sinn3r
7dcdd205bb
Update CVEs for fileformat exploits
2012-06-28 00:21:03 -05:00
sinn3r
b83c02d8e3
Update CVE reference
2012-06-28 00:06:41 -05:00
sinn3r
d85ce8db5c
Update CVEs for HTTP exploits
2012-06-28 00:00:53 -05:00
sinn3r
e8102284ff
Add missing CVEs for misc exploit modules
2012-06-27 22:17:34 -05:00
sinn3r
f5faccfa07
Add missing CVEs for SCADA modules
2012-06-27 22:10:24 -05:00
sinn3r
7c258d7aa9
Merge branch 'jvazquez-r7-atlassian_crowd'
2012-06-27 17:12:00 -05:00
sinn3r
68c582873b
Add the MSF license text
2012-06-27 17:11:00 -05:00
sinn3r
6c80fd9b42
Merge branch 'atlassian_crowd' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-atlassian_crowd
2012-06-27 17:09:25 -05:00
sinn3r
e605a35433
Make sure the check func is always returning the same data type
2012-06-27 17:07:55 -05:00
sinn3r
cb1af5ab79
Final cleanup
2012-06-27 16:57:04 -05:00
jvazquez-r7
d3bc78c53b
applied changes proposed by sinn3r
2012-06-27 23:55:51 +02:00
jvazquez-r7
73360dfae3
minor fixes
2012-06-27 23:38:52 +02:00
jvazquez-r7
38abeeb235
changes on openfire_auth_bypass
2012-06-27 23:16:07 +02:00
jvazquez-r7
245205c6c9
changes on openfire_auth_bypass
2012-06-27 23:15:40 +02:00
jvazquez-r7
6ec990ed85
Merge branch 'Openfire-auth-bypass' of https://github.com/h0ng10/metasploit-framework into h0ng10-Openfire-auth-bypass
2012-06-27 23:09:26 +02:00
sinn3r
dc30a2dddb
Merge branch 'atlassian_crowd' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-atlassian_crowd
2012-06-27 15:37:15 -05:00
sinn3r
2f733ff8b9
Add CVE-2012-0663 Apple QuickTime TeXML Exploit
2012-06-27 14:41:45 -05:00
Tod Beardsley
97974d9241
Shorten title for display
2012-06-27 10:19:46 -05:00
Tod Beardsley
94e28933c8
Whitespace fixes. msftidy.rb yall
2012-06-27 10:06:15 -05:00
jvazquez-r7
2c5cc697c9
Added auxiliary module for CVE-2012-2926
2012-06-27 10:21:18 +02:00
HD Moore
2dd51690c2
Add a missing require
2012-06-27 00:47:32 -05:00
sinn3r
be2692a623
Merge branch 'pdf_parser_fix' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-pdf_parser_fix
2012-06-26 16:55:26 -05:00
James Lee
891400fdbb
Array#select! is only in 1.9
2012-06-26 15:32:39 -06:00
sinn3r
9ea6d84a7a
Make it clear the exploit doesn't like certain PDF formats
...
If the exploit cannot fetch certain xref fields, we warn the user
we don't like their PDF, and recommend them to try a different
one.
2012-06-26 16:32:10 -05:00
sinn3r
807142e988
'Size' may not exist in certain PDF structure.
...
This is a fix for issues related to:
'undefined method `[]' for nil:NilClass'
It is possible that a PDF may not have the 'Size' xref, and people
are running into the 'undefined method'[]' for NilClass' exception.
Because the pdf parser always assumes there is a Size field,
so it uses a match() function to find the value for Size, which
can be nil.
See the following bug report for example:
https://dev.metasploit.com/redmine/issues/7014
2012-06-26 16:09:13 -05:00
h0ng10
428ae21928
Changed readme.html file (was from the statistics plugin)
2012-06-26 12:03:52 -04:00
jvazquez-r7
89dc000ab8
msfvenom modified again to assure options normalization
...
opts[:platform] should always store a PlatformList. We think this fis is more reliable.
2012-06-26 18:00:16 +02:00
h0ng10
6cc8390da9
Module rewrite, included Java support, direct upload, plugin deletion
2012-06-26 11:56:44 -04:00
jvazquez-r7
cc90a60a1b
Correct the use of the platform argument
...
The platform argument is meant to be a PlatformList object, not as an array:
http://dev.metasploit.com/redmine/issues/6826
This commit undoes the last change to init_platform() in alpha_mixed and modifies msfvenom to use it as intended.
2012-06-26 17:32:55 +02:00
sinn3r
b966dda980
Update missing CVE reference
2012-06-26 01:26:09 -05:00
sinn3r
8f355554c8
Update missing CVE reference
2012-06-26 01:21:24 -05:00
sinn3r
0d7b6d4053
Update missing CVE reference
2012-06-26 01:20:28 -05:00
sinn3r
c7935e0e99
Update OSVDB reference
2012-06-26 01:18:25 -05:00
sinn3r
9980c8f416
Add rh0's analysis
2012-06-25 21:32:45 -05:00
sinn3r
7698b2994d
Correct OSVDB typo
2012-06-25 18:32:35 -05:00
James Lee
b04170b283
Unbreak loadpath
...
HD's vuln-info merge broke add_module_path by removing an argument.
2012-06-25 16:37:16 -06:00
sinn3r
061a3ad0cf
Merge branch 'jvazquez-r7-sugarcrm_unserialize_exec'
2012-06-25 17:29:05 -05:00
sinn3r
8927c8ae57
Make it more verbose, and do some exception handling for cleanup
2012-06-25 17:27:33 -05:00
sinn3r
fef77bfd7f
Merge branch 'sugarcrm_unserialize_exec' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-sugarcrm_unserialize_exec
2012-06-25 16:55:45 -05:00
jvazquez-r7
7b0f3383d2
delete default credentials
2012-06-25 23:53:56 +02:00
sinn3r
7f5687ef10
Merge branch 'sugarcrm_unserialize_exec' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-sugarcrm_unserialize_exec
2012-06-25 16:28:55 -05:00
jvazquez-r7
7dc1a572e5
trying to fix serialization issues
2012-06-25 23:25:38 +02:00
HD Moore
85faf53c5d
Compromise on MDM counter cache initialization
2012-06-25 13:52:48 -07:00
HD Moore
13b4cb7e88
Revert "Remove reset_column_information (breaks badly)"
...
This reverts commit 02e124a330
.
2012-06-25 13:52:48 -07:00
HD Moore
fce5ff00ca
Revert "Remove column reset - triggers issue with existing columns"
...
This reverts commit f479fae6aa
.
2012-06-25 13:52:47 -07:00
sinn3r
063a2119a3
Merge branch 'iis_auth_bypass' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-iis_auth_bypass
2012-06-25 15:51:33 -05:00
sinn3r
f93658b37a
Minor name change
2012-06-25 15:51:02 -05:00
sinn3r
637edc21ce
Add CVE-2010-2731
2012-06-25 15:48:36 -05:00
sinn3r
361ca2b4ae
Merge branch 'php_reverse_tcp_fix' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-php_reverse_tcp_fix
2012-06-25 14:19:17 -05:00
HD Moore
4dbdadfa3d
Merge pull request #523 from alexmaloteaux/fixmsfvenom
...
Fix msfvenom to correctly generate elf binaries for bsd and solaris platform
2012-06-25 11:55:49 -07:00