Commit Graph

464 Commits (7c1442c4b49ae646a879b0fa4e0d0dc46e1ecf61)

Author SHA1 Message Date
Joshua Drake 61402c4b55 add to description
git-svn-id: file:///home/svn/framework3/trunk@9202 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-02 21:04:56 +00:00
Joshua Drake ff46c5d867 add exploit module for cve-2010-0361 on windows
git-svn-id: file:///home/svn/framework3/trunk@9201 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-02 20:52:14 +00:00
HD Moore 42da9e899a Improvements to the cleanup process, close sockets properly for exploits and auxiliary
git-svn-id: file:///home/svn/framework3/trunk@9187 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-01 16:26:24 +00:00
Joshua Drake 2e2142d345 add Maple exploit from scriptjunkie
git-svn-id: file:///home/svn/framework3/trunk@9183 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-01 02:05:56 +00:00
Joshua Drake 0ea6eca4bc big module whitespace/formatting cleanup pass
git-svn-id: file:///home/svn/framework3/trunk@9179 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 08:40:19 +00:00
Joshua Drake 54725099d5 oops it wasnt broken after all!
git-svn-id: file:///home/svn/framework3/trunk@9178 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 06:38:48 +00:00
Joshua Drake 22529ae81b add USERNAME/PASSWORD options
git-svn-id: file:///home/svn/framework3/trunk@9177 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 06:30:59 +00:00
Joshua Drake b6d9f2fac5 another ill-place "end" statement...
git-svn-id: file:///home/svn/framework3/trunk@9176 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 06:13:26 +00:00
Joshua Drake 4cdb64f6b9 corrected version range
samba.org reports 3.0.0 - 3.0.25rc3 but that is for the underlying cmd execution bugs
username map script wasnt introduced until 3.0.20


git-svn-id: file:///home/svn/framework3/trunk@9168 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-28 06:43:51 +00:00
Joshua Drake 4f364e2830 add description, versions, fix whitespace
git-svn-id: file:///home/svn/framework3/trunk@9167 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-28 03:54:24 +00:00
Joshua Drake 1f8605e26d fix check method, lol?
git-svn-id: file:///home/svn/framework3/trunk@9026 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-06 04:58:03 +00:00
Joshua Drake 1a47c436d3 support amd64 arch
git-svn-id: file:///home/svn/framework3/trunk@9025 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-06 04:08:39 +00:00
HD Moore 7af2fdf42e Remove silly cases of print_good
git-svn-id: file:///home/svn/framework3/trunk@9021 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 23:34:10 +00:00
natron b5ee26770b Cameled all vars on accident, uncameling regular opts. Also, broke native osx payload, oops.
git-svn-id: file:///home/svn/framework3/trunk@8970 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 05:15:26 +00:00
Joshua Drake 516a6f47e5 move USERNAME/PASSWORD setting to exploit instead of auto_target so manual targets work - fixes #1416
git-svn-id: file:///home/svn/framework3/trunk@8967 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-31 22:29:47 +00:00
natron c1fa8d60f7 Expose exe :template and :insert via advanced options plus formatting changes. Thanks MarkBagget for the kick in the pants and the example options to to_win32pe\!
git-svn-id: file:///home/svn/framework3/trunk@8966 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-31 22:05:32 +00:00
HD Moore 2b419a421d Add default timeouts to autopwn, control with -T
git-svn-id: file:///home/svn/framework3/trunk@8892 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 00:11:21 +00:00
Joshua Drake b8b11338b1 add linux x86/x86_64 support for tomcat manger deploy, see #1016
git-svn-id: file:///home/svn/framework3/trunk@8853 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-19 02:13:02 +00:00
Joshua Drake b419a40c45 finished periodic missing CVE reference check (hint vulns w/o CVEs here!)
also some minor cleanups here and there

git-svn-id: file:///home/svn/framework3/trunk@8762 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 05:58:01 +00:00
Joshua Drake 3b9524697f add verbose option
git-svn-id: file:///home/svn/framework3/trunk@8761 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 05:55:47 +00:00
Joshua Drake 35c4a1d123 handle missing targets more gracefully, stub out linux and x86_64 support detection
git-svn-id: file:///home/svn/framework3/trunk@8729 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:35:18 +00:00
Joshua Drake 28f4eb2fd9 handle failed logins - fixes #1014
git-svn-id: file:///home/svn/framework3/trunk@8728 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:05:12 +00:00
Joshua Drake e80df81350 correct the CVE reference
git-svn-id: file:///home/svn/framework3/trunk@8678 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 19:47:13 +00:00
James Lee 3b59bc7cfc use the same option names for user/pass
git-svn-id: file:///home/svn/framework3/trunk@8674 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-26 22:14:58 +00:00
Joshua Drake 541a409f44 remove app_name variable
git-svn-id: file:///home/svn/framework3/trunk@8619 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-24 16:53:55 +00:00
Joshua Drake 865969e059 whitespace adjustments - finally closes #773
git-svn-id: file:///home/svn/framework3/trunk@8575 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-21 01:44:34 +00:00
Joshua Drake 32bf50c627 add exploit module to get code exec from jboss.system:MainDeployer access
git-svn-id: file:///home/svn/framework3/trunk@8574 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-21 01:41:24 +00:00
Joshua Drake 8446a0c305 add auto-targeting to tomcat_mgr_deploy, fixes #887
git-svn-id: file:///home/svn/framework3/trunk@8564 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-20 01:14:39 +00:00
natron 5b3c87c9c5 Add option to save java code to file.
git-svn-id: file:///home/svn/framework3/trunk@8557 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 05:11:56 +00:00
Joshua Drake 2e77c76824 add exploit module to get code exec on a tomcat manager instance, closes #772
git-svn-id: file:///home/svn/framework3/trunk@8552 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 18:18:43 +00:00
Joshua Drake 82369aa9e8 add exploit module for cve-2007-2447
git-svn-id: file:///home/svn/framework3/trunk@8510 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 00:26:41 +00:00
natron 9729b22972 Loopty version of the wireshark exploit. This will continually blast packets as a background job.
git-svn-id: file:///home/svn/framework3/trunk@8460 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-12 01:58:33 +00:00
Joshua Drake 6e80c7a62c use Rex::Arch::pack_addr
git-svn-id: file:///home/svn/framework3/trunk@8454 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-11 09:03:48 +00:00
Joshua Drake 0f942df9cd whitespace changes
git-svn-id: file:///home/svn/framework3/trunk@8451 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-11 06:00:12 +00:00
Joshua Drake d96a6a1f8f add exploit module for cve-2009-2261 - first consumer of zip library!
git-svn-id: file:///home/svn/framework3/trunk@8440 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-10 17:28:25 +00:00
Joshua Drake 9397c897ba fix spoof support
git-svn-id: file:///home/svn/framework3/trunk@8367 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-04 04:56:18 +00:00
Joshua Drake 9b79ebd000 add a windows target, thx redsand!
also removed some cruft


git-svn-id: file:///home/svn/framework3/trunk@8364 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-03 18:24:42 +00:00
Joshua Drake a41647a922 add silly jmp esp target for wireshark gui on debian
git-svn-id: file:///home/svn/framework3/trunk@8360 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-03 00:08:28 +00:00
Steve Tornio 2cbd6d152d Add cve and osvdb refs
git-svn-id: file:///home/svn/framework3/trunk@8347 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-02 12:37:07 +00:00
Joshua Drake 98dd073368 add an exploit module for one of the wireshark lwres vulns
git-svn-id: file:///home/svn/framework3/trunk@8346 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-02 06:20:18 +00:00
natron 3ecabe1be9 Adds static signed jar and user messages letting them know.
git-svn-id: file:///home/svn/framework3/trunk@8328 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-29 19:47:40 +00:00
natron 69ad365b46 Added STDERR to pure java payload, cleaned up user's view.
git-svn-id: file:///home/svn/framework3/trunk@8308 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 22:53:36 +00:00
natron 9891d60dfc Move applet generation up for slight speed improvement and less spamminess to the user.
git-svn-id: file:///home/svn/framework3/trunk@8281 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 23:15:36 +00:00
natron 5e4442a4d4 Fix a bug missed due to caching issues.
git-svn-id: file:///home/svn/framework3/trunk@8276 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 20:58:13 +00:00
natron c135462768 <@jduck> natron: you need some svn keywords magic
git-svn-id: file:///home/svn/framework3/trunk@8274 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 20:20:32 +00:00
natron cd5e5880d2 Initial commit of Msf::Exploit::Java mixin and multi/browser/java_signed_applet exploit.
git-svn-id: file:///home/svn/framework3/trunk@8267 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 19:46:39 +00:00
Joshua Drake 31949c4343 svn keywords fixups
fixed a bunch of $Id$ and $Revision$ typos
added keywords property to files missing it



git-svn-id: file:///home/svn/framework3/trunk@8242 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-26 20:12:13 +00:00
Joshua Drake 310be42bfa try not to repeatedly load static files - see #694
git-svn-id: file:///home/svn/framework3/trunk@8166 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 19:12:42 +00:00
Joshua Drake 5ef4545a1b fd.read -> fd.read(fd.stat.size)
git-svn-id: file:///home/svn/framework3/trunk@7903 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 05:22:40 +00:00
Joshua Drake b37c34579b add exploit module for cve-2009-3869
NOTE: no policy change is required for this exploit to succeed.



git-svn-id: file:///home/svn/framework3/trunk@7899 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 04:52:40 +00:00
James Lee 115899d24d add minver and maxver. slightly tricky because the vuln affects moz 1.7 and ff 1.0
git-svn-id: file:///home/svn/framework3/trunk@7886 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 21:54:24 +00:00
James Lee 008c72e255 add proper version
git-svn-id: file:///home/svn/framework3/trunk@7885 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 21:49:32 +00:00
Joshua Drake 56c2d32b1e typo fix
git-svn-id: file:///home/svn/framework3/trunk@7883 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 20:37:15 +00:00
James Lee 2570fcee15 get rid of some more ^Ms
git-svn-id: file:///home/svn/framework3/trunk@7880 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 18:47:29 +00:00
James Lee 48c3709a25 correct maxver
git-svn-id: file:///home/svn/framework3/trunk@7879 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 18:46:53 +00:00
James Lee 0cf566c0b9 fixes 688. better return address for greater reliability, works against FF-1.0.4 and Moz-1.7.1 on XPSP3 and 2kAS-SP0
git-svn-id: file:///home/svn/framework3/trunk@7865 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 23:27:28 +00:00
Joshua Drake f1a975a14e fix typo, remove automatic target
git-svn-id: file:///home/svn/framework3/trunk@7834 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-12 21:44:04 +00:00
Joshua Drake 34408c5e3e add exploit module for CVE-2009-3867 (JRE getSoundbank)
git-svn-id: file:///home/svn/framework3/trunk@7827 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-11 21:18:31 +00:00
Joshua Drake 4cb050010b add exploitability detection (by trying %n)
git-svn-id: file:///home/svn/framework3/trunk@7791 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 23:53:26 +00:00
Joshua Drake 215879334a minor tweaks to targets
git-svn-id: file:///home/svn/framework3/trunk@7788 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 23:19:19 +00:00
Joshua Drake d56daab7d8 little comment heh
git-svn-id: file:///home/svn/framework3/trunk@7784 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 22:27:11 +00:00
Joshua Drake 164dd4201a updated badchars, rh6.2 target, added %8x detection check
git-svn-id: file:///home/svn/framework3/trunk@7782 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 21:51:46 +00:00
Joshua Drake 88de26e46c re-enable pdf obfuscation
git-svn-id: file:///home/svn/framework3/trunk@7771 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 06:19:32 +00:00
Joshua Drake e2f70c8928 detect fmt str specifier capabilities, rework stack dumping
git-svn-id: file:///home/svn/framework3/trunk@7769 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 02:19:07 +00:00
Joshua Drake 1fec10cb44 finish and test target for redhat 6.2
git-svn-id: file:///home/svn/framework3/trunk@7765 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 23:52:11 +00:00
Joshua Drake 4bcc8a93a3 attempt to improve reliability of u3d pdf exploits
git-svn-id: file:///home/svn/framework3/trunk@7762 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 22:08:32 +00:00
Joshua Drake ff83f1cd2f add ranking to every exploit module, pfew!
git-svn-id: file:///home/svn/framework3/trunk@7724 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 05:50:37 +00:00
Joshua Drake 619f82a420 ugh, rh6.1 isn't vulnerable either
git-svn-id: file:///home/svn/framework3/trunk@7720 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 03:42:37 +00:00
Joshua Drake 576d55f821 added some missing CVE references
git-svn-id: file:///home/svn/framework3/trunk@7719 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 02:30:42 +00:00
Joshua Drake e8e98b9be6 add exploit module for cve-2000-0573
git-svn-id: file:///home/svn/framework3/trunk@7693 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-04 07:50:53 +00:00
James Lee 8e0eef03c6 see #594. remove some extraneous junk, don't run the shell in a terminal (it dies immediately). space is the only badchar. still doesn't actually work without a modification to encoder/cmd/generic_sh.
git-svn-id: file:///home/svn/framework3/trunk@7680 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-03 09:09:56 +00:00
HD Moore b0403cfde2 OSVDB references from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7658 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-01 16:44:25 +00:00
Joshua Drake 38d04631e6 recorded some additional test results
git-svn-id: file:///home/svn/framework3/trunk@7657 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-01 16:42:58 +00:00
Joshua Drake f845a7db54 dissected most of the u3d data
git-svn-id: file:///home/svn/framework3/trunk@7628 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 07:26:08 +00:00
Joshua Drake 3bcc51e155 added exloit module for cve-2009-2990
git-svn-id: file:///home/svn/framework3/trunk@7580 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-22 01:15:13 +00:00
Joshua Drake 008fbedf93 created multi-platform fileformat dir
git-svn-id: file:///home/svn/framework3/trunk@7579 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-22 01:14:52 +00:00
HD Moore 61e233df91 Keywords on all modules, plugins, and scripts
git-svn-id: file:///home/svn/framework3/trunk@7550 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-17 00:05:19 +00:00
James Lee b4d04ab22d fix 1.9 str[idx] error; see #519
git-svn-id: file:///home/svn/framework3/trunk@7534 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 18:28:34 +00:00
HD Moore ac14e84eb6 See #434. Fixes up the last of the modules using the wrong Timeout exception class
git-svn-id: file:///home/svn/framework3/trunk@7326 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-02 18:22:50 +00:00
HD Moore e3f68f2639 Another large number of warnings fixed by Yoann Guillot
git-svn-id: file:///home/svn/framework3/trunk@7248 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 17:18:23 +00:00
HD Moore b38a74c961 Another mega-patch from Yoann Guillot: fixes warnings generated by method calls with a space betwee the method and the parans, corrects a problem with the alpha encoders that causes them to overwrite the allowed charset, hardcodes the metasm output size of some modules in order to reduce load time, more to come
git-svn-id: file:///home/svn/framework3/trunk@7246 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 16:40:19 +00:00
HD Moore a0fbc2914f Remove the milw0rm references, as the links are no longer valid.
git-svn-id: file:///home/svn/framework3/trunk@7237 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-24 18:13:07 +00:00
HD Moore d3aa513773 Fixes #339. Cleans up author names for the most part - there are still some stragglers, but this should fix up the frequent contributors
git-svn-id: file:///home/svn/framework3/trunk@7173 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-17 05:55:15 +00:00
Mario Ceballos aae4ac74c1 more adjusting of the cve entries.
git-svn-id: file:///home/svn/framework3/trunk@7157 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-14 12:56:13 +00:00
Mario Ceballos 8e365c17fa fixed the cve entrys.
git-svn-id: file:///home/svn/framework3/trunk@7156 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-14 11:45:14 +00:00
HD Moore 26db223636 OSVDB reference update from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7149 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-12 14:39:51 +00:00
HD Moore 5972666f63 See #339. Massive cleanup of author names, make them consistent across modules
git-svn-id: file:///home/svn/framework3/trunk@7075 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-27 21:30:45 +00:00
James Lee 9ace8f33eb OSVDB references from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7030 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-12 04:22:58 +00:00
HD Moore 71d644e72e Fix the Payload->Space to match the new max size limit for the EXE generator. Thanks for catching it MC
git-svn-id: file:///home/svn/framework3/trunk@7022 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-09 21:23:11 +00:00
HD Moore fd0f4ef65b Exploit from Kevin F. for CVE-2009-0695, a remote cmd execution flaw in the Wyse thin client platform.
git-svn-id: file:///home/svn/framework3/trunk@6968 4d416f70-5f16-0410-b530-b9f4589650da
2009-08-19 18:06:03 +00:00
James Lee e16647db74 make sure we're running on opera so we don't 404 on a suspicous-looking url if it isn't
git-svn-id: file:///home/svn/framework3/trunk@6963 4d416f70-5f16-0410-b530-b9f4589650da
2009-08-18 05:10:11 +00:00
James Lee bd2da7c12a revert overzealous commit
git-svn-id: file:///home/svn/framework3/trunk@6961 4d416f70-5f16-0410-b530-b9f4589650da
2009-08-18 04:53:35 +00:00
James Lee 08d50e0a5b fix a bug in colorization where %c gets replaced before %cya; wouldn't have been a problem until colorization gets put back in
git-svn-id: file:///home/svn/framework3/trunk@6960 4d416f70-5f16-0410-b530-b9f4589650da
2009-08-18 04:49:16 +00:00
James Lee c29af0197a make opera_historysearch work in an iframe and speed it up so it is less likely to tip off a user
git-svn-id: file:///home/svn/framework3/trunk@6915 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-28 11:08:50 +00:00
HD Moore 876a80f601 Updated osvdb references from Steve Tornio, updated capture/eth_spoof modules
git-svn-id: file:///home/svn/framework3/trunk@6907 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-27 14:05:23 +00:00
James Lee e805bbc3aa remove stupid debug alert
git-svn-id: file:///home/svn/framework3/trunk@6882 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-23 08:58:51 +00:00
James Lee 739207bf4a merge browser_autopwn back into trunk. This changes the database schema slightly, so make sure to db_destroy and db_create before using the database features.
git-svn-id: file:///home/svn/framework3/trunk@6873 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-22 20:14:35 +00:00
HD Moore e70ac6cc19 Added a new set of match flags for cmd injection exploits (RequiredCmds). This reduces the number of 'bad' payloads listed for explot modules. A good example is disabling the netcat -e payloads for old Solaris exploits
git-svn-id: file:///home/svn/framework3/trunk@6854 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-21 15:20:35 +00:00
James Lee 529ded22ae reverting last commit; somebody didn't cross their fingers
git-svn-id: file:///home/svn/framework3/trunk@6847 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-19 20:48:47 +00:00
James Lee c3dc1ecb55 reintegrate browser_autopwn into trunk; cross your fingers and hope this works
git-svn-id: file:///home/svn/framework3/trunk@6846 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-19 17:27:36 +00:00
HD Moore 309acbaa22 Remove extraneous comma
git-svn-id: file:///home/svn/framework3/trunk@6833 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-18 00:27:15 +00:00
HD Moore 282bcb4fae Updated with osvdb and bid references.
git-svn-id: file:///home/svn/framework3/trunk@6832 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-18 00:15:48 +00:00
HD Moore 2d319e9b5b Updated to work better on OS X and avoid 'script is taking too long' errors on all platforms
git-svn-id: file:///home/svn/framework3/trunk@6830 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-17 23:57:59 +00:00
HD Moore 99bc63b11d Adds support for Mac OS X intel (use the vforkshell payloads)
git-svn-id: file:///home/svn/framework3/trunk@6828 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-17 21:28:59 +00:00
HD Moore f8c2a203fd OSVDB references updates from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@6812 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-16 16:02:24 +00:00
HD Moore 6624dbd5ff Adds coverage for SBerry's Firefox 3.5 exploit (win32 only atm).
git-svn-id: file:///home/svn/framework3/trunk@6803 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-14 21:59:35 +00:00
James Lee d84c87fa36 updated version info and disclosure date for opera_historysearch
git-svn-id: file:///home/svn/framework3/trunk@6788 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-13 23:12:25 +00:00
James Lee 3e072dd66e add Opera historysearch module; works on linux, windows will come later
git-svn-id: file:///home/svn/framework3/trunk@6777 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-13 07:48:12 +00:00
HD Moore 2ec7693d94 Fix up the modules to pass in the framework object into the new API call
git-svn-id: file:///home/svn/framework3/trunk@6687 4d416f70-5f16-0410-b530-b9f4589650da
2009-06-20 18:18:04 +00:00
HD Moore 2283e0ffe4 Update executable template and API
git-svn-id: file:///home/svn/framework3/trunk@6682 4d416f70-5f16-0410-b530-b9f4589650da
2009-06-20 17:42:17 +00:00
HD Moore b8efb1bbf9 Add Stephen Fewer's shiny exploit for the Java deserialization flaw
git-svn-id: file:///home/svn/framework3/trunk@6664 4d416f70-5f16-0410-b530-b9f4589650da
2009-06-16 17:19:44 +00:00
HD Moore a5f567e76e Massive OSVDB reference update from Steve Tornio.
git-svn-id: file:///home/svn/framework3/trunk@6629 4d416f70-5f16-0410-b530-b9f4589650da
2009-06-07 20:20:42 +00:00
HD Moore b7cac075e0 Adds the itunes overflow from Will Drewry: http://redpig.dataspill.org/2009/05/drive-by-attack-for-itunes-811.html
git-svn-id: file:///home/svn/framework3/trunk@6627 4d416f70-5f16-0410-b530-b9f4589650da
2009-06-05 02:30:24 +00:00
James Lee 685535c61d add php compatibility to multi/handler
git-svn-id: file:///home/svn/framework3/trunk@6558 4d416f70-5f16-0410-b530-b9f4589650da
2009-05-17 00:26:17 +00:00
HD Moore 9d8581a17e More osvdb references from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@6550 4d416f70-5f16-0410-b530-b9f4589650da
2009-05-13 17:39:42 +00:00
kris 37c2e301ed replacing defunct framework URL in header comments in most modules and pcap_log
git-svn-id: file:///home/svn/framework3/trunk@6479 4d416f70-5f16-0410-b530-b9f4589650da
2009-04-13 14:33:26 +00:00
HD Moore 1f523d78c9 Configure the architecture list to be ALL, not just a small set of archs
git-svn-id: file:///home/svn/framework3/trunk@6171 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-22 05:35:19 +00:00
kris 85926eb4ff fix svn keywords
git-svn-id: file:///home/svn/framework3/trunk@5923 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-16 03:09:22 +00:00
Patrick Webster 086e9fb89a Added veritas_netbackup_cmdexec module.
git-svn-id: file:///home/svn/framework3/trunk@5914 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-13 09:45:47 +00:00
Patrick Webster 97ffd10f89 Updated to support Windows targets.
git-svn-id: file:///home/svn/framework3/trunk@5912 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-13 09:01:24 +00:00
HD Moore e02f740277 Handle multiple sessions by default
git-svn-id: file:///home/svn/framework3/trunk@5828 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-03 21:08:46 +00:00
Ramon de C Valle f124597a56 Code cleanups
git-svn-id: file:///home/svn/framework3/trunk@5773 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-19 21:03:39 +00:00
HD Moore fd256ec4a1 This massive commit changes the metasploit 3 module format. The new syntax allows for greater scalability and future improvements to the metasploit module loader. This change also makes it easier for users to add new modules, since the class name no longer needs to match the directory structure.
git-svn-id: file:///home/svn/framework3/trunk@5709 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-02 05:23:59 +00:00
James Lee 6e212a5981 I'm on crack. mozilla_navigatorjava is the one that works on 1.5.0.5; reverting from 5559
git-svn-id: file:///home/svn/framework3/trunk@5562 4d416f70-5f16-0410-b530-b9f4589650da
2008-07-22 06:02:03 +00:00
James Lee 324703669b typo fix -- really works on <1.5.0.5, not <1.0.5
git-svn-id: file:///home/svn/framework3/trunk@5559 4d416f70-5f16-0410-b530-b9f4589650da
2008-07-19 05:04:33 +00:00
James Lee a0a203fba7 don't hang the browser building the exploit buffer if we can't exploit it
git-svn-id: file:///home/svn/framework3/trunk@5558 4d416f70-5f16-0410-b530-b9f4589650da
2008-07-19 05:03:01 +00:00
James Lee 8800372e46 initial commit of browser_autopwn;
revamp php payloads;
socks5 for IPv6 (untested)



git-svn-id: file:///home/svn/framework3/trunk@5546 4d416f70-5f16-0410-b530-b9f4589650da
2008-07-01 01:44:56 +00:00
Patrick Webster 0adab629ba Added ntp module, linux egghunter
git-svn-id: file:///home/svn/framework3/trunk@5502 4d416f70-5f16-0410-b530-b9f4589650da
2008-05-12 14:49:45 +00:00
HD Moore cad72d16e4 Add the stackadjustment parameter
git-svn-id: file:///home/svn/framework3/trunk@5214 4d416f70-5f16-0410-b530-b9f4589650da
2007-12-04 20:13:50 +00:00
HD Moore 04c6dbc748 Updated svn:keywords
git-svn-id: file:///home/svn/framework3/trunk@5100 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-10 01:01:20 +00:00
HD Moore d35adad50e Revision 1, still some bugs to work out
git-svn-id: file:///home/svn/framework3/trunk@4977 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-29 22:56:18 +00:00
HD Moore 0984380230 This module was never finished
git-svn-id: file:///home/svn/framework3/trunk@4975 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-29 15:03:55 +00:00
HD Moore d95a0d8d90 Updated svn:keywords, merging minor changes
git-svn-id: file:///home/svn/framework3/trunk@4886 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-07 04:48:45 +00:00
HD Moore 3453b58820 Consistent use of handler(cli), removed the autofilter and dependency check stubs
git-svn-id: file:///home/svn/framework3/trunk@4646 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-04 04:37:30 +00:00
HD Moore d14221898d Merge in the new generic PHP exploit with new targets
Added type definitions to HTTP::Client



git-svn-id: file:///home/svn/framework3/trunk@4537 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-17 20:10:57 +00:00
HD Moore 207b1aec83 Removed the two app-specific modules and replaced with a generic module
git-svn-id: file:///home/svn/framework3/trunk@4535 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-17 18:55:25 +00:00
HD Moore bd0210c863 Updated the check() function to also look at the Server. Added a PunBB module.
git-svn-id: file:///home/svn/framework3/trunk@4534 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-17 18:08:41 +00:00
HD Moore d17b153e23 Adds check() support to this module
git-svn-id: file:///home/svn/framework3/trunk@4533 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-17 04:43:25 +00:00
Matt Miller f8f191c9db authors vs author typo, fixes #53
git-svn-id: file:///home/svn/framework3/trunk@4527 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-12 00:58:57 +00:00
HD Moore 4e78e6dae0 Added some targetting notes
git-svn-id: file:///home/svn/framework3/trunk@4519 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-11 16:30:23 +00:00
HD Moore 4600da9b8e Tag-team effort by hdm and gml (based on stefan's PoC)
git-svn-id: file:///home/svn/framework3/trunk@4515 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-11 01:03:02 +00:00
Matt Miller 99f9fb5353 add advanced option to control exiting after a session is created
git-svn-id: file:///home/svn/framework3/trunk@4488 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-27 18:57:47 +00:00
HD Moore abbeb2e87e Adding an Id tag and a standard header to all modules
git-svn-id: file:///home/svn/framework3/trunk@4419 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-18 00:10:39 +00:00
HD Moore 839ac9fc38 Do not exit after a session is obtained
git-svn-id: file:///home/svn/framework3/trunk@4396 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-15 22:17:50 +00:00
HD Moore b278bef22d Reference updates
git-svn-id: file:///home/svn/framework3/trunk@4266 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-05 14:44:09 +00:00
Matt Miller 8185f67cbd svnserve date
git-svn-id: file:///home/svn/framework3/trunk@4264 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-05 06:36:26 +00:00
HD Moore 8fd09e3880 Renamed
git-svn-id: file:///home/svn/framework3/trunk@4256 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-05 03:48:16 +00:00
HD Moore e936701a5a Updates
git-svn-id: file:///home/svn/framework3/trunk@4255 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-05 03:47:44 +00:00
HD Moore b221af7791 Integration of the new HTTP Client API
git-svn-id: file:///home/svn/framework3/trunk@4241 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-28 23:42:36 +00:00
HD Moore 5dc9f27618 Slight cleanups -- still not ready for real use
git-svn-id: file:///home/svn/framework3/trunk@4216 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-17 08:02:35 +00:00
HD Moore ffc626675b Initial support for PHP payloads
git-svn-id: file:///home/svn/framework3/trunk@4215 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-17 07:57:51 +00:00
HD Moore ea204ee0ff API change for the HTML mixin, the send_response method is no longer overloaded, instead exploits must call send_response_html to enable HTML evasion. The old method caused problems when a exploit needed HTML and non-HTML response capabilities
git-svn-id: file:///home/svn/framework3/trunk@4173 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-10 03:26:53 +00:00
HD Moore 810f80612b Reference updates
git-svn-id: file:///home/svn/framework3/trunk@4154 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-28 17:18:43 +00:00
Matt Miller 7f981714a6 ported realserver describe exploit
git-svn-id: file:///home/svn/framework3/trunk@4018 4d416f70-5f16-0410-b530-b9f4589650da
2006-10-11 09:18:01 +00:00
HD Moore c3876b6dd6 Updates for the autopwn stuff...
git-svn-id: file:///home/svn/framework3/trunk@3906 4d416f70-5f16-0410-b530-b9f4589650da
2006-09-17 08:00:37 +00:00
HD Moore f2cbcedf4d Break the loop when a session is created
git-svn-id: file:///home/svn/framework3/trunk@3890 4d416f70-5f16-0410-b530-b9f4589650da
2006-09-14 06:22:24 +00:00
HD Moore 4c37fe428d A replacement for payload_handler
git-svn-id: file:///home/svn/framework3/trunk@3889 4d416f70-5f16-0410-b530-b9f4589650da
2006-09-14 06:09:46 +00:00
HD Moore 6a821b59f9 Removed alert() :-)
git-svn-id: file:///home/svn/framework3/trunk@3785 4d416f70-5f16-0410-b530-b9f4589650da
2006-07-31 02:51:43 +00:00
HD Moore e55cff59e1 Fixed Rex::Arch.endian()
Added Rex::Text.to_unescape()
Added two mozilla exploits
Fixed firefox exploit to use new api




git-svn-id: file:///home/svn/framework3/trunk@3784 4d416f70-5f16-0410-b530-b9f4589650da
2006-07-31 02:50:41 +00:00
HD Moore 615104b6ab Other licensing updates (MSF->BSD) and minor cleanups
git-svn-id: file:///home/svn/incoming/trunk@3637 4d416f70-5f16-0410-b530-b9f4589650da
2006-05-06 16:43:45 +00:00
HD Moore bd862a5049 Mods
git-svn-id: file:///home/svn/incoming/trunk@3570 4d416f70-5f16-0410-b530-b9f4589650da
2006-03-12 02:06:57 +00:00
HD Moore 5d284866d9 Fixed
git-svn-id: file:///home/svn/incoming/trunk@3568 4d416f70-5f16-0410-b530-b9f4589650da
2006-03-10 08:03:14 +00:00
HD Moore 05bda2529a More aux, first hack on multi-target firefox exploit
git-svn-id: file:///home/svn/incoming/trunk@3565 4d416f70-5f16-0410-b530-b9f4589650da
2006-03-09 17:32:53 +00:00
vlad902 b158ccb973 Initial commit
git-svn-id: file:///home/svn/incoming/trunk@3509 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-05 22:05:01 +00:00