...
git-svn-id: file:///home/svn/framework3/trunk@11887 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-06 20:42:37 +00:00
David Rude
6dc0596870
Added Novell iPrint GetDriverSettings <= 5.52 exploit from mr_me thanks
...
git-svn-id: file:///home/svn/framework3/trunk@11886 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-06 20:27:06 +00:00
Joshua Drake
8ef05017b8
style compliance fixes, naughty naughty
...
git-svn-id: file:///home/svn/framework3/trunk@11796 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-22 20:49:44 +00:00
Matt Weeks
c322534907
Add exploit for CVE-2010-3765, firefox interleaved document.write and appendChild calls.
...
git-svn-id: file:///home/svn/framework3/trunk@11773 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-18 02:23:10 +00:00
Joshua Drake
8c8b181ffb
Update ms11_xxx modules to reflect bulletin release, minor style fixes
...
git-svn-id: file:///home/svn/framework3/trunk@11730 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-08 23:31:44 +00:00
Joshua Drake
e06d4d52fe
convert VLC module to FileFormat, adjust spray
...
git-svn-id: file:///home/svn/framework3/trunk@11705 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-03 18:16:40 +00:00
Joshua Drake
3ac076c20a
add exploit for VLC media player WebM processing from Dan Rosenburg
...
git-svn-id: file:///home/svn/framework3/trunk@11692 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-01 18:54:24 +00:00
Joshua Drake
a62f1922b3
fix typos, lol?
...
git-svn-id: file:///home/svn/framework3/trunk@11662 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-28 23:56:35 +00:00
James Lee
d7cda0f85a
accept a client argument for get_uri()
...
git-svn-id: file:///home/svn/framework3/trunk@11623 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-22 00:16:57 +00:00
James Lee
f3bda46333
doesn't work on IE8, fixes #3566 , thanks Hauke Mehrtens for the patch
...
git-svn-id: file:///home/svn/framework3/trunk@11610 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-20 19:30:59 +00:00
Joshua Drake
b6b9b83dd7
add CVE reference
...
git-svn-id: file:///home/svn/framework3/trunk@11579 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-14 16:25:37 +00:00
Joshua Drake
739604ea12
Fixes #3469 , silly typo
...
git-svn-id: file:///home/svn/framework3/trunk@11520 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-08 05:58:55 +00:00
Joshua Drake
d994f595fe
remove unused vars
...
git-svn-id: file:///home/svn/framework3/trunk@11517 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-08 01:59:10 +00:00
Joshua Drake
287f4c87fe
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@11516 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-08 01:13:26 +00:00
Joshua Drake
19e8a6a5b1
switch AutoRunScript for InitialAutoRunScript, oops
...
git-svn-id: file:///home/svn/framework3/trunk@11513 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-08 00:25:44 +00:00
Jonathan Cran
a206ed8418
clarifying wmi tools are not installed by default
...
git-svn-id: file:///home/svn/framework3/trunk@11481 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-06 05:27:37 +00:00
Joshua Drake
bc7a8e3b47
fix silly merge conflict data in HTML
...
git-svn-id: file:///home/svn/framework3/trunk@11479 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-05 22:52:54 +00:00
Joshua Drake
08df4dac3b
randomize import styles, patch from jjarmoc
...
git-svn-id: file:///home/svn/framework3/trunk@11443 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-29 16:49:20 +00:00
Joshua Drake
b3bfb5834e
change credit to passerby
...
git-svn-id: file:///home/svn/framework3/trunk@11427 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-28 17:10:19 +00:00
Joshua Drake
5f5d2992ce
add reference to 0x557 slides (for .NET 2.0 rop)
...
git-svn-id: file:///home/svn/framework3/trunk@11405 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-23 01:36:54 +00:00
Joshua Drake
cdfe03ce43
add MSFT advisory and CVE
...
git-svn-id: file:///home/svn/framework3/trunk@11404 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-23 01:30:43 +00:00
Steve Tornio
09b00739fb
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@11402 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-22 22:21:56 +00:00
Joshua Drake
0f24d1955c
minor corrections, use .NET 2.0 ROP :)
...
git-svn-id: file:///home/svn/framework3/trunk@11398 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-22 18:26:18 +00:00
Joshua Drake
44c8a71dcf
minor clean ups
...
git-svn-id: file:///home/svn/framework3/trunk@11397 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-22 18:23:16 +00:00
Mario Ceballos
1407d7f1d5
revert back. little more reliable.
...
git-svn-id: file:///home/svn/framework3/trunk@11396 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-22 17:40:13 +00:00
Mario Ceballos
d89c60f2de
add exploit module wmi_admintools.rb
...
git-svn-id: file:///home/svn/framework3/trunk@11395 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-22 14:35:36 +00:00
Joshua Drake
c4c0cabccb
switch to .NET 2.0 ROP, Merry Xmas!
...
git-svn-id: file:///home/svn/framework3/trunk@11390 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-21 19:24:19 +00:00
Joshua Drake
5d2f26b41b
add exploit for unpatched IE css import bug
...
git-svn-id: file:///home/svn/framework3/trunk@11383 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-20 16:34:07 +00:00
Joshua Drake
b8b0e1af97
fix typo
...
git-svn-id: file:///home/svn/framework3/trunk@11380 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-20 09:11:45 +00:00
James Lee
f15e6e5e62
update autopwn, replace ms10-018 behaviors with ms10-090 css clip.
...
git-svn-id: file:///home/svn/framework3/trunk@11333 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-14 18:53:22 +00:00
Joshua Drake
af56bebfa1
note ms10-090 bulletin
...
git-svn-id: file:///home/svn/framework3/trunk@11331 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-14 18:41:20 +00:00
Steve Tornio
e6f640bc17
add cve and osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@11189 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-01 03:18:05 +00:00
Mario Ceballos
14ea7a85bb
svn keywords
...
git-svn-id: file:///home/svn/framework3/trunk@11188 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-01 02:03:25 +00:00
Mario Ceballos
5ed387aa38
added exploit module enjoysapgui_comp_download.rb
...
git-svn-id: file:///home/svn/framework3/trunk@11187 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-01 02:01:46 +00:00
Joshua Drake
e9faf75503
fix some more titles with periods
...
git-svn-id: file:///home/svn/framework3/trunk@11127 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 19:35:38 +00:00
James Lee
52389d28f4
make windows the default target
...
git-svn-id: file:///home/svn/framework3/trunk@11102 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 20:54:25 +00:00
James Lee
7a3770f87b
don't use java_basicservice_impl in browser autopwn because it doesn't work in an iframe against IE and causes popups in other browsers
...
git-svn-id: file:///home/svn/framework3/trunk@11101 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 20:44:16 +00:00
James Lee
d608db778c
we're not sending an applet, just a jar, clarify the output
...
git-svn-id: file:///home/svn/framework3/trunk@11084 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-21 19:58:04 +00:00
James Lee
6f7af42667
add an exploit for cve-2010-3563, thanks Matthias Kaiser
...
git-svn-id: file:///home/svn/framework3/trunk@11078 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 23:02:35 +00:00
Joshua Drake
3992eb7ef8
Mass RE-update: fix all framework URL references
...
git-svn-id: file:///home/svn/framework3/trunk@10998 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:43:22 +00:00
Joshua Drake
9fc6f2f3a3
Mass update: fix all framework URL references
...
git-svn-id: file:///home/svn/framework3/trunk@10996 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:25:13 +00:00
Joshua Drake
eab0a40caa
switch up IE6 target to work on older version
...
git-svn-id: file:///home/svn/framework3/trunk@10978 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 02:54:56 +00:00
Joshua Drake
61e5d00722
switch title, comment out IE8 target for now
...
git-svn-id: file:///home/svn/framework3/trunk@10963 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-09 23:12:48 +00:00
Steve Tornio
338d6e3693
add osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@10914 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-05 02:58:01 +00:00
Joshua Drake
b0f64ebba1
add a debug target
...
git-svn-id: file:///home/svn/framework3/trunk@10912 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-05 00:08:55 +00:00
Joshua Drake
76123e79c1
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@10909 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-04 23:59:56 +00:00
Joshua Drake
979ddcd8e5
add exploit for cve-2010-3962
...
git-svn-id: file:///home/svn/framework3/trunk@10907 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-04 23:44:23 +00:00
Steve Tornio
9f5fca12f7
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@10828 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-26 15:28:04 +00:00
Joshua Drake
f909b360ba
note tested on 6u11
...
git-svn-id: file:///home/svn/framework3/trunk@10820 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-25 20:22:08 +00:00
Joshua Drake
3fffd15549
add exploit for cve-2010-3552 (w/dep bypass)
...
git-svn-id: file:///home/svn/framework3/trunk@10819 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-25 20:21:41 +00:00
Steve Tornio
0251c446f1
add cve, osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@10784 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-22 12:21:30 +00:00
Joshua Drake
6bd75bb2d5
add shockwave exploit from abysssec/rel1k
...
git-svn-id: file:///home/svn/framework3/trunk@10779 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-22 03:15:22 +00:00
Joshua Drake
7de96a710f
add trendmicro extsetowner exploit from Trancer
...
git-svn-id: file:///home/svn/framework3/trunk@10538 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-04 04:26:09 +00:00
Joshua Drake
279c604015
missed a couple exe generater includes
...
git-svn-id: file:///home/svn/framework3/trunk@10504 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-28 16:19:50 +00:00
Joshua Drake
b8b21cd53c
handle dirs and index.html specially
...
git-svn-id: file:///home/svn/framework3/trunk@10454 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-24 01:11:05 +00:00
Joshua Drake
600ec0a848
add two exploits from Trancer! woot!
...
git-svn-id: file:///home/svn/framework3/trunk@10429 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-21 18:46:29 +00:00
HD Moore
d89004753c
Fixes #2450 by allowing any length extension
...
git-svn-id: file:///home/svn/framework3/trunk@10411 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-21 02:59:22 +00:00
Joshua Drake
8e5cf31e9a
big exe/dll update, see #2017
...
NOTE: These changes specifically affect payload encoding via RPC, "use
payload", and msfencode
1. consolidate user-specified exe generation routine (now
Msf::Util::EXE.to_executable_fmt)
2. supported format types are now queried/checked using arrays
3. cleaned up and standardized exe option passing
4. rename data store options for EXE mixin
5. add generate_payload_exe_service for psexec/smb_relay
6. reworked default template handling in Msf::Util::EXE
a. added template search path option (not used if template includes
a path separator)
b. "fallback" flag to enable using default if specified file doesn't
exist
7. added Msf::Util::EXE.to_win64pe_dll
8. improved error messages from exe generation
git-svn-id: file:///home/svn/framework3/trunk@10404 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-21 00:13:30 +00:00
Joshua Drake
4590844871
tons of indentation fixes, some other style tweaks
...
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 08:06:27 +00:00
Joshua Drake
19db412383
convert remaining EXE generation to use the mixin, fixes #2017
...
git-svn-id: file:///home/svn/framework3/trunk@10389 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 04:38:13 +00:00
Joshua Drake
21d88b36c1
rename generate_exe -> generate_payload_exe
...
git-svn-id: file:///home/svn/framework3/trunk@10388 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 04:37:25 +00:00
Joshua Drake
5250ff20bb
add svn:keywords, increase ranking, add browser version
...
git-svn-id: file:///home/svn/framework3/trunk@10280 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-09 23:23:40 +00:00
Joshua Drake
ace873a37a
update test notes
...
git-svn-id: file:///home/svn/framework3/trunk@10204 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-31 17:55:43 +00:00
Steve Tornio
3c704ec753
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@10201 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-31 11:44:11 +00:00
Joshua Drake
3ab9a9b8d7
add Win7 IE8 target
...
git-svn-id: file:///home/svn/framework3/trunk@10199 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-30 23:31:01 +00:00
Joshua Drake
561c861a3a
add CVE reference
...
git-svn-id: file:///home/svn/framework3/trunk@10196 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-30 21:52:45 +00:00
Joshua Drake
2d6a956763
update description
...
git-svn-id: file:///home/svn/framework3/trunk@10194 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-30 20:50:52 +00:00
Joshua Drake
f68fd01772
nudge reliability up
...
git-svn-id: file:///home/svn/framework3/trunk@10193 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-30 20:44:43 +00:00
Joshua Drake
a39639c56f
add exploit for quicktime backdoor
...
git-svn-id: file:///home/svn/framework3/trunk@10192 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-30 20:42:51 +00:00
Joshua Drake
330281eadd
see #684 , adds checksum support, updates modules to use it, fixes some wfs_delay/WfsDelay issues
...
git-svn-id: file:///home/svn/framework3/trunk@10150 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-25 20:55:37 +00:00
Joshua Drake
bc56ae73a1
correct typo, thx jcran
...
git-svn-id: file:///home/svn/framework3/trunk@10142 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-25 16:18:02 +00:00
Joshua Drake
aac956db50
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@10128 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-24 18:22:48 +00:00
HD Moore
65af96745f
Set manual ranking until we have a vulnerable extension list added by default
...
git-svn-id: file:///home/svn/framework3/trunk@10101 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-23 13:41:59 +00:00
HD Moore
cc3554601f
Tools for testing DLL hijack flaws
...
git-svn-id: file:///home/svn/framework3/trunk@10100 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-23 05:43:47 +00:00
Steve Tornio
0e1ed07e73
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@10078 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-20 11:36:50 +00:00
Joshua Drake
1cc13485ae
bring ranking down
...
git-svn-id: file:///home/svn/framework3/trunk@10070 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-19 23:55:59 +00:00
Joshua Drake
791af4b6c5
add exploit for sonicwall aventail activex format string
...
git-svn-id: file:///home/svn/framework3/trunk@10069 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-19 23:52:11 +00:00
Joshua Drake
5f0d68d883
add exploit for cve-2010-1799
...
git-svn-id: file:///home/svn/framework3/trunk@10011 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-13 23:11:23 +00:00
Joshua Drake
1b31a44b57
move riff support from ani_loadimage browser sploit to mixin
...
git-svn-id: file:///home/svn/framework3/trunk@9984 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-12 16:56:41 +00:00
Joshua Drake
b93462a27f
add msb and rename module
...
git-svn-id: file:///home/svn/framework3/trunk@9956 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-04 02:21:33 +00:00
Joshua Drake
459c046ac2
add msb and rename module
...
git-svn-id: file:///home/svn/framework3/trunk@9955 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-04 02:21:20 +00:00
Joshua Drake
a31e133e80
add 3 easy ftp server exploits, 1 chemview activex
...
git-svn-id: file:///home/svn/framework3/trunk@9935 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-27 02:25:15 +00:00
Joshua Drake
f4103fd7f5
increase ranking
...
git-svn-id: file:///home/svn/framework3/trunk@9933 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-26 19:30:02 +00:00
Joshua Drake
2448f6b1a8
fix lnk file generation, tested OK on win7 x86
...
git-svn-id: file:///home/svn/framework3/trunk@9930 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-26 01:51:17 +00:00
Joshua Drake
2ccf0a0c81
add UNCHOST var, remove \r chars
...
git-svn-id: file:///home/svn/framework3/trunk@9897 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-21 00:02:47 +00:00
Joshua Drake
dd7a8178d7
actually use Msf::Exploit::EXE
...
git-svn-id: file:///home/svn/framework3/trunk@9896 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-21 00:02:04 +00:00
Joshua Drake
1ca054ba53
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9893 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-20 23:28:47 +00:00
HD Moore
99e2c9aa72
Looks like my initial testing was wrong - you can trigger this entirely through HTTP with a meta refresh, just not with a 301 (IE only).
...
git-svn-id: file:///home/svn/framework3/trunk@9888 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-20 19:54:56 +00:00
Joshua Drake
786ccb3d5f
add support for OWC11 (from DSR!)
...
git-svn-id: file:///home/svn/framework3/trunk@9883 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-20 06:24:19 +00:00
HD Moore
d388c1bc4f
Handle unknown requests in a cleaner way
...
git-svn-id: file:///home/svn/framework3/trunk@9879 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-20 03:08:43 +00:00
Joshua Drake
e30164e09e
possibly fix a bug
...
git-svn-id: file:///home/svn/framework3/trunk@9873 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-20 00:23:18 +00:00
Steve Tornio
3674a11fa5
add osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@9870 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-19 23:02:22 +00:00
HD Moore
fcd23fbdce
Adds coverage for the Windows Shell LNK code execution flaw (CVE-2010-2568)
...
git-svn-id: file:///home/svn/framework3/trunk@9869 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-19 22:36:26 +00:00
Joshua Drake
d07e613504
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9842 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-16 02:33:25 +00:00
HD Moore
24800ca1ec
Add reference for the help center bug
...
git-svn-id: file:///home/svn/framework3/trunk@9810 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-13 19:31:40 +00:00
HD Moore
19f1583ba5
Change to match MSB
...
git-svn-id: file:///home/svn/framework3/trunk@9809 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-13 19:30:47 +00:00
HD Moore
edae6e2d02
Change to match MSB
...
git-svn-id: file:///home/svn/framework3/trunk@9808 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-13 19:30:36 +00:00
James Lee
a5786cdc64
stop using some older exploits in browser_autopwn in favor of ie_behaviors which works on more versions
...
git-svn-id: file:///home/svn/framework3/trunk@9787 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-12 02:51:50 +00:00
Joshua Drake
c7f5ba801c
add lots of disclosure dates from OSVDB (missed a few)
...
git-svn-id: file:///home/svn/framework3/trunk@9670 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 03:19:07 +00:00
Joshua Drake
7d945ed9dc
add lots of disclosure dates from OSVDB
...
git-svn-id: file:///home/svn/framework3/trunk@9669 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 03:13:45 +00:00
Joshua Drake
56ea22716e
oops, broke the tree
...
git-svn-id: file:///home/svn/framework3/trunk@9668 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 01:38:15 +00:00
Joshua Drake
9984b662e0
switch some URL references to US-CERT-VU type
...
git-svn-id: file:///home/svn/framework3/trunk@9666 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 01:09:32 +00:00
Joshua Drake
f6f954a18c
add missing CVE/OSVDB references, plenty still missing *wink wink*
...
git-svn-id: file:///home/svn/framework3/trunk@9659 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-02 00:10:51 +00:00
Joshua Drake
0882838491
ensure binary mode when opening files, whitespace fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9653 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 23:33:07 +00:00
Joshua Drake
8676a88ce3
fix typo, thx chad
...
git-svn-id: file:///home/svn/framework3/trunk@9646 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 20:35:56 +00:00
Joshua Drake
a040b3708a
add some MSB numbers that were missing, rename ms08-070 msmask32 module
...
git-svn-id: file:///home/svn/framework3/trunk@9532 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-15 23:49:17 +00:00
Joshua Drake
fa505a4069
various fixes, mostly consistency changes to disclosure dates
...
git-svn-id: file:///home/svn/framework3/trunk@9525 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-15 07:18:08 +00:00
Joshua Drake
09f4c42aee
fix whitespace
...
git-svn-id: file:///home/svn/framework3/trunk@9518 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-15 05:44:29 +00:00
natron
7cbc566c7b
Bug fixes for WMP11 and IE8, new configurable setting for exploit trigger, and output cleanup.
...
git-svn-id: file:///home/svn/framework3/trunk@9495 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 20:54:35 +00:00
Joshua Drake
75b906ac4c
switch to %uFFFF per secunia analysis, fix regexp handling
...
git-svn-id: file:///home/svn/framework3/trunk@9491 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 17:40:42 +00:00
Joshua Drake
cb69258fb2
fix regexp handling
...
git-svn-id: file:///home/svn/framework3/trunk@9490 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 17:40:12 +00:00
Joshua Drake
e32abab8dc
a HTTP -> an HTTP ( http://www.english-zone.com/grammar/a-anlessn.html )
...
git-svn-id: file:///home/svn/framework3/trunk@9488 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 16:12:05 +00:00
Joshua Drake
565397e989
fix CVE reference -- shakes stick
...
git-svn-id: file:///home/svn/framework3/trunk@9487 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 16:10:12 +00:00
Joshua Drake
c62b62d35d
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9486 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 15:17:23 +00:00
Steve Tornio
e2f4a6ad0d
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@9485 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 10:39:41 +00:00
HD Moore
7c87a96e65
Add CVE from Kurt S.
...
git-svn-id: file:///home/svn/framework3/trunk@9484 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 06:49:54 +00:00
natron
f4394bf0e0
Initial commit for Tavis Ormandy's Help Ctr bug. Needs improvement on stealthiness, but works for now.
...
-n
git-svn-id: file:///home/svn/framework3/trunk@9483 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 06:10:08 +00:00
Joshua Drake
619d088ada
updated test results
...
git-svn-id: file:///home/svn/framework3/trunk@9477 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-10 20:55:17 +00:00
Joshua Drake
07ed2d636c
add browser version of cve-2010-1297
...
git-svn-id: file:///home/svn/framework3/trunk@9475 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-10 20:28:05 +00:00
Joshua Drake
6d1e7bdaa5
big commit - lots of cmdstager changes
...
created 4 cmd stagers (instead of just one): CmdStagerVBS, CmdStagerDebugAsm, CmdStagerDebugWrite, CmdStagerTFTP
created a TFTPServer mixin
created Msf::Exploit::EXE mixin to generate executables
updated all uses of CmdStager to use CmdStagerVBS for the time being
add exploit for cve-2001-0333 using CmdStagerTFTP
updated tftp server to wait for transfers to finish (up to 30 seconds) before shutting down
write debug.exe stager stub in 16-bit assembly (used in CmdStagerDebugAsm)
git-svn-id: file:///home/svn/framework3/trunk@9375 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-26 22:39:56 +00:00
Steve Tornio
cfb850b41b
add osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@9363 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-25 02:09:42 +00:00
Joshua Drake
acf45118a2
add exploit module for communicrypt activex from dookie
...
git-svn-id: file:///home/svn/framework3/trunk@9356 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-24 22:37:59 +00:00
Steve Tornio
365f13551b
added refs. I think all the auxiliary and exploit modules should now be covered.
...
git-svn-id: file:///home/svn/framework3/trunk@9298 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-13 16:53:50 +00:00
Joshua Drake
128e0515ef
stop perpetuating the ambiguity!
...
git-svn-id: file:///home/svn/framework3/trunk@9262 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-09 17:45:00 +00:00
Joshua Drake
4bc86e603e
fix a couple more silly regex mishaps
...
git-svn-id: file:///home/svn/framework3/trunk@9220 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-04 23:09:32 +00:00
Joshua Drake
0e72894e58
more cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@9212 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-03 17:13:09 +00:00
Joshua Drake
665baa7691
modify ms09-002 exploit to use encrypt_js
...
git-svn-id: file:///home/svn/framework3/trunk@9200 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-02 20:42:34 +00:00
Joshua Drake
ce372f62ff
fix aurora encrypt and add js_encrypt to chilikat module
...
git-svn-id: file:///home/svn/framework3/trunk@9185 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-01 02:31:17 +00:00
Joshua Drake
2662055be8
add encrypt_js call to aurora exploit
...
git-svn-id: file:///home/svn/framework3/trunk@9184 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-01 02:14:26 +00:00
Joshua Drake
0ea6eca4bc
big module whitespace/formatting cleanup pass
...
git-svn-id: file:///home/svn/framework3/trunk@9179 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 08:40:19 +00:00
Joshua Drake
d91046c470
detect and split JS and non-JS versions
...
git-svn-id: file:///home/svn/framework3/trunk@9160 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-27 17:45:35 +00:00
Joshua Drake
49f6fc4d98
ugh
...
git-svn-id: file:///home/svn/framework3/trunk@9159 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-27 16:46:21 +00:00
Joshua Drake
2f3171906c
remove splash screen
...
git-svn-id: file:///home/svn/framework3/trunk@9158 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-27 15:58:05 +00:00
Joshua Drake
ac188bebdb
added support for older JREs using javascript methods from taviso's exploit
...
git-svn-id: file:///home/svn/framework3/trunk@9151 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-27 00:42:52 +00:00
Joshua Drake
a953c47cfb
remove carriage returns
...
git-svn-id: file:///home/svn/framework3/trunk@9140 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-26 18:29:24 +00:00
Joshua Drake
bc68b7d92e
fix name
...
git-svn-id: file:///home/svn/framework3/trunk@9097 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 08:08:40 +00:00
Joshua Drake
fc2fab9bd7
fix name
...
git-svn-id: file:///home/svn/framework3/trunk@9096 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 08:08:36 +00:00
Joshua Drake
51e6a64e07
add UNCPATH option
...
git-svn-id: file:///home/svn/framework3/trunk@9095 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 08:08:14 +00:00
Joshua Drake
80cec47e17
added cve
...
git-svn-id: file:///home/svn/framework3/trunk@9091 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 00:31:31 +00:00
Joshua Drake
180ca93bbb
updated description
...
git-svn-id: file:///home/svn/framework3/trunk@9090 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 00:31:03 +00:00
Joshua Drake
8e5f0a37d8
rename modules to microsoft bulletin names and update references
...
git-svn-id: file:///home/svn/framework3/trunk@9085 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-15 16:08:27 +00:00
Joshua Drake
73dfe9729b
update default option settings and auto_target
...
git-svn-id: file:///home/svn/framework3/trunk@9083 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-15 15:23:43 +00:00
Steve Tornio
ec74d862a7
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@9082 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-15 11:18:25 +00:00
Joshua Drake
950f571488
add module for java web start arguments vuln - no CVE yet
...
git-svn-id: file:///home/svn/framework3/trunk@9074 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-14 21:45:23 +00:00
pusscat
99ecd361d3
Fix variable name (care of Monica Sojeong Hong)
...
git-svn-id: file:///home/svn/framework3/trunk@9061 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-13 19:05:52 +00:00
HD Moore
c8aae09827
Correct english in the quotation
...
git-svn-id: file:///home/svn/framework3/trunk@9029 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-07 00:59:20 +00:00
Joshua Drake
e9083bda0d
add exploit module for cve-2010-0805 - from zsploit
...
git-svn-id: file:///home/svn/framework3/trunk@9018 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 20:25:56 +00:00
HD Moore
52faebea30
Typo
...
git-svn-id: file:///home/svn/framework3/trunk@9006 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-04 04:57:42 +00:00
HD Moore
8f0e3ced67
Correct spelling typo
...
git-svn-id: file:///home/svn/framework3/trunk@9004 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-04 00:46:49 +00:00
Joshua Drake
ff8cdc29aa
update description with a little history
...
git-svn-id: file:///home/svn/framework3/trunk@8968 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-31 22:36:10 +00:00
Joshua Drake
da874c323a
renamed and udpated "iepeers" vuln with latest information/name
...
git-svn-id: file:///home/svn/framework3/trunk@8965 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-31 20:15:22 +00:00
Joshua Drake
79e277450a
add reliable IE7 trigger from Nanika
...
git-svn-id: file:///home/svn/framework3/trunk@8935 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 01:31:19 +00:00
Joshua Drake
89d6907a8f
fix typoez
...
git-svn-id: file:///home/svn/framework3/trunk@8933 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 00:35:48 +00:00
HD Moore
13410d4daa
Rename aurora module to the MSB naming convention
...
git-svn-id: file:///home/svn/framework3/trunk@8780 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-11 05:49:45 +00:00
HD Moore
a23344b5d0
Consistency in how IE/Internet Explorer is named
...
git-svn-id: file:///home/svn/framework3/trunk@8779 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-11 05:49:14 +00:00
Steve Tornio
d3da883aa2
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8774 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 22:07:04 +00:00
Joshua Drake
3c57fe6e81
add exploit module for cve-2010-0806
...
git-svn-id: file:///home/svn/framework3/trunk@8770 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 22:01:32 +00:00
Joshua Drake
b419a40c45
finished periodic missing CVE reference check (hint vulns w/o CVEs here!)
...
also some minor cleanups here and there
git-svn-id: file:///home/svn/framework3/trunk@8762 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 05:58:01 +00:00
Joshua Drake
83419da78b
check for vulnerable version in JS prior to triggering vuln, closes #1011
...
git-svn-id: file:///home/svn/framework3/trunk@8731 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-06 04:36:16 +00:00
Joshua Drake
73da75a931
big update to cmd stager
...
1. returns array of commands instead of big blob of lines
2. combine lines together when possible (to reduce # of commands to execute)
3. add cmd stager usage in mssql_payload
4. remove extraneous stuff here and there
git-svn-id: file:///home/svn/framework3/trunk@8721 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 00:29:44 +00:00
Joshua Drake
0900314a15
redirect requests without subdirectories
...
git-svn-id: file:///home/svn/framework3/trunk@8713 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 18:28:05 +00:00
Joshua Drake
4bd857b53e
add exploit module for cve-2008-3558
...
git-svn-id: file:///home/svn/framework3/trunk@8712 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 17:41:26 +00:00
Joshua Drake
e8f22a7136
add exploit module for cve-2008-3878
...
git-svn-id: file:///home/svn/framework3/trunk@8705 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 06:19:37 +00:00
Joshua Drake
5aebed8fe7
add exploit module for cve-2008-5002
...
git-svn-id: file:///home/svn/framework3/trunk@8703 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 21:17:31 +00:00
Joshua Drake
fb5906385d
add exploit module for cve-2009-1534
...
git-svn-id: file:///home/svn/framework3/trunk@8698 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 18:12:37 +00:00
Joshua Drake
d86575701d
added CVE, KB references
...
git-svn-id: file:///home/svn/framework3/trunk@8696 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 03:20:58 +00:00
Steve Tornio
074b4ada44
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8688 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 12:23:17 +00:00
Joshua Drake
4b59410507
rename module per ms bulletin
...
git-svn-id: file:///home/svn/framework3/trunk@8686 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 07:50:25 +00:00
Joshua Drake
d0153225a0
add exploit module for cve-2009-1612
...
git-svn-id: file:///home/svn/framework3/trunk@8685 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 02:26:55 +00:00
Joshua Drake
cc9113397c
add exploit for IE Windows Help vulnerability
...
git-svn-id: file:///home/svn/framework3/trunk@8682 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 23:14:20 +00:00
Joshua Drake
cc891bce80
whitespace cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@8677 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 15:13:04 +00:00
Joshua Drake
afd2df315b
rename module part deux!
...
git-svn-id: file:///home/svn/framework3/trunk@8607 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-23 18:12:10 +00:00
Joshua Drake
705a4626e4
remove dash from file name
...
git-svn-id: file:///home/svn/framework3/trunk@8605 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-23 18:06:35 +00:00
Joshua Drake
797ab55f52
add exploit module for cve-2009-2011
...
git-svn-id: file:///home/svn/framework3/trunk@8541 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 20:14:40 +00:00
Patrick Webster
3fd3d44ad6
Added barcode_ax49.rb exploit module.
...
git-svn-id: file:///home/svn/framework3/trunk@8466 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-12 18:06:49 +00:00
James Lee
eb6ce38e0c
old zero-day shows its age
...
git-svn-id: file:///home/svn/framework3/trunk@8445 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-10 20:41:07 +00:00
HD Moore
ba34abc232
Fix unpack("H*") vs unpack("H*")[0]
...
git-svn-id: file:///home/svn/framework3/trunk@8416 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 21:37:07 +00:00
Joshua Drake
fde3fbb2e3
add exploit module for cve-2009-1569
...
git-svn-id: file:///home/svn/framework3/trunk@8339 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-01 03:56:02 +00:00
Joshua Drake
c073cd707a
removed unecessary parameter, commented target
...
git-svn-id: file:///home/svn/framework3/trunk@8338 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-01 03:33:38 +00:00
Joshua Drake
2783c5884e
add exploit module for cve-2009-1568
...
git-svn-id: file:///home/svn/framework3/trunk@8336 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-01 02:40:47 +00:00
Joshua Drake
4751d83cb8
some cleanups, added some CVE references
...
git-svn-id: file:///home/svn/framework3/trunk@8304 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 20:15:32 +00:00
Joshua Drake
d9e5de5683
note the CLSID of this control
...
git-svn-id: file:///home/svn/framework3/trunk@8302 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 19:17:50 +00:00
Joshua Drake
31949c4343
svn keywords fixups
...
fixed a bunch of $Id$ and $Revision$ typos
added keywords property to files missing it
git-svn-id: file:///home/svn/framework3/trunk@8242 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-26 20:12:13 +00:00
Joshua Drake
83f47796fe
add reference to ms09-032 (the mitigation)
...
git-svn-id: file:///home/svn/framework3/trunk@8212 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-24 00:05:19 +00:00
Joshua Drake
409d44bfad
fix another typo
...
git-svn-id: file:///home/svn/framework3/trunk@8190 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 19:26:04 +00:00
Joshua Drake
9cb3ac9340
fix typo
...
git-svn-id: file:///home/svn/framework3/trunk@8189 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 19:24:54 +00:00
Joshua Drake
ab1a1c58db
escape more format specifiers passed to util.printd
...
prevents mucking with the allocation size (hopefully)
a better solution would be to find a different way to allocate the freed memory..
git-svn-id: file:///home/svn/framework3/trunk@8188 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 18:32:01 +00:00
Joshua Drake
a87d4e7eb4
escape randomly generated format specifiers passed to util.printd
...
prevents mucking with the allocation size (hopefully)
git-svn-id: file:///home/svn/framework3/trunk@8186 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 17:09:46 +00:00
Joshua Drake
2b8a2d56a1
some variable renaming
...
git-svn-id: file:///home/svn/framework3/trunk@8184 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 04:55:16 +00:00
James Lee
bbe10b439f
let the user know when a client connects
...
git-svn-id: file:///home/svn/framework3/trunk@8140 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-16 01:00:01 +00:00
HD Moore
69f609bdcd
Updated description to make the source of the exploit clear and why it only triggers reliably vs 6 now. Adjusts the heap spray to be slightly bigger
...
git-svn-id: file:///home/svn/framework3/trunk@8138 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-16 00:55:42 +00:00
Steve Tornio
a0326fc842
add CVE and OSVDB refs
...
git-svn-id: file:///home/svn/framework3/trunk@8137 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 22:05:02 +00:00
HD Moore
579a6fe799
Metasploit port of the IE "Aurora" exploit, based on this sample: http://wepawet.iseclab.org/view.php?hash=1aea206aa64ebeabb07237f1e2230d0f&type=js
...
git-svn-id: file:///home/svn/framework3/trunk@8136 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 21:36:04 +00:00
Joshua Drake
fba8a1d110
added a German target with 0x0a0a0a0a as the spray addr
...
git-svn-id: file:///home/svn/framework3/trunk@8125 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-14 22:24:56 +00:00
James Lee
3c6cbbc47e
make sure IE service packs don't throw off the version comparison
...
git-svn-id: file:///home/svn/framework3/trunk@8049 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-31 21:24:00 +00:00
Joshua Drake
2283e029db
crossing fingers, big cr removal batch
...
git-svn-id: file:///home/svn/framework3/trunk@8038 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-30 22:24:22 +00:00
Joshua Drake
19d32b6c97
add jabra to author list
...
git-svn-id: file:///home/svn/framework3/trunk@7931 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 17:01:12 +00:00
Steve Tornio
544efd879b
Add OSVDB references
...
git-svn-id: file:///home/svn/framework3/trunk@7929 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 11:53:20 +00:00
Joshua Drake
47ef693b77
add CVE references!
...
git-svn-id: file:///home/svn/framework3/trunk@7928 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 09:38:42 +00:00
HD Moore
be42efdd1b
Update the PDF modules to work on a wider range of versions
...
git-svn-id: file:///home/svn/framework3/trunk@7917 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-19 01:02:32 +00:00
James Lee
82d84605e4
advisory says it should work against 5.5, but this module causes js syntax errors, so only run it on 6
...
git-svn-id: file:///home/svn/framework3/trunk@7914 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-18 19:38:52 +00:00
HD Moore
f2ec7795e2
Reliability improvement for the Acrobat bug - use the lame old 0x0c0c0c0c, but this works on the widest range of versions
...
git-svn-id: file:///home/svn/framework3/trunk@7907 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 14:43:05 +00:00
Joshua Drake
026924c9b6
fixed sync issues between browser/fileformat modules
...
git-svn-id: file:///home/svn/framework3/trunk@7902 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 05:19:30 +00:00
Joshua Drake
2baa4a1efa
port changes from Lurene to browser version
...
git-svn-id: file:///home/svn/framework3/trunk@7901 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 05:16:35 +00:00
Joshua Drake
e563e91d35
added browser versions of yesterdays adobe pdf exploits from jabra
...
git-svn-id: file:///home/svn/framework3/trunk@7894 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-16 20:37:57 +00:00
James Lee
2570fcee15
get rid of some more ^Ms
...
git-svn-id: file:///home/svn/framework3/trunk@7880 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 18:47:29 +00:00
James Lee
196ee82179
bye-bye crlf
...
git-svn-id: file:///home/svn/framework3/trunk@7878 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 18:13:27 +00:00
Joshua Drake
1813a0fb9a
updated technique
...
git-svn-id: file:///home/svn/framework3/trunk@7867 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 00:32:07 +00:00
Mario Ceballos
c799df8559
target is no good. offsets change on different installs.
...
git-svn-id: file:///home/svn/framework3/trunk@7864 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 23:07:21 +00:00
Joshua Drake
88b9ee18af
clarified some version info
...
git-svn-id: file:///home/svn/framework3/trunk@7863 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 23:01:34 +00:00
Joshua Drake
8317b69aca
corrected disclosure date
...
git-svn-id: file:///home/svn/framework3/trunk@7860 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 22:44:37 +00:00
Joshua Drake
2524840348
renamed, new targets, now using seh...
...
git-svn-id: file:///home/svn/framework3/trunk@7859 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 22:40:56 +00:00
Mario Ceballos
3ac51c7396
added exploit module symantec_altirisdeployment_runcmd.rb.
...
git-svn-id: file:///home/svn/framework3/trunk@7821 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-11 02:36:01 +00:00
HD Moore
3c08bc0c80
Rename and reference update from the microsoft patch
...
git-svn-id: file:///home/svn/framework3/trunk@7775 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 15:06:26 +00:00
Joshua Drake
87c85b5176
removed executable generation routines from Rex::Text (use Msf::Util::EXE), Fixes #660
...
git-svn-id: file:///home/svn/framework3/trunk@7760 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 21:24:45 +00:00
Joshua Drake
0961ce3523
add exploit module for cve-2009-3693
...
git-svn-id: file:///home/svn/framework3/trunk@7749 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 03:08:46 +00:00
Joshua Drake
ff83f1cd2f
add ranking to every exploit module, pfew!
...
git-svn-id: file:///home/svn/framework3/trunk@7724 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 05:50:37 +00:00
Joshua Drake
2cf9c3ce2b
revision fixups
...
git-svn-id: file:///home/svn/framework3/trunk@7723 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 05:16:11 +00:00
Joshua Drake
17249f29d3
cve roulette also cve-2009-4054
...
git-svn-id: file:///home/svn/framework3/trunk@7722 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 05:00:06 +00:00
HD Moore
927563c135
Correct some assumptions about client-side exploit signature development, remove the prepend since we dont use .net anymore
...
git-svn-id: file:///home/svn/framework3/trunk@7616 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 21:18:26 +00:00
Joshua Drake
a4dd52543c
removed .net dll bypass, recorded some crash addresses
...
git-svn-id: file:///home/svn/framework3/trunk@7614 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 19:39:15 +00:00
James Lee
00eaff0550
stupid ruby string differences
...
git-svn-id: file:///home/svn/framework3/trunk@7611 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 17:16:45 +00:00
HD Moore
0c19f50718
Fix broken .NET method
...
git-svn-id: file:///home/svn/framework3/trunk@7610 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 17:11:38 +00:00
Joshua Drake
f733856974
add exploit module for cve-2009-3762
...
git-svn-id: file:///home/svn/framework3/trunk@7609 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 07:25:04 +00:00
James Lee
f516edacfb
only works on ie7
...
git-svn-id: file:///home/svn/framework3/trunk@7603 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 02:14:40 +00:00
James Lee
c45c15cd29
add autopwn info
...
git-svn-id: file:///home/svn/framework3/trunk@7599 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 23:50:08 +00:00
James Lee
99319d2a55
don't unintentionally create a UNC path. see #558
...
git-svn-id: file:///home/svn/framework3/trunk@7591 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 06:23:03 +00:00
James Lee
4a912e7c0c
don't inadvertantly create a UNC path. see #558
...
git-svn-id: file:///home/svn/framework3/trunk@7590 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 06:02:21 +00:00
James Lee
7490e4c4a8
use an absolute uri to the evil gif. fixes #558 . we probably ought to have a method for doing this since it seems to be a fairly common problem.
...
git-svn-id: file:///home/svn/framework3/trunk@7589 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 05:44:21 +00:00
Joshua Drake
b9939a836f
fixed PDF header (oops)
...
git-svn-id: file:///home/svn/framework3/trunk@7577 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-22 01:01:11 +00:00
Joshua Drake
e5796f5b3b
changed address to 0x0a0a0a0a
...
tested against various reader versions
removed pdf version randomization
git-svn-id: file:///home/svn/framework3/trunk@7570 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-19 05:56:03 +00:00
HD Moore
61e233df91
Keywords on all modules, plugins, and scripts
...
git-svn-id: file:///home/svn/framework3/trunk@7550 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-17 00:05:19 +00:00
Joshua Drake
4edc6d942c
updated awingsoft web3d bof module from trancer
...
git-svn-id: file:///home/svn/framework3/trunk@7533 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 16:51:52 +00:00
Joshua Drake
04725e70cc
reference updates from Steve Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@7521 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-15 16:03:01 +00:00
Mario Ceballos
4c23734e72
added exploit module oracle_dc_submittoexpress.rb
...
git-svn-id: file:///home/svn/framework3/trunk@7520 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-15 01:01:21 +00:00
Joshua Drake
7573994152
add exploit module for another winds3d 0day
...
git-svn-id: file:///home/svn/framework3/trunk@7518 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 22:26:08 +00:00
Joshua Drake
240a8444b0
Fixed some license problems
...
git-svn-id: file:///home/svn/framework3/trunk@7515 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 18:09:05 +00:00
Mario Ceballos
bbfc195735
added patch from Steve Tornio.
...
git-svn-id: file:///home/svn/framework3/trunk@7514 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 13:26:27 +00:00
Joshua Drake
8d382ef487
oops -- removed CVE/BID/OSVDB references
...
git-svn-id: file:///home/svn/framework3/trunk@7512 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:46:21 +00:00
Joshua Drake
74269325db
added CVE/BID/OSVDB references
...
git-svn-id: file:///home/svn/framework3/trunk@7511 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:42:02 +00:00
Joshua Drake
f86eca488a
minor fixup in email addr
...
git-svn-id: file:///home/svn/framework3/trunk@7510 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:39:00 +00:00
Joshua Drake
9381abf41a
swap L to V for packing
...
git-svn-id: file:///home/svn/framework3/trunk@7509 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:38:03 +00:00
Joshua Drake
70cf288b99
added trancer's exploit for cve-2009-2386
...
git-svn-id: file:///home/svn/framework3/trunk@7508 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-14 04:36:20 +00:00
Joshua Drake
da6fa072f2
add module for cve-2008-0492
...
git-svn-id: file:///home/svn/framework3/trunk@7490 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 18:09:50 +00:00
Joshua Drake
7758ebfda4
uniquified name
...
git-svn-id: file:///home/svn/framework3/trunk@7488 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 00:22:14 +00:00
Joshua Drake
61f2c0b195
uniqified name
...
git-svn-id: file:///home/svn/framework3/trunk@7487 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 00:21:54 +00:00
Joshua Drake
2e4f5734ea
fixed typo
...
git-svn-id: file:///home/svn/framework3/trunk@7486 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-13 00:21:09 +00:00
James Lee
70b2d06c86
speed up content creation, string concat sucks
...
git-svn-id: file:///home/svn/framework3/trunk@7356 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 19:06:01 +00:00
James Lee
c675cfb1cf
Fix 1.9.1 issues, make the vbs smaller (down to about 4MB from almost 10)
...
git-svn-id: file:///home/svn/framework3/trunk@7355 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 18:55:32 +00:00
HD Moore
9e654c51f2
Revive
...
git-svn-id: file:///home/svn/framework3/trunk@7348 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 04:04:39 +00:00
HD Moore
4b53b1d378
Purge
...
git-svn-id: file:///home/svn/framework3/trunk@7347 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 04:04:17 +00:00
HD Moore
98d9d66905
Replaced with encoded shiny bits
...
git-svn-id: file:///home/svn/framework3/trunk@7346 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 03:56:12 +00:00
HD Moore
0a52c98e03
Purging this module due to lame AV sigs, re-adding in a sillier form
...
git-svn-id: file:///home/svn/framework3/trunk@7345 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-04 03:50:31 +00:00
Mario Ceballos
aef3817db9
added patch from steve tornio.
...
git-svn-id: file:///home/svn/framework3/trunk@7331 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-03 12:02:54 +00:00
Mario Ceballos
b62dc9705e
remove some debugging.
...
git-svn-id: file:///home/svn/framework3/trunk@7329 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-02 21:21:50 +00:00
Mario Ceballos
73bd4f7de2
added exploit module symantec_consoleutilities_browseandsavefile.rb from Nikolas Sotiriu.
...
git-svn-id: file:///home/svn/framework3/trunk@7328 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-02 21:02:45 +00:00
HD Moore
4f3128c061
Stop randomizing the module version, it breaks Acrobat 9
...
git-svn-id: file:///home/svn/framework3/trunk@7303 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-29 04:09:07 +00:00
Mario Ceballos
131adc4c3a
fixed cve reference number.
...
git-svn-id: file:///home/svn/framework3/trunk@7260 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 21:19:27 +00:00
HD Moore
e3f68f2639
Another large number of warnings fixed by Yoann Guillot
...
git-svn-id: file:///home/svn/framework3/trunk@7248 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 17:18:23 +00:00
HD Moore
a0fbc2914f
Remove the milw0rm references, as the links are no longer valid.
...
git-svn-id: file:///home/svn/framework3/trunk@7237 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-24 18:13:07 +00:00
Mario Ceballos
bac233108f
added exploit modules ms_visual_studio_msmask.rb and ms_visual_basic_vbp.rb
...
git-svn-id: file:///home/svn/framework3/trunk@7208 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-19 12:58:03 +00:00
HD Moore
d3aa513773
Fixes #339 . Cleans up author names for the most part - there are still some stragglers, but this should fix up the frequent contributors
...
git-svn-id: file:///home/svn/framework3/trunk@7173 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-17 05:55:15 +00:00
Mario Ceballos
62dc4c74d7
added activepdf_webgrabber.rb, etrust_pestscan.rb, ea_checkrequirements.rb and mcafee_hercules_deletesnapshot.rb exploit modules.
...
git-svn-id: file:///home/svn/framework3/trunk@7167 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-15 15:22:16 +00:00
Mario Ceballos
aae4ac74c1
more adjusting of the cve entries.
...
git-svn-id: file:///home/svn/framework3/trunk@7157 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-14 12:56:13 +00:00
Mario Ceballos
8e365c17fa
fixed the cve entrys.
...
git-svn-id: file:///home/svn/framework3/trunk@7156 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-14 11:45:14 +00:00
Mario Ceballos
aee16a85ab
fixed the cve entry.
...
git-svn-id: file:///home/svn/framework3/trunk@7155 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-14 11:28:50 +00:00
Mario Ceballos
63ad9ebf27
added exploit module aol_icq_downloadagent.rb
...
git-svn-id: file:///home/svn/framework3/trunk@7153 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-13 17:04:05 +00:00
HD Moore
5d9f3323e8
Last two reference updates from Steve Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@7150 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-12 14:42:51 +00:00
HD Moore
26db223636
OSVDB reference update from Steve Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@7149 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-12 14:39:51 +00:00
Mario Ceballos
a8ccd1fe98
updated references with bid/cve.
...
git-svn-id: file:///home/svn/framework3/trunk@7148 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-12 12:39:15 +00:00
Mario Ceballos
5b6f16a0f9
added exploit modules athocgov_completeinstallation.rb and symantec_iao.rb
...
git-svn-id: file:///home/svn/framework3/trunk@7147 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-12 12:31:52 +00:00
Mario Ceballos
1cadfa4ea7
added exploit module amaya_bdo.rb from dookie.
...
git-svn-id: file:///home/svn/framework3/trunk@7136 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-10 21:51:25 +00:00
kris
f21e3c8754
svn:keywords run
...
git-svn-id: file:///home/svn/framework3/trunk@7128 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-04 23:38:06 +00:00
HD Moore
5972666f63
See #339 . Massive cleanup of author names, make them consistent across modules
...
git-svn-id: file:///home/svn/framework3/trunk@7075 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-27 21:30:45 +00:00
James Lee
9ace8f33eb
OSVDB references from Steve Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@7030 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-12 04:22:58 +00:00
Mario Ceballos
13f5e1c2e5
added exploit module symantec_altirisdeployment_downloadandinstall.rb
...
git-svn-id: file:///home/svn/framework3/trunk@7023 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-09 22:30:01 +00:00
HD Moore
71d644e72e
Fix the Payload->Space to match the new max size limit for the EXE generator. Thanks for catching it MC
...
git-svn-id: file:///home/svn/framework3/trunk@7022 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-09 21:23:11 +00:00
druid
20102275ce
Updated references
...
git-svn-id: file:///home/svn/framework3/trunk@6956 4d416f70-5f16-0410-b530-b9f4589650da
2009-08-13 22:35:42 +00:00
druid
0a29ce88c0
Added MSB reference
...
git-svn-id: file:///home/svn/framework3/trunk@6955 4d416f70-5f16-0410-b530-b9f4589650da
2009-08-13 19:25:02 +00:00
Patrick Webster
91faadd782
Added juniper_sslvpn_ive_setupdll ActiveX exploit module.
...
git-svn-id: file:///home/svn/framework3/trunk@6921 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-30 15:47:23 +00:00
HD Moore
876a80f601
Updated osvdb references from Steve Tornio, updated capture/eth_spoof modules
...
git-svn-id: file:///home/svn/framework3/trunk@6907 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-27 14:05:23 +00:00
kris
d3e65b3363
svn:keywords run
...
git-svn-id: file:///home/svn/framework3/trunk@6876 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-23 02:55:51 +00:00
James Lee
739207bf4a
merge browser_autopwn back into trunk. This changes the database schema slightly, so make sure to db_destroy and db_create before using the database features.
...
git-svn-id: file:///home/svn/framework3/trunk@6873 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-22 20:14:35 +00:00
James Lee
750a432fd0
fix calls to new to_win32pe with correct number of arguments
...
git-svn-id: file:///home/svn/framework3/trunk@6872 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-22 19:23:21 +00:00
James Lee
529ded22ae
reverting last commit; somebody didn't cross their fingers
...
git-svn-id: file:///home/svn/framework3/trunk@6847 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-19 20:48:47 +00:00
James Lee
c3dc1ecb55
reintegrate browser_autopwn into trunk; cross your fingers and hope this works
...
git-svn-id: file:///home/svn/framework3/trunk@6846 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-19 17:27:36 +00:00
HD Moore
f8c2a203fd
OSVDB references updates from Steve Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@6812 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-16 16:02:24 +00:00
HD Moore
b018df89da
Some minor tweaks, looks like this module doesnt play nice with the new JS encrypter
...
git-svn-id: file:///home/svn/framework3/trunk@6799 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-14 11:59:33 +00:00
HD Moore
b2a0f8adf5
Comment out references for now
...
git-svn-id: file:///home/svn/framework3/trunk@6795 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-14 02:42:52 +00:00
HD Moore
298ba64734
Fix the references section
...
git-svn-id: file:///home/svn/framework3/trunk@6794 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-14 00:25:26 +00:00
HD Moore
306841cc69
Adds coverage for the new OWC ActiveX control exploit
...
git-svn-id: file:///home/svn/framework3/trunk@6792 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-13 23:39:42 +00:00
HD Moore
5fb316b383
Integrates L4teral's JS encoder/encrypter
...
git-svn-id: file:///home/svn/framework3/trunk@6784 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-13 22:17:11 +00:00
druid
c846f02c79
Final commit of working CLSIDs
...
git-svn-id: file:///home/svn/framework3/trunk@6755 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-08 22:15:59 +00:00
druid
7a7b2df5a5
Updated list of working ClassIDs
...
git-svn-id: file:///home/svn/framework3/trunk@6754 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-08 21:34:13 +00:00
druid
b9e7e0b902
Removed some CLSIDs that didn't work
...
git-svn-id: file:///home/svn/framework3/trunk@6753 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-08 21:25:23 +00:00
druid
02f7d6b586
Exploit now uses a random ClassID from the list provided by the Microsoft Advisory rather than a static one (also configurable via an advanced option).
...
git-svn-id: file:///home/svn/framework3/trunk@6751 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-08 19:47:44 +00:00
HD Moore
a54b9a06ef
Exploit module for the new MS Video ActiveX flaw from Trancer. See more at http://www.rec-sec.com/2009/07/06/ms-directshow-msvidctl-exploit/
...
git-svn-id: file:///home/svn/framework3/trunk@6750 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-07 11:11:46 +00:00
HD Moore
d0fe4e8610
Remove overzealous change for 1.9.1 compat
...
git-svn-id: file:///home/svn/framework3/trunk@6697 4d416f70-5f16-0410-b530-b9f4589650da
2009-06-22 13:22:50 +00:00
HD Moore
66a6bfe9c0
Make the PDF modules 1.9.1 compatible
...
git-svn-id: file:///home/svn/framework3/trunk@6696 4d416f70-5f16-0410-b530-b9f4589650da
2009-06-22 13:21:08 +00:00
HD Moore
2ec7693d94
Fix up the modules to pass in the framework object into the new API call
...
git-svn-id: file:///home/svn/framework3/trunk@6687 4d416f70-5f16-0410-b530-b9f4589650da
2009-06-20 18:18:04 +00:00
HD Moore
2283e0ffe4
Update executable template and API
...
git-svn-id: file:///home/svn/framework3/trunk@6682 4d416f70-5f16-0410-b530-b9f4589650da
2009-06-20 17:42:17 +00:00
HD Moore
3a9e42ceb8
Green dam exploit from Trancer
...
git-svn-id: file:///home/svn/framework3/trunk@6671 4d416f70-5f16-0410-b530-b9f4589650da
2009-06-18 01:54:15 +00:00
HD Moore
a5f567e76e
Massive OSVDB reference update from Steve Tornio.
...
git-svn-id: file:///home/svn/framework3/trunk@6629 4d416f70-5f16-0410-b530-b9f4589650da
2009-06-07 20:20:42 +00:00
Mario Ceballos
fe463072d6
added exploit module ibmegath_getxmlvalue.rb
...
git-svn-id: file:///home/svn/framework3/trunk@6609 4d416f70-5f16-0410-b530-b9f4589650da
2009-06-01 11:19:06 +00:00
HD Moore
f17ee863bc
Three new unpatched exploits from trancer: http://www.rec-sec.com
...
git-svn-id: file:///home/svn/framework3/trunk@6578 4d416f70-5f16-0410-b530-b9f4589650da
2009-05-24 15:06:12 +00:00
HD Moore
1eddbbf332
More references from Steve Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@6551 4d416f70-5f16-0410-b530-b9f4589650da
2009-05-14 19:56:07 +00:00
HD Moore
9d8581a17e
More osvdb references from Steve Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@6550 4d416f70-5f16-0410-b530-b9f4589650da
2009-05-13 17:39:42 +00:00
HD Moore
0981295879
More osvdb references from Steve Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@6547 4d416f70-5f16-0410-b530-b9f4589650da
2009-05-12 19:56:54 +00:00
Mario Ceballos
89d0cb3954
added exploit module mswhale_checkforupdates.rb
...
git-svn-id: file:///home/svn/framework3/trunk@6486 4d416f70-5f16-0410-b530-b9f4589650da
2009-04-15 21:38:50 +00:00
kris
37c2e301ed
replacing defunct framework URL in header comments in most modules and pcap_log
...
git-svn-id: file:///home/svn/framework3/trunk@6479 4d416f70-5f16-0410-b530-b9f4589650da
2009-04-13 14:33:26 +00:00
Mario Ceballos
3c54e15590
added exploit module sapgui_saveviewtosessionfile.rb
...
git-svn-id: file:///home/svn/framework3/trunk@6455 4d416f70-5f16-0410-b530-b9f4589650da
2009-04-02 20:43:06 +00:00
natron
8d7c6d6367
Browser version of jbig2decode
...
git-svn-id: file:///home/svn/framework3/trunk@6451 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-31 14:58:37 +00:00
HD Moore
9d2382f5f5
Adds the PDF geticon modules from jduck
...
git-svn-id: file:///home/svn/framework3/trunk@6409 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-28 07:40:29 +00:00
HD Moore
eccfcdfced
Sets svn keywords on modules missing it, tweaks the emailer module
...
git-svn-id: file:///home/svn/framework3/trunk@6407 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-28 06:03:35 +00:00
HD Moore
a5125c6c87
Update the module description
...
git-svn-id: file:///home/svn/framework3/trunk@6404 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-28 05:52:40 +00:00
Mario Ceballos
a036178737
added exploit module orbit_connecting.rb
...
git-svn-id: file:///home/svn/framework3/trunk@6348 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-17 01:24:16 +00:00
kris
804ff61df6
big svn:keywords run
...
git-svn-id: file:///home/svn/framework3/trunk@6345 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-15 18:12:33 +00:00
Patrick Webster
2df5dc3204
Added exploit module ebook_flipviewer_fviewerloading from LSO.
...
git-svn-id: file:///home/svn/framework3/trunk@6281 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-02 23:14:54 +00:00
natron
b6731747c4
added ie_unsafe_scripting exploit module
...
git-svn-id: file:///home/svn/framework3/trunk@6260 4d416f70-5f16-0410-b530-b9f4589650da
2009-02-27 22:35:50 +00:00
cg
8fe4bf88b9
MS09-002 coverage by dean
...
git-svn-id: file:///home/svn/framework3/trunk@6238 4d416f70-5f16-0410-b530-b9f4589650da
2009-02-20 17:46:52 +00:00
Mario Ceballos
7ef0ddeec5
added exploit module symantec_appstream_unsafe.rb
...
git-svn-id: file:///home/svn/framework3/trunk@6162 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-18 02:19:26 +00:00
Mario Ceballos
430d7cb424
fixed BID number.
...
git-svn-id: file:///home/svn/framework3/trunk@6145 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-13 14:41:14 +00:00
Mario Ceballos
bc1f2da254
added exploit module winzip_fileview.rb from dean.
...
git-svn-id: file:///home/svn/framework3/trunk@6144 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-13 14:04:53 +00:00
Mario Ceballos
3ee6eaede8
added exploit module nis2004_antispam.rb that makes use of egypts newly added heap spray stuff.
...
git-svn-id: file:///home/svn/framework3/trunk@6109 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-10 14:00:49 +00:00
Mario Ceballos
fa950d64ef
updated with the authors email address.
...
git-svn-id: file:///home/svn/framework3/trunk@6076 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-05 13:09:18 +00:00
Mario Ceballos
33940517c5
added exploit modules ca_brightstor_addcolumn.rb and verypdf_pdfview.rb from dean.
...
git-svn-id: file:///home/svn/framework3/trunk@6073 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-04 21:51:04 +00:00
HD Moore
45c08a9011
Fallback to heap spray if the .NET DLL does not load
...
git-svn-id: file:///home/svn/framework3/trunk@6015 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-17 04:19:54 +00:00
Mario Ceballos
aa53df6535
add exploit module adobe_utilprintf.rb, browser based.
...
git-svn-id: file:///home/svn/framework3/trunk@6014 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-15 15:44:02 +00:00
HD Moore
5822ab75a7
Adds an exploit module (universal) for the new internet explorer xml bug. This module shows off the .NET memory techniques discovered by Alexander Sotirov and Mark Dowd. This code should bypass DEP, ASLR, and NX :-)
...
git-svn-id: file:///home/svn/framework3/trunk@6012 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-12 01:45:00 +00:00
Ramon de C Valle
c66d6c4e46
Set property 'svn:keywords'
...
git-svn-id: file:///home/svn/framework3/trunk@5783 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-23 02:43:21 +00:00
Ramon de C Valle
f124597a56
Code cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@5773 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-19 21:03:39 +00:00
Mario Ceballos
3de5bab19b
added exploit module zenturiprogramchecker_unsafe.rb
...
git-svn-id: file:///home/svn/framework3/trunk@5769 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-19 13:15:53 +00:00
Mario Ceballos
fd95f81cd6
added exploit module systemrequirementslab_unsafe.rb
...
git-svn-id: file:///home/svn/framework3/trunk@5754 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-14 19:19:39 +00:00
Mario Ceballos
b508358132
added exploit modules lpviewer_url.rb and softartisans_getdrivename.rb
...
git-svn-id: file:///home/svn/framework3/trunk@5750 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-14 13:41:52 +00:00
HD Moore
a7a7da9e28
Newer mercury module, more reliable using 0x0c0c0c0c return
...
git-svn-id: file:///home/svn/framework3/trunk@5742 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-12 17:11:14 +00:00
Mario Ceballos
6ad1a82101
fixed tabbing.
...
git-svn-id: file:///home/svn/framework3/trunk@5710 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-02 15:48:25 +00:00
HD Moore
fd256ec4a1
This massive commit changes the metasploit 3 module format. The new syntax allows for greater scalability and future improvements to the metasploit module loader. This change also makes it easier for users to add new modules, since the class name no longer needs to match the directory structure.
...
git-svn-id: file:///home/svn/framework3/trunk@5709 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-02 05:23:59 +00:00
Mario Ceballos
67a25b6ce8
added exploit modules ms08_053_mediaencoder.rb, macrovision_unsafe.rb and
...
ms08_041_snapshotviewer.rb
git-svn-id: file:///home/svn/framework3/trunk@5707 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-01 22:40:57 +00:00
James Lee
a212bfba99
fix PrepenEncoder typo, replace it with 'StackAdjustment' => -3500
...
git-svn-id: file:///home/svn/framework3/trunk@5613 4d416f70-5f16-0410-b530-b9f4589650da
2008-08-01 20:04:42 +00:00
James Lee
a97dbb0106
fix missing semicolon in js
...
git-svn-id: file:///home/svn/framework3/trunk@5612 4d416f70-5f16-0410-b530-b9f4589650da
2008-08-01 02:48:32 +00:00
Mario Ceballos
ee0f6ed5cc
module update from Elazar Broad.
...
git-svn-id: file:///home/svn/framework3/trunk@5606 4d416f70-5f16-0410-b530-b9f4589650da
2008-07-27 11:23:42 +00:00
James Lee
894606aab4
bug fix in javascript
...
git-svn-id: file:///home/svn/framework3/trunk@5570 4d416f70-5f16-0410-b530-b9f4589650da
2008-07-23 00:55:21 +00:00
James Lee
d9331e8754
Make browser exploits identify themselves for use with browser_autopwn
...
git-svn-id: file:///home/svn/framework3/trunk@5551 4d416f70-5f16-0410-b530-b9f4589650da
2008-07-13 01:36:27 +00:00
James Lee
8800372e46
initial commit of browser_autopwn;
...
revamp php payloads;
socks5 for IPv6 (untested)
git-svn-id: file:///home/svn/framework3/trunk@5546 4d416f70-5f16-0410-b530-b9f4589650da
2008-07-01 01:44:56 +00:00
Mario Ceballos
13859c23d9
added exploit module novelliprint_getdriversettings.rb.
...
git-svn-id: file:///home/svn/framework3/trunk@5533 4d416f70-5f16-0410-b530-b9f4589650da
2008-06-19 00:06:18 +00:00
Mario Ceballos
8e7ac6c9ac
added exploit module creative_software_cachefolder.rb
...
git-svn-id: file:///home/svn/framework3/trunk@5531 4d416f70-5f16-0410-b530-b9f4589650da
2008-06-17 15:11:17 +00:00
James Lee
899973b7ea
Send 404 when we can't exploit a mozilla browser so client doesn't hang.
...
git-svn-id: file:///home/svn/framework3/trunk@5497 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-26 18:10:41 +00:00
James Lee
faa5f7c967
randomize_space
...
git-svn-id: file:///home/svn/framework3/trunk@5496 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-25 05:29:29 +00:00
HD Moore
82330fff7e
Importing two new wireless DoS modules, setting svn:keywords flags where needed.
...
git-svn-id: file:///home/svn/framework3/trunk@5482 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-21 05:27:06 +00:00
Patrick Webster
ade70d182c
Added tumbleweed_filetransfer module.
...
git-svn-id: file:///home/svn/framework3/trunk@5470 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-07 07:57:10 +00:00
Mario Ceballos
d41a814ed5
added exploit modules mysql_yassl(win32/linux) and realplayer_console from EB.
...
git-svn-id: file:///home/svn/framework3/trunk@5463 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-01 11:22:32 +00:00
Mario Ceballos
3e81678f93
added exploit modules winamp_ultravox.rb and
...
novelliprint_executerequest.rb.
git-svn-id: file:///home/svn/framework3/trunk@5423 4d416f70-5f16-0410-b530-b9f4589650da
2008-03-01 17:20:24 +00:00
Mario Ceballos
845af72226
New exploit module from EB.
...
git-svn-id: file:///home/svn/framework3/trunk@5422 4d416f70-5f16-0410-b530-b9f4589650da
2008-03-01 02:02:34 +00:00
HD Moore
6a3ccc2955
Fixes for the JS try/catch from EB.
...
git-svn-id: file:///home/svn/framework3/trunk@5420 4d416f70-5f16-0410-b530-b9f4589650da
2008-02-20 16:45:03 +00:00
HD Moore
93d390e2da
Replacement module (more reliable) from EB
...
git-svn-id: file:///home/svn/framework3/trunk@5416 4d416f70-5f16-0410-b530-b9f4589650da
2008-02-14 16:15:20 +00:00
HD Moore
2dfb607b49
New exploit module from EB and MC
...
git-svn-id: file:///home/svn/framework3/trunk@5410 4d416f70-5f16-0410-b530-b9f4589650da
2008-02-11 02:28:03 +00:00
Mario Ceballos
f4708d774f
added exploit modules wincomlpd_admin.rb and facebook_extractiptc.rb.
...
git-svn-id: file:///home/svn/framework3/trunk@5399 4d416f70-5f16-0410-b530-b9f4589650da
2008-02-07 23:08:14 +00:00
HD Moore
9b6b0990b1
Correct the cve reference format
...
git-svn-id: file:///home/svn/framework3/trunk@5364 4d416f70-5f16-0410-b530-b9f4589650da
2008-01-27 02:13:54 +00:00
Mario Ceballos
5eda38fa5f
IE6...
...
git-svn-id: file:///home/svn/framework3/trunk@5225 4d416f70-5f16-0410-b530-b9f4589650da
2007-12-27 01:29:04 +00:00
Mario Ceballos
29569b6689
added exploit module hploadrunner.rb.
...
git-svn-id: file:///home/svn/framework3/trunk@5224 4d416f70-5f16-0410-b530-b9f4589650da
2007-12-27 00:34:33 +00:00
Mario Ceballos
c09840e49e
added exploit module macrovision_downloadandexecute.rb
...
git-svn-id: file:///home/svn/framework3/trunk@5223 4d416f70-5f16-0410-b530-b9f4589650da
2007-12-26 12:17:05 +00:00
Mario Ceballos
f2103a4a93
added exploit module realplayer_import.rb
...
git-svn-id: file:///home/svn/framework3/trunk@5213 4d416f70-5f16-0410-b530-b9f4589650da
2007-12-02 17:58:44 +00:00
Mario Ceballos
a985158a88
added exploit module sonicwall_addrouteentry.rb
...
git-svn-id: file:///home/svn/framework3/trunk@5191 4d416f70-5f16-0410-b530-b9f4589650da
2007-11-01 23:15:34 +00:00
Mario Ceballos
e2835eec60
added exploit module gom_openurl.rb
...
git-svn-id: file:///home/svn/framework3/trunk@5189 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-30 21:48:56 +00:00
HD Moore
599aaff600
Correct the module title
...
git-svn-id: file:///home/svn/framework3/trunk@5183 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-24 16:07:08 +00:00
HD Moore
a7626884f6
New module from Trirat Puttaraksa
...
git-svn-id: file:///home/svn/framework3/trunk@5182 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-24 13:56:18 +00:00
Mario Ceballos
66bd69097c
added exploit module kazaa_altnet_heap.rb
...
git-svn-id: file:///home/svn/framework3/trunk@5135 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-03 16:09:53 +00:00
Mario Ceballos
eb88fb1875
added exploit module yahoomessenger_fvcom.rb
...
git-svn-id: file:///home/svn/framework3/trunk@5129 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-01 10:58:50 +00:00
Mario Ceballos
c4868b4cb3
added exploit module ask_shortformat.rb.
...
git-svn-id: file:///home/svn/framework3/trunk@5120 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-25 02:02:56 +00:00
HD Moore
04c6dbc748
Updated svn:keywords
...
git-svn-id: file:///home/svn/framework3/trunk@5100 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-10 01:01:20 +00:00
Mario Ceballos
8dcba76799
added exploit module trendmicro_officescan.rb
...
git-svn-id: file:///home/svn/framework3/trunk@5083 4d416f70-5f16-0410-b530-b9f4589650da
2007-08-31 11:58:31 +00:00
Mario Ceballos
6deb8a18a4
added module enjoysapgui_preparetoposthtml.rb
...
git-svn-id: file:///home/svn/framework3/trunk@5058 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-18 21:49:44 +00:00
Mario Ceballos
c46cb1e466
updated ref.
...
git-svn-id: file:///home/svn/framework3/trunk@5038 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-08 02:31:17 +00:00
Mario Ceballos
7488351910
added exploit module mcafeevisualtrace_tracetarget.rb
...
git-svn-id: file:///home/svn/framework3/trunk@5037 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-08 02:24:22 +00:00
Mario Ceballos
91f65449aa
added exploit modules logitechvideocall_start.rb and
...
trendmicro_serverprotect_earthagent.rb
git-svn-id: file:///home/svn/framework3/trunk@5010 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-01 16:04:22 +00:00
Matt Miller
c844826266
use exploit base class method
...
git-svn-id: file:///home/svn/framework3/trunk@5007 4d416f70-5f16-0410-b530-b9f4589650da
2007-06-29 00:29:53 +00:00
HD Moore
2fc2baab0b
Brand new ANI module from Solar Eclipse
...
git-svn-id: file:///home/svn/framework3/trunk@4996 4d416f70-5f16-0410-b530-b9f4589650da
2007-06-18 03:00:08 +00:00
Mario Ceballos
04f35ada87
added exploit module yahoomessenger_server.rb (SEH)
...
git-svn-id: file:///home/svn/framework3/trunk@4982 4d416f70-5f16-0410-b530-b9f4589650da
2007-06-07 21:32:23 +00:00
HD Moore
26ccc3be69
Adds the first version of the new samba module. Adds keywords to MC's new modules.
...
git-svn-id: file:///home/svn/framework3/trunk@4953 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-21 20:51:13 +00:00
Mario Ceballos
b47efb9d4b
added exploit module nis2004_get.rb
...
git-svn-id: file:///home/svn/framework3/trunk@4928 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-18 04:19:21 +00:00
Mario Ceballos
00ea0f9932
added exploit module bearshare_setformatlikesample.rb
...
git-svn-id: file:///home/svn/framework3/trunk@4916 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-16 15:12:22 +00:00
HD Moore
d95a0d8d90
Updated svn:keywords, merging minor changes
...
git-svn-id: file:///home/svn/framework3/trunk@4886 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-07 04:48:45 +00:00
HD Moore
df60900e34
Remove a duplicate target (thanks Ramon)
...
git-svn-id: file:///home/svn/framework3/trunk@4845 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-03 03:14:22 +00:00
HD Moore
7d7f244bf6
Fixes #87 . Adds new targets to the ANI exploits, fixes Vista target for OE
...
git-svn-id: file:///home/svn/framework3/trunk@4795 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-28 18:32:36 +00:00
Mario Ceballos
e39dd847b9
fixed description.
...
git-svn-id: file:///home/svn/framework3/trunk@4714 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-20 14:52:14 +00:00
Matt Miller
e0b8f5cb9e
browser exploits auto inherit check dep and autofilter now
...
git-svn-id: file:///home/svn/framework3/trunk@4670 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-13 04:15:38 +00:00
Mario Ceballos
2f365ca59b
added exploit module windvd7_applicationtype.rb
...
git-svn-id: file:///home/svn/framework3/trunk@4663 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-11 23:00:09 +00:00
Mario Ceballos
53a1d7e988
added exploit module hpmqc_progcolor.rb
...
git-svn-id: file:///home/svn/framework3/trunk@4661 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-06 20:37:30 +00:00
HD Moore
f60785b2f5
Adds a target for French SP2
...
git-svn-id: file:///home/svn/framework3/trunk@4658 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-06 04:48:41 +00:00
HD Moore
0c8f9e96b5
Consistent use of handler(cli) after the payload is sent to the user
...
git-svn-id: file:///home/svn/framework3/trunk@4645 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-04 04:34:17 +00:00
Matt Miller
a319b8e582
got rid of duplicated code in browser exploits, fixes #71
...
git-svn-id: file:///home/svn/framework3/trunk@4642 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-04 02:04:37 +00:00
Matt Miller
317f95d4a2
use the correct payload
...
git-svn-id: file:///home/svn/framework3/trunk@4640 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-03 07:50:02 +00:00
Matt Miller
ddf9c8bac1
correct disclosure date
...
git-svn-id: file:///home/svn/framework3/trunk@4639 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-03 07:49:27 +00:00
Matt Miller
ed030e4807
correct disclosure date
...
git-svn-id: file:///home/svn/framework3/trunk@4638 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-03 07:48:58 +00:00
Matt Miller
4abe720796
correct disclosure date
...
git-svn-id: file:///home/svn/framework3/trunk@4637 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-03 07:48:07 +00:00
Matt Miller
b74311c71d
initial integration of alex's heaplib, and a port of the keyframe exploit
...
git-svn-id: file:///home/svn/framework3/trunk@4635 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-03 07:35:54 +00:00
HD Moore
080300605a
Fix KCODE in Rails (msfweb). Revert ANI exploits back after resolving the issue
...
git-svn-id: file:///home/svn/framework3/trunk@4633 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-03 04:10:09 +00:00
HD Moore
e39233c32b
Switch to a 40 byte block of null ptrs for the padding, required for reliability on XP
...
git-svn-id: file:///home/svn/framework3/trunk@4631 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-03 02:59:26 +00:00
HD Moore
4e1a79ada4
Merged in a patch from Matt for fixing Vista support
...
git-svn-id: file:///home/svn/framework3/trunk@4627 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-02 21:38:20 +00:00
HD Moore
97db1f3fd7
Two quick fixes
...
git-svn-id: file:///home/svn/framework3/trunk@4625 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-02 07:04:22 +00:00
Matt Miller
97b6cf3636
here we go
...
git-svn-id: file:///home/svn/framework3/trunk@4613 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-02 05:51:22 +00:00
HD Moore
7e23cef93c
Removed the extraneous sub esp, changed payload space to be 1024 on the http version
...
git-svn-id: file:///home/svn/framework3/trunk@4611 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-02 05:46:10 +00:00
HD Moore
b2ff98b4e9
Fixed the copy-to-stack stub, should work great now
...
git-svn-id: file:///home/svn/framework3/trunk@4610 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-02 05:42:27 +00:00
HD Moore
ac19614bb3
This adds the stack copy prefixer to the ANI code
...
git-svn-id: file:///home/svn/framework3/trunk@4609 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-02 05:27:41 +00:00
HD Moore
b16fc9fd53
Minor updates for targetting
...
git-svn-id: file:///home/svn/framework3/trunk@4606 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-02 03:10:01 +00:00
Matt Miller
aba1959d44
tab vs. space :)
...
git-svn-id: file:///home/svn/framework3/trunk@4605 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 22:24:42 +00:00
Matt Miller
f9d8c4e820
modifications to support using an explicit target to regen payloads
...
git-svn-id: file:///home/svn/framework3/trunk@4602 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 21:21:10 +00:00
HD Moore
0c263cf036
Woops, forgot to change all references to the 'All Target's item
...
git-svn-id: file:///home/svn/framework3/trunk@4601 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 21:10:15 +00:00
HD Moore
775d8bc95b
Automatic target detection based on the user agent
...
git-svn-id: file:///home/svn/framework3/trunk@4600 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 21:05:05 +00:00
Matt Miller
f0fcedf728
raw encoder type wasn't being enforced
...
git-svn-id: file:///home/svn/framework3/trunk@4599 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 21:00:51 +00:00
Matt Miller
6cfab21bcb
fixes for Vista, brute forcing
...
git-svn-id: file:///home/svn/framework3/trunk@4598 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 20:33:35 +00:00
HD Moore
86f4bfd514
This module should be ready for the stable tree...
...
git-svn-id: file:///home/svn/framework3/trunk@4597 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 19:00:32 +00:00
HD Moore
24ba17aceb
This module now defaults to using all targets at once :-)
...
git-svn-id: file:///home/svn/framework3/trunk@4596 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 18:25:14 +00:00
HD Moore
e707423987
Too early this morning...
...
git-svn-id: file:///home/svn/framework3/trunk@4595 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 18:02:22 +00:00
HD Moore
3a8d90bb62
Woops, introduced a typo
...
git-svn-id: file:///home/svn/framework3/trunk@4594 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 18:01:58 +00:00
HD Moore
0cc8db610b
Merged in skape's Vista support, cleaned things up
...
git-svn-id: file:///home/svn/framework3/trunk@4593 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 17:58:12 +00:00
HD Moore
3858b33e9c
Comitting with a slightly better name and more information
...
git-svn-id: file:///home/svn/framework3/trunk@4592 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-31 15:26:23 +00:00
HD Moore
473c2c98f9
Rename 1
...
git-svn-id: file:///home/svn/framework3/trunk@4591 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-31 15:25:55 +00:00
HD Moore
f8cdcb8ac8
This adds support for the new ANI exploit module and updates the apple/realplayer modules to include the proper svn:keywords
...
git-svn-id: file:///home/svn/framework3/trunk@4588 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-31 05:29:37 +00:00
Matt Miller
d42194e14a
updated modules to use base class rand_xxx methods
...
git-svn-id: file:///home/svn/framework3/trunk@4498 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-01 08:21:36 +00:00
HD Moore
abbeb2e87e
Adding an Id tag and a standard header to all modules
...
git-svn-id: file:///home/svn/framework3/trunk@4419 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-18 00:10:39 +00:00
HD Moore
e67f32c9e5
slightly less stupidity (thanks solar!)
...
git-svn-id: file:///home/svn/framework3/trunk@4360 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-11 22:37:44 +00:00
HD Moore
a0c125e118
A new port of my 2.x createobject exploit
...
git-svn-id: file:///home/svn/framework3/trunk@4345 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-10 19:41:54 +00:00
Mario Ceballos
fe2b668918
added exploit module realplayer_smil.rb.
...
git-svn-id: file:///home/svn/framework3/trunk@4311 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-03 13:10:31 +00:00
Mario Ceballos
4678cfc7b8
added exploit module apple_itunes_playlist.rb.
...
git-svn-id: file:///home/svn/framework3/trunk@4310 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-03 13:09:45 +00:00
HD Moore
b278bef22d
Reference updates
...
git-svn-id: file:///home/svn/framework3/trunk@4266 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-05 14:44:09 +00:00
Mario Ceballos
2f5d44b91a
added exploit module apple_quicktime_rtsp.rb
...
git-svn-id: file:///home/svn/framework3/trunk@4250 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-02 17:51:43 +00:00
HD Moore
b2fbf8eb54
Addition of the isComponentInstalled() exploit and updates to the createTextRange() module
...
git-svn-id: file:///home/svn/framework3/trunk@4218 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-17 08:03:43 +00:00
HD Moore
a8776d85df
Renamed to match the new MSB number
...
git-svn-id: file:///home/svn/framework3/trunk@4209 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-17 02:37:45 +00:00
HD Moore
6fef5abeda
Resolve a crash bug in the send_response_html() method
...
Add the MS06_013 CreateTextRange() exploit
git-svn-id: file:///home/svn/framework3/trunk@4208 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-17 02:34:27 +00:00
HD Moore
ea204ee0ff
API change for the HTML mixin, the send_response method is no longer overloaded, instead exploits must call send_response_html to enable HTML evasion. The old method caused problems when a exploit needed HTML and non-HTML response capabilities
...
git-svn-id: file:///home/svn/framework3/trunk@4173 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-10 03:26:53 +00:00
HD Moore
206683eebd
Changed Html to HTML
...
git-svn-id: file:///home/svn/framework3/trunk@4169 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-10 02:55:02 +00:00
HD Moore
810f80612b
Reference updates
...
git-svn-id: file:///home/svn/framework3/trunk@4154 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-28 17:18:43 +00:00
Mario Ceballos
55e0b973b1
removed XPSP1 target in xmplay_asx.rb and replaced it with an XPSP2
...
target.
git-svn-id: file:///home/svn/framework3/trunk@4152 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-26 20:00:08 +00:00
Mario Ceballos
296144fa9c
added exploit module xmplay_asx.rb
...
git-svn-id: file:///home/svn/framework3/trunk@4151 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-24 01:12:05 +00:00
Mario Ceballos
e659032c35
added exploit module mirc_irc_url.rb
...
git-svn-id: file:///home/svn/framework3/trunk@4104 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-03 19:35:42 +00:00
HD Moore
634fbd3205
Evasion and bug fixes
...
git-svn-id: file:///home/svn/framework3/trunk@3979 4d416f70-5f16-0410-b530-b9f4589650da
2006-09-27 04:06:33 +00:00
HD Moore
f2ed69b991
User-Agent detection for VML exploit.
...
Randomization for the setSlice() exploit
git-svn-id: file:///home/svn/framework3/trunk@3978 4d416f70-5f16-0410-b530-b9f4589650da
2006-09-27 04:01:22 +00:00
HD Moore
432337a331
Exploit module for the new VML fill method.
...
git-svn-id: file:///home/svn/framework3/trunk@3977 4d416f70-5f16-0410-b530-b9f4589650da
2006-09-27 03:52:54 +00:00
HD Moore
c3876b6dd6
Updates for the autopwn stuff...
...
git-svn-id: file:///home/svn/framework3/trunk@3906 4d416f70-5f16-0410-b530-b9f4589650da
2006-09-17 08:00:37 +00:00
Matt Miller
a230c3f800
credit
...
git-svn-id: file:///home/svn/framework3/trunk@3831 4d416f70-5f16-0410-b530-b9f4589650da
2006-08-14 09:00:50 +00:00
Matt Miller
a724d42aa0
added mcafee mcsubmgr exploit, added functional avoid utf8 encoder
...
git-svn-id: file:///home/svn/framework3/trunk@3830 4d416f70-5f16-0410-b530-b9f4589650da
2006-08-14 08:55:37 +00:00
HD Moore
13260cc003
Minor changes, LSASS still broked
...
git-svn-id: file:///home/svn/framework3/trunk@3805 4d416f70-5f16-0410-b530-b9f4589650da
2006-08-05 18:18:27 +00:00
HD Moore
8cc12d1a3d
StackAdjustment added to most exploits, PNP tweaked
...
git-svn-id: file:///home/svn/framework3/trunk@3783 4d416f70-5f16-0410-b530-b9f4589650da
2006-07-31 02:01:14 +00:00
HD Moore
817c4c189f
Timeouts added for handlers
...
git-svn-id: file:///home/svn/framework3/trunk@3773 4d416f70-5f16-0410-b530-b9f4589650da
2006-07-29 22:37:39 +00:00
HD Moore
1a54cc810a
Fixed numerous issues involving smb/dcerpc interaction
...
Fixed 'bad' use of method definition (space after method name, will be depreciated soon)
git-svn-id: file:///home/svn/incoming/trunk@3626 4d416f70-5f16-0410-b530-b9f4589650da
2006-04-30 19:49:27 +00:00
bmc
d7e2e99cef
* display something when the exploit is sent so the user has some indication of status
...
git-svn-id: file:///home/svn/incoming/trunk@3499 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-03 19:57:28 +00:00
bmc
fe608d1676
general cleanups
...
add space evasions to the playlist
git-svn-id: file:///home/svn/incoming/trunk@3495 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-03 18:28:13 +00:00
HD Moore
83be4703d6
modules/
...
git-svn-id: file:///home/svn/incoming/trunk@3493 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-02 20:43:55 +00:00
HD Moore
3a69fe2fae
More features
...
git-svn-id: file:///home/svn/incoming/trunk@3492 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-02 05:54:06 +00:00
bmc
7f270f55b0
its really an html exploit...
...
git-svn-id: file:///home/svn/incoming/trunk@3484 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-30 22:12:17 +00:00
HD Moore
7ee4d05bec
Woo, neat krad winamp exploit :)
...
git-svn-id: file:///home/svn/incoming/trunk@3479 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-30 19:28:19 +00:00
HD Moore
c1b9129bca
A couple more assertions in the tcp_server test suite.
...
Added template for the winamp pls overflow (unc computer name)
git-svn-id: file:///home/svn/incoming/trunk@3474 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-30 17:25:44 +00:00
bmc
f1e0f7bcc9
* use zlib
...
git-svn-id: file:///home/svn/incoming/trunk@3460 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 22:06:06 +00:00
bmc
9996207faf
* make me an HTML exploit
...
git-svn-id: file:///home/svn/incoming/trunk@3459 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 22:04:28 +00:00
HD Moore
1bffccf605
New licensing terms, revision bump to v3
...
git-svn-id: file:///home/svn/incoming/trunk@3425 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-21 22:10:20 +00:00
Matt Miller
2e19a86843
added license to all modules
...
git-svn-id: file:///home/svn/incoming/trunk@3377 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-16 02:59:47 +00:00
HD Moore
3783e27fc7
Fixed handler/disconnect order in FTP, fixes to metafile
...
git-svn-id: file:///home/svn/incoming/trunk@3348 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-08 14:27:59 +00:00
HD Moore
4148a17b19
Committed new name
...
git-svn-id: file:///home/svn/incoming/trunk@3312 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-05 22:48:19 +00:00
HD Moore
5550a72d1f
rename, tweak
...
git-svn-id: file:///home/svn/incoming/trunk@3311 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-05 22:27:52 +00:00
HD Moore
8049b32cbc
Patches from <anon>
...
git-svn-id: file:///home/svn/incoming/trunk@3310 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-05 22:20:28 +00:00
HD Moore
46a1ce0721
More tweaks
...
git-svn-id: file:///home/svn/incoming/trunk@3308 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-05 03:56:20 +00:00
Matt Miller
e63ba080a8
added support for use_gzip
...
git-svn-id: file:///home/svn/incoming/trunk@3303 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-03 04:24:03 +00:00
HD Moore
9452249c09
Updated
...
git-svn-id: file:///home/svn/incoming/trunk@3301 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-03 04:06:03 +00:00
HD Moore
96d4591b87
Updates to httpserver mixin, gzip encoding added to text, bugfix to wordstar, added metafile exploit, will rename and make it nice later
...
git-svn-id: file:///home/svn/incoming/trunk@3299 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-02 07:49:52 +00:00
Matt Miller
76549787e5
fix response for 404
...
git-svn-id: file:///home/svn/incoming/trunk@3298 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-02 04:07:28 +00:00
HD Moore
0902ca6962
Reorganization, adding asn1, pnp, and msmq.
...
git-svn-id: file:///home/svn/incoming/trunk@3113 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-26 02:33:39 +00:00