504d52cc64
new version bump
...
going with 0.16.0 for this update
2013-06-04 10:17:16 -05:00
3111013991
Minor cleanup for miniupnpd_soap_bof
2013-06-04 08:53:52 -05:00
6497e5c7a1
Move exploit under the linux tree
2013-06-04 08:53:18 -05:00
0bf2f51622
Land #1843 , @viris exploit for CVE-2013-0230
2013-06-04 08:52:09 -05:00
8ced3483de
Deleted some undeeded comments and used the text_rand function rather than static values.
2013-06-04 08:44:47 +02:00
ad87065b9a
Land #1904 - Undefined variable 'path' in tomcat_deploy_mgr.rb
2013-06-04 01:35:13 -05:00
71bc06d576
Fix undefined variable in tomcat_mgr_deploy.rb
...
Exploit failed (multi/http/tomcat_mgr_deploy): NameError undefined
local variable or method `path' for #<Msf...>
[06/04/2013 10:14:03] [d(3)] core: Call stack:
modules/exploits/multi/http/tomcat_mgr_deploy.rb:253:in `exploit'
lib/msf/core/exploit_driver.rb:205:in `job_run_proc'
lib/msf/core/exploit_driver.rb:166:in `run'
lib/msf/base/simple/exploit.rb:136:in `exploit_simple'
lib/msf/base/simple/exploit.rb:161:in `exploit_simple'
lib/msf/ui/console/command_dispatcher/exploit.rb:111:in `cmd_exploit'
lib/rex/ui/text/dispatcher_shell.rb:427:in `run_command'
lib/rex/ui/text/dispatcher_shell.rb:389:in `block in run_single'
lib/rex/ui/text/dispatcher_shell.rb:383:in `each'
lib/rex/ui/text/dispatcher_shell.rb:383:in `run_single'
lib/rex/ui/text/shell.rb:200:in `run'
lib/msf/ui/web/console.rb:71:in `block in initialize'
lib/msf/core/thread_manager.rb💯 in `call'
lib/msf/core/thread_manager.rb💯 in `block in spawn'
Uses path instead of path_tmp in error messages.
2013-06-04 11:19:28 +10:00
30a019e422
Land #1891 , @wchen-r7's improve for ie_cgenericelement_uaf
2013-06-03 15:35:43 -05:00
055e0a222c
Land #1902 , OSVDB reference for memcached
2013-06-03 14:57:43 -05:00
4cf682691c
New module title and description fixes
2013-06-03 14:40:38 -05:00
b087951118
Add OSVDB reference 92867 for Memcached DoS module
2013-06-03 12:41:33 -05:00
116e2bb418
Landing #1782 - Added Memcached Remote Denial of Service module
2013-06-03 12:30:37 -05:00
3d9dcbf5bd
Add a check to see if the host is down
2013-06-03 12:26:57 -05:00
423a33b1fc
Added firefox pw decryption support
2013-06-03 13:13:59 -04:00
c705928052
Landing #1899 - Add OSVDB ref 85462 for esva_exec.rb
2013-06-03 10:40:31 -05:00
9818a42235
Landing #1898 - Add OSVDB ref 77183 for vcms_upload.rb
2013-06-03 10:39:18 -05:00
f6b9e926d5
Merge pull request #1901 from dmaloney-r7/feature/task_assoc/reports
...
Passing locally, was only failing on the lack of 0.15.2 MDM, which is now pushed to RubyGems. Failing now on an unrelated rake install issue, not sure what's up with Travis.
2013-06-03 08:22:29 -07:00
37f7e36fda
bump mdm version to 0.15.2
...
This changes does not really affect framework
it is a change for pro functionality
just keeping us inline
2013-06-03 08:51:36 -05:00
76faba60b7
add osvdb ref 85462
2013-06-03 06:16:43 -05:00
e612a3d017
add osvdb ref 77183
2013-06-03 05:42:56 -05:00
df20e79375
Deleted the handle because it's not required and check() function.
2013-06-03 10:18:43 +02:00
36f275d71a
Changed the send_request_raw into send_request_cgi function.
2013-06-03 10:06:24 +02:00
675fbb3045
Deleted the DoS UPnP modules, because they are not relevant to the current branch.
2013-06-03 09:45:29 +02:00
e8752e1400
Merge branch 'module-cve-2013-0230' of ssh://github.com/viris/metasploit-framework into module-cve-2013-0230
2013-06-03 09:41:26 +02:00
1ceed1e44a
Added corrected MiniUPnP module.
2013-06-03 09:37:04 +02:00
d656360c24
Added CVE-2013-0230 for MiniUPnPd 1.0 stack overflow vulnerability
2013-06-03 09:37:03 +02:00
39e4573d86
Added CVE-2013-0229 for MiniUPnPd < 1.4
2013-06-03 09:37:03 +02:00
e74c1d957f
Landing #1897 - Add OSVDB ref 93444 for mutiny_frontend_upload.rb
2013-06-03 02:15:35 -05:00
093830d725
Landing #1896 - Add OSVDB ref 82925 for symantec_web_gateway_exec.rb
2013-06-03 02:13:34 -05:00
57f9cc3643
Landing #1895 - Add OSVDB ref 56992 for sock_sendpage.rb
2013-06-03 02:12:23 -05:00
e8f32f4e5e
Landing #1894 - Change print_status to print_good when SVN entries are found
2013-06-03 02:10:55 -05:00
c2c630c338
add osvdb ref 93444
2013-06-02 21:03:44 -05:00
bc993b76fc
add osvdb ref 82925
2013-06-02 20:43:16 -05:00
ae17e9f7b5
add osvdb ref 56992
2013-06-02 18:32:46 -05:00
571b62d19d
svn scanner added print_good and rport
2013-06-02 18:05:11 -04:00
cb33c5685f
Landing #1890 - Oracle WebCenter Content openWebdav() vulnerability
2013-06-02 12:35:40 -05:00
866ebf771b
Landing #1892 - Add OSVDB reference (93287)
2013-06-02 12:23:17 -05:00
61c8861fcf
add osvdb ref
2013-06-02 08:33:42 -05:00
cc951e3412
Modifies the exploit a little for better stability
...
This patch makes sure the LFH is enabled before the CGenericElement
object is created. Triggers is also modified a little.
2013-06-02 03:02:42 -05:00
1917961904
Land #1888 , @swtornio's update for OSVDB references
2013-06-01 16:36:59 -05:00
1c4472a936
Land #1889 , @swtornio update for OSVDB references
2013-06-01 16:32:37 -05:00
5939ca8ce4
Add analysis at the end of the module
2013-06-01 15:59:17 -05:00
9be8971bb0
Add module for ZDI-13-094
2013-06-01 15:44:01 -05:00
8671ae9de7
add osvdb ref
2013-06-01 14:27:50 -05:00
64bc6b5c2b
Migrate factories to mdm
...
let mdm handle msot of the factories
2013-06-01 14:25:30 -05:00
d48bca2c70
Gemfile and schema changes
2013-06-01 14:09:40 -05:00
80f1e98952
added osvdb refs
2013-06-01 07:04:43 -05:00
e634672244
Land #1887 , ibm spss zdi reference
2013-05-31 21:33:04 -05:00
f8e9535c39
Add ZDI reference
2013-05-31 20:50:53 -05:00
d679946b7f
Landing #1713 - add_sub encoder for x86 payloads
2013-05-31 18:49:08 -05:00
David Maloney
jvazquez-r7
Dejan Lukan
sinn3r
Ruslaideemin
William Vu
Tod Beardsley
xard4s
Samuel Huckins
Steve Tornio
CG
James Lee