Commit Graph

304 Commits (90117c322c89b14893ec90f901543651a6f58fe1)

Author SHA1 Message Date
Tod Beardsley c83b49ad58 Unix linefeeds, not windows
That's what I get for just committing willy-nilly with a fresh install
of Gvim for Windows.

Also, this is an experiment to see if linefeeds are being respected in
this editor Window. I doubt it will be, given GitHub's resistence to
50/72 as a sensible default.
2012-09-16 18:10:35 -05:00
Tod Beardsley 2fc34e0073 Auth successful, not successfully
Just fixing up some adverb versus adjective grammar.
2012-09-16 17:51:00 -05:00
jvazquez-r7 cbc778cb47 add changes proposed by sinn3r 2012-09-15 23:53:09 +02:00
jvazquez-r7 0708ec72fc module moved to a more correct location 2012-09-15 15:31:21 +02:00
jvazquez-r7 e27f736e95 BID reference added 2012-08-24 17:29:12 +02:00
jvazquez-r7 0e535e6485 added module for XODA file upload RCE 2012-08-22 00:54:13 +02:00
jvazquez-r7 c2cc4b3b15 juan author name updated 2012-08-06 18:59:16 +02:00
jvazquez-r7 2f66aa7c4f Added module for OSVDB 83891 2012-07-21 12:14:29 +02:00
HD Moore a57e712630 Be less verbose 2012-07-15 22:19:12 -05:00
jvazquez-r7 4af75ff7ed Added module for CVE-2011-4542 2012-07-10 18:40:18 +02:00
Steve Tornio 44290c2c89 add osvdb ref 2012-07-07 08:40:25 -05:00
sinn3r 1e6c4301b6 We worked on it, so we got credit 2012-07-06 02:12:10 -05:00
sinn3r f8123ef316 Add a "#" in the end after the payload 2012-07-06 02:09:31 -05:00
sinn3r 187731f2cb Add a check function to detect the vuln 2012-07-06 01:58:01 -05:00
sinn3r dcddc712d2 Missing a "&" 2012-07-06 01:50:18 -05:00
sinn3r 3c8a836091 Add lcashdol's module from #568
Initial version being worked on by sinn3r & juan
2012-07-06 01:41:34 -05:00
sinn3r 850242e733 Remove the extra comma and a tab char 2012-07-05 14:05:23 -05:00
jvazquez-r7 aee7d1a966 Added module for CVE-2012-0911 2012-07-05 20:58:27 +02:00
sinn3r e5dd6fc672 Update milw0rm references.
milw0rm.com is long gone, so all milw0rm references are just
a bunch of broken links.  Change to exploit-db instead.
2012-06-28 14:27:12 -05:00
sinn3r f63a3959e0 Update web app module references 2012-06-28 00:37:37 -05:00
sinn3r 8927c8ae57 Make it more verbose, and do some exception handling for cleanup 2012-06-25 17:27:33 -05:00
jvazquez-r7 7b0f3383d2 delete default credentials 2012-06-25 23:53:56 +02:00
jvazquez-r7 7dc1a572e5 trying to fix serialization issues 2012-06-25 23:25:38 +02:00
jvazquez-r7 4c453f9b87 Added module for CVE-2012-0694 2012-06-25 17:21:03 +02:00
HD Moore d40e39b71b Additional exploit fail_with() changes to remove raise calls 2012-06-19 19:43:41 -05:00
HD Moore fb7f6b49f0 This mega-diff adds better error classification to existing modules 2012-06-19 12:59:15 -05:00
jvazquez-r7 4ae786590a php_wordpress_foxypress from patrick updated. Related to Pull Request #475 2012-06-12 17:39:05 +02:00
Christian Mehlmauer 3752c10ccf Adding FireFart's RPORT(80) cleanup
This was tested by creating a resource script to load every changed
module and displaying the options, like so:

````
use auxiliary/admin/2wire/xslt_password_reset
show options
use auxiliary/admin/http/contentkeeper_fileaccess
show options
````

...etc. This was run in both the master branch and FireFart's branch
while spooling out the results of msfconsole, then diffing those
results. All modules loaded successfully, and there were no changes to
the option sets, so it looks like a successful fix.

Thanks FireFart!

Squashed commit of the following:

commit 7c1eea53fe3743f59402e445cf34fab84cf5a4b7
Author: Christian Mehlmauer <FireFart@gmail.com>
Date:   Fri May 25 22:09:42 2012 +0200

    Cleanup Opt::RPORT(80) since it is already registered by Msf::Exploit::Remote::HttpClient
2012-06-02 09:53:19 -05:00
jvazquez-r7 e774df5c32 target info plus relocation 2012-05-25 20:16:13 +02:00
jvazquez-r7 c4fad0dea5 module added for OSVDB-73609 2012-05-25 17:18:09 +02:00
HD Moore d668e2321d Rename this to a more suitable location 2012-05-04 09:59:40 -05:00
HD Moore 6cf6a9548d Fix up the PHP CGI exploit, remove debug lines 2012-05-04 09:58:10 -05:00
sinn3r 9a36017271 no unicode 2012-05-04 00:01:03 -05:00
James Lee 2d1f4d4f3e Add hdm's better check method 2012-05-03 19:00:40 -06:00
James Lee 40ec3d9d40 Add an exploit module for the recent php cgi bug (CVE-2012-1823) 2012-05-03 18:51:54 -06:00
sinn3r a8eada6016 This module should be able to support more payloads 2012-04-16 14:43:36 -05:00
sinn3r edadc19757 This module should be able to support more payloads than it should be 2012-04-16 14:41:11 -05:00
Tod Beardsley 47493af103 Merge pull request #259 from todb-r7/edb-2
Convert Exploit-DB references to first-tier "EDB-12345" references
2012-03-23 12:09:07 -07:00
James Lee 17a044db89 Print the full URI
Makes everything obvious from output alone, don't need to show options
to see what RHOST is.
2012-03-22 18:44:55 -06:00
Tod Beardsley 7d12a3ad3a Manual fixup on remaining exploit-db references 2012-03-21 16:43:21 -05:00
Tod Beardsley 2f3bbdc00c Sed replacement of exploit-db links with EDB refs
This is the result of:

find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/\([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
sinn3r aeb691bbee Massive whitespace cleanup 2012-03-18 00:07:27 -05:00
James Lee 5e6c40edfd Remove unnecessary space restrictions.
This allows using the full range of PHP payloads
2012-02-21 23:21:07 -07:00
James Lee 7ca573a1b4 Give these two old modules a chance to work by setting a proper arch
These must have been broken for quite some time.  =/  They should
probably both be ARCH_PHP but I'm reluctant to make that big of a change
without having the target software to test.
2012-02-21 22:59:20 -07:00
HD Moore ceb4888772 Fix up the boilerplate comment to use a better url 2012-02-20 19:40:50 -06:00
HD Moore af56807668 Cleanup the titles of many exploit modules 2012-02-20 19:25:55 -06:00
Tod Beardsley 7e25f9a6cc Death to unicode
Apologies to the authors whose names I am now intentionally misspelling.
Maybe in another 10 years, we can guarantee that all terminals and
machine parsers are okay with unicode suddenly popping up in strings.

Also adds a check in msftidy for stray unicode.
2012-01-10 14:54:55 -06:00
sinn3r e7ab48693c Repair dead milw0rm link to exploit-db 2011-12-13 16:12:57 -06:00
sinn3r 94b736c76c Repair dead milw0rm link to exploit-db 2011-12-13 16:12:38 -06:00
sinn3r 97b74101fb Repair dead milw0rm link to exploit-db 2011-12-13 16:12:11 -06:00
Rob Fuller c411c216c0 Solved most of msftidy issues with the /modules directory 2011-11-28 17:10:29 -06:00
Wei Chen e767214411 Fix: whitespaces, svn propset, author e-mail format
git-svn-id: file:///home/svn/framework3/trunk@14175 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 22:02:26 +00:00
Joshua Drake 62c8c6ea9f big msftidy pass, ping me if there are issues
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 11:56:13 +00:00
HD Moore 5916a4afe3 Cosmetic
git-svn-id: file:///home/svn/framework3/trunk@13991 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 09:56:33 +00:00
HD Moore f2469fc23f Drop phpi to normal ranking, it eats too much time
git-svn-id: file:///home/svn/framework3/trunk@13990 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 09:10:45 +00:00
Wei Chen 975cc52bac Fix spelling errors
git-svn-id: file:///home/svn/framework3/trunk@13983 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 00:54:05 +00:00
Wei Chen d204f4027b Catch nil first before do .empty?
git-svn-id: file:///home/svn/framework3/trunk@13978 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 15:59:57 +00:00
Tod Beardsley 30ac88694f More msftidy fixes. Now I'm going to get a little more surgical to get this to move faster.
git-svn-id: file:///home/svn/framework3/trunk@13963 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 02:58:53 +00:00
HD Moore cf8524b1b4 Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types
git-svn-id: file:///home/svn/framework3/trunk@13949 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 09:53:53 +00:00
Wei Chen 14d7db1641 Add disclosure dates to all the exploit modules that didn't have one
git-svn-id: file:///home/svn/framework3/trunk@13938 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 21:09:17 +00:00
Wei Chen 1a02a2199b These are considered as cmd exec and do not cause crashes, therefore received an ExcellentRanking
git-svn-id: file:///home/svn/framework3/trunk@13937 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 20:42:20 +00:00
Chao Mu 4b9346e40e Switching my BSD modules to MSF_LICENSE to make life easier. Resistance is Futile! Assimilate!
git-svn-id: file:///home/svn/framework3/trunk@13925 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-14 23:29:52 +00:00
HD Moore 0ff7f17cba Cosmetic module and service name fixes
git-svn-id: file:///home/svn/framework3/trunk@13917 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-14 00:52:15 +00:00
HD Moore 643223ff11 Fixes #5651 by applying patch
git-svn-id: file:///home/svn/framework3/trunk@13850 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 15:40:59 +00:00
Wei Chen 9ddfc122af Fix indentation, white spaces, add patch URL to reference
git-svn-id: file:///home/svn/framework3/trunk@13847 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 20:39:02 +00:00
Tod Beardsley 921549fc3d Adding OSVDB ref that just popped up for me.
git-svn-id: file:///home/svn/framework3/trunk@13844 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 15:49:02 +00:00
Tod Beardsley 3d9c94633d Adding MyBB backdoor exploit submitted by tdz. Thanks!
git-svn-id: file:///home/svn/framework3/trunk@13838 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 03:22:07 +00:00
Wei Chen 37069a252c Support POST. Feature #5571
git-svn-id: file:///home/svn/framework3/trunk@13814 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-04 16:02:52 +00:00
Wei Chen f47a2c7565 Format dictatorship round 2: Fix author e-mail format for all exploit modules
git-svn-id: file:///home/svn/framework3/trunk@13297 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-22 20:17:58 +00:00
Patrick Webster 5617d23635 Removed erroneous awstatstotals_multisort print_status.
git-svn-id: file:///home/svn/framework3/trunk@12715 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 10:45:36 +00:00
Patrick Webster 51ce0dba58 Added awstatstotals_multisort exploit module.
git-svn-id: file:///home/svn/framework3/trunk@12714 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 10:42:37 +00:00
James Lee 486c0556d0 don't leave unnecessary evil-looking logs
git-svn-id: file:///home/svn/framework3/trunk@12604 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 22:46:43 +00:00
David Rude a8b6c43636 reverting the disclosure dates for now need to clean up the patch
git-svn-id: file:///home/svn/framework3/trunk@12540 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 20:43:19 +00:00
David Rude 3b7ea08f6a Fixes a ton of Disclosure Date discrepencies in various modules, thanks a ton to Michael Baker for spending the time to ensure accuracy
git-svn-id: file:///home/svn/framework3/trunk@12539 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 19:17:31 +00:00
Joshua Drake d682069aec add cve-2010-4566 exploit from Erwin Paternotte
git-svn-id: file:///home/svn/framework3/trunk@11873 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-03 20:51:12 +00:00
HD Moore 2dbbdc18dd Explicitly yield to other threads after each request, reducing the chance that this module will eat all cycles.
git-svn-id: file:///home/svn/framework3/trunk@11857 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-02 05:03:20 +00:00
Joshua Drake b6b9b83dd7 add CVE reference
git-svn-id: file:///home/svn/framework3/trunk@11579 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-14 16:25:37 +00:00
Joshua Drake 287f4c87fe style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@11516 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-08 01:13:26 +00:00
Steve Tornio 860e29228b add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@11414 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-25 14:43:13 +00:00
HD Moore e7f3c63e1c Exploit for a recent Redmine command injection vulnerability, provided as a holiday gift by Joernchen of Phenoelit.
git-svn-id: file:///home/svn/framework3/trunk@11406 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-25 05:46:29 +00:00
Steve Tornio 3662fb4bc6 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@11389 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-21 19:16:18 +00:00
HD Moore 4708d5b159 Add coverage for the mitel audio web conferencing web interface command injection.
git-svn-id: file:///home/svn/framework3/trunk@11388 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-21 19:02:13 +00:00
Joshua Drake add6955501 add disclosure date, fix parse error on 1.8.7
git-svn-id: file:///home/svn/framework3/trunk@11253 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-08 16:17:16 +00:00
Joshua Drake 9c1576b20e update the title
git-svn-id: file:///home/svn/framework3/trunk@11246 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-07 17:46:24 +00:00
Joshua Drake bbab0e3fd9 add cve-2008-6825 exploit from Larry Wert, fixes #3145
git-svn-id: file:///home/svn/framework3/trunk@11245 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-07 17:44:47 +00:00
Joshua Drake 26a9fe6fc7 add some missing CVE references
git-svn-id: file:///home/svn/framework3/trunk@11180 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-30 20:19:18 +00:00
Joshua Drake e9faf75503 fix some more titles with periods
git-svn-id: file:///home/svn/framework3/trunk@11127 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 19:35:38 +00:00
Steve Tornio eab8c24b8b add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@11074 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 20:43:56 +00:00
Joshua Drake b42a04a7aa add cakephp exploit from tdz
git-svn-id: file:///home/svn/framework3/trunk@11070 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 18:30:07 +00:00
Joshua Drake 3992eb7ef8 Mass RE-update: fix all framework URL references
git-svn-id: file:///home/svn/framework3/trunk@10998 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:43:22 +00:00
Joshua Drake 9fc6f2f3a3 Mass update: fix all framework URL references
git-svn-id: file:///home/svn/framework3/trunk@10996 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:25:13 +00:00
Joshua Drake e78aa83021 style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@10821 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-25 20:58:49 +00:00
Joshua Drake 672fc87055 fixed typo, thx rmkml
git-svn-id: file:///home/svn/framework3/trunk@10803 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-23 23:35:44 +00:00
Steve Tornio ddf8294beb add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@10783 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-22 12:09:10 +00:00
Joshua Drake 7a9fe2c4d7 add exploit module for cve-2010-3585
git-svn-id: file:///home/svn/framework3/trunk@10780 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-22 06:16:31 +00:00
Tod Beardsley 865b711b5c Fixes #2974. Adds an "Unknown" level to Exploit::CheckCode, fixes the URI check for exploit/unix/webapp/php_include (which was relying on Unknown).
git-svn-id: file:///home/svn/framework3/trunk@10694 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-15 12:24:17 +00:00
Joshua Drake 7e4f4b3791 silly whitespace tweak
git-svn-id: file:///home/svn/framework3/trunk@10642 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-11 19:30:57 +00:00
Joshua Drake 8230bb6edf update disclosure date
git-svn-id: file:///home/svn/framework3/trunk@10637 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-11 03:59:19 +00:00
HD Moore a3ad8f5061 Add a quick module for exploiting basic web cmd injection
git-svn-id: file:///home/svn/framework3/trunk@10624 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-09 21:32:19 +00:00
HD Moore c1f934dbb4 jduck the grammar checker strikes again (thanks!)
git-svn-id: file:///home/svn/framework3/trunk@10476 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-25 04:54:10 +00:00
HD Moore 25d18f1f1b Quit when we get an SSL exception
git-svn-id: file:///home/svn/framework3/trunk@10470 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-25 03:14:21 +00:00
HD Moore 048b21e3b9 Ensure that errors in the PHPInclude mixin lead to the service being stopped. Handle unreachable services in the php_include module better. Fix database-enabled tab completion to be workspace friendly
git-svn-id: file:///home/svn/framework3/trunk@10410 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-21 02:52:49 +00:00
Joshua Drake 4590844871 tons of indentation fixes, some other style tweaks
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 08:06:27 +00:00
Joshua Drake 330281eadd see #684, adds checksum support, updates modules to use it, fixes some wfs_delay/WfsDelay issues
git-svn-id: file:///home/svn/framework3/trunk@10150 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-25 20:55:37 +00:00
James Lee 34eb75af73 overhaul smtp to add support for authentication and STARTTLS. can now send email through a gmail account
git-svn-id: file:///home/svn/framework3/trunk@10148 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-25 20:31:46 +00:00
Joshua Drake f6033b9bd6 change some print_status to print_error, rename a few msft modules using msb convention
git-svn-id: file:///home/svn/framework3/trunk@9929 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-25 21:37:54 +00:00
HD Moore fb57dde60c Do not spew HTML to the screen
git-svn-id: file:///home/svn/framework3/trunk@9829 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-14 18:23:47 +00:00
Joshua Drake 663b863b6d http fingerprint checking update
git-svn-id: file:///home/svn/framework3/trunk@9719 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-07 17:38:59 +00:00
Joshua Drake a3d901a6b9 various minor fixes, some added fingerprinting
git-svn-id: file:///home/svn/framework3/trunk@9671 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 06:21:31 +00:00
Joshua Drake 7d945ed9dc add lots of disclosure dates from OSVDB
git-svn-id: file:///home/svn/framework3/trunk@9669 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 03:13:45 +00:00
Joshua Drake f6f954a18c add missing CVE/OSVDB references, plenty still missing *wink wink*
git-svn-id: file:///home/svn/framework3/trunk@9659 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-02 00:10:51 +00:00
Joshua Drake 0882838491 ensure binary mode when opening files, whitespace fixes
git-svn-id: file:///home/svn/framework3/trunk@9653 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 23:33:07 +00:00
James Lee 571aeb119c make this much less verbose.
git-svn-id: file:///home/svn/framework3/trunk@9634 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-28 23:42:50 +00:00
Joshua Drake 12fbdcd878 add http_fingerprint calls to modules that use various headers
git-svn-id: file:///home/svn/framework3/trunk@9627 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-25 20:53:12 +00:00
James Lee 73c680eeff reduce the timeout. it's annoying to have to wait 25 seconds for my shell
git-svn-id: file:///home/svn/framework3/trunk@9621 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-25 05:45:15 +00:00
James Lee e47f38365d make the description a little more descriptive.
git-svn-id: file:///home/svn/framework3/trunk@9611 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-24 18:34:37 +00:00
James Lee 43799f505b not a command execution anymore.
git-svn-id: file:///home/svn/framework3/trunk@9601 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-23 23:12:59 +00:00
James Lee 1f957891fb ARCH_CMD -> ARCH_PHP. tested with php/reverse_php and php/meterpreter[/_]reverse_tcp. see #2105
git-svn-id: file:///home/svn/framework3/trunk@9598 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-23 22:51:50 +00:00
Tod Beardsley 9d46383040 Fixes #2134. Subs select for sleep in exploit modules.
git-svn-id: file:///home/svn/framework3/trunk@9583 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-22 19:11:05 +00:00
Joshua Drake fa505a4069 various fixes, mostly consistency changes to disclosure dates
git-svn-id: file:///home/svn/framework3/trunk@9525 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-15 07:18:08 +00:00
James Lee ce8a9e9318 update space requirements
git-svn-id: file:///home/svn/framework3/trunk@9392 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-02 05:04:24 +00:00
Steve Tornio 365f13551b added refs. I think all the auxiliary and exploit modules should now be covered.
git-svn-id: file:///home/svn/framework3/trunk@9298 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-13 16:53:50 +00:00
Joshua Drake 7a32c8add2 add exploit for cve-2009-4098
git-svn-id: file:///home/svn/framework3/trunk@9247 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-08 03:07:51 +00:00
Joshua Drake 0e72894e58 more cleanups
git-svn-id: file:///home/svn/framework3/trunk@9212 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-03 17:13:09 +00:00
Joshua Drake 0ea6eca4bc big module whitespace/formatting cleanup pass
git-svn-id: file:///home/svn/framework3/trunk@9179 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 08:40:19 +00:00
Joshua Drake 5f7d3cd0d1 fix final "end" statement -- wow almost 3 years like that
git-svn-id: file:///home/svn/framework3/trunk@9175 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 06:08:08 +00:00
Joshua Drake 5b629c8dc7 fix copy pasta error
git-svn-id: file:///home/svn/framework3/trunk@9174 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 02:12:29 +00:00
James Lee 8923de2d8d change squirrelmail_pgp_plugin to manual rank because it requires an email address
git-svn-id: file:///home/svn/framework3/trunk@9171 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-29 18:29:22 +00:00
Joshua Drake fda05bfe16 update check functionality
git-svn-id: file:///home/svn/framework3/trunk@9111 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-20 01:55:21 +00:00
Joshua Drake ef7aef50db correct BID reference
git-svn-id: file:///home/svn/framework3/trunk@9110 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-20 00:09:11 +00:00
Joshua Drake 9a5c1ccf68 minor whitespace tweaks
git-svn-id: file:///home/svn/framework3/trunk@9108 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-19 23:53:27 +00:00
Joshua Drake 6a794fc25a better url generation (more random and more reliable)
git-svn-id: file:///home/svn/framework3/trunk@9106 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-19 22:55:08 +00:00
Joshua Drake 78d1338171 clean up extra slashes in uris
git-svn-id: file:///home/svn/framework3/trunk@9036 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-07 20:25:34 +00:00
Joshua Drake 40dd65494e add notes about vulnerable versions
git-svn-id: file:///home/svn/framework3/trunk@8811 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-13 18:15:06 +00:00
Joshua Drake b419a40c45 finished periodic missing CVE reference check (hint vulns w/o CVEs here!)
also some minor cleanups here and there

git-svn-id: file:///home/svn/framework3/trunk@8762 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 05:58:01 +00:00
Joshua Drake 6414821ea8 add exploit modules for CVEs 2005-2877 and 2004-1037
git-svn-id: file:///home/svn/framework3/trunk@8578 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-21 20:31:09 +00:00
Joshua Drake 6e8eddcf5e add exploit module for cve-2008-0506
git-svn-id: file:///home/svn/framework3/trunk@8562 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 07:31:12 +00:00
et cf29ff333e Added a path to prepend
git-svn-id: file:///home/svn/framework3/trunk@8514 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 05:24:31 +00:00
HD Moore 1857268af8 Uber-fast-get-me-a-php-shell mode :)
git-svn-id: file:///home/svn/framework3/trunk@8505 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 17:59:54 +00:00
Joshua Drake 310be42bfa try not to repeatedly load static files - see #694
git-svn-id: file:///home/svn/framework3/trunk@8166 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 19:12:42 +00:00
HD Moore d0969746a4 Mostly cosmetic changes from local tree
git-svn-id: file:///home/svn/framework3/trunk@7970 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-26 03:31:20 +00:00
Joshua Drake 5ef4545a1b fd.read -> fd.read(fd.stat.size)
git-svn-id: file:///home/svn/framework3/trunk@7903 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 05:22:40 +00:00
James Lee 2570fcee15 get rid of some more ^Ms
git-svn-id: file:///home/svn/framework3/trunk@7880 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 18:47:29 +00:00
HD Moore 4fcdceccb7 No ruby access on the common target
git-svn-id: file:///home/svn/framework3/trunk@7776 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 15:13:35 +00:00
HD Moore 8a784339c4 Remove a debug print
git-svn-id: file:///home/svn/framework3/trunk@7774 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 14:00:21 +00:00
HD Moore ba1b032207 Adds coverage for the QTSS metachar injection bug
git-svn-id: file:///home/svn/framework3/trunk@7772 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 13:23:59 +00:00
Joshua Drake ff83f1cd2f add ranking to every exploit module, pfew!
git-svn-id: file:///home/svn/framework3/trunk@7724 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 05:50:37 +00:00
HD Moore 61e233df91 Keywords on all modules, plugins, and scripts
git-svn-id: file:///home/svn/framework3/trunk@7550 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-17 00:05:19 +00:00
James Lee 9f134512c2 give up if we can't get the password hash. see #519
git-svn-id: file:///home/svn/framework3/trunk@7539 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 18:51:51 +00:00
James Lee dd323e2a7b don't try to run methods on an object we just confirmed was nil
git-svn-id: file:///home/svn/framework3/trunk@7538 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 18:48:34 +00:00