sinn3r
7c258d7aa9
Merge branch 'jvazquez-r7-atlassian_crowd'
2012-06-27 17:12:00 -05:00
sinn3r
68c582873b
Add the MSF license text
2012-06-27 17:11:00 -05:00
sinn3r
6c80fd9b42
Merge branch 'atlassian_crowd' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-atlassian_crowd
2012-06-27 17:09:25 -05:00
sinn3r
e605a35433
Make sure the check func is always returning the same data type
2012-06-27 17:07:55 -05:00
sinn3r
cb1af5ab79
Final cleanup
2012-06-27 16:57:04 -05:00
jvazquez-r7
d3bc78c53b
applied changes proposed by sinn3r
2012-06-27 23:55:51 +02:00
jvazquez-r7
73360dfae3
minor fixes
2012-06-27 23:38:52 +02:00
jvazquez-r7
245205c6c9
changes on openfire_auth_bypass
2012-06-27 23:15:40 +02:00
jvazquez-r7
6ec990ed85
Merge branch 'Openfire-auth-bypass' of https://github.com/h0ng10/metasploit-framework into h0ng10-Openfire-auth-bypass
2012-06-27 23:09:26 +02:00
sinn3r
dc30a2dddb
Merge branch 'atlassian_crowd' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-atlassian_crowd
2012-06-27 15:37:15 -05:00
sinn3r
2f733ff8b9
Add CVE-2012-0663 Apple QuickTime TeXML Exploit
2012-06-27 14:41:45 -05:00
Tod Beardsley
97974d9241
Shorten title for display
2012-06-27 10:19:46 -05:00
Tod Beardsley
94e28933c8
Whitespace fixes. msftidy.rb yall
2012-06-27 10:06:15 -05:00
jvazquez-r7
2c5cc697c9
Added auxiliary module for CVE-2012-2926
2012-06-27 10:21:18 +02:00
HD Moore
2dd51690c2
Add a missing require
2012-06-27 00:47:32 -05:00
sinn3r
be2692a623
Merge branch 'pdf_parser_fix' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-pdf_parser_fix
2012-06-26 16:55:26 -05:00
James Lee
891400fdbb
Array#select! is only in 1.9
2012-06-26 15:32:39 -06:00
sinn3r
9ea6d84a7a
Make it clear the exploit doesn't like certain PDF formats
...
If the exploit cannot fetch certain xref fields, we warn the user
we don't like their PDF, and recommend them to try a different
one.
2012-06-26 16:32:10 -05:00
h0ng10
6cc8390da9
Module rewrite, included Java support, direct upload, plugin deletion
2012-06-26 11:56:44 -04:00
jvazquez-r7
cc90a60a1b
Correct the use of the platform argument
...
The platform argument is meant to be a PlatformList object, not as an array:
http://dev.metasploit.com/redmine/issues/6826
This commit undoes the last change to init_platform() in alpha_mixed and modifies msfvenom to use it as intended.
2012-06-26 17:32:55 +02:00
sinn3r
b966dda980
Update missing CVE reference
2012-06-26 01:26:09 -05:00
sinn3r
8f355554c8
Update missing CVE reference
2012-06-26 01:21:24 -05:00
sinn3r
0d7b6d4053
Update missing CVE reference
2012-06-26 01:20:28 -05:00
sinn3r
c7935e0e99
Update OSVDB reference
2012-06-26 01:18:25 -05:00
sinn3r
9980c8f416
Add rh0's analysis
2012-06-25 21:32:45 -05:00
sinn3r
7698b2994d
Correct OSVDB typo
2012-06-25 18:32:35 -05:00
sinn3r
8927c8ae57
Make it more verbose, and do some exception handling for cleanup
2012-06-25 17:27:33 -05:00
sinn3r
fef77bfd7f
Merge branch 'sugarcrm_unserialize_exec' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-sugarcrm_unserialize_exec
2012-06-25 16:55:45 -05:00
jvazquez-r7
7b0f3383d2
delete default credentials
2012-06-25 23:53:56 +02:00
sinn3r
7f5687ef10
Merge branch 'sugarcrm_unserialize_exec' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-sugarcrm_unserialize_exec
2012-06-25 16:28:55 -05:00
jvazquez-r7
7dc1a572e5
trying to fix serialization issues
2012-06-25 23:25:38 +02:00
sinn3r
063a2119a3
Merge branch 'iis_auth_bypass' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-iis_auth_bypass
2012-06-25 15:51:33 -05:00
sinn3r
f93658b37a
Minor name change
2012-06-25 15:51:02 -05:00
sinn3r
637edc21ce
Add CVE-2010-2731
2012-06-25 15:48:36 -05:00
jvazquez-r7
59bb9ac23b
quoting ip to avoid php complaining
2012-06-25 18:52:26 +02:00
jvazquez-r7
4c453f9b87
Added module for CVE-2012-0694
2012-06-25 17:21:03 +02:00
HD Moore
807f7729f0
Merge branch 'master' into feature/vuln-info
2012-06-25 10:10:20 -05:00
Steve Tornio
5d2655b0ce
add osvdb ref
2012-06-25 09:00:03 -05:00
HD Moore
f7dca272b6
IE 10/Win8 detection support
2012-06-25 00:36:49 -05:00
HD Moore
1989f0ab46
IE 10/Win8 detection support
2012-06-25 00:36:04 -05:00
HD Moore
348a0b8f6e
Merge branch 'master' into feature/vuln-info
2012-06-24 23:00:13 -05:00
HD Moore
c28d47dc70
Take into account an integer-normalized datastore
2012-06-24 23:00:02 -05:00
HD Moore
e31a09203d
Take into account an integer-normalized datastore
2012-06-24 22:59:14 -05:00
sinn3r
05eaac9085
Fix possible param duplicates
2012-06-24 19:05:42 -05:00
dmaloney-r7
46dd286cc8
Merge pull request #519 from rapid7/gpp-passwords
...
Gpp passwords
2012-06-24 16:18:34 -07:00
David Maloney
6e19dddf2a
Alleviate duplicated work in gpp module
2012-06-24 16:21:35 -05:00
David Maloney
aa09cd7f82
More collaboration stuff on gpp module
2012-06-24 13:08:19 -05:00
h0ng10
65197e79e2
added Exploit for CVE-2008-6508 (Openfire Auth bypass)
2012-06-24 07:35:38 -04:00
sinn3r
e805675c1f
Add Apple iTunes 10 Extended M3U Stack Buffer Overflow
...
New exploit against Apple iTunes. Note that this appears to be
different than liquidworm's CVE-2012-0677, because this one is
a stack-based buffer overflow, while CVE-2012-0677 is heap-based,
and a different crash/backtrace. However, according to Rh0, this
bug is patched anyway in the same update... possibly a silent
patch.
As of now, there seems to be no CVE or OSVDB addressing this
particular bug.
2012-06-24 02:01:34 -05:00
David Maloney
eefea8d9d3
Add newname attr in gpp module
2012-06-23 17:51:58 -05:00