infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
18,623 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

9357 Commits (63483a979d65796adc4743eb7ff69bb7509b10ec)

Author SHA1 Message Date
Steve Tornio 63483a979d add osvdb ref 89611 2013-06-15 07:09:26 -05:00
William Vu bd17e67f75 Land #1960, lower ranking for MS13-009 2013-06-14 15:28:06 -05:00
sinn3r 2abf70a1ca Lower ranking for MS13-009 
We haven't been able to make this one more reliable, so todb suggests
we lower the ranking first.
 2013-06-14 15:24:43 -05:00
sinn3r d35c3469e8 Fix typo 
EDB reference
 2013-06-14 15:16:20 -05:00
jvazquez-r7 7a11077834 Land #1923, @juushya's module for rfcode brute forcing 2013-06-14 13:36:14 -05:00
sinn3r 0d384d23b8 Land #1954 - Fix resource_uri and mp4 file path 2013-06-14 13:15:17 -05:00
sinn3r 933ac88b44 Missing the file param that's needed to download the mp4 2013-06-14 13:13:48 -05:00
jvazquez-r7 ae027a9efb Final cleanup for rfcode_reader_enum 2013-06-14 13:09:48 -05:00
sinn3r d2df3234f4 Land #1955 - mozilla_mchannel.rb undefined agent variable 2013-06-14 11:14:20 -05:00
sinn3r 223807d0df Land #1956 - fix regex error for mozilla_reduceright.rb 2013-06-14 11:09:49 -05:00
KarnGaneshen 6188df1b3a added note :type - Info. This is mandatory field for report_note. also, vprint statements seem to be adding an extra space with a hyphen. kinda make print dis-aligned than other regular print_* statements. changed -> to -, removed ' from '#{user/pass}'. works fine. msftidy check. module load check. pcap taken. 2013-06-13 14:03:55 +05:30
KarnGaneshen 871f1b7c1f updated prints with ip-port reference. msftidy check. module load check. go rf reader.. 2013-06-12 00:53:58 +05:30
KarnGaneshen 736bf120d9 added sname in report data, corrected :host to rhost, :port to rport. msftidy check. module load check. upping it. 2013-06-12 00:25:50 +05:30
KarnGaneshen 5c078f5139 added report_note to store collected info. removed register rport for 80t. msftidy & module load checked. pushing it up. 2013-06-11 12:57:26 +05:30
Ruslaideemin ca0ab8d6ee maxthon_history_xcs.rb - fix User-agent string 
request.headers['User-agent'] is incorrect, it should be
request.headers['User-Agent'].

Downloaded following version from oldapps.com to confirm
the exploit code is wrong.

Supported Systems Windows 98, 2000 (Maxthon 2.5.15 Build
  1000), XP, Vista, 7, 8
MD5 Checksum F3791637C886A46940876211209F82F4
SHA1 Checksum 039BB218245E5DC1BAB0F57298C68AC487F86323

Release Date 20 October, 2011 (2 years ago )
 2013-06-11 13:37:21 +10:00
jvazquez-r7 69c25014ae Make msftidy happy 2013-06-13 18:58:38 -05:00
jvazquez-r7 44ff3ec8d9 Land #1953, @wchen-r7's fix around fileformat 2013-06-13 18:56:48 -05:00
sinn3r 12801430e3 Update both ultraiso files to the right fix 2013-06-13 18:44:19 -05:00
jvazquez-r7 fd74390952 Clean monkey_headers 2013-06-13 18:07:35 -05:00
sinn3r 73aff97053 Land #1950 - Monkey HTTPD Header Parsing Denial-of-Service 
This is the reviewed/updated version of pull request #1950. We're
landing this one instead because the other one has a lot of
unnecessary commit messages.
 2013-06-13 15:56:34 -05:00
sinn3r 0440c03c7a Land #1934 - Fix UltraISO Exploit File Creation 2013-06-13 13:57:09 -05:00
jvazquez-r7 81813a78fc Fix module Name 2013-06-13 11:55:23 -05:00
jvazquez-r7 afb2f83238 Add module for CVE-2012-1533 2013-06-12 14:40:53 -05:00
jvazquez-r7 c38eabe481 Fix description, code and perform test 2013-06-12 11:07:03 -05:00
jvazquez-r7 5c8053491f Add DEP bypass for ntdll ms12-001 2013-06-12 10:41:05 -05:00
jvazquez-r7 a1c7961cbc Suport js obfuscation for the trigger 2013-06-12 08:06:12 -05:00
jvazquez-r7 5240c6e164 Add module for MS13-037 CVE-2013-2551 2013-06-12 07:37:57 -05:00
Joe Vennix 45da645717 Update ff svg exploit description to be more accurate. 2013-06-11 12:12:18 -05:00
sinn3r 2874aead2e Land #1938 - Change sevone_enum because it's an Scanner 2013-06-11 11:42:18 -05:00
jvazquez-r7 0578572d98 Change sevone_enum because it's an Scanner 2013-06-11 08:51:15 -05:00
sinn3r 081baad68c Remove variable 'overflow' because it's not used 
The 'overflow' variable isn't needed
 2013-06-11 02:26:45 -05:00
Ruslaideemin 4e41e871bb mozilla_reduceright.rb - fix regex error. 
[] is character class, and will match on 1, 6, 7, and |.
Where as (16|17) will match on either 16, or 17.

irb(main):053:0> y = /Firefox\/3\.6\.[16|17]/
=> /Firefox\/3\.6\.[16|17]/
irb(main):054:0> x = "Firefox/3.6.13"
=> "Firefox/3.6.13"
irb(main):055:0> x =~ y
=> 0
irb(main):056:0> y = /Firefox\/3\.6\.(16|17)/
=> /Firefox\/3\.6\.(16|17)/
irb(main):057:0> x =~ y
=> nil
 2013-06-11 11:52:27 +10:00
Ruslaideemin 996171b35f mozilla_mchannel.rb undefined agent variable 
If the TARGET is chosen instead of using the default
automatic, the agent variable will be undefined, which
causes the exploit to fail.
 2013-06-11 10:43:47 +10:00
Ruslaideemin d91b412661 adobe_flash_sps.rb - resource_uri vs get_resource 
resource_uri will randomize the returned uri unless
datastore['URIPATH"] is set.

get_resource will return the currently used reosurce_uri

Since the incorrect type is used, this exploit is completely broken.

Tested fix with both URIPATH set to / and unset, and it works after
redirect.
 2013-06-11 07:13:02 +10:00
sinn3r 5b61f99ee6 Land #1933 - Update smart_hashdump Regular Expressions for Win 8 & 2012 2013-06-10 13:28:04 -05:00
jvazquez-r7 0c6dbe9885 Add final cleanup for sevone_enum 2013-06-10 13:16:22 -05:00
jvazquez-r7 6765a911a4 Land #1921, @juushya brute force login module for SevOne 2013-06-10 13:15:14 -05:00
sinn3r 622dc27d95 Land #1925 - fix SNMP enum module failing to catch some fail cases 
[FixRM:#7945]
 2013-06-10 12:51:02 -05:00
KarnGaneshen 72a9c8612b setting rfcode_reader_enum straight. more updates. 2013-06-10 22:57:00 +05:30
KarnGaneshen 5c988d99fe more updates to sevone.rb. hopefully all is covered.. 2013-06-10 21:59:18 +05:30
sinn3r 0895184e1f Land #1932 - Actually support OUTPUTPATH datastore option 2013-06-10 11:22:28 -05:00
KarnGaneshen 04171c46ec more updates to sevone.rb. hopefully all is covered. 2013-06-10 21:47:56 +05:30
Tod Beardsley f58e279066 Cleanup on module names, descriptions. 2013-06-10 10:52:22 -05:00
jvazquez-r7 3fbbe3e7b3 Make msftidy happy 2013-06-10 08:16:15 -05:00
jvazquez-r7 3c05cf4382 Land #1842, @viris DoS module for cve-2013-0229 2013-06-10 08:15:45 -05:00
Dejan Lukan 154894bda6 Added comments and merged jvazquez-r7-miniupnp_dos_clean branch. 2013-06-10 10:18:26 +02:00
Carlos Perez a9df55c27a Add Windows 2012 to regex matching 2013-06-09 20:46:44 -04:00
Carlos Perez 8e83f0ee30 Add Windows 8 and 2012 to regex matching 2013-06-09 20:41:46 -04:00
Ruslaideemin cd64e3593c Fix UltraISO file creation 
This makes file creation where datastore['FILENAME'] is not used when
a different filename is required, and ends up creating files in the
wrong place.
 2013-06-09 12:37:34 +10:00
Ruslaideemin c6b4290fea Fix UltraISO Exploit File Creation 
Both ultraiso_ccd.rb and ultraiso_cue.rb use File.open to create
files, instead of using the create_file() function. This leads
to files being created in the wrong directory.

We work around this by dynamically changing the
file_format_filename function to return the corrected filename.
 2013-06-09 09:51:15 +10:00