Commit Graph

14355 Commits (64b8696e3c2b33f6aadff120fa1492ea1241c512)

Author SHA1 Message Date
sinn3r 64b8696e3c Extra condition that's not actually needed
Don't actually need to check nil res, because no code will
actually try to access res when it's nil anyway. And the 'return'
at the of the function will catch it when the response times out.
2012-09-09 04:06:48 -05:00
bcoles cb95a7b520 Add openfiler_networkcard_exec exploit 2012-09-09 17:28:09 +09:30
bcoles f02659184a Add WANem v2.3 command execution 2012-09-08 16:01:45 +09:30
jvazquez-r7 caae54a7ca added osvdb reference 2012-09-07 16:56:37 +02:00
Tod Beardsley aaf7fcd5e9 Closing bracket doh 2012-09-07 08:57:27 -05:00
Tod Beardsley 53e4818c2e Humble-desser, not humble-dresser 2012-09-07 08:49:27 -05:00
jvazquez-r7 c572c20831 Description updated to explain conditions 2012-09-07 11:18:54 +02:00
sinn3r bd596a3f39 Merge branch 'sflog_upload_exec' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-sflog_upload_exec 2012-09-06 18:40:19 -05:00
sinn3r 86036737ca Apparently this app has two different names
People may either call the app "ActiveFax", or "ActFax". Include
both names in there to allow the module to be more searchable.
2012-09-06 18:38:03 -05:00
sinn3r 6a484cdbc5 Merge branch 'actfax_local_exploit' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-actfax_local_exploit 2012-09-06 18:35:08 -05:00
sinn3r b4270bb480 Add OSVDB-83767: SFlog Upload Exec Module
This module exploits multiiple flaws in SFlog!. By default, the
CMS has a default admin cred of "admin:secret", which can be
abused to access admin features such as blog management.  Through
the management interface, we can upload a backdoor that's accessible
by any remote user, and then we gain code execution.
2012-09-06 18:30:45 -05:00
jvazquez-r7 fc1c1c93ba ZDI references fixed 2012-09-07 00:50:07 +02:00
jvazquez-r7 4985cb0982 Added module for ActFac SYSTEM Local bof 2012-09-07 00:45:08 +02:00
sinn3r f7407deb7b Merge branch 'hp_sitescope_uploadfileshandler_multi' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_sitescope_uploadfileshandler_multi 2012-09-06 11:33:19 -05:00
David Maloney a07f521969 Minor fix to broken interpolation 2012-09-06 11:31:10 -05:00
jvazquez-r7 65681dc3b6 added osvdb reference 2012-09-06 13:56:52 +02:00
jvazquez-r7 b4113a2a38 hp_site_scope_uploadfileshandler is now multiplatform 2012-09-06 12:54:51 +02:00
sinn3r 2cb2b281d6 Fix NoMethodError for nil:NilClass bug
The 'unless' statement expects there's always a value for USERNAME
and PASSWORD. We might as well just set '' as the default value
to avoid the NoMethodError mistake.  Related to bug #7140.
2012-09-06 01:09:40 -05:00
HD Moore d7d2669f6c Chmod this to be executable 2012-09-06 00:50:17 -05:00
HD Moore b791f662c6 Add a standalone psexec (based on Rex) for ref. 2012-09-06 00:50:03 -05:00
jvazquez-r7 270fa1b87b updated descriptions for hp sitescope modules tested over linux 2012-09-05 23:25:08 +02:00
Tod Beardsley 9531c95627 Adding BID 2012-09-05 15:04:05 -05:00
Tod Beardsley ff97b1da00 Whitespace EOL 2012-09-05 14:04:20 -05:00
sinn3r 43041e3a0a Merge branch 'hp_sitescope_uploadfileshandler' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_sitescope_uploadfileshandler 2012-09-05 14:03:24 -05:00
sinn3r 6705f5405e Merge branch 'symantec_smg_ssh_pass' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-symantec_smg_ssh_pass 2012-09-05 14:00:55 -05:00
sinn3r bed3c7bbac Merge branch 'hp_sitescope_loadfilecontent_fileaccess' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_sitescope_loadfilecontent_fileaccess 2012-09-05 13:59:49 -05:00
jvazquez-r7 2f87af1c3a add some checks while parsing the java serialization config file 2012-09-05 20:58:55 +02:00
sinn3r 598fdb5c50 Merge branch 'hp_sitescope_getsitescopeconfiguration' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_sitescope_getsitescopeconfiguration 2012-09-05 13:58:39 -05:00
sinn3r 41904891c9 Merge branch 'hp_sitescope_getfileinternal_fileaccess' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_sitescope_getfileinternal_fileaccess 2012-09-05 13:57:39 -05:00
jvazquez-r7 b2116e2394 cleanup, test, add on_new_session handler and osvdb references 2012-09-05 20:54:25 +02:00
sinn3r c4fb285288 Merge branch 'armitage' of https://github.com/rsmudge/metasploit-framework into rsmudge-armitage 2012-09-05 13:48:09 -05:00
sinn3r 5f9e310e85 Merge branch 'master' of https://github.com/averagesecurityguy/metasploit-framework 2012-09-05 13:47:25 -05:00
sinn3r bbab206eac Add CVE-2012-3579 - Symantec Messaging Gateway 9 Default SSH Pass
This module exploits a default misconfig flaw on Symantec Messaging
Gateway 9.5 (or older).  The "support" user has a known default
password, which can be used to login to the SSH service, and then
gain privileged access from remote.
2012-09-05 13:21:10 -05:00
jvazquez-r7 20655232d7 cleanup, tested and added osvdb reference 2012-09-05 20:03:46 +02:00
jvazquez-r7 c6f5b1f072 cleanup, test, osvdb reference 2012-09-05 19:56:04 +02:00
jvazquez-r7 ea2eb046c3 cleanup, final test, osvdb reference 2012-09-05 19:45:50 +02:00
jvazquez-r7 406202fc81 Added module for ZDI-12-174 2012-09-05 12:56:09 +02:00
jvazquez-r7 166f68b194 added module for ZDI-12-177 2012-09-05 12:54:30 +02:00
jvazquez-r7 534ab55e5c Added module for ZDI-12-173 2012-09-05 12:53:03 +02:00
jvazquez-r7 8a50ca2f47 Added module for ZDI-12-176 2012-09-05 12:51:25 +02:00
Cristiano Maruti 8fce975593 Aux module raise an error because Report module is not included in the source 2012-09-05 10:38:36 +02:00
Raphael Mudge e8b3f0193b Armitage 09.05.12 - this release detects several user errors on startup (incorrect permissions, whitespace in the host/port/user/pass parameters, etc.). This release also cleans up the token stealing dialog. 2012-09-05 01:54:28 -04:00
Stephen Haywood 8f142c74e5 Adding documentation to the methods in the post exploitation library. Will eventually generate an rdoc file and a post exploitation How To. 2012-09-04 22:21:47 -04:00
Tod Beardsley c7de73e7bf Clean up SVN metadata 2012-09-04 19:36:10 -05:00
Tod Beardsley 7b8ab53661 Use :unique_data option for dns.enum reporting
Otherwise, you will only report the last thing that comes through on
that host for the dns.enum note type.
2012-09-04 19:32:29 -05:00
Tod Beardsley 2bfe5ee5a6 Add a ResolverError class 2012-09-04 19:20:31 -05:00
Tod Beardsley e128fc87f2 Looks like it should be ResolverError 2012-09-04 19:19:53 -05:00
Tod Beardsley 2edf4a676a Merge remote branch 'bonsaiviking/axfr' into bonsai-afxr 2012-09-04 16:16:41 -05:00
Tod Beardsley b8132cae5c Add the redistribution comment splat 2012-09-04 15:58:43 -05:00
Tod Beardsley 15f1dd8525 Moving greetz to Author fields 2012-09-04 15:58:43 -05:00