Commit Graph

891 Commits (6d5bcb93a8629bc3d4fcdeada30e54d2c937ed20)

Author SHA1 Message Date
Tod Beardsley b17727d244
Switching to privileged => false 2015-04-01 14:35:45 -05:00
Tod Beardsley 0825534d2c
Fix reference 2015-04-01 14:16:45 -05:00
Tod Beardsley 8ec71e9daf
Add a module for R7-2015-05 2015-04-01 14:05:41 -05:00
Tod Beardsley 49a6057f74
Grammaring harder 2015-03-24 11:10:36 -05:00
jvazquez-r7 2d1adf6ef4
Land #4923, @m-1-k-3's exploit for overflow on belkin routers 2015-03-22 02:05:35 -05:00
jvazquez-r7 ee74bb3c5b
The default concat operator should be ok 2015-03-22 02:05:02 -05:00
jvazquez-r7 5499b68e02
Do code cleanup 2015-03-22 01:58:32 -05:00
sinn3r 1b67a06d35 No banner var 2015-03-20 02:26:59 -05:00
sinn3r b55ffc9ff1 Change option to FORCE_EXPLOIT 2015-03-20 01:44:10 -05:00
sinn3r d8539ef91a Change datastore option's description 2015-03-19 12:22:42 -05:00
sinn3r a2ba81f84f This should be true (required) 2015-03-19 11:54:03 -05:00
sinn3r d8c8bd1669 Move the details to a wiki 2015-03-19 11:52:17 -05:00
sinn3r 968a8758ad Add CVE-2015-0235 Exim GHOST (glibc gethostbyname) Buffer Overflow
This was originally written by Qualys
2015-03-18 18:51:16 -05:00
Sven Vetsch 4d3a1a2f71 fix all duplicated keys in modules 2015-03-14 13:10:42 +01:00
m-1-k-3 2eab258a76 msftidy 2015-03-12 19:07:56 +01:00
m-1-k-3 64f769504b encoding 2015-03-10 17:47:15 +01:00
m-1-k-3 6657c7d11d Belkin - CVE-2014-1635 2015-03-10 16:49:51 +01:00
William Vu ecd7ae9c3b
Land #4857, symantec_web_gateway_restore module 2015-03-02 15:00:10 -06:00
sinn3r ad28f9767f Use include 2015-03-02 14:41:25 -06:00
sinn3r cb140434f9 Update 2015-03-02 12:59:21 -06:00
OJ 905a539a00 Add exploit for Seagate Business NAS devices
This module is an exploit for a pre-authenticated remote code execution
vulnerability in Seagate Business NAS products.
2015-03-01 13:25:28 +10:00
sinn3r 4a1fbbdc3b Use datastore to find payload name 2015-02-28 19:56:32 -06:00
sinn3r ef9196ba6c Correct comment 2015-02-27 13:27:49 -06:00
sinn3r 7b6c39058a Correct target name 2015-02-27 13:24:57 -06:00
sinn3r 90aff51676 Add CVE-2014-7285, Symantec Web Gateway restore.php Command Injection 2015-02-27 12:31:29 -06:00
jvazquez-r7 0372b08d83 Fix mixin usage on modules 2015-02-13 17:17:59 -06:00
Tod Beardsley bae19405a7
Various grammar, spelling, word choice fixes 2015-01-26 11:00:07 -06:00
jvazquez-r7 b61538e980
Land #4291, @headlesszeke's module for ARRIS VAP2500 command execution 2015-01-21 20:52:31 -06:00
jvazquez-r7 33195caff2 Mark compatible payloads 2015-01-21 20:52:04 -06:00
jvazquez-r7 500d7159f1 Use PAYLOAD instead of CMD 2015-01-21 20:49:05 -06:00
jvazquez-r7 f37ac39b4c Split exploit cmd vs exploit session 2015-01-21 20:46:37 -06:00
jvazquez-r7 e1d1ff17fd Change failure code 2015-01-21 20:38:33 -06:00
jvazquez-r7 169052af5c Use cookie option 2015-01-21 20:37:38 -06:00
sinn3r d45cdd61aa Resolve #4507 - respond_to? + send = evil
Since Ruby 2.1, the respond_to? method is more strict because it does
not check protected methods. So when you use send(), clearly you're
ignoring this type of access control. The patch is meant to preserve
this behavior to avoid potential breakage.

Resolve #4507
2015-01-02 13:29:17 -06:00
Tod Beardsley 264d3f9faa
Minor grammar fixes on modules 2014-12-31 11:45:14 -06:00
jvazquez-r7 121c0406e9 Beautify restart_command creation 2014-12-24 15:52:15 -06:00
jvazquez-r7 43ec8871bc Do minor c code cleanup 2014-12-24 15:45:38 -06:00
jvazquez-r7 92113a61ce Check payload 2014-12-24 15:43:49 -06:00
jvazquez-r7 36ac0e6279 Clean get_restart_commands 2014-12-24 14:55:18 -06:00
jvazquez-r7 92b3505119 Clean exploit method 2014-12-24 14:49:19 -06:00
jvazquez-r7 9c4d892f5e Use single quotes when possible 2014-12-24 14:37:39 -06:00
jvazquez-r7 bbbb917728 Do style cleaning on metadata 2014-12-24 14:35:35 -06:00
jvazquez-r7 af24e03879 Update from upstream 2014-12-24 14:25:25 -06:00
Tod Beardsley d3050de862
Remove references to Redmine in code
See #4400. This should be all of them, except for, of course, the module
that targets Redmine itself.

Note that this also updates the README.md with more current information
as well.
2014-12-19 17:27:08 -06:00
Jon Hart 65b316cd8c
Land #4372 2014-12-11 18:48:16 -08:00
Christian Mehlmauer 544f75e7be
fix invalid URI scheme, closes #4362 2014-12-11 23:34:10 +01:00
Christian Mehlmauer de88908493
code style 2014-12-11 23:30:20 +01:00
headlesszeke 8d1ca872d8 Now with logging of command response output 2014-12-05 10:58:40 -06:00
Tod Beardsley 79f2708a6e
Slight fixes to grammar/desc/whitespace
Note that the format_all_drives module had a pile of CRLFs that should
have been caught by msftidy. Not sure why it didn't.
2014-12-04 13:11:33 -06:00
headlesszeke 564488acb4 Changed and to && 2014-12-02 00:02:53 -06:00