Commit Graph

280 Commits (8b8da0b3708a738de22b5a7a015a40856a157dbe)

Author SHA1 Message Date
Tod Beardsley c83b49ad58 Unix linefeeds, not windows
That's what I get for just committing willy-nilly with a fresh install
of Gvim for Windows.

Also, this is an experiment to see if linefeeds are being respected in
this editor Window. I doubt it will be, given GitHub's resistence to
50/72 as a sensible default.
2012-09-16 18:10:35 -05:00
Tod Beardsley 2fc34e0073 Auth successful, not successfully
Just fixing up some adverb versus adjective grammar.
2012-09-16 17:51:00 -05:00
jvazquez-r7 cbc778cb47 add changes proposed by sinn3r 2012-09-15 23:53:09 +02:00
jvazquez-r7 0708ec72fc module moved to a more correct location 2012-09-15 15:31:21 +02:00
jvazquez-r7 e27f736e95 BID reference added 2012-08-24 17:29:12 +02:00
jvazquez-r7 0e535e6485 added module for XODA file upload RCE 2012-08-22 00:54:13 +02:00
jvazquez-r7 c2cc4b3b15 juan author name updated 2012-08-06 18:59:16 +02:00
Tod Beardsley d5b165abbb Msftidy.rb cleanup on recent modules.
Notably, DisclosureDate is required for other module parsers, so let's
not ignore those, even if you have to guess at the disclosure or call
the module's publish date the disclosure date.
2012-08-04 12:18:00 -05:00
Daniel Miller 31510167e6 Make setuid_nmap more robust
Squashed commit of the following:

commit e1a1f84f9b1ce6466e82c72e39070c34607d6769
Author: James Lee <egypt@metasploit.com>
Date:   Fri Aug 3 14:13:33 2012 -0600

    Fix 1.8 compat

commit 26533219896b6e874b2f2113e7cbc6d5d7d1ac79
Author: Daniel Miller <bonsaiviking@gmail.com>
Date:   Thu Aug 2 09:50:38 2012 -0500

    Handle early Nmap versions that don't take absolute paths

commit 00db80131deba1f4a3bcc289b394feb5057fbbe9
Author: Daniel Miller <bonsaiviking@gmail.com>
Date:   Fri Jul 27 11:58:36 2012 -0500

    Add compatibility args to setuid_nmap command

    Nmap before 4.75 would not run a script without a port scan being
    performed. Example: 4.53 installed on Metasploitable would not work.
    Added "-p80 localhost" to the command to ensure it works with these
    older versions.

[Closes #649]
2012-08-03 14:15:09 -06:00
jvazquez-r7 2f66aa7c4f Added module for OSVDB 83891 2012-07-21 12:14:29 +02:00
James Lee efe478f847 Merge branch 'master' into omg-post-exploits 2012-07-16 09:20:23 -06:00
HD Moore a57e712630 Be less verbose 2012-07-15 22:19:12 -05:00
HD Moore b133428bc1 Better error handling in two web app modules 2012-07-15 21:56:00 -05:00
jvazquez-r7 4af75ff7ed Added module for CVE-2011-4542 2012-07-10 18:40:18 +02:00
James Lee 6d6b4bfa92 Merge remote branch 'rapid7/master' into omg-post-exploits 2012-07-08 17:32:39 -06:00
Steve Tornio 44290c2c89 add osvdb ref 2012-07-07 08:40:25 -05:00
sinn3r 1e6c4301b6 We worked on it, so we got credit 2012-07-06 02:12:10 -05:00
sinn3r f8123ef316 Add a "#" in the end after the payload 2012-07-06 02:09:31 -05:00
sinn3r 187731f2cb Add a check function to detect the vuln 2012-07-06 01:58:01 -05:00
sinn3r dcddc712d2 Missing a "&" 2012-07-06 01:50:18 -05:00
sinn3r 3c8a836091 Add lcashdol's module from #568
Initial version being worked on by sinn3r & juan
2012-07-06 01:41:34 -05:00
sinn3r 850242e733 Remove the extra comma and a tab char 2012-07-05 14:05:23 -05:00
jvazquez-r7 aee7d1a966 Added module for CVE-2012-0911 2012-07-05 20:58:27 +02:00
sinn3r e5dd6fc672 Update milw0rm references.
milw0rm.com is long gone, so all milw0rm references are just
a bunch of broken links.  Change to exploit-db instead.
2012-06-28 14:27:12 -05:00
sinn3r f63a3959e0 Update web app module references 2012-06-28 00:37:37 -05:00
sinn3r 8927c8ae57 Make it more verbose, and do some exception handling for cleanup 2012-06-25 17:27:33 -05:00
jvazquez-r7 7b0f3383d2 delete default credentials 2012-06-25 23:53:56 +02:00
jvazquez-r7 7dc1a572e5 trying to fix serialization issues 2012-06-25 23:25:38 +02:00
jvazquez-r7 4c453f9b87 Added module for CVE-2012-0694 2012-06-25 17:21:03 +02:00
James Lee 815d80a2cc Merge branch 'rapid7' into omg-post-exploits 2012-06-21 17:02:55 -06:00
HD Moore d40e39b71b Additional exploit fail_with() changes to remove raise calls 2012-06-19 19:43:41 -05:00
HD Moore fb7f6b49f0 This mega-diff adds better error classification to existing modules 2012-06-19 12:59:15 -05:00
James Lee 96c16a498a Add a check for distcc_exec
Just executes the exploit with an "echo <random>" payload to see if it
works.
2012-06-18 14:34:02 -06:00
James Lee c39a42da3d No need to alter time out 2012-06-12 23:58:20 -06:00
James Lee 0e8fb0fe98 Add a post-exploitation exploit for suid nmap
Tested on Ubuntu with nmap 6.00 and nmap 5.00
2012-06-12 23:58:20 -06:00
jvazquez-r7 4ae786590a php_wordpress_foxypress from patrick updated. Related to Pull Request #475 2012-06-12 17:39:05 +02:00
Christian Mehlmauer 3752c10ccf Adding FireFart's RPORT(80) cleanup
This was tested by creating a resource script to load every changed
module and displaying the options, like so:

````
use auxiliary/admin/2wire/xslt_password_reset
show options
use auxiliary/admin/http/contentkeeper_fileaccess
show options
````

...etc. This was run in both the master branch and FireFart's branch
while spooling out the results of msfconsole, then diffing those
results. All modules loaded successfully, and there were no changes to
the option sets, so it looks like a successful fix.

Thanks FireFart!

Squashed commit of the following:

commit 7c1eea53fe3743f59402e445cf34fab84cf5a4b7
Author: Christian Mehlmauer <FireFart@gmail.com>
Date:   Fri May 25 22:09:42 2012 +0200

    Cleanup Opt::RPORT(80) since it is already registered by Msf::Exploit::Remote::HttpClient
2012-06-02 09:53:19 -05:00
David Maloney 54fb6d2f7a Fixes unreal ircd race condition
Handler would exit before finishing staging
2012-05-29 17:16:07 -05:00
jvazquez-r7 e774df5c32 target info plus relocation 2012-05-25 20:16:13 +02:00
jvazquez-r7 c4fad0dea5 module added for OSVDB-73609 2012-05-25 17:18:09 +02:00
HD Moore d668e2321d Rename this to a more suitable location 2012-05-04 09:59:40 -05:00
HD Moore 6cf6a9548d Fix up the PHP CGI exploit, remove debug lines 2012-05-04 09:58:10 -05:00
sinn3r 9a36017271 no unicode 2012-05-04 00:01:03 -05:00
James Lee 2d1f4d4f3e Add hdm's better check method 2012-05-03 19:00:40 -06:00
James Lee 40ec3d9d40 Add an exploit module for the recent php cgi bug (CVE-2012-1823) 2012-05-03 18:51:54 -06:00
sinn3r a8eada6016 This module should be able to support more payloads 2012-04-16 14:43:36 -05:00
sinn3r edadc19757 This module should be able to support more payloads than it should be 2012-04-16 14:41:11 -05:00
Tod Beardsley 56404f5edd Fixing EDB reference 2012-03-28 14:33:25 -06:00
Tod Beardsley 2bcf259301 Setting correct LFs on freepbx_callmenum.rb 2012-03-23 16:29:42 -05:00
wchen-r7 71462bc73d Merging in freepbx_callmenum.rb and ricoh_dl_bof.rb
[Closes #266]
2012-03-23 16:23:36 -05:00