78be03623f
Fix indent warnings
2015-03-17 03:39:04 -04:00
34c30502fd
Add SSL/TLS support, fix minor errors, change default parameters
2015-03-17 02:49:11 -04:00
252557227d
Add F5 BigIP APM DoS module
2015-03-06 01:55:42 -05:00
354e952841
fix msftidy warnings
2015-01-18 23:55:57 +01:00
6014ff8a31
fix msftidy warnings
2015-01-18 23:54:16 +01:00
a5f48b23df
Add use of Msf::ThreadManager
2015-01-07 17:27:06 +00:00
e90e98547b
Add configurable timeout to WordPress login
2015-01-07 17:06:31 +00:00
92015ac124
Replace custom login with wordpress_login mixin
2015-01-04 23:07:07 +00:00
39412c4a48
Add WordPress long password DoS module
2015-01-04 18:50:23 +00:00
35d3bbf74d
Fix up comment splats with the correct URI
...
See the complaint on #4039 . This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
f45b89503d
change WPVULNDBID to WPVDB
2014-10-03 17:13:18 +02:00
33b37727c7
Added wpvulndb links
2014-10-02 23:03:31 +02:00
a7be5b5164
Added fingerprinting
2014-08-07 18:12:58 +02:00
d6e60453d6
Added Wordpress XMLRPC DoS
2014-08-07 11:38:44 +02:00
8937fbb2f5
Fix email format
2014-07-11 12:45:23 -05:00
062175128b
Update @Meatballs and @FireFart in authors.rb
2014-04-09 10:46:10 -05:00
170608e97b
Fix first chunk of msftidy "bad char" errors
...
There needs to be a better way to go about preventing/fixing these.
2014-03-11 11:18:54 -05:00
de6be50d64
Minor cleanup and finger-wagging about a for loop
2014-03-03 14:12:22 -06:00
449d0d63d1
Do small clean up
2014-02-26 08:52:51 -06:00
ead7cbc692
Author and URI fixed
2014-02-24 22:20:34 +01:00
8f7f1d0497
Add module for CVE-2014-0050
2014-02-22 14:56:59 +01:00
a239e14084
Fix nodejs_popelining check
2014-01-19 17:06:35 -06:00
e737b136cc
Minor grammar/caps fixup for release
2013-12-09 14:01:27 -06:00
fdebfe3d2f
Add references
2013-12-07 14:25:58 -06:00
adc241faf8
Last one, I say
2013-12-06 15:52:42 -06:00
17193e06a9
Last commit, I swear
2013-12-06 15:49:44 -06:00
58a70779ac
Final update
2013-12-06 15:48:59 -06:00
9f5768ae37
Another update
2013-12-06 14:53:35 -06:00
af16f11784
Another update
2013-12-06 14:39:26 -06:00
87e77b358e
Use the correct URI
2013-12-06 12:08:19 -06:00
5d4acfa274
Plenty of changes
2013-12-06 11:57:02 -06:00
c07686988c
random uri
2013-12-05 18:07:24 -06:00
8e9723788d
Correct description
2013-12-04 17:25:58 -06:00
fb2fcf429f
This one actually works
2013-12-04 17:22:42 -06:00
d0071d7baa
Add CVE-2013-6414 Rails Action View DoS
2013-12-04 14:57:30 -06:00
23448b58e7
Remove timeout checkers that are rescued anyway
2013-11-25 12:37:23 -06:00
f311b0cd1e
Add user-controlled verbs.
...
GET, HEAD, POST, and PROPFIND were tested on WebRick, all successful.
2013-11-25 12:29:05 -06:00
6a28aa298e
Module for CVE-2013-4164
...
So far, just a DoS. So far, just tested on recent Rails with Webrick and
Thin front ends -- would love to see some testing on ngix/apache with
passenger/mod_rails but I don't have it set up at the moment.
2013-11-22 16:51:02 -06:00
f963f960cb
Update title
2013-11-18 15:07:59 -06:00
274247bfcd
Land #2647 , @jvennix-r7's module for Gzip Memory Bomb DoS
2013-11-18 15:06:46 -06:00
589660872e
Kill FILEPATH datastore option.
2013-11-18 14:13:25 -06:00
8e889c61f7
Update description.
2013-11-17 15:48:27 -06:00
f7820139dc
Add a content_type datastore option.
2013-11-17 15:38:55 -06:00
43d2711b98
Default to 1 round compression.
2013-11-17 15:35:35 -06:00
1e3860d648
Add gzip bomb dos aux module.
2013-11-17 14:44:33 -06:00
2c485c509e
Fix caps on module titles (first pass)
2013-11-15 00:03:42 -06:00
9045eb06b0
Various title and description updates
2013-10-28 14:00:19 -05:00
bdf07456ba
Last cleanup for nodejs_pipelining
2013-10-22 15:00:58 -05:00
db447b65f9
Add exploit for Node.js HTTP Pipelining DoS
2013-10-22 15:12:14 -04:00
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
09fa7b7692
remove rport methods since it is already defined in Msf::Exploit::Remote::HttpClient
2013-09-25 23:50:34 +02:00
84ec2cbf11
remove peer methods since it is already defined in Msf::Exploit::Remote::HttpClient
2013-09-25 23:42:44 +02:00
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
bc24f99f8d
Various description and title updates
2013-07-01 15:37:37 -05:00
6168eb7590
Land #1981 - Canon Wireless Printer Denial of Service
2013-06-18 19:04:48 -05:00
7d15dc379d
Make msftidy happy
2013-06-18 19:04:03 -05:00
0533ca68dc
Added DoS result checking
...
Lowered the http timeout
2013-06-18 19:48:21 -04:00
8c28631d4b
Fixed the date format
...
Removed the rport option
These are items that were code-review for my other related module, so
I figured they should be done here too
2013-06-18 12:17:50 -04:00
4ca9a88324
Tidying up grammar and titles
2013-06-17 16:49:14 -05:00
d877e4d489
Added CVE and disclosure date
2013-06-17 17:41:50 -04:00
3923bbeee9
Update
2013-06-15 18:28:58 -04:00
0494ac9218
Added Canon Wireless Printer DoS module
2013-06-15 18:23:04 -04:00
fd74390952
Clean monkey_headers
2013-06-13 18:07:35 -05:00
73aff97053
Land #1950 - Monkey HTTPD Header Parsing Denial-of-Service
...
This is the reviewed/updated version of pull request #1950 . We're
landing this one instead because the other one has a lot of
unnecessary commit messages.
2013-06-13 15:56:34 -05:00
a09b3b8023
Lands #1169 - Adds a check
...
[Closes #1169 ]
Conflicts:
modules/auxiliary/dos/http/apache_range_dos.rb
2013-04-22 15:50:15 -05:00
882b084cba
Changes the default action
2013-04-22 15:47:38 -05:00
7e28a4ddb0
Uses "ACTIONS" keys instead of datastore options
...
It's better to use ACTIONS instead of datastore in this case. Also,
did some cleanup.
2013-04-22 15:41:47 -05:00
2f11796dfa
Fix typo
...
[SeeRM #7800 ]
2013-03-13 16:10:20 -05:00
92093cd7d8
There's no HttpClient, so it shouldn't be using normalize_uri
2013-02-19 15:04:18 -06:00
c174e6a208
Correctly use normalize_uri()
...
normalize_uri() should be used when you're joining URIs. Because if
you're merging URIs after it's normalized, you could get double
slashes again.
2013-01-30 23:23:41 -06:00
33751c7ce4
Merges and resolves CJR's normalize_uri fixes
...
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules
Note that this trips all kinds of msftidy warnings, but that's for another
day.
Conflicts:
modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
modules/exploits/windows/http/xampp_webdav_upload_php.rb
2013-01-07 11:16:58 -06:00
95948b9d7c
msftidy: remove $Revision$
2013-01-03 00:58:09 +01:00
ca890369b1
msftidy: remove $Id$
2013-01-03 00:54:48 +01:00
1714fa21b1
adjusted DOS part to use HttpClient
2012-12-17 15:46:39 +01:00
a48c14124b
added CHECK functionality to the existing module
2012-12-13 16:54:50 +01:00
64a8b59ff9
Change CVE forma
...
Although the original text should work perfectly, for better
consistency, it's best to remove the "CVE" part. This may not
be a big deal in framework, but stands out a lot in Pro.
2012-12-09 01:09:21 -06:00
93a69ea62e
Fix instances of invalid lower-case datastore use
2012-11-29 00:05:36 -06:00
6b4c131cf5
Avoiding a future conflict with release
2012-11-20 13:24:19 -06:00
e8fe6031e9
Let default timeout for send_request_cgi
2012-11-16 18:09:47 +01:00
51f238ec38
up to date
2012-11-16 16:03:09 +01:00
f88ec5cbc8
Add normalize_uri to modules that may have
...
been missed by PULL 1045.
Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)
ref --> https://github.com/rapid7/metasploit-framework/pull/1045
2012-11-08 17:42:48 +01:00
2c4273e478
Correct some modules with res nil
2012-10-29 04:41:30 -05:00
910644400d
References EDB cleanup
...
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
e31a09203d
Take into account an integer-normalized datastore
2012-06-24 22:59:14 -05:00
6ae17db7d3
Adding FireFart's hashcollision DoS module
...
Have some minor edits below, looks like it all works now though.
Squashed commit of the following:
commit b7befd4889f12105f36794b1caca316d1691b335
Author: Tod Beardsley <todb@metasploit.com>
Date: Fri Jun 1 14:31:32 2012 -0500
Removing ord in favor of unpack.
Also renaming a 'character' variable to 'c' rather than 'i' which is
easy to mistake for an Integer counter variable.
commit e80f6a5622df2136bc3557b2385822ba077e6469
Author: Tod Beardsley <todb@metasploit.com>
Date: Fri Jun 1 14:24:41 2012 -0500
Cleaning up print msgs
commit 5fd65ed54cb47834dc646fdca8f047fca4b74953
Author: Tod Beardsley <todb@metasploit.com>
Date: Fri Jun 1 14:19:10 2012 -0500
Clean up hashcollision_dos description
Caps, mostly. One sentence I still don't get but it's not really a show
stopper.
commit bec0ee43dc9078d34a328eb416970cdc446e6430
Author: Christian Mehlmauer <FireFart@gmail.com>
Date: Thu May 24 19:11:32 2012 +0200
Removed RPORT, ruby 1.8 safe, no case insensitive check, error handling
commit 20793f0dfd9103c4d7067a71e81212b48318d183
Author: Christian Mehlmauer <FireFart@gmail.com>
Date: Tue May 22 23:11:53 2012 +0200
Hashcollision Script (again)
2012-06-01 14:51:11 -05:00
4772c1258e
Removing hashcollision_dos module due to license violation
...
The description text is a copy-paste of
http://www.ocert.org/advisories/ocert-2011-003.html , which has a
specific creative commons liscence prohibiting derivative works.
Since I have no idea what else in this module is a license violating,
I'm pulling it completely. I suspect a lot, though -- there are weird
all-caps methods in the module that look like copy-pastes as well.
Next time, please contribute original work, or at least work that is not
encumbered by restrictive licensing.
2012-05-21 11:28:58 -05:00
eea20e773b
Capitalization fixups on hashcollision_dos
2012-05-21 11:06:18 -05:00
8428d16db3
Format correction
2012-05-15 19:21:16 -05:00
19e32c210a
Added more references
2012-05-15 23:59:30 +02:00
46e58f8618
Ruby naming style
2012-05-15 23:53:33 +02:00
5f0075e24f
Revert API change
2012-05-15 23:28:51 +02:00
b298597218
Switched to Http Library, Code formatting issues
2012-05-15 19:43:28 +02:00
dc10fac885
Ported my Hashcollision Script to Ruby
2012-05-13 20:59:42 +02:00
2f3bbdc00c
Sed replacement of exploit-db links with EDB refs
...
This is the result of:
find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/ \([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
ceb4888772
Fix up the boilerplate comment to use a better url
2012-02-20 19:40:50 -06:00
67120d4263
msftidy on aux modules, see #5749
2011-11-20 13:12:07 +11:00
30ac88694f
More msftidy fixes. Now I'm going to get a little more surgical to get this to move faster.
...
git-svn-id: file:///home/svn/framework3/trunk@13963 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 02:58:53 +00:00
0ff7f17cba
Cosmetic module and service name fixes
...
git-svn-id: file:///home/svn/framework3/trunk@13917 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-14 00:52:15 +00:00
4d850c1ee6
Adds Apache Range DoS aka Apache Killer
...
git-svn-id: file:///home/svn/framework3/trunk@13781 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-23 16:38:35 +00:00
1c2e08d95d
Added SonicWall SSL-VPN format string module.
...
git-svn-id: file:///home/svn/framework3/trunk@12261 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-07 03:56:35 +00:00
dnkolegov
Christian Mehlmauer
rastating
URI Assassin
jvazquez-r7
Tod Beardsley
William Vu
ribeirux
sinn3r
joev
jvazquez-r7
Jonathan Rudenberg
Matt Andreko
James Lee
sinn3r
Tod Beardsley
T0X1C-1
HD Moore
Chris John Riley
Michael Schierl
David Rude
Patrick Webster