Michael Messner
ac2e84bfd6
check included
2014-07-02 21:24:50 +02:00
Christian Mehlmauer
40175d3526
added check method
2014-07-02 11:07:58 +02:00
Christian Mehlmauer
54a28a103c
Updated description
2014-07-02 10:49:28 +02:00
Christian Mehlmauer
1ff549f9c1
Replaced Tab
2014-07-02 10:35:30 +02:00
Christian Mehlmauer
09131fec28
Added wysija file upload exploit
2014-07-02 10:24:27 +02:00
sinn3r
21f6e7bf6c
Change description
2014-07-01 10:44:21 -05:00
sinn3r
449fde5e7c
Description update
2014-07-01 10:26:52 -05:00
sinn3r
c43006f820
Update cogent module description, fix msftidy warnings
2014-07-01 10:06:33 -05:00
Brandon Perry
db6524106e
one more typo, last one I swear
2014-06-30 22:33:19 -05:00
Brandon Perry
d7dfa67e94
typo
2014-06-30 20:15:25 -05:00
Brandon Perry
acedf5e847
Update gitlist_exec.rb
...
Fix EDB ref and no twitter handles.
2014-06-30 20:12:08 -05:00
Brandon Perry
ecc1b08994
Create gitlist_exec.rb
...
This adds a metasploit module for CVE-2014-4511
2014-06-30 20:10:24 -05:00
jvazquez-r7
1acd5e76cb
Add check code for event processing 12
2014-06-29 15:47:57 -05:00
jvazquez-r7
a94396867c
Add module for ZDI-14-106, Oracle Event Processing
2014-06-29 15:44:20 -05:00
Spencer McIntyre
faa9c11450
Dont deregister an option that is in use
2014-06-28 18:22:17 -04:00
Spencer McIntyre
748589f56a
Make cmdstager flavor explicit or from info
...
Every module that uses cmdstager either passes the flavor
as an option to the execute_cmdstager function or relies
on the module / target info now.
2014-06-28 17:40:49 -04:00
Spencer McIntyre
bd49d3b17b
Explicitly use the echo stager and deregister options
...
Certain modules will only work with the echo cmd stager so
specify that one as a parameter to execute_cmdstager and
remove the datastore options to change it.
2014-06-28 16:21:08 -04:00
Spencer McIntyre
42ac3a32fe
Multi-fy two new linux/http/dlink exploits
2014-06-27 08:40:27 -04:00
Spencer McIntyre
41d721a861
Update two modules to use the new unified cmdstager
2014-06-27 08:34:57 -04:00
Spencer McIntyre
952c935730
Use a semi-intelligent OptEnum for CMDSTAGER::FLAVOR
2014-06-27 08:34:57 -04:00
Spencer McIntyre
219153c887
Raise NotImplementedError and let :flavor be guessed
2014-06-27 08:34:56 -04:00
Spencer McIntyre
4d4c5e5d6e
Update two modules to use the new cmd stager
2014-06-27 08:34:56 -04:00
jvazquez-r7
45248dcdec
Add YARD documentation for methods
2014-06-27 08:34:56 -04:00
jvazquez-r7
870fa96bd4
Allow quotes in CmdStagerFlavor metadata
2014-06-27 08:34:56 -04:00
jvazquez-r7
91e2e63f42
Add CmdStagerFlavor to metadata
2014-06-27 08:34:55 -04:00
jvazquez-r7
dd7b2fc541
Use constants
2014-06-27 08:34:55 -04:00
jvazquez-r7
9e413670e5
Include the CMDStager
2014-06-27 08:34:55 -04:00
jvazquez-r7
d47994e009
Update modules to use the new generic CMDstager mixin
2014-06-27 08:34:55 -04:00
jvazquez-r7
8bf36e5915
AutoDetection should work
2014-06-27 08:34:55 -04:00
jvazquez-r7
778f34bab6
Allow targets and modules to define compatible stagers
2014-06-27 08:34:55 -04:00
jvazquez-r7
7ced5927d8
Use One CMDStagermixin
2014-06-27 08:34:55 -04:00
Spencer McIntyre
2a442aac1f
No long needs to extend bourne, and specify a flavor.
2014-06-27 08:34:55 -04:00
Spencer McIntyre
1a392e2292
Multi-fy the hyperic_hq_script_console exploit.
2014-06-27 08:34:55 -04:00
Spencer McIntyre
80bdf750e9
Multi-fy the new printf stager and add to sshexec.
2014-06-27 08:34:55 -04:00
Spencer McIntyre
ae25c300e5
Initial attempt to unify the command stagers.
2014-06-27 08:34:55 -04:00
sinn3r
a60dfdaacb
Land #3471 - HP AutoPass License Server File Upload
2014-06-26 14:34:32 -05:00
sinn3r
ce5d3b12e7
Land #3403 - MS13-097 Registry Symlink IE Sandbox Escape
2014-06-26 13:48:28 -05:00
sinn3r
0b6f7e4483
Land #3404 - MS14-009 .NET Deployment Service IE Sandbox Escape
2014-06-26 11:45:47 -05:00
sinn3r
6075c795e9
Land #3467 - failure message for nil payload
2014-06-26 11:12:37 -05:00
Joshua Smith
3ed7050b67
Lands 3420 after wrapping most lines at 80
2014-06-24 17:37:43 -05:00
Joshua Smith
3fe162a8b1
wraps most lines at 80
2014-06-24 17:36:10 -05:00
Tod Beardsley
0219c4974a
Release fixups, word choice, refs, etc.
2014-06-23 11:17:00 -05:00
jvazquez-r7
267642aa4b
Fix description
2014-06-23 09:20:47 -05:00
jvazquez-r7
cc3c06440f
Add module for ZDI-14-195, HP AutoPass License Traversal
2014-06-23 09:19:56 -05:00
jvazquez-r7
e8b914a62f
Download rankings for reliable exploit, but depending on a specific version without autodetection
2014-06-20 14:33:02 -05:00
jvazquez-r7
191c871e9b
[SeeRM #8815 ] Dont try to exploit when generate_payload_exe fails
2014-06-20 14:07:49 -05:00
jvazquez-r7
f0d04fe77e
Do some randomizations
2014-06-20 11:38:10 -05:00
jvazquez-r7
f26f8ae5db
Change module filename
2014-06-20 11:27:49 -05:00
jvazquez-r7
33eaf643aa
Fix usage of :concat_operator operator
2014-06-20 11:27:23 -05:00
jvazquez-r7
5542f846d6
Merge to solve conflicts
2014-06-20 11:24:08 -05:00
jvazquez-r7
4203e75777
Land #3408 , @m-1-k-3's exploit for D-Link hedwig.cgi OSVDB 95950
2014-06-20 10:27:32 -05:00
jvazquez-r7
f74594c324
Order metadata
2014-06-20 10:26:50 -05:00
jvazquez-r7
a081beacc2
Use Gem::Version for string versions comparison
2014-06-20 09:44:29 -05:00
Joshua Smith
45dc197827
Lands 3454, exploits/linux/ids/alienvault_centerd_soap_exec
2014-06-19 15:58:33 -05:00
jvazquez-r7
d28ced5b7b
change module filename
2014-06-19 15:56:55 -05:00
jvazquez-r7
a0386f0797
Fix cmd_concat_operator
2014-06-19 15:52:55 -05:00
Michael Messner
86f523f00c
concator handling
2014-06-18 18:15:58 +02:00
jvazquez-r7
45ea59050c
Fix the if cleanup
2014-06-17 23:40:00 -05:00
Joshua Smith
288430d813
wraps some long lines
2014-06-17 22:30:28 -05:00
OJ
5879ca3340
Merge branch 'upstream/master' into meatballs x64_injection
2014-06-18 10:24:33 +10:00
Joshua Smith
bab1e30557
Land #3460 , Ericom AccessNow Server BOF exploit
2014-06-17 19:10:34 -05:00
Joshua Smith
9af9d2f5c2
slight cleanup
2014-06-17 19:08:31 -05:00
jvazquez-r7
1133332702
Finish module
2014-06-17 15:01:35 -05:00
jvazquez-r7
8f8af0e93a
Add draft version
2014-06-17 14:21:49 -05:00
Christian Mehlmauer
03fa858089
Added newline at EOF
2014-06-17 21:05:00 +02:00
Christian Mehlmauer
8e1949f3c8
Added newline at EOF
2014-06-17 21:03:18 +02:00
OJ
b710014ece
Land #3435 -- Rocket Servergraph ZDI-14-161/162
2014-06-17 18:06:03 +10:00
Michael Messner
508998263b
removed wrong module file
2014-06-17 08:57:46 +02:00
Michael Messner
6f45eb13c7
moved module file
2014-06-17 08:56:07 +02:00
Michael Messner
a5eed71d50
renamed and other module removed
2014-06-17 08:50:09 +02:00
Michael Messner
e908b7bc25
renamed and other module removed
2014-06-17 08:49:46 +02:00
Michael Messner
f464c5ee97
dlink msearch commmand injection
2014-06-16 22:12:15 +02:00
jvazquez-r7
d44d409ff2
Land #3407 , @julianvilas's exploit for Java JDWP RCE
2014-06-16 13:38:51 -05:00
jvazquez-r7
6a780987d5
Do minor cleanup
2014-06-16 13:37:44 -05:00
jvazquez-r7
f7b892e55b
Add module for AlienVault's ZDI-14-202
2014-06-16 12:10:30 -05:00
Tod Beardsley
2aa26fa290
Minor spacing and word choice fixups
2014-06-16 11:40:21 -05:00
joev
461fba97d7
Update forgotten call to js() in webview exploit.
2014-06-15 23:43:05 -05:00
Julian Vilas
caa1e10370
Add feature for disabling Java Security Manager
2014-06-15 20:35:19 +02:00
Michael Messner
12ec785bdb
clean up, echo stager, concator handling
2014-06-14 17:37:09 +02:00
Michael Messner
8eb21ded97
clean up
2014-06-14 17:02:55 +02:00
Tim Wright
9b43749916
Land #3418 - android adobe reader addjisf pdf exploit
...
Merge branch 'landing-3418' into upstream-master
2014-06-14 11:25:29 +01:00
jvazquez-r7
2fe7593559
Land #3433 , @TecR0c's exploit for Easy File Management Web Server
2014-06-13 09:54:12 -05:00
joev
eddac55c37
Remove spaces at EOL.
2014-06-13 08:37:44 -05:00
Michael Messner
a3ae177347
echo stager, arch_cmd, echo module
2014-06-13 11:42:47 +02:00
Michael Messner
894af92b22
echo stager, arch_cmd
2014-06-13 11:40:50 +02:00
William Vu
cb91b2b094
Fix broken table indent (s/Ident/Indent/ hash key)
2014-06-12 13:41:44 -05:00
joev
56efd82112
Correct the disclosure date.
2014-06-11 21:53:42 -05:00
Julian Vilas
2296dea5ad
Clean and fix
2014-06-12 01:55:27 +02:00
Julian Vilas
4f67db60ed
Modify breakpoint approach by step into
2014-06-12 01:23:20 +02:00
HD Moore
0bac24778e
Fix the case statements to match platform
2014-06-11 15:22:55 -05:00
HD Moore
d5b32e31f8
Fix a typo where platform was 'windows' not 'win'
...
This was reported by dracu on freenode
2014-06-11 15:10:33 -05:00
jvazquez-r7
34f98ddc50
Do minor cleanup
2014-06-11 09:20:22 -05:00
TecR0c
b27b00afbb
Added target 4.0 and cleaned up exploit
2014-06-11 06:22:47 -07:00
TecR0c
f1382af018
Added target 4.0 and cleaned up exploit
2014-06-11 06:20:49 -07:00
jvazquez-r7
a554b25855
Use EXITFUNC
2014-06-10 09:51:06 -05:00
TecR0c
3d33a82c1c
Changed to unless
2014-06-09 09:31:14 -07:00
TecR0c
1252eea4b9
Changed to unless
2014-06-09 09:26:03 -07:00
TecR0c
52d26f290f
Added check in exploit func
2014-06-09 03:23:14 -07:00
jvazquez-r7
e4d14194bb
Add module for Rocket Servergraph ZDI-14-161 and ZDI-14-162
2014-06-08 11:07:10 -05:00
TecR0c
8ecafbc49e
Easy File Management Web Server v5.3 Stack Buffer Overflow
2014-06-08 04:21:14 -07:00