8fbade4cbd
OSVDB
2013-04-10 10:45:30 +02:00
b93ba58d79
EDB, BID
2013-04-09 11:56:53 +02:00
ecaaaa34bf
dlink diagnostic - initial commit
2013-04-05 19:56:15 +02:00
6ccfa0ec18
cleanup for dreambox_openpli_shell
2013-03-14 15:02:21 +01:00
9366e3fcc5
last adjustment
2013-03-14 11:18:52 +01:00
0140caf1f0
Merge branch 'master' of git://github.com/rapid7/metasploit-framework into openpli-shell
2013-03-14 10:55:52 +01:00
4852f1b9f7
modify exploits to be compatible with the new netcat payloads
2013-03-11 18:35:44 +01:00
2160718250
Fix file header comment
...
[See #1555 ]
2013-03-07 17:53:19 -06:00
0ae489b37b
last of revert-merge snaffu
2013-02-19 23:16:46 -06:00
3ab5585107
make msftidy happy
2013-02-16 20:49:32 +01:00
121a736e28
initial commit
2013-02-16 20:42:02 +01:00
8ddc19e842
Unmerge #1476 and #1444
...
In that order. #1476 was an attempt to salvage the functionality, but
sinn3r found some more bugs. So, undoing that, and undoing #1444 as
well.
First, do no harm. It's obvious we cannot be making sweeping changes in
libraries like this without a minimum of testing available. #1478 starts
to address that, by the way.
FixRM #7752
2013-02-11 20:49:55 -06:00
4c1e630bf3
BasicAuth datastore cleanup
...
cleanup all the old BasicAuth datastore options
2013-02-04 13:02:26 -06:00
c174e6a208
Correctly use normalize_uri()
...
normalize_uri() should be used when you're joining URIs. Because if
you're merging URIs after it's normalized, you could get double
slashes again.
2013-01-30 23:23:41 -06:00
690ef85ac1
Fix trailing slash problem
...
These modules require the target URI to be a directory path. So
if you remove the trailing slash, the web server might return a
301 or 404 instead of 200.
Related to: [SeeRM: #7727 ]
2013-01-28 13:19:31 -06:00
33751c7ce4
Merges and resolves CJR's normalize_uri fixes
...
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules
Note that this trips all kinds of msftidy warnings, but that's for another
day.
Conflicts:
modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
modules/exploits/windows/http/xampp_webdav_upload_php.rb
2013-01-07 11:16:58 -06:00
8f2dd8e2ce
msftidy: Remove $Revision$
2013-01-04 00:48:10 +01:00
25aaf7a676
msftidy: Remove $Id$
2013-01-04 00:41:44 +01:00
f5193b595c
Update references
2012-12-10 11:42:21 -06:00
f88ec5cbc8
Add normalize_uri to modules that may have
...
been missed by PULL 1045.
Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)
ref --> https://github.com/rapid7/metasploit-framework/pull/1045
2012-11-08 17:42:48 +01:00
799c22554e
Warn user if a file/permission is being modified during new session
2012-10-24 00:54:17 -05:00
e9f7873afc
Version cleanup
...
Remove all values that are neither 0 nor $Revision$.
2012-10-22 20:57:02 +02:00
52feae2dcd
Add missing require
...
[FixRM #7345 ]
2012-10-15 17:18:04 -05:00
db12413b09
Convert vcms_upload to use PhpEXE
...
Incidentally adds a Linux x86 target
2012-10-12 04:29:57 -05:00
25e6990dc7
added osvdb reference
2012-09-24 21:49:32 +02:00
ed24154915
minor fixes
2012-09-21 11:36:58 +02:00
6ee2c32f08
add ZEN Load Balancer module
2012-09-21 17:25:20 +09:30
0708ec72fc
module moved to a more correct location
2012-09-15 15:31:21 +02:00
0f67f8d08a
target modified
2012-09-15 15:14:33 +02:00
0061d23b37
Added module for CVE-2012-2982
2012-09-15 15:09:19 +02:00
12f3ef9c7c
added osvdb numbers
2012-09-13 14:00:12 +02:00
fba219532c
Updating BID for openfiler
2012-09-12 14:13:21 -05:00
f5a0f74d27
Merge branch 'wanem_exec_improve' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-wanem_exec_improve
2012-09-10 13:35:48 -05:00
64b8696e3c
Extra condition that's not actually needed
...
Don't actually need to check nil res, because no code will
actually try to access res when it's nil anyway. And the 'return'
at the of the function will catch it when the response times out.
2012-09-09 04:06:48 -05:00
cb95a7b520
Add openfiler_networkcard_exec exploit
2012-09-09 17:28:09 +09:30
37c7f366f2
check function test vulnerability + minor improvements
2012-09-09 00:42:02 +02:00
f02659184a
Add WANem v2.3 command execution
2012-09-08 16:01:45 +09:30
8f748d833a
Added BID reference
2012-08-24 17:30:52 +02:00
3106f87687
badchars fixed
2012-08-21 13:30:15 +02:00
e21ea6999c
added module for ESVA Command Injection Vulnerability
2012-08-21 13:25:03 +02:00
955a5af8cf
Adding OSVDB ref
2012-08-07 12:56:29 -05:00
54ed27c1b3
add osvdb ref
2012-08-05 09:02:54 -05:00
2bf0899d09
minor improvements to Zenoss showdaemonxmlconfig exploit
2012-08-01 20:15:45 +09:30
bdf8f1a543
Clean up Zenoss exploit + minor improvements
...
Changed send_request_raw() to send_request_cgi()
- Removed redundant request headers 'Content-Length'
Added rescue error message for connection failures
Changed username to the default 'admin' account
2012-07-30 18:04:14 +09:30
8d3700cc3c
Add Zenoss <= 3.2.1 exploit and Python payload
...
- modules/exploits/linux/http/zenoss_3.2.1_showdaemonxmlconfig_exec.rb
- modules/payloads/singles/cmd/unix/reverse_python.rb
2012-07-30 01:24:27 +09:30
e483af64e4
Random text
2012-07-26 15:14:02 -05:00
6c3b05f1c4
Add CVE-2012-2953 Symantec Web Gateway proxy_file() cmd exec bug
2012-07-26 13:11:05 -05:00
b662881613
Enforce a check before firing the exploit
2012-07-19 16:43:52 -05:00
e5dd6fc672
Update milw0rm references.
...
milw0rm.com is long gone, so all milw0rm references are just
a bunch of broken links. Change to exploit-db instead.
2012-06-28 14:27:12 -05:00
ae59f03ac9
Fixing print message in snort module
2012-06-13 14:04:05 -05:00
m-1-k-3
jvazquez-r7
James Lee
David Maloney
Tod Beardsley
sinn3r
Christian Mehlmauer
Chris John Riley
Michael Schierl
bcoles
Steve Tornio