sinn3r
b527356e00
This check can be handy
2012-07-22 03:34:16 -05:00
jvazquez-r7
beb1fbb55d
Added module for Simple Web Server Connection header bof
2012-07-21 12:07:36 +02:00
HD Moore
7f3aeca501
Put lipstick on this pig for the time being
2012-07-15 21:35:29 -05:00
sinn3r
24c57b61a8
Add juan as an author too for improving the module a lot
2012-07-06 10:41:06 -05:00
jvazquez-r7
9fecc80459
User of TARGETURI plus improve of description
2012-07-06 15:47:25 +02:00
jvazquez-r7
7751c54a52
references updates
2012-07-06 11:56:03 +02:00
jvazquez-r7
f8ca5b4234
Revision of pull request #562
2012-07-06 11:52:43 +02:00
sinn3r
a3d74f5b10
Correct dead milw0rm references
2012-06-30 16:50:04 -05:00
sinn3r
e5dd6fc672
Update milw0rm references.
...
milw0rm.com is long gone, so all milw0rm references are just
a bunch of broken links. Change to exploit-db instead.
2012-06-28 14:27:12 -05:00
sinn3r
7c9a8ba699
Add OSVDB reference
2012-06-28 02:09:12 -05:00
sinn3r
d85ce8db5c
Update CVEs for HTTP exploits
2012-06-28 00:00:53 -05:00
HD Moore
348a0b8f6e
Merge branch 'master' into feature/vuln-info
2012-06-24 23:00:13 -05:00
jvazquez-r7
6be7ba98aa
ezserver_http: added bid reference
2012-06-20 22:08:58 +02:00
HD Moore
f7ecc98923
Merge branch 'master' into feature/vuln-info
2012-06-20 13:34:53 -05:00
HD Moore
d40e39b71b
Additional exploit fail_with() changes to remove raise calls
2012-06-19 19:43:41 -05:00
Tod Beardsley
3b1c434252
Remove trailing space
2012-06-19 16:44:07 -05:00
HD Moore
fb7f6b49f0
This mega-diff adds better error classification to existing modules
2012-06-19 12:59:15 -05:00
sinn3r
4987acc703
Correct e-mail format, description, and some commas.
2012-06-18 18:52:26 -05:00
jvazquez-r7
2df237b066
minor fixes
2012-06-18 22:44:17 +02:00
modpr0be
d706199a83
fix all changes suggested by jvazquez-r7
2012-06-19 02:05:25 +07:00
jvazquez-r7
a8a4594cd4
Documenting esi alignment plus using target_uri.to_s
2012-06-16 09:26:22 +02:00
jvazquez-r7
1d121071f3
Prepend nops to raw payload in encoder if needed
2012-06-15 09:59:10 +02:00
jvazquez-r7
091b3bbbd9
Added module plus encoder for CVE-2012-2329
2012-06-15 00:29:52 +02:00
sinn3r
a071d2805e
Fix the rest of possible nil res bugs I've found
2012-06-04 14:56:27 -05:00
Christian Mehlmauer
3752c10ccf
Adding FireFart's RPORT(80) cleanup
...
This was tested by creating a resource script to load every changed
module and displaying the options, like so:
````
use auxiliary/admin/2wire/xslt_password_reset
show options
use auxiliary/admin/http/contentkeeper_fileaccess
show options
````
...etc. This was run in both the master branch and FireFart's branch
while spooling out the results of msfconsole, then diffing those
results. All modules loaded successfully, and there were no changes to
the option sets, so it looks like a successful fix.
Thanks FireFart!
Squashed commit of the following:
commit 7c1eea53fe3743f59402e445cf34fab84cf5a4b7
Author: Christian Mehlmauer <FireFart@gmail.com>
Date: Fri May 25 22:09:42 2012 +0200
Cleanup Opt::RPORT(80) since it is already registered by Msf::Exploit::Remote::HttpClient
2012-06-02 09:53:19 -05:00
sinn3r
18c8314d79
Change unknown authors to "Unknown".
...
Since "Anonymous" has become a well known organization, the meaning of the
term also may cause confusion. In order to clarify, we correct unknown
authors to simply "Unknown".
2012-05-26 15:23:09 -05:00
sinn3r
7b0fbaed23
Merge pull request #417 from wchen-r7/rabidhamster
...
Add OSVDB-79007 - RabidHamster R4 Log Entry BoF
2012-05-25 01:11:17 -07:00
sinn3r
d595f908fc
Add OSVDB-79007
2012-05-25 03:06:28 -05:00
Tod Beardsley
675dfe4e14
Don't keep the weblogi return codes secret
2012-05-21 11:27:24 -05:00
sinn3r
f9bcb95952
Correct EDB references
2012-05-19 02:24:29 -05:00
jvazquez-r7
bedf010676
description modified
2012-05-18 01:23:09 +02:00
jvazquez-r7
e7f5bf132c
trying to improve bea weblogic connector bof
2012-05-18 01:13:56 +02:00
sinn3r
c0d17734ed
Improve run-on sentences.
2012-05-17 15:00:00 -05:00
jvazquez-r7
c4ab521d7b
better tab indentation
2012-05-17 21:41:31 +02:00
jvazquez-r7
a21e832336
fingerprinting bea connector with Transfer-Encoding
2012-05-17 19:21:16 +02:00
jvazquez-r7
9a5e4d6500
Added target BEA Weblogic 8.1 SP4
2012-05-17 11:07:22 +02:00
jvazquez-r7
445bd90afb
Added module for CVE-2008-3257
2012-05-17 10:28:18 +02:00
Tod Beardsley
65800f7c6e
Whitespace on solarwinds
2012-05-09 12:47:22 -05:00
HD Moore
f6c88377f4
Fixes #362 by changing the exitfunction arguments to be the correct type
2012-05-07 02:41:08 -05:00
Steve Tornio
ba4ae384d7
add osvdb ref
2012-05-05 10:14:07 -05:00
sinn3r
d5d35551ab
Add EDB reference
2012-05-04 00:11:29 -05:00
sinn3r
25b11a02b5
Update the comment for check()
2012-05-03 20:37:36 -05:00
sinn3r
4bf674ece6
Pff, and of course, I had to make a typo on that one
2012-05-03 20:34:52 -05:00
sinn3r
1a4d3f849c
A little change to the description
2012-05-03 20:33:28 -05:00
sinn3r
7ca69f00b0
Add Solarwinds Storage Manager 5.1.0 SQL Injection (code execution)
2012-05-03 20:24:42 -05:00
sinn3r
4c72193922
Fix undefined method `[something]' for nil:NilClass
2012-04-24 01:46:03 -05:00
sinn3r
1e2203867c
Repair 'no encoders encoded the buffer successfully' issues
2012-04-16 13:43:25 -05:00
sinn3r
05eba0ab4c
Cosmetic changes, mostly :-)
2012-04-07 14:47:23 -05:00
juan
938d5d0a75
added references for cve-2012-1196
2012-04-07 20:22:59 +02:00
juan
ee7bce5995
deletion of the ASP script
2012-04-07 20:19:45 +02:00