Fabian Bräunlein
8dce80fd30
Added Big Endianess, improved check()-Function
...
Some Fritz!Box devices also run in Big Endianess mode. However, since
"uname -a" always returns "mips" and the "file"-command is not
available, autodetection is not an easy task.
The check()-function now checks, whether the device is really
vulnerable.
Furthemore, it's possible to send 92 bytes.
2014-04-08 21:32:36 +02:00
William Vu
66e292a85a
Land #3201 , typo fix for exim4_dovecot_exec
2014-04-07 18:10:37 -05:00
Jeff Jarmoc
21b220321f
Fix typo.
...
This isn't a Linksys exploit. Left over wording from a previous exploit?
2014-04-07 18:06:59 -05:00
jvazquez-r7
fb1318b91c
Land #3193 , @m-1-k-3's exploit for the Fritzbox RCE vuln
2014-04-07 16:13:31 -05:00
jvazquez-r7
ceaa99e64e
Minor final cleanup
2014-04-07 16:12:54 -05:00
William Vu
79f82be35d
Land #3188 , deluxe msftidy post-merge hook
2014-04-07 14:38:19 -05:00
William Vu
e0966f7a46
Land #3198 , msftidy disclosure date fix
2014-04-07 14:30:30 -05:00
sinn3r
023bde5b43
Correct msftidy disclosure date check
...
This correct msftidy's disclosure date check to do the following:
1. If the module has a disclosure date, the check should kick in.
2. If the module is an exploit, and doesn't have a disclosure
date, then it will be flagged.
3. If the module is an auxiliary, and doesn't have a disclosure
date, then it will NOT be flgged (because not all aux modules
target bugs/vulns like exploits do).
2014-04-07 14:21:04 -05:00
Tod Beardsley
e1071eb4ea
Land todb-r7#6, fix the comment docs
2014-04-07 14:06:50 -05:00
William Vu
31b3a6973e
Fix symlink commands
2014-04-07 12:40:11 -05:00
Michael Messner
b1a6b28af9
fixed disclosure date
2014-04-07 19:29:37 +02:00
William Vu
579d6c7bcc
Land #3196 , release fixes
2014-04-07 12:26:30 -05:00
Michael Messner
003310f18a
feedback included
2014-04-07 19:25:26 +02:00
Tod Beardsley
7572d6612e
Spelling and grammar on new release modules
2014-04-07 12:18:13 -05:00
Michael Messner
85de6ed0c9
feedback included
2014-04-07 18:20:15 +02:00
sinn3r
0c883723ba
Land #3149 - Oracle Demantra Arbitrary File Retrieval with auth bypass
2014-04-07 11:11:55 -05:00
sinn3r
31dfae3a01
Follow the 100 columns per line guideline
2014-04-07 11:10:20 -05:00
sinn3r
de242ecc00
Correct date format
...
Hmm weird, msftidy didn't pick this up
2014-04-07 11:09:27 -05:00
sinn3r
13d3d48493
Land #3194 - WinRAR Filename Spoofing
2014-04-07 11:00:08 -05:00
jvazquez-r7
56bd35c8ce
Add module for WinRAR spoofing vulnerability
2014-04-07 09:21:49 -05:00
jvazquez-r7
80b069f161
Add support for spoofed zip Central Dir names at Entry level
2014-04-07 09:21:26 -05:00
jvazquez-r7
46e6f937f1
Revert "Add central directory zip spoofing"
...
This reverts commit d0700e8ac4
.
2014-04-07 08:50:33 -05:00
jvazquez-r7
d0700e8ac4
Add central directory zip spoofing
2014-04-07 08:49:49 -05:00
Michael Messner
11bbb7f429
fritzbox echo exploit
2014-04-07 09:12:22 +02:00
William Vu
6e9a136c59
Land #3191 , CONTRIBUTING.md improvements
2014-04-05 22:23:25 -05:00
William Vu
531686c2c9
Change italics to bold
2014-04-05 22:21:44 -05:00
Tod Beardsley
22ff5e2b0b
Add three more dos/donts to CONTRIBUTING.md
...
I've seen a couple PRs targeting the wrong branch. Many projects have a
workflow where PRs should hit `develop` or `release` or something, but
Metasploit-Framework wants PRs targeted against `master`.
Also, warn against fixing too much in one PR since those kinds of PRs
are a) harder to validate and b) might be all wrong anyway. We don't
want people committing a bunch of work when the fundamental approach
isn't going to fly.
2014-04-05 16:10:18 -05:00
jvazquez-r7
6d72860d58
Land #3004 , @m-1-k-3's linksys moon exploit
2014-04-04 14:04:48 -05:00
jvazquez-r7
0ae75860ea
Code clean up
2014-04-04 14:02:12 -05:00
sinn3r
ea1c6fe8a4
Land #3177 - JIRA Issues Collector Directory Traversal
2014-04-04 10:41:51 -05:00
Spencer McIntyre
395f5beef8
Land #3178 , http header scan module
2014-04-04 11:36:35 -04:00
Christian Mehlmauer
166e73b52d
Merge pull request #5 from zeroSteiner/http_header_changes
...
Minor modifications for http_header
2014-04-04 17:18:59 +02:00
Spencer McIntyre
2b6ae68cbf
Minor modifications for http_header
2014-04-04 10:46:03 -04:00
jvazquez-r7
e2cbcf3c5d
Land #3179 , @brandonprry AlienVault sqli aux module
2014-04-04 09:17:11 -05:00
jvazquez-r7
ff6105e55d
Add check codes
2014-04-04 09:13:43 -05:00
Brandon Perry
44db611845
defaultoptions, not option
2014-04-04 05:55:35 -07:00
jvazquez-r7
6f14cd225d
Do minor clean up
2014-04-03 23:22:44 -05:00
William Vu
48ef061c3c
Land #3046 , AIX ibtstat privesc exploit
2014-04-03 17:07:00 -05:00
William Vu
5ac6c4b565
Align msftidy whitelist to 80 columns
2014-04-03 16:54:47 -05:00
William Vu
6c67f1881f
Normalize syntax and whitespace
2014-04-03 16:54:33 -05:00
Tod Beardsley
e1d819b8b9
Update the comment docs on pre-commit-hook.rb
...
[SeeRM #8779 ]
2014-04-03 15:26:25 -05:00
Tod Beardsley
70c0a19bbe
Be explicit about which mode we're in.
...
[SeeRM #8779 ]
2014-04-03 15:20:50 -05:00
Christian Mehlmauer
253a1c1f87
Land #3180 , EMC Cloud Tiering Appliance Unauthed XXE with root perms
2014-04-03 22:02:13 +02:00
Brandon Perry
a57da00932
fix refs line
2014-04-03 14:07:00 -07:00
Brandon Perry
51f83fccde
add some checks in vase the file wasn't retrievable
2014-04-03 14:04:05 -07:00
William Vu
9779913060
Land #3184 , Rex::Proto::Http::Client IOError fix
2014-04-03 15:58:50 -05:00
sinn3r
03559dedcd
Land #3187 - Changed OptString to OptRegexp
2014-04-03 14:52:59 -05:00
joev
3504ddc633
Fix http spec.
2014-04-03 14:50:54 -05:00
joev
42d59d269e
Check #closed? instead of rescuing.
2014-04-03 14:20:48 -05:00
William Vu
d69a9d3c45
Land #3186 , OptString should be OptRegexp
2014-04-03 13:07:23 -05:00