James Lee
090566610a
Make sure @shares is initialized
...
Fixes a stack trace when the target isn't Windows
2012-04-10 15:00:47 -06:00
Tod Beardsley
a8cd28d6d5
Merge pull request #325 from rapid7/persistence-option
...
ACTION on persistence.rb should be an OptEnum
2012-04-10 13:05:11 -07:00
Tod Beardsley
94cf69cdf8
Yank the ACTION option from persistence
...
Other problems with this module since commit
5ba5bbf077
but this should be enough to
get it working again.
2012-04-10 15:01:14 -05:00
0a2940
654701f1b2
new file: data/exploits/CVE-2008-5499.swf
...
new file: external/source/exploits/CVE-2008-5499/Exploit.as
new file: modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb
2012-04-10 20:58:22 +01:00
Tod Beardsley
03c958a9b1
ACTION on persistence.rb should be an OptEnum
...
That way, upcase / downcase problems get caught on option validation,
rather than down in the module's guts.
2012-04-10 14:45:54 -05:00
Tod Beardsley
cbc12560a5
Leading tabs, not spaces
...
There's a coding style in here that will make msftidy.rb cry, and
that's:
```
varfoo = %q|
stuff
thats
html
|
```
Usually, you want something like
varfoo = ""
varfoo << %q| stuff|
varfoo << %q| thats|
varfoo << %q| html|
That said, the Description field is usually written as tab-intended
multiline %q{} enclosures, so that's what I'll do here to make
msftidy.rb happy.
2012-04-10 14:25:00 -05:00
Tod Beardsley
cdc020ba9f
Trailing space on xpi bootstrap module
2012-04-10 14:24:08 -05:00
Tod Beardsley
3cb7cbe994
Adding another ref and a disclosuredate to mihi's XPI module
...
Calling the disclosure date 2007 since TippingPoint published a blog
post back then about this XPI confirm-and-install vector.
2012-04-10 13:59:21 -05:00
sinn3r
0e1fff2c4b
Change the output style to comply with egyp7's expectations.
2012-04-10 13:42:52 -05:00
James Lee
28534d5f6e
Merge branch 'rapid7' into bap-refactor
2012-04-10 12:42:27 -06:00
sinn3r
76c12fe7e6
Whitespace cleanup
2012-04-10 13:22:10 -05:00
sinn3r
7d8e1e5e8b
Merge branch 'firefox_xpi' of https://github.com/schierlm/metasploit-framework into schierlm-firefox_xpi
2012-04-10 13:12:12 -05:00
James Lee
e7809b1b3b
Remove print_status line from db.rb
...
Not defined in that context, causes stack traces on db_import
2012-04-10 11:07:23 -06:00
Michael Schierl
705cf41858
Add firefox_xpi_bootstrapped_addon exploit
...
This is similar to java_signed_applet as it does not exploit a vulnerability, but
hope that the user will trust the addon.
2012-04-10 13:39:54 +02:00
HD Moore
a9d733f9fe
Fix pack order
2012-04-09 21:21:42 -05:00
Tod Beardsley
366cb2ff08
Merge branch 'egypt-packetwise'
...
Added in the upstream PacketFu changes and this all looks good for the
importer. Thanks!
2012-04-09 15:59:33 -05:00
Tod Beardsley
b8129f9463
Updating PacketFu to match upstream
2012-04-09 15:47:21 -05:00
James Lee
2de0c801d9
Add vulnerable version numbers to the description
2012-04-09 14:41:42 -06:00
sinn3r
71d2ef71f8
Don't want to print vuln.info if it's nil
2012-04-09 15:38:02 -05:00
sinn3r
ab5a4beb99
Merge branch 'andurin-5837' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-andurin-5837
2012-04-09 15:18:55 -05:00
James Lee
c19a4d7a23
Put final detection results on window.os_detect object
...
Makes it easier to grab results from within a module without having to
run the detection again. I thought I had committed something like this
before, I wonder what other code I've lost...
2012-04-09 14:08:35 -06:00
HD Moore
2c473e3cdd
Fix up koyo login
2012-04-09 15:07:47 -05:00
juan
246ebca940
added module for CVE-2012-0198
2012-04-09 20:45:27 +02:00
sinn3r
a26e844ce5
Merge pull request #318 from wchen-r7/dolibarr_login
...
Add an aux module to brute force Dolibarr's login interface
2012-04-09 09:20:48 -07:00
sinn3r
2971eb2fdf
Merge pull request #315 from andurin/nessusplug
...
Fix broken nessus_safe - #6597 (freaky clown)
2012-04-09 08:03:06 -07:00
sinn3r
bef12478fc
Merge branch 'bap-refactor' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-bap-refactor
2012-04-09 09:58:22 -05:00
James Lee
037fbf655e
Standardize the print format for modules used by browser autopwn
2012-04-09 01:57:50 -06:00
James Lee
b38933328f
Send exploits that are not assocated with any browser to all of them
2012-04-09 01:53:57 -06:00
James Lee
3ca440089e
Add checks for .NET requisites
...
Also standardizes print_status format to look nicer with lots of cilents
2012-04-09 01:23:44 -06:00
James Lee
a6b106e867
Remove autopwn support for enjoysapgui_comp_download
...
No automatic targeting, the payload doesn't execute immediately, and
requires the browser be running as Admin. Bascially just not a great
candidate for being run automatically.
2012-04-09 01:05:37 -06:00
James Lee
409ba3139b
Add bap checks for blackice exploit
2012-04-09 00:50:04 -06:00
sinn3r
5fefb47b7f
Some cosmetic changes
2012-04-09 01:43:20 -05:00
sinn3r
95dbb8a818
Merge branch 'snort-dce-rpc' of https://github.com/carmaa/metasploit-framework into carmaa-snort-dce-rpc
2012-04-09 00:17:44 -05:00
James Lee
da1cb2b81d
ActiveX controls require IE
2012-04-08 22:07:09 -06:00
sinn3r
9cec9639c7
Add an aux module to brute force Dolibarr's login interface
2012-04-08 18:16:38 -05:00
James Lee
f520af036f
Move next_exploit() onto window object so it's accessible everywhere
...
I swear I committed this before, not sure what happened.
2012-04-08 17:11:15 -06:00
James Lee
b58a87b7a8
Skip ::1 as well as 127.0.0.1 for session_host
...
Thanks rsmudge for pointing this out.
[Fixes #6599 ]
2012-04-08 14:58:39 -06:00
Carsten Maartmann-Moe
ce0de02a2a
Modified for 8-space tabs
2012-04-08 16:09:28 -04:00
Carsten Maartmann-Moe
89c1894e07
Minor formatting changes, tabs etc. and comments for clarity
2012-04-08 15:45:23 -04:00
sinn3r
51bdfe14fd
2012, not 2011, oops
2012-04-08 13:21:37 -05:00
sinn3r
24478e9eb5
Add Dolibarr ERP & CRM Command Injection Exploit
2012-04-08 13:20:22 -05:00
James Lee
9ae9509cfe
More fingerprints from browsershots
2012-04-08 11:12:32 -06:00
sinn3r
c6162bbe08
I've changed my mind. Default to "/" anyway even if it's nil.
2012-04-07 19:47:28 -05:00
sinn3r
cfb34739f9
Actually, let's default to "/" only if the TARGETURI option is empty. If it's nil, we prefer to throw the exception at the user.
2012-04-07 19:44:34 -05:00
sinn3r
9a229dfcff
Make target_uri default to "/" in case the TARGETURI option is nil or empty
2012-04-07 19:43:19 -05:00
sinn3r
05eba0ab4c
Cosmetic changes, mostly :-)
2012-04-07 14:47:23 -05:00
sinn3r
00ff2e3dc1
Merge branch 'CVE-2012-1195_thinkmanagement' of https://github.com/juanvazquez/metasploit-framework into juanvazquez-CVE-2012-1195_thinkmanagement
2012-04-07 14:41:19 -05:00
juan
938d5d0a75
added references for cve-2012-1196
2012-04-07 20:22:59 +02:00
juan
ee7bce5995
deletion of the ASP script
2012-04-07 20:19:45 +02:00
Tod Beardsley
dfe2bbc958
Use rport for modicon_password recovery, not 21.
2012-04-07 13:03:43 -05:00