5e925f6629
Description update
2013-05-14 14:20:27 -05:00
42cfa72f81
Update data after test kloxo 6.1.12
2013-05-13 19:09:06 -05:00
58f2373171
Added module for EDB 25406
2013-05-13 18:08:23 -05:00
5e997aaf80
Landing #1816 - lists essential information about CouchDB
2013-05-13 16:46:20 -05:00
cba045a604
Make additional changes to the module
2013-05-13 16:42:33 -05:00
e3384439ed
64-bit, not '64 bits'
2013-05-13 15:40:17 -05:00
e71e0c1c28
Land #1822 , @wchen-r7's module for Coldfusion HTP disclosed exploit
2013-05-13 12:41:54 -05:00
f04ca17bb9
Fix default action
2013-05-13 11:56:02 -05:00
5b64379553
Add Coldfusion 9 target, OSVDB ref and review
2013-05-13 11:55:11 -05:00
e605318726
Merge pull request #1813 from limhoff-r7/feature/mdm-module-namespace
...
Updates to MDM 0.11.2
2013-05-13 08:09:52 -07:00
60299c2adb
Add EDB-25305 - That ColdFusion 10 sub0 0day stuff
...
This is just an aux module that extract passwords from
password.properties. Yes, this can leverage a shell too, but
obviously that's best implemented in #1737 , or as a new exploit.
We'll see.
2013-05-12 21:23:53 -05:00
feac292d85
Clean up for dlink_dsl320b_password_extractor
2013-05-12 17:35:59 -05:00
ee46771de5
Land #1799 , @m-1-k-3's auth bypass module for Dlink DSL320
2013-05-12 17:34:08 -05:00
4461aefaa2
Update to metasploit_data_models 0.11.2
...
[#47979793 ]
2013-05-12 13:36:13 -05:00
9730abd669
Land #1818 , @wchen-r7's change to Exploit Rank
2013-05-11 11:51:49 -05:00
7fcf20201b
Ranking should be the same (to GoodRanking)
2013-05-11 09:19:25 -05:00
a94d078bfd
Added the statement return to condition: if res.nil?
2013-05-11 00:59:05 -03:00
18ee9af59f
Added couchdb_enum.rb to list essential information about CouchDB
2013-05-10 23:18:48 -03:00
d9ff629e17
Land #1815 , typo fix.
2013-05-10 15:36:52 -05:00
ac3fe4c84e
Update CONTRIBUTING.md
2013-05-10 23:15:29 +03:00
d37d211ecc
Fix short escape sequences error
2013-05-09 17:29:55 -05:00
4147a27216
Land #1667 , @nmonkee's sap_soap_rfc_sxpg_command_exec exploit
2013-05-09 17:00:11 -05:00
6842432abb
Land #1678 , @nmonkee's sap_soap_rfc_sxpg_call_system_exec exploit
2013-05-09 16:52:01 -05:00
cf05602c6f
Land #1661 , @nmonkee's sap_soap_rfc_eps_get_directory_listing module
2013-05-09 16:46:13 -05:00
b18a98259b
Modify default rport
2013-05-09 16:24:54 -05:00
3e1d1a3f98
Land #1659 , @nmonkee's sap_soap_rfc_eps_delete_file module
2013-05-09 16:22:54 -05:00
afa04ac9d0
Merge branch 'master' into feature/mdm-module-namespace
2013-05-09 16:13:06 -05:00
6015b25561
Update to metasploit_data_models 0.11.1
...
[#47979793 ]
2013-05-09 16:12:01 -05:00
2d5556f040
Merge pull request #10 from jvazquez-r7/sap_soap_rfc_sxpg_command_exec_multi
...
sap_soap_rfc_sxpg_command_exec multi platform and clean up
2013-05-09 14:00:15 -07:00
45adb85915
Merge pull request #9 from jvazquez-r7/sap_soap_rfc_sxpg_call_system_exec_multi
...
Clean up for sap_soap_rfc_sxpg_call_system_exec
2013-05-09 13:39:56 -07:00
53c08cd60f
fix incorrect printing typo
2013-05-09 21:37:04 +01:00
0b9fb41836
Merge pull request #8 from jvazquez-r7/sap_soap_rfc_eps_get_directory_listing
...
SAP module sap_soap_rfc_eps_get_directory_listing cleanup
2013-05-09 13:27:51 -07:00
7ad73d8ff6
Merge pull request #7 from jvazquez-r7/sap_soap_rfc_eps_delete_file
...
Cleanup for sap_soap_rfc_eps_delete_file
2013-05-09 12:51:50 -07:00
bc92b43408
Update to metasploit_data_models 0.11.0
...
[#47979793 ]
2013-05-09 13:25:26 -05:00
94f841dd3f
Land #1810 , @wchen-r7's modification to make ie_cgenericelement_uaf more stable
2013-05-08 21:53:18 -05:00
f9f769cec8
Landing #1805 - Fix unintelligible error when importing empty file
2013-05-08 20:10:45 -05:00
9043eeda66
A slight change for stability
...
While updating ie_cgenericelement_uaf earlier today, I noticed the
changes made it a tiny bit less stable. Juan's test log in #1809
also kinda shows that (with the first attempt failing), so I decided
to go back and move the string crafting part, that way between
CollectGarbage() and the overwrite, there is less noise, and hopefully
more stable. I did a few tests, seems better.
2013-05-08 20:02:55 -05:00
bdd2287daf
Land #1809 , @wchen-r7's modification for ie_cgenericelement_uaf
2013-05-08 16:21:11 -05:00
0e51042a01
Landing #1808 - ERS Viewer 2011 bof (CVE-2013-0726)
2013-05-08 15:51:46 -05:00
9a1400a75b
Forgot to remove this print_warning
2013-05-08 15:44:04 -05:00
075f6e8d45
Updates ROP chain and mstime_malloc usage
2013-05-08 15:42:45 -05:00
4c75354a6a
Land #1786 , request_cgi instead of request_raw
...
Also some other small changes to modules, such as sensible defaults for
options.
2013-05-08 14:58:04 -05:00
c7609ac7d1
Initial update
2013-05-08 14:24:52 -05:00
1aa80cd35e
Add module for CVE-2013-0726
2013-05-08 13:48:48 -05:00
a5648a8830
Merge branch 'master' into feature/mdm-module-namespace
...
Conflicts:
Gemfile
Gemfile.lock
lib/msf/core/db_manager.rb
2013-05-08 13:22:41 -05:00
e939de583c
Clean up and multi platform support for sap_soap_rfc_sxpg_command_exec
2013-05-07 22:46:39 -05:00
5f59d9f723
Move sap_soap_rfc_sxpg_command_exec to multi dir
2013-05-07 22:46:04 -05:00
ab60e0bfb7
Fix print message
2013-05-07 22:41:15 -05:00
9ab68ac935
Fix unintelligible error when importing empty file
...
IO#read returns nil for an empty file if given a length argument, which
caused a stack trace when attempting to import a file instead of a
useful error message.
2013-05-07 18:05:45 -05:00
24bad9c15c
Clean up sap_soap_rfc_sxpg_call_system_exec and make it multi platform
2013-05-07 17:03:10 -05:00
sinn3r
jvazquez-r7
Tod Beardsley
Brandon Turner
Luke Imhoff
Roberto Soares Espreto
Nick Rivera
nmonkee
James Lee