Commit Graph

11391 Commits (79a6f8c2ea8b12fa385c1d8e32f8c8672bf3dc7b)

Author SHA1 Message Date
jvazquez-r7 79a6f8c2ea Clean php_wordpress_optimizepress 2013-12-02 15:43:41 -06:00
Mekanismen 57b7d89f4d Updated 2013-12-01 09:06:41 +01:00
Mekanismen 045b848a30 added exploit module for optimizepress 2013-11-30 21:51:56 +01:00
sinn3r 8817c0eee0 Change description a bit
Try to make this sound smoother
2013-11-28 12:19:42 -06:00
jvazquez-r7 807e2dfd31 Fix title 2013-11-28 10:53:12 -06:00
jvazquez-r7 7dee4ffd4d Add module for ZDI-13-270 2013-11-28 10:47:04 -06:00
sinn3r a02e0ee3e4
Land #2682 - Kimai v0.9.2 'db_restore.php' SQL Injection 2013-11-27 19:10:44 -06:00
jvazquez-r7 6c8df4be27
Land #2699, @wvu fix for Linux download_exec post module 2013-11-27 10:22:35 -06:00
William Vu f3e71c2c9d Be more specific
Perl!
2013-11-27 01:03:41 -06:00
William Vu b202b98a42 Anchor the scheme 2013-11-27 00:57:45 -06:00
William Vu e8da97aa17 Fix extraneous use of which and cmdsub
I don't even.
2013-11-27 00:43:07 -06:00
William Vu 288476441f Fix improper use of expand_path
I don't even.
2013-11-27 00:42:09 -06:00
sinn3r 5d10b44430 Add support for Silverlight
Add support for Silverlight exploitation. [SeeRM #8705]
2013-11-26 14:47:27 -06:00
sinn3r a914fbc400
Land #2693 - case sensitive 2013-11-26 11:16:57 -06:00
Tod Beardsley 671c0d9473
Fix nokogiri typo
[SeeRM #8730]
2013-11-26 10:54:31 -06:00
jvazquez-r7 253719d70c Fix title 2013-11-26 08:11:29 -06:00
sinn3r f1c5ab95bf
Land #2690 - typo 2013-11-25 23:53:34 -06:00
William Vu 70139d05ea Fix missed title 2013-11-25 22:46:35 -06:00
jvazquez-r7 6cb63cdad6
Land #2679, @wchen-r7's exploit for cve-2013-3906 2013-11-25 22:04:26 -06:00
jvazquez-r7 0079413e81 Full revert the change 2013-11-25 22:04:02 -06:00
sinn3r fa97c9fa7c Revert this change 2013-11-25 20:54:39 -06:00
sinn3r 3247106626 Heap spray adjustment by @jvazquez-r7 2013-11-25 20:50:53 -06:00
jvazquez-r7 4c249bb6e9 Fix heap spray 2013-11-25 20:06:42 -06:00
sinn3r 385381cde2 Change target address
This one tends to work better with our boxes
2013-11-25 17:21:39 -06:00
jvazquez-r7 a7e6a79b15
Land #2685, @wchen-r7's update for the word injector description 2013-11-25 15:47:57 -06:00
jvazquez-r7 92807d0399
Land #2676, @todb-r7 module for CVE-2013-4164 2013-11-25 15:40:33 -06:00
sinn3r 57f4f68559
Land #2652 - Apache Roller OGNL Injection 2013-11-25 15:14:35 -06:00
sinn3r 8005826160
Land #2644 - MS13-090 CardSpaceClaimCollection vuln 2013-11-25 13:06:09 -06:00
sinn3r 4773270ff0
Land #2677 - MS12-022 COALineDashStyleArray vuln 2013-11-25 12:58:45 -06:00
Tod Beardsley 23448b58e7
Remove timeout checkers that are rescued anyway 2013-11-25 12:37:23 -06:00
Tod Beardsley f311b0cd1e
Add user-controlled verbs.
GET, HEAD, POST, and PROPFIND were tested on WebRick, all successful.
2013-11-25 12:29:05 -06:00
jvazquez-r7 cc60ca2e2a
Fix module title 2013-11-25 09:33:43 -06:00
jvazquez-r7 cc261d2c25
Land #2670, @juushya's aux brute forcer mod for OpenMind 2013-11-25 09:29:41 -06:00
bcoles a03cfce74c Add table prefix and doc root as fallback options 2013-11-25 17:44:26 +10:30
sinn3r 48578c3bc0 Update description about suitable targets
The same technique work for Microsoft Office 2013 as well. Tested.
2013-11-24 23:02:37 -06:00
jvazquez-r7 49441875f3
Land #2683, @wchen-r7's module name consistency fix 2013-11-24 16:51:22 -06:00
Meatballs b015dd4f1c
Land #2532 Enum LSA Secrets
With refactoring of common methods from smart_hashdump, hashdump,
cachedump to Windows::Post::Privs
2013-11-24 18:09:33 +00:00
sinn3r ce8b63f240 Update module name to stay consistent
This module is under the windows/gather, so must be named the same
way like the rest.
2013-11-24 01:01:29 -06:00
sinn3r fc14a6c149
Land #2576 - NETGEAR ReadyNAS Perl Code Evaluation Vulnerability 2013-11-24 00:47:14 -06:00
bcoles d8700314e7 Add Kimai v0.9.2 'db_restore.php' SQL Injection module 2013-11-24 02:32:16 +10:30
sinn3r 9987ec0883 Hmm, change ranking 2013-11-23 00:51:58 -06:00
sinn3r 6ccc3e3c48 Make payload execution more stable 2013-11-23 00:47:45 -06:00
sinn3r d748fd4003 Final commit 2013-11-22 23:35:26 -06:00
sinn3r f871452b97 Slightly change the description
Because it isn't that slow
2013-11-22 19:27:00 -06:00
sinn3r eddedd4746 Working version 2013-11-22 19:14:56 -06:00
jvazquez-r7 7e4487b93b Update description 2013-11-22 17:37:23 -06:00
sinn3r c8fd761c53 Progress 2013-11-22 16:57:29 -06:00
Tod Beardsley 6a28aa298e
Module for CVE-2013-4164
So far, just a DoS. So far, just tested on recent Rails with Webrick and
Thin front ends -- would love to see some testing on ngix/apache with
passenger/mod_rails but I don't have it set up at the moment.
2013-11-22 16:51:02 -06:00
jvazquez-r7 a7ad107e88 Add ruby code for ms13-022 2013-11-22 16:41:56 -06:00
Karn Ganeshen 266de2d27f Updated 2013-11-23 00:01:03 +03:00