Commit Graph

410 Commits (648c034d17007a2e94ccd187a1a7c9f5eb2c360e)

Author SHA1 Message Date
jvazquez-r7 fddb69edb3 Use instance variables for 1-time injections 2013-11-08 08:30:35 -06:00
jvazquez-r7 69b261a9f2 Clean post exploitation code 2013-11-07 18:11:54 -06:00
jvazquez-r7 9f51268d21 Make xp_shell_enable instance variable 2013-11-07 17:53:28 -06:00
jvazquez-r7 aa1000df72 Clean check method 2013-11-07 17:44:22 -06:00
jvazquez-r7 c2662d28e0 Move module to the misc folder 2013-11-07 17:34:22 -06:00
OJ 7dcb071f11 Remote shebang and fix pxexeploit 2013-11-06 07:10:25 +10:00
William Vu 2aed8a3aea Update modules to use new ZDI reference 2013-10-21 15:13:46 -05:00
Tod Beardsley c83262f4bd
Resplat another common boilerplate. 2013-10-15 14:07:48 -05:00
Tod Beardsley 23d058067a
Redo the boilerplate / splat
[SeeRM #8496]
2013-10-15 13:51:57 -05:00
Tod Beardsley 63e40f9fba
Release time fixes to modules
* Period at the end of a description.
  * Methods shouldn't be meth_name! unless the method is destructive.
  * "Setup" is a noun, "set up" is a verb.
  * Use the clunky post module naming convention.
2013-10-14 15:17:39 -05:00
jvazquez-r7 172c6b9b8f Escape dots on regexs 2013-10-12 16:15:10 -05:00
jvazquez-r7 f10078088c Add module for ZDI-13-130 2013-10-10 10:06:17 -05:00
jvazquez-r7 e3014a1e91 Fix ZDI Reference 2013-10-09 14:56:42 -05:00
sinn3r a8de9d5c8b Land #2459 - Add HP LoadRunner magentproc.exe Overflow 2013-10-04 19:45:44 -05:00
jvazquez-r7 646429b4dd Put ready to pull request 2013-10-03 22:15:17 -05:00
jvazquez-r7 5971fe87f5 Improve reliability 2013-10-03 17:19:53 -05:00
jvazquez-r7 39eb20e33a Add module for ZDI-13-169 2013-10-03 16:52:20 -05:00
jvazquez-r7 77d0236b4e Don't overwrite defaul timeout 2013-10-02 16:15:14 -05:00
Meatballs 971d0b7536 Generate args 2013-09-27 12:48:10 +01:00
Meatballs d6f2da690a Fix web delivery 2013-09-13 21:27:59 +01:00
Meatballs 9ade4cb671 Refactor 2013-09-13 20:43:09 +01:00
Meatballs 243d3d6ebd Apply comments 2013-09-13 19:19:54 +01:00
Tab Assassin 41e4375e43 Retab modules 2013-08-30 16:28:54 -05:00
HD Moore 6c1ba9c9c9 Switch to Failure vs Exploit::Failure 2013-08-15 14:14:46 -05:00
Tod Beardsley a885ff9bcc Use consistent caps for 'PowerShell' 2013-08-05 09:33:49 -05:00
Meatballs 7801eadbc2 psh description 2013-07-29 19:14:12 +01:00
Tod Beardsley 11e9cca855 Spelling and description touch ups. 2013-07-29 10:57:19 -05:00
jvazquez-r7 dbad1a5e4c Clean up description 2013-07-24 12:02:33 -05:00
Meatballs f79d3f7591 Shorten cmd 2013-07-24 17:48:03 +01:00
Meatballs 8103baf21a Update title 2013-07-24 17:29:23 +01:00
Meatballs 18ac83bec1 Final updates and tidy 2013-07-24 17:28:19 +01:00
Meatballs fe405d2187 Tidyup info 2013-07-19 23:50:59 +01:00
Meatballs 6fab3f6308 Add powershell cmdline 2013-07-19 23:24:54 +01:00
Meatballs d1fdcfff91 Initial commit 2013-07-19 19:33:55 +01:00
Steve Tornio 5b71013dde reference updates 2013-06-25 13:41:22 -05:00
sinn3r 4df943d1a2 CVE and OSVDB update 2013-06-25 02:06:20 -05:00
Steve Tornio a920127f8c reference updates for several modules 2013-06-23 20:43:34 -05:00
Tod Beardsley 4cf682691c New module title and description fixes 2013-06-03 14:40:38 -05:00
Steve Tornio 8671ae9de7 add osvdb ref 2013-06-01 14:27:50 -05:00
jvazquez-r7 d0489b5d1e Delete some commas 2013-05-30 14:25:53 -05:00
jvazquez-r7 6abb591428 Do minor cleanup for lianja_db_net 2013-05-30 14:25:05 -05:00
Spencer McIntyre 70e1379338 Use msvcrt in ropdb for stability. 2013-05-30 11:13:22 -04:00
Spencer McIntyre c3ab1ed2a5 Exploit module for Lianja SQL 1.0.0RC5.1 2013-05-29 08:48:41 -04:00
James Lee f4498c3916 Remove $Id tags
Also adds binary coding magic comment to a few files
2013-05-20 16:21:03 -05:00
jvazquez-r7 6eaf995642 cleaning exploiting string 2013-03-22 21:48:02 +01:00
jvazquez-r7 fd63283524 make msftidy happy 2013-03-22 21:46:12 +01:00
Spencer McIntyre 458ffc1f19 Add a target for Firebird 2.1.4.18393 2013-03-13 13:44:28 -04:00
James Lee 2160718250 Fix file header comment
[See #1555]
2013-03-07 17:53:19 -06:00
jvazquez-r7 64398d2b60 deleting some commas 2013-03-07 21:34:51 +01:00
jvazquez-r7 ab44e3e643 cleanup for fb_cnct_group 2013-03-07 21:34:07 +01:00
Spencer McIntyre 398d13e053 Initial commit of the Firebird CNCT Group Number Buffer Overflow. 2013-03-07 09:51:05 -05:00
sinn3r 5108e8ef1c Correct tab 2013-02-19 11:44:41 -06:00
sinn3r b2664e04fb Merge branch 'bigant_server_dupf_upload' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-bigant_server_dupf_upload 2013-02-19 11:42:04 -06:00
sinn3r 9813c815ef Minor changes 2013-02-19 11:40:06 -06:00
jvazquez-r7 322fa53d49 fix typo 2013-02-17 20:29:41 +01:00
jvazquez-r7 31a3a374c3 Added module for CVE-2012-6274 2013-02-17 20:25:39 +01:00
jvazquez-r7 1a2a0bc38e Added module for CVE-2012-6275 2013-02-17 20:21:45 +01:00
jvazquez-r7 883b3446f3 license text 2013-01-05 08:03:25 +01:00
jvazquez-r7 0a13f01f23 Added module for ZDI-12-101 2013-01-05 07:40:32 +01:00
sinn3r 6d4abe947d Merge branch 'id_revision' of github.com:FireFart/metasploit-framework into FireFart-id_revision 2013-01-04 00:23:03 -06:00
Christian Mehlmauer 8f2dd8e2ce msftidy: Remove $Revision$ 2013-01-04 00:48:10 +01:00
Christian Mehlmauer 25aaf7a676 msftidy: Remove $Id$ 2013-01-04 00:41:44 +01:00
jvazquez-r7 a0b4045b4b trying to fix the variable offset length 2013-01-04 00:25:34 +01:00
jvazquez-r7 9cea2d9af9 reference updated 2013-01-03 19:39:18 +01:00
jvazquez-r7 45808a3a44 Added module for ZDI-11-350 2013-01-03 19:17:45 +01:00
jvazquez-r7 fdb457d82b Merge branch 'refs_update' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-refs_update 2012-12-11 12:16:06 +01:00
sinn3r b315a4eee4 Grammar 2012-12-11 00:19:15 -06:00
jvazquez-r7 e3a126aa75 Added module for ZDI-10-174 2012-12-11 01:37:44 +01:00
sinn3r f5193b595c Update references 2012-12-10 11:42:21 -06:00
sinn3r bf47eaaa41 Remove code that's commented out. Clearly not needed anymore. 2012-12-06 12:57:41 -06:00
sinn3r 0ea5c781c1 Tabs and spaces don't mix 2012-12-06 12:53:22 -06:00
jvazquez-r7 fd20998f40 using the primer callback as pointed by egypt 2012-12-06 18:59:46 +01:00
jvazquez-r7 8e21d9e235 fix source_address param 2012-12-06 18:34:22 +01:00
jvazquez-r7 fc8b08f10f trailing comma 2012-12-06 17:32:58 +01:00
jvazquez-r7 532afc2919 Added module for CVE-2009-0880 2012-12-06 16:43:07 +01:00
sinn3r d4fc99e40c Merge branch 'ms10_104_100_continue_support' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ms10_104_100_continue_support 2012-11-02 15:16:35 -05:00
jvazquez-r7 22fbfb3601 cleanup 2012-11-01 17:38:04 +01:00
jvazquez-r7 e720769747 Added module for ZDI-12-171 2012-11-01 17:17:45 +01:00
jvazquez-r7 ef0f415c51 related to #980 adds support for HttpClient 2012-10-31 17:46:57 +01:00
jvazquez-r7 0e3bc7d060 hp operations agent mods: fix use of pattern_create, use ropdb 2012-10-29 15:45:40 +01:00
jvazquez-r7 19920b3275 update module titles for hp operation agent vulns 2012-10-28 02:38:39 +01:00
sinn3r c015372ce0 Merge branch 'hp_operations_agent_coda_8c' of git://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_operations_agent_coda_8c 2012-10-27 18:45:36 -05:00
jvazquez-r7 73deeacd7e deleted unnecessary http headers according to my tests 2012-10-28 00:52:52 +02:00
jvazquez-r7 b4b1b77a77 deleted unnecessary http headers according to my tests 2012-10-28 00:51:18 +02:00
jvazquez-r7 51bc806014 Added module for CVE-2012-2019 2012-10-27 22:45:37 +02:00
jvazquez-r7 bcb80431d6 Added module for CVE-2012-2020 2012-10-27 22:43:16 +02:00
Michael Schierl 910644400d References EDB cleanup
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
Michael Schierl e9f7873afc Version cleanup
Remove all values that are neither 0 nor $Revision$.
2012-10-22 20:57:02 +02:00
jvazquez-r7 40983460bf added module for avaya winpmd bof, osvdb 73269 2012-10-07 12:05:13 +02:00
Ramon de C Valle 11f82de098 Update author information 2012-09-19 14:00:51 -03:00
sinn3r 9d97dc8327 Add Metasploit blogs as references, because they're useful. 2012-09-03 15:57:27 -05:00
sinn3r 9ab62de637 Fix a spelling error 2012-09-03 01:44:02 -05:00
jvazquez-r7 943121dd61 Added module for CVE-2012-2611 2012-09-03 00:15:56 +02:00
jvazquez-r7 c2cc4b3b15 juan author name updated 2012-08-06 18:59:16 +02:00
jvazquez-r7 2fa88366be Added module for MS10-104 2012-07-30 09:01:38 +02:00
jvazquez-r7 8cf08c6ca3 Target W7 updated 2012-07-15 17:45:58 +02:00
sinn3r e1ff6b0cef Nicer cleanup 2012-07-14 17:57:32 -05:00
jvazquez-r7 bdf009d7a8 Review of pull request #606 2012-07-15 00:20:12 +02:00
sinn3r 70c718a5ed Fix indent level 2012-07-06 12:44:03 -05:00
jvazquez-r7 ff4a0bc3aa poisonivy_bof description updated 2012-07-05 00:18:13 +02:00
jvazquez-r7 8bdf3b56f5 tries updated 2012-07-04 15:48:32 +02:00
jvazquez-r7 d8a5af7084 last changes done by gal, added RANDHEADER to single_exploit 2012-07-04 15:25:12 +02:00
jvazquez-r7 644d5029d5 add bruteforce target as optional 2012-07-04 13:02:47 +02:00
jvazquez-r7 7214a6c969 check function updated 2012-07-04 12:16:30 +02:00
jvazquez-r7 c531bd264b brute force version of the exploit 2012-07-04 11:37:36 +02:00
jvazquez-r7 da2105787d no rop versio of the exploit, metadata used, check and description fixed 2012-07-04 10:54:35 +02:00
jvazquez-r7 8bcc0ba440 Review of pull request #559 2012-07-03 23:49:47 +02:00
jvazquez-r7 9d49052c52 hp_dataprotector_new_folder: added support for hpdp 6 2012-07-02 18:32:19 +02:00
sinn3r 0e87238e58 Space space 2012-06-29 10:56:12 -05:00
jvazquez-r7 c79312547a Added module for CVE-2012-0124 2012-06-29 17:50:21 +02:00
sinn3r e5dd6fc672 Update milw0rm references.
milw0rm.com is long gone, so all milw0rm references are just
a bunch of broken links.  Change to exploit-db instead.
2012-06-28 14:27:12 -05:00
sinn3r e8102284ff Add missing CVEs for misc exploit modules 2012-06-27 22:17:34 -05:00
sinn3r 9980c8f416 Add rh0's analysis 2012-06-25 21:32:45 -05:00
HD Moore 807f7729f0 Merge branch 'master' into feature/vuln-info 2012-06-25 10:10:20 -05:00
Steve Tornio 5d2655b0ce add osvdb ref 2012-06-25 09:00:03 -05:00
HD Moore 348a0b8f6e Merge branch 'master' into feature/vuln-info 2012-06-24 23:00:13 -05:00
sinn3r e805675c1f Add Apple iTunes 10 Extended M3U Stack Buffer Overflow
New exploit against Apple iTunes. Note that this appears to be
different than liquidworm's CVE-2012-0677, because this one is
a stack-based buffer overflow, while CVE-2012-0677 is heap-based,
and a different crash/backtrace. However, according to Rh0, this
bug is patched anyway in the same update... possibly a silent
patch.

As of now, there seems to be no CVE or OSVDB addressing this
particular bug.
2012-06-24 02:01:34 -05:00
HD Moore fb7f6b49f0 This mega-diff adds better error classification to existing modules 2012-06-19 12:59:15 -05:00
Tod Beardsley ced5b9916e Whitespace fix for script-fu module
This is really just to check the GitHub IRC bot thinger.
2012-06-01 12:24:52 -05:00
sinn3r 353d49d05b Modify the description 2012-06-01 12:04:46 -05:00
jvazquez-r7 abbd8c8cd5 Added module for CVE-2012-2763 2012-06-01 18:53:25 +02:00
Tod Beardsley c463bd7c6d Fixing description for citrix module 2012-05-31 16:37:35 -05:00
Tod Beardsley 17e41b2e39 Fixing description for citrix module 2012-05-31 16:36:21 -05:00
Juan Vazquez a0b491355c Merge pull request #436 from jvazquez-r7/citrix_streamprocess_get_footer
Added module for Citrix Provisioning Services 5.6 SP1
2012-05-31 14:35:22 -07:00
Tod Beardsley 02a41afb2b Fixing description for juan's Citrix module 2012-05-31 16:34:13 -05:00
Juan Vazquez 00bb216927 Merge pull request #435 from jvazquez-r7/citrix_streamprocess_get_boot_record_request
Added module for Citrix Streamprocess Opcode 0x40020004 Buffer Overflow
2012-05-31 14:33:20 -07:00
jvazquez-r7 47c5745673 Fixed name module 2012-05-31 23:23:11 +02:00
jvazquez-r7 e324ed5251 Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020002 Buffer Overflow 2012-05-31 23:21:43 +02:00
jvazquez-r7 1c11b1b1b7 Added module for Citrix Streamprocess Opcode 0x40020002 Buffer Overflow 2012-05-31 23:17:38 +02:00
jvazquez-r7 b5f5804d94 description updated 2012-05-31 23:14:25 +02:00
jvazquez-r7 198070361b Added module for ZDI-12-010 2012-05-31 22:45:55 +02:00
HD Moore f6c88377f4 Fixes #362 by changing the exitfunction arguments to be the correct type 2012-05-07 02:41:08 -05:00
sinn3r 711fb73048 Fix more print_* 2012-04-25 15:01:50 -05:00
Tod Beardsley 2f3bbdc00c Sed replacement of exploit-db links with EDB refs
This is the result of:

find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/\([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
sinn3r aeb691bbee Massive whitespace cleanup 2012-03-18 00:07:27 -05:00
Tod Beardsley 9144c33345 MSFTidy check for capitalization in modules
And also fixes up a dozen or so failing modules.
2012-03-15 16:38:12 -05:00
sinn3r 339fb8d266 eh, I mean Win2k3 SP0 to SP1 2012-02-23 17:33:49 -06:00
Steve Tornio 08fb03276f add osvdb ref 2012-02-23 07:39:31 -06:00
sinn3r 144fa0dc0e Comment what \x0b\x04 is for 2012-02-22 22:59:43 -06:00
sinn3r 291e083d65 Add CVE-2011-5001: TrendMicro Control Manager 5.5 CmdProcessor Stack Bof 2012-02-22 19:44:47 -06:00
Tod Beardsley 4a631e463c Module title normalization
Module titles should read like titles. For
capitalization rules in English, see:
http://owl.english.purdue.edu/owl/resource/592/01/

The only exceptions are function names (like 'thisFunc()') and specific
filenames (like thisfile.ocx).
2012-02-21 11:07:44 -06:00
HD Moore ceb4888772 Fix up the boilerplate comment to use a better url 2012-02-20 19:40:50 -06:00
HD Moore af56807668 Cleanup the titles of many exploit modules 2012-02-20 19:25:55 -06:00
Tod Beardsley 829040d527 A bunch of msftidy fixes, no functional changes. 2012-02-10 19:44:03 -06:00
Steve Tornio daca3e93a5 add osvdb ref 2012-02-10 07:05:42 -06:00
sinn3r 2bd330da33 Add ZDI-12-009 Citrix Provisioning Services 5.6 streamprocess buffer overflow exploit 2012-02-10 00:06:48 -06:00
Tod Beardsley e371f0f64c MSFTidy commits
Whitespace fixes, grammar fixes, and breaking up a multiline SOAP
request.

Squashed commit of the following:

commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:58:53 2012 -0600

    Break up the multiline SOAP thing

commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:48:16 2012 -0600

    More whitespace and indent

commit 12c42aa1efdbf633773096418172e60277162e22
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:39:36 2012 -0600

    Whitespace fixes

commit 32d57444132fef3306ba2bc42743bfa063e498df
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:35:37 2012 -0600

    Grammar fixes for new modules.
2012-02-01 10:59:58 -06:00
Jonathan Cran a814a9dce7 add disclosure date 2012-01-31 20:35:58 -06:00
sinn3r 3952a06292 Minor changes 2012-01-26 11:35:43 -06:00
Christopher McBee 1af6740b24 Initial checking of hp_magentservice module 2012-01-25 13:04:30 -05:00