Commit Graph

191 Commits (8ce10ac5916efa3f1bcd1a983ed1ad275ccefa3a)

Author SHA1 Message Date
Brent Cook b08d1ad8d8
Revert "Land #6812, remove broken OSVDB references"
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
2016-07-15 12:00:31 -05:00
Brent Cook 2b016e0216
Land #6812, remove broken OSVDB references 2016-07-11 22:59:11 -05:00
Brent Cook 0d176f2c92 remove a couple of unnecessary ternary ops 2016-05-14 11:07:43 -05:00
wchen-r7 3b5db26ff5 Fix #6872, change upload action for CVE-2016-0854 exploit
This patch includes the following changes:

* Instead of the uploadFile action, this patch uses uploadImageCommon
  to be able to support both Advantech WebAccess builds: 2014 and
  2015.
* It uses an explicit check instead of the passive version check.
* It cleans up the malicious file after getting a session.
* Added module documentation to explain the differences between
  different builds of Advantech WebAccess 8.0s, and 8.1.

Fix #6872
2016-05-13 19:47:18 -05:00
Vex Woo 35a780c6a8 fix send_request_cgi redirection issues #6806 2016-05-05 09:55:32 -05:00
wchen-r7 816bc91e45 Resolve #6807, remove all OSVDB references.
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.

Resolve #6807
2016-04-23 12:32:34 -05:00
504137480 c08872144f Update advantech_webaccess_dashboard_file_upload.rb 2016-04-21 09:33:03 +08:00
504137480 dcb9c83f98 Update advantech_webaccess_dashboard_file_upload.rb 2016-04-21 09:28:42 +08:00
504137480 2400345fff Merge pull request #2 from open-security/advantech_webaccess_dashboard_file_upload
Advantech webaccess dashboard file upload
2016-04-19 12:59:32 +08:00
join-us 0407acc0ec add print_status with vuln_version? 2016-04-19 11:22:00 +08:00
join-us c88ddf1cc4 fix NilClass for res.body 2016-04-19 10:27:20 +08:00
xiaozhouzhou a895b452e6 fix 2016-04-19 00:21:26 +08:00
join-us ce9b692dd8 add print_status 2016-04-18 20:43:39 +08:00
join-us 7143668671 fix version_match 2016-04-18 20:31:32 +08:00
join-us 897238f3ec identify fingerpriint / make the code clear 2016-04-18 19:55:42 +08:00
504137480 7d1095bc08 Update advantech_webaccess_dashboard_file_upload.rb 2016-04-18 11:24:03 +08:00
504137480 47b5398152 Update advantech_webaccess_dashboard_file_upload.rb 2016-04-18 11:05:25 +08:00
504137480 ae23da39b8 Update advantech_webaccess_dashboard_file_upload.rb 2016-04-17 21:23:45 +08:00
504137480 ab9e988dd4 Update advantech_webaccess_dashboard_file_upload.rb 2016-04-17 21:15:03 +08:00
504137480 6c969b1c3b Update advantech_webaccess_dashboard_file_upload.rb 2016-04-17 18:49:56 +08:00
xiaozhouzhou 32192d3034 Advantech WebAccess Dashboard Viewer Arbitrary File Upload
Advantech WebAccess Dashboard Viewer Arbitrary File Upload
2016-04-17 11:29:06 +08:00
James Lee 1375600780
Land #6644, datastore validation on assignment 2016-03-17 11:16:12 -05:00
Christian Mehlmauer 3123175ac7
use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook f703fa21d6 Revert "change Metasploit3 class names"
This reverts commit 666ae14259.
2016-03-07 13:19:55 -06:00
Christian Mehlmauer 666ae14259
change Metasploit3 class names 2016-03-07 09:56:58 +01:00
Brent Cook c7c0e12bb3 remove various module hacks for the datastore defaults not preserving types 2016-03-05 23:11:39 -06:00
James Lee 12256a6423
Remove now-redundant peer
These all include either Msf::Exploit::Remote:Tcp or Msf::Exploit::Remote:HttpClient
2016-02-01 15:12:03 -06:00
wchen-r7 154fb585f4 Remove bad references (dead links)
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
HD Moore d67b55d195 Fix autofilter values for aggressive modules 2015-10-13 15:56:18 -07:00
Christian Mehlmauer 5398bf78eb
change exitfunc to thread 2015-09-01 10:46:54 +02:00
Christian Mehlmauer 80a22412d9 use EXITFUNC instead of ExitFunction 2015-08-13 21:22:32 +02:00
jvazquez-r7 4224008709
Delete print_debug/vprint_debug 2015-04-21 11:14:03 -05:00
William Vu 6aa3952c91 Fix duplicate hash key "Platform"
In modules/exploits/windows/scada/winlog_runtime_2.rb.
2015-02-24 05:19:45 -06:00
William Vu b43522a2b8
Fix scadapro_cmdexe datastore 2015-02-05 02:54:03 -06:00
Tod Beardsley d3050de862
Remove references to Redmine in code
See #4400. This should be all of them, except for, of course, the module
that targets Redmine itself.

Note that this also updates the README.md with more current information
as well.
2014-12-19 17:27:08 -06:00
URI Assassin 35d3bbf74d
Fix up comment splats with the correct URI
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
William Vu ff6c8bd5de
Land #3479, broken sock.get fix 2014-07-16 14:57:32 -05:00
William Vu 25f74b79b8
Land #3484, bad pack/unpack specifier fix 2014-07-16 14:52:23 -05:00
jvazquez-r7 cd6b83858b
Add new Yokogawa SCADA exploit 2014-07-07 11:20:49 -05:00
HD Moore c9b6c05eab Fix improper use of host-endian or signed pack/unpack
Note that there are some cases of host-endian left, these
are intentional because they operate on host-local memory
or services.

When in doubt, please use:

```
ri pack
```
2014-06-30 02:50:10 -05:00
HD Moore 6e80481384 Fix bad use of sock.get() and check() implementations
Many of these modules uses sock.get() when they meant get_once()
and their HTTP-based checks were broken in some form. The response
to the sock.get() was not being checked against nil, which would
lead to stack traces when the service did not reply (a likely
case given how malformed the HTTP requests were).
2014-06-28 16:05:05 -05:00
Spencer McIntyre 219153c887 Raise NotImplementedError and let :flavor be guessed 2014-06-27 08:34:56 -04:00
jvazquez-r7 870fa96bd4 Allow quotes in CmdStagerFlavor metadata 2014-06-27 08:34:56 -04:00
jvazquez-r7 91e2e63f42 Add CmdStagerFlavor to metadata 2014-06-27 08:34:55 -04:00
jvazquez-r7 d47994e009 Update modules to use the new generic CMDstager mixin 2014-06-27 08:34:55 -04:00
jvazquez-r7 f56ea01988 Add module 2014-05-09 10:27:41 -05:00
Tod Beardsley 3072c2f08a
Update CVEs for RootedCon Yokogawa modules
Noticed they were nicely documented at

http://chemical-facility-security-news.blogspot.com/2014/03/ics-cert-publishes-yokogawa-advisory.html

We apparently never updated with CVE numbers.
2014-05-05 13:25:55 -05:00
William Vu 517f264000 Add last chunk of fixes 2014-03-11 12:46:44 -05:00
jvazquez-r7 bc8590dbb9 Change DoS module location 2014-03-10 16:12:20 +01:00
jvazquez-r7 1061036cb9 Use nick instead of name 2014-03-10 16:11:58 +01:00