4c2e1c2859
Small updates to the rmi modules
2012-04-27 00:07:00 -05:00
cc76438a75
Merge branch 'jlee-r7-http-print-standardization'
2012-04-25 15:38:46 -05:00
711fb73048
Fix more print_*
2012-04-25 15:01:50 -05:00
5bebd01eb0
Tabs vs spaces war round 2
2012-04-24 16:06:08 -05:00
bc42375565
Fix spaces to proper hard tabs. Not very fun to do.
2012-04-24 16:03:41 -05:00
0671fc9ea1
Merge branch 'axis2_mods' of https://github.com/ChrisJohnRiley/metasploit-framework into ChrisJohnRiley-axis2_mods
2012-04-24 15:49:34 -05:00
9cdd8912c5
Remove spurious cli.peerhost in output
2012-04-20 13:31:42 -06:00
81b6e76619
Correct CVE/OSVDB/BID references, thanks Chad.
2012-04-19 00:24:56 -05:00
3e0747f5d2
Randomize guid and payload filename
2012-04-16 12:09:25 -06:00
f4f1ec70bc
Altered regex to detect Jetty hosts
...
Added in detection for 401 Authentication responses
Added alternative REST based run method (seen in Axis2 1.1.1)
Added check to prevent // from appearing at the start of the URI (causes issues on Jetty hosts)
There should be a default method for URI to prevent double / from appearing at the start of the path (can cause unknown issues).
2012-04-15 15:13:21 +02:00
810d496ade
Chmod the payload executable
...
Makes native payloads work on non-windows, thanks mihi!
2012-04-11 12:48:14 -06:00
cbc12560a5
Leading tabs, not spaces
...
There's a coding style in here that will make msftidy.rb cry, and
that's:
```
varfoo = %q|
stuff
thats
html
|
```
Usually, you want something like
varfoo = ""
varfoo << %q| stuff|
varfoo << %q| thats|
varfoo << %q| html|
That said, the Description field is usually written as tab-intended
multiline %q{} enclosures, so that's what I'll do here to make
msftidy.rb happy.
2012-04-10 14:25:00 -05:00
cdc020ba9f
Trailing space on xpi bootstrap module
2012-04-10 14:24:08 -05:00
3cb7cbe994
Adding another ref and a disclosuredate to mihi's XPI module
...
Calling the disclosure date 2007 since TippingPoint published a blog
post back then about this XPI confirm-and-install vector.
2012-04-10 13:59:21 -05:00
0e1fff2c4b
Change the output style to comply with egyp7's expectations.
2012-04-10 13:42:52 -05:00
76c12fe7e6
Whitespace cleanup
2012-04-10 13:22:10 -05:00
705cf41858
Add firefox_xpi_bootstrapped_addon exploit
...
This is similar to java_signed_applet as it does not exploit a vulnerability, but
hope that the user will trust the addon.
2012-04-10 13:39:54 +02:00
4e955e5870
replace spaces with tabs
2012-04-06 10:45:10 -05:00
67e6c7b850
tomcat_mgr_deploy may report successful creds
...
Using following code for 'check' as 'exploit':
report_auth_info(
:host => rhost,
:port => rport,
:sname => (ssl ? "https" : "http"),
:user => datastore['BasicAuthUser'],
:pass => datastore['BasicAuthPass'],
:proof => "WEBAPP=\"Tomcat Manager App\", VHOST=#{vhost}, PATH=#{datastore['PATH']}",
:active => true
)
Resulting in:
Credentials
===========
host port user pass type active?
---- ---- ---- ---- ---- -------
192.168.x.xxx 8080 tomcat s3cret password true
2012-04-06 10:45:10 -05:00
14e3cd75dc
Revert "tomcat_mgr_deploy may report successful creds"
...
This reverts commit 937f8f035a
2012-04-05 16:17:06 -05:00
8628991b1d
Merge pull request #305 from jlee-r7/bap-refactor
...
Bap refactor
2012-04-05 08:02:43 -07:00
937f8f035a
tomcat_mgr_deploy may report successful creds
2012-04-05 11:09:56 +02:00
974d95b175
Both of these are obsoleted by java_atomicreferencearray
2012-04-03 18:23:42 -06:00
bd5f43c918
Add another good reference by @mihi42
2012-04-01 01:30:50 -05:00
bab4cddd83
Add Jeroen Frijters for finding/reporting the bug
2012-03-31 03:01:09 -05:00
cc54a260f5
Merge remote branch 'upstream/master'
2012-03-30 14:31:12 -06:00
0547369966
Add bap support for flash mp4 and new java bug
...
Also fixes a silly issue where adobe_flash_mp4_cprt was adding the
/test.mp4 resource after every request instead of just once at startup.
2012-03-30 12:59:07 -06:00
ae21c05e69
add osvdb ref
2012-03-30 07:26:07 -05:00
e018c6604f
Modify CVE-2012-0507
2012-03-30 02:06:56 -05:00
f069a32223
Merge pull request #288 from wchen-r7/cve_2012_0507
...
Adding sinn3r and juan's exploit for CVE-2012-0507. Blog post coming soon.
2012-03-29 08:46:49 -07:00
791ebdb679
Add CVE-2012-0507 (Java)
2012-03-29 10:31:14 -05:00
2f3bbdc00c
Sed replacement of exploit-db links with EDB refs
...
This is the result of:
find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/ \([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
23c9c51014
Fixing CVE format on sit_file_upload.
2012-03-21 09:59:20 -05:00
aeb691bbee
Massive whitespace cleanup
2012-03-18 00:07:27 -05:00
7c77fe20cc
Some variables don't need to be in a double-quote.
2012-03-17 20:37:42 -05:00
e3f2610985
Msftidy run through on the easy stuff.
...
Still have some hits, but that requires a little more code contortion to
fix.
2012-03-15 17:06:20 -05:00
9144c33345
MSFTidy check for capitalization in modules
...
And also fixes up a dozen or so failing modules.
2012-03-15 16:38:12 -05:00
5250b179c8
Add CVE and OSVDB ref
2012-03-15 04:40:27 -05:00
8d93e3ad44
Actually use the password we were given...
2012-03-08 10:17:39 -07:00
02ea38516f
Add a check method for tomcat_mgr_deploy
2012-03-06 23:22:44 -07:00
22a12a6dfc
Add Lotus CMS exploit (OSVDB-75095)
2012-03-06 11:36:28 -06:00
464cf7f65f
Normalize service names
...
Downcases lots and standardizes a few. Notably, modules that reported a
service name of "TNS" are now "oracle". Modules that report http
now check for SSL and report https instead.
[Fixes #6437 ]
2012-02-21 22:59:20 -07:00
4932a9ca25
Dont dump an HTML document to the console
2012-02-21 23:45:25 -06:00
4a631e463c
Module title normalization
...
Module titles should read like titles. For
capitalization rules in English, see:
http://owl.english.purdue.edu/owl/resource/592/01/
The only exceptions are function names (like 'thisFunc()') and specific
filenames (like thisfile.ocx).
2012-02-21 11:07:44 -06:00
ceb4888772
Fix up the boilerplate comment to use a better url
2012-02-20 19:40:50 -06:00
af56807668
Cleanup the titles of many exploit modules
2012-02-20 19:25:55 -06:00
5bb9afe789
Correct disclosure date format
2012-02-16 18:15:51 -06:00
01a6b02c3e
Add exploit for CVE-2012-0209, thx eromang!
2012-02-16 03:10:55 -06:00
d2444e1cf6
fix a few typos
2012-02-16 03:10:22 -06:00
829040d527
A bunch of msftidy fixes, no functional changes.
2012-02-10 19:44:03 -06:00
c3bd151197
add a ranking
2012-01-31 20:43:32 -06:00
e392958d90
add osvdb ref
2012-01-31 07:06:33 -06:00
bfd4734cbf
Forgot to add CMD as a datastore option, here it is
2012-01-30 17:34:58 -06:00
08134ad600
Add Exploit-DB reference
2012-01-30 16:17:25 -06:00
f3c340a9ab
Add vBSEO proc_deutf() Remote Code Execution (Feature #6307 )
2012-01-30 16:15:27 -06:00
9e5d2ff60e
Improve URI, plus some other minor changes.
2012-01-19 13:26:25 -06:00
2199cd18d7
fine tuning thx to sinn3r
2012-01-19 19:50:30 +01:00
df9380500a
disclosure date added
2012-01-19 19:19:53 +01:00
197eb16f72
gitorious remote command exec exploit
2012-01-19 11:36:08 +01:00
7e25f9a6cc
Death to unicode
...
Apologies to the authors whose names I am now intentionally misspelling.
Maybe in another 10 years, we can guarantee that all terminals and
machine parsers are okay with unicode suddenly popping up in strings.
Also adds a check in msftidy for stray unicode.
2012-01-10 14:54:55 -06:00
e7d7302644
Dropping the umlaut, sacrificing accuracy for usability. Can't guarantee a viewer has a Unicode-capable terminal.
2012-01-09 11:22:44 -06:00
243dbe50f0
Correct author name. Unfortunately not all editors can print unicode correctly.
2012-01-07 15:18:25 -06:00
4e858aba89
Add CVE-2012-0262 Op5 welcome.php Remote Code Execution
2012-01-07 15:13:45 -06:00
4645c1c2b9
Add CVE-2012-0261 Op5 license.php Remote Code Execution
2012-01-07 15:12:49 -06:00
d484e18300
Add e-mail for tecr0c
2011-12-29 11:14:15 -06:00
b5b2c57b9f
Correct e-mail format
2011-12-29 10:57:00 -06:00
a00dad32fe
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
2011-12-29 07:50:33 -06:00
27d1601028
add osvdb ref
2011-12-29 07:49:16 -06:00
0e3370f1fe
Grammar and spelling on splunk and oracle exploits
2011-12-28 13:42:56 -06:00
101eba6aa5
Add CVE-2011-3587 Plone/Zope Remote CMD Injection (Feature #6151 )
2011-12-27 00:59:26 -06:00
b5b24a1fbf
Add a check. I decided not to try to login in the check function in order to remain non-malicious.
...
However, this decision doesn't represent how modules should write their own check.
2011-12-22 13:16:54 -06:00
262fe75e0a
Add CVE-2011-4642 - Splunk Remote Code Execution (Feature #6129 )
2011-12-22 13:04:37 -06:00
85caabbf5d
add osvdb ref
2011-12-14 07:19:34 -06:00
cb456337a0
Handle invalid http responses better, see #6113
2011-12-13 19:54:10 -06:00
d87d8d5799
Add CVE-2011-4453 (PmWiki Remote code exeuction - Feature #6103 )
2011-12-13 11:45:24 -06:00
32c8301c19
Add feature #6082 (Traq 2.3 Auth bypass remote code execution)
2011-12-12 15:45:19 -06:00
e043fb52c2
Incrase timeout
2011-12-08 11:21:03 -06:00
5afba20c21
Merge pull request #43 from jduck/master
...
Clear up how to use native payloads for tomcat_mgr_deploy
2011-12-06 23:01:53 -08:00
edec6b98ee
Add feature #6067 Family Connections CMS 2.7.1 exploit
2011-12-07 00:00:56 -06:00
ac7edc268a
Add some more clear documentation for selecting payloads for this module.
2011-12-05 00:35:11 -06:00
2bb97791f7
Update OSVDF refs for servu module.
...
* Added osvdb ref to servu module.
* Fixed rhino entry in osvdb, removed comment from module.
Squashed commit of the following:
commit 80ce65253f51e07a0bcb8900402a1b3d59eaeaa1
Author: Steve Tornio <swtornio@gmail.com>
Date: Fri Dec 2 07:44:28 2011 -0600
add osvdb ref
commit 558f20d84dd705b57b7f807a5ea3815e17b6f9f5
Author: Steve Tornio <swtornio@gmail.com>
Date: Wed Nov 30 08:15:20 2011 -0600
fixed in osvdb
[Closes #39 ]
2011-12-02 13:21:41 -05:00
93a419c76b
Having nothing on the webpage may probably confuse some novice users. But I do like stealth.
2011-12-01 03:02:35 -06:00
f26f6da74b
Add CVE-2011-3544 (feature #6023 ) Java Rhino exploit
2011-11-29 18:05:20 -06:00
f503bd9488
Fixes #5749 by converting to unix-style linefeeds and forcing jtr modules to read files as binary, and updating msftidy to allow for r+b as a ghetto append.
2011-11-28 17:52:34 -06:00
c411c216c0
Solved most of msftidy issues with the /modules directory
2011-11-28 17:10:29 -06:00
4a22df4014
Fix to the axis2 Deployer exploit to add Default Target
2011-11-22 10:27:38 -08:00
30d1451159
Consolidation of the Axis2 Deployer Exploits
...
Fixes #5276
2011-11-22 08:47:53 -08:00
41d746a07a
Add Support Incident Tracker (Feature #5964 ) by Juan
2011-11-12 12:36:21 -06:00
16f45fc894
Add empty directories from svn repo.
2011-11-09 18:41:40 -06:00
e767214411
Fix: whitespaces, svn propset, author e-mail format
...
git-svn-id: file:///home/svn/framework3/trunk@14175 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 22:02:26 +00:00
0dff3f3e52
Add #5682 (phpscheduleit module). Thx Juan.
...
git-svn-id: file:///home/svn/framework3/trunk@14073 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 18:06:12 +00:00
a0d8a08851
java meterpreter should be used when the target is set to automatic
...
git-svn-id: file:///home/svn/framework3/trunk@14068 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 20:02:09 +00:00
2b46420b36
check nil
...
git-svn-id: file:///home/svn/framework3/trunk@14062 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 16:19:55 +00:00
7ba5a8ec4e
Module is busted when it loads, restoring to the original method. Mixin should not be loaded into an exploit
...
git-svn-id: file:///home/svn/framework3/trunk@14061 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 16:04:33 +00:00
9cb54e37c5
Handle payloads better, also add a cleanup routine specifically for php/exec
...
git-svn-id: file:///home/svn/framework3/trunk@14060 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 05:25:39 +00:00
2da07d4963
Fix bug #5834 (uri being nil in print_good)
...
git-svn-id: file:///home/svn/framework3/trunk@14057 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 00:40:03 +00:00
3da8bb8b69
Add feature #5820 by mr_me and tecr0c
...
git-svn-id: file:///home/svn/framework3/trunk@14055 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 23:22:32 +00:00
62c8c6ea9f
big msftidy pass, ping me if there are issues
...
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 11:56:13 +00:00
975cc52bac
Fix spelling errors
...
git-svn-id: file:///home/svn/framework3/trunk@13983 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 00:54:05 +00:00
c336d063da
Mostly file format (unix linefeeds) and File.open() calls using binary. Fixed ranking for mozilla_nstreerange and disclosure and BID # for tugzip.
...
git-svn-id: file:///home/svn/framework3/trunk@13971 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 04:20:53 +00:00
94eb3ac14c
Deleting a puts statement.
...
git-svn-id: file:///home/svn/framework3/trunk@13968 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 03:52:10 +00:00
30ac88694f
More msftidy fixes. Now I'm going to get a little more surgical to get this to move faster.
...
git-svn-id: file:///home/svn/framework3/trunk@13963 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 02:58:53 +00:00
020abd926b
A handful of rankings changes, also converting whitespace.
...
git-svn-id: file:///home/svn/framework3/trunk@13941 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 22:58:20 +00:00
14d7db1641
Add disclosure dates to all the exploit modules that didn't have one
...
git-svn-id: file:///home/svn/framework3/trunk@13938 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 21:09:17 +00:00
f2d328d969
cmd exec module should receive ExcellentRanking
...
git-svn-id: file:///home/svn/framework3/trunk@13935 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 20:10:53 +00:00
142ae9288b
Fix title
...
git-svn-id: file:///home/svn/framework3/trunk@13933 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 19:56:57 +00:00
262b3bbe00
Use Rex to encode payload to base64
...
git-svn-id: file:///home/svn/framework3/trunk@13846 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 20:31:51 +00:00
98157272fd
Fix indentation for exploit description
...
git-svn-id: file:///home/svn/framework3/trunk@13843 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 06:12:54 +00:00
d1b1b26d01
Add Feature #5499 (Snortreport module)
...
git-svn-id: file:///home/svn/framework3/trunk@13842 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 06:10:18 +00:00
44ac9d67e0
svn propset
...
git-svn-id: file:///home/svn/framework3/trunk@13831 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-07 17:45:15 +00:00
9ec92ee603
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13830 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-07 15:37:54 +00:00
9862987f45
Add a new module from joernchen
...
git-svn-id: file:///home/svn/framework3/trunk@13829 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-07 15:30:24 +00:00
612cdc8c73
No need to check if version is 'unknown' if nothing else (other than default) is assigned to it
...
git-svn-id: file:///home/svn/framework3/trunk@13799 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-27 19:12:31 +00:00
8bfdebeaf3
Handle the return value for send_request during the early stage
...
git-svn-id: file:///home/svn/framework3/trunk@13791 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-25 19:28:15 +00:00
db79d21f75
Apply patch for non-default logins by jabra
...
git-svn-id: file:///home/svn/framework3/trunk@13778 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-23 02:48:48 +00:00
064255e910
fixup the payload encoding, per joernchen's comment in the #metasploit channel.
...
git-svn-id: file:///home/svn/framework3/trunk@13747 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-17 17:48:51 +00:00
6f28911d3d
added patch from joshua taylor.
...
git-svn-id: file:///home/svn/framework3/trunk@13698 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-06 19:58:40 +00:00
5fa7ddf5f4
Move this aux module out of the exploits tree
...
git-svn-id: file:///home/svn/framework3/trunk@13657 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-29 15:30:13 +00:00
496170eac1
aDjUsT tHe CaSe
...
git-svn-id: file:///home/svn/framework3/trunk@13644 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-26 23:46:49 +00:00
ab11d3e3eb
Fix the CVE reference
...
git-svn-id: file:///home/svn/framework3/trunk@13642 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-26 15:25:27 +00:00
76f0226ff0
Adds the RealVNC Null Authentication Bypass exploit - gj thelightcosine =)
...
git-svn-id: file:///home/svn/framework3/trunk@13641 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-26 04:40:21 +00:00
c78ba0e4d5
hehe remove debugging put call
...
git-svn-id: file:///home/svn/framework3/trunk@13586 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 05:59:32 +00:00
63e2b759e7
require the URI option
...
git-svn-id: file:///home/svn/framework3/trunk@13585 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 05:54:58 +00:00
402ca57bb4
Adds Struts2 Remote Code Execution exploit CVE-2010-1870
...
git-svn-id: file:///home/svn/framework3/trunk@13584 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 05:52:09 +00:00
28177fd255
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13505 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 02:54:56 +00:00
f1afbacb2a
Cron'd
...
git-svn-id: file:///home/svn/framework3/trunk@13485 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-04 17:36:01 +00:00
d58d061735
complain if the given applet name is not formatted correctly, fixes #5082
...
git-svn-id: file:///home/svn/framework3/trunk@13389 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-28 17:46:36 +00:00
df52bfaa4f
Ensure that we check for pcaprub before doing much anything else for those modules that actually require it. In some cases, that means moving open_pcap() up to be the first method call, in others, insert check_pcaprub_loaded first. Also removes a few cases of redundant checking (the Capture mixin does all this already anyway).
...
git-svn-id: file:///home/svn/framework3/trunk@13381 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 20:21:47 +00:00
b22ca615c7
Fixes #5038 , missed a couple mentions of Racket. Excised now for sure.
...
git-svn-id: file:///home/svn/framework3/trunk@13371 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 17:44:36 +00:00
c54e18d757
Fixes #5038 . Removes all instances of Racket objects, as far as I can tell. If I missed any through my mighty grep -ril racket . statement, please reopen!
...
git-svn-id: file:///home/svn/framework3/trunk@13342 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-26 01:29:21 +00:00
f47a2c7565
Format dictatorship round 2: Fix author e-mail format for all exploit modules
...
git-svn-id: file:///home/svn/framework3/trunk@13297 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-22 20:17:58 +00:00
d13654740a
Update some jboss modules' metadata associated with CVE-2010-0738
...
git-svn-id: file:///home/svn/framework3/trunk@13204 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-18 05:18:25 +00:00
1d25a6d7d1
add an exploit for java's rmid and rmiregistry code-execution-by-design and supporting source. fixes #4378 , thanks mihi!
...
git-svn-id: file:///home/svn/framework3/trunk@13185 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-15 20:42:31 +00:00
1162aafa1e
p function causes problems with rpc.
...
git-svn-id: file:///home/svn/framework3/trunk@13184 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-15 18:45:05 +00:00
c412a836ed
add VERBOSE option to all modules and vprint_* methods to use it
...
git-svn-id: file:///home/svn/framework3/trunk@13183 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-15 15:33:35 +00:00
8e5311cb61
File.read is not binary safe. replace it with File.open in a few places where it matters.
...
git-svn-id: file:///home/svn/framework3/trunk@12957 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-16 22:02:00 +00:00
ea5dc1c85c
use the right uri for our jar when other webserver modules are running
...
git-svn-id: file:///home/svn/framework3/trunk@12944 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-14 23:57:10 +00:00
eea05fcaaa
Correct the parent class name
...
git-svn-id: file:///home/svn/framework3/trunk@12930 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-12 19:31:38 +00:00
7f3e2d182d
Fix Axis2 to inherit from the correct class, prevent a stack trace when a non-Remote exploit has the cleanup method called.
...
git-svn-id: file:///home/svn/framework3/trunk@12928 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-12 18:32:27 +00:00
85f5e5fb98
Fix the disclosure date to match when signing was made available to the masses
...
git-svn-id: file:///home/svn/framework3/trunk@12891 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-09 17:08:05 +00:00
c3c061334d
Add a "disclosure date" (applets were included in the first java release) and changing the title.
...
git-svn-id: file:///home/svn/framework3/trunk@12883 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-08 03:31:49 +00:00
1c4bf118e8
add a version check
...
git-svn-id: file:///home/svn/framework3/trunk@12847 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-03 23:47:44 +00:00
5b91eadb87
fix the string replacement and do it at setup time instead of for every request
...
git-svn-id: file:///home/svn/framework3/trunk@12747 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-27 19:36:12 +00:00
cd3f306ef2
clarify info a bit; make APPLETNAME option actually do something.
...
git-svn-id: file:///home/svn/framework3/trunk@12746 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-27 19:13:47 +00:00
5a54a408f5
stupid debugging stuff
...
git-svn-id: file:///home/svn/framework3/trunk@12736 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-26 19:10:54 +00:00
c5781ae515
add support for PKCS12 (.pfx) cert/key files and cert chains in PEM files
...
git-svn-id: file:///home/svn/framework3/trunk@12735 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-26 17:52:12 +00:00
11a1b5dcad
fix the requires for java signing.
...
git-svn-id: file:///home/svn/framework3/trunk@12719 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 18:02:02 +00:00
812bae9df9
add support for signing applets (or any other jar) with openssl. this removes the need for a dependency on RJB
...
git-svn-id: file:///home/svn/framework3/trunk@12718 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 16:45:20 +00:00
ef48240606
Make it obvious which exploit is handling a request
...
git-svn-id: file:///home/svn/framework3/trunk@12693 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-23 17:05:44 +00:00
04efaf9281
referencing navigator.javaEnabled breaks ie6, only check navigator.javaEnabled();
...
git-svn-id: file:///home/svn/framework3/trunk@12655 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-17 22:44:39 +00:00
HD Moore
sinn3r
James Lee
Chris John Riley
Tod Beardsley
Michael Schierl
andurin
sinn3r
Steve Tornio
Tod Beardsley
Joshua J. Drake
Jonathan Cran
joernchen of Phenoelit
Rob Fuller
David Maloney
Matt Buck
Will Vandevanter
Jonathan Cran
Mario Ceballos
David Rude
James Lee
Matt Weeks