Commit Graph

225 Commits (4533c86a4f88b3c9da1d05b0057ffde1fb1ba3aa)

Author SHA1 Message Date
Brent Cook 163d61e9e1
Land #10984, don't examine a nil object in ms15_034_ulonglongadd 2018-11-20 06:39:46 -08:00
William Vu b42af6cd96
Land #10728, metadata updates for @rastating 2018-10-02 11:46:30 -07:00
William Vu 2ee6a49a27
Land #10649, https://seclists.org references 2018-09-17 15:09:39 -07:00
William Vu ec9cedf4fc
Land #10536, https:// reference check for msftidy 2018-08-29 09:18:46 -07:00
William Vu e1097f7e38
Land #10120, npm "marked" ReDoS module 2018-08-16 13:43:26 -07:00
Wei Chen 465dceb182
Land #10299, Add 88 CVEs to various auxiliary and exploit modules 2018-07-12 16:28:05 -07:00
Brent Cook 679378d025
Land #10156, WebKit, as used in WebKitGTK+ Crash - CVE-2018-11646 2018-06-21 14:33:05 -07:00
Aaron Soto c8ff6cb5a4
Land #9701, Flexense HTTP Server DoS exploit 2018-06-01 07:03:22 -07:00
Brent Cook c5e231cfbf
Land #9686, add ipv6 to slowloris, rhost to non-scanner modules 2018-03-13 13:33:28 -07:00
Brent Cook ec12d61702
Land #9354, Debut embedded httpd server (Brother printers) DoS 2018-02-02 11:31:59 -06:00
Brent Cook a8b845fff9
Land #9283, Add node.js ws websocket library DoS module 2017-12-20 14:20:42 -06:00
Nicholas Starke dd5532c5de Addressing Formatting Issues
There were several formatting and layout issues
that are fixed in this commit.  Also changing
`RHOSTS` to `RHOST`.
2017-12-13 14:26:27 -06:00
Nicholas Starke 2d23054a1f Changes as per comments
A few things were changed as per the PR comments:
1) The module title was reworded
2) The module description was multi-lined
3) Negative logic was rewritten to use 'unless'
4) Strings which did not require interpolation were rewritten
5) Documentation markdown was added.
2017-12-11 14:11:40 -06:00
Ryan Knell c5f218c84c Addressing comments
1. Updated documentation
2. Made the Sec-WebSocket-Key header a random value
2017-12-11 11:49:31 -05:00
Nicholas Starke 306c5d20d9 Adding ua_parser_js ReDoS Module
"ua-parser-js" is an npm module for parsing browser
user-agent strings.  Vulnerable version of this module
have a problematic regular expression that can be exploited
to cause the entire application processing thread to "pause"
as it tries to apply the regular expression to the input.
This is problematic for single-threaded application environments
such as nodejs.  The end result is a denial of service
condition for vulnerable applications, where no further
requests can be processed.
2017-12-07 10:25:29 -06:00
Ryan Knell c992837f0d Adding ws DoS module
This module verifies if ws is vulnerable
to DoS by sending a request to the server
containing a specific header value.
ws is a npm module which handles websockets.
2017-12-07 10:45:57 -05:00
Matthew Kienow 785e5944d6
Enhanced slowloris HTTP headers and minor cleanup 2017-11-21 18:19:20 -05:00
Matthew Kienow b6c81e6da0
Reimplement slowloris as external module 2017-11-21 16:21:01 -05:00
Daniel Teixeira db2bd22d86
Update slow_loris.rb 2017-11-21 15:49:45 -05:00
Matthew Kienow e07fe77a69
Close sockets to resolve file handle error 2017-11-21 15:49:45 -05:00
Daniel Teixeira 52f56527d8
Update slow_loris.rb 2017-11-21 15:49:45 -05:00
Daniel Teixeira 74becb69e8
Update slow_loris.rb 2017-11-21 15:49:45 -05:00
Daniel Teixeira b7bc68c843
Update slow_loris.rb 2017-11-21 15:49:44 -05:00
Daniel Teixeira 53123d92e2
Update slow_loris.rb 2017-11-21 15:49:44 -05:00
Daniel Teixeira 21a6d0bd6e
Update slow_loris.rb 2017-11-21 15:49:44 -05:00
Daniel Teixeira 60878215e0
Update slow_loris.rb 2017-11-21 15:49:43 -05:00
Daniel Teixeira 9457359b11
Update slow_loris.rb 2017-11-21 15:49:43 -05:00
Daniel Teixeira 29017b8926
Update slow_loris.rb 2017-11-21 15:49:43 -05:00
Daniel Teixeira f79b41edde
Slow Loris 2017-11-21 15:48:11 -05:00
Patrick Webster 2f6da89674 Change author name to nick. 2017-11-09 03:00:24 +11:00
RootUp 88db98c381
Update ibm_lotus_notes2.rb 2017-11-06 20:45:50 +05:30
Pearce Barry 77c13286e0
Ensure closing script tag has necessary escape. 2017-11-05 13:41:29 -06:00
RootUp 9c16da9c98
Update ibm_lotus_notes2.rb 2017-10-28 18:53:15 +05:30
RootUp 80aba7264c Update ibm_lotus_notes2.rb 2017-10-25 10:33:25 +05:30
RootUp 2b85eb17dd Create ibm_lotus_notes2.rb 2017-10-10 12:22:06 +05:30
Pearce Barry fd8b72ca66
Minor tweaks. 2017-10-09 17:02:24 -05:00
RootUp e4f79879ba Update and rename modules/auxiliary/dos/ibm_lotus_notes.rb to modules/auxiliary/dos/http/ibm_lotus_notes.rb 2017-09-23 18:27:50 +05:30
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
g0tmi1k ef826b3f2c OCD - print_good & print_error 2017-07-19 12:48:52 +01:00
g0tmi1k b8d80d87f1 Remove last newline after class - Make @wvu-r7 happy 2017-07-19 11:19:49 +01:00
g0tmi1k 3d4feffc62 OCD - Spaces & headings 2017-07-19 11:04:15 +01:00
g0tmi1k 4720d1a31e OCD fixes - Spaces 2017-07-14 08:46:59 +01:00
g0tmi1k fd843f364b Removed extra lines 2017-07-14 08:17:16 +01:00
Pearce Barry 80e91e9de2
Minor fixups. 2017-06-12 09:51:30 -05:00
Jeffrey Martin d68365d8df
store more specific credential wordpress_directory_traversal_dos 2017-05-31 18:55:35 -05:00
h00die 5698896672
Land #8323 wordpress pre4.6 dos 2017-05-29 07:59:43 -04:00
root 72a5142e37 Update directory traversal DoS module and docs 2017-05-29 00:30:23 +02:00
root 9b9d2f2345 Final version of configurable depth 2017-05-26 16:23:22 +02:00
root 33ddef9303 Add documentation, add configurable depth path 2017-05-26 16:14:03 +02:00
James Lee 4def7ce6cc
Land #8327, Simplify storing credentials 2017-05-18 16:49:01 -05:00