infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,270 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

658 Commits (6c19466de8e5080b140b4ebf808025a44e8bdefb)

Author SHA1 Message Date
James Lee f3bda46333 doesn't work on IE8, fixes #3566, thanks Hauke Mehrtens for the patch 
git-svn-id: file:///home/svn/framework3/trunk@11610 4d416f70-5f16-0410-b530-b9f4589650da
 2011-01-20 19:30:59 +00:00
Joshua Drake b6b9b83dd7 add CVE reference 
git-svn-id: file:///home/svn/framework3/trunk@11579 4d416f70-5f16-0410-b530-b9f4589650da
 2011-01-14 16:25:37 +00:00
Joshua Drake 739604ea12 Fixes #3469, silly typo 
git-svn-id: file:///home/svn/framework3/trunk@11520 4d416f70-5f16-0410-b530-b9f4589650da
 2011-01-08 05:58:55 +00:00
Joshua Drake d994f595fe remove unused vars 
git-svn-id: file:///home/svn/framework3/trunk@11517 4d416f70-5f16-0410-b530-b9f4589650da
 2011-01-08 01:59:10 +00:00
Joshua Drake 287f4c87fe style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@11516 4d416f70-5f16-0410-b530-b9f4589650da
 2011-01-08 01:13:26 +00:00
Joshua Drake 19e8a6a5b1 switch AutoRunScript for InitialAutoRunScript, oops 
git-svn-id: file:///home/svn/framework3/trunk@11513 4d416f70-5f16-0410-b530-b9f4589650da
 2011-01-08 00:25:44 +00:00
Jonathan Cran a206ed8418 clarifying wmi tools are not installed by default 
git-svn-id: file:///home/svn/framework3/trunk@11481 4d416f70-5f16-0410-b530-b9f4589650da
 2011-01-06 05:27:37 +00:00
Joshua Drake bc7a8e3b47 fix silly merge conflict data in HTML 
git-svn-id: file:///home/svn/framework3/trunk@11479 4d416f70-5f16-0410-b530-b9f4589650da
 2011-01-05 22:52:54 +00:00
Joshua Drake 08df4dac3b randomize import styles, patch from jjarmoc 
git-svn-id: file:///home/svn/framework3/trunk@11443 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-29 16:49:20 +00:00
Joshua Drake b3bfb5834e change credit to passerby 
git-svn-id: file:///home/svn/framework3/trunk@11427 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-28 17:10:19 +00:00
Joshua Drake 5f5d2992ce add reference to 0x557 slides (for .NET 2.0 rop) 
git-svn-id: file:///home/svn/framework3/trunk@11405 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-23 01:36:54 +00:00
Joshua Drake cdfe03ce43 add MSFT advisory and CVE 
git-svn-id: file:///home/svn/framework3/trunk@11404 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-23 01:30:43 +00:00
Steve Tornio 09b00739fb add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@11402 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-22 22:21:56 +00:00
Joshua Drake 0f24d1955c minor corrections, use .NET 2.0 ROP :) 
git-svn-id: file:///home/svn/framework3/trunk@11398 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-22 18:26:18 +00:00
Joshua Drake 44c8a71dcf minor clean ups 
git-svn-id: file:///home/svn/framework3/trunk@11397 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-22 18:23:16 +00:00
Mario Ceballos 1407d7f1d5 revert back. little more reliable. 
git-svn-id: file:///home/svn/framework3/trunk@11396 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-22 17:40:13 +00:00
Mario Ceballos d89c60f2de add exploit module wmi_admintools.rb 
git-svn-id: file:///home/svn/framework3/trunk@11395 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-22 14:35:36 +00:00
Joshua Drake c4c0cabccb switch to .NET 2.0 ROP, Merry Xmas! 
git-svn-id: file:///home/svn/framework3/trunk@11390 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-21 19:24:19 +00:00
Joshua Drake 5d2f26b41b add exploit for unpatched IE css import bug 
git-svn-id: file:///home/svn/framework3/trunk@11383 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-20 16:34:07 +00:00
Joshua Drake b8b0e1af97 fix typo 
git-svn-id: file:///home/svn/framework3/trunk@11380 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-20 09:11:45 +00:00
James Lee f15e6e5e62 update autopwn, replace ms10-018 behaviors with ms10-090 css clip. 
git-svn-id: file:///home/svn/framework3/trunk@11333 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-14 18:53:22 +00:00
Joshua Drake af56bebfa1 note ms10-090 bulletin 
git-svn-id: file:///home/svn/framework3/trunk@11331 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-14 18:41:20 +00:00
Steve Tornio e6f640bc17 add cve and osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@11189 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-01 03:18:05 +00:00
Mario Ceballos 14ea7a85bb svn keywords 
git-svn-id: file:///home/svn/framework3/trunk@11188 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-01 02:03:25 +00:00
Mario Ceballos 5ed387aa38 added exploit module enjoysapgui_comp_download.rb 
git-svn-id: file:///home/svn/framework3/trunk@11187 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-01 02:01:46 +00:00
Joshua Drake e9faf75503 fix some more titles with periods 
git-svn-id: file:///home/svn/framework3/trunk@11127 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-24 19:35:38 +00:00
James Lee 52389d28f4 make windows the default target 
git-svn-id: file:///home/svn/framework3/trunk@11102 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-22 20:54:25 +00:00
James Lee 7a3770f87b don't use java_basicservice_impl in browser autopwn because it doesn't work in an iframe against IE and causes popups in other browsers 
git-svn-id: file:///home/svn/framework3/trunk@11101 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-22 20:44:16 +00:00
James Lee d608db778c we're not sending an applet, just a jar, clarify the output 
git-svn-id: file:///home/svn/framework3/trunk@11084 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-21 19:58:04 +00:00
James Lee 6f7af42667 add an exploit for cve-2010-3563, thanks Matthias Kaiser 
git-svn-id: file:///home/svn/framework3/trunk@11078 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-19 23:02:35 +00:00
Joshua Drake 3992eb7ef8 Mass RE-update: fix all framework URL references 
git-svn-id: file:///home/svn/framework3/trunk@10998 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-11 22:43:22 +00:00
Joshua Drake 9fc6f2f3a3 Mass update: fix all framework URL references 
git-svn-id: file:///home/svn/framework3/trunk@10996 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-11 22:25:13 +00:00
Joshua Drake eab0a40caa switch up IE6 target to work on older version 
git-svn-id: file:///home/svn/framework3/trunk@10978 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-11 02:54:56 +00:00
Joshua Drake 61e5d00722 switch title, comment out IE8 target for now 
git-svn-id: file:///home/svn/framework3/trunk@10963 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-09 23:12:48 +00:00
Steve Tornio 338d6e3693 add osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@10914 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-05 02:58:01 +00:00
Joshua Drake b0f64ebba1 add a debug target 
git-svn-id: file:///home/svn/framework3/trunk@10912 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-05 00:08:55 +00:00
Joshua Drake 76123e79c1 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@10909 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-04 23:59:56 +00:00
Joshua Drake 979ddcd8e5 add exploit for cve-2010-3962 
git-svn-id: file:///home/svn/framework3/trunk@10907 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-04 23:44:23 +00:00
Steve Tornio 9f5fca12f7 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@10828 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-26 15:28:04 +00:00
Joshua Drake f909b360ba note tested on 6u11 
git-svn-id: file:///home/svn/framework3/trunk@10820 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-25 20:22:08 +00:00
Joshua Drake 3fffd15549 add exploit for cve-2010-3552 (w/dep bypass) 
git-svn-id: file:///home/svn/framework3/trunk@10819 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-25 20:21:41 +00:00
Steve Tornio 0251c446f1 add cve, osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@10784 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-22 12:21:30 +00:00
Joshua Drake 6bd75bb2d5 add shockwave exploit from abysssec/rel1k 
git-svn-id: file:///home/svn/framework3/trunk@10779 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-22 03:15:22 +00:00
Joshua Drake 7de96a710f add trendmicro extsetowner exploit from Trancer 
git-svn-id: file:///home/svn/framework3/trunk@10538 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-04 04:26:09 +00:00
Joshua Drake 279c604015 missed a couple exe generater includes 
git-svn-id: file:///home/svn/framework3/trunk@10504 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-28 16:19:50 +00:00
Joshua Drake b8b21cd53c handle dirs and index.html specially 
git-svn-id: file:///home/svn/framework3/trunk@10454 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-24 01:11:05 +00:00
Joshua Drake 600ec0a848 add two exploits from Trancer! woot! 
git-svn-id: file:///home/svn/framework3/trunk@10429 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-21 18:46:29 +00:00
HD Moore d89004753c Fixes #2450 by allowing any length extension 
git-svn-id: file:///home/svn/framework3/trunk@10411 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-21 02:59:22 +00:00
Joshua Drake 8e5cf31e9a big exe/dll update, see #2017 
NOTE: These changes specifically affect payload encoding via RPC, "use
payload", and msfencode

1. consolidate user-specified exe generation routine (now
Msf::Util::EXE.to_executable_fmt)
2. supported format types are now queried/checked using arrays
3. cleaned up and standardized exe option passing
4. rename data store options for EXE mixin
5. add generate_payload_exe_service for psexec/smb_relay
6. reworked default template handling in Msf::Util::EXE
  a. added template search path option (not used if template includes
a path separator)
  b. "fallback" flag to enable using default if specified file doesn't
exist
7. added Msf::Util::EXE.to_win64pe_dll
8. improved error messages from exe generation



git-svn-id: file:///home/svn/framework3/trunk@10404 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-21 00:13:30 +00:00
Joshua Drake 4590844871 tons of indentation fixes, some other style tweaks 
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-20 08:06:27 +00:00
Joshua Drake 19db412383 convert remaining EXE generation to use the mixin, fixes #2017 
git-svn-id: file:///home/svn/framework3/trunk@10389 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-20 04:38:13 +00:00
Joshua Drake 21d88b36c1 rename generate_exe -> generate_payload_exe 
git-svn-id: file:///home/svn/framework3/trunk@10388 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-20 04:37:25 +00:00
Joshua Drake 5250ff20bb add svn:keywords, increase ranking, add browser version 
git-svn-id: file:///home/svn/framework3/trunk@10280 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-09 23:23:40 +00:00
Joshua Drake ace873a37a update test notes 
git-svn-id: file:///home/svn/framework3/trunk@10204 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-31 17:55:43 +00:00
Steve Tornio 3c704ec753 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@10201 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-31 11:44:11 +00:00
Joshua Drake 3ab9a9b8d7 add Win7 IE8 target 
git-svn-id: file:///home/svn/framework3/trunk@10199 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-30 23:31:01 +00:00
Joshua Drake 561c861a3a add CVE reference 
git-svn-id: file:///home/svn/framework3/trunk@10196 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-30 21:52:45 +00:00
Joshua Drake 2d6a956763 update description 
git-svn-id: file:///home/svn/framework3/trunk@10194 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-30 20:50:52 +00:00
Joshua Drake f68fd01772 nudge reliability up 
git-svn-id: file:///home/svn/framework3/trunk@10193 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-30 20:44:43 +00:00
Joshua Drake a39639c56f add exploit for quicktime backdoor 
git-svn-id: file:///home/svn/framework3/trunk@10192 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-30 20:42:51 +00:00
Joshua Drake 330281eadd see #684, adds checksum support, updates modules to use it, fixes some wfs_delay/WfsDelay issues 
git-svn-id: file:///home/svn/framework3/trunk@10150 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-25 20:55:37 +00:00
Joshua Drake bc56ae73a1 correct typo, thx jcran 
git-svn-id: file:///home/svn/framework3/trunk@10142 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-25 16:18:02 +00:00
Joshua Drake aac956db50 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@10128 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-24 18:22:48 +00:00
HD Moore 65af96745f Set manual ranking until we have a vulnerable extension list added by default 
git-svn-id: file:///home/svn/framework3/trunk@10101 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-23 13:41:59 +00:00
HD Moore cc3554601f Tools for testing DLL hijack flaws 
git-svn-id: file:///home/svn/framework3/trunk@10100 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-23 05:43:47 +00:00
Steve Tornio 0e1ed07e73 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@10078 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-20 11:36:50 +00:00
Joshua Drake 1cc13485ae bring ranking down 
git-svn-id: file:///home/svn/framework3/trunk@10070 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-19 23:55:59 +00:00
Joshua Drake 791af4b6c5 add exploit for sonicwall aventail activex format string 
git-svn-id: file:///home/svn/framework3/trunk@10069 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-19 23:52:11 +00:00
Joshua Drake 5f0d68d883 add exploit for cve-2010-1799 
git-svn-id: file:///home/svn/framework3/trunk@10011 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-13 23:11:23 +00:00
Joshua Drake 1b31a44b57 move riff support from ani_loadimage browser sploit to mixin 
git-svn-id: file:///home/svn/framework3/trunk@9984 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-12 16:56:41 +00:00
Joshua Drake b93462a27f add msb and rename module 
git-svn-id: file:///home/svn/framework3/trunk@9956 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-04 02:21:33 +00:00
Joshua Drake 459c046ac2 add msb and rename module 
git-svn-id: file:///home/svn/framework3/trunk@9955 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-04 02:21:20 +00:00
Joshua Drake a31e133e80 add 3 easy ftp server exploits, 1 chemview activex 
git-svn-id: file:///home/svn/framework3/trunk@9935 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-27 02:25:15 +00:00
Joshua Drake f4103fd7f5 increase ranking 
git-svn-id: file:///home/svn/framework3/trunk@9933 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-26 19:30:02 +00:00
Joshua Drake 2448f6b1a8 fix lnk file generation, tested OK on win7 x86 
git-svn-id: file:///home/svn/framework3/trunk@9930 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-26 01:51:17 +00:00
Joshua Drake 2ccf0a0c81 add UNCHOST var, remove \r chars 
git-svn-id: file:///home/svn/framework3/trunk@9897 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-21 00:02:47 +00:00
Joshua Drake dd7a8178d7 actually use Msf::Exploit::EXE 
git-svn-id: file:///home/svn/framework3/trunk@9896 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-21 00:02:04 +00:00
Joshua Drake 1ca054ba53 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@9893 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-20 23:28:47 +00:00
HD Moore 99e2c9aa72 Looks like my initial testing was wrong - you can trigger this entirely through HTTP with a meta refresh, just not with a 301 (IE only). 
git-svn-id: file:///home/svn/framework3/trunk@9888 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-20 19:54:56 +00:00
Joshua Drake 786ccb3d5f add support for OWC11 (from DSR!) 
git-svn-id: file:///home/svn/framework3/trunk@9883 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-20 06:24:19 +00:00
HD Moore d388c1bc4f Handle unknown requests in a cleaner way 
git-svn-id: file:///home/svn/framework3/trunk@9879 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-20 03:08:43 +00:00
Joshua Drake e30164e09e possibly fix a bug 
git-svn-id: file:///home/svn/framework3/trunk@9873 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-20 00:23:18 +00:00
Steve Tornio 3674a11fa5 add osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@9870 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-19 23:02:22 +00:00
HD Moore fcd23fbdce Adds coverage for the Windows Shell LNK code execution flaw (CVE-2010-2568) 
git-svn-id: file:///home/svn/framework3/trunk@9869 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-19 22:36:26 +00:00
Joshua Drake d07e613504 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@9842 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-16 02:33:25 +00:00
HD Moore 24800ca1ec Add reference for the help center bug 
git-svn-id: file:///home/svn/framework3/trunk@9810 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-13 19:31:40 +00:00
HD Moore 19f1583ba5 Change to match MSB 
git-svn-id: file:///home/svn/framework3/trunk@9809 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-13 19:30:47 +00:00
HD Moore edae6e2d02 Change to match MSB 
git-svn-id: file:///home/svn/framework3/trunk@9808 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-13 19:30:36 +00:00
James Lee a5786cdc64 stop using some older exploits in browser_autopwn in favor of ie_behaviors which works on more versions 
git-svn-id: file:///home/svn/framework3/trunk@9787 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-12 02:51:50 +00:00
Joshua Drake c7f5ba801c add lots of disclosure dates from OSVDB (missed a few) 
git-svn-id: file:///home/svn/framework3/trunk@9670 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-03 03:19:07 +00:00
Joshua Drake 7d945ed9dc add lots of disclosure dates from OSVDB 
git-svn-id: file:///home/svn/framework3/trunk@9669 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-03 03:13:45 +00:00
Joshua Drake 56ea22716e oops, broke the tree 
git-svn-id: file:///home/svn/framework3/trunk@9668 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-03 01:38:15 +00:00
Joshua Drake 9984b662e0 switch some URL references to US-CERT-VU type 
git-svn-id: file:///home/svn/framework3/trunk@9666 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-03 01:09:32 +00:00
Joshua Drake f6f954a18c add missing CVE/OSVDB references, plenty still missing *wink wink* 
git-svn-id: file:///home/svn/framework3/trunk@9659 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-02 00:10:51 +00:00
Joshua Drake 0882838491 ensure binary mode when opening files, whitespace fixes 
git-svn-id: file:///home/svn/framework3/trunk@9653 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-01 23:33:07 +00:00
Joshua Drake 8676a88ce3 fix typo, thx chad 
git-svn-id: file:///home/svn/framework3/trunk@9646 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-01 20:35:56 +00:00
Joshua Drake a040b3708a add some MSB numbers that were missing, rename ms08-070 msmask32 module 
git-svn-id: file:///home/svn/framework3/trunk@9532 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-15 23:49:17 +00:00
Joshua Drake fa505a4069 various fixes, mostly consistency changes to disclosure dates 
git-svn-id: file:///home/svn/framework3/trunk@9525 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-15 07:18:08 +00:00
Joshua Drake 09f4c42aee fix whitespace 
git-svn-id: file:///home/svn/framework3/trunk@9518 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-15 05:44:29 +00:00
natron 7cbc566c7b Bug fixes for WMP11 and IE8, new configurable setting for exploit trigger, and output cleanup. 
git-svn-id: file:///home/svn/framework3/trunk@9495 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 20:54:35 +00:00
Joshua Drake 75b906ac4c switch to %uFFFF per secunia analysis, fix regexp handling 
git-svn-id: file:///home/svn/framework3/trunk@9491 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 17:40:42 +00:00
Joshua Drake cb69258fb2 fix regexp handling 
git-svn-id: file:///home/svn/framework3/trunk@9490 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 17:40:12 +00:00
Joshua Drake e32abab8dc a HTTP -> an HTTP (http://www.english-zone.com/grammar/a-anlessn.html) 
git-svn-id: file:///home/svn/framework3/trunk@9488 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 16:12:05 +00:00
Joshua Drake 565397e989 fix CVE reference -- shakes stick 
git-svn-id: file:///home/svn/framework3/trunk@9487 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 16:10:12 +00:00
Joshua Drake c62b62d35d style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@9486 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 15:17:23 +00:00
Steve Tornio e2f4a6ad0d add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@9485 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 10:39:41 +00:00
HD Moore 7c87a96e65 Add CVE from Kurt S. 
git-svn-id: file:///home/svn/framework3/trunk@9484 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 06:49:54 +00:00
natron f4394bf0e0 Initial commit for Tavis Ormandy's Help Ctr bug. Needs improvement on stealthiness, but works for now. 
-n


git-svn-id: file:///home/svn/framework3/trunk@9483 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 06:10:08 +00:00
Joshua Drake 619d088ada updated test results 
git-svn-id: file:///home/svn/framework3/trunk@9477 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-10 20:55:17 +00:00
Joshua Drake 07ed2d636c add browser version of cve-2010-1297 
git-svn-id: file:///home/svn/framework3/trunk@9475 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-10 20:28:05 +00:00
Joshua Drake 6d1e7bdaa5 big commit - lots of cmdstager changes 
created 4 cmd stagers (instead of just one): CmdStagerVBS, CmdStagerDebugAsm, CmdStagerDebugWrite, CmdStagerTFTP
created a TFTPServer mixin
created Msf::Exploit::EXE mixin to generate executables
updated all uses of CmdStager to use CmdStagerVBS for the time being
add exploit for cve-2001-0333 using CmdStagerTFTP
updated tftp server to wait for transfers to finish (up to 30 seconds) before shutting down
write debug.exe stager stub in 16-bit assembly (used in CmdStagerDebugAsm)


git-svn-id: file:///home/svn/framework3/trunk@9375 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-26 22:39:56 +00:00
Steve Tornio cfb850b41b add osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@9363 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-25 02:09:42 +00:00
Joshua Drake acf45118a2 add exploit module for communicrypt activex from dookie 
git-svn-id: file:///home/svn/framework3/trunk@9356 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-24 22:37:59 +00:00
Steve Tornio 365f13551b added refs. I think all the auxiliary and exploit modules should now be covered. 
git-svn-id: file:///home/svn/framework3/trunk@9298 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-13 16:53:50 +00:00
Joshua Drake 128e0515ef stop perpetuating the ambiguity! 
git-svn-id: file:///home/svn/framework3/trunk@9262 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-09 17:45:00 +00:00
Joshua Drake 4bc86e603e fix a couple more silly regex mishaps 
git-svn-id: file:///home/svn/framework3/trunk@9220 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-04 23:09:32 +00:00
Joshua Drake 0e72894e58 more cleanups 
git-svn-id: file:///home/svn/framework3/trunk@9212 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-03 17:13:09 +00:00
Joshua Drake 665baa7691 modify ms09-002 exploit to use encrypt_js 
git-svn-id: file:///home/svn/framework3/trunk@9200 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-02 20:42:34 +00:00
Joshua Drake ce372f62ff fix aurora encrypt and add js_encrypt to chilikat module 
git-svn-id: file:///home/svn/framework3/trunk@9185 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-01 02:31:17 +00:00
Joshua Drake 2662055be8 add encrypt_js call to aurora exploit 
git-svn-id: file:///home/svn/framework3/trunk@9184 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-01 02:14:26 +00:00
Joshua Drake 0ea6eca4bc big module whitespace/formatting cleanup pass 
git-svn-id: file:///home/svn/framework3/trunk@9179 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-30 08:40:19 +00:00
Joshua Drake d91046c470 detect and split JS and non-JS versions 
git-svn-id: file:///home/svn/framework3/trunk@9160 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-27 17:45:35 +00:00
Joshua Drake 49f6fc4d98 ugh 
git-svn-id: file:///home/svn/framework3/trunk@9159 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-27 16:46:21 +00:00
Joshua Drake 2f3171906c remove splash screen 
git-svn-id: file:///home/svn/framework3/trunk@9158 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-27 15:58:05 +00:00
Joshua Drake ac188bebdb added support for older JREs using javascript methods from taviso's exploit 
git-svn-id: file:///home/svn/framework3/trunk@9151 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-27 00:42:52 +00:00
Joshua Drake a953c47cfb remove carriage returns 
git-svn-id: file:///home/svn/framework3/trunk@9140 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-26 18:29:24 +00:00
Joshua Drake bc68b7d92e fix name 
git-svn-id: file:///home/svn/framework3/trunk@9097 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-16 08:08:40 +00:00
Joshua Drake fc2fab9bd7 fix name 
git-svn-id: file:///home/svn/framework3/trunk@9096 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-16 08:08:36 +00:00
Joshua Drake 51e6a64e07 add UNCPATH option 
git-svn-id: file:///home/svn/framework3/trunk@9095 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-16 08:08:14 +00:00
Joshua Drake 80cec47e17 added cve 
git-svn-id: file:///home/svn/framework3/trunk@9091 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-16 00:31:31 +00:00
Joshua Drake 180ca93bbb updated description 
git-svn-id: file:///home/svn/framework3/trunk@9090 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-16 00:31:03 +00:00
Joshua Drake 8e5f0a37d8 rename modules to microsoft bulletin names and update references 
git-svn-id: file:///home/svn/framework3/trunk@9085 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-15 16:08:27 +00:00
Joshua Drake 73dfe9729b update default option settings and auto_target 
git-svn-id: file:///home/svn/framework3/trunk@9083 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-15 15:23:43 +00:00
Steve Tornio ec74d862a7 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@9082 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-15 11:18:25 +00:00
Joshua Drake 950f571488 add module for java web start arguments vuln - no CVE yet 
git-svn-id: file:///home/svn/framework3/trunk@9074 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-14 21:45:23 +00:00
pusscat 99ecd361d3 Fix variable name (care of Monica Sojeong Hong) 
git-svn-id: file:///home/svn/framework3/trunk@9061 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-13 19:05:52 +00:00
HD Moore c8aae09827 Correct english in the quotation 
git-svn-id: file:///home/svn/framework3/trunk@9029 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-07 00:59:20 +00:00
Joshua Drake e9083bda0d add exploit module for cve-2010-0805 - from zsploit 
git-svn-id: file:///home/svn/framework3/trunk@9018 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-05 20:25:56 +00:00
HD Moore 52faebea30 Typo 
git-svn-id: file:///home/svn/framework3/trunk@9006 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-04 04:57:42 +00:00
HD Moore 8f0e3ced67 Correct spelling typo 
git-svn-id: file:///home/svn/framework3/trunk@9004 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-04 00:46:49 +00:00
Joshua Drake ff8cdc29aa update description with a little history 
git-svn-id: file:///home/svn/framework3/trunk@8968 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-31 22:36:10 +00:00
Joshua Drake da874c323a renamed and udpated "iepeers" vuln with latest information/name 
git-svn-id: file:///home/svn/framework3/trunk@8965 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-31 20:15:22 +00:00
Joshua Drake 79e277450a add reliable IE7 trigger from Nanika 
git-svn-id: file:///home/svn/framework3/trunk@8935 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-27 01:31:19 +00:00
Joshua Drake 89d6907a8f fix typoez 
git-svn-id: file:///home/svn/framework3/trunk@8933 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-27 00:35:48 +00:00
HD Moore 13410d4daa Rename aurora module to the MSB naming convention 
git-svn-id: file:///home/svn/framework3/trunk@8780 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-11 05:49:45 +00:00
HD Moore a23344b5d0 Consistency in how IE/Internet Explorer is named 
git-svn-id: file:///home/svn/framework3/trunk@8779 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-11 05:49:14 +00:00
Steve Tornio d3da883aa2 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@8774 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-10 22:07:04 +00:00
Joshua Drake 3c57fe6e81 add exploit module for cve-2010-0806 
git-svn-id: file:///home/svn/framework3/trunk@8770 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-10 22:01:32 +00:00
Joshua Drake b419a40c45 finished periodic missing CVE reference check (hint vulns w/o CVEs here!) 
also some minor cleanups here and there

git-svn-id: file:///home/svn/framework3/trunk@8762 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-10 05:58:01 +00:00
Joshua Drake 83419da78b check for vulnerable version in JS prior to triggering vuln, closes #1011 
git-svn-id: file:///home/svn/framework3/trunk@8731 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-06 04:36:16 +00:00
Joshua Drake 73da75a931 big update to cmd stager 
1. returns array of commands instead of big blob of lines
2. combine lines together when possible (to reduce # of commands to execute)
3. add cmd stager usage in mssql_payload
4. remove extraneous stuff here and there

git-svn-id: file:///home/svn/framework3/trunk@8721 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-05 00:29:44 +00:00
Joshua Drake 0900314a15 redirect requests without subdirectories 
git-svn-id: file:///home/svn/framework3/trunk@8713 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-04 18:28:05 +00:00
Joshua Drake 4bd857b53e add exploit module for cve-2008-3558 
git-svn-id: file:///home/svn/framework3/trunk@8712 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-04 17:41:26 +00:00
Joshua Drake e8f22a7136 add exploit module for cve-2008-3878 
git-svn-id: file:///home/svn/framework3/trunk@8705 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-04 06:19:37 +00:00
Joshua Drake 5aebed8fe7 add exploit module for cve-2008-5002 
git-svn-id: file:///home/svn/framework3/trunk@8703 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-03 21:17:31 +00:00
Joshua Drake fb5906385d add exploit module for cve-2009-1534 
git-svn-id: file:///home/svn/framework3/trunk@8698 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-03 18:12:37 +00:00
Joshua Drake d86575701d added CVE, KB references 
git-svn-id: file:///home/svn/framework3/trunk@8696 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-03 03:20:58 +00:00
Steve Tornio 074b4ada44 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@8688 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-02 12:23:17 +00:00
Joshua Drake 4b59410507 rename module per ms bulletin 
git-svn-id: file:///home/svn/framework3/trunk@8686 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-02 07:50:25 +00:00
Joshua Drake d0153225a0 add exploit module for cve-2009-1612 
git-svn-id: file:///home/svn/framework3/trunk@8685 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-02 02:26:55 +00:00
Joshua Drake cc9113397c add exploit for IE Windows Help vulnerability 
git-svn-id: file:///home/svn/framework3/trunk@8682 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-01 23:14:20 +00:00
Joshua Drake cc891bce80 whitespace cleanups 
git-svn-id: file:///home/svn/framework3/trunk@8677 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-01 15:13:04 +00:00
Joshua Drake afd2df315b rename module part deux! 
git-svn-id: file:///home/svn/framework3/trunk@8607 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-23 18:12:10 +00:00
Joshua Drake 705a4626e4 remove dash from file name 
git-svn-id: file:///home/svn/framework3/trunk@8605 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-23 18:06:35 +00:00
Joshua Drake 797ab55f52 add exploit module for cve-2009-2011 
git-svn-id: file:///home/svn/framework3/trunk@8541 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-17 20:14:40 +00:00
Patrick Webster 3fd3d44ad6 Added barcode_ax49.rb exploit module. 
git-svn-id: file:///home/svn/framework3/trunk@8466 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-12 18:06:49 +00:00
James Lee eb6ce38e0c old zero-day shows its age 
git-svn-id: file:///home/svn/framework3/trunk@8445 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-10 20:41:07 +00:00
HD Moore ba34abc232 Fix unpack("H*") vs unpack("H*")[0] 
git-svn-id: file:///home/svn/framework3/trunk@8416 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-08 21:37:07 +00:00
Joshua Drake fde3fbb2e3 add exploit module for cve-2009-1569 
git-svn-id: file:///home/svn/framework3/trunk@8339 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-01 03:56:02 +00:00
Joshua Drake c073cd707a removed unecessary parameter, commented target 
git-svn-id: file:///home/svn/framework3/trunk@8338 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-01 03:33:38 +00:00
Joshua Drake 2783c5884e add exploit module for cve-2009-1568 
git-svn-id: file:///home/svn/framework3/trunk@8336 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-01 02:40:47 +00:00
Joshua Drake 4751d83cb8 some cleanups, added some CVE references 
git-svn-id: file:///home/svn/framework3/trunk@8304 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 20:15:32 +00:00
Joshua Drake d9e5de5683 note the CLSID of this control 
git-svn-id: file:///home/svn/framework3/trunk@8302 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 19:17:50 +00:00
Joshua Drake 31949c4343 svn keywords fixups 
fixed a bunch of $Id$ and $Revision$ typos
added keywords property to files missing it



git-svn-id: file:///home/svn/framework3/trunk@8242 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-26 20:12:13 +00:00
Joshua Drake 83f47796fe add reference to ms09-032 (the mitigation) 
git-svn-id: file:///home/svn/framework3/trunk@8212 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-24 00:05:19 +00:00
Joshua Drake 409d44bfad fix another typo 
git-svn-id: file:///home/svn/framework3/trunk@8190 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-21 19:26:04 +00:00
Joshua Drake 9cb3ac9340 fix typo 
git-svn-id: file:///home/svn/framework3/trunk@8189 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-21 19:24:54 +00:00
Joshua Drake ab1a1c58db escape more format specifiers passed to util.printd 
prevents mucking with the allocation size (hopefully)
a better solution would be to find a different way to allocate the freed memory..


git-svn-id: file:///home/svn/framework3/trunk@8188 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-21 18:32:01 +00:00
Joshua Drake a87d4e7eb4 escape randomly generated format specifiers passed to util.printd 
prevents mucking with the allocation size (hopefully)


git-svn-id: file:///home/svn/framework3/trunk@8186 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-21 17:09:46 +00:00
Joshua Drake 2b8a2d56a1 some variable renaming 
git-svn-id: file:///home/svn/framework3/trunk@8184 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-21 04:55:16 +00:00
James Lee bbe10b439f let the user know when a client connects 
git-svn-id: file:///home/svn/framework3/trunk@8140 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-16 01:00:01 +00:00
HD Moore 69f609bdcd Updated description to make the source of the exploit clear and why it only triggers reliably vs 6 now. Adjusts the heap spray to be slightly bigger 
git-svn-id: file:///home/svn/framework3/trunk@8138 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-16 00:55:42 +00:00
Steve Tornio a0326fc842 add CVE and OSVDB refs 
git-svn-id: file:///home/svn/framework3/trunk@8137 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-15 22:05:02 +00:00
HD Moore 579a6fe799 Metasploit port of the IE "Aurora" exploit, based on this sample: http://wepawet.iseclab.org/view.php?hash=1aea206aa64ebeabb07237f1e2230d0f&type=js 
git-svn-id: file:///home/svn/framework3/trunk@8136 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-15 21:36:04 +00:00
Joshua Drake fba8a1d110 added a German target with 0x0a0a0a0a as the spray addr 
git-svn-id: file:///home/svn/framework3/trunk@8125 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-14 22:24:56 +00:00
James Lee 3c6cbbc47e make sure IE service packs don't throw off the version comparison 
git-svn-id: file:///home/svn/framework3/trunk@8049 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-31 21:24:00 +00:00
Joshua Drake 2283e029db crossing fingers, big cr removal batch 
git-svn-id: file:///home/svn/framework3/trunk@8038 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-30 22:24:22 +00:00
Joshua Drake 19d32b6c97 add jabra to author list 
git-svn-id: file:///home/svn/framework3/trunk@7931 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-21 17:01:12 +00:00
Steve Tornio 544efd879b Add OSVDB references 
git-svn-id: file:///home/svn/framework3/trunk@7929 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-21 11:53:20 +00:00
Joshua Drake 47ef693b77 add CVE references! 
git-svn-id: file:///home/svn/framework3/trunk@7928 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-21 09:38:42 +00:00
HD Moore be42efdd1b Update the PDF modules to work on a wider range of versions 
git-svn-id: file:///home/svn/framework3/trunk@7917 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-19 01:02:32 +00:00
James Lee 82d84605e4 advisory says it should work against 5.5, but this module causes js syntax errors, so only run it on 6 
git-svn-id: file:///home/svn/framework3/trunk@7914 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-18 19:38:52 +00:00
HD Moore f2ec7795e2 Reliability improvement for the Acrobat bug - use the lame old 0x0c0c0c0c, but this works on the widest range of versions 
git-svn-id: file:///home/svn/framework3/trunk@7907 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-17 14:43:05 +00:00
Joshua Drake 026924c9b6 fixed sync issues between browser/fileformat modules 
git-svn-id: file:///home/svn/framework3/trunk@7902 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-17 05:19:30 +00:00
Joshua Drake 2baa4a1efa port changes from Lurene to browser version 
git-svn-id: file:///home/svn/framework3/trunk@7901 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-17 05:16:35 +00:00
Joshua Drake e563e91d35 added browser versions of yesterdays adobe pdf exploits from jabra 
git-svn-id: file:///home/svn/framework3/trunk@7894 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-16 20:37:57 +00:00
James Lee 2570fcee15 get rid of some more ^Ms 
git-svn-id: file:///home/svn/framework3/trunk@7880 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-15 18:47:29 +00:00
James Lee 196ee82179 bye-bye crlf 
git-svn-id: file:///home/svn/framework3/trunk@7878 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-15 18:13:27 +00:00
Joshua Drake 1813a0fb9a updated technique 
git-svn-id: file:///home/svn/framework3/trunk@7867 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-15 00:32:07 +00:00
Mario Ceballos c799df8559 target is no good. offsets change on different installs. 
git-svn-id: file:///home/svn/framework3/trunk@7864 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-14 23:07:21 +00:00
Joshua Drake 88b9ee18af clarified some version info 
git-svn-id: file:///home/svn/framework3/trunk@7863 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-14 23:01:34 +00:00
Joshua Drake 8317b69aca corrected disclosure date 
git-svn-id: file:///home/svn/framework3/trunk@7860 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-14 22:44:37 +00:00
Joshua Drake 2524840348 renamed, new targets, now using seh... 
git-svn-id: file:///home/svn/framework3/trunk@7859 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-14 22:40:56 +00:00
Mario Ceballos 3ac51c7396 added exploit module symantec_altirisdeployment_runcmd.rb. 
git-svn-id: file:///home/svn/framework3/trunk@7821 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-11 02:36:01 +00:00
HD Moore 3c08bc0c80 Rename and reference update from the microsoft patch 
git-svn-id: file:///home/svn/framework3/trunk@7775 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-09 15:06:26 +00:00
Joshua Drake 87c85b5176 removed executable generation routines from Rex::Text (use Msf::Util::EXE), Fixes #660 
git-svn-id: file:///home/svn/framework3/trunk@7760 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-08 21:24:45 +00:00
Joshua Drake 0961ce3523 add exploit module for cve-2009-3693 
git-svn-id: file:///home/svn/framework3/trunk@7749 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-08 03:08:46 +00:00
Joshua Drake ff83f1cd2f add ranking to every exploit module, pfew! 
git-svn-id: file:///home/svn/framework3/trunk@7724 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-06 05:50:37 +00:00
Joshua Drake 2cf9c3ce2b revision fixups 
git-svn-id: file:///home/svn/framework3/trunk@7723 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-06 05:16:11 +00:00
Joshua Drake 17249f29d3 cve roulette also cve-2009-4054 
git-svn-id: file:///home/svn/framework3/trunk@7722 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-06 05:00:06 +00:00
HD Moore 927563c135 Correct some assumptions about client-side exploit signature development, remove the prepend since we dont use .net anymore 
git-svn-id: file:///home/svn/framework3/trunk@7616 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-25 21:18:26 +00:00
Joshua Drake a4dd52543c removed .net dll bypass, recorded some crash addresses 
git-svn-id: file:///home/svn/framework3/trunk@7614 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-25 19:39:15 +00:00
James Lee 00eaff0550 stupid ruby string differences 
git-svn-id: file:///home/svn/framework3/trunk@7611 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-25 17:16:45 +00:00
HD Moore 0c19f50718 Fix broken .NET method 
git-svn-id: file:///home/svn/framework3/trunk@7610 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-25 17:11:38 +00:00
Joshua Drake f733856974 add exploit module for cve-2009-3762 
git-svn-id: file:///home/svn/framework3/trunk@7609 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-25 07:25:04 +00:00
James Lee f516edacfb only works on ie7 
git-svn-id: file:///home/svn/framework3/trunk@7603 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-25 02:14:40 +00:00
James Lee c45c15cd29 add autopwn info 
git-svn-id: file:///home/svn/framework3/trunk@7599 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-24 23:50:08 +00:00
James Lee 99319d2a55 don't unintentionally create a UNC path. see #558 
git-svn-id: file:///home/svn/framework3/trunk@7591 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-24 06:23:03 +00:00
James Lee 4a912e7c0c don't inadvertantly create a UNC path. see #558 
git-svn-id: file:///home/svn/framework3/trunk@7590 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-24 06:02:21 +00:00
James Lee 7490e4c4a8 use an absolute uri to the evil gif. fixes #558. we probably ought to have a method for doing this since it seems to be a fairly common problem. 
git-svn-id: file:///home/svn/framework3/trunk@7589 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-24 05:44:21 +00:00
Joshua Drake b9939a836f fixed PDF header (oops) 
git-svn-id: file:///home/svn/framework3/trunk@7577 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-22 01:01:11 +00:00
Joshua Drake e5796f5b3b changed address to 0x0a0a0a0a 
tested against various reader versions
removed pdf version randomization



git-svn-id: file:///home/svn/framework3/trunk@7570 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-19 05:56:03 +00:00
HD Moore 61e233df91 Keywords on all modules, plugins, and scripts 
git-svn-id: file:///home/svn/framework3/trunk@7550 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-17 00:05:19 +00:00
Joshua Drake 4edc6d942c updated awingsoft web3d bof module from trancer 
git-svn-id: file:///home/svn/framework3/trunk@7533 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-16 16:51:52 +00:00
Joshua Drake 04725e70cc reference updates from Steve Tornio 
git-svn-id: file:///home/svn/framework3/trunk@7521 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-15 16:03:01 +00:00
Mario Ceballos 4c23734e72 added exploit module oracle_dc_submittoexpress.rb 
git-svn-id: file:///home/svn/framework3/trunk@7520 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-15 01:01:21 +00:00
Joshua Drake 7573994152 add exploit module for another winds3d 0day 
git-svn-id: file:///home/svn/framework3/trunk@7518 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-14 22:26:08 +00:00
Joshua Drake 240a8444b0 Fixed some license problems 
git-svn-id: file:///home/svn/framework3/trunk@7515 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-14 18:09:05 +00:00
Mario Ceballos bbfc195735 added patch from Steve Tornio. 
git-svn-id: file:///home/svn/framework3/trunk@7514 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-14 13:26:27 +00:00
Joshua Drake 8d382ef487 oops -- removed CVE/BID/OSVDB references 
git-svn-id: file:///home/svn/framework3/trunk@7512 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-14 04:46:21 +00:00
Joshua Drake 74269325db added CVE/BID/OSVDB references 
git-svn-id: file:///home/svn/framework3/trunk@7511 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-14 04:42:02 +00:00
Joshua Drake f86eca488a minor fixup in email addr 
git-svn-id: file:///home/svn/framework3/trunk@7510 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-14 04:39:00 +00:00
Joshua Drake 9381abf41a swap L to V for packing 
git-svn-id: file:///home/svn/framework3/trunk@7509 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-14 04:38:03 +00:00
Joshua Drake 70cf288b99 added trancer's exploit for cve-2009-2386 
git-svn-id: file:///home/svn/framework3/trunk@7508 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-14 04:36:20 +00:00
Joshua Drake da6fa072f2 add module for cve-2008-0492 
git-svn-id: file:///home/svn/framework3/trunk@7490 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-13 18:09:50 +00:00
Joshua Drake 7758ebfda4 uniquified name 
git-svn-id: file:///home/svn/framework3/trunk@7488 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-13 00:22:14 +00:00
Joshua Drake 61f2c0b195 uniqified name 
git-svn-id: file:///home/svn/framework3/trunk@7487 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-13 00:21:54 +00:00
Joshua Drake 2e4f5734ea fixed typo 
git-svn-id: file:///home/svn/framework3/trunk@7486 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-13 00:21:09 +00:00
James Lee 70b2d06c86 speed up content creation, string concat sucks 
git-svn-id: file:///home/svn/framework3/trunk@7356 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-04 19:06:01 +00:00
James Lee c675cfb1cf Fix 1.9.1 issues, make the vbs smaller (down to about 4MB from almost 10) 
git-svn-id: file:///home/svn/framework3/trunk@7355 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-04 18:55:32 +00:00
HD Moore 9e654c51f2 Revive 
git-svn-id: file:///home/svn/framework3/trunk@7348 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-04 04:04:39 +00:00
HD Moore 4b53b1d378 Purge 
git-svn-id: file:///home/svn/framework3/trunk@7347 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-04 04:04:17 +00:00
HD Moore 98d9d66905 Replaced with encoded shiny bits 
git-svn-id: file:///home/svn/framework3/trunk@7346 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-04 03:56:12 +00:00
HD Moore 0a52c98e03 Purging this module due to lame AV sigs, re-adding in a sillier form 
git-svn-id: file:///home/svn/framework3/trunk@7345 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-04 03:50:31 +00:00
Mario Ceballos aef3817db9 added patch from steve tornio. 
git-svn-id: file:///home/svn/framework3/trunk@7331 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-03 12:02:54 +00:00
Mario Ceballos b62dc9705e remove some debugging. 
git-svn-id: file:///home/svn/framework3/trunk@7329 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-02 21:21:50 +00:00
Mario Ceballos 73bd4f7de2 added exploit module symantec_consoleutilities_browseandsavefile.rb from Nikolas Sotiriu. 
git-svn-id: file:///home/svn/framework3/trunk@7328 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-02 21:02:45 +00:00
HD Moore 4f3128c061 Stop randomizing the module version, it breaks Acrobat 9 
git-svn-id: file:///home/svn/framework3/trunk@7303 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-29 04:09:07 +00:00
Mario Ceballos 131adc4c3a fixed cve reference number. 
git-svn-id: file:///home/svn/framework3/trunk@7260 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-25 21:19:27 +00:00
HD Moore e3f68f2639 Another large number of warnings fixed by Yoann Guillot 
git-svn-id: file:///home/svn/framework3/trunk@7248 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-25 17:18:23 +00:00