040a1af9c5
Delete useless ecnryption cookie detection, fix minor issues
2015-03-25 02:34:33 -04:00
ee17d6e606
Deleted spaces at EOL
2015-03-23 04:34:38 -04:00
2a0deaa6c8
Deleted default options and SYN scan
2015-03-23 04:31:08 -04:00
78be03623f
Fix indent warnings
2015-03-17 03:39:04 -04:00
34c30502fd
Add SSL/TLS support, fix minor errors, change default parameters
2015-03-17 02:49:11 -04:00
252557227d
Add F5 BigIP APM DoS module
2015-03-06 01:55:42 -05:00
0372b08d83
Fix mixin usage on modules
2015-02-13 17:17:59 -06:00
354e952841
fix msftidy warnings
2015-01-18 23:55:57 +01:00
6014ff8a31
fix msftidy warnings
2015-01-18 23:54:16 +01:00
a5f48b23df
Add use of Msf::ThreadManager
2015-01-07 17:27:06 +00:00
e90e98547b
Add configurable timeout to WordPress login
2015-01-07 17:06:31 +00:00
92015ac124
Replace custom login with wordpress_login mixin
2015-01-04 23:07:07 +00:00
39412c4a48
Add WordPress long password DoS module
2015-01-04 18:50:23 +00:00
35d3bbf74d
Fix up comment splats with the correct URI
...
See the complaint on #4039 . This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
f45b89503d
change WPVULNDBID to WPVDB
2014-10-03 17:13:18 +02:00
33b37727c7
Added wpvulndb links
2014-10-02 23:03:31 +02:00
a7be5b5164
Added fingerprinting
2014-08-07 18:12:58 +02:00
d6e60453d6
Added Wordpress XMLRPC DoS
2014-08-07 11:38:44 +02:00
8937fbb2f5
Fix email format
2014-07-11 12:45:23 -05:00
4103f2295b
Missing comma
2014-06-09 13:44:46 -05:00
0e14d77dba
Minor fixup on DTLS module
2014-06-09 13:42:30 -05:00
ed5d83a41b
Add vulnerability discoverer
2014-06-09 13:25:33 -05:00
daf662b3c0
Do minor cleanup
2014-06-09 13:23:56 -05:00
06e45e8253
Clean up TLS fragment building
2014-06-09 08:39:30 -07:00
a7a1a2bf3b
Move dtls_fragment_overflow.rb under ssl where it belongs
2014-06-07 12:56:34 -07:00
8637a1fff1
OpenSSL DTLS CVE-2014-0195 POC
2014-06-06 19:24:47 -07:00
4b5c62ba8d
Dress up CAPWAP DoS desc a little.
2014-05-28 12:19:17 -05:00
217a14e4d7
Land #3366 , @jholgui's module for CVE-2013-4074
2014-05-25 18:53:30 -05:00
33ba134147
Clean msftidy warnings and metadata
2014-05-25 18:52:01 -05:00
d3c17d8e3e
Delete wireshark_capwap_dos
2014-05-25 18:39:53 -05:00
9f166b87f6
Changed the description
2014-05-24 18:58:36 +01:00
71e2d19040
Adapted to auxiliary modules structure
2014-05-24 18:53:10 +01:00
21cf0a162c
Added module to crash capwap dissector in wireshark tool
2014-05-17 11:31:43 +01:00
dc57e31be1
Aux modules don't respect Rank anyway
2014-05-14 15:03:10 -05:00
3072c2f08a
Update CVEs for RootedCon Yokogawa modules
...
Noticed they were nicely documented at
http://chemical-facility-security-news.blogspot.com/2014/03/ics-cert-publishes-yokogawa-advisory.html
We apparently never updated with CVE numbers.
2014-05-05 13:25:55 -05:00
7d801e3acc
Land #3200 , goodbye LORCON modules :(
2014-04-18 12:32:22 -05:00
062175128b
Update @Meatballs and @FireFart in authors.rb
2014-04-09 10:46:10 -05:00
17ddbccc34
Remove the broken lorcon module set
...
None of the lorcon / lorcon2 modules have been functional for a long
time, due to the lack of a "Lorcon" gem. It's unclear where it went.
I'm happy to include it and get these working again, but until someone
comes up with some functional code (hint: 'gem install' doesn't work) I
don't see any reason to keep shipping these.
Is there some trick people are doing to make these work? As far as I can
see, they are broken by default.
````
msf auxiliary(wifun) > show options
Module options (auxiliary/dos/wifi/wifun):
Name Current Setting Required Description
---- --------------- -------- -----------
CHANNEL 11 yes The initial channel
DRIVER autodetect yes The name of the wireless driver
for lorcon
INTERFACE wlan0 yes The name of the wireless
interface
msf auxiliary(wifun) > run
[*] The Lorcon2 module is not available: cannot load such file --
Lorcon2
[-] Auxiliary failed: RuntimeError Lorcon2 not available
[-] Call stack:
[-]
/home/todb/git/rapid7/metasploit-framework/lib/msf/core/exploit/lorcon2.rb:67:in
`open_wifi'
[-]
/home/todb/git/rapid7/metasploit-framework/modules/auxiliary/dos/wifi/wifun.rb:29:in
`run'
[*] Auxiliary module execution completed
````
2014-04-07 16:37:10 -05:00
170608e97b
Fix first chunk of msftidy "bad char" errors
...
There needs to be a better way to go about preventing/fixing these.
2014-03-11 11:18:54 -05:00
8cfa5679f2
More nick instead of name
2014-03-10 16:12:44 +01:00
bc8590dbb9
Change DoS module location
2014-03-10 16:12:20 +01:00
de6be50d64
Minor cleanup and finger-wagging about a for loop
2014-03-03 14:12:22 -06:00
449d0d63d1
Do small clean up
2014-02-26 08:52:51 -06:00
ead7cbc692
Author and URI fixed
2014-02-24 22:20:34 +01:00
8f7f1d0497
Add module for CVE-2014-0050
2014-02-22 14:56:59 +01:00
ac52edabd5
Land #2801 , Land @kicks4kittens IBM Sametime modules
2014-02-06 10:17:03 -06:00
38add0ab50
alter print_status
...
Altered print_status to print_good to differentiate when user is online easier
2014-02-05 21:49:39 +01:00
a239e14084
Fix nodejs_popelining check
2014-01-19 17:06:35 -06:00
01ab6fd545
Do small fixes
2014-01-17 17:59:03 -06:00
bce321c628
Do response handling a little better, fake test
2014-01-17 11:02:35 -06:00
11d613f1a7
Clean ibm_sametime_webplayer_dos
2014-01-17 10:52:42 -06:00
51b3d164f7
Move the DoS module to the correct location
2014-01-17 09:30:51 -06:00
e737b136cc
Minor grammar/caps fixup for release
2013-12-09 14:01:27 -06:00
fdebfe3d2f
Add references
2013-12-07 14:25:58 -06:00
adc241faf8
Last one, I say
2013-12-06 15:52:42 -06:00
17193e06a9
Last commit, I swear
2013-12-06 15:49:44 -06:00
58a70779ac
Final update
2013-12-06 15:48:59 -06:00
9f5768ae37
Another update
2013-12-06 14:53:35 -06:00
af16f11784
Another update
2013-12-06 14:39:26 -06:00
87e77b358e
Use the correct URI
2013-12-06 12:08:19 -06:00
5d4acfa274
Plenty of changes
2013-12-06 11:57:02 -06:00
c07686988c
random uri
2013-12-05 18:07:24 -06:00
8e9723788d
Correct description
2013-12-04 17:25:58 -06:00
fb2fcf429f
This one actually works
2013-12-04 17:22:42 -06:00
d0071d7baa
Add CVE-2013-6414 Rails Action View DoS
2013-12-04 14:57:30 -06:00
23448b58e7
Remove timeout checkers that are rescued anyway
2013-11-25 12:37:23 -06:00
f311b0cd1e
Add user-controlled verbs.
...
GET, HEAD, POST, and PROPFIND were tested on WebRick, all successful.
2013-11-25 12:29:05 -06:00
6a28aa298e
Module for CVE-2013-4164
...
So far, just a DoS. So far, just tested on recent Rails with Webrick and
Thin front ends -- would love to see some testing on ngix/apache with
passenger/mod_rails but I don't have it set up at the moment.
2013-11-22 16:51:02 -06:00
f963f960cb
Update title
2013-11-18 15:07:59 -06:00
274247bfcd
Land #2647 , @jvennix-r7's module for Gzip Memory Bomb DoS
2013-11-18 15:06:46 -06:00
589660872e
Kill FILEPATH datastore option.
2013-11-18 14:13:25 -06:00
8e889c61f7
Update description.
2013-11-17 15:48:27 -06:00
f7820139dc
Add a content_type datastore option.
2013-11-17 15:38:55 -06:00
43d2711b98
Default to 1 round compression.
2013-11-17 15:35:35 -06:00
1e3860d648
Add gzip bomb dos aux module.
2013-11-17 14:44:33 -06:00
2c485c509e
Fix caps on module titles (first pass)
2013-11-15 00:03:42 -06:00
f5d1d8eace
chmod -x .rb files without #! in modules and lib
...
It wasn't just cmdstager_printf.rb. :/
2013-10-30 19:51:25 -05:00
9045eb06b0
Various title and description updates
2013-10-28 14:00:19 -05:00
6989f16661
Land #2548 , @titanous's aux module for CVE-2013-4450
2013-10-22 15:02:54 -05:00
bdf07456ba
Last cleanup for nodejs_pipelining
2013-10-22 15:00:58 -05:00
db447b65f9
Add exploit for Node.js HTTP Pipelining DoS
2013-10-22 15:12:14 -04:00
032da9be10
Land #2426 - make use of Msf::Config.data_directory
2013-10-21 13:07:33 -05:00
ba2c52c5de
Fixed up some more weird splat formatting.
2013-10-16 16:25:48 -05:00
ed0b84b7f7
Another round of re-splatting.
2013-10-15 14:14:15 -05:00
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
7b82c64983
ms12-020 stack print resolve
2013-10-12 16:49:03 +05:00
e1b9f1a3c4
modified ms12-020 module to resolve stack print
2013-10-12 16:36:37 +05:00
291b90405d
Merge branch 'master' of https://github.com/darknight007/metasploit-framework
...
Conflicts:
modules/auxiliary/dos/windows/rdp/ms12_020_maxchannelids.rb
2013-10-12 16:23:09 +05:00
602fd276bc
using theirs
2013-10-12 16:20:26 +05:00
4e50c574c5
Update ms12_020_maxchannelids.rb
...
ms12_020_maxchannelids.rb produces a call stack when the connection is timed out.
To reproduct, just run the module against a system having no RDP enabled.
2013-10-12 15:39:13 +05:00
c460f943f7
Merge branch 'master' into data_dir
...
Conflicts:
modules/exploits/windows/local/always_install_elevated.rb
plugins/sounds.rb
scripts/meterpreter/powerdump.rb
scripts/shell/spawn_meterpreter.rb
2013-10-02 20:17:11 +01:00
f1ab7b51b1
Update ms12_020_maxchannelids.rb
...
ms12_020_maxchannelids.rb produces a call stack when the connection is timed out.
To reproduct, just run the module against a system having no RDP enabled.
2013-09-30 13:43:26 +05:00
7ba846ca24
Find and replace
2013-09-26 20:34:48 +01:00
09fa7b7692
remove rport methods since it is already defined in Msf::Exploit::Remote::HttpClient
2013-09-25 23:50:34 +02:00
84ec2cbf11
remove peer methods since it is already defined in Msf::Exploit::Remote::HttpClient
2013-09-25 23:42:44 +02:00
b4b7cecaf4
Various minor desc fixes, also killed some tabs.
2013-09-16 15:50:00 -05:00
a40e0ba704
Clean up read_nttrans_ea_list
2013-09-07 16:11:00 -05:00
597f337d1b
Retab changes for PR #2298
2013-09-05 13:52:10 -05:00
acfef429c2
Merge for retab
2013-09-05 13:52:05 -05:00
a23c1f1ad4
added additional "include"
2013-09-03 19:34:37 +04:00
9a33c674aa
RHOST, RPORT removed, Tries option added
2013-09-01 22:58:22 +04:00
28ca62d60f
New option added. Names now random. Dos check added
2013-08-31 13:18:22 +04:00
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
b3ec8f741f
File moved to auxiliary with some bug fixes
2013-08-29 00:11:34 +04:00
bc24f99f8d
Various description and title updates
2013-07-01 15:37:37 -05:00
6168eb7590
Land #1981 - Canon Wireless Printer Denial of Service
2013-06-18 19:04:48 -05:00
7d15dc379d
Make msftidy happy
2013-06-18 19:04:03 -05:00
0533ca68dc
Added DoS result checking
...
Lowered the http timeout
2013-06-18 19:48:21 -04:00
8c28631d4b
Fixed the date format
...
Removed the rport option
These are items that were code-review for my other related module, so
I figured they should be done here too
2013-06-18 12:17:50 -04:00
6c2d99c2bc
Land #1972 , @wchen-r7's patch for [FixRM:#4704]
2013-06-17 23:17:22 -05:00
4ca9a88324
Tidying up grammar and titles
2013-06-17 16:49:14 -05:00
d877e4d489
Added CVE and disclosure date
2013-06-17 17:41:50 -04:00
8bdd89f68b
[FixRM:#4704] - Fix EOFError in filezilla_server_port
...
If login fails, the module shouldn't continue sending commands to
the server, otherwise this causes an EOF.
2013-06-17 14:24:01 -05:00
3923bbeee9
Update
2013-06-15 18:28:58 -04:00
0494ac9218
Added Canon Wireless Printer DoS module
2013-06-15 18:23:04 -04:00
fd74390952
Clean monkey_headers
2013-06-13 18:07:35 -05:00
73aff97053
Land #1950 - Monkey HTTPD Header Parsing Denial-of-Service
...
This is the reviewed/updated version of pull request #1950 . We're
landing this one instead because the other one has a lot of
unnecessary commit messages.
2013-06-13 15:56:34 -05:00
f58e279066
Cleanup on module names, descriptions.
2013-06-10 10:52:22 -05:00
3fbbe3e7b3
Make msftidy happy
2013-06-10 08:16:15 -05:00
3c05cf4382
Land #1842 , @viris DoS module for cve-2013-0229
2013-06-10 08:15:45 -05:00
154894bda6
Added comments and merged jvazquez-r7-miniupnp_dos_clean branch.
2013-06-10 10:18:26 +02:00
ec52795182
Clean for miniupnp_dos.rb
2013-06-06 11:19:26 -05:00
2fe704ce38
Deleted undeeded comments and spaces.
2013-06-04 09:00:53 +02:00
055e0a222c
Land #1902 , OSVDB reference for memcached
2013-06-03 14:57:43 -05:00
4cf682691c
New module title and description fixes
2013-06-03 14:40:38 -05:00
b087951118
Add OSVDB reference 92867 for Memcached DoS module
2013-06-03 12:41:33 -05:00
116e2bb418
Landing #1782 - Added Memcached Remote Denial of Service module
2013-06-03 12:30:37 -05:00
3d9dcbf5bd
Add a check to see if the host is down
2013-06-03 12:26:57 -05:00
217b263af7
Moved the module to different location and make it msftidy.rb compliant.
2013-06-03 10:35:10 +02:00
e3384439ed
64-bit, not '64 bits'
2013-05-13 15:40:17 -05:00
d37d211ecc
Fix short escape sequences error
2013-05-09 17:29:55 -05:00
b18a98259b
Modify default rport
2013-05-09 16:24:54 -05:00
3e1d1a3f98
Land #1659 , @nmonkee's sap_soap_rfc_eps_delete_file module
2013-05-09 16:22:54 -05:00
7b960a4f18
Add OSVDB reference
2013-05-06 00:54:00 -05:00
a17062405d
Clean up for sap_soap_rfc_eps_delete_file
2013-05-06 00:53:07 -05:00
5adc2879bf
Change module filename
2013-05-06 00:51:23 -05:00
66a5eb74c5
Move file to auxiliary/dos/sap
2013-05-06 00:50:50 -05:00
76e70adcff
Added Memcached Remote Denial of Service module
...
https://code.google.com/p/memcached/issues/detail?id=192
2013-04-30 17:45:09 +03:00
a09b3b8023
Lands #1169 - Adds a check
...
[Closes #1169 ]
Conflicts:
modules/auxiliary/dos/http/apache_range_dos.rb
2013-04-22 15:50:15 -05:00
882b084cba
Changes the default action
2013-04-22 15:47:38 -05:00
7e28a4ddb0
Uses "ACTIONS" keys instead of datastore options
...
It's better to use ACTIONS instead of datastore in this case. Also,
did some cleanup.
2013-04-22 15:41:47 -05:00
225342ce8f
final cleanup for sysax_sshd_kexchange
2013-04-08 20:28:37 +02:00
5bc454035c
Merge remote-tracking branch 'origin/pr/1710' into landing-pr1710
2013-04-08 20:20:11 +02:00
f96baa7e7e
Code Review Feedback
...
made the CLIENTVERSION always include the "SSH-2.0-OpenSSH_5.1p1 " to trigger DoS
2013-04-08 10:58:35 -04:00
4c8e19ad1a
Added reference
...
Removed final debug print statement
2013-04-08 08:28:53 -04:00
9086c53751
Not an HttpClient, so doesn't have normalize_uri
...
[FixRM #7851 ]
2013-03-28 13:16:21 -05:00
fd5bd52e6d
Added some error handling if the connection dies.
2013-03-18 17:26:40 -04:00
66dcbca562
Sysax Multi-Server SSHD DoS
...
This exploit affects Sysax Multi-Server version 6.10. It causes a
Denial of Service by sending a specially crafted Key Exchange, which
causes the service to crash.
2013-03-18 17:16:12 -04:00
02f90b5bbd
cleanup for dopewars
2013-03-14 15:53:19 +01:00
dnkolegov
jvazquez-r7
Christian Mehlmauer
rastating
URI Assassin
Tod Beardsley
Jon Hart
JoseMi
William Vu
ribeirux
kicks4kittens
sinn3r
joev
jvazquez-r7
Jonathan Rudenberg
darknight007
Meatballs
Boris
Matt Andreko
Dejan Lukan
Gregory Man
James Lee