Commit Graph

1553 Commits (6a20b8f5f543113c7f77bf99145d0e10d15b141f)

Author SHA1 Message Date
Joshua Drake a402a69de6 make error more friendly and clean up whitespace
git-svn-id: file:///home/svn/framework3/trunk@9092 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 04:51:08 +00:00
Joshua Drake 80cec47e17 added cve
git-svn-id: file:///home/svn/framework3/trunk@9091 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 00:31:31 +00:00
Joshua Drake 180ca93bbb updated description
git-svn-id: file:///home/svn/framework3/trunk@9090 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 00:31:03 +00:00
Joshua Drake 8e5f0a37d8 rename modules to microsoft bulletin names and update references
git-svn-id: file:///home/svn/framework3/trunk@9085 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-15 16:08:27 +00:00
Joshua Drake 73dfe9729b update default option settings and auto_target
git-svn-id: file:///home/svn/framework3/trunk@9083 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-15 15:23:43 +00:00
Steve Tornio ec74d862a7 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@9082 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-15 11:18:25 +00:00
Joshua Drake 950f571488 add module for java web start arguments vuln - no CVE yet
git-svn-id: file:///home/svn/framework3/trunk@9074 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-14 21:45:23 +00:00
Joshua Drake 321404e2fe add payload/generic/tight_loop - x86 debug payload
git-svn-id: file:///home/svn/framework3/trunk@9070 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-14 07:40:04 +00:00
Joshua Drake 7788873235 fix typos
git-svn-id: file:///home/svn/framework3/trunk@9066 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-14 00:37:06 +00:00
pusscat 99ecd361d3 Fix variable name (care of Monica Sojeong Hong)
git-svn-id: file:///home/svn/framework3/trunk@9061 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-13 19:05:52 +00:00
HD Moore ee4528ed86 Fix negative timeouts
git-svn-id: file:///home/svn/framework3/trunk@9048 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-11 13:26:50 +00:00
Joshua Drake 78d1338171 clean up extra slashes in uris
git-svn-id: file:///home/svn/framework3/trunk@9036 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-07 20:25:34 +00:00
HD Moore c8aae09827 Correct english in the quotation
git-svn-id: file:///home/svn/framework3/trunk@9029 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-07 00:59:20 +00:00
Joshua Drake 1f8605e26d fix check method, lol?
git-svn-id: file:///home/svn/framework3/trunk@9026 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-06 04:58:03 +00:00
Joshua Drake 1a47c436d3 support amd64 arch
git-svn-id: file:///home/svn/framework3/trunk@9025 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-06 04:08:39 +00:00
HD Moore 7af2fdf42e Remove silly cases of print_good
git-svn-id: file:///home/svn/framework3/trunk@9021 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 23:34:10 +00:00
Joshua Drake 1836649937 update references
git-svn-id: file:///home/svn/framework3/trunk@9020 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 20:45:21 +00:00
Joshua Drake e9083bda0d add exploit module for cve-2010-0805 - from zsploit
git-svn-id: file:///home/svn/framework3/trunk@9018 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 20:25:56 +00:00
Joshua Drake b35559e1ec add a 6.1.22.0 target (from WorldMail3.1.2x_installer.exe)
git-svn-id: file:///home/svn/framework3/trunk@9015 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 03:48:07 +00:00
Joshua Drake 7d45b8fdf0 update targets, add auto_target functionality
git-svn-id: file:///home/svn/framework3/trunk@9012 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 02:09:32 +00:00
HD Moore 52faebea30 Typo
git-svn-id: file:///home/svn/framework3/trunk@9006 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-04 04:57:42 +00:00
HD Moore 3258f30ba7 Typo
git-svn-id: file:///home/svn/framework3/trunk@9005 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-04 04:46:28 +00:00
HD Moore 8f0e3ced67 Correct spelling typo
git-svn-id: file:///home/svn/framework3/trunk@9004 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-04 00:46:49 +00:00
HD Moore cd2760f2c2 Bug fixes and size improvements for the reverse_https stager
git-svn-id: file:///home/svn/framework3/trunk@9001 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-03 13:53:35 +00:00
Joshua Drake eb003518ce add auto_target to apache_chunked exploit - should reduce run duration in most cases
git-svn-id: file:///home/svn/framework3/trunk@8980 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-02 16:26:01 +00:00
Joshua Drake 776259e3c6 bleh, fix comma
git-svn-id: file:///home/svn/framework3/trunk@8979 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-02 15:51:55 +00:00
Joshua Drake 5c34cce14a add note about possibly incorrect references
git-svn-id: file:///home/svn/framework3/trunk@8978 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-02 15:38:11 +00:00
Joshua Drake 82b6f05fa9 add exploit module from m_101
git-svn-id: file:///home/svn/framework3/trunk@8975 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 17:10:07 +00:00
Joshua Drake 61b4500ffd remove svn:executable from various files
git-svn-id: file:///home/svn/framework3/trunk@8974 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 16:20:34 +00:00
Steve Tornio 970efbc628 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8971 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 11:27:56 +00:00
natron b5ee26770b Cameled all vars on accident, uncameling regular opts. Also, broke native osx payload, oops.
git-svn-id: file:///home/svn/framework3/trunk@8970 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 05:15:26 +00:00
Mario Ceballos f10d0fbb41 added exploit module hp_nnm_ovwebhelp.rb
git-svn-id: file:///home/svn/framework3/trunk@8969 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 00:47:31 +00:00
Joshua Drake ff8cdc29aa update description with a little history
git-svn-id: file:///home/svn/framework3/trunk@8968 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-31 22:36:10 +00:00
Joshua Drake 516a6f47e5 move USERNAME/PASSWORD setting to exploit instead of auto_target so manual targets work - fixes #1416
git-svn-id: file:///home/svn/framework3/trunk@8967 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-31 22:29:47 +00:00
natron c1fa8d60f7 Expose exe :template and :insert via advanced options plus formatting changes. Thanks MarkBagget for the kick in the pants and the example options to to_win32pe\!
git-svn-id: file:///home/svn/framework3/trunk@8966 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-31 22:05:32 +00:00
Joshua Drake da874c323a renamed and udpated "iepeers" vuln with latest information/name
git-svn-id: file:///home/svn/framework3/trunk@8965 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-31 20:15:22 +00:00
Joshua Drake 477a424cab silly comma...
git-svn-id: file:///home/svn/framework3/trunk@8959 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-30 06:42:59 +00:00
Joshua Drake ee90abb049 author fix
git-svn-id: file:///home/svn/framework3/trunk@8958 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-30 04:26:14 +00:00
Joshua Drake c9d321b352 clean up comments
git-svn-id: file:///home/svn/framework3/trunk@8957 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-30 01:40:26 +00:00
Joshua Drake b2f3e91c8b add a target for v8.6.0.1936
git-svn-id: file:///home/svn/framework3/trunk@8955 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-29 18:19:59 +00:00
Joshua Drake 0a6547045d add exploit module for cve-2007-2888
git-svn-id: file:///home/svn/framework3/trunk@8953 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-29 17:21:15 +00:00
HD Moore 4bac76cc9e Fix XOR encoding for this module
git-svn-id: file:///home/svn/framework3/trunk@8940 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 20:17:33 +00:00
Joshua Drake 79e277450a add reliable IE7 trigger from Nanika
git-svn-id: file:///home/svn/framework3/trunk@8935 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 01:31:19 +00:00
Joshua Drake 3dc30aeed6 minor whitespace change
git-svn-id: file:///home/svn/framework3/trunk@8934 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 01:30:40 +00:00
Joshua Drake 89d6907a8f fix typoez
git-svn-id: file:///home/svn/framework3/trunk@8933 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 00:35:48 +00:00
Joshua Drake f649c4a92c raise exception if unable to login
git-svn-id: file:///home/svn/framework3/trunk@8932 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-26 19:00:23 +00:00
HD Moore 22cb5a6bea 1.9 compatibility fixes for lpd exploits, clarification in the print messages that we are *trying* to exploit something, not absolutely doing so
git-svn-id: file:///home/svn/framework3/trunk@8916 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 14:52:35 +00:00
James Lee a27c941714 targ_host -> target_host
git-svn-id: file:///home/svn/framework3/trunk@8909 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 01:09:04 +00:00
Joshua Drake 4f657ef868 add exploit module for cve-2009-1260
git-svn-id: file:///home/svn/framework3/trunk@8900 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 19:35:29 +00:00
HD Moore 2b419a421d Add default timeouts to autopwn, control with -T
git-svn-id: file:///home/svn/framework3/trunk@8892 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 00:11:21 +00:00
Joshua Drake 5c1cf6aefb correction to target descriptions
git-svn-id: file:///home/svn/framework3/trunk@8889 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-23 06:54:45 +00:00
Joshua Drake 39537bfc53 add an office xp sp0 target
git-svn-id: file:///home/svn/framework3/trunk@8888 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-23 06:00:54 +00:00
Joshua Drake b8b11338b1 add linux x86/x86_64 support for tomcat manger deploy, see #1016
git-svn-id: file:///home/svn/framework3/trunk@8853 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-19 02:13:02 +00:00
Joshua Drake d270d8aa95 update author comments
git-svn-id: file:///home/svn/framework3/trunk@8852 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-18 23:52:28 +00:00
Joshua Drake a940d9a810 add exploit module for VariCAD 2010-2.05 DWB bug
git-svn-id: file:///home/svn/framework3/trunk@8851 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-18 23:47:52 +00:00
Joshua Drake ef299e71d2 candy mountain whitespace fixes!
git-svn-id: file:///home/svn/framework3/trunk@8834 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-16 18:07:49 +00:00
Joshua Drake 7fcad1f4b8 add exploit module for cve-2010-0188 (possibly cve-2006-3549)
git-svn-id: file:///home/svn/framework3/trunk@8833 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-16 18:06:50 +00:00
Joshua Drake 40dd65494e add notes about vulnerable versions
git-svn-id: file:///home/svn/framework3/trunk@8811 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-13 18:15:06 +00:00
HD Moore 13410d4daa Rename aurora module to the MSB naming convention
git-svn-id: file:///home/svn/framework3/trunk@8780 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-11 05:49:45 +00:00
HD Moore a23344b5d0 Consistency in how IE/Internet Explorer is named
git-svn-id: file:///home/svn/framework3/trunk@8779 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-11 05:49:14 +00:00
Steve Tornio d3da883aa2 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8774 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 22:07:04 +00:00
HD Moore baf64ed999 Remove trailing
git-svn-id: file:///home/svn/framework3/trunk@8771 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 22:01:43 +00:00
Joshua Drake 3c57fe6e81 add exploit module for cve-2010-0806
git-svn-id: file:///home/svn/framework3/trunk@8770 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 22:01:32 +00:00
HD Moore aaea62bb92 Report the correct local/peer names for the session information. Fix a return value check
git-svn-id: file:///home/svn/framework3/trunk@8765 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 07:13:18 +00:00
Joshua Drake b419a40c45 finished periodic missing CVE reference check (hint vulns w/o CVEs here!)
also some minor cleanups here and there

git-svn-id: file:///home/svn/framework3/trunk@8762 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 05:58:01 +00:00
Joshua Drake 3b9524697f add verbose option
git-svn-id: file:///home/svn/framework3/trunk@8761 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 05:55:47 +00:00
Joshua Drake 52647260b3 add offset for alternative file open methods
git-svn-id: file:///home/svn/framework3/trunk@8757 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 05:57:22 +00:00
Joshua Drake fbc157df56 add exploit module for cve-2010-0688
git-svn-id: file:///home/svn/framework3/trunk@8754 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 01:04:44 +00:00
HD Moore b1973c6630 Adds detection and exploitation coverage for the Energizer Duo trojan
git-svn-id: file:///home/svn/framework3/trunk@8749 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 19:06:50 +00:00
Joshua Drake 83419da78b check for vulnerable version in JS prior to triggering vuln, closes #1011
git-svn-id: file:///home/svn/framework3/trunk@8731 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-06 04:36:16 +00:00
Joshua Drake 35c4a1d123 handle missing targets more gracefully, stub out linux and x86_64 support detection
git-svn-id: file:///home/svn/framework3/trunk@8729 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:35:18 +00:00
Joshua Drake 28f4eb2fd9 handle failed logins - fixes #1014
git-svn-id: file:///home/svn/framework3/trunk@8728 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:05:12 +00:00
Joshua Drake de9e944ad9 fix compile error
git-svn-id: file:///home/svn/framework3/trunk@8723 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 06:47:19 +00:00
Joshua Drake 73da75a931 big update to cmd stager
1. returns array of commands instead of big blob of lines
2. combine lines together when possible (to reduce # of commands to execute)
3. add cmd stager usage in mssql_payload
4. remove extraneous stuff here and there

git-svn-id: file:///home/svn/framework3/trunk@8721 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 00:29:44 +00:00
Joshua Drake 1629bf7bf0 move http_send_cmd into cmdweb test exploit
git-svn-id: file:///home/svn/framework3/trunk@8716 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 21:00:58 +00:00
Joshua Drake 0900314a15 redirect requests without subdirectories
git-svn-id: file:///home/svn/framework3/trunk@8713 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 18:28:05 +00:00
Joshua Drake 4bd857b53e add exploit module for cve-2008-3558
git-svn-id: file:///home/svn/framework3/trunk@8712 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 17:41:26 +00:00
Joshua Drake e8f22a7136 add exploit module for cve-2008-3878
git-svn-id: file:///home/svn/framework3/trunk@8705 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 06:19:37 +00:00
Joshua Drake 5aebed8fe7 add exploit module for cve-2008-5002
git-svn-id: file:///home/svn/framework3/trunk@8703 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 21:17:31 +00:00
Joshua Drake fb5906385d add exploit module for cve-2009-1534
git-svn-id: file:///home/svn/framework3/trunk@8698 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 18:12:37 +00:00
Joshua Drake d86575701d added CVE, KB references
git-svn-id: file:///home/svn/framework3/trunk@8696 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 03:20:58 +00:00
Steve Tornio 074b4ada44 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8688 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 12:23:17 +00:00
Joshua Drake 4b59410507 rename module per ms bulletin
git-svn-id: file:///home/svn/framework3/trunk@8686 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 07:50:25 +00:00
Joshua Drake d0153225a0 add exploit module for cve-2009-1612
git-svn-id: file:///home/svn/framework3/trunk@8685 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 02:26:55 +00:00
Joshua Drake cc9113397c add exploit for IE Windows Help vulnerability
git-svn-id: file:///home/svn/framework3/trunk@8682 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 23:14:20 +00:00
Joshua Drake e80df81350 correct the CVE reference
git-svn-id: file:///home/svn/framework3/trunk@8678 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 19:47:13 +00:00
Joshua Drake cc891bce80 whitespace cleanups
git-svn-id: file:///home/svn/framework3/trunk@8677 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 15:13:04 +00:00
James Lee 3b59bc7cfc use the same option names for user/pass
git-svn-id: file:///home/svn/framework3/trunk@8674 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-26 22:14:58 +00:00
Stephen Fewer b4339930e7 rename this module with the updated MSB and swap out the hard coded kernel stager for the new kernel stager mixin.
git-svn-id: file:///home/svn/framework3/trunk@8656 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-26 13:42:17 +00:00
Joshua Drake 541a409f44 remove app_name variable
git-svn-id: file:///home/svn/framework3/trunk@8619 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-24 16:53:55 +00:00
Joshua Drake afd2df315b rename module part deux!
git-svn-id: file:///home/svn/framework3/trunk@8607 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-23 18:12:10 +00:00
Joshua Drake 705a4626e4 remove dash from file name
git-svn-id: file:///home/svn/framework3/trunk@8605 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-23 18:06:35 +00:00
Joshua Drake 81f93d48e7 add german target from contributor, thx!
git-svn-id: file:///home/svn/framework3/trunk@8601 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-23 17:23:05 +00:00
Joshua Drake b810e9665f add comment about autofilter mapping
git-svn-id: file:///home/svn/framework3/trunk@8592 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 22:30:38 +00:00
Joshua Drake b818536e46 corrected comment text
git-svn-id: file:///home/svn/framework3/trunk@8590 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 22:27:15 +00:00
Joshua Drake e3b009471b move code in autofilter into check
git-svn-id: file:///home/svn/framework3/trunk@8589 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 22:26:28 +00:00
Joshua Drake 1faec528de fix InitAutoRunScript -> InitialAutoRunScript
git-svn-id: file:///home/svn/framework3/trunk@8582 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 17:52:19 +00:00
Joshua Drake 6414821ea8 add exploit modules for CVEs 2005-2877 and 2004-1037
git-svn-id: file:///home/svn/framework3/trunk@8578 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-21 20:31:09 +00:00
Joshua Drake 865969e059 whitespace adjustments - finally closes #773
git-svn-id: file:///home/svn/framework3/trunk@8575 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-21 01:44:34 +00:00
Joshua Drake 32bf50c627 add exploit module to get code exec from jboss.system:MainDeployer access
git-svn-id: file:///home/svn/framework3/trunk@8574 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-21 01:41:24 +00:00
Joshua Drake 8446a0c305 add auto-targeting to tomcat_mgr_deploy, fixes #887
git-svn-id: file:///home/svn/framework3/trunk@8564 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-20 01:14:39 +00:00
Steve Tornio 93acc977fe fix osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8563 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 19:42:08 +00:00
Joshua Drake 6e8eddcf5e add exploit module for cve-2008-0506
git-svn-id: file:///home/svn/framework3/trunk@8562 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 07:31:12 +00:00
HD Moore 1a53411282 Filter out the other test modules from automation
git-svn-id: file:///home/svn/framework3/trunk@8559 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 05:18:43 +00:00
HD Moore 0db3ada840 Filter this from automation
git-svn-id: file:///home/svn/framework3/trunk@8558 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 05:15:03 +00:00
natron 5b3c87c9c5 Add option to save java code to file.
git-svn-id: file:///home/svn/framework3/trunk@8557 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 05:11:56 +00:00
Joshua Drake 2e77c76824 add exploit module to get code exec on a tomcat manager instance, closes #772
git-svn-id: file:///home/svn/framework3/trunk@8552 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 18:18:43 +00:00
Patrick Webster 350c189a34 Added exploit module qbik_wingate_wwwproxy.
git-svn-id: file:///home/svn/framework3/trunk@8547 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 15:58:26 +00:00
Joshua Drake 797ab55f52 add exploit module for cve-2009-2011
git-svn-id: file:///home/svn/framework3/trunk@8541 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 20:14:40 +00:00
Joshua Drake b4ead057f6 add exploit module for cve-2000-0917
git-svn-id: file:///home/svn/framework3/trunk@8530 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 00:56:28 +00:00
Joshua Drake 4800d6841c commit cmd stager stuff from bannedit
git-svn-id: file:///home/svn/framework3/trunk@8518 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 16:38:19 +00:00
et cf29ff333e Added a path to prepend
git-svn-id: file:///home/svn/framework3/trunk@8514 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 05:24:31 +00:00
Joshua Drake 48b7aec12d corrected cve reference
git-svn-id: file:///home/svn/framework3/trunk@8512 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 00:30:17 +00:00
Joshua Drake a996668cfa added payload notes
git-svn-id: file:///home/svn/framework3/trunk@8511 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 00:27:45 +00:00
Joshua Drake 82369aa9e8 add exploit module for cve-2007-2447
git-svn-id: file:///home/svn/framework3/trunk@8510 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 00:26:41 +00:00
Joshua Drake 8c59c9cfdc fix typos
git-svn-id: file:///home/svn/framework3/trunk@8508 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 22:42:16 +00:00
Joshua Drake b1ef6075c0 add exploit module for cve-2007-5208
git-svn-id: file:///home/svn/framework3/trunk@8507 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 22:38:50 +00:00
HD Moore 1857268af8 Uber-fast-get-me-a-php-shell mode :)
git-svn-id: file:///home/svn/framework3/trunk@8505 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 17:59:54 +00:00
HD Moore 32357b1f64 Skip the debugging target for automatic mode
git-svn-id: file:///home/svn/framework3/trunk@8499 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 01:02:12 +00:00
HD Moore 5d7139ad6f Various module cleanups
git-svn-id: file:///home/svn/framework3/trunk@8498 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 00:48:03 +00:00
Patrick Webster f9ae031055 Added piranha_passwd_exec exploit module.
git-svn-id: file:///home/svn/framework3/trunk@8497 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-14 20:27:24 +00:00
Patrick Webster ee4fd8c75d Ported sambar6_search_results from v2.
git-svn-id: file:///home/svn/framework3/trunk@8480 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-13 20:15:19 +00:00
HD Moore 7aa7995da9 Autodetect and exploit 2003 SP0
git-svn-id: file:///home/svn/framework3/trunk@8479 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-13 20:04:24 +00:00
Patrick Webster 01cbe85468 Fixed OSVDB refs and added CA Server module.
git-svn-id: file:///home/svn/framework3/trunk@8478 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-13 16:16:13 +00:00
Patrick Webster c8da073f80 Ported calicclnt_getconfig exploit module from msf2.
git-svn-id: file:///home/svn/framework3/trunk@8476 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-13 15:38:06 +00:00
Joshua Drake 1896c82e39 add exploit module for cve-2009-2484
git-svn-id: file:///home/svn/framework3/trunk@8475 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-13 06:58:27 +00:00
Joshua Drake 8c28d583aa bump ranking up a notch
git-svn-id: file:///home/svn/framework3/trunk@8474 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-13 06:57:58 +00:00
Joshua Drake d561b8e8ec add references, update description
git-svn-id: file:///home/svn/framework3/trunk@8471 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-12 21:09:09 +00:00
Joshua Drake f3c6b01bbd add first exploit module using Rex::OLE (cve-2009-3129)
git-svn-id: file:///home/svn/framework3/trunk@8470 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-12 20:52:41 +00:00
Patrick Webster 3fd3d44ad6 Added barcode_ax49.rb exploit module.
git-svn-id: file:///home/svn/framework3/trunk@8466 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-12 18:06:49 +00:00
HD Moore 3fe41a0d94 Fix a small typo
git-svn-id: file:///home/svn/framework3/trunk@8463 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-12 14:44:23 +00:00
natron 9729b22972 Loopty version of the wireshark exploit. This will continually blast packets as a background job.
git-svn-id: file:///home/svn/framework3/trunk@8460 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-12 01:58:33 +00:00
Joshua Drake 6e80c7a62c use Rex::Arch::pack_addr
git-svn-id: file:///home/svn/framework3/trunk@8454 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-11 09:03:48 +00:00
Joshua Drake 0f942df9cd whitespace changes
git-svn-id: file:///home/svn/framework3/trunk@8451 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-11 06:00:12 +00:00
Joshua Drake f82c53db2a move 70k binary to data/exploits instead of hex encoded in the exploit
git-svn-id: file:///home/svn/framework3/trunk@8446 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-10 23:17:19 +00:00
James Lee eb6ce38e0c old zero-day shows its age
git-svn-id: file:///home/svn/framework3/trunk@8445 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-10 20:41:07 +00:00
Joshua Drake d96a6a1f8f add exploit module for cve-2009-2261 - first consumer of zip library!
git-svn-id: file:///home/svn/framework3/trunk@8440 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-10 17:28:25 +00:00
Joshua Drake 48a159006a Regenerate the payload with the specified AIX level, cleanups
git-svn-id: file:///home/svn/framework3/trunk@8427 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 04:15:47 +00:00
Joshua Drake e7f7ac20ea extended brute range, minor cleanups
git-svn-id: file:///home/svn/framework3/trunk@8426 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 04:15:15 +00:00
HD Moore af978cbbdc Regenerate the payload with the specified AIX level
git-svn-id: file:///home/svn/framework3/trunk@8424 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 03:59:20 +00:00
Joshua Drake 7bf3de2a3d randomize filler
git-svn-id: file:///home/svn/framework3/trunk@8422 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 00:43:56 +00:00
Joshua Drake 40579ce936 it works! don't forget to "set AIX <version>"
git-svn-id: file:///home/svn/framework3/trunk@8421 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 00:41:49 +00:00
HD Moore ba34abc232 Fix unpack("H*") vs unpack("H*")[0]
git-svn-id: file:///home/svn/framework3/trunk@8416 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 21:37:07 +00:00
HD Moore c6c1cda153 Try to delete the file (doesn't always work)
git-svn-id: file:///home/svn/framework3/trunk@8413 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 19:12:59 +00:00
HD Moore bc62eaf99b Adds a module to exploit insecure IIS configurations (PUT)
git-svn-id: file:///home/svn/framework3/trunk@8412 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 19:04:19 +00:00
Steve Tornio f3ad1c0a15 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8410 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 18:53:21 +00:00
Joshua Drake f04ae6f20d minor cleanups -- getting closer
git-svn-id: file:///home/svn/framework3/trunk@8402 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 01:03:46 +00:00
HD Moore 7870638481 Expose the SunRPC socket; we need to overhaul the SunRPC code sometime
git-svn-id: file:///home/svn/framework3/trunk@8399 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 00:52:58 +00:00
Joshua Drake 8b63d506f7 initial commit of aix cmsd exploit (not fully working yet)
git-svn-id: file:///home/svn/framework3/trunk@8398 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 00:44:54 +00:00
Joshua Drake 9f174795d4 add exploit module for vermillion ftpd memory corruption
git-svn-id: file:///home/svn/framework3/trunk@8396 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 00:39:48 +00:00
Joshua Drake a772bc2c85 minor cleanups
git-svn-id: file:///home/svn/framework3/trunk@8395 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-07 21:42:12 +00:00
HD Moore bd91871763 Correct credit for the advisory
git-svn-id: file:///home/svn/framework3/trunk@8391 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-06 23:22:28 +00:00
Joshua Drake 875a66553f clean up a couple comments to save future pain
git-svn-id: file:///home/svn/framework3/trunk@8380 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-06 06:53:31 +00:00
Joshua Drake bd3a4760da fixes to adobe_pdf_embedded_exe
optimized the directory search, and cmdline in general
added the Documents (Vista/Win7) to the list of directories to check
fixes #767



git-svn-id: file:///home/svn/framework3/trunk@8379 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-06 06:51:13 +00:00
Joshua Drake 9397c897ba fix spoof support
git-svn-id: file:///home/svn/framework3/trunk@8367 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-04 04:56:18 +00:00
Joshua Drake 9b79ebd000 add a windows target, thx redsand!
also removed some cruft


git-svn-id: file:///home/svn/framework3/trunk@8364 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-03 18:24:42 +00:00
Joshua Drake 7538b93aae add exploit module for cve-2006-6665
git-svn-id: file:///home/svn/framework3/trunk@8361 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-03 06:09:31 +00:00
Joshua Drake a41647a922 add silly jmp esp target for wireshark gui on debian
git-svn-id: file:///home/svn/framework3/trunk@8360 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-03 00:08:28 +00:00
Steve Tornio 2cbd6d152d Add cve and osvdb refs
git-svn-id: file:///home/svn/framework3/trunk@8347 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-02 12:37:07 +00:00
Joshua Drake 98dd073368 add an exploit module for one of the wireshark lwres vulns
git-svn-id: file:///home/svn/framework3/trunk@8346 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-02 06:20:18 +00:00
Joshua Drake 746c4fc263 whitespace change
git-svn-id: file:///home/svn/framework3/trunk@8345 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-02 06:19:34 +00:00
Joshua Drake fde3fbb2e3 add exploit module for cve-2009-1569
git-svn-id: file:///home/svn/framework3/trunk@8339 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-01 03:56:02 +00:00
Joshua Drake c073cd707a removed unecessary parameter, commented target
git-svn-id: file:///home/svn/framework3/trunk@8338 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-01 03:33:38 +00:00
Joshua Drake 2783c5884e add exploit module for cve-2009-1568
git-svn-id: file:///home/svn/framework3/trunk@8336 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-01 02:40:47 +00:00
natron 3ecabe1be9 Adds static signed jar and user messages letting them know.
git-svn-id: file:///home/svn/framework3/trunk@8328 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-29 19:47:40 +00:00
Joshua Drake 4863faf0a7 add reference to cve-2000-1209 (sa blank password)
git-svn-id: file:///home/svn/framework3/trunk@8324 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-29 16:37:06 +00:00
Joshua Drake c514c2274b typo, fixes #786, see also r8315
git-svn-id: file:///home/svn/framework3/trunk@8316 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-29 01:06:06 +00:00
Joshua Drake 53fd14c9c0 updated description, added PATH variable
git-svn-id: file:///home/svn/framework3/trunk@8315 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-29 01:04:23 +00:00
natron 69ad365b46 Added STDERR to pure java payload, cleaned up user's view.
git-svn-id: file:///home/svn/framework3/trunk@8308 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 22:53:36 +00:00
Steve Tornio 70c0cb7530 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8307 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 21:04:40 +00:00
Steve Tornio a3f4d4f65e add cve and osvdb refs
git-svn-id: file:///home/svn/framework3/trunk@8306 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 21:04:01 +00:00
Joshua Drake c0e556f7ad oops, broke the tree again!
git-svn-id: file:///home/svn/framework3/trunk@8305 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 20:37:44 +00:00
Joshua Drake 4751d83cb8 some cleanups, added some CVE references
git-svn-id: file:///home/svn/framework3/trunk@8304 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 20:15:32 +00:00
Joshua Drake 7789db860d add exploit module for Audiotran .pls file bof
git-svn-id: file:///home/svn/framework3/trunk@8303 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 19:24:41 +00:00
Joshua Drake d9e5de5683 note the CLSID of this control
git-svn-id: file:///home/svn/framework3/trunk@8302 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 19:17:50 +00:00
Joshua Drake 15e13348c0 add exploit module for AOL phobos bug
git-svn-id: file:///home/svn/framework3/trunk@8300 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 18:58:14 +00:00
Joshua Drake 0fbe42395f added automatic target detection
git-svn-id: file:///home/svn/framework3/trunk@8287 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 07:34:47 +00:00
Joshua Drake 008755b025 add exploit module for yassl CertDecoder::GetName vuln
also renames old mysql_yassl exploit to _hello

git-svn-id: file:///home/svn/framework3/trunk@8282 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 23:24:44 +00:00
natron 9891d60dfc Move applet generation up for slight speed improvement and less spamminess to the user.
git-svn-id: file:///home/svn/framework3/trunk@8281 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 23:15:36 +00:00
natron 5e4442a4d4 Fix a bug missed due to caching issues.
git-svn-id: file:///home/svn/framework3/trunk@8276 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 20:58:13 +00:00
natron c135462768 <@jduck> natron: you need some svn keywords magic
git-svn-id: file:///home/svn/framework3/trunk@8274 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 20:20:32 +00:00
natron cd5e5880d2 Initial commit of Msf::Exploit::Java mixin and multi/browser/java_signed_applet exploit.
git-svn-id: file:///home/svn/framework3/trunk@8267 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 19:46:39 +00:00
Joshua Drake 31949c4343 svn keywords fixups
fixed a bunch of $Id$ and $Revision$ typos
added keywords property to files missing it



git-svn-id: file:///home/svn/framework3/trunk@8242 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-26 20:12:13 +00:00
HD Moore 1bdd286936 This bug actually affected 9.2 as well according to adobe, reference updated
git-svn-id: file:///home/svn/framework3/trunk@8222 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-25 14:22:13 +00:00
Joshua Drake 87adb7714f fixed whitespace
git-svn-id: file:///home/svn/framework3/trunk@8219 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-25 04:52:49 +00:00
Joshua Drake 83f47796fe add reference to ms09-032 (the mitigation)
git-svn-id: file:///home/svn/framework3/trunk@8212 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-24 00:05:19 +00:00
Joshua Drake 14862e0106 added another target
git-svn-id: file:///home/svn/framework3/trunk@8204 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-22 21:43:40 +00:00
Joshua Drake 6fd20d411f add exploit module for cve-2009-4179
git-svn-id: file:///home/svn/framework3/trunk@8192 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-22 05:52:53 +00:00
Joshua Drake 409d44bfad fix another typo
git-svn-id: file:///home/svn/framework3/trunk@8190 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 19:26:04 +00:00
Joshua Drake 9cb3ac9340 fix typo
git-svn-id: file:///home/svn/framework3/trunk@8189 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 19:24:54 +00:00
Joshua Drake ab1a1c58db escape more format specifiers passed to util.printd
prevents mucking with the allocation size (hopefully)
a better solution would be to find a different way to allocate the freed memory..


git-svn-id: file:///home/svn/framework3/trunk@8188 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 18:32:01 +00:00
Joshua Drake a87d4e7eb4 escape randomly generated format specifiers passed to util.printd
prevents mucking with the allocation size (hopefully)


git-svn-id: file:///home/svn/framework3/trunk@8186 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 17:09:46 +00:00
Joshua Drake 2b8a2d56a1 some variable renaming
git-svn-id: file:///home/svn/framework3/trunk@8184 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 04:55:16 +00:00
Joshua Drake 72e1b9bb50 added a couple better error messages
git-svn-id: file:///home/svn/framework3/trunk@8183 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 00:30:08 +00:00
Joshua Drake 97c3159293 fixed version command, check function
git-svn-id: file:///home/svn/framework3/trunk@8182 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 00:15:20 +00:00
Joshua Drake e8048704be add exploit module for cve-2009-1979 (oracle pre-auth bof)
git-svn-id: file:///home/svn/framework3/trunk@8181 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 00:05:18 +00:00
Joshua Drake 310be42bfa try not to repeatedly load static files - see #694
git-svn-id: file:///home/svn/framework3/trunk@8166 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 19:12:42 +00:00
Joshua Drake db5097af91 bump ranking up, comment about crash recovery
git-svn-id: file:///home/svn/framework3/trunk@8154 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 07:23:22 +00:00
Joshua Drake 477468147b cleanup exceptions, optimize query length, add some entropy
git-svn-id: file:///home/svn/framework3/trunk@8153 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 05:09:40 +00:00
Joshua Drake 7c402d1d79 changed a comment
git-svn-id: file:///home/svn/framework3/trunk@8152 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 01:56:31 +00:00