Commit Graph

12925 Commits (8b3b952ccd0b0a6856f2eeb10eddea73390838e2)

Author SHA1 Message Date
sinn3r 8b3b952ccd Fix bug #6761 - false negative when OWA brings the user to the Options page insetad of inbox 2012-05-04 12:30:43 -05:00
HD Moore 423437c620 Woops, small typo in disable_functions 2012-05-04 12:17:41 -05:00
HD Moore c6b39e8e5c Add additional definitions to disable safe_mode, open_basedir, suhosin. (thanks @i0n1c) 2012-05-04 12:15:46 -05:00
sinn3r 69b60b88f8 Fix bug #6801: Error handling for get_imperstoken() 2012-05-04 11:44:05 -05:00
sinn3r 4f2226e3b9 Make sure vim_index_array is actually an array before doing the delete_if. Bug #6809 2012-05-04 11:26:03 -05:00
HD Moore 2ce3558bb4 Bump the rank 2012-05-04 10:19:37 -05:00
HD Moore bed4846763 A little more module cleanup 2012-05-04 10:06:18 -05:00
HD Moore d668e2321d Rename this to a more suitable location 2012-05-04 09:59:40 -05:00
HD Moore 6cf6a9548d Fix up the PHP CGI exploit, remove debug lines 2012-05-04 09:58:10 -05:00
sinn3r d5d35551ab Add EDB reference 2012-05-04 00:11:29 -05:00
sinn3r 6d5ceb07b6 Merge pull request #359 from wchen-r7/solarwinds_storage_manager_sql
Add Solarwinds Storage Manager 5.1.0 SQL Injection (code execution)
2012-05-03 22:02:12 -07:00
sinn3r 9a36017271 no unicode 2012-05-04 00:01:03 -05:00
sinn3r 25b11a02b5 Update the comment for check() 2012-05-03 20:37:36 -05:00
sinn3r 4bf674ece6 Pff, and of course, I had to make a typo on that one 2012-05-03 20:34:52 -05:00
sinn3r 1a4d3f849c A little change to the description 2012-05-03 20:33:28 -05:00
sinn3r 1cdc376f2b Merge branch 'msfvenom_nomethoderror' of https://github.com/silviupopescu/metasploit-framework into silviupopescu-msfvenom_nomethoderror 2012-05-03 20:29:06 -05:00
sinn3r 7ca69f00b0 Add Solarwinds Storage Manager 5.1.0 SQL Injection (code execution) 2012-05-03 20:24:42 -05:00
James Lee 2d1f4d4f3e Add hdm's better check method 2012-05-03 19:00:40 -06:00
James Lee 40ec3d9d40 Add an exploit module for the recent php cgi bug (CVE-2012-1823) 2012-05-03 18:51:54 -06:00
Silviu-Mihai Popescu 605e1929e4 Fixed msfvenom NoMethodError with alpha_mixed encoder.
The issue was reported on Github[1] and Redmine[2].

The error consisted of trying to use the supports?() method
on an Array instead of a PlatformList.

[1] https://github.com/rapid7/metasploit-framework/issues/357
[2] http://dev.metasploit.com/redmine/issues/6826

Reported by: Brandon Perry
Signed off by: Silviu Popescu <silviupopescu1990@gmail.com>
2012-05-03 17:47:25 +03:00
HD Moore 5151a4c530 Cosmetic 2012-05-03 00:33:09 -05:00
HD Moore 99d7b2601c Cosmetic 2012-05-03 00:31:50 -05:00
Tod Beardsley 43d730d564 Squashed commit of minor cosmetic fixes:
commit eed15ea9ecc88683c8d922fe155d4777a7ce1286
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed May 2 21:55:56 2012 -0500

    Whitespace at EOL. Dangit.

commit 8159b27728d1a4fd0ad94ff56c4b4f2b995646f8
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed May 2 16:38:01 2012 -0500

    Disambiguating 'WebCalendar'
2012-05-02 21:57:41 -05:00
James Lee dd7bc23d16 Whitespace 2012-05-02 18:06:39 -06:00
sinn3r c26dff4cff Clear whitespace 2012-05-01 17:29:27 -05:00
James Lee 1c03c2b157 Fix indentation 2012-05-01 15:21:42 -06:00
James Lee 194c0906c2 Fix a stack trace when SMBUser is nil 2012-05-01 15:21:42 -06:00
James Lee 6ab66dc59e Fix a stack trace when the SMBUser isn't set
For some reason an invalid user/pass don't seem to trigger
STATUS_ACCESS_DENIED responses, but an empty user does.
2012-05-01 15:21:42 -06:00
Alexandre Maloteaux d68d832c9d Squashed commit of the following:
commit a0b50c394962fc90afc8d6232e1875588ed7ecb3
Author: Alexandre Maloteaux <a.maloteaux@gmail.com>
Date:   Fri Apr 20 01:45:06 2012 +0100

    enumshare: add srvsvc netshareenum request for compatibility with win 7 / 2008r2

[Closes #346]
2012-05-01 15:21:42 -06:00
Tod Beardsley c27fb73b53 Removing temp test dir for git user training 2012-05-01 16:13:00 -05:00
Tod Beardsley 63934fc368 Adding another test file (ignore)
[Closes #356]
2012-05-01 16:03:52 -05:00
Tod Beardsley 06926a30b4 Merge remote branch 'mcfakepants/new_test_file' 2012-05-01 15:59:37 -05:00
Fakey McFakepants 7e969a9849 Adding a new file to test/git.txt 2012-05-01 15:42:47 -05:00
Tod Beardsley 4cdef9ab4c Adding a file to the Git Repo (ignore)
This file will be edited a few times then removed. It is here just for
GitHub user training for metasploit developers.
2012-05-01 13:14:06 -05:00
sinn3r 3e72f555ae Forgot... I don't need to print the client's IP manually anymore 2012-05-01 12:56:03 -05:00
sinn3r 3099236059 We no longer have to print the client's IP, because it's now a built-in feature. 2012-05-01 12:47:55 -05:00
sinn3r 094e7d0327 Merge branch 'cve-2012-1775_vlc_mms_bof' of https://github.com/juanvazquez/metasploit-framework into juanvazquez-cve-2012-1775_vlc_mms_bof 2012-05-01 12:27:10 -05:00
HD Moore bbca2c4649 Remove reference to missing dispatch_ninja 2012-05-01 10:31:18 -05:00
juan 01b0d85526 module for cve-2012-1775 added 2012-05-01 16:39:30 +02:00
HD Moore a9dd2f49d7 Bump versions to 4.4.0-dev 2012-05-01 00:43:06 -05:00
HD Moore 172456b680 Fix a mangled merge that prevent imported vulns from being registered in some cases 2012-05-01 00:35:44 -05:00
HD Moore 9988d6a430 Tabs. Sweet sweet tabs 2012-05-01 00:35:01 -05:00
HD Moore 0367b7b3f2 Fix a mangled merge that prevent imported vulns from being registered in some cases 2012-05-01 00:35:01 -05:00
David Maloney 82b8042d2d Fix an error condition with the afp server info module
Better exception handling is probably needed for the entire thing
2012-04-30 18:29:44 -05:00
sinn3r 5fec29e6b7 Add McAfee Virtual Technician ActiveX MVTControl vulnerability 2012-04-30 16:23:52 -05:00
sinn3r fd2e4c12a2 Fix possible "can't convert Fixnum into String" error 2012-04-30 13:49:53 -05:00
David Maloney 348da8e5a6 Fixes an issue with mysql probes not timing out properly. 2012-04-30 12:22:49 -05:00
HD Moore e12c29a5dc Fix up the check so it doesn't throw a marshal exception 2012-04-29 18:40:01 -05:00
HD Moore ffd91793b9 Make RMI easier to correlate, add a vulnerability check to the scanner module 2012-04-29 18:11:28 -05:00
sinn3r 46ad599673 Add CVE-2012-1495 WebCalendar settings.php code injection 2012-04-28 02:32:04 -05:00