Tod Beardsley
b4b7cecaf4
Various minor desc fixes, also killed some tabs.
2013-09-16 15:50:00 -05:00
sinn3r
67cd62f306
Land #2366 - HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload
2013-09-16 01:44:23 -05:00
jvazquez-r7
54e9cd81f3
Add module for ZDI-13-226
2013-09-13 17:31:51 -05:00
jvazquez-r7
10303a8c2a
Delete debug print_status
2013-09-13 17:05:23 -05:00
jvazquez-r7
dca4351303
Add check function
2013-09-13 16:51:14 -05:00
jvazquez-r7
f7c4e081bb
Add module for ZDI-13-225
2013-09-13 16:40:28 -05:00
Tod Beardsley
aff35a615b
Grammar fixes in descriptions
2013-09-09 15:09:53 -05:00
jvazquez-r7
7d4bf0c739
Retab changes for PR #2327
2013-09-05 23:25:41 -05:00
jvazquez-r7
34b499588b
Merge for retab
2013-09-05 23:24:22 -05:00
jvazquez-r7
5c06a471f9
Get the call result
2013-09-05 08:33:35 -05:00
jvazquez-r7
3681955f68
Use Msf::Config.data_directory
2013-09-05 08:28:50 -05:00
jvazquez-r7
6b1d7545d6
Refactor, avoid duplicate code
2013-09-05 08:26:49 -05:00
jvazquez-r7
b6245eea72
Update target info
2013-09-04 16:43:26 -05:00
jvazquez-r7
34b3ee5e17
Update ranking and description
2013-09-04 16:10:15 -05:00
jvazquez-r7
94125a434b
Add module for ZDI-13-205
2013-09-04 15:57:22 -05:00
Tab Assassin
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
Tod Beardsley
15b741bb5f
Require the powershell mixin explicitly
2013-08-27 10:36:51 -05:00
Tod Beardsley
6b15a079ea
Update for grammar in descriptions on new modules.
2013-08-26 14:52:51 -05:00
sinn3r
7b5e98d57e
Land #2269 - Oracle Endeca Server Remote Command Execution
2013-08-23 15:40:31 -05:00
jvazquez-r7
ad214da3de
Switch to powershell to exec payload
2013-08-23 14:39:29 -05:00
jvazquez-r7
a45f49e3b7
Use a new Ranking
2013-08-23 08:49:58 -05:00
jvazquez-r7
965e2d88fe
Use normalize_uri
2013-08-21 16:49:24 -05:00
jvazquez-r7
b72566b8aa
Add module for ZDI-13-190
2013-08-21 12:47:47 -05:00
Tod Beardsley
ca313806ae
Trivial grammar and word choice fixes for modules
2013-08-19 13:24:42 -05:00
sinn3r
a75a4906f2
Description update
2013-08-16 23:28:24 -05:00
jvazquez-r7
a8cc15db20
Add module for ZDI-13-178
2013-08-16 18:13:18 -05:00
HD Moore
6c1ba9c9c9
Switch to Failure vs Exploit::Failure
2013-08-15 14:14:46 -05:00
sinn3r
98e0053dc6
Fix indent level
2013-08-14 13:07:01 -05:00
bcoles
7145a85fb4
Add MiniWeb (Build 300) Arbitrary File Upload
2013-08-15 01:01:46 +09:30
jvazquez-r7
568181de84
Add sthetic spaces
2013-08-12 22:33:34 -05:00
jvazquez-r7
6d70d4924e
Land #2206 , @PsychoSpy module for OSVDB 94097
2013-08-12 22:27:03 -05:00
jvazquez-r7
7981601eb8
Do final cleanup on intrasrv_bof
2013-08-12 22:24:53 -05:00
sinn3r
2d3c2c1c87
Set default target to 0 because there's only one
2013-08-12 20:01:23 -05:00
sinn3r
51d9c59dcd
Extra tabs, bye
2013-08-12 19:13:20 -05:00
Nathan Einwechter
db78ffcc46
...
2013-08-12 18:21:10 -04:00
Nathan Einwechter
49bcec5c92
Additional cleanup
2013-08-12 18:20:03 -04:00
Nathan Einwechter
7014322dfd
Code cleanup
2013-08-12 18:16:00 -04:00
Nathan Einwechter
264fe32705
Added new badchars
2013-08-12 18:08:49 -04:00
Nathan Einwechter
bbc93b2a58
msftidy
2013-08-12 15:14:01 -04:00
Nathan Einwechter
28f030494e
Use tcp mixin/clean corrupt bytes
2013-08-12 15:12:15 -04:00
Nathan Einwechter
7854c452d2
Added more payload padding
2013-08-12 11:10:10 -04:00
Nathan Einwechter
9f33a59dc2
Fix target ret
2013-08-12 11:04:55 -04:00
Nathan Einwechter
6f96445b42
Change target ret/cleanup
2013-08-12 10:13:48 -04:00
Nathan Einwechter
a35d548979
Use HttpClient
2013-08-12 10:01:01 -04:00
Nathan Einwechter
896320ed42
fix typo
2013-08-11 16:48:43 -04:00
Nathan Einwechter
4b14fa53e0
tidy debugs
2013-08-11 16:39:41 -04:00
Nathan Einwechter
90ef224c46
Implement CVE-2012-5019
2013-08-11 16:33:40 -04:00
Nathan Einwechter
185ef2ecae
msftidy
2013-08-10 16:01:44 -04:00
Nathan Einwechter
6fe4e3dd0e
Added Intrasrv 1.0 BOF
2013-08-10 15:56:07 -04:00
Markus Wulftange
8cc07cc571
Merge Linux and Windows exploit in multi platform exploit
2013-08-02 18:49:03 +02:00
Ruslaideemin
f927d1d7d3
Increase exploit reliability
...
From some limited testing, it appears that this exploit is
missing \x0d\x0a in the bad chars. If the generated payload / hunter
or egg contain that combination, it seems to cause reliability issues
and exploitation fails.
The home page for this software can be found at
http://www.leighb.com/intrasrv.htm
2013-08-02 09:06:20 +10:00
Markus Wulftange
4a127c2ed2
Add hp_sys_mgmt_exec module for Linux and enhance module for Windows
...
The hp_sys_mgmt_exec module for Linux is a port of the Windows module with minor changes due to the requirement of quotes. It also uses Perl instead of PHP as PHP may not always be in the environment PATH. Although the Windows module works perfectly, it now uses the same technique to encode the command (thankfully, PHP adopted major syntax characteristics and functions from Perl).
2013-07-31 22:05:25 +02:00
Tod Beardsley
7e539332db
Reverting disaster merge to 593363c5f
with diff
...
There was a disaster of a merge at 6f37cf22eb
that is particularly
difficult to untangle (it was a bad merge from a long-running local
branch).
What this commit does is simulate a hard reset, by doing thing:
git checkout -b reset-hard-ohmu
git reset --hard 593363c5f9
git checkout upstream-master
git checkout -b revert-via-diff
git diff --no-prefix upstream-master..reset-hard-ohmy > patch
patch -p0 < patch
Since there was one binary change, also did this:
git checkout upstream-master data/exploits/CVE-2012-1535/Main.swf
Now we have one commit that puts everything back. It screws up
file-level history a little, but it's at least at a point where we can
move on with our lives. Sorry.
2013-07-29 21:47:52 -05:00
jvazquez-r7
99a345f8d1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-22 13:54:26 -05:00
Tod Beardsley
164153f1e6
Minor updates to titles and descriptions
2013-07-22 13:04:54 -05:00
jvazquez-r7
15b0e39617
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-21 13:47:40 -05:00
jvazquez-r7
cb108a8253
Add module for ZDI-13-147
2013-07-18 15:37:11 -05:00
jvazquez-r7
1a5e0e10a5
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-18 13:53:57 -05:00
sinn3r
b90e1d54e2
Land #2117 - HP Managed Printing Administration jobAcct Command Exec
2013-07-18 13:21:11 -05:00
sinn3r
280529f885
Make some changes to the description
2013-07-18 13:20:36 -05:00
jvazquez-r7
52079c960f
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-18 12:52:42 -05:00
sinn3r
b94cde1d65
Name change for pyoor
2013-07-18 10:50:25 -05:00
jvazquez-r7
3780b1b59f
Add module for ZDI-11-352
2013-07-18 09:39:55 -05:00
jvazquez-r7
90b30dc317
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-26 14:31:52 -05:00
Steve Tornio
6ea622c45e
reference updates
2013-06-26 09:44:56 -05:00
jvazquez-r7
7ab4d4dcc4
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-25 17:34:29 -05:00
Steve Tornio
5b71013dde
reference updates
2013-06-25 13:41:22 -05:00
jvazquez-r7
0c306260be
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-25 09:13:01 -05:00
sinn3r
4df943d1a2
CVE and OSVDB update
2013-06-25 02:06:20 -05:00
jvazquez-r7
2150d9efb0
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-22 12:06:18 -05:00
sinn3r
5de7fff685
Credit
2013-06-21 21:38:40 -05:00
Markus Wulftange
afa0e6c42a
Use CmdStagerVBS instead of CmdStagerTFTP
...
By using `php.exe` as stager, the bad characters can be completely
bypassed. This allows the use of the CmdStagerVBS, which should be
working on all supported Windows systems.
2013-06-22 01:13:03 +02:00
jvazquez-r7
785639148c
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-20 17:18:42 -05:00
sinn3r
8dfe9b5318
Add login feature
2013-06-20 04:16:23 -05:00
sinn3r
ebde05b783
Improve check
2013-06-20 03:18:33 -05:00
sinn3r
20621d17de
Add CVE-2013-3576 - HP System Management Homepage exploit
2013-06-20 03:08:42 -05:00
jvazquez-r7
b20a38add4
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-10 12:22:52 -05:00
Tod Beardsley
f58e279066
Cleanup on module names, descriptions.
2013-06-10 10:52:22 -05:00
jvazquez-r7
e5a17ba227
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-05 09:41:23 -05:00
sinn3r
0c1d46c465
Add more references
2013-06-05 02:43:43 -05:00
sinn3r
46aa6d38f8
Add a check for it
2013-06-05 02:41:03 -05:00
sinn3r
a270d37306
Take apart the version detection code
2013-06-05 02:34:35 -05:00
sinn3r
25fe03b981
People like this format better: IP:PORT - Message
2013-06-05 02:26:18 -05:00
sinn3r
02e29fff66
Make msftidy happy
2013-06-05 02:25:08 -05:00
sinn3r
35459f2657
Small name change, don't mind me
2013-06-05 02:18:11 -05:00
sinn3r
227fa4d779
Homie needs a default target
2013-06-05 02:16:59 -05:00
steponequit
ed4766dc46
initial commit of novell mdm modules
2013-06-04 09:20:10 -07:00
jvazquez-r7
0f3b13e21d
up to date
2013-05-16 15:02:41 -05:00
James Lee
3009bdb57e
Add a few more references for those without
2013-05-16 14:32:02 -05:00
jvazquez-r7
352a7afcd6
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-14 22:29:24 -05:00
jvazquez-r7
ce594a3ba2
Deprecate modules/exploits/windows/http/sap_mgmt_con_osexec_payload
2013-05-12 08:46:40 -05:00
jvazquez-r7
a4632b773a
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-28 12:59:16 -05:00
jvazquez-r7
99b46202b9
Do final cleanup for sap_configservlet_exec_noauth
2013-04-26 08:45:34 -05:00
jvazquez-r7
308b880d79
Land #1759 , @andrewkabai's exploit for SAP Portal Command Execution
2013-04-26 08:44:11 -05:00
Andras Kabai
5839e7bb16
simplify code
2013-04-26 12:14:42 +02:00
Andras Kabai
4aadd9363d
improve description
2013-04-26 12:13:45 +02:00
sinn3r
f3f60f3e02
Fixes P/P/R for target 0 (BadBlue 2.72b)
...
Target 1, which covers 2.72b, uses an invalid P/P/R from some unknown
DLL, and appears to be broken. Because 2.72b actually uses the same
ext.dll as BadBlue EE 2.7 (and that target 0 actually also works
against 2.72b), we might as well just use the same P/P/R again.
[FixRM #7875 ]
2013-04-25 20:20:24 -05:00
Andras Kabai
9dd9b2d1ba
implement cleanup functionality
...
register DELETE_FILES advanced option to take control of the cleanup
functionality of CmdStagerVBS and FileDropper, implement the necessary
changes
2013-04-25 20:02:24 +02:00
Andras Kabai
a28ef1847b
update references
2013-04-25 18:26:13 +02:00
Andras Kabai
676f2f5f4a
implement "check" functionality
2013-04-25 07:47:30 +02:00
Andras Kabai
3b46d5d4cd
fix typos
2013-04-25 07:22:16 +02:00
Andras Kabai
2759ef073e
correction on error handling
2013-04-25 07:19:27 +02:00
Andras Kabai
6b14ac5e71
add rank to module
2013-04-25 07:07:35 +02:00
Andras Kabai
f22d19a10c
remove unused code block
...
ARCH_CMD was implemented in previous version of this code.
2013-04-24 21:51:35 +02:00
Andras Kabai
0339be229a
implement dynamic timeout handling
2013-04-24 18:22:37 +02:00
Andras Kabai
6f8fc81497
improve error handling
2013-04-24 17:59:11 +02:00
Andras Kabai
57113bee80
fine correction
...
add license
remove one unnecessary tab to make msftidy happy
2013-04-24 15:07:32 +02:00
Andras Kabai
6485124cdf
fix module name
2013-04-24 10:54:52 +02:00
Andras Kabai
358b8934bf
clarify description
2013-04-24 10:31:40 +02:00
Andras Kabai
00e6eeca54
implement command line magick to prevent bad char usage
...
commas in the HTTP queries are not allowed but the VBS stager contains
some, therefore it was necessary to find a way to echo out commas
without directly use them.
thanks to Laszlo Toth to help me figure out this windows command line
trick.
2013-04-24 09:46:36 +02:00
Andras Kabai
783cca6c17
allow only ARCH_X86 payloads
2013-04-24 09:29:47 +02:00
Andras Kabai
750638e4d6
note on bad characters
2013-04-22 17:24:08 +02:00
Andras Kabai
a1e52b5b27
command execution needs cmd /c
2013-04-22 10:20:45 +02:00
Andras Kabai
d26289e05a
proper output handling in case of CMD payloads
2013-04-20 17:38:58 +02:00
Andras Kabai
d59ba37e6d
resize linemax
2013-04-20 17:37:50 +02:00
Andras Kabai
e36b58169b
implement CmbStagerVBS payload execution
2013-04-20 16:37:47 +02:00
Andras Kabai
8244c4dcac
multiple payload types, different paths to execute payloads
2013-04-20 14:20:30 +02:00
Andras Kabai
7b6a784a84
basic payload execution through OS command execution
2013-04-20 13:02:22 +02:00
Andras Kabai
223556a4e6
switch to exploit module environment
...
switch to Msf::Exploit, change the necessary declarations, start to
change the exploitation process
2013-04-20 12:30:44 +02:00
Andras Kabai
cff47771a2
initial commit
...
the original aux module will be the base of the exploit module
2013-04-20 11:32:05 +02:00
jvazquez-r7
cc35591723
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-15 17:43:15 -05:00
Tod Beardsley
29101bad41
Removing VERBOSE offenders
2013-04-15 15:29:56 -05:00
jvazquez-r7
393d5d8bf5
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-03-25 19:09:42 +01:00
jvazquez-r7
d54687cb37
fix typo
2013-03-25 00:58:47 +01:00
jvazquez-r7
26b43d9ed2
Added module for ZDI-13-050
2013-03-25 00:54:30 +01:00
jvazquez-r7
8f9c4f62c8
up to date
2013-03-12 16:50:45 +01:00
James Lee
2160718250
Fix file header comment
...
[See #1555 ]
2013-03-07 17:53:19 -06:00
David Maloney
0ae489b37b
last of revert-merge snaffu
2013-02-19 23:16:46 -06:00
Tod Beardsley
8ddc19e842
Unmerge #1476 and #1444
...
In that order. #1476 was an attempt to salvage the functionality, but
sinn3r found some more bugs. So, undoing that, and undoing #1444 as
well.
First, do no harm. It's obvious we cannot be making sweeping changes in
libraries like this without a minimum of testing available. #1478 starts
to address that, by the way.
FixRM #7752
2013-02-11 20:49:55 -06:00
David Maloney
4c1e630bf3
BasicAuth datastore cleanup
...
cleanup all the old BasicAuth datastore options
2013-02-04 13:02:26 -06:00
David Maloney
2c3de43f4b
datastore opts cleanup
...
cleanuo digestauth datastore options in modules
2013-02-04 12:10:44 -06:00
sinn3r
1a01d6d033
Fix scrutinizer checks
2013-01-31 14:48:54 -06:00
egypt
5332e80ae9
Fix errant use of .to_s instead of .path
2013-01-31 14:18:42 -06:00
sinn3r
4de5e475c3
Fix check
2013-01-31 02:15:50 -06:00
sinn3r
c174e6a208
Correctly use normalize_uri()
...
normalize_uri() should be used when you're joining URIs. Because if
you're merging URIs after it's normalized, you could get double
slashes again.
2013-01-30 23:23:41 -06:00
Tod Beardsley
33751c7ce4
Merges and resolves CJR's normalize_uri fixes
...
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules
Note that this trips all kinds of msftidy warnings, but that's for another
day.
Conflicts:
modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
modules/exploits/windows/http/xampp_webdav_upload_php.rb
2013-01-07 11:16:58 -06:00
Christian Mehlmauer
8f2dd8e2ce
msftidy: Remove $Revision$
2013-01-04 00:48:10 +01:00
Christian Mehlmauer
25aaf7a676
msftidy: Remove $Id$
2013-01-04 00:41:44 +01:00
HD Moore
b3c0c6175d
FixRM #3398 by removing double user-agent headers
2012-12-20 14:45:18 -06:00
Tod Beardsley
10511e8281
Merge remote branch 'origin/bug/fix-double-slashes'
...
Ran the new normalize_uri() specs, all passes, so I'm quite confident in
this change.
2012-12-17 13:29:19 -06:00
jvazquez-r7
2eb4de815d
added c# code by Nicolas Gregoire
2012-12-11 16:33:41 +01:00
sinn3r
f5193b595c
Update references
2012-12-10 11:42:21 -06:00
sinn3r
fafdcbaae1
Vuln discovered by Rich.
...
See: https://twitter.com/webstersprodigy/status/277087755073380353
2012-12-07 10:42:45 -06:00
jvazquez-r7
5548bebb16
embeding payload on the c# script
2012-12-04 17:44:55 +01:00
jvazquez-r7
3f3bdb8473
my editor...
2012-12-03 21:45:26 +01:00
jvazquez-r7
8a9ad4253a
comment about the original discoverer updated
2012-12-03 21:44:35 +01:00
jvazquez-r7
2cb824d62d
Added module for CVE-2012-5357
2012-12-03 20:12:02 +01:00
Chris John Riley
f88ec5cbc8
Add normalize_uri to modules that may have
...
been missed by PULL 1045.
Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)
ref --> https://github.com/rapid7/metasploit-framework/pull/1045
2012-11-08 17:42:48 +01:00
HD Moore
36066f8c78
Catch a few stragglers for double slash
2012-11-08 07:21:37 -06:00
HD Moore
4d2147f392
Adds normalize_uri() and fixes double-slash typos
2012-11-08 07:16:51 -06:00
jvazquez-r7
04668c7d61
fix response codes check to avoid second tries to fail
2012-11-05 09:26:26 +01:00
sinn3r
799c22554e
Warn user if a file/permission is being modified during new session
2012-10-24 00:54:17 -05:00
Michael Schierl
910644400d
References EDB cleanup
...
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
Michael Schierl
f9ac55c221
Infohash key cleanups
...
Replace obvious typos in infohash keys. Note that this *does*
affect the behaviour as those keys have been ignored before.
2012-10-22 21:24:36 +02:00
Michael Schierl
e9f7873afc
Version cleanup
...
Remove all values that are neither 0 nor $Revision$.
2012-10-22 20:57:02 +02:00
sinn3r
abb4bdd408
metadata formatting, and a little res gotcha
2012-10-08 15:00:51 -05:00
jvazquez-r7
ef9d627e13
Added module for ZDI-12-106
2012-10-08 20:04:01 +02:00
David Maloney
f75ff8987c
updated all my authour refs to use an alias
2012-09-19 21:46:14 -05:00
jvazquez-r7
9a83c7c338
changes according to egypt review
2012-09-14 18:47:50 +02:00
jvazquez-r7
eae571592c
Added rgod email
2012-09-14 17:45:16 +02:00
jvazquez-r7
a2649dc8d1
fix typo
2012-09-14 17:10:41 +02:00
jvazquez-r7
e27d5e2eb7
Description improved
2012-09-14 17:08:59 +02:00
jvazquez-r7
9c77c15cf5
Added module for osvdb 85087
2012-09-14 16:54:28 +02:00
jvazquez-r7
b4113a2a38
hp_site_scope_uploadfileshandler is now multiplatform
2012-09-06 12:54:51 +02:00
jvazquez-r7
2f87af1c3a
add some checks while parsing the java serialization config file
2012-09-05 20:58:55 +02:00
jvazquez-r7
b2116e2394
cleanup, test, add on_new_session handler and osvdb references
2012-09-05 20:54:25 +02:00
jvazquez-r7
406202fc81
Added module for ZDI-12-174
2012-09-05 12:56:09 +02:00
jvazquez-r7
f439f256b5
Debug line deleted on
2012-08-30 00:18:07 +02:00
sinn3r
c3159e369a
A lot gotcha
...
When res is nil, that condition can fall into the 'else' clause.
If that happens, we can trigger a bug when we try to read res.code.
2012-08-29 14:46:35 -05:00
jvazquez-r7
6a24e042f9
fixing indentation
2012-08-29 16:17:56 +02:00
jvazquez-r7
2ed712949e
Added check function
2012-08-29 16:12:11 +02:00
jvazquez-r7
72cb39925a
Added exploit for OSVDB 84821
2012-08-29 12:17:44 +02:00
sinn3r
1b6fe22359
Give proper credit to Craig plus additional references
...
Craig first found the buffer overflow. But Matt found a more
reliable way to exploit the flaw.
2012-08-21 22:48:15 -05:00
jvazquez-r7
3da8a59cf0
a little cleanup plus complete metadata
2012-08-20 22:42:54 +02:00
Matt Andreko
d226135986
Code Review Feedback
...
Removed trailing spaces and fixed indenting.
2012-08-20 10:41:42 -04:00
Matt Andreko
d82493a658
Code Review Feedback
...
Added 'Space' payload option, which in turn also required 'DisableNops'
Added/Corrected documentation for return addresses
2012-08-19 22:09:08 -04:00
Matt Andreko
bd249d1f28
Fixed exploit and made code review changes
...
The exploit was not working due to the user's root path causing
the EIP offset to change. To correct this, I was able to get
the server to disclose the root path in an error message (fixed in
5.67). I also radically refactored the exploit due to the feedback
I received from Juan Vazquez.
2012-08-19 10:01:03 -04:00
Matt Andreko
6dfe706860
Merge remote-tracking branch 'upstream/master' into sysax_create_folder
2012-08-19 09:58:04 -04:00
sinn3r
6059bb5710
Merge branch 'cyclope' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-cyclope
2012-08-13 11:40:46 -05:00
sinn3r
f9b5f321cb
ADD OSVDB-84517
2012-08-12 17:56:18 -05:00
jvazquez-r7
bf04e2dded
Added module for CVE-2011-2653
2012-08-12 18:27:56 +02:00
sinn3r
b46fb260a6
Comply with msftidy
...
*Knock, knock!* Who's there? Me, the msftidy nazi!
2012-08-07 15:59:01 -05:00
sinn3r
57c32c9c7b
Slip Plixer's name in there, because it's their product.
2012-08-07 12:20:44 -05:00
jvazquez-r7
c2cc4b3b15
juan author name updated
2012-08-06 18:59:16 +02:00
Steve Tornio
eb963ae52a
add osvdb ref
2012-08-05 09:01:46 -05:00
Tod Beardsley
d5b165abbb
Msftidy.rb cleanup on recent modules.
...
Notably, DisclosureDate is required for other module parsers, so let's
not ignore those, even if you have to guess at the disclosure or call
the module's publish date the disclosure date.
2012-08-04 12:18:00 -05:00
sinn3r
6ae863cdff
Forgot two extra spaces, how dare me!
2012-08-01 15:11:33 -05:00
sinn3r
92d1d26288
Add CVE-2012-2962 : Dell SonicWall Scrutinizer exploit
2012-08-01 15:00:24 -05:00
Matt Andreko
2f7b5f35af
Added Sysax 5.64 Create Folder exploit
2012-07-29 10:40:02 -04:00
sinn3r
b527356e00
This check can be handy
2012-07-22 03:34:16 -05:00
jvazquez-r7
beb1fbb55d
Added module for Simple Web Server Connection header bof
2012-07-21 12:07:36 +02:00
HD Moore
7f3aeca501
Put lipstick on this pig for the time being
2012-07-15 21:35:29 -05:00
sinn3r
24c57b61a8
Add juan as an author too for improving the module a lot
2012-07-06 10:41:06 -05:00
jvazquez-r7
9fecc80459
User of TARGETURI plus improve of description
2012-07-06 15:47:25 +02:00
jvazquez-r7
7751c54a52
references updates
2012-07-06 11:56:03 +02:00
jvazquez-r7
f8ca5b4234
Revision of pull request #562
2012-07-06 11:52:43 +02:00
sinn3r
a3d74f5b10
Correct dead milw0rm references
2012-06-30 16:50:04 -05:00
sinn3r
e5dd6fc672
Update milw0rm references.
...
milw0rm.com is long gone, so all milw0rm references are just
a bunch of broken links. Change to exploit-db instead.
2012-06-28 14:27:12 -05:00
sinn3r
7c9a8ba699
Add OSVDB reference
2012-06-28 02:09:12 -05:00
sinn3r
d85ce8db5c
Update CVEs for HTTP exploits
2012-06-28 00:00:53 -05:00