Tod Beardsley
10511e8281
Merge remote branch 'origin/bug/fix-double-slashes'
...
Ran the new normalize_uri() specs, all passes, so I'm quite confident in
this change.
2012-12-17 13:29:19 -06:00
jvazquez-r7
2eb4de815d
added c# code by Nicolas Gregoire
2012-12-11 16:33:41 +01:00
sinn3r
f5193b595c
Update references
2012-12-10 11:42:21 -06:00
sinn3r
fafdcbaae1
Vuln discovered by Rich.
...
See: https://twitter.com/webstersprodigy/status/277087755073380353
2012-12-07 10:42:45 -06:00
jvazquez-r7
5548bebb16
embeding payload on the c# script
2012-12-04 17:44:55 +01:00
jvazquez-r7
3f3bdb8473
my editor...
2012-12-03 21:45:26 +01:00
jvazquez-r7
8a9ad4253a
comment about the original discoverer updated
2012-12-03 21:44:35 +01:00
jvazquez-r7
2cb824d62d
Added module for CVE-2012-5357
2012-12-03 20:12:02 +01:00
HD Moore
36066f8c78
Catch a few stragglers for double slash
2012-11-08 07:21:37 -06:00
HD Moore
4d2147f392
Adds normalize_uri() and fixes double-slash typos
2012-11-08 07:16:51 -06:00
jvazquez-r7
04668c7d61
fix response codes check to avoid second tries to fail
2012-11-05 09:26:26 +01:00
sinn3r
799c22554e
Warn user if a file/permission is being modified during new session
2012-10-24 00:54:17 -05:00
Michael Schierl
910644400d
References EDB cleanup
...
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
Michael Schierl
f9ac55c221
Infohash key cleanups
...
Replace obvious typos in infohash keys. Note that this *does*
affect the behaviour as those keys have been ignored before.
2012-10-22 21:24:36 +02:00
Michael Schierl
e9f7873afc
Version cleanup
...
Remove all values that are neither 0 nor $Revision$.
2012-10-22 20:57:02 +02:00
sinn3r
abb4bdd408
metadata formatting, and a little res gotcha
2012-10-08 15:00:51 -05:00
jvazquez-r7
ef9d627e13
Added module for ZDI-12-106
2012-10-08 20:04:01 +02:00
David Maloney
f75ff8987c
updated all my authour refs to use an alias
2012-09-19 21:46:14 -05:00
jvazquez-r7
9a83c7c338
changes according to egypt review
2012-09-14 18:47:50 +02:00
jvazquez-r7
eae571592c
Added rgod email
2012-09-14 17:45:16 +02:00
jvazquez-r7
a2649dc8d1
fix typo
2012-09-14 17:10:41 +02:00
jvazquez-r7
e27d5e2eb7
Description improved
2012-09-14 17:08:59 +02:00
jvazquez-r7
9c77c15cf5
Added module for osvdb 85087
2012-09-14 16:54:28 +02:00
jvazquez-r7
b4113a2a38
hp_site_scope_uploadfileshandler is now multiplatform
2012-09-06 12:54:51 +02:00
jvazquez-r7
2f87af1c3a
add some checks while parsing the java serialization config file
2012-09-05 20:58:55 +02:00
jvazquez-r7
b2116e2394
cleanup, test, add on_new_session handler and osvdb references
2012-09-05 20:54:25 +02:00
jvazquez-r7
406202fc81
Added module for ZDI-12-174
2012-09-05 12:56:09 +02:00
jvazquez-r7
f439f256b5
Debug line deleted on
2012-08-30 00:18:07 +02:00
sinn3r
c3159e369a
A lot gotcha
...
When res is nil, that condition can fall into the 'else' clause.
If that happens, we can trigger a bug when we try to read res.code.
2012-08-29 14:46:35 -05:00
jvazquez-r7
6a24e042f9
fixing indentation
2012-08-29 16:17:56 +02:00
jvazquez-r7
2ed712949e
Added check function
2012-08-29 16:12:11 +02:00
jvazquez-r7
72cb39925a
Added exploit for OSVDB 84821
2012-08-29 12:17:44 +02:00
sinn3r
1b6fe22359
Give proper credit to Craig plus additional references
...
Craig first found the buffer overflow. But Matt found a more
reliable way to exploit the flaw.
2012-08-21 22:48:15 -05:00
jvazquez-r7
3da8a59cf0
a little cleanup plus complete metadata
2012-08-20 22:42:54 +02:00
Matt Andreko
d226135986
Code Review Feedback
...
Removed trailing spaces and fixed indenting.
2012-08-20 10:41:42 -04:00
Matt Andreko
d82493a658
Code Review Feedback
...
Added 'Space' payload option, which in turn also required 'DisableNops'
Added/Corrected documentation for return addresses
2012-08-19 22:09:08 -04:00
Matt Andreko
bd249d1f28
Fixed exploit and made code review changes
...
The exploit was not working due to the user's root path causing
the EIP offset to change. To correct this, I was able to get
the server to disclose the root path in an error message (fixed in
5.67). I also radically refactored the exploit due to the feedback
I received from Juan Vazquez.
2012-08-19 10:01:03 -04:00
Matt Andreko
6dfe706860
Merge remote-tracking branch 'upstream/master' into sysax_create_folder
2012-08-19 09:58:04 -04:00
sinn3r
6059bb5710
Merge branch 'cyclope' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-cyclope
2012-08-13 11:40:46 -05:00
sinn3r
f9b5f321cb
ADD OSVDB-84517
2012-08-12 17:56:18 -05:00
jvazquez-r7
bf04e2dded
Added module for CVE-2011-2653
2012-08-12 18:27:56 +02:00
sinn3r
b46fb260a6
Comply with msftidy
...
*Knock, knock!* Who's there? Me, the msftidy nazi!
2012-08-07 15:59:01 -05:00
sinn3r
57c32c9c7b
Slip Plixer's name in there, because it's their product.
2012-08-07 12:20:44 -05:00
jvazquez-r7
c2cc4b3b15
juan author name updated
2012-08-06 18:59:16 +02:00
Steve Tornio
eb963ae52a
add osvdb ref
2012-08-05 09:01:46 -05:00
Tod Beardsley
d5b165abbb
Msftidy.rb cleanup on recent modules.
...
Notably, DisclosureDate is required for other module parsers, so let's
not ignore those, even if you have to guess at the disclosure or call
the module's publish date the disclosure date.
2012-08-04 12:18:00 -05:00
sinn3r
6ae863cdff
Forgot two extra spaces, how dare me!
2012-08-01 15:11:33 -05:00
sinn3r
92d1d26288
Add CVE-2012-2962 : Dell SonicWall Scrutinizer exploit
2012-08-01 15:00:24 -05:00
Matt Andreko
2f7b5f35af
Added Sysax 5.64 Create Folder exploit
2012-07-29 10:40:02 -04:00
sinn3r
b527356e00
This check can be handy
2012-07-22 03:34:16 -05:00