Cristiano Maruti
4846a680db
modified according to jvazquez-r7 feedback
2013-06-20 16:19:43 +02:00
Cristiano Maruti
8e64bf3d16
modified according to jvazquez-r7 feedback
2013-06-20 16:15:28 +02:00
Cristiano Maruti
a5332e5ed2
Module was updated to support WebSphere AS running seam-2.
...
msf auxiliary(jboss_seam_exec) > run
[*] Found right index at [0] - getRuntime
[*] Index [1]
[*] Index [2]
[*] Index [3]
[*] Index [4]
[*] Index [5]
[*] Found right index at [6] - exec
[*] Index [7]
[*] Index [8]
[*] Index [9]
[*] Index [10]
[*] Index [11]
[*] Index [12]
[*] Index [13]
[*] Index [14]
[*] Index [15]
[*] Index [16]
[*] Index [17]
[*] Index [18]
[*] Index [19]
[*] Index [20]
[*] Index [21]
[*] Index [22]
[*] Index [23]
[*] Index [24]
[*] Target appears VULNERABLE!
[*] Sending remote command:pwd
[*] Exploited successfully
[*] Auxiliary module execution completed
2013-06-20 12:17:07 +02:00
William Vu
df27e3e76c
Land #1991 , OSVDB reference for Canon
2013-06-19 23:17:30 -05:00
Steve Tornio
55312529d2
add osvdb ref 94417
2013-06-19 23:13:45 -05:00
jvazquez-r7
494ee160af
Fix indent
2013-06-19 23:12:12 -05:00
jvazquez-r7
2d99c46414
Land #1990 , @wchen-r7's exploit for Libretto CMS
2013-06-19 23:11:34 -05:00
sinn3r
079477c57d
Commit final version
2013-06-19 20:35:24 -05:00
sinn3r
eec65346cb
Land #1988 - Fix requires for PhpEXE
2013-06-19 17:01:23 -05:00
sinn3r
62b23bc594
Initial (incomplete) commit
2013-06-19 16:59:15 -05:00
James Lee
81b4efcdb8
Fix requires for PhpEXE
...
And incidentally fix some msftidy complaints
2013-06-19 16:27:59 -05:00
jvazquez-r7
f91719bf80
Do final cleanup for pptp_tunnel
2013-06-19 14:21:48 -05:00
jvazquez-r7
3e31d2c97a
Land #1820 , @bmerinofe post module for pptpd mitm
2013-06-19 14:19:50 -05:00
sinn3r
d347be35e9
Land #1986 - Restores MoinMoin during exploitation
2013-06-19 12:14:10 -05:00
jvazquez-r7
1a06003ac8
Land #1983 , @wchen-r7's havalite exploit
2013-06-19 11:58:13 -05:00
jvazquez-r7
a894dc83c2
Try restore also at exploiting time
2013-06-19 11:35:52 -05:00
sinn3r
7b0977f897
Change base path
2013-06-19 11:33:45 -05:00
sinn3r
f0c81ed3cc
Correct disclosure date
2013-06-19 03:00:32 -05:00
sinn3r
67593d6ef4
Eh, PHP, not "php"
2013-06-19 02:34:49 -05:00
sinn3r
9c3bd12613
If I can't write, I want to know.
...
It's possible that the upload directory doesn't allow write, the
module should be aware of that. Other reasons may be possible.
2013-06-19 02:32:30 -05:00
sinn3r
19d868748d
Final version
2013-06-19 02:21:01 -05:00
sinn3r
90cad4b7fb
Land #1980 - Canon Printer Wireless Configuration Disclosure
2013-06-18 19:09:38 -05:00
sinn3r
abc3951ca2
Final touchup
2013-06-18 19:08:42 -05:00
sinn3r
6168eb7590
Land #1981 - Canon Wireless Printer Denial of Service
2013-06-18 19:04:48 -05:00
sinn3r
7d15dc379d
Make msftidy happy
2013-06-18 19:04:03 -05:00
sinn3r
5c1822ea17
Initial commit for havalite module
2013-06-18 19:00:42 -05:00
Matt Andreko
0533ca68dc
Added DoS result checking
...
Lowered the http timeout
2013-06-18 19:48:21 -04:00
Matt Andreko
8c28631d4b
Fixed the date format
...
Removed the rport option
These are items that were code-review for my other related module, so
I figured they should be done here too
2013-06-18 12:17:50 -04:00
Matt Andreko
7f1a913bdc
Code Review Feedback from wchen
...
Fixed the disclosure date format
Removed the rport option
Added a call to report_note to store the data
2013-06-18 12:13:19 -04:00
sinn3r
b514124997
Land #1979 - OSVDB update
2013-06-18 10:42:09 -05:00
sinn3r
fbd16a2f3e
Land #1978 - OSVDB update
2013-06-18 10:41:33 -05:00
sinn3r
1e46f7df48
Land #1977 - OSVDB update
2013-06-18 10:40:55 -05:00
sinn3r
d0ed9a6687
Land #1976 - OSVDB update
2013-06-18 10:40:00 -05:00
jvazquez-r7
aa134b0bcc
Land #1973 , @wchen-r7's fix to handle ftp auth correctly
2013-06-18 09:34:55 -05:00
jvazquez-r7
8ae8f25d56
Land #1961 , @wvu-r7's normalization of command_dispatcher/db.rb
2013-06-18 08:57:32 -05:00
Steve Tornio
e278ac5061
add osvdb ref 91841
2013-06-18 06:41:30 -05:00
Steve Tornio
404a9f0669
add osvdb ref 89594
2013-06-18 06:25:57 -05:00
Steve Tornio
27158d89c7
add osvdb ref 89105
2013-06-18 06:15:29 -05:00
Steve Tornio
2afc90a8de
fix typos
2013-06-18 06:05:45 -05:00
Steve Tornio
2c3181b56b
add osvdb ref 90627
2013-06-18 05:59:39 -05:00
jvazquez-r7
6c2d99c2bc
Land #1972 , @wchen-r7's patch for [FixRM:#4704]
2013-06-17 23:17:22 -05:00
sinn3r
070111a520
Land #1975 - Add CVE-2012-6081 (MoinMoin twikidraw Action Traversal)
2013-06-17 22:31:36 -05:00
sinn3r
3223ea799c
An invalid WritablePage option can result the same message as well.
2013-06-17 22:30:44 -05:00
jvazquez-r7
044bd2101f
Authenticate against the page to modify
2013-06-17 20:34:02 -05:00
Tod Beardsley
4ca9a88324
Tidying up grammar and titles
2013-06-17 16:49:14 -05:00
Matt Andreko
d877e4d489
Added CVE and disclosure date
2013-06-17 17:41:50 -04:00
Matt Andreko
df8c80e3d1
Added CVE and disclosure date
2013-06-17 17:40:36 -04:00
William Vu
b8ed1f902c
Land #1974 , add Rex.sleep() to HACKING
2013-06-17 16:32:17 -05:00
sinn3r
c71b395930
Minor change
2013-06-17 16:27:31 -05:00
jvazquez-r7
0bd6ca2a6a
Add module for CVE-2012-6081
2013-06-17 16:13:55 -05:00