62ff52280a
initial linksys OS command injection
2013-01-21 13:19:29 +01:00
33751c7ce4
Merges and resolves CJR's normalize_uri fixes
...
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules
Note that this trips all kinds of msftidy warnings, but that's for another
day.
Conflicts:
modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
modules/exploits/windows/http/xampp_webdav_upload_php.rb
2013-01-07 11:16:58 -06:00
95948b9d7c
msftidy: remove $Revision$
2013-01-03 00:58:09 +01:00
ca890369b1
msftidy: remove $Id$
2013-01-03 00:54:48 +01:00
f88ec5cbc8
Add normalize_uri to modules that may have
...
been missed by PULL 1045.
Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)
ref --> https://github.com/rapid7/metasploit-framework/pull/1045
2012-11-08 17:42:48 +01:00
910644400d
References EDB cleanup
...
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
54ed60e24e
Forgot to remove the second require
2012-09-24 18:50:53 -05:00
6bd450e114
Make Ruby 1.8 happy
2012-09-24 18:49:41 -05:00
6771466cb7
Added module for CVE-2011-2750
2012-09-13 17:24:16 +02:00
b4b860f356
Correct MC's name
2012-08-08 14:16:02 -05:00
f26053c2c3
Add vendor's name in there for easier searching
2012-08-07 12:16:52 -05:00
614ae02a26
Add CVE-2012-2626 Scrutinizer add-user aux mod
2012-08-07 12:13:25 -05:00
e5dd6fc672
Update milw0rm references.
...
milw0rm.com is long gone, so all milw0rm references are just
a bunch of broken links. Change to exploit-db instead.
2012-06-28 14:27:12 -05:00
97974d9241
Shorten title for display
2012-06-27 10:19:46 -05:00
f93658b37a
Minor name change
2012-06-25 15:51:02 -05:00
637edc21ce
Add CVE-2010-2731
2012-06-25 15:48:36 -05:00
302ab963d1
Adding ref for intersil module
2012-06-20 15:05:56 -05:00
e72303a922
Add Intersil HTTP Basic auth pass reset (originally #453 )
...
The modified version of pull request #453 . This addresses a couple
of things including:
* Change the description to better explain what the vulnerability is.
The advisory focuses the problem as an auth bypass, not DoS,
although it can end up dosing the server.
* The title and filename are changed as a result of matching that
advisory's description.
* Use 'TARGETURI' option instead of 'URI'.
* The reset attempt needs to check if the directory actually has
401 in place, otherwise this may result a false-positive.
* The last HTTP request needs to check a possible nil return value.
* More verbose outputs.
2012-06-16 21:14:57 -05:00
01803c4a33
Fix possible nil res. Bug #6939 . Part 1.
2012-06-04 13:11:47 -05:00
3752c10ccf
Adding FireFart's RPORT(80) cleanup
...
This was tested by creating a resource script to load every changed
module and displaying the options, like so:
````
use auxiliary/admin/2wire/xslt_password_reset
show options
use auxiliary/admin/http/contentkeeper_fileaccess
show options
````
...etc. This was run in both the master branch and FireFart's branch
while spooling out the results of msfconsole, then diffing those
results. All modules loaded successfully, and there were no changes to
the option sets, so it looks like a successful fix.
Thanks FireFart!
Squashed commit of the following:
commit 7c1eea53fe3743f59402e445cf34fab84cf5a4b7
Author: Christian Mehlmauer <FireFart@gmail.com>
Date: Fri May 25 22:09:42 2012 +0200
Cleanup Opt::RPORT(80) since it is already registered by Msf::Exploit::Remote::HttpClient
2012-06-02 09:53:19 -05:00
c606896122
Multiple fixes and improvements:
...
* Make session ID configurable based on feature #6894's suggestion.
* Fix a potential bug when res is nil.
* Use print_error() to make the error message more readable.
2012-05-24 02:16:29 -05:00
2f3bbdc00c
Sed replacement of exploit-db links with EDB refs
...
This is the result of:
find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/ \([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
aeb691bbee
Massive whitespace cleanup
2012-03-18 00:07:27 -05:00
7c77fe20cc
Some variables don't need to be in a double-quote.
2012-03-17 20:37:42 -05:00
302853f5a4
Unpolluting SVN Revision keyword
...
Sometimes Revision keywords get expanded, too. Fix those.
2012-03-02 10:18:32 -06:00
3626d48db2
Un-polluting SVN Id keyword
...
Sometimes the SVN Id keyword sneaks back into the github repo already
expanded.
2012-03-02 10:18:32 -06:00
b608aeeeb7
Migrating modules to use report_web_vulns and minor fixes
2012-03-02 10:18:32 -06:00
a2e5a4d9d5
New wmap version 1.5. Plugin and mixin changes. Modules edited to adjust to naming convention
2012-03-02 10:18:31 -06:00
ceb4888772
Fix up the boilerplate comment to use a better url
2012-02-20 19:40:50 -06:00
7b2a1dc791
Repair dead milw0rm link to exploit-db
2011-12-13 16:11:33 -06:00
67120d4263
msftidy on aux modules, see #5749
2011-11-20 13:12:07 +11:00
d75e4aead3
Cosmetic changes
2011-11-10 15:45:02 -06:00
0c36915dae
add osvdb ref
2011-11-10 13:24:26 -06:00
453082678f
Add CVE-2010-1871 (Feature #5922 )
2011-11-10 10:21:17 -06:00
7ffcf62a2e
Add #5364
...
git-svn-id: file:///home/svn/framework3/trunk@14181 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 17:34:42 +00:00
e9461c766e
Msftidy run against a bunch of whitespace violations, a few line too longs.
...
git-svn-id: file:///home/svn/framework3/trunk@13962 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 02:42:01 +00:00
5c41385284
Added aux module trendmicro_dlp_traversal.
...
git-svn-id: file:///home/svn/framework3/trunk@13772 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-22 07:34:53 +00:00
cacc3f237c
Added improvements to this module to use a wordlist of known sensitive files
...
git-svn-id: file:///home/svn/framework3/trunk@13654 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-29 03:13:22 +00:00
d50577066f
remove some silliness of registering UserAgent as an option since it's already an advanced option for HttpClient, make the default obvious
...
git-svn-id: file:///home/svn/framework3/trunk@13394 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-28 22:57:47 +00:00
fb33b0cbfd
Added contentkeeper_fileaccess aux traversal module.
...
git-svn-id: file:///home/svn/framework3/trunk@12288 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-10 15:27:17 +00:00
4590844871
tons of indentation fixes, some other style tweaks
...
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 08:06:27 +00:00
6b1eb27ab5
put scanner modules in the scanner directory
...
git-svn-id: file:///home/svn/framework3/trunk@10210 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-01 01:49:06 +00:00
36bbd6e8b6
coldfusion directory traversal module
...
git-svn-id: file:///home/svn/framework3/trunk@10209 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-01 01:43:48 +00:00
aac956db50
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@10128 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-24 18:22:48 +00:00
bb9be48739
Added tomcat utf8 traversal aux module.
...
git-svn-id: file:///home/svn/framework3/trunk@10104 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-23 16:17:43 +00:00
12fbdcd878
add http_fingerprint calls to modules that use various headers
...
git-svn-id: file:///home/svn/framework3/trunk@9627 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-25 20:53:12 +00:00
0e72894e58
more cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@9212 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-03 17:13:09 +00:00
0ea6eca4bc
big module whitespace/formatting cleanup pass
...
git-svn-id: file:///home/svn/framework3/trunk@9179 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 08:40:19 +00:00
54b276d5e5
Cosmetic
...
git-svn-id: file:///home/svn/framework3/trunk@9009 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-04 16:35:43 +00:00
df55aee06f
add osvdb and cve refs
...
git-svn-id: file:///home/svn/framework3/trunk@8444 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-10 19:35:28 +00:00
40be42676b
new tomcat_mgr_login aux module
...
- uses auth_brute mixin
- has old and new default users/passes/pairs
- replaces older modules/auxiliary/admin/http/tomcat_manager.rb
git-svn-id: file:///home/svn/framework3/trunk@8201 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-22 20:31:51 +00:00
5ebb0c4b38
add CVE, two default users & passwords, see #711
...
git-svn-id: file:///home/svn/framework3/trunk@8194 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-22 16:22:12 +00:00
2283e029db
crossing fingers, big cr removal batch
...
git-svn-id: file:///home/svn/framework3/trunk@8038 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-30 22:24:22 +00:00
5f650c0751
Added HP Web JetAdmin aux command exec module.
...
git-svn-id: file:///home/svn/framework3/trunk@7041 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-19 00:33:44 +00:00
9174bcd0a8
Added iomega_storcentrepro_sessionid aux module.
...
git-svn-id: file:///home/svn/framework3/trunk@6733 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-01 03:55:56 +00:00
37c2e301ed
replacing defunct framework URL in header comments in most modules and pcap_log
...
git-svn-id: file:///home/svn/framework3/trunk@6479 4d416f70-5f16-0410-b530-b9f4589650da
2009-04-13 14:33:26 +00:00
eccfcdfced
Sets svn keywords on modules missing it, tweaks the emailer module
...
git-svn-id: file:///home/svn/framework3/trunk@6407 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-28 06:03:35 +00:00
1d42efd73d
New module from spinbad
...
git-svn-id: file:///home/svn/framework3/trunk@6341 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-15 02:32:34 +00:00
ff8323e6d2
added modules from Matteo Cantoni.
...
git-svn-id: file:///home/svn/framework3/trunk@6170 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-21 12:51:30 +00:00
m-1-k-3
Tod Beardsley
Christian Mehlmauer
Chris John Riley
Michael Schierl
sinn3r
jvazquez-r7
Efrain Torres
HD Moore
James Lee
Steve Tornio
wchen-r7
Tod Beardsley
Patrick Webster
David Rude
James Lee
Joshua Drake
cg
Mario Ceballos