Steve Tornio
|
a00dad32fe
|
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
|
2011-12-29 07:50:33 -06:00 |
Steve Tornio
|
27d1601028
|
add osvdb ref
|
2011-12-29 07:49:16 -06:00 |
Tod Beardsley
|
0e3370f1fe
|
Grammar and spelling on splunk and oracle exploits
|
2011-12-28 13:42:56 -06:00 |
sinn3r
|
101eba6aa5
|
Add CVE-2011-3587 Plone/Zope Remote CMD Injection (Feature #6151)
|
2011-12-27 00:59:26 -06:00 |
sinn3r
|
b5b24a1fbf
|
Add a check. I decided not to try to login in the check function in order to remain non-malicious.
However, this decision doesn't represent how modules should write their own check.
|
2011-12-22 13:16:54 -06:00 |
sinn3r
|
262fe75e0a
|
Add CVE-2011-4642 - Splunk Remote Code Execution (Feature #6129)
|
2011-12-22 13:04:37 -06:00 |
Steve Tornio
|
85caabbf5d
|
add osvdb ref
|
2011-12-14 07:19:34 -06:00 |
HD Moore
|
cb456337a0
|
Handle invalid http responses better, see #6113
|
2011-12-13 19:54:10 -06:00 |
sinn3r
|
d87d8d5799
|
Add CVE-2011-4453 (PmWiki Remote code exeuction - Feature #6103)
|
2011-12-13 11:45:24 -06:00 |
sinn3r
|
32c8301c19
|
Add feature #6082 (Traq 2.3 Auth bypass remote code execution)
|
2011-12-12 15:45:19 -06:00 |
sinn3r
|
e043fb52c2
|
Incrase timeout
|
2011-12-08 11:21:03 -06:00 |
sinn3r
|
5afba20c21
|
Merge pull request #43 from jduck/master
Clear up how to use native payloads for tomcat_mgr_deploy
|
2011-12-06 23:01:53 -08:00 |
sinn3r
|
edec6b98ee
|
Add feature #6067 Family Connections CMS 2.7.1 exploit
|
2011-12-07 00:00:56 -06:00 |
Joshua J. Drake
|
ac7edc268a
|
Add some more clear documentation for selecting payloads for this module.
|
2011-12-05 00:35:11 -06:00 |
Rob Fuller
|
c411c216c0
|
Solved most of msftidy issues with the /modules directory
|
2011-11-28 17:10:29 -06:00 |
David Maloney
|
4a22df4014
|
Fix to the axis2 Deployer exploit to add Default Target
|
2011-11-22 10:27:38 -08:00 |
David Maloney
|
30d1451159
|
Consolidation of the Axis2 Deployer Exploits
Fixes #5276
|
2011-11-22 08:47:53 -08:00 |
sinn3r
|
41d746a07a
|
Add Support Incident Tracker (Feature #5964) by Juan
|
2011-11-12 12:36:21 -06:00 |
Wei Chen
|
e767214411
|
Fix: whitespaces, svn propset, author e-mail format
git-svn-id: file:///home/svn/framework3/trunk@14175 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-11-06 22:02:26 +00:00 |
Wei Chen
|
0dff3f3e52
|
Add #5682 (phpscheduleit module). Thx Juan.
git-svn-id: file:///home/svn/framework3/trunk@14073 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-26 18:06:12 +00:00 |
Will Vandevanter
|
a0d8a08851
|
java meterpreter should be used when the target is set to automatic
git-svn-id: file:///home/svn/framework3/trunk@14068 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-25 20:02:09 +00:00 |
Wei Chen
|
2b46420b36
|
check nil
git-svn-id: file:///home/svn/framework3/trunk@14062 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-25 16:19:55 +00:00 |
Wei Chen
|
7ba5a8ec4e
|
Module is busted when it loads, restoring to the original method. Mixin should not be loaded into an exploit
git-svn-id: file:///home/svn/framework3/trunk@14061 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-25 16:04:33 +00:00 |
Wei Chen
|
9cb54e37c5
|
Handle payloads better, also add a cleanup routine specifically for php/exec
git-svn-id: file:///home/svn/framework3/trunk@14060 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-25 05:25:39 +00:00 |
Wei Chen
|
2da07d4963
|
Fix bug #5834 (uri being nil in print_good)
git-svn-id: file:///home/svn/framework3/trunk@14057 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-25 00:40:03 +00:00 |
Wei Chen
|
3da8bb8b69
|
Add feature #5820 by mr_me and tecr0c
git-svn-id: file:///home/svn/framework3/trunk@14055 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-24 23:22:32 +00:00 |
Joshua Drake
|
62c8c6ea9f
|
big msftidy pass, ping me if there are issues
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-23 11:56:13 +00:00 |
Wei Chen
|
975cc52bac
|
Fix spelling errors
git-svn-id: file:///home/svn/framework3/trunk@13983 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-18 00:54:05 +00:00 |
Tod Beardsley
|
94eb3ac14c
|
Deleting a puts statement.
git-svn-id: file:///home/svn/framework3/trunk@13968 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-17 03:52:10 +00:00 |
Tod Beardsley
|
30ac88694f
|
More msftidy fixes. Now I'm going to get a little more surgical to get this to move faster.
git-svn-id: file:///home/svn/framework3/trunk@13963 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-17 02:58:53 +00:00 |
Tod Beardsley
|
020abd926b
|
A handful of rankings changes, also converting whitespace.
git-svn-id: file:///home/svn/framework3/trunk@13941 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-15 22:58:20 +00:00 |
Wei Chen
|
14d7db1641
|
Add disclosure dates to all the exploit modules that didn't have one
git-svn-id: file:///home/svn/framework3/trunk@13938 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-15 21:09:17 +00:00 |
Wei Chen
|
f2d328d969
|
cmd exec module should receive ExcellentRanking
git-svn-id: file:///home/svn/framework3/trunk@13935 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-15 20:10:53 +00:00 |
HD Moore
|
142ae9288b
|
Fix title
git-svn-id: file:///home/svn/framework3/trunk@13933 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-15 19:56:57 +00:00 |
Wei Chen
|
262b3bbe00
|
Use Rex to encode payload to base64
git-svn-id: file:///home/svn/framework3/trunk@13846 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-09 20:31:51 +00:00 |
Wei Chen
|
98157272fd
|
Fix indentation for exploit description
git-svn-id: file:///home/svn/framework3/trunk@13843 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-09 06:12:54 +00:00 |
Wei Chen
|
d1b1b26d01
|
Add Feature #5499 (Snortreport module)
git-svn-id: file:///home/svn/framework3/trunk@13842 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-09 06:10:18 +00:00 |
Wei Chen
|
44ac9d67e0
|
svn propset
git-svn-id: file:///home/svn/framework3/trunk@13831 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-07 17:45:15 +00:00 |
Steve Tornio
|
9ec92ee603
|
add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@13830 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-07 15:37:54 +00:00 |
HD Moore
|
9862987f45
|
Add a new module from joernchen
git-svn-id: file:///home/svn/framework3/trunk@13829 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-07 15:30:24 +00:00 |
Wei Chen
|
612cdc8c73
|
No need to check if version is 'unknown' if nothing else (other than default) is assigned to it
git-svn-id: file:///home/svn/framework3/trunk@13799 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-09-27 19:12:31 +00:00 |
Wei Chen
|
8bfdebeaf3
|
Handle the return value for send_request during the early stage
git-svn-id: file:///home/svn/framework3/trunk@13791 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-09-25 19:28:15 +00:00 |
Wei Chen
|
db79d21f75
|
Apply patch for non-default logins by jabra
git-svn-id: file:///home/svn/framework3/trunk@13778 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-09-23 02:48:48 +00:00 |
Jonathan Cran
|
064255e910
|
fixup the payload encoding, per joernchen's comment in the #metasploit channel.
git-svn-id: file:///home/svn/framework3/trunk@13747 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-09-17 17:48:51 +00:00 |
Mario Ceballos
|
6f28911d3d
|
added patch from joshua taylor.
git-svn-id: file:///home/svn/framework3/trunk@13698 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-09-06 19:58:40 +00:00 |
Joshua Drake
|
496170eac1
|
aDjUsT tHe CaSe
git-svn-id: file:///home/svn/framework3/trunk@13644 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-08-26 23:46:49 +00:00 |
David Rude
|
c78ba0e4d5
|
hehe remove debugging put call
git-svn-id: file:///home/svn/framework3/trunk@13586 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-08-19 05:59:32 +00:00 |
David Rude
|
63e2b759e7
|
require the URI option
git-svn-id: file:///home/svn/framework3/trunk@13585 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-08-19 05:54:58 +00:00 |
David Rude
|
402ca57bb4
|
Adds Struts2 Remote Code Execution exploit CVE-2010-1870
git-svn-id: file:///home/svn/framework3/trunk@13584 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-08-19 05:52:09 +00:00 |
Steve Tornio
|
28177fd255
|
add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@13505 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-08-10 02:54:56 +00:00 |
HD Moore
|
f1afbacb2a
|
Cron'd
git-svn-id: file:///home/svn/framework3/trunk@13485 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-08-04 17:36:01 +00:00 |
Wei Chen
|
f47a2c7565
|
Format dictatorship round 2: Fix author e-mail format for all exploit modules
git-svn-id: file:///home/svn/framework3/trunk@13297 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-07-22 20:17:58 +00:00 |
Wei Chen
|
d13654740a
|
Update some jboss modules' metadata associated with CVE-2010-0738
git-svn-id: file:///home/svn/framework3/trunk@13204 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-07-18 05:18:25 +00:00 |
James Lee
|
c412a836ed
|
add VERBOSE option to all modules and vprint_* methods to use it
git-svn-id: file:///home/svn/framework3/trunk@13183 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-07-15 15:33:35 +00:00 |
HD Moore
|
eea05fcaaa
|
Correct the parent class name
git-svn-id: file:///home/svn/framework3/trunk@12930 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-06-12 19:31:38 +00:00 |
HD Moore
|
7f3e2d182d
|
Fix Axis2 to inherit from the correct class, prevent a stack trace when a non-Remote exploit has the cleanup method called.
git-svn-id: file:///home/svn/framework3/trunk@12928 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-06-12 18:32:27 +00:00 |
David Rude
|
a8b6c43636
|
reverting the disclosure dates for now need to clean up the patch
git-svn-id: file:///home/svn/framework3/trunk@12540 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-05-04 20:43:19 +00:00 |
David Rude
|
3b7ea08f6a
|
Fixes a ton of Disclosure Date discrepencies in various modules, thanks a ton to Michael Baker for spending the time to ensure accuracy
git-svn-id: file:///home/svn/framework3/trunk@12539 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-05-04 19:17:31 +00:00 |
David Rude
|
3b5cf3826a
|
Added TheLightCosines OpenSSL ChangeCipherSpec DoS aux module
git-svn-id: file:///home/svn/framework3/trunk@12538 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-05-04 19:08:28 +00:00 |
Steve Tornio
|
319b4993a4
|
add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@12397 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-04-21 19:38:42 +00:00 |
David Rude
|
0f9a232025
|
Added Spreecommerce Remote Code Execution exploit module - thanks joernchen
git-svn-id: file:///home/svn/framework3/trunk@12392 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-04-21 16:57:17 +00:00 |
Joshua Drake
|
f0673cb1ac
|
Tweak to work with FreeBSD, thx for the patch!
git-svn-id: file:///home/svn/framework3/trunk@12224 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-04-03 17:40:45 +00:00 |
David Rude
|
c5ce597483
|
removing coldfusion until some general code fixes can be applied
git-svn-id: file:///home/svn/framework3/trunk@11995 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-03-16 21:41:47 +00:00 |
Mario Ceballos
|
dfd2df6b47
|
puts this in the appropiate place
git-svn-id: file:///home/svn/framework3/trunk@11987 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-03-16 10:22:07 +00:00 |
Joshua Drake
|
1604b5616f
|
apply some more changes from Konrads
git-svn-id: file:///home/svn/framework3/trunk@11533 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-01-10 14:34:24 +00:00 |
Joshua Drake
|
9ef757bf17
|
Fixes #3387, add the PACKAGE option to allow 3.2
git-svn-id: file:///home/svn/framework3/trunk@11518 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-01-08 04:11:01 +00:00 |
James Lee
|
dd6afdc74c
|
make these titles a little clearer
git-svn-id: file:///home/svn/framework3/trunk@11330 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-12-14 17:26:44 +00:00 |
Joshua Drake
|
26a9fe6fc7
|
add some missing CVE references
git-svn-id: file:///home/svn/framework3/trunk@11180 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-11-30 20:19:18 +00:00 |
Joshua Drake
|
d5835fe7b0
|
remove commented out REST portion
git-svn-id: file:///home/svn/framework3/trunk@11179 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-11-30 19:11:42 +00:00 |
Joshua Drake
|
98e8ec4cc9
|
add REST version of axis2 deployer
git-svn-id: file:///home/svn/framework3/trunk@11178 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-11-30 18:17:33 +00:00 |
Joshua Drake
|
e9faf75503
|
fix some more titles with periods
git-svn-id: file:///home/svn/framework3/trunk@11127 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-11-24 19:35:38 +00:00 |
Joshua Drake
|
2fe78ec685
|
double grammar fail
git-svn-id: file:///home/svn/framework3/trunk@11053 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-11-16 20:23:11 +00:00 |
Joshua Drake
|
f4d2af3e73
|
fix typo
git-svn-id: file:///home/svn/framework3/trunk@11052 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-11-16 20:17:25 +00:00 |
Joshua Drake
|
25611afb6c
|
add sap businessobject modules from jabra, woot!
git-svn-id: file:///home/svn/framework3/trunk@11046 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-11-15 05:12:48 +00:00 |
Joshua Drake
|
4a5bee45c5
|
style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@11015 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-11-12 23:14:46 +00:00 |
Mario Ceballos
|
2aca76ef66
|
added exploit module freenas_exec_raw.rb. php/meterpreter ftw.
git-svn-id: file:///home/svn/framework3/trunk@11014 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-11-12 23:02:28 +00:00 |
James Lee
|
326dc42bca
|
add EncodedPayload#encoded_exe, encoded_jar, and encoded_war. simplifies exploits that need java and native payloads. see #406 and #3009
git-svn-id: file:///home/svn/framework3/trunk@10999 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-11-11 23:01:35 +00:00 |
Joshua Drake
|
1f235a8c9b
|
remove 64-bit targets since we dont have an x86_64 linux exe generator
git-svn-id: file:///home/svn/framework3/trunk@10833 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-10-27 17:21:54 +00:00 |
Joshua Drake
|
be841a4810
|
check for failed serverinfo result
git-svn-id: file:///home/svn/framework3/trunk@10788 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-10-22 21:32:12 +00:00 |
James Lee
|
3b2c43fac4
|
get rid of the redundant second java target
git-svn-id: file:///home/svn/framework3/trunk@10785 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-10-22 20:07:18 +00:00 |
James Lee
|
f33d7cc670
|
revamp java payloads and make shells work with tomcat_mgr_deploy. tested java_trusted_chain and java_tester to verify that this doesn't break other java payload usage. see #3009 and #2973, meterpreter doesn't work yet, so not marking resolved.
git-svn-id: file:///home/svn/framework3/trunk@10781 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-10-22 10:19:51 +00:00 |
Joshua Drake
|
c6f1fa716d
|
add a java target, fixes #2973
git-svn-id: file:///home/svn/framework3/trunk@10755 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-10-19 22:36:59 +00:00 |
Joshua Drake
|
771ea5862c
|
fix typo
git-svn-id: file:///home/svn/framework3/trunk@10754 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-10-19 22:24:33 +00:00 |
Joshua Drake
|
1935f2007f
|
fix exe generation for auto-targetting
git-svn-id: file:///home/svn/framework3/trunk@10753 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-10-19 22:21:19 +00:00 |
Joshua Drake
|
042e71c357
|
add ports/refs for ZDI-10-214
git-svn-id: file:///home/svn/framework3/trunk@10747 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-10-19 14:28:52 +00:00 |
Joshua Drake
|
b49e81300a
|
fix auto-target exe generation
git-svn-id: file:///home/svn/framework3/trunk@10688 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-10-14 21:26:05 +00:00 |
Joshua Drake
|
279c604015
|
missed a couple exe generater includes
git-svn-id: file:///home/svn/framework3/trunk@10504 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-09-28 16:19:50 +00:00 |
Joshua Drake
|
bd1eeb3722
|
rework to_jsp_war a bit, fix uses, default msfencode -t war to x86/win32
git-svn-id: file:///home/svn/framework3/trunk@10397 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-09-20 15:59:46 +00:00 |
Joshua Drake
|
4590844871
|
tons of indentation fixes, some other style tweaks
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-09-20 08:06:27 +00:00 |
Joshua Drake
|
d540818f01
|
split http exploit mixin into http/server and http/client
git-svn-id: file:///home/svn/framework3/trunk@9971 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-08-07 06:59:16 +00:00 |
Joshua Drake
|
2f384cde82
|
add alias for calling Msf::Exploit regenerate_payload explicitly -- fixes #2312
git-svn-id: file:///home/svn/framework3/trunk@9950 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-08-03 15:14:34 +00:00 |
Joshua Drake
|
16ff17c9d1
|
add more http fingerprints -- thx mc
git-svn-id: file:///home/svn/framework3/trunk@9797 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-07-12 23:25:31 +00:00 |
Joshua Drake
|
663b863b6d
|
http fingerprint checking update
git-svn-id: file:///home/svn/framework3/trunk@9719 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-07-07 17:38:59 +00:00 |
Joshua Drake
|
a3d901a6b9
|
various minor fixes, some added fingerprinting
git-svn-id: file:///home/svn/framework3/trunk@9671 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-07-03 06:21:31 +00:00 |
Joshua Drake
|
7d945ed9dc
|
add lots of disclosure dates from OSVDB
git-svn-id: file:///home/svn/framework3/trunk@9669 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-07-03 03:13:45 +00:00 |
Joshua Drake
|
0882838491
|
ensure binary mode when opening files, whitespace fixes
git-svn-id: file:///home/svn/framework3/trunk@9653 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-07-01 23:33:07 +00:00 |
Joshua Drake
|
93b09648c7
|
add additional CVE reference, cleanup references
git-svn-id: file:///home/svn/framework3/trunk@9642 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-07-01 19:42:11 +00:00 |
Joshua Drake
|
12fbdcd878
|
add http_fingerprint calls to modules that use various headers
git-svn-id: file:///home/svn/framework3/trunk@9627 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-06-25 20:53:12 +00:00 |
Joshua Drake
|
48994d234a
|
oops, remove java from platform list
git-svn-id: file:///home/svn/framework3/trunk@9609 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-06-24 16:38:24 +00:00 |
Joshua Drake
|
099b90b0d6
|
another update for jboss stuff, thanks Patrick!
git-svn-id: file:///home/svn/framework3/trunk@9596 4d416f70-5f16-0410-b530-b9f4589650da
|
2010-06-23 22:25:03 +00:00 |