William Vu
|
5fc57f7ed5
|
Land #3924, rm dlink_upnp_exec_noauth_telnetd
Deprecated.
|
2014-09-30 17:46:07 -05:00 |
William Vu
|
039e544ffa
|
Land #3925, rm indeces_enum
Deprecated.
|
2014-09-30 17:45:38 -05:00 |
sinn3r
|
be1df68563
|
Remove auxiliary/scanner/elasticsearch/indeces_enum.rb
Time is up, so good bye.
|
2014-09-30 17:24:21 -05:00 |
sinn3r
|
9e67beb396
|
Remove modules/exploits/linux/http/dlink_upnp_exec_noauth_telnetd.rb
Time is up, so good bye.
|
2014-09-30 17:21:55 -05:00 |
Tod Beardsley
|
c1cb8bcfdd
|
Land #3918, bugfix on self.rhost mssql_login
|
2014-09-30 13:36:42 -05:00 |
sinn3r
|
296a51f661
|
Land #3917 - Description & module title update
|
2014-09-30 12:37:38 -05:00 |
William Vu
|
5ea968f3ee
|
Update description to prefer the exploit module
|
2014-09-30 11:34:28 -05:00 |
sinn3r
|
7163b8c55a
|
Fixes #3915 - NoMethodError private method `rhost'
There's no self.rhost, but rhost is defined
|
2014-09-30 11:34:16 -05:00 |
William Vu
|
162e42080a
|
Update title to reflect scanner status
|
2014-09-30 11:04:17 -05:00 |
sinn3r
|
10dc6ed2fe
|
Land #3912 - Update check method and additional references
|
2014-09-30 10:18:56 -05:00 |
William Vu
|
de65ab0519
|
Fix broken check in exploit module
See 71d6b37088 .
|
2014-09-29 23:03:09 -05:00 |
William Vu
|
12d7073086
|
Use idiomatic Ruby for the marker
|
2014-09-29 22:32:07 -05:00 |
William Vu
|
71d6b37088
|
Fix bad header error from pure Bash CGI script
|
2014-09-29 22:25:42 -05:00 |
William Vu
|
df44dfb01a
|
Add OSVDB and EDB references to Shellshock modules
|
2014-09-29 21:39:07 -05:00 |
sinn3r
|
b2d2101be2
|
Land #3913 - Change hardcoded table prefixes
|
2014-09-29 17:55:45 -05:00 |
sinn3r
|
8f3e03d4f2
|
Land #3903 - ManageEngine OpManager / Social IT Arbitrary File Upload
|
2014-09-29 17:53:43 -05:00 |
Christian Mehlmauer
|
b266233e95
|
fix bug
|
2014-09-30 00:21:52 +02:00 |
Pedro Ribeiro
|
533b807bdc
|
Add OSVDB id
|
2014-09-29 21:52:44 +01:00 |
sinn3r
|
ffe5aafb2f
|
Land #3905 - Update exploits/multi/http/apache_mod_cgi_bash_env_exec
|
2014-09-29 15:19:35 -05:00 |
sinn3r
|
21b2d9eb3f
|
Land #3899 - WordPress custom-contact-forms Plugin SQL Upload
|
2014-09-29 14:40:28 -05:00 |
sinn3r
|
9e5826c4eb
|
Land #3844 - Add the JSObfu mixin to Firefox exploits
|
2014-09-29 11:15:14 -05:00 |
sinn3r
|
ababc3d8ff
|
Land #3869 - HP Network Node Manager I PMD Buffer Overflow
|
2014-09-29 11:00:12 -05:00 |
Meatballs
|
d5959d6bd6
|
Land #2585, Refactor Bypassuac with Runas Mixin
|
2014-09-28 09:24:22 +01:00 |
Meatballs
|
e14dd9900b
|
Land #3896, Change Max LOGLEVEL to 3
|
2014-09-28 09:18:29 +01:00 |
Meatballs
|
67c25c20ca
|
Land #3357, Run Local Exploits in AutoRunScript
|
2014-09-28 09:12:26 +01:00 |
Meatballs
|
3fc57109e6
|
Dont rescue Exception
|
2014-09-28 09:12:03 +01:00 |
Spencer McIntyre
|
fe12ed02de
|
Support a user defined header in the exploit too
|
2014-09-27 18:58:53 -04:00 |
Pedro Ribeiro
|
f20610a657
|
Added full disclosure URL
|
2014-09-27 21:34:57 +01:00 |
Pedro Ribeiro
|
030aaa4723
|
Add exploit for CVE-2014-6034
|
2014-09-27 19:33:49 +01:00 |
Pedro Ribeiro
|
ce8452a17a
|
Merge pull request #3 from rapid7/master
bla
|
2014-09-27 19:24:32 +01:00 |
HD Moore
|
64dbc396dd
|
Add header specification to check module, lands #3902
|
2014-09-27 12:58:29 -05:00 |
William Vu
|
044eeb87a0
|
Add variable HTTP header
Also switch from OptEnum to OptString for flexibility.
|
2014-09-27 12:39:24 -05:00 |
Christian Mehlmauer
|
c51c19ca88
|
bugfix
|
2014-09-27 14:56:34 +02:00 |
Christian Mehlmauer
|
9a424a81bc
|
fixed bug
|
2014-09-27 13:46:55 +02:00 |
Christian Mehlmauer
|
1c30c35717
|
Added WordPress custom_contact_forms module
|
2014-09-27 13:42:49 +02:00 |
sinn3r
|
c75a0185ec
|
Land #3897 - Fix check for apache_mod_cgi_bash_env & apache_mod_cgi_bash_env_exec
|
2014-09-26 17:06:23 -05:00 |
jvazquez-r7
|
80d9af9b49
|
Fix spacing in description
|
2014-09-26 17:03:28 -05:00 |
jvazquez-r7
|
9e540637ba
|
Add module for CVE-2014-5377 ManageEngine DeviceExpert User Credentials
|
2014-09-26 17:02:27 -05:00 |
jvazquez-r7
|
3259509a9c
|
Use return
|
2014-09-26 16:04:15 -05:00 |
jvazquez-r7
|
0a3735fab4
|
Make it better
|
2014-09-26 16:01:10 -05:00 |
jvazquez-r7
|
3538b84693
|
Try to make a better check
|
2014-09-26 15:55:26 -05:00 |
sinn3r
|
ae82ebc734
|
Change max LogLevel to 3
There is no such thing as a LogLevel 5.
|
2014-09-26 14:20:47 -05:00 |
jvazquez-r7
|
6e2d297e0c
|
Credit the original vuln discoverer
|
2014-09-26 13:45:09 -05:00 |
jvazquez-r7
|
1fa488f791
|
Land #3893, @jlee-r7's exploit module for DHCP CVE-2014-2014-6271
|
2014-09-26 13:43:33 -05:00 |
jvazquez-r7
|
e1f00a83bc
|
Fix Rex because domainname and domain_name were duplicated
|
2014-09-26 13:40:52 -05:00 |
jvazquez-r7
|
5044117a78
|
Refactor dhclient_bash_env to use the egypt's mixin mods
|
2014-09-26 13:34:44 -05:00 |
jvazquez-r7
|
a4bc17ef89
|
deregister options needed for exploitation
|
2014-09-26 10:15:46 -05:00 |
jvazquez-r7
|
54e6763990
|
Add injection to HOSTNAME and URL
|
2014-09-26 10:13:24 -05:00 |
jvazquez-r7
|
a31b4ecad9
|
Merge branch 'review_3893' into test_land_3893
|
2014-09-26 08:41:43 -05:00 |
James Lee
|
86f85a356d
|
Add DHCP server module for CVE-2014-6271
|
2014-09-26 01:24:42 -05:00 |